1 /*
2 * UserGroup.java
3 *
4 * Created on May 24, 2004, 2:37 PM
5 */
6
7 package gov.bnl.gums.userGroup;
8
9 import gov.bnl.gums.GridUser;
10 import gov.bnl.gums.configuration.Configuration;
11
12 import java.util.*;
13
14 /**
15 * An interface that defines a group of people, which GUMS will associate to a
16 * mapping policy. An implementation could take/manage a list of users in
17 * any way it wanted, or it could combine different groups.
18 *
19 * @author Gabriele Carcassi, Jay Packard
20 */
21 public abstract class UserGroup {
22 /**
23 * @return user friendly string representation of the property type called statically
24 */
25 static public String getTypeStatic() {
26 return "abstract";
27 }
28
29 private String name = "";
30 private String description = "";
31 private Configuration configuration = null;
32 protected String[] accessTypes = {"write", "read all", "read self"};
33 protected int accessIndex = 2;
34
35 /**
36 * Create a new user group. This empty constructor is needed by the XML Digestor.
37 */
38 public UserGroup() {
39 }
40
41 /**
42 * Create a new user group with a configuration.
43 *
44 * @param configuration
45 * @param name
46 */
47 public UserGroup(Configuration configuration) {
48 this.configuration = configuration;
49 }
50
51 /**
52 * Create a new user group with a configuration and a name.
53 *
54 * @param configuration
55 * @param name
56 */
57 public UserGroup(Configuration configuration, String name) {
58 this.configuration = configuration;
59 this.name = name;
60 }
61
62 /**
63 * Create a clone of itself
64 *
65 * @param configuration
66 * @return
67 */
68 public abstract UserGroup clone(Configuration configuration);
69
70 /**
71 * Getter for property access, that determines what a member of this
72 * user group has access to in GUMS.
73 *
74 * @return access as string
75 */
76 public String getAccess() {
77 return accessTypes[accessIndex];
78 }
79
80 /**
81 * Getter for property configuration.
82 *
83 * @return Configuration object
84 */
85 public Configuration getConfiguration() {
86 return configuration;
87 }
88
89 /**
90 * Getter for property description.
91 *
92 * @return Description as string
93 */
94 public String getDescription() {
95 return description;
96 }
97
98 /**
99 * Returns the list of user identities that are part of the group.
100 * <p>
101 * Some UserGroups, however, could be defined by a rule that doesn't
102 * allow listing. For example, a group could be 'all the users
103 * with a DOEGrids certificate'. Though one could argue whether or
104 * not is a good idea to have such a group, one can implement one
105 * and throw an UnsupportedOperationException. This will make it
106 * impossible for GUMS to create a grid-mapfile, but would still
107 * allow direct user to account mapping through a call-out.
108 * @return a List of GridUser objects representing the user certificate DN.
109 */
110 public abstract List getMemberList();
111
112 /**
113 * Getter for property name.
114 *
115 * @return name as string
116 */
117 public String getName() {
118 return name;
119 }
120
121 /**
122 * Getter for property type.
123 *
124 * @return type as string
125 */
126 public String getType() {
127 return "abstract";
128 }
129
130 /**
131 * @return true if this group allows at least read all access
132 */
133 public boolean hasReadAllAccess() {
134 return (accessIndex<=1);
135 }
136
137 /**
138 * @return true if this group allows at least read self access
139 */
140 public boolean hasReadSelfAccess() {
141 return (accessIndex<=2);
142 }
143
144 /**
145 * @return true if this group allows write access (admin privileges)
146 */
147 public boolean hasWriteAccess() {
148 return (accessIndex==0);
149 }
150
151 /**
152 * Determines whether the given user identity is part of the group.
153 * @param userDN the certificate DN.
154 * @return true if it's in the group
155 */
156 public abstract boolean isInGroup(GridUser user);
157
158 /**
159 * Setter for property access
160 *
161 * @param access
162 */
163 public void setAccess(String access) {
164 for(int i=0; i<accessTypes.length; i++) {
165 if ( accessTypes[i].equalsIgnoreCase(access) ) {
166 accessIndex = i;
167 return;
168 }
169 }
170 throw new RuntimeException("Invalid access type: "+access);
171 }
172
173 /**
174 * Setter for property configuration.
175 *
176 * @param configuration
177 */
178 public void setConfiguration(Configuration configuration) {
179 this.configuration = configuration;
180 }
181
182 /**
183 * Setter for property description.
184 *
185 * @param description
186 */
187 public void setDescription(String description) {
188 this.description = description;
189 }
190
191 /**
192 * Setter for property name.
193 *
194 * @param name
195 */
196 public void setName(String name) {
197 this.name = name;
198 }
199
200 /**
201 * Get string representation of this object for displaying in the
202 * diagnostic summary web page
203 *
204 * @param bgColor back ground color
205 * @return
206 */
207 public abstract String toString(String bgColor);
208
209 /**
210 * Create a clone of itself
211 *
212 * @param configuration
213 * @return
214 */
215 public abstract String toXML();
216
217 /**
218 * Updates the local list of the users from the source of the group.
219 * <p>
220 * Most user groups will get the information from a separate database
221 * accessible via WAN. For that reason, the user group will maintain a
222 * local cache with the list of members, which can be updated through
223 * this method.
224 */
225 public abstract void updateMembers();
226 }