[New] Added AbstractService.runPrivilege()
- This runs the given action as the system user 'privileged'
This commit is contained in:
parent
d8a68f26fd
commit
60300ab21d
|
@ -1 +1 @@
|
||||||
Subproject commit 471cc1f37fa954883fac5c61a46050083b671bed
|
Subproject commit 6a62864331d93d180d4382706e9b30b8ed6cab6a
|
|
@ -16,10 +16,11 @@
|
||||||
package li.strolch.runtime;
|
package li.strolch.runtime;
|
||||||
|
|
||||||
import static ch.eitchnet.utils.helper.StringHelper.DOT;
|
import static ch.eitchnet.utils.helper.StringHelper.DOT;
|
||||||
|
|
||||||
|
import ch.eitchnet.privilege.handler.PrivilegeHandler;
|
||||||
import li.strolch.agent.api.ObserverHandler;
|
import li.strolch.agent.api.ObserverHandler;
|
||||||
import li.strolch.model.StrolchModelConstants;
|
import li.strolch.model.StrolchModelConstants;
|
||||||
import li.strolch.persistence.api.PersistenceHandler;
|
import li.strolch.persistence.api.PersistenceHandler;
|
||||||
import ch.eitchnet.privilege.handler.PrivilegeHandler;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Robert von Burg <eitch@eitchnet.ch>
|
* @author Robert von Burg <eitch@eitchnet.ch>
|
||||||
|
@ -30,7 +31,9 @@ public class StrolchConstants {
|
||||||
public static final String ENV_STROLCH = "ENV_STROLCH";
|
public static final String ENV_STROLCH = "ENV_STROLCH";
|
||||||
public static final String PERSISTENCE_HANDLER = PersistenceHandler.class.getSimpleName();
|
public static final String PERSISTENCE_HANDLER = PersistenceHandler.class.getSimpleName();
|
||||||
public static final String OBSERVER_HANDLER = ObserverHandler.class.getSimpleName();
|
public static final String OBSERVER_HANDLER = ObserverHandler.class.getSimpleName();
|
||||||
|
|
||||||
public static final String PRIVILEGE_HANDLER = "PrivilegeHandler";
|
public static final String PRIVILEGE_HANDLER = "PrivilegeHandler";
|
||||||
|
public static final String PRIVILEGED_SYSTEM_USER = "privileged";
|
||||||
|
|
||||||
public static final String PROP_REALM = "realm";
|
public static final String PROP_REALM = "realm";
|
||||||
public static final String DEFAULT_REALM = "defaultRealm";
|
public static final String DEFAULT_REALM = "defaultRealm";
|
||||||
|
|
|
@ -30,6 +30,7 @@ import li.strolch.agent.api.StrolchComponent;
|
||||||
import li.strolch.agent.api.StrolchRealm;
|
import li.strolch.agent.api.StrolchRealm;
|
||||||
import li.strolch.exception.StrolchException;
|
import li.strolch.exception.StrolchException;
|
||||||
import li.strolch.persistence.api.StrolchTransaction;
|
import li.strolch.persistence.api.StrolchTransaction;
|
||||||
|
import li.strolch.runtime.StrolchConstants;
|
||||||
import li.strolch.runtime.configuration.RuntimeConfiguration;
|
import li.strolch.runtime.configuration.RuntimeConfiguration;
|
||||||
import li.strolch.runtime.privilege.PrivilegeHandler;
|
import li.strolch.runtime.privilege.PrivilegeHandler;
|
||||||
|
|
||||||
|
@ -225,6 +226,21 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
|
||||||
return this.container.getPrivilegeHandler().runAsSystem(username, action);
|
return this.container.getPrivilegeHandler().runAsSystem(username, action);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Performs the given {@link SystemUserAction} as the privileged system user
|
||||||
|
* {@link StrolchConstants#PRIVILEGED_SYSTEM_USER}. Returns the action for chaining calls
|
||||||
|
*
|
||||||
|
* @param action
|
||||||
|
* the action to perform
|
||||||
|
*
|
||||||
|
* @return the action performed for chaining calls
|
||||||
|
*
|
||||||
|
* @throws PrivilegeException
|
||||||
|
*/
|
||||||
|
protected <V extends SystemUserAction> V runPrivileged(V action) throws PrivilegeException {
|
||||||
|
return this.container.getPrivilegeHandler().runAsSystem(StrolchConstants.PRIVILEGED_SYSTEM_USER, action);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This method is final as it enforces that the argument is valid, and catches all exceptions and enforces that a
|
* This method is final as it enforces that the argument is valid, and catches all exceptions and enforces that a
|
||||||
* service result is returned. A concrete implementation will implement the business logic in
|
* service result is returned. A concrete implementation will implement the business logic in
|
||||||
|
|
|
@ -34,6 +34,12 @@ import javax.ws.rs.core.MediaType;
|
||||||
import javax.ws.rs.core.Response;
|
import javax.ws.rs.core.Response;
|
||||||
import javax.ws.rs.core.Response.Status;
|
import javax.ws.rs.core.Response.Status;
|
||||||
|
|
||||||
|
import ch.eitchnet.privilege.base.AccessDeniedException;
|
||||||
|
import ch.eitchnet.privilege.base.PrivilegeException;
|
||||||
|
import ch.eitchnet.privilege.handler.PrivilegeHandler;
|
||||||
|
import ch.eitchnet.privilege.model.Certificate;
|
||||||
|
import ch.eitchnet.privilege.model.UserRep;
|
||||||
|
import ch.eitchnet.privilege.model.UserState;
|
||||||
import li.strolch.agent.api.ComponentContainer;
|
import li.strolch.agent.api.ComponentContainer;
|
||||||
import li.strolch.rest.RestfulStrolchComponent;
|
import li.strolch.rest.RestfulStrolchComponent;
|
||||||
import li.strolch.rest.StrolchRestfulConstants;
|
import li.strolch.rest.StrolchRestfulConstants;
|
||||||
|
@ -57,12 +63,6 @@ import li.strolch.service.privilege.users.PrivilegeUpdateUserService;
|
||||||
import li.strolch.service.privilege.users.PrivilegeUserArgument;
|
import li.strolch.service.privilege.users.PrivilegeUserArgument;
|
||||||
import li.strolch.service.privilege.users.PrivilegeUserNameArgument;
|
import li.strolch.service.privilege.users.PrivilegeUserNameArgument;
|
||||||
import li.strolch.service.privilege.users.PrivilegeUserResult;
|
import li.strolch.service.privilege.users.PrivilegeUserResult;
|
||||||
import ch.eitchnet.privilege.base.AccessDeniedException;
|
|
||||||
import ch.eitchnet.privilege.base.PrivilegeException;
|
|
||||||
import ch.eitchnet.privilege.handler.PrivilegeHandler;
|
|
||||||
import ch.eitchnet.privilege.model.Certificate;
|
|
||||||
import ch.eitchnet.privilege.model.UserRep;
|
|
||||||
import ch.eitchnet.privilege.model.UserState;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Robert von Burg <eitch@eitchnet.ch>
|
* @author Robert von Burg <eitch@eitchnet.ch>
|
||||||
|
@ -273,7 +273,7 @@ public class PrivilegeUsersService {
|
||||||
PrivilegeSetUserPasswordService svc = new PrivilegeSetUserPasswordService();
|
PrivilegeSetUserPasswordService svc = new PrivilegeSetUserPasswordService();
|
||||||
PrivilegeSetUserPasswordArgument arg = new PrivilegeSetUserPasswordArgument();
|
PrivilegeSetUserPasswordArgument arg = new PrivilegeSetUserPasswordArgument();
|
||||||
arg.username = username;
|
arg.username = username;
|
||||||
arg.password = passwordField.getPassword().getBytes();
|
arg.password = passwordField.getPassword();
|
||||||
|
|
||||||
ServiceResult svcResult = svcHandler.doService(cert, svc, arg);
|
ServiceResult svcResult = svcHandler.doService(cert, svc, arg);
|
||||||
if (svcResult.isOk()) {
|
if (svcResult.isOk()) {
|
||||||
|
|
|
@ -28,13 +28,13 @@ import javax.xml.bind.annotation.XmlRootElement;
|
||||||
public class PasswordField {
|
public class PasswordField {
|
||||||
|
|
||||||
@XmlAttribute(name = "password")
|
@XmlAttribute(name = "password")
|
||||||
private String password;
|
private byte[] password;
|
||||||
|
|
||||||
public String getPassword() {
|
public byte[] getPassword() {
|
||||||
return password;
|
return password;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setPassword(String password) {
|
public void setPassword(byte[] password) {
|
||||||
this.password = password;
|
this.password = password;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue