[Major] refactored SystemUserActions in privilege
Now a SystemUserAction is defined as follows: <Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege"> <Allow>li.strolch.agent.impl.StartRealms</Allow> </Privilege>
This commit is contained in:
parent
473c852ea6
commit
503bdbe4d6
|
@ -1 +1 @@
|
|||
Subproject commit 4c6434f475dc40e73b54890540eaf943f21e1084
|
||||
Subproject commit 0c7315b713edb81442208c2b347c6432a3b6bc70
|
|
@ -21,7 +21,7 @@ import ch.eitchnet.privilege.model.PrivilegeContext;
|
|||
/**
|
||||
* @author Robert von Burg <eitch@eitchnet.ch>
|
||||
*/
|
||||
public class StartRealms implements SystemUserAction {
|
||||
public class StartRealms extends SystemUserAction {
|
||||
|
||||
private final DefaultRealmHandler defaultRealmHandler;
|
||||
|
||||
|
|
|
@ -101,6 +101,27 @@ public class ServiceResult implements Serializable {
|
|||
this.message = message;
|
||||
}
|
||||
|
||||
public String getRootMessage() {
|
||||
Throwable t = getRootCause();
|
||||
if (t == null)
|
||||
return null;
|
||||
return t.getMessage() == null ? t.getClass().getName() : (t.getClass().getName() + ": " + t.getMessage());
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the root cause of the encapsulated {@link Throwable} or null if no {@link Throwable} is set
|
||||
*/
|
||||
public Throwable getRootCause() {
|
||||
if (this.throwable == null)
|
||||
return null;
|
||||
Throwable t = this.throwable;
|
||||
while (t.getCause() != null) {
|
||||
t = t.getCause();
|
||||
}
|
||||
|
||||
return t;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the throwable
|
||||
*/
|
||||
|
|
|
@ -21,8 +21,8 @@
|
|||
|
||||
<Roles>
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
<Role name="AppUser">
|
||||
|
|
|
@ -21,8 +21,8 @@
|
|||
|
||||
<Roles>
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
<Role name="AppUser">
|
||||
|
|
|
@ -21,8 +21,8 @@
|
|||
|
||||
<Roles>
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
<Role name="AppUser">
|
||||
|
|
|
@ -21,8 +21,8 @@
|
|||
|
||||
<Roles>
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
<Role name="AppUser">
|
||||
|
|
|
@ -21,8 +21,8 @@
|
|||
|
||||
<Roles>
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
<Role name="AppUser">
|
||||
|
|
|
@ -23,8 +23,8 @@
|
|||
|
||||
<Roles>
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
<Role name="AppUser">
|
||||
|
|
|
@ -17,7 +17,6 @@ package li.strolch.exception;
|
|||
|
||||
/**
|
||||
* @author Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
public class StrolchException extends RuntimeException {
|
||||
|
||||
|
|
|
@ -0,0 +1,39 @@
|
|||
/*
|
||||
* Copyright 2015 Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package li.strolch.exception;
|
||||
|
||||
/**
|
||||
* @author Robert von Burg <eitch@eitchnet.ch>
|
||||
*/
|
||||
public class StrolchModelException extends StrolchException {
|
||||
|
||||
private static final long serialVersionUID = 1L;
|
||||
|
||||
/**
|
||||
* @param message
|
||||
* @param cause
|
||||
*/
|
||||
public StrolchModelException(String message, Throwable cause) {
|
||||
super(message, cause);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param message
|
||||
*/
|
||||
public StrolchModelException(String message) {
|
||||
super(message);
|
||||
}
|
||||
}
|
|
@ -23,6 +23,7 @@ import java.util.Map;
|
|||
import java.util.Set;
|
||||
|
||||
import li.strolch.exception.StrolchException;
|
||||
import li.strolch.exception.StrolchModelException;
|
||||
import li.strolch.model.parameter.Parameter;
|
||||
|
||||
import org.w3c.dom.Element;
|
||||
|
@ -92,15 +93,49 @@ public abstract class GroupedParameterizedElement extends AbstractStrolchElement
|
|||
* @return the found {@link Parameter} or null if it was not found
|
||||
*/
|
||||
public <T> T getParameter(String bagKey, String paramKey) {
|
||||
return getParameter(bagKey, paramKey, false);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link Parameter} with the given key from the {@link ParameterBag} with the given bagKey, or null if
|
||||
* the {@link Parameter} or the {@link ParameterBag} does not exist
|
||||
*
|
||||
* @param bagKey
|
||||
* the key of the {@link ParameterBag} from which the {@link Parameter} is to be returned
|
||||
* @param paramKey
|
||||
* the key of the {@link Parameter} which is to be returned
|
||||
* @param assertExists
|
||||
* if set to true, and the parameter does not exist, a {@link StrolchModelException} is thrown
|
||||
*
|
||||
* @return the found {@link Parameter} or null if it was not found
|
||||
*/
|
||||
public <T> T getParameter(String bagKey, String paramKey, boolean assertExists) {
|
||||
if (this.parameterBagMap == null) {
|
||||
if (assertExists) {
|
||||
String msg = "The Parameter {0} does not exist";
|
||||
throw new StrolchModelException(MessageFormat.format(msg,
|
||||
getLocator().append(Tags.BAG, bagKey, paramKey)));
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
ParameterBag bag = this.parameterBagMap.get(bagKey);
|
||||
if (bag == null) {
|
||||
if (assertExists) {
|
||||
String msg = "The Parameter {0} does not exist";
|
||||
throw new StrolchModelException(MessageFormat.format(msg,
|
||||
getLocator().append(Tags.BAG, bagKey, paramKey)));
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
return bag.getParameter(paramKey);
|
||||
T parameter = bag.getParameter(paramKey);
|
||||
if (assertExists && parameter == null) {
|
||||
String msg = "The Parameter {0} does not exist";
|
||||
throw new StrolchModelException(MessageFormat.format(msg, getLocator().append(Tags.BAG, bagKey, paramKey)));
|
||||
}
|
||||
return parameter;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -155,6 +155,18 @@ public class Locator {
|
|||
public Locator append(List<String> subPathElements) {
|
||||
return new Locator(this.pathElements, subPathElements);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a new {@link Locator} where the given sub path is appended to the locator
|
||||
*
|
||||
* @param subPathElements
|
||||
* the sub path to append
|
||||
*
|
||||
* @return the new locator
|
||||
*/
|
||||
public Locator append(String... subPathElements) {
|
||||
return new Locator(this.pathElements, Arrays.asList(subPathElements));
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a new {@link Locator} where the given element is appended to the locator
|
||||
|
|
|
@ -21,8 +21,8 @@
|
|||
|
||||
<Roles>
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
<Role name="AppUser">
|
||||
|
|
|
@ -41,7 +41,7 @@ import ch.eitchnet.privilege.model.Certificate;
|
|||
/**
|
||||
* @author Robert von Burg <eitch@eitchnet.ch>
|
||||
*/
|
||||
public abstract class PostgreSqlInitializer implements SystemUserAction {
|
||||
public abstract class PostgreSqlInitializer extends SystemUserAction {
|
||||
|
||||
protected static final Logger logger = LoggerFactory.getLogger(PostgreSqlInitializer.class);
|
||||
protected StrolchAgent agent;
|
||||
|
|
|
@ -21,8 +21,8 @@
|
|||
|
||||
<Roles>
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
<Role name="AppUser">
|
||||
|
|
|
@ -21,8 +21,8 @@
|
|||
|
||||
<Roles>
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
<Role name="AppUser">
|
||||
|
|
|
@ -21,8 +21,8 @@
|
|||
|
||||
<Roles>
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
<Role name="AppUser">
|
||||
|
|
|
@ -21,8 +21,8 @@
|
|||
|
||||
<Roles>
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
<Role name="AppUser">
|
||||
|
|
|
@ -20,11 +20,13 @@
|
|||
</Users>
|
||||
|
||||
<Roles>
|
||||
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
|
||||
<Role name="AppUser">
|
||||
<Privilege name="li.strolch.service.api.Service" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
|
@ -33,5 +35,6 @@
|
|||
<AllAllowed>true</AllAllowed>
|
||||
</Privilege>
|
||||
</Role>
|
||||
|
||||
</Roles>
|
||||
</UsersAndRoles>
|
|
@ -21,10 +21,11 @@
|
|||
|
||||
<Roles>
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
|
||||
<Role name="AppUser">
|
||||
<Privilege name="li.strolch.service.api.Service" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
|
@ -33,5 +34,6 @@
|
|||
<AllAllowed>true</AllAllowed>
|
||||
</Privilege>
|
||||
</Role>
|
||||
|
||||
</Roles>
|
||||
</UsersAndRoles>
|
|
@ -57,8 +57,8 @@
|
|||
|
||||
<Roles>
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
|
||||
|
@ -71,8 +71,7 @@
|
|||
</Privilege>
|
||||
</Role>
|
||||
|
||||
<Role name="sysAdmin">
|
||||
</Role>
|
||||
<Role name="sysAdmin" />
|
||||
|
||||
<Role name="OnlyGreetingServiceRole">
|
||||
<Privilege name="li.strolch.service.api.Service" policy="DefaultPrivilege">
|
||||
|
|
|
@ -21,7 +21,7 @@ import ch.eitchnet.privilege.model.PrivilegeContext;
|
|||
/**
|
||||
* @author Robert von Burg <eitch@eitchnet.ch>
|
||||
*/
|
||||
public class QueryCurrentVersionsAction implements SystemUserAction {
|
||||
public class QueryCurrentVersionsAction extends SystemUserAction {
|
||||
|
||||
private CurrentMigrationVersionQuery query;
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@ import ch.eitchnet.utils.Version;
|
|||
/**
|
||||
* @author Robert von Burg <eitch@eitchnet.ch>
|
||||
*/
|
||||
public class RunMigrationsAction implements SystemUserAction {
|
||||
public class RunMigrationsAction extends SystemUserAction {
|
||||
|
||||
private Migrations migrations;
|
||||
private Map<String, MigrationVersion> currentVersions;
|
||||
|
|
|
@ -20,17 +20,15 @@
|
|||
</Users>
|
||||
|
||||
<Roles>
|
||||
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
</Privilege>
|
||||
<Privilege name="li.strolch.migrations.QueryCurrentVersionsAction" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
</Privilege>
|
||||
<Privilege name="li.strolch.migrations.RunMigrationsAction" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
<Allow>li.strolch.migrations.QueryCurrentVersionsAction</Allow>
|
||||
<Allow>li.strolch.migrations.RunMigrationsAction</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
|
||||
<Role name="AppUser">
|
||||
<Privilege name="li.strolch.service.api.Service" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
|
|
|
@ -20,11 +20,13 @@
|
|||
</Users>
|
||||
|
||||
<Roles>
|
||||
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
|
||||
<Role name="AppUser">
|
||||
<Privilege name="li.strolch.service.api.Service" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
|
|
|
@ -20,11 +20,13 @@
|
|||
</Users>
|
||||
|
||||
<Roles>
|
||||
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
|
||||
<Role name="AppUser">
|
||||
<Privilege name="li.strolch.service.api.Service" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
|
|
|
@ -59,10 +59,14 @@
|
|||
<Roles>
|
||||
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
<Privilege name="li.strolch.model.query.StrolchQuery" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
</Privilege>
|
||||
</Role>
|
||||
|
||||
<Role name="AppUser">
|
||||
<Privilege name="li.strolch.service.api.Service" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
|
@ -71,8 +75,9 @@
|
|||
<AllAllowed>true</AllAllowed>
|
||||
</Privilege>
|
||||
</Role>
|
||||
<Role name="sysAdmin">
|
||||
</Role>
|
||||
|
||||
<Role name="sysAdmin" />
|
||||
|
||||
<Role name="OnlyGreetingServiceRole">
|
||||
<Privilege name="li.strolch.service.api.Service" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.service.test.model.GreetingService</Allow>
|
||||
|
|
|
@ -58,8 +58,8 @@
|
|||
<Roles>
|
||||
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
</Role>
|
||||
|
||||
|
@ -72,8 +72,7 @@
|
|||
</Privilege>
|
||||
</Role>
|
||||
|
||||
<Role name="sysAdmin">
|
||||
</Role>
|
||||
<Role name="sysAdmin" />
|
||||
|
||||
<Role name="OnlyGreetingServiceRole">
|
||||
<Privilege name="li.strolch.service.api.Service" policy="DefaultPrivilege">
|
||||
|
|
|
@ -58,8 +58,8 @@
|
|||
<Roles>
|
||||
|
||||
<Role name="agent">
|
||||
<Privilege name="li.strolch.agent.impl.StartRealms" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" policy="DefaultPrivilege">
|
||||
<Allow>li.strolch.agent.impl.StartRealms</Allow>
|
||||
</Privilege>
|
||||
<Privilege name="li.strolch.model.query.StrolchQuery" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
|
@ -75,8 +75,7 @@
|
|||
</Privilege>
|
||||
</Role>
|
||||
|
||||
<Role name="sysAdmin">
|
||||
</Role>
|
||||
<Role name="sysAdmin" />
|
||||
|
||||
<Role name="OnlyGreetingServiceRole">
|
||||
<Privilege name="li.strolch.service.api.Service" policy="DefaultPrivilege">
|
||||
|
|
Loading…
Reference in New Issue