SparseUserDatabaseMBean.java

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.catalina.mbeans;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;

import javax.management.MBeanServer;
import javax.management.ObjectName;

import org.apache.catalina.Group;
import org.apache.catalina.Role;
import org.apache.catalina.User;
import org.apache.catalina.UserDatabase;
import org.apache.tomcat.util.modeler.BaseModelMBean;
import org.apache.tomcat.util.modeler.ManagedBean;
import org.apache.tomcat.util.modeler.Registry;
import org.apache.tomcat.util.res.StringManager;

/**
 * <p>
 * A <strong>ModelMBean</strong> implementation for the <code>org.apache.catalina.users.SparseUserDatabase</code>
 * component. The main difference is that the MBeans are created on demand (for example, the findUser method would
 * register the corresponding user and make it available for management. All the MBeans created for users, groups and
 * roles are then discarded when save is invoked.
 * </p>
 *
 * @author Craig R. McClanahan
 */
public class SparseUserDatabaseMBean extends BaseModelMBean {

    private static final StringManager sm = StringManager.getManager(SparseUserDatabaseMBean.class);

    // ----------------------------------------------------- Instance Variables

    /**
     * The configuration information registry for our managed beans.
     */
    protected final Registry registry = MBeanUtils.createRegistry();


    /**
     * The <code>MBeanServer</code> for this application.
     */
    protected final MBeanServer mserver = MBeanUtils.createServer();


    /**
     * The <code>ManagedBean</code> information describing this MBean.
     */
    protected final ManagedBean managed = registry.findManagedBean("SparseUserDatabase");


    /**
     * The <code>ManagedBean</code> information describing Group MBeans.
     */
    protected final ManagedBean managedGroup = registry.findManagedBean("Group");


    /**
     * The <code>ManagedBean</code> information describing Group MBeans.
     */
    protected final ManagedBean managedRole = registry.findManagedBean("Role");


    /**
     * The <code>ManagedBean</code> information describing User MBeans.
     */
    protected final ManagedBean managedUser = registry.findManagedBean("User");


    // ------------------------------------------------------------- Attributes

    /**
     * @return the MBean Names of all groups defined in this database.
     */
    public String[] getGroups() {
        UserDatabase database = (UserDatabase) this.resource;
        List<String> results = new ArrayList<>();
        Iterator<Group> groups = database.getGroups();
        while (groups.hasNext()) {
            Group group = groups.next();
            results.add(findGroup(group.getGroupname()));
        }
        return results.toArray(new String[0]);
    }


    /**
     * @return the MBean Names of all roles defined in this database.
     */
    public String[] getRoles() {
        UserDatabase database = (UserDatabase) this.resource;
        List<String> results = new ArrayList<>();
        Iterator<Role> roles = database.getRoles();
        while (roles.hasNext()) {
            Role role = roles.next();
            results.add(findRole(role.getRolename()));
        }
        return results.toArray(new String[0]);
    }


    /**
     * @return the MBean Names of all users defined in this database.
     */
    public String[] getUsers() {
        UserDatabase database = (UserDatabase) this.resource;
        List<String> results = new ArrayList<>();
        Iterator<User> users = database.getUsers();
        while (users.hasNext()) {
            User user = users.next();
            results.add(findUser(user.getUsername()));
        }
        return results.toArray(new String[0]);
    }


    // ------------------------------------------------------------- Operations

    /**
     * Create a new Group and return the corresponding MBean Name.
     *
     * @param groupname   Group name of the new group
     * @param description Description of the new group
     *
     * @return the new group object name
     */
    public String createGroup(String groupname, String description) {
        UserDatabase database = (UserDatabase) this.resource;
        Group group = database.createGroup(groupname, description);
        try {
            MBeanUtils.createMBean(group);
        } catch (Exception e) {
            throw new IllegalArgumentException(sm.getString("userMBean.createMBeanError.group", groupname), e);
        }
        return findGroup(groupname);
    }


    /**
     * Create a new Role and return the corresponding MBean Name.
     *
     * @param rolename    Group name of the new group
     * @param description Description of the new group
     *
     * @return the new role object name
     */
    public String createRole(String rolename, String description) {
        UserDatabase database = (UserDatabase) this.resource;
        Role role = database.createRole(rolename, description);
        try {
            MBeanUtils.createMBean(role);
        } catch (Exception e) {
            throw new IllegalArgumentException(sm.getString("userMBean.createMBeanError.role", rolename), e);
        }
        return findRole(rolename);
    }


    /**
     * Create a new User and return the corresponding MBean Name.
     *
     * @param username User name of the new user
     * @param password Password for the new user
     * @param fullName Full name for the new user
     *
     * @return the new user object name
     */
    public String createUser(String username, String password, String fullName) {
        UserDatabase database = (UserDatabase) this.resource;
        User user = database.createUser(username, password, fullName);
        try {
            MBeanUtils.createMBean(user);
        } catch (Exception e) {
            throw new IllegalArgumentException(sm.getString("userMBean.createMBeanError.user", username), e);
        }
        return findUser(username);
    }


    /**
     * Return the MBean Name for the specified group name (if any); otherwise return <code>null</code>.
     *
     * @param groupname Group name to look up
     *
     * @return the group object name
     */
    public String findGroup(String groupname) {
        UserDatabase database = (UserDatabase) this.resource;
        Group group = database.findGroup(groupname);
        if (group == null) {
            return null;
        }
        try {
            ObjectName oname = MBeanUtils.createObjectName(managedGroup.getDomain(), group);
            if (database.isSparse() && !mserver.isRegistered(oname)) {
                MBeanUtils.createMBean(group);
            }
            return oname.toString();
        } catch (Exception e) {
            throw new IllegalArgumentException(sm.getString("userMBean.createError.group", groupname), e);
        }
    }


    /**
     * Return the MBean Name for the specified role name (if any); otherwise return <code>null</code>.
     *
     * @param rolename Role name to look up
     *
     * @return the role object name
     */
    public String findRole(String rolename) {
        UserDatabase database = (UserDatabase) this.resource;
        Role role = database.findRole(rolename);
        if (role == null) {
            return null;
        }
        try {
            ObjectName oname = MBeanUtils.createObjectName(managedRole.getDomain(), role);
            if (database.isSparse() && !mserver.isRegistered(oname)) {
                MBeanUtils.createMBean(role);
            }
            return oname.toString();
        } catch (Exception e) {
            throw new IllegalArgumentException(sm.getString("userMBean.createError.role", rolename), e);
        }

    }


    /**
     * Return the MBean Name for the specified user name (if any); otherwise return <code>null</code>.
     *
     * @param username User name to look up
     *
     * @return the user object name
     */
    public String findUser(String username) {
        UserDatabase database = (UserDatabase) this.resource;
        User user = database.findUser(username);
        if (user == null) {
            return null;
        }
        try {
            ObjectName oname = MBeanUtils.createObjectName(managedUser.getDomain(), user);
            if (database.isSparse() && !mserver.isRegistered(oname)) {
                MBeanUtils.createMBean(user);
            }
            return oname.toString();
        } catch (Exception e) {
            throw new IllegalArgumentException(sm.getString("userMBean.createError.user", username), e);
        }
    }


    /**
     * Remove an existing group and destroy the corresponding MBean.
     *
     * @param groupname Group name to remove
     */
    public void removeGroup(String groupname) {
        UserDatabase database = (UserDatabase) this.resource;
        Group group = database.findGroup(groupname);
        if (group == null) {
            return;
        }
        try {
            MBeanUtils.destroyMBean(group);
            database.removeGroup(group);
        } catch (Exception e) {
            throw new IllegalArgumentException(sm.getString("userMBean.destroyError.group", groupname), e);
        }
    }


    /**
     * Remove an existing role and destroy the corresponding MBean.
     *
     * @param rolename Role name to remove
     */
    public void removeRole(String rolename) {
        UserDatabase database = (UserDatabase) this.resource;
        Role role = database.findRole(rolename);
        if (role == null) {
            return;
        }
        try {
            MBeanUtils.destroyMBean(role);
            database.removeRole(role);
        } catch (Exception e) {
            throw new IllegalArgumentException(sm.getString("userMBean.destroyError.role", rolename), e);
        }
    }


    /**
     * Remove an existing user and destroy the corresponding MBean.
     *
     * @param username User name to remove
     */
    public void removeUser(String username) {
        UserDatabase database = (UserDatabase) this.resource;
        User user = database.findUser(username);
        if (user == null) {
            return;
        }
        try {
            MBeanUtils.destroyMBean(user);
            database.removeUser(user);
        } catch (Exception e) {
            throw new IllegalArgumentException(sm.getString("userMBean.destroyError.user", username), e);
        }
    }


    /**
     * Call actual save and unregister all obsolete beans.
     */
    public void save() {
        try {
            UserDatabase database = (UserDatabase) this.resource;
            if (database.isSparse()) {
                ObjectName query = null;
                Set<ObjectName> results = null;

                // Groups
                query = new ObjectName("Users:type=Group,database=" + database.getId() + ",*");
                results = mserver.queryNames(query, null);
                for (ObjectName result : results) {
                    mserver.unregisterMBean(result);
                }

                // Roles
                query = new ObjectName("Users:type=Role,database=" + database.getId() + ",*");
                results = mserver.queryNames(query, null);
                for (ObjectName result : results) {
                    mserver.unregisterMBean(result);
                }

                // Users
                query = new ObjectName("Users:type=User,database=" + database.getId() + ",*");
                results = mserver.queryNames(query, null);
                for (ObjectName result : results) {
                    mserver.unregisterMBean(result);
                }
            }
            database.save();
        } catch (Exception e) {
            throw new IllegalArgumentException(sm.getString("userMBean.saveError"), e);
        }
    }
}