[New] Implemented UserSessionsService methods properly
This commit is contained in:
parent
c07d4553a1
commit
172f384680
|
@ -21,6 +21,7 @@ import java.time.LocalDateTime;
|
||||||
import java.time.ZoneId;
|
import java.time.ZoneId;
|
||||||
import java.time.temporal.ChronoUnit;
|
import java.time.temporal.ChronoUnit;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
import java.util.Collections;
|
||||||
import java.util.Date;
|
import java.util.Date;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
@ -41,6 +42,7 @@ import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
import ch.eitchnet.privilege.base.AccessDeniedException;
|
import ch.eitchnet.privilege.base.AccessDeniedException;
|
||||||
|
import ch.eitchnet.privilege.base.PrivilegeException;
|
||||||
import ch.eitchnet.privilege.model.Certificate;
|
import ch.eitchnet.privilege.model.Certificate;
|
||||||
import ch.eitchnet.privilege.model.PrivilegeContext;
|
import ch.eitchnet.privilege.model.PrivilegeContext;
|
||||||
import ch.eitchnet.privilege.model.SimpleRestrictable;
|
import ch.eitchnet.privilege.model.SimpleRestrictable;
|
||||||
|
@ -51,8 +53,11 @@ import ch.eitchnet.utils.dbc.DBC;
|
||||||
*/
|
*/
|
||||||
public class DefaultStrolchSessionHandler extends StrolchComponent implements StrolchSessionHandler {
|
public class DefaultStrolchSessionHandler extends StrolchComponent implements StrolchSessionHandler {
|
||||||
|
|
||||||
|
public static final String PRIVILEGE_INVALIDATE_SESSION = "InvalidateSession";
|
||||||
|
public static final String PRIVILEGE_GET_SESSION = "GetSession";
|
||||||
|
public static final String PARAM_SESSION_TTL_MINUTES = "session.ttl.minutes"; //$NON-NLS-1$
|
||||||
|
|
||||||
private static final Logger logger = LoggerFactory.getLogger(DefaultStrolchSessionHandler.class);
|
private static final Logger logger = LoggerFactory.getLogger(DefaultStrolchSessionHandler.class);
|
||||||
private static final String PARAM_SESSION_TTL_MINUTES = "session.ttl.minutes"; //$NON-NLS-1$
|
|
||||||
private PrivilegeHandler privilegeHandler;
|
private PrivilegeHandler privilegeHandler;
|
||||||
private Map<String, Certificate> certificateMap;
|
private Map<String, Certificate> certificateMap;
|
||||||
private long sessionTtl;
|
private long sessionTtl;
|
||||||
|
@ -75,7 +80,7 @@ public class DefaultStrolchSessionHandler extends StrolchComponent implements St
|
||||||
@Override
|
@Override
|
||||||
public void start() {
|
public void start() {
|
||||||
this.privilegeHandler = getContainer().getComponent(PrivilegeHandler.class);
|
this.privilegeHandler = getContainer().getComponent(PrivilegeHandler.class);
|
||||||
this.certificateMap = new HashMap<>();
|
this.certificateMap = Collections.synchronizedMap(new HashMap<>());
|
||||||
|
|
||||||
this.sessionTimeoutTimer = new Timer("SessionTimeoutTimer", true); //$NON-NLS-1$
|
this.sessionTimeoutTimer = new Timer("SessionTimeoutTimer", true); //$NON-NLS-1$
|
||||||
long checkInterval = TimeUnit.MINUTES.toMillis(1);
|
long checkInterval = TimeUnit.MINUTES.toMillis(1);
|
||||||
|
@ -203,28 +208,32 @@ public class DefaultStrolchSessionHandler extends StrolchComponent implements St
|
||||||
@Override
|
@Override
|
||||||
public UserSession getSession(Certificate certificate, String sessionId) {
|
public UserSession getSession(Certificate certificate, String sessionId) {
|
||||||
PrivilegeContext ctx = this.privilegeHandler.getPrivilegeContext(certificate);
|
PrivilegeContext ctx = this.privilegeHandler.getPrivilegeContext(certificate);
|
||||||
ctx.assertHasPrivilege("GetSession");
|
ctx.assertHasPrivilege(PRIVILEGE_GET_SESSION);
|
||||||
for (Certificate cert : certificateMap.values()) {
|
synchronized (this.certificateMap) {
|
||||||
if (cert.getSessionId().equals(sessionId)) {
|
for (Certificate cert : certificateMap.values()) {
|
||||||
ctx.validateAction(new SimpleRestrictable("GetSession", cert));
|
if (cert.getSessionId().equals(sessionId)) {
|
||||||
return new UserSession(cert);
|
ctx.validateAction(new SimpleRestrictable(PRIVILEGE_GET_SESSION, cert));
|
||||||
|
return new UserSession(cert);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return null;
|
throw new PrivilegeException("No Session exists with the id " + sessionId);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public List<UserSession> getSessions(Certificate certificate) {
|
public List<UserSession> getSessions(Certificate certificate) {
|
||||||
PrivilegeContext ctx = this.privilegeHandler.getPrivilegeContext(certificate);
|
PrivilegeContext ctx = this.privilegeHandler.getPrivilegeContext(certificate);
|
||||||
ctx.assertHasPrivilege("GetSession");
|
ctx.assertHasPrivilege(PRIVILEGE_GET_SESSION);
|
||||||
List<UserSession> sessions = new ArrayList<>(this.certificateMap.size());
|
List<UserSession> sessions = new ArrayList<>(this.certificateMap.size());
|
||||||
for (Certificate cert : certificateMap.values()) {
|
synchronized (this.certificateMap) {
|
||||||
try {
|
for (Certificate cert : certificateMap.values()) {
|
||||||
ctx.validateAction(new SimpleRestrictable("GetSession", cert));
|
try {
|
||||||
sessions.add(new UserSession(cert));
|
ctx.validateAction(new SimpleRestrictable(PRIVILEGE_GET_SESSION, cert));
|
||||||
} catch (AccessDeniedException e) {
|
sessions.add(new UserSession(cert));
|
||||||
// so no, user may not get this session
|
} catch (AccessDeniedException e) {
|
||||||
|
// no, user may not get this session
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -234,25 +243,39 @@ public class DefaultStrolchSessionHandler extends StrolchComponent implements St
|
||||||
@Override
|
@Override
|
||||||
public void invalidateSession(Certificate certificate, String sessionId) {
|
public void invalidateSession(Certificate certificate, String sessionId) {
|
||||||
PrivilegeContext ctx = this.privilegeHandler.getPrivilegeContext(certificate);
|
PrivilegeContext ctx = this.privilegeHandler.getPrivilegeContext(certificate);
|
||||||
ctx.assertHasPrivilege("InvalidateSession");
|
ctx.assertHasPrivilege(PRIVILEGE_INVALIDATE_SESSION);
|
||||||
for (Certificate cert : certificateMap.values()) {
|
|
||||||
|
Map<String, Certificate> map;
|
||||||
|
synchronized (this.certificateMap) {
|
||||||
|
map = new HashMap<>(this.certificateMap);
|
||||||
|
}
|
||||||
|
boolean ok = false;
|
||||||
|
for (Certificate cert : map.values()) {
|
||||||
if (cert.getSessionId().equals(sessionId)) {
|
if (cert.getSessionId().equals(sessionId)) {
|
||||||
ctx.validateAction(new SimpleRestrictable("InvalidateSession", cert));
|
ctx.validateAction(new SimpleRestrictable(PRIVILEGE_INVALIDATE_SESSION, cert));
|
||||||
invalidate(cert);
|
invalidate(cert);
|
||||||
|
ok = true;
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!ok) {
|
||||||
|
throw new PrivilegeException("Can not invalidate session as no session exists with the id " + sessionId);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setSessionLocale(Certificate certificate, String sessionId, Locale locale) {
|
public void setSessionLocale(Certificate certificate, String sessionId, Locale locale) {
|
||||||
if (!certificate.getSessionId().equals(sessionId)) {
|
if (!certificate.getSessionId().equals(sessionId)) {
|
||||||
String msg = "User''s can only change their own session locale: {0} may not change locale of session {1}";
|
String msg = "User's can only change their own session locale: {0} may not change locale of session {1}";
|
||||||
throw new AccessDeniedException(MessageFormat.format(msg, certificate.getUsername(), sessionId));
|
throw new AccessDeniedException(MessageFormat.format(msg, certificate.getUsername(), sessionId));
|
||||||
}
|
}
|
||||||
|
|
||||||
for (Certificate cert : certificateMap.values()) {
|
synchronized (this.certificateMap) {
|
||||||
if (cert.getSessionId().equals(sessionId)) {
|
for (Certificate cert : certificateMap.values()) {
|
||||||
cert.setLocale(locale);
|
if (cert.getSessionId().equals(sessionId)) {
|
||||||
|
cert.setLocale(locale);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -21,15 +21,22 @@ import li.strolch.rest.StrolchRestfulConstants;
|
||||||
import li.strolch.rest.StrolchSessionHandler;
|
import li.strolch.rest.StrolchSessionHandler;
|
||||||
import li.strolch.rest.model.Result;
|
import li.strolch.rest.model.Result;
|
||||||
import li.strolch.rest.model.UserSession;
|
import li.strolch.rest.model.UserSession;
|
||||||
|
|
||||||
|
import org.slf4j.Logger;
|
||||||
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
import ch.eitchnet.privilege.model.Certificate;
|
import ch.eitchnet.privilege.model.Certificate;
|
||||||
|
|
||||||
@Path("strolch/sessions")
|
@Path("strolch/sessions")
|
||||||
public class UserSessionsService {
|
public class UserSessionsService {
|
||||||
|
|
||||||
|
private static final Logger logger = LoggerFactory.getLogger(UserSessionsService.class);
|
||||||
|
|
||||||
@GET
|
@GET
|
||||||
@Produces(MediaType.APPLICATION_JSON)
|
@Produces(MediaType.APPLICATION_JSON)
|
||||||
public Response getSessions(@Context HttpServletRequest request) {
|
public Response getSessions(@Context HttpServletRequest request) {
|
||||||
Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
|
Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
|
||||||
|
logger.info("[" + cert.getUsername() + "] Returning all sessions...");
|
||||||
StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler();
|
StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler();
|
||||||
List<UserSession> sessions = sessionHandler.getSessions(cert);
|
List<UserSession> sessions = sessionHandler.getSessions(cert);
|
||||||
GenericEntity<List<UserSession>> entity = new GenericEntity<List<UserSession>>(sessions) {
|
GenericEntity<List<UserSession>> entity = new GenericEntity<List<UserSession>>(sessions) {
|
||||||
|
@ -42,6 +49,7 @@ public class UserSessionsService {
|
||||||
@Path("{sessionId}")
|
@Path("{sessionId}")
|
||||||
public Response getSession(@Context HttpServletRequest request, @PathParam("sessionId") String sessionId) {
|
public Response getSession(@Context HttpServletRequest request, @PathParam("sessionId") String sessionId) {
|
||||||
Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
|
Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
|
||||||
|
logger.info("[" + cert.getUsername() + "] Returning session " + sessionId);
|
||||||
StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler();
|
StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler();
|
||||||
UserSession session = sessionHandler.getSession(cert, sessionId);
|
UserSession session = sessionHandler.getSession(cert, sessionId);
|
||||||
return Response.ok(session, MediaType.APPLICATION_JSON).build();
|
return Response.ok(session, MediaType.APPLICATION_JSON).build();
|
||||||
|
@ -52,6 +60,7 @@ public class UserSessionsService {
|
||||||
@Path("{sessionId}")
|
@Path("{sessionId}")
|
||||||
public Response invalidateSession(@Context HttpServletRequest request, @PathParam("sessionId") String sessionId) {
|
public Response invalidateSession(@Context HttpServletRequest request, @PathParam("sessionId") String sessionId) {
|
||||||
Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
|
Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
|
||||||
|
logger.info("[" + cert.getUsername() + "] Invalidating session " + sessionId);
|
||||||
StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler();
|
StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler();
|
||||||
sessionHandler.invalidateSession(cert, sessionId);
|
sessionHandler.invalidateSession(cert, sessionId);
|
||||||
return Response.ok(new Result(), MediaType.APPLICATION_JSON).build();
|
return Response.ok(new Result(), MediaType.APPLICATION_JSON).build();
|
||||||
|
@ -63,6 +72,7 @@ public class UserSessionsService {
|
||||||
public Response setSessionLocale(@Context HttpServletRequest request, @PathParam("sessionId") String sessionId,
|
public Response setSessionLocale(@Context HttpServletRequest request, @PathParam("sessionId") String sessionId,
|
||||||
@PathParam("locale") String localeS) {
|
@PathParam("locale") String localeS) {
|
||||||
Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
|
Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
|
||||||
|
logger.info("[" + cert.getUsername() + "] Setting locale of session " + sessionId + " to " + localeS);
|
||||||
StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler();
|
StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler();
|
||||||
Locale locale;
|
Locale locale;
|
||||||
try {
|
try {
|
||||||
|
|
|
@ -33,6 +33,10 @@ public class UserSession {
|
||||||
@XmlAttribute(name = "lastAccess")
|
@XmlAttribute(name = "lastAccess")
|
||||||
private Date lastAccess;
|
private Date lastAccess;
|
||||||
|
|
||||||
|
public UserSession() {
|
||||||
|
// no-arg constructor for JAXB
|
||||||
|
}
|
||||||
|
|
||||||
public UserSession(Certificate certificate) {
|
public UserSession(Certificate certificate) {
|
||||||
this.sessionId = certificate.getSessionId();
|
this.sessionId = certificate.getSessionId();
|
||||||
this.loginTime = certificate.getLoginTime();
|
this.loginTime = certificate.getLoginTime();
|
||||||
|
|
Loading…
Reference in New Issue