Refactor logging to use slf4j
[iotivity.git] / cloud / account / src / main / java / org / iotivity / cloud / accountserver / resources / acl / group / GroupManager.java
1 /*
2  * //******************************************************************
3  * //
4  * // Copyright 2016 Samsung Electronics All Rights Reserved.
5  * //
6  * //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7  * //
8  * // Licensed under the Apache License, Version 2.0 (the "License");
9  * // you may not use this file except in compliance with the License.
10  * // You may obtain a copy of the License at
11  * //
12  * //      http://www.apache.org/licenses/LICENSE-2.0
13  * //
14  * // Unless required by applicable law or agreed to in writing, software
15  * // distributed under the License is distributed on an "AS IS" BASIS,
16  * // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17  * // See the License for the specific language governing permissions and
18  * // limitations under the License.
19  * //
20  * //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
21  */
22 package org.iotivity.cloud.accountserver.resources.acl.group;
23
24 import java.util.ArrayList;
25 import java.util.Arrays;
26 import java.util.HashMap;
27 import java.util.List;
28
29 import org.slf4j.Logger;
30 import org.slf4j.LoggerFactory;
31 import org.iotivity.cloud.accountserver.Constants;
32 import org.iotivity.cloud.accountserver.db.AccountDBManager;
33 import org.iotivity.cloud.accountserver.db.GroupTable;
34 import org.iotivity.cloud.accountserver.util.TypeCastingManager;
35 import org.iotivity.cloud.base.exception.ServerException.BadRequestException;
36 import org.iotivity.cloud.base.exception.ServerException.PreconditionFailedException;
37
38 /**
39  *
40  * This class provides a set of APIs to manage group
41  *
42  */
43
44 public class GroupManager {
45
46     private final static Logger            Log                 = LoggerFactory.getLogger(GroupManager.class);
47     private static GroupManager            mGrManager          = new GroupManager();
48     private TypeCastingManager<GroupTable> mTypeGroup          = new TypeCastingManager<GroupTable>();
49     private GroupPolicyManager             mGroupPolicyManager = new GroupPolicyManager();
50     private GroupAclManager                mGroupAclManager    = GroupAclManager
51             .getInstance();
52
53     /**
54      * Function to get GroupManager as a singleton
55      * 
56      * @return GroupManager as a singleton
57      */
58     public static GroupManager getInstance() {
59         return mGrManager;
60     }
61
62     /**
63      * API to replace group name to the group
64      * 
65      * @param gid
66      *            group id
67      * @param gname
68      *            group name
69      */
70     public void replaceGnameToGroup(String gid, String gname) {
71         replaceProperties(gid, Constants.KEYFIELD_GROUP_NAME, gname);
72     }
73
74     /**
75      * API to replace owner id to the group
76      * 
77      * @param gid
78      *            group id
79      * @param owner
80      *            owner id
81      */
82     public void replaceOwnerToGroup(String gid, String owner) {
83         replaceProperties(gid, Constants.KEYFIELD_GROUP_OWNER, owner);
84     }
85
86     /**
87      * API to add members to the group
88      * 
89      * @param gid
90      *            group id
91      * @param values
92      *            user uuid list
93      */
94     public void addMembersToGroup(String gid, ArrayList<String> members) {
95         addProperties(gid, Constants.KEYFIELD_GROUP_MEMBERS, members);
96     }
97
98     /**
99      * API to add masters to the group
100      * 
101      * @param gid
102      *            group id
103      * @param values
104      *            user uuid list
105      */
106     public void addMastersToGroup(String gid, ArrayList<String> masters) {
107         addProperties(gid, Constants.KEYFIELD_GROUP_MASTERS, masters);
108         addProperties(gid, Constants.KEYFIELD_GROUP_MEMBERS, masters);
109     }
110
111     /**
112      * API to add resources to the group
113      * 
114      * @param gid
115      *            group id
116      * @param values
117      *            resource list
118      */
119     public void addResourcesToGroup(String gid, ArrayList<Object> resources) {
120         ArrayList<Object> addedResources = new ArrayList<>();
121         // filter added resource list : if the device is already to the
122         // group, the resource is not added to the group
123         for (Object resource : resources) {
124             String deviceId = getDeviceIdFromResource(
125                     (HashMap<String, Object>) resource);
126             ArrayList<String> devices = getGroupTable(gid).getDevices();
127             if (devices == null) {
128                 addedResources.add(resource);
129             } else {
130                 if (!devices.contains(deviceId)) {
131                     addedResources.add(resource);
132                 }
133             }
134         }
135         addProperties(gid, Constants.KEYFIELD_GROUP_RESOURCES, addedResources);
136     }
137
138     /**
139      * API to add devices to the group
140      * 
141      * @param gid
142      *            group id
143      * @param values
144      *            device list
145      */
146     public void addDevicesToGroup(String gid, ArrayList<String> devices) {
147         // if resources regarding to the device is already registered, delete
148         // resources in advance
149         deleteResourcesOfDevices(gid, devices);
150         addProperties(gid, Constants.KEYFIELD_GROUP_DEVICES, devices);
151     }
152
153     /**
154      * API to delete member list from the group
155      * 
156      * @param gid
157      *            group id
158      * @param values
159      *            member uuid list
160      */
161     public void deleteMembersFromGroup(String gid, ArrayList<String> members) {
162         GroupTable groupTable = getGroupTable(gid);
163         ArrayList<String> devices = groupTable.getDevices();
164         if (devices != null) {
165             // delete devices owned by deleted members
166             ArrayList<String> deletedDevices = new ArrayList<String>();
167             for (String device : devices) {
168                 if (members.contains(findDeviceOwner(device))) {
169                     deletedDevices.add(device);
170                 }
171             }
172             deleteDevicesFromGroup(gid, deletedDevices);
173         }
174         deleteProperties(gid, Constants.KEYFIELD_GROUP_MEMBERS, members);
175         deleteProperties(gid, Constants.KEYFIELD_GROUP_MASTERS, members);
176     }
177
178     /**
179      * API to delete device and resources of each device from all groups
180      * 
181      * @param device
182      *            device id to be deleted from all groups
183      */
184     public void deleteDevicesFromAllGroup(String device) {
185         ArrayList<HashMap<String, Object>> groupList = readGroupList(
186                 Constants.KEYFIELD_GROUP_MEMBERS, findDeviceOwner(device));
187         if (groupList == null) {
188             return;
189         }
190         ArrayList<String> devices = new ArrayList<>();
191         devices.add(device);
192         for (HashMap<String, Object> group : groupList) {
193             // deleteProperties((String) group.get(Constants.REQ_GROUP_ID),
194             // Constants.KEYFIELD_GROUP_DEVICES, devices);
195             deleteDevicesFromGroup((String) group.get(Constants.REQ_GROUP_ID),
196                     devices);
197         }
198     }
199
200     private ArrayList<HashMap<String, Object>> readGroupList(String key,
201             String value) {
202         HashMap<String, Object> condition = new HashMap<>();
203         condition.put(key, value);
204         ArrayList<HashMap<String, Object>> records = AccountDBManager
205                 .getInstance().selectRecord(Constants.GROUP_TABLE, condition);
206         return records;
207     }
208
209     /**
210      * API to delete master list from the group
211      * 
212      * @param gid
213      *            group id
214      * @param values
215      *            master uuid list
216      */
217     public void deleteMastersFromGroup(String gid, ArrayList<String> masters) {
218         deleteProperties(gid, Constants.KEYFIELD_GROUP_MASTERS, masters);
219     }
220
221     /**
222      * API to delete resource list from the group
223      * 
224      * @param gid
225      *            group id
226      * @param values
227      *            resource list
228      */
229     public void deleteResourcesFromGroup(String gid,
230             ArrayList<Object> deletedResources) {
231         deleteProperties(gid, Constants.KEYFIELD_GROUP_RESOURCES,
232                 deletedResources);
233     }
234
235     /**
236      * API to delete device list from the group
237      * 
238      * @param gid
239      *            group id
240      * @param values
241      *            device list
242      */
243     public void deleteDevicesFromGroup(String gid, ArrayList<String> devices) {
244         // delete resources owned by deleted members
245         deleteResourcesOfDevices(gid, devices);
246         deleteProperties(gid, Constants.KEYFIELD_GROUP_DEVICES, devices);
247     }
248
249     /**
250      * API to verify if the member user is eligible to add/delete/replace the
251      * requested property values
252      * 
253      * @param gid
254      *            group id
255      * @param mid
256      *            user uuid
257      * @param properties
258      *            property key/value map to check
259      * @param operation
260      *            user operation
261      */
262     public void verifyPostRequestAuthz(String gid, String mid,
263             HashMap<String, Object> properties, UserOperation operation) {
264         ArrayList<String> keySet = new ArrayList<String>();
265         keySet.addAll(properties.keySet());
266         mGroupPolicyManager.verifyOperationAuthorization(gid, mid, operation,
267                 keySet);
268         switch (operation) {
269             case ADD:
270                 verifyPostAddPolicy(gid, mid, properties);
271                 break;
272             case DELETE:
273                 verifyPostDeletePolicy(gid, mid, properties);
274                 break;
275             case REPLACE:
276                 verifyPostReplacePolicy(gid, mid, properties);
277                 break;
278             default:
279                 throw new PreconditionFailedException(
280                         operation + " is not supported");
281         }
282     }
283
284     /**
285      * API to get added property value list to the group among the entire value
286      * list to update
287      * 
288      * @param gid
289      *            group id
290      * @param property
291      *            property to update
292      * @param values
293      *            value list to update
294      * @return property value list to be added to the group
295      */
296     public <T> ArrayList<T> getAddPropertyValues(String gid, String property,
297             ArrayList<T> values) {
298         GroupTable groupTable = getGroupTable(gid);
299         if (groupTable == null) {
300             throw new BadRequestException("group " + gid + " does not exist");
301         }
302         ArrayList<T> propertyValues = groupTable.getPropertyValue(property);
303         ArrayList<T> addedValues = new ArrayList<>();
304         for (int i = 0; i < values.size(); i++) {
305             if (!propertyValues.contains(values.get(i))) {
306                 addedValues.add(values.get(i));
307             }
308         }
309         return addedValues;
310     }
311
312     /**
313      * API to get deleted property value list from the group
314      * 
315      * @param gid
316      *            group id
317      * @param property
318      *            property to update
319      * @param values
320      *            value list to update
321      * @return property value list to be deleted from the group
322      */
323     public <T> ArrayList<T> getDeletePropertyValues(String gid, String property,
324             ArrayList<T> values) {
325         GroupTable groupTable = getGroupTable(gid);
326         if (groupTable == null) {
327             throw new BadRequestException("group " + gid + " does not exist");
328         }
329         ArrayList<T> propertyValues = groupTable.getPropertyValue(property);
330         ArrayList<T> deletedValues = new ArrayList<>();
331         for (int i = 0; i < propertyValues.size(); i++) {
332             if (!values.contains(propertyValues.get(i))) {
333                 deletedValues.add(propertyValues.get(i));
334             }
335         }
336         return deletedValues;
337     }
338
339     /**
340      * API to verify if the user is eligible to get the group information
341      * 
342      * @param gid
343      *            group id
344      * @param mid
345      *            user uuid
346      */
347     public void verifyGetRequestAuthz(String gid, String mid) {
348         verifyMemberExistenceInGroup(gid, mid);
349     }
350
351     /**
352      * API to verify if the user is eligible to delete the group
353      * 
354      * @param gid
355      *            group id
356      * @param mid
357      *            user uuid
358      */
359     public void verifyDeleteRequestAuthz(String gid, String mid) {
360         ArrayList<String> property = new ArrayList<>();
361         property.add(Constants.KEYFIELD_GROUP);
362         mGroupPolicyManager.verifyOperationAuthorization(gid, mid,
363                 UserOperation.DELETE, property);
364     }
365
366     /**
367      * API to delete a group
368      * 
369      * @param gmid
370      *            An unique identifier of member who must be a group master.
371      *            Group master can be user or resource client.
372      * @param gid
373      *            An unique identifier of the group created under user entity
374      *            who requested for group creation.
375      */
376     public void deleteGroup(String gid) {
377         GroupTable groupTable = getGroupTable(gid);
378         String parentGid = groupTable.getParent();
379         // delete subgroup ID of the parent group
380         if (parentGid != null && !parentGid.isEmpty()) {
381             ArrayList<Object> gidList = new ArrayList<Object>(
382                     Arrays.asList(gid));
383             deleteProperties(parentGid, Constants.KEYFIELD_GROUP_SUBGROUPS,
384                     gidList);
385         }
386         HashMap<String, Object> condition = new HashMap<>();
387         condition.put(Constants.KEYFIELD_GID, gid);
388         // delete group from the table
389         AccountDBManager.getInstance().deleteRecord(Constants.GROUP_TABLE,
390                 condition);
391         ArrayList<String> subgroups = (ArrayList<String>) groupTable
392                 .getSubgroups();
393         // delete subgroups
394         if (subgroups != null) {
395             for (String subgroup : subgroups) {
396                 deleteGroup(subgroup);
397                 mGroupAclManager.removeAceByGroup(subgroup);
398             }
399         }
400     }
401
402     /**
403      * API to get the group information from the db
404      * 
405      * @param gid
406      *            group id
407      * @return group information payload
408      */
409     public HashMap<String, Object> getGroupInfo(String gid) {
410         GroupTable grouptable = getGroupTable(gid);
411         return mTypeGroup.convertObjectToMap(grouptable);
412     }
413
414     /**
415      * API to add property value list to the group
416      * 
417      * @param gid
418      *            group id
419      * @param property
420      *            property
421      * @param values
422      *            value list
423      */
424     private <T> void addProperties(String gid, String property,
425             ArrayList<T> values) {
426         Log.debug("added property name: " + property + ", values : " + values
427                 + " , to group : " + gid);
428         if (values == null || values.isEmpty()) {
429             return;
430         }
431         GroupTable groupTable = getGroupTable(gid);
432         ArrayList<T> propertyValues = groupTable.getPropertyValue(property);
433         if (propertyValues == null) {
434             propertyValues = new ArrayList<T>();
435         }
436         values.removeAll(propertyValues);
437         propertyValues.addAll(values);
438         groupTable.setPropertyValue(property, propertyValues);
439         AccountDBManager.getInstance().updateRecord(Constants.GROUP_TABLE,
440                 mTypeGroup.convertObjectToMap(groupTable));
441         updateAclist(property, values, UserOperation.ADD, groupTable);
442     }
443
444     /**
445      * API to delete property value list from the group
446      * 
447      * @param gid
448      *            group id
449      * @param property
450      *            property
451      * @param values
452      *            value list
453      */
454     private <T> void deleteProperties(String gid, String property,
455             ArrayList<T> values) {
456         Log.debug("deleted property name: " + property + ", values : " + values
457                 + " , from group : " + gid);
458         GroupTable groupTable = getGroupTable(gid);
459         if (groupTable == null || values == null || values.isEmpty()) {
460             return;
461         }
462         ArrayList<T> propertyValues = groupTable.getPropertyValue(property);
463         if (propertyValues != null) {
464             if (propertyValues.removeAll(values) == false) {
465                 return;
466             }
467         }
468         groupTable.setPropertyValue(property, propertyValues);
469         AccountDBManager.getInstance().updateRecord(Constants.GROUP_TABLE,
470                 mTypeGroup.convertObjectToMap(groupTable));
471         ArrayList<String> subgroups = (ArrayList<String>) groupTable
472                 .getSubgroups();
473         updateAclist(property, values, UserOperation.DELETE, groupTable);
474         if (subgroups != null) {
475             for (int i = 0; i < subgroups.size(); i++) {
476                 deleteProperties(subgroups.get(i), property, values);
477             }
478         }
479     }
480
481     /**
482      * API to replace property value list to the group
483      * 
484      * @param gid
485      *            group id
486      * @param property
487      *            property
488      * @param value
489      *            value string
490      */
491     private void replaceProperties(String gid, String property, String value) {
492         Log.debug("replaced property name: " + property + ", value : " + value
493                 + ", to group : " + gid);
494         if (value == null || value.isEmpty()) {
495             return;
496         }
497         GroupTable groupTable = getGroupTable(gid);
498         groupTable.setPropertyValue(property, value);
499         AccountDBManager.getInstance().updateRecord(Constants.GROUP_TABLE,
500                 mTypeGroup.convertObjectToMap(groupTable));
501     }
502
503     /**
504      * API to get group table as an instance of GroupTable class
505      * 
506      * @param gid
507      *            group id
508      * @return group table
509      */
510     public GroupTable getGroupTable(String gid) {
511         GroupTable getGroupTable = new GroupTable();
512         ArrayList<HashMap<String, Object>> groupList = AccountDBManager
513                 .getInstance().selectRecord(Constants.GROUP_TABLE,
514                         getCondition(Constants.REQ_GROUP_ID, gid));
515         if (groupList.isEmpty()) {
516             return null;
517         }
518         getGroupTable = mTypeGroup.convertMaptoObject(groupList.get(0),
519                 getGroupTable);
520         return getGroupTable;
521
522     }
523
524     private void deleteResourcesOfDevices(String gid,
525             ArrayList<String> devices) {
526         GroupTable groupTable = getGroupTable(gid);
527         ArrayList<Object> resources = groupTable.getResources();
528         if (resources == null) {
529             return;
530         }
531         ArrayList<Object> deletedResources = new ArrayList<>();
532         for (Object object : resources) {
533             HashMap<String, Object> resource = (HashMap<String, Object>) object;
534             String resourceHref = (String) resource
535                     .get(Constants.KEYFIELD_ACE_RESOURCE_HREF);
536             String splitHref[] = resourceHref.split("/");
537
538             String deviceId = new String();
539             for (int i = 0; i < splitHref.length; i++) {
540                 if (splitHref[i].equals(Constants.REQ_DEVICE_ID)
541                         && (i + 1) < splitHref.length) {
542                     deviceId = splitHref[i + 1];
543
544                     break;
545                 }
546             }
547             if (devices.contains(deviceId)) {
548                 deletedResources.add(resource);
549             }
550         }
551         deleteResourcesFromGroup(gid, deletedResources);
552     }
553
554     private void verifyPostReplacePolicy(String gid, String mid,
555             HashMap<String, Object> properties) {
556         ArrayList<String> updatedKeySet = new ArrayList<String>();
557         updatedKeySet.addAll(properties.keySet());
558         mGroupPolicyManager.verifyOperationAuthorization(gid, mid,
559                 UserOperation.REPLACE, updatedKeySet);
560         for (String key : properties.keySet()) {
561             if (!(properties.get(key) instanceof String)) {
562                 throw new BadRequestException(
563                         "replace property value should be an instance of String");
564             }
565         }
566     }
567
568     private void verifyMemberExistenceInGroup(String gid, String mid) {
569         GroupTable groupTable = getGroupTable(gid);
570         if (groupTable == null) {
571             throw new BadRequestException("group " + gid + " does not exist");
572         }
573         if (groupTable.getMembers() == null) {
574             throw new BadRequestException("there are no members in the group");
575         }
576         if (!groupTable.getMembers().contains(mid)) {
577             throw new BadRequestException("uid is not a member of the group");
578         }
579     }
580
581     private void verifyPostAddPolicy(String gid, String mid,
582             HashMap<String, Object> properties) {
583         for (String key : properties.keySet()) {
584             if (!(properties.get(key) instanceof List)) {
585                 throw new BadRequestException(
586                         "add property value should be an instance of Array");
587             }
588             switch (key) {
589                 case Constants.KEYFIELD_GROUP_DEVICES:
590                     verifyDeviceOwner(mid,
591                             (ArrayList<String>) properties.get(key));
592                     verifyExistenceInParentGroup(gid, key,
593                             (ArrayList<Object>) properties.get(key));
594                     break;
595                 case Constants.KEYFIELD_GROUP_RESOURCES:
596                     verifyResourceFormat(
597                             Arrays.asList(Constants.KEYFIELD_RESOURCE_RT,
598                                     Constants.KEYFIELD_RESOURCE_IF,
599                                     Constants.KEYFIELD_ACE_RESOURCE_HREF),
600                             (ArrayList<HashMap<String, Object>>) properties
601                                     .get(key));
602                     verifyResourceOwner(mid,
603                             (ArrayList<HashMap<String, Object>>) properties
604                                     .get(key));
605                     verifyExistenceInParentGroup(gid, key,
606                             filterResourceExistenceInParentGroupDeviceProperty(
607                                     gid,
608                                     (ArrayList<HashMap<String, Object>>) properties
609                                             .get(key)));
610                     break;
611                 case Constants.KEYFIELD_GROUP_MEMBERS:
612                 case Constants.KEYFIELD_GROUP_MASTERS:
613                     // TODO verify if members are registered to the Account user
614                     // DB
615                     verifyExistenceInParentGroup(gid,
616                             Constants.KEYFIELD_GROUP_MEMBERS,
617                             (ArrayList<Object>) properties.get(key));
618                     break;
619                 default:
620                     throw new PreconditionFailedException(
621                             key + " is not supported");
622             }
623         }
624     }
625
626     private void verifyResourceFormat(List<String> propertyList,
627             ArrayList<HashMap<String, Object>> resources) {
628         for (HashMap<String, Object> resource : resources) {
629             for (String property : propertyList) {
630                 if (!resource.containsKey(property))
631                     throw new PreconditionFailedException(
632                             property + " property is not included");
633                 switch (property) {
634                     case Constants.KEYFIELD_RESOURCE_RT:
635                     case Constants.KEYFIELD_RESOURCE_IF:
636                         if (!(resource.get(property) instanceof List)) {
637                             throw new BadRequestException(property
638                                     + " property values should be an instance of array");
639                         }
640                         break;
641                     case Constants.KEYFIELD_ACE_RESOURCE_HREF:
642                         if (resource.get(property) == null) {
643                             throw new BadRequestException(
644                                     property + " property is null");
645                         }
646                         break;
647                 }
648             }
649         }
650     }
651
652     private void verifyPostDeletePolicy(String gid, String mid,
653             HashMap<String, Object> properties) {
654         for (String key : properties.keySet()) {
655             if (!(properties.get(key) instanceof List)) {
656                 throw new BadRequestException(
657                         "delete property value should be an instance of Array");
658             }
659             switch (key) {
660                 case Constants.REQ_UUID_ID:
661                     break;
662                 case Constants.KEYFIELD_GROUP_DEVICES:
663                 case Constants.KEYFIELD_GROUP_RESOURCES:
664                 case Constants.KEYFIELD_GROUP_MEMBERS:
665                     if ((boolean) ((ArrayList<String>) properties.get(key))
666                             .contains(getGroupTable(gid).getOwner())) {
667                         throw new BadRequestException("cannot remove owner Id");
668                     }
669                 case Constants.KEYFIELD_GROUP_MASTERS:
670                     verifyExistenceInParentGroup(gid, key,
671                             (ArrayList<Object>) properties.get(key));
672                     break;
673                 default:
674                     throw new BadRequestException(
675                             key + " property is not supported to ");
676             }
677         }
678     }
679
680     private ArrayList<HashMap<String, Object>> filterResourceExistenceInParentGroupDeviceProperty(
681             String gid, ArrayList<HashMap<String, Object>> resources) {
682         GroupTable parentGroupTable = getParentGroupTable(gid);
683         if (parentGroupTable == null) {
684             return resources;
685         }
686         ArrayList<String> devices = parentGroupTable.getDevices();
687         if (devices == null) {
688             return resources;
689         }
690         for (HashMap<String, Object> resource : resources) {
691             // if the device is registered to the parent group, filter the
692             // resource list
693             String deviceId = getDeviceIdFromResource(resource);
694             if (devices.contains(deviceId)) {
695                 resources.remove(resource);
696             }
697         }
698         return resources;
699     }
700
701     private GroupTable getParentGroupTable(String gid) {
702         try {
703             return getGroupTable(getGroupTable(gid).getParent());
704         } catch (Exception e) {
705             return null;
706         }
707     }
708
709     private <T> void verifyExistenceInParentGroup(String gid, String property,
710             ArrayList<T> values) {
711         GroupTable parentGroupTable = getParentGroupTable(gid);
712         if (parentGroupTable == null) {
713             return;
714         }
715
716         ArrayList<Object> groupValues = parentGroupTable
717                 .getPropertyValue(property);
718         if (groupValues == null) {
719             throw new BadRequestException(
720                     "verifying parent group Existence failed");
721         }
722         if (!groupValues.containsAll(values)) {
723             throw new BadRequestException(
724                     "verifying parent group Existence failed");
725
726         }
727     }
728
729     private void verifyDeviceOwner(String mid, ArrayList<String> values) {
730         for (String deviceId : values) {
731             if (!findDeviceOwner(deviceId).equals(mid)) {
732                 throw new BadRequestException("verifying device owner failed");
733             }
734         }
735     }
736
737     private void verifyResourceOwner(String mid,
738             ArrayList<HashMap<String, Object>> resources) {
739         for (HashMap<String, Object> resource : resources) {
740             String deviceId = getDeviceIdFromResource(resource);
741             if (!findDeviceOwner(deviceId).equals(mid)) {
742                 throw new BadRequestException(
743                         "verifying resource owner failed");
744             }
745         }
746     }
747
748     private String getDeviceIdFromResource(HashMap<String, Object> resource) {
749         String resourceHref = (String) resource
750                 .get(Constants.KEYFIELD_ACE_RESOURCE_HREF);
751         String splitHref[] = resourceHref.split("/");
752         for (int i = 0; i < splitHref.length; i++) {
753             if (splitHref[i].equals(Constants.REQ_DEVICE_ID)
754                     && (i + 1) < splitHref.length) {
755                 return splitHref[i + 1];
756             }
757         }
758         return null;
759     }
760
761     private String findDeviceOwner(String deviceId) {
762         return mGroupAclManager.getDeviceOwnerId(deviceId);
763     }
764
765     private String findResourceOwner(String resourceHref) {
766         String splitHref[] = resourceHref.split("/");
767         for (int i = 0; i < splitHref.length; i++) {
768             if (splitHref[i].equals(Constants.REQ_DEVICE_ID)
769                     && (i + 1) < splitHref.length) {
770                 return findDeviceOwner(splitHref[i + 1]);
771             }
772         }
773         return null;
774     }
775
776     private HashMap<String, Object> getCondition(String property,
777             String value) {
778         HashMap<String, Object> condition = new HashMap<>();
779         condition.put(property, value);
780         return condition;
781     }
782
783     private <T> void updateAclist(String property, ArrayList<T> values,
784             UserOperation operation, GroupTable groupTable) {
785         switch (operation) {
786             case ADD:
787                 addAclist(property, values, groupTable);
788                 break;
789             case DELETE:
790                 removeAclist(property, values, groupTable);
791                 break;
792             default:
793                 throw new BadRequestException(
794                         operation + " is not supported operation in the group");
795         }
796     }
797
798     private <T> void addAclist(String property, ArrayList<T> values,
799             GroupTable groupTable) {
800         String gid = groupTable.getGid();
801         int permission = 0;
802         for (Object gaclObject : groupTable.getGacl()) {
803             HashMap<String, Object> gacl = (HashMap<String, Object>) gaclObject;
804             permission = (int) gacl.get(Constants.KEYFIELD_ACE_PERMISSION);
805         }
806         switch (property) {
807             case Constants.KEYFIELD_GROUP_MEMBERS:
808                 mGroupAclManager.addAceByMembers(gid, permission,
809                         (ArrayList<String>) values);
810                 break;
811             case Constants.KEYFIELD_GROUP_DEVICES:
812                 mGroupAclManager.addAceByDevices(gid, permission,
813                         (ArrayList<String>) values);
814                 break;
815             case Constants.KEYFIELD_GROUP_RESOURCES:
816                 mGroupAclManager.addAceByResources(gid, permission,
817                         (ArrayList<HashMap<String, Object>>) values);
818                 break;
819             case Constants.KEYFIELD_GROUP_OWNER:
820             case Constants.KEYFIELD_GROUP_MASTERS:
821             case Constants.KEYFIELD_GROUP_SUBGROUPS:
822             case Constants.KEYFIELD_GROUP_GACL:
823                 return;
824             default:
825                 throw new BadRequestException(
826                         property + " is not supported property in the group");
827         }
828     }
829
830     private <T> void removeAclist(String property, ArrayList<T> values,
831             GroupTable groupTable) {
832         String gid = groupTable.getGid();
833         switch (property) {
834             case Constants.KEYFIELD_GROUP_MEMBERS:
835                 mGroupAclManager.removeAceByMembers((ArrayList<String>) values,
836                         gid);
837                 break;
838             case Constants.KEYFIELD_GROUP_DEVICES:
839                 mGroupAclManager.removeAceByDevices((ArrayList<String>) values,
840                         gid);
841                 break;
842             case Constants.KEYFIELD_GROUP_RESOURCES:
843                 mGroupAclManager.removeAceByResources(
844                         (ArrayList<HashMap<String, Object>>) values, gid);
845                 break;
846             case Constants.KEYFIELD_GROUP_OWNER:
847             case Constants.KEYFIELD_GROUP_MASTERS:
848             case Constants.KEYFIELD_GROUP_SUBGROUPS:
849             case Constants.KEYFIELD_GROUP_GACL:
850                 return;
851             default:
852                 throw new BadRequestException(
853                         property + " is not supported property in the group");
854         }
855     }
856 }