From 60300ab21d770ee0657d28702ed266d995fb0224 Mon Sep 17 00:00:00 2001 From: Robert von Burg Date: Thu, 8 Oct 2015 22:09:45 +0200 Subject: [PATCH] [New] Added AbstractService.runPrivilege() - This runs the given action as the system user 'privileged' --- ch.eitchnet.privilege | 2 +- .../li/strolch/runtime/StrolchConstants.java | 5 ++++- .../li/strolch/service/api/AbstractService.java | 16 ++++++++++++++++ .../rest/endpoint/PrivilegeUsersService.java | 14 +++++++------- .../li/strolch/rest/model/PasswordField.java | 6 +++--- 5 files changed, 31 insertions(+), 12 deletions(-) diff --git a/ch.eitchnet.privilege b/ch.eitchnet.privilege index 471cc1f37..6a6286433 160000 --- a/ch.eitchnet.privilege +++ b/ch.eitchnet.privilege @@ -1 +1 @@ -Subproject commit 471cc1f37fa954883fac5c61a46050083b671bed +Subproject commit 6a62864331d93d180d4382706e9b30b8ed6cab6a diff --git a/li.strolch.agent/src/main/java/li/strolch/runtime/StrolchConstants.java b/li.strolch.agent/src/main/java/li/strolch/runtime/StrolchConstants.java index 514dbd8df..461a5458a 100644 --- a/li.strolch.agent/src/main/java/li/strolch/runtime/StrolchConstants.java +++ b/li.strolch.agent/src/main/java/li/strolch/runtime/StrolchConstants.java @@ -16,10 +16,11 @@ package li.strolch.runtime; import static ch.eitchnet.utils.helper.StringHelper.DOT; + +import ch.eitchnet.privilege.handler.PrivilegeHandler; import li.strolch.agent.api.ObserverHandler; import li.strolch.model.StrolchModelConstants; import li.strolch.persistence.api.PersistenceHandler; -import ch.eitchnet.privilege.handler.PrivilegeHandler; /** * @author Robert von Burg @@ -30,7 +31,9 @@ public class StrolchConstants { public static final String ENV_STROLCH = "ENV_STROLCH"; public static final String PERSISTENCE_HANDLER = PersistenceHandler.class.getSimpleName(); public static final String OBSERVER_HANDLER = ObserverHandler.class.getSimpleName(); + public static final String PRIVILEGE_HANDLER = "PrivilegeHandler"; + public static final String PRIVILEGED_SYSTEM_USER = "privileged"; public static final String PROP_REALM = "realm"; public static final String DEFAULT_REALM = "defaultRealm"; diff --git a/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java b/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java index 277c51f7e..c1a162648 100644 --- a/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java +++ b/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java @@ -30,6 +30,7 @@ import li.strolch.agent.api.StrolchComponent; import li.strolch.agent.api.StrolchRealm; import li.strolch.exception.StrolchException; import li.strolch.persistence.api.StrolchTransaction; +import li.strolch.runtime.StrolchConstants; import li.strolch.runtime.configuration.RuntimeConfiguration; import li.strolch.runtime.privilege.PrivilegeHandler; @@ -225,6 +226,21 @@ public abstract class AbstractService V runPrivileged(V action) throws PrivilegeException { + return this.container.getPrivilegeHandler().runAsSystem(StrolchConstants.PRIVILEGED_SYSTEM_USER, action); + } + /** * This method is final as it enforces that the argument is valid, and catches all exceptions and enforces that a * service result is returned. A concrete implementation will implement the business logic in diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java index 20a073b52..13de4c635 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java @@ -34,6 +34,12 @@ import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; +import ch.eitchnet.privilege.base.AccessDeniedException; +import ch.eitchnet.privilege.base.PrivilegeException; +import ch.eitchnet.privilege.handler.PrivilegeHandler; +import ch.eitchnet.privilege.model.Certificate; +import ch.eitchnet.privilege.model.UserRep; +import ch.eitchnet.privilege.model.UserState; import li.strolch.agent.api.ComponentContainer; import li.strolch.rest.RestfulStrolchComponent; import li.strolch.rest.StrolchRestfulConstants; @@ -57,12 +63,6 @@ import li.strolch.service.privilege.users.PrivilegeUpdateUserService; import li.strolch.service.privilege.users.PrivilegeUserArgument; import li.strolch.service.privilege.users.PrivilegeUserNameArgument; import li.strolch.service.privilege.users.PrivilegeUserResult; -import ch.eitchnet.privilege.base.AccessDeniedException; -import ch.eitchnet.privilege.base.PrivilegeException; -import ch.eitchnet.privilege.handler.PrivilegeHandler; -import ch.eitchnet.privilege.model.Certificate; -import ch.eitchnet.privilege.model.UserRep; -import ch.eitchnet.privilege.model.UserState; /** * @author Robert von Burg @@ -273,7 +273,7 @@ public class PrivilegeUsersService { PrivilegeSetUserPasswordService svc = new PrivilegeSetUserPasswordService(); PrivilegeSetUserPasswordArgument arg = new PrivilegeSetUserPasswordArgument(); arg.username = username; - arg.password = passwordField.getPassword().getBytes(); + arg.password = passwordField.getPassword(); ServiceResult svcResult = svcHandler.doService(cert, svc, arg); if (svcResult.isOk()) { diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/model/PasswordField.java b/li.strolch.rest/src/main/java/li/strolch/rest/model/PasswordField.java index 29f085b36..68e98d904 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/model/PasswordField.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/model/PasswordField.java @@ -28,13 +28,13 @@ import javax.xml.bind.annotation.XmlRootElement; public class PasswordField { @XmlAttribute(name = "password") - private String password; + private byte[] password; - public String getPassword() { + public byte[] getPassword() { return password; } - public void setPassword(String password) { + public void setPassword(byte[] password) { this.password = password; } }