[New] Added AbstractService.runPrivilege()

- This runs the given action as the system user 'privileged'
2015-10-08 22:09:45 +02:00 · 2015-10-08 22:09:45 +02:00 · 60300ab21d
parent d8a68f26fd
commit 60300ab21d
5 changed files with 31 additions and 12 deletions
--- a/ch.eitchnet.privilege
+++ b/ch.eitchnet.privilege
@ -1 +1 @@
-Subproject commit 471cc1f37fa954883fac5c61a46050083b671bed
+Subproject commit 6a62864331d93d180d4382706e9b30b8ed6cab6a
--- a/li.strolch.agent/src/main/java/li/strolch/runtime/StrolchConstants.java
+++ b/li.strolch.agent/src/main/java/li/strolch/runtime/StrolchConstants.java
@ -16,10 +16,11 @@
 package li.strolch.runtime;

 import static ch.eitchnet.utils.helper.StringHelper.DOT;
+
+import ch.eitchnet.privilege.handler.PrivilegeHandler;
 import li.strolch.agent.api.ObserverHandler;
 import li.strolch.model.StrolchModelConstants;
 import li.strolch.persistence.api.PersistenceHandler;
-import ch.eitchnet.privilege.handler.PrivilegeHandler;

 /**
 * @author Robert von Burg <eitch@eitchnet.ch>
@ -30,7 +31,9 @@ public class StrolchConstants {
 	public static final String ENV_STROLCH = "ENV_STROLCH";
 	public static final String PERSISTENCE_HANDLER = PersistenceHandler.class.getSimpleName();
 	public static final String OBSERVER_HANDLER = ObserverHandler.class.getSimpleName();
+
 	public static final String PRIVILEGE_HANDLER = "PrivilegeHandler";
+	public static final String PRIVILEGED_SYSTEM_USER = "privileged";

 	public static final String PROP_REALM = "realm";
 	public static final String DEFAULT_REALM = "defaultRealm";
--- a/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java
+++ b/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java
@ -30,6 +30,7 @@ import li.strolch.agent.api.StrolchComponent;
 import li.strolch.agent.api.StrolchRealm;
 import li.strolch.exception.StrolchException;
 import li.strolch.persistence.api.StrolchTransaction;
+import li.strolch.runtime.StrolchConstants;
 import li.strolch.runtime.configuration.RuntimeConfiguration;
 import li.strolch.runtime.privilege.PrivilegeHandler;

@ -225,6 +226,21 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
 		return this.container.getPrivilegeHandler().runAsSystem(username, action);
 	}

+	/**
+	 * Performs the given {@link SystemUserAction} as the privileged system user
+	 * {@link StrolchConstants#PRIVILEGED_SYSTEM_USER}. Returns the action for chaining calls
+	 * 
+	 * @param action
+	 *            the action to perform
+	 * 
+	 * @return the action performed for chaining calls
+	 * 
+	 * @throws PrivilegeException
+	 */
+	protected <V extends SystemUserAction> V runPrivileged(V action) throws PrivilegeException {
+		return this.container.getPrivilegeHandler().runAsSystem(StrolchConstants.PRIVILEGED_SYSTEM_USER, action);
+	}
+
 	/**
 	 * This method is final as it enforces that the argument is valid, and catches all exceptions and enforces that a
 	 * service result is returned. A concrete implementation will implement the business logic in
--- a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java
+++ b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java
@ -34,6 +34,12 @@ import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.Status;

+import ch.eitchnet.privilege.base.AccessDeniedException;
+import ch.eitchnet.privilege.base.PrivilegeException;
+import ch.eitchnet.privilege.handler.PrivilegeHandler;
+import ch.eitchnet.privilege.model.Certificate;
+import ch.eitchnet.privilege.model.UserRep;
+import ch.eitchnet.privilege.model.UserState;
 import li.strolch.agent.api.ComponentContainer;
 import li.strolch.rest.RestfulStrolchComponent;
 import li.strolch.rest.StrolchRestfulConstants;
@ -57,12 +63,6 @@ import li.strolch.service.privilege.users.PrivilegeUpdateUserService;
 import li.strolch.service.privilege.users.PrivilegeUserArgument;
 import li.strolch.service.privilege.users.PrivilegeUserNameArgument;
 import li.strolch.service.privilege.users.PrivilegeUserResult;
-import ch.eitchnet.privilege.base.AccessDeniedException;
-import ch.eitchnet.privilege.base.PrivilegeException;
-import ch.eitchnet.privilege.handler.PrivilegeHandler;
-import ch.eitchnet.privilege.model.Certificate;
-import ch.eitchnet.privilege.model.UserRep;
-import ch.eitchnet.privilege.model.UserState;

 /**
 * @author Robert von Burg <eitch@eitchnet.ch>
@ -273,7 +273,7 @@ public class PrivilegeUsersService {
 		PrivilegeSetUserPasswordService svc = new PrivilegeSetUserPasswordService();
 		PrivilegeSetUserPasswordArgument arg = new PrivilegeSetUserPasswordArgument();
 		arg.username = username;
-		arg.password = passwordField.getPassword().getBytes();
+		arg.password = passwordField.getPassword();

 		ServiceResult svcResult = svcHandler.doService(cert, svc, arg);
 		if (svcResult.isOk()) {
--- a/li.strolch.rest/src/main/java/li/strolch/rest/model/PasswordField.java
+++ b/li.strolch.rest/src/main/java/li/strolch/rest/model/PasswordField.java
@ -28,13 +28,13 @@ import javax.xml.bind.annotation.XmlRootElement;
 public class PasswordField {

 	@XmlAttribute(name = "password")
-	private String password;
+	private byte[] password;

-	public String getPassword() {
+	public byte[] getPassword() {
 		return password;
 	}

-	public void setPassword(String password) {
+	public void setPassword(byte[] password) {
 		this.password = password;
 	}
 }