1 /* 2 * UserGroup.java 3 * 4 * Created on May 24, 2004, 2:37 PM 5 */ 6 7 package gov.bnl.gums.userGroup; 8 9 import gov.bnl.gums.GridUser; 10 import gov.bnl.gums.configuration.Configuration; 11 12 import java.util.*; 13 14 /** 15 * An interface that defines a group of people, which GUMS will associate to a 16 * mapping policy. An implementation could take/manage a list of users in 17 * any way it wanted, or it could combine different groups. 18 * 19 * @author Gabriele Carcassi, Jay Packard 20 */ 21 public abstract class UserGroup { 22 /** 23 * @return user friendly string representation of the property type called statically 24 */ 25 static public String getTypeStatic() { 26 return "abstract"; 27 } 28 29 private String name = ""; 30 private String description = ""; 31 private Configuration configuration = null; 32 protected String[] accessTypes = {"write", "read all", "read self"}; 33 protected int accessIndex = 2; 34 35 /** 36 * Create a new user group. This empty constructor is needed by the XML Digestor. 37 */ 38 public UserGroup() { 39 } 40 41 /** 42 * Create a new user group with a configuration. 43 * 44 * @param configuration 45 * @param name 46 */ 47 public UserGroup(Configuration configuration) { 48 this.configuration = configuration; 49 } 50 51 /** 52 * Create a new user group with a configuration and a name. 53 * 54 * @param configuration 55 * @param name 56 */ 57 public UserGroup(Configuration configuration, String name) { 58 this.configuration = configuration; 59 this.name = name; 60 } 61 62 /** 63 * Create a clone of itself 64 * 65 * @param configuration 66 * @return 67 */ 68 public abstract UserGroup clone(Configuration configuration); 69 70 /** 71 * Getter for property access, that determines what a member of this 72 * user group has access to in GUMS. 73 * 74 * @return access as string 75 */ 76 public String getAccess() { 77 return accessTypes[accessIndex]; 78 } 79 80 /** 81 * Getter for property configuration. 82 * 83 * @return Configuration object 84 */ 85 public Configuration getConfiguration() { 86 return configuration; 87 } 88 89 /** 90 * Getter for property description. 91 * 92 * @return Description as string 93 */ 94 public String getDescription() { 95 return description; 96 } 97 98 /** 99 * Returns the list of user identities that are part of the group. 100 * <p> 101 * Some UserGroups, however, could be defined by a rule that doesn't 102 * allow listing. For example, a group could be 'all the users 103 * with a DOEGrids certificate'. Though one could argue whether or 104 * not is a good idea to have such a group, one can implement one 105 * and throw an UnsupportedOperationException. This will make it 106 * impossible for GUMS to create a grid-mapfile, but would still 107 * allow direct user to account mapping through a call-out. 108 * @return a List of GridUser objects representing the user certificate DN. 109 */ 110 public abstract List getMemberList(); 111 112 /** 113 * Getter for property name. 114 * 115 * @return name as string 116 */ 117 public String getName() { 118 return name; 119 } 120 121 /** 122 * Getter for property type. 123 * 124 * @return type as string 125 */ 126 public String getType() { 127 return "abstract"; 128 } 129 130 /** 131 * @return true if this group allows at least read all access 132 */ 133 public boolean hasReadAllAccess() { 134 return (accessIndex<=1); 135 } 136 137 /** 138 * @return true if this group allows at least read self access 139 */ 140 public boolean hasReadSelfAccess() { 141 return (accessIndex<=2); 142 } 143 144 /** 145 * @return true if this group allows write access (admin privileges) 146 */ 147 public boolean hasWriteAccess() { 148 return (accessIndex==0); 149 } 150 151 /** 152 * Determines whether the given user identity is part of the group. 153 * @param userDN the certificate DN. 154 * @return true if it's in the group 155 */ 156 public abstract boolean isInGroup(GridUser user); 157 158 /** 159 * Setter for property access 160 * 161 * @param access 162 */ 163 public void setAccess(String access) { 164 for(int i=0; i<accessTypes.length; i++) { 165 if ( accessTypes[i].equalsIgnoreCase(access) ) { 166 accessIndex = i; 167 return; 168 } 169 } 170 throw new RuntimeException("Invalid access type: "+access); 171 } 172 173 /** 174 * Setter for property configuration. 175 * 176 * @param configuration 177 */ 178 public void setConfiguration(Configuration configuration) { 179 this.configuration = configuration; 180 } 181 182 /** 183 * Setter for property description. 184 * 185 * @param description 186 */ 187 public void setDescription(String description) { 188 this.description = description; 189 } 190 191 /** 192 * Setter for property name. 193 * 194 * @param name 195 */ 196 public void setName(String name) { 197 this.name = name; 198 } 199 200 /** 201 * Get string representation of this object for displaying in the 202 * diagnostic summary web page 203 * 204 * @param bgColor back ground color 205 * @return 206 */ 207 public abstract String toString(String bgColor); 208 209 /** 210 * Create a clone of itself 211 * 212 * @param configuration 213 * @return 214 */ 215 public abstract String toXML(); 216 217 /** 218 * Updates the local list of the users from the source of the group. 219 * <p> 220 * Most user groups will get the information from a separate database 221 * accessible via WAN. For that reason, the user group will maintain a 222 * local cache with the list of members, which can be updated through 223 * this method. 224 */ 225 public abstract void updateMembers(); 226 }