in redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/template/DefaultRoleTemplateProcessor.java [377:438]
private List<Permission> processPermissions( RedbackRoleModel model, ModelTemplate template, String resource )
throws RoleManagerException
{
if ( template.getPermissions() != null )
{
// copy list to avoid concurrent modifications
List<ModelPermission> templatePermissions = new ArrayList<ModelPermission>( template.getPermissions() );
List<Permission> rbacPermissions = new ArrayList<Permission>( templatePermissions.size() );
for ( ModelPermission profilePermission : templatePermissions )
{
try
{
String permissionName =
profilePermission.getName() + template.getDelimiter() + resolvePermissionResource( model,
profilePermission,
resource );
if ( !rbacManager.permissionExists( permissionName ) )
{
Permission permission = rbacManager.createPermission( permissionName );
ModelOperation modelOperation =
RoleModelUtils.getModelOperation( model, profilePermission.getOperation() );
Operation rbacOperation = rbacManager.getOperation( modelOperation.getName() );
String permissionResource = resolvePermissionResource( model, profilePermission, resource );
Resource rbacResource = rbacManager.getResource( permissionResource );
permission.setOperation( rbacOperation );
permission.setResource( rbacResource );
permission.setPermanent( profilePermission.isPermanent() );
permission.setDescription( profilePermission.getDescription() );
permission = rbacManager.savePermission( permission );
rbacPermissions.add( permission );
}
else
{
rbacPermissions.add( rbacManager.getPermission( permissionName ) );
}
}
catch ( RbacManagerException e )
{
throw new RoleManagerException( "unable to generate templated role: " + e.getMessage(), e );
}
catch ( RoleTemplateProcessorException e )
{
throw new RoleManagerException( "unable to resolve resource: " + resource, e );
}
}
return rbacPermissions;
}
return Collections.emptyList();
}