Source code

001/*
002 * This library is part of OpenCms -
003 * the Open Source Content Management System
004 *
005 * Copyright (c) Alkacon Software GmbH (http://www.alkacon.com)
006 *
007 * This library is free software; you can redistribute it and/or
008 * modify it under the terms of the GNU Lesser General Public
009 * License as published by the Free Software Foundation; either
010 * version 2.1 of the License, or (at your option) any later version.
011 *
012 * This library is distributed in the hope that it will be useful,
013 * but WITHOUT ANY WARRANTY; without even the implied warranty of
014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015 * Lesser General Public License for more details.
016 *
017 * For further information about Alkacon Software GmbH, please see the
018 * company website: http://www.alkacon.com
019 *
020 * For further information about OpenCms, please see the
021 * project website: http://www.opencms.org
022 *
023 * You should have received a copy of the GNU Lesser General Public
024 * License along with this library; if not, write to the Free Software
025 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
026 */
027
028package org.opencms.security;
029
030import org.opencms.db.CmsSecurityManager;
031import org.opencms.file.CmsGroup;
032import org.opencms.file.CmsObject;
033import org.opencms.file.CmsProject;
034import org.opencms.file.CmsResource;
035import org.opencms.file.CmsResourceFilter;
036import org.opencms.file.CmsUser;
037import org.opencms.file.CmsUserSearchParameters;
038import org.opencms.main.CmsException;
039import org.opencms.main.CmsInitException;
040import org.opencms.main.CmsLog;
041
042import java.util.List;
043
044import org.apache.commons.logging.Log;
045
046/**
047 * This manager provide access to the organizational unit related operations.<p>
048 *
049 * @since 6.5.6
050 */
051public class CmsOrgUnitManager {
052
053    /** Logger instance for this class. */
054    private static final Log LOG = CmsLog.getLog(CmsOrgUnitManager.class);
055
056    /** The security manager. */
057    private final CmsSecurityManager m_securityManager;
058
059    /**
060     * Default constructor.<p>
061     *
062     * @param securityManager the security manager
063     */
064    public CmsOrgUnitManager(CmsSecurityManager securityManager) {
065
066        m_securityManager = securityManager;
067    }
068
069    /**
070     * Adds a resource to the given organizational unit.<p>
071     *
072     * @param cms the opencms context
073     * @param ouFqn the full qualified name of the organizational unit to add the resource to
074     * @param resourceName the name of the resource that is to be added to the organizational unit
075     *
076     * @throws CmsException if something goes wrong
077     */
078    public void addResourceToOrgUnit(CmsObject cms, String ouFqn, String resourceName) throws CmsException {
079
080        CmsOrganizationalUnit orgUnit = readOrganizationalUnit(cms, ouFqn);
081        CmsResource resource = cms.readResource(resourceName);
082        m_securityManager.addResourceToOrgUnit(cms.getRequestContext(), orgUnit, resource);
083    }
084
085    /**
086     * Counts the users which fit the given search criteria.<p>
087     *
088     * @param cms the current CMS context
089     * @param params the user search parameters
090     *
091     * @return the total number of users which fit the given search parameters
092     *
093     * @throws CmsException if something goes wrong
094     */
095    public long countUsers(CmsObject cms, CmsUserSearchParameters params) throws CmsException {
096
097        return m_securityManager.countUsers(cms.getRequestContext(), params);
098    }
099
100    /**
101     * Creates a new organizational unit.<p>
102     *
103     * The parent structure must exist.<p>
104     *
105     * @param cms the opencms context
106     * @param ouFqn the fully qualified name of the new organizational unit
107     * @param description the description of the new organizational unit
108     * @param flags the flags for the new organizational unit
109     * @param resourceName the first associated resource
110     *
111     * @return a <code>{@link CmsOrganizationalUnit}</code> object representing
112     *          the newly created organizational unit
113     *
114     * @throws CmsException if operation was not successful
115     */
116    public CmsOrganizationalUnit createOrganizationalUnit(
117        CmsObject cms,
118        String ouFqn,
119        String description,
120        int flags,
121        String resourceName) throws CmsException {
122
123        CmsResource resource = null;
124        if (((flags & CmsOrganizationalUnit.FLAG_WEBUSERS) == 0) || (resourceName != null)) {
125            // only normal OUs have to have at least one resource
126            resource = cms.readResource(resourceName);
127        }
128        return m_securityManager.createOrganizationalUnit(cms.getRequestContext(), ouFqn, description, flags, resource);
129    }
130
131    /**
132     * Deletes an organizational unit.<p>
133     *
134     * Only organizational units that contain no sub units can be deleted.<p>
135     *
136     * The organizational unit can not be delete if it is used in the request context,
137     * or if the current user belongs to it.<p>
138     *
139     * All users and groups in the given organizational unit will be deleted.<p>
140     *
141     * @param cms the opencms context
142     * @param ouFqn the fully qualified name of the organizational unit to delete
143     *
144     * @throws CmsException if operation was not successful
145     */
146    public void deleteOrganizationalUnit(CmsObject cms, String ouFqn) throws CmsException {
147
148        CmsOrganizationalUnit orgUnit = readOrganizationalUnit(cms, ouFqn);
149        m_securityManager.deleteOrganizationalUnit(cms.getRequestContext(), orgUnit);
150    }
151
152    /**
153     * Returns all accessible projects of the given organizational unit.
154     *
155     * That is all projects which are owned by the current user or which are
156     * accessible for the group of the user.<p>
157     *
158     * @param cms the opencms context
159     * @param ouFqn the fully qualified name of the organizational unit to get projects for
160     * @param includeSubOus if all projects of sub-organizational units should be retrieved too
161     *
162     * @return all <code>{@link org.opencms.file.CmsProject}</code> objects in the organizational unit
163     *
164     * @throws CmsException if operation was not successful
165     */
166    public List<CmsProject> getAllAccessibleProjects(CmsObject cms, String ouFqn, boolean includeSubOus)
167    throws CmsException {
168
169        CmsOrganizationalUnit orgUnit = readOrganizationalUnit(cms, ouFqn);
170        return (m_securityManager.getAllAccessibleProjects(cms.getRequestContext(), orgUnit, includeSubOus));
171    }
172
173    /**
174     * Returns all manageable projects of the given organizational unit.<p>
175     *
176     * That is all projects which are owned by the current user or which are manageable
177     * for the group of the user.<p>
178     *
179     * @param cms the opencms context
180     * @param ouFqn the fully qualified name of the organizational unit to get projects for
181     * @param includeSubOus if all projects of sub-organizational units should be retrieved too
182     *
183     * @return all <code>{@link org.opencms.file.CmsProject}</code> objects in the organizational unit
184     *
185     * @throws CmsException if operation was not successful
186     */
187    public List<CmsProject> getAllManageableProjects(CmsObject cms, String ouFqn, boolean includeSubOus)
188    throws CmsException {
189
190        CmsOrganizationalUnit orgUnit = readOrganizationalUnit(cms, ouFqn);
191        return (m_securityManager.getAllManageableProjects(cms.getRequestContext(), orgUnit, includeSubOus));
192    }
193
194    /**
195     * Returns all groups of the given organizational unit.<p>
196     *
197     * @param cms the opencms context
198     * @param ouFqn the fully qualified name of the organizational unit to get all principals for
199     * @param includeSubOus if all groups of sub-organizational units should be retrieved too
200     *
201     * @return all <code>{@link org.opencms.file.CmsGroup}</code> objects in the organizational unit
202     *
203     * @throws CmsException if operation was not successful
204     */
205    public List<CmsGroup> getGroups(CmsObject cms, String ouFqn, boolean includeSubOus) throws CmsException {
206
207        CmsOrganizationalUnit orgUnit = readOrganizationalUnit(cms, ouFqn);
208        return (m_securityManager.getGroups(cms.getRequestContext(), orgUnit, includeSubOus, false));
209    }
210
211    /**
212     * Returns all child organizational units of the given parent organizational unit including
213     * hierarchical deeper organization units if needed.<p>
214     *
215     * @param cms the opencms context
216     * @param ouFqn the fully qualified name of the parent organizational unit
217     * @param includeChildren if hierarchical deeper organization units should also be returned
218     *
219     * @return a list of <code>{@link CmsOrganizationalUnit}</code> objects
220     *
221     * @throws CmsException if operation was not successful
222     */
223    public List<CmsOrganizationalUnit> getOrganizationalUnits(CmsObject cms, String ouFqn, boolean includeChildren)
224    throws CmsException {
225
226        CmsOrganizationalUnit parent = readOrganizationalUnit(cms, ouFqn);
227        return m_securityManager.getOrganizationalUnits(cms.getRequestContext(), parent, includeChildren);
228    }
229
230    /**
231     * Returns all resources of the given organizational unit.<p>
232     *
233     * @param cms the opencms context
234     * @param ouFqn the fully qualified name of the organizational unit to get all resources for
235     *
236     * @return all <code>{@link CmsResource}</code> objects in the organizational unit
237     *
238     * @throws CmsException if operation was not successful
239     */
240    public List<CmsResource> getResourcesForOrganizationalUnit(CmsObject cms, String ouFqn) throws CmsException {
241
242        CmsOrganizationalUnit orgUnit = readOrganizationalUnit(cms, ouFqn);
243        return m_securityManager.getResourcesForOrganizationalUnit(cms.getRequestContext(), orgUnit);
244    }
245
246    /**
247     * Returns all users of the given organizational unit.<p>
248     *
249     * @param cms the opencms context
250     * @param ouFqn the fully qualified name of the organizational unit to get all principals for
251     * @param recursive if all users of sub-organizational units should be retrieved too
252     *
253     * @return all <code>{@link org.opencms.file.CmsUser}</code> objects in the organizational unit
254     *
255     * @throws CmsException if operation was not successful
256     */
257    public List<CmsUser> getUsers(CmsObject cms, String ouFqn, boolean recursive) throws CmsException {
258
259        CmsOrganizationalUnit orgUnit = readOrganizationalUnit(cms, ouFqn);
260        return m_securityManager.getUsers(cms.getRequestContext(), orgUnit, recursive);
261    }
262
263    /**
264     * Returns all users of the given organizational unit, without their additional info.<p>
265     *
266     * @param cms the opencms context
267     * @param ouFqn the fully qualified name of the organizational unit to get all principals for
268     * @param recursive if all users of sub-organizational units should be retrieved too
269     *
270     * @return all <code>{@link org.opencms.file.CmsUser}</code> objects in the organizational unit
271     *
272     * @throws CmsException if operation was not successful
273     */
274    public List<CmsUser> getUsersWithoutAdditionalInfo(CmsObject cms, String ouFqn, boolean recursive)
275    throws CmsException {
276
277        CmsOrganizationalUnit orgUnit = readOrganizationalUnit(cms, ouFqn);
278        return m_securityManager.getUsersWithoutAdditionalInfo(cms.getRequestContext(), orgUnit, recursive);
279    }
280
281    /**
282     * Initializes the organizational units.<p>
283     *
284     * @param cms the admin CMS context
285     *
286     * @throws CmsException if something goes wrong
287     */
288    public void initialize(CmsObject cms) throws CmsException {
289
290        List<CmsOrganizationalUnit> ous = getOrganizationalUnits(cms, "", true);
291        for (CmsOrganizationalUnit ou : ous) {
292            try {
293                m_securityManager.initializeOrgUnit(cms.getRequestContext(), ou);
294            } catch (CmsInitException e) {
295                LOG.error("Error while initializing OU " + ou.getName() + ": " + e.getLocalizedMessage(), e);
296            }
297        }
298    }
299
300    /**
301     * Reads an organizational Unit based on its fully qualified name.<p>
302     *
303     * @param cms the opencms context
304     * @param ouFqn the fully qualified name of the organizational Unit to be read
305     *
306     * @return the organizational Unit with the provided fully qualified name
307     *
308     * @throws CmsException if something goes wrong
309     */
310    public CmsOrganizationalUnit readOrganizationalUnit(CmsObject cms, String ouFqn) throws CmsException {
311
312        return m_securityManager.readOrganizationalUnit(cms.getRequestContext(), ouFqn);
313    }
314
315    /**
316     * Removes a resource from the given organizational unit.<p>
317     *
318     * @param cms the opencms context
319     * @param ouFqn the fully qualified name of the organizational unit to remove the resource from
320     * @param resourceName the name of the resource that is to be removed from the organizational unit
321     *
322     * @throws CmsException if something goes wrong
323     */
324    public void removeResourceFromOrgUnit(CmsObject cms, String ouFqn, String resourceName) throws CmsException {
325
326        CmsOrganizationalUnit orgUnit = readOrganizationalUnit(cms, ouFqn);
327        CmsResource resource = cms.readResource(resourceName, CmsResourceFilter.ALL);
328
329        m_securityManager.removeResourceFromOrgUnit(cms.getRequestContext(), orgUnit, resource);
330    }
331
332    /**
333     * Searches users which fit the given search parameters.<p>
334     *
335     * @param cms the current CMS context
336     * @param params the user search parameters
337     *
338     * @return the users which fit the given search criteria
339     *
340     * @throws CmsException if something goes wrong
341     */
342    public List<CmsUser> searchUsers(CmsObject cms, CmsUserSearchParameters params) throws CmsException {
343
344        return m_securityManager.searchUsers(cms.getRequestContext(), params);
345    }
346
347    /**
348     * Moves an user to the given organizational unit.<p>
349     *
350     * @param cms the opencms context
351     * @param ouFqn the full qualified name of the organizational unit to add the user to
352     * @param userName the name of the user that is to be added to the organizational unit
353     *
354     * @throws CmsException if something goes wrong
355     */
356    public void setUsersOrganizationalUnit(CmsObject cms, String ouFqn, String userName) throws CmsException {
357
358        CmsOrganizationalUnit orgUnit = readOrganizationalUnit(cms, ouFqn);
359        CmsUser user = cms.readUser(userName);
360        m_securityManager.setUsersOrganizationalUnit(cms.getRequestContext(), orgUnit, user);
361    }
362
363    /**
364     * Writes an already existing organizational unit.<p>
365     *
366     * The organizational unit has to be a valid OpenCms organizational unit.<br>
367     *
368     * The organizational unit will be completely overridden by the given data.<p>
369     *
370     * @param cms the opencms context
371     * @param organizationalUnit the organizational unit that should be written
372     *
373     * @throws CmsException if operation was not successful
374     */
375    public void writeOrganizationalUnit(CmsObject cms, CmsOrganizationalUnit organizationalUnit) throws CmsException {
376
377        m_securityManager.writeOrganizationalUnit(cms.getRequestContext(), organizationalUnit);
378    }
379}