QPID-6309 : Add group provider which stores user to group mapping in config

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1651230 13f79535-47bb-0310-9956-ffa450edef68

7 files changed, 304 insertions, 5 deletions

diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/BrokerModel.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/BrokerModel.java
index 0e700b1e71..a9e9f26af0 100644
--- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/BrokerModel.java
+++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/BrokerModel.java
@@ -90,7 +90,6 @@ public final class BrokerModel extends Model
 
         addRelationship(AuthenticationProvider.class, User.class);
         addRelationship(AuthenticationProvider.class, PreferencesProvider.class);
-        addRelationship(User.class, GroupMember.class);
 
         addRelationship(GroupProvider.class, Group.class);
         addRelationship(Group.class, GroupMember.class);
diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/Group.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/Group.java
index 48383360f7..2b2a436e21 100644
--- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/Group.java
+++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/Group.java
@@ -19,7 +19,11 @@
  */
 package org.apache.qpid.server.model;
 
-@ManagedObject
+import org.apache.qpid.server.security.group.GroupImpl;
+import org.apache.qpid.server.security.group.GroupPrincipal;
+
+@ManagedObject( defaultType = GroupImpl.CONFIG_TYPE )
 public interface Group<X extends Group<X>> extends ConfiguredObject<X>
 {
+    GroupPrincipal getGroupPrincipal();
 }
diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/GroupMember.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/GroupMember.java
index d1d25265f3..25b9dd0e02 100644
--- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/GroupMember.java
+++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/GroupMember.java
@@ -19,7 +19,12 @@
  */
 package org.apache.qpid.server.model;
 
-@ManagedObject
+import java.security.Principal;
+
+import org.apache.qpid.server.security.group.GroupMemberImpl;
+
+@ManagedObject( defaultType = GroupMemberImpl.CONFIG_TYPE )
 public interface GroupMember<X extends GroupMember<X>> extends ConfiguredObject<X>
 {
+    Principal getPrincipal();
 }
diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/FileBasedGroupProviderImpl.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/FileBasedGroupProviderImpl.java
index 1b3d0591c0..19aec414de 100644
--- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/FileBasedGroupProviderImpl.java
+++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/model/adapter/FileBasedGroupProviderImpl.java
@@ -54,7 +54,6 @@ import org.apache.qpid.server.security.group.GroupPrincipal;
 public class FileBasedGroupProviderImpl
         extends AbstractConfiguredObject<FileBasedGroupProviderImpl> implements FileBasedGroupProvider<FileBasedGroupProviderImpl>
 {
-    public static final String RESOURCE_BUNDLE = "org.apache.qpid.server.security.group.FileGroupProviderAttributeDescriptions";
     public static final String GROUP_FILE_PROVIDER_TYPE = "GroupFile";
     private static Logger LOGGER = Logger.getLogger(FileBasedGroupProviderImpl.class);
 
@@ -357,7 +356,7 @@ public class FileBasedGroupProviderImpl
 
     private class GroupAdapter extends AbstractConfiguredObject<GroupAdapter> implements Group<GroupAdapter>
     {
-
+        private GroupPrincipal _groupPrincipal;
         public GroupAdapter(Map<String, Object> attributes)
         {
             super(parentsMap(FileBasedGroupProviderImpl.this), attributes);
@@ -396,6 +395,7 @@ public class FileBasedGroupProviderImpl
                 groupMemberAdapter.open();
                 members.add(groupMemberAdapter);
             }
+            _groupPrincipal = new GroupPrincipal(getName());
         }
 
         @Override
@@ -463,16 +463,30 @@ public class FileBasedGroupProviderImpl
             setState(State.DELETED);
         }
 
+        @Override
+        public GroupPrincipal getGroupPrincipal()
+        {
+            return _groupPrincipal;
+        }
+
         private class GroupMemberAdapter extends AbstractConfiguredObject<GroupMemberAdapter> implements
                 GroupMember<GroupMemberAdapter>
         {
 
+            private Principal _principal;
+
             public GroupMemberAdapter(Map<String, Object> attrMap)
             {
                 // TODO - need to relate to the User object
                 super(parentsMap(GroupAdapter.this),attrMap);
             }
 
+            @Override
+            protected void onOpen()
+            {
+                super.onOpen();
+                _principal = new UsernamePrincipal(getName());
+            }
 
             @Override
             public void onValidate()
@@ -484,6 +498,8 @@ public class FileBasedGroupProviderImpl
                 }
             }
 
+
+
             @Override
             protected void validateChange(final ConfiguredObject<?> proxyForValidation, final Set<String> changedAttributes)
             {
@@ -517,6 +533,11 @@ public class FileBasedGroupProviderImpl
                 setState(State.DELETED);
             }
 
+            @Override
+            public Principal getPrincipal()
+            {
+                return _principal;
+            }
         }
     }
 
diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupImpl.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupImpl.java
new file mode 100644
index 0000000000..98607d2490
--- /dev/null
+++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupImpl.java
@@ -0,0 +1,92 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.qpid.server.security.group;
+
+import java.util.Map;
+
+import org.apache.qpid.server.model.AbstractConfiguredObject;
+import org.apache.qpid.server.model.ConfiguredObject;
+import org.apache.qpid.server.model.Group;
+import org.apache.qpid.server.model.GroupMember;
+import org.apache.qpid.server.model.GroupProvider;
+import org.apache.qpid.server.model.ManagedObject;
+import org.apache.qpid.server.model.ManagedObjectFactoryConstructor;
+import org.apache.qpid.server.model.State;
+import org.apache.qpid.server.model.StateTransition;
+
+@ManagedObject(category = false, type = GroupImpl.CONFIG_TYPE)
+public class GroupImpl extends AbstractConfiguredObject<GroupImpl> implements Group<GroupImpl>
+{
+
+    public static final String CONFIG_TYPE = "ManagedGroup";
+
+    private GroupPrincipal _groupPrincipal;
+
+    @ManagedObjectFactoryConstructor
+    public GroupImpl(Map<String, Object> attributes,
+                     GroupProvider<?> provider)
+    {
+        super(parentsMap(provider), attributes);
+    }
+
+    @Override
+    protected void onOpen()
+    {
+        super.onOpen();
+        _groupPrincipal = new GroupPrincipal(getName());
+    }
+
+    @Override
+    protected <C extends ConfiguredObject> C addChild(final Class<C> childClass,
+                                                      final Map<String, Object> attributes,
+                                                      final ConfiguredObject... otherParents)
+    {
+        if(childClass == GroupMember.class)
+        {
+            return (C) getObjectFactory().create(childClass, attributes, this);
+        }
+        else
+        {
+            return super.addChild(childClass, attributes, otherParents);
+        }
+    }
+
+    @Override
+    public GroupPrincipal getGroupPrincipal()
+    {
+        return _groupPrincipal;
+    }
+
+
+    @StateTransition( currentState = { State.UNINITIALIZED, State.QUIESCED, State.ERRORED }, desiredState = State.ACTIVE )
+    private void activate()
+    {
+        setState(State.ACTIVE);
+    }
+
+
+    @StateTransition(currentState = {State.ACTIVE}, desiredState = State.DELETED)
+    private void doDelete()
+    {
+        deleted();
+    }
+
+}
diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupMemberImpl.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupMemberImpl.java
new file mode 100644
index 0000000000..ea17db6ce7
--- /dev/null
+++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupMemberImpl.java
@@ -0,0 +1,75 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.qpid.server.security.group;
+
+import java.security.Principal;
+import java.util.Map;
+
+import org.apache.qpid.server.model.AbstractConfiguredObject;
+import org.apache.qpid.server.model.Group;
+import org.apache.qpid.server.model.GroupMember;
+import org.apache.qpid.server.model.ManagedObject;
+import org.apache.qpid.server.model.ManagedObjectFactoryConstructor;
+import org.apache.qpid.server.model.State;
+import org.apache.qpid.server.model.StateTransition;
+import org.apache.qpid.server.security.auth.UsernamePrincipal;
+
+@ManagedObject(category = false, type = GroupMemberImpl.CONFIG_TYPE)
+public class GroupMemberImpl extends AbstractConfiguredObject<GroupMemberImpl> implements GroupMember<GroupMemberImpl>
+{
+    public static final String CONFIG_TYPE = "ManagedGroupMember";
+    private UsernamePrincipal _principal;
+
+
+    @ManagedObjectFactoryConstructor
+    public GroupMemberImpl(Map<String, Object> attributes,
+                           Group group)
+    {
+        super(parentsMap(group), attributes);
+    }
+
+    @Override
+    protected void onOpen()
+    {
+        super.onOpen();
+        _principal = new UsernamePrincipal(getName());
+    }
+
+    @Override
+    public Principal getPrincipal()
+    {
+        return _principal;
+    }
+
+
+    @StateTransition( currentState = { State.UNINITIALIZED, State.QUIESCED, State.ERRORED }, desiredState = State.ACTIVE )
+    private void activate()
+    {
+        setState(State.ACTIVE);
+    }
+
+
+    @StateTransition(currentState = {State.ACTIVE}, desiredState = State.DELETED)
+    private void doDelete()
+    {
+        deleted();
+    }
+}
diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupProviderImpl.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupProviderImpl.java
new file mode 100644
index 0000000000..6728ba2fed
--- /dev/null
+++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/group/GroupProviderImpl.java
@@ -0,0 +1,103 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.qpid.server.security.group;
+
+import java.security.Principal;
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.qpid.server.model.AbstractConfiguredObject;
+import org.apache.qpid.server.model.Broker;
+import org.apache.qpid.server.model.ConfiguredObject;
+import org.apache.qpid.server.model.Group;
+import org.apache.qpid.server.model.GroupMember;
+import org.apache.qpid.server.model.GroupProvider;
+import org.apache.qpid.server.model.ManagedObject;
+import org.apache.qpid.server.model.ManagedObjectFactoryConstructor;
+import org.apache.qpid.server.model.State;
+import org.apache.qpid.server.model.StateTransition;
+
+@ManagedObject(category = false, type = GroupProviderImpl.CONFIG_TYPE)
+public class GroupProviderImpl extends AbstractConfiguredObject<GroupProviderImpl> implements GroupProvider<GroupProviderImpl>
+{
+
+    public static final String CONFIG_TYPE = "ManagedGroupProvider";
+
+    @ManagedObjectFactoryConstructor
+    public GroupProviderImpl(Map<String, Object> attributes,
+                                      Broker broker)
+    {
+        super(parentsMap(broker), attributes);
+    }
+
+
+    @Override
+    public Set<Principal> getGroupPrincipalsForUser(final String username)
+    {
+        Set<Principal> principals = new HashSet<>();
+
+        final Collection<Group> groups = getChildren(Group.class);
+        for(Group<?> group : groups)
+        {
+            for(GroupMember<?> member : group.getChildren(GroupMember.class))
+            {
+                if(member.getPrincipal().getName().equals(username))
+                {
+                    principals.add(group.getGroupPrincipal());
+                }
+            }
+        }
+        return principals;
+    }
+
+    @Override
+    protected <C extends ConfiguredObject> C addChild(final Class<C> childClass,
+                                                      final Map<String, Object> attributes,
+                                                      final ConfiguredObject... otherParents)
+    {
+        if(childClass == Group.class)
+        {
+            C child = (C) getObjectFactory().create(childClass, attributes, this);
+
+            return child;
+        }
+        else
+        {
+            return super.addChild(childClass, attributes, otherParents);
+        }
+    }
+
+    @StateTransition( currentState = { State.UNINITIALIZED, State.QUIESCED, State.ERRORED }, desiredState = State.ACTIVE )
+    private void activate()
+    {
+        setState(State.ACTIVE);
+    }
+
+
+    @StateTransition(currentState = {State.ACTIVE}, desiredState = State.DELETED)
+    private void doDelete()
+    {
+        deleted();
+    }
+
+}