This commit is contained in:
parent
c653edd679
commit
9daaccd318
|
@ -16,7 +16,7 @@ import org.apache.log4j.Logger;
|
|||
import org.dom4j.Element;
|
||||
|
||||
import ch.eitchnet.privilege.handler.EncryptionHandler;
|
||||
import ch.eitchnet.privilege.handler.ModificationHandler;
|
||||
import ch.eitchnet.privilege.handler.ModelHandler;
|
||||
import ch.eitchnet.privilege.handler.PersistenceHandler;
|
||||
import ch.eitchnet.privilege.handler.PolicyHandler;
|
||||
import ch.eitchnet.privilege.handler.SessionHandler;
|
||||
|
@ -47,7 +47,9 @@ public class PrivilegeContainer {
|
|||
private SessionHandler sessionHandler;
|
||||
private PolicyHandler policyHandler;
|
||||
private EncryptionHandler encryptionHandler;
|
||||
private ModificationHandler modificationHandler;
|
||||
private ModelHandler modelHandler;
|
||||
|
||||
private String basePath;
|
||||
|
||||
public static PrivilegeContainer getInstance() {
|
||||
return instance;
|
||||
|
@ -82,10 +84,17 @@ public class PrivilegeContainer {
|
|||
}
|
||||
|
||||
/**
|
||||
* @return the modificationHandler
|
||||
* @return the modelHandler
|
||||
*/
|
||||
public ModificationHandler getModificationHandler() {
|
||||
return modificationHandler;
|
||||
public ModelHandler getModelHandler() {
|
||||
return modelHandler;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the basePath
|
||||
*/
|
||||
public String getBasePath() {
|
||||
return basePath;
|
||||
}
|
||||
|
||||
public void initialize(File privilegeContainerXml) {
|
||||
|
@ -97,7 +106,7 @@ public class PrivilegeContainer {
|
|||
}
|
||||
|
||||
// set base path from privilege container xml
|
||||
String basePath = privilegeContainerXml.getParentFile().getAbsolutePath();
|
||||
basePath = privilegeContainerXml.getParentFile().getAbsolutePath();
|
||||
|
||||
// parse container xml file to XML document
|
||||
Element containerRootElement = XmlHelper.parseDocument(privilegeContainerXml).getRootElement();
|
||||
|
@ -121,14 +130,14 @@ public class PrivilegeContainer {
|
|||
Element policyHandlerElement = containerRootElement.element(XmlConstants.XML_HANDLER_POLICY);
|
||||
String policyHandlerClassName = policyHandlerElement.attributeValue(XmlConstants.XML_ATTR_CLASS);
|
||||
PolicyHandler policyHandler = ClassHelper.instantiateClass(policyHandlerClassName);
|
||||
|
||||
|
||||
// instantiate modification handler
|
||||
Element modificationHandlerElement = containerRootElement.element(XmlConstants.XML_HANDLER_MODIFICATION);
|
||||
Element modificationHandlerElement = containerRootElement.element(XmlConstants.XML_HANDLER_MODEL);
|
||||
String modificationHandlerClassName = modificationHandlerElement.attributeValue(XmlConstants.XML_ATTR_CLASS);
|
||||
ModificationHandler modificationHandler = ClassHelper.instantiateClass(policyHandlerClassName);
|
||||
ModelHandler modelHandler = ClassHelper.instantiateClass(modificationHandlerClassName);
|
||||
|
||||
try {
|
||||
persistenceHandler.initialize(basePath, persistenceHandlerElement);
|
||||
persistenceHandler.initialize(persistenceHandlerElement);
|
||||
} catch (Exception e) {
|
||||
logger.error(e, e);
|
||||
throw new PrivilegeException("PersistenceHandler " + persistenceHandlerElement
|
||||
|
@ -154,14 +163,15 @@ public class PrivilegeContainer {
|
|||
throw new PrivilegeException("PolicyHandler " + policyHandlerClassName + " could not be initialized");
|
||||
}
|
||||
try {
|
||||
modificationHandler.initialize(modificationHandlerElement);
|
||||
modelHandler.initialize(modificationHandlerElement);
|
||||
} catch (Exception e) {
|
||||
logger.error(e, e);
|
||||
throw new PrivilegeException("ModificationHandler " + modificationHandlerClassName + " could not be initialized");
|
||||
throw new PrivilegeException("ModificationHandler " + modificationHandlerClassName
|
||||
+ " could not be initialized");
|
||||
}
|
||||
|
||||
// keep references to the handlers
|
||||
this.modificationHandler = modificationHandler;
|
||||
this.modelHandler = modelHandler;
|
||||
this.sessionHandler = sessionHandler;
|
||||
this.encryptionHandler = encryptionHandler;
|
||||
this.policyHandler = policyHandler;
|
||||
|
|
|
@ -19,7 +19,7 @@ public class XmlConstants {
|
|||
public static final String XML_HANDLER_ENCRYPTION = "EncryptionHandler";
|
||||
public static final String XML_HANDLER_SESSION = "SessionHandler";
|
||||
public static final String XML_HANDLER_POLICY = "PolicyHandler";
|
||||
public static final String XML_HANDLER_MODIFICATION = "ModificationHandler";
|
||||
public static final String XML_HANDLER_MODEL = "ModificationHandler";
|
||||
|
||||
public static final String XML_ROLES = "Roles";
|
||||
public static final String XML_ROLE = "Role";
|
||||
|
|
|
@ -0,0 +1,345 @@
|
|||
/*
|
||||
* Copyright (c) 2010
|
||||
*
|
||||
* Robert von Burg
|
||||
* eitch@eitchnet.ch
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.handler;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
|
||||
import org.dom4j.Element;
|
||||
|
||||
import ch.eitchnet.privilege.helper.PrivilegeHelper;
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
import ch.eitchnet.privilege.model.PrivilegeRep;
|
||||
import ch.eitchnet.privilege.model.RoleRep;
|
||||
import ch.eitchnet.privilege.model.UserRep;
|
||||
import ch.eitchnet.privilege.model.UserState;
|
||||
import ch.eitchnet.privilege.model.internal.Privilege;
|
||||
import ch.eitchnet.privilege.model.internal.Role;
|
||||
import ch.eitchnet.privilege.model.internal.User;
|
||||
|
||||
/**
|
||||
* @author rvonburg
|
||||
*
|
||||
*/
|
||||
public class DefaultModelHandler implements ModelHandler {
|
||||
|
||||
private PersistenceHandler persistenceHandler;
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.SessionHandler#setPersistenceHandler(ch.eitchnet.privilege.handler.PersistenceHandler)
|
||||
*/
|
||||
public void setPersistenceHandler(PersistenceHandler persistenceHandler) {
|
||||
this.persistenceHandler = persistenceHandler;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#addOrReplacePrivilege(ch.eitchnet.privilege.model.Certificate,
|
||||
* ch.eitchnet.privilege.model.PrivilegeRep)
|
||||
*/
|
||||
@Override
|
||||
public void addOrReplacePrivilege(Certificate certificate, PrivilegeRep privilegeRep) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#addOrReplaceRole(ch.eitchnet.privilege.model.Certificate,
|
||||
* ch.eitchnet.privilege.model.RoleRep)
|
||||
*/
|
||||
@Override
|
||||
public void addOrReplaceRole(Certificate certificate, RoleRep roleRep) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#addOrReplaceUser(ch.eitchnet.privilege.model.Certificate,
|
||||
* ch.eitchnet.privilege.model.UserRep)
|
||||
*/
|
||||
@Override
|
||||
public void addOrReplaceUser(Certificate certificate, UserRep userRep) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#addPrivilegeToRole(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String, java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public void addPrivilegeToRole(Certificate certificate, String roleName, String privilegeName) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#addRoleToUser(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String, java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public void addRoleToUser(Certificate certificate, String username, String rolename) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#persist(ch.eitchnet.privilege.model.Certificate)
|
||||
*/
|
||||
@Override
|
||||
public boolean persist(Certificate certificate) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#removePrivilege(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public PrivilegeRep removePrivilege(Certificate certificate, String privilegeName) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#removePrivilegeFromRole(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String, java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public void removePrivilegeFromRole(Certificate certificate, String roleName, String privilegeName) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#removeRole(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public RoleRep removeRole(Certificate certificate, String roleName) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#removeRoleFromUser(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String, java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public void removeRoleFromUser(Certificate certificate, String username, String rolename) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#removeUser(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public UserRep removeUser(Certificate certificate, String username) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#setPrivilegeAllAllowed(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String, boolean)
|
||||
*/
|
||||
@Override
|
||||
public void setPrivilegeAllAllowed(Certificate certificate, String privilegeName, boolean allAllowed) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#setPrivilegeAllowList(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String, java.util.List)
|
||||
*/
|
||||
@Override
|
||||
public void setPrivilegeAllowList(Certificate certificate, String privilegeName, List<String> allowList) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#setPrivilegeDenyList(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String, java.util.List)
|
||||
*/
|
||||
@Override
|
||||
public void setPrivilegeDenyList(Certificate certificate, String privilegeName, List<String> denyList) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#setPrivilegePolicy(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String, java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public void setPrivilegePolicy(Certificate certificate, String privilegeName, String policyName) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#setUserLocaleState(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String, java.util.Locale)
|
||||
*/
|
||||
@Override
|
||||
public void setUserLocaleState(Certificate certificate, String username, Locale locale) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#setUserNamePassword(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String, java.lang.String, java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public void setUserNamePassword(Certificate certificate, String username, String firstname, String surname) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#setUserPassword(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String, java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public void setUserPassword(Certificate certificate, String username, String password) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#setUserState(ch.eitchnet.privilege.model.Certificate,
|
||||
* java.lang.String, ch.eitchnet.privilege.model.UserState)
|
||||
*/
|
||||
@Override
|
||||
public void setUserState(Certificate certificate, String username, UserState state) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.base.PrivilegeContainerObject#initialize(org.dom4j.Element)
|
||||
*/
|
||||
@Override
|
||||
public void initialize(Element element) {
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#getPrivilege(java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public Privilege getPrivilege(String privilegeName) {
|
||||
return persistenceHandler.getPrivilege(privilegeName);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#getRole(java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public Role getRole(String roleName) {
|
||||
return persistenceHandler.getRole(roleName);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.ModelHandler#getUser(java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public User getUser(String username) {
|
||||
return persistenceHandler.getUser(username);
|
||||
}
|
||||
|
||||
}
|
|
@ -26,7 +26,6 @@ import org.dom4j.Element;
|
|||
import ch.eitchnet.privilege.base.PrivilegeContainer;
|
||||
import ch.eitchnet.privilege.base.XmlConstants;
|
||||
import ch.eitchnet.privilege.helper.ConfigurationHelper;
|
||||
import ch.eitchnet.privilege.helper.PrivilegeHelper;
|
||||
import ch.eitchnet.privilege.helper.XmlHelper;
|
||||
import ch.eitchnet.privilege.i18n.PrivilegeException;
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
|
@ -47,11 +46,13 @@ public class DefaultPersistenceHandler implements PersistenceHandler {
|
|||
private Map<String, Role> roleMap;
|
||||
private Map<String, Privilege> privilegeMap;
|
||||
|
||||
private long usersFileDate;
|
||||
private boolean userMapDirty;
|
||||
private long rolesFileDate;
|
||||
private boolean roleMapDirty;
|
||||
private long privilegesFileDate;
|
||||
private boolean privilegeMapDirty;
|
||||
|
||||
private PersistenceHandler persistenceHandler;
|
||||
private Map<String, String> parameterMap;
|
||||
|
||||
/**
|
||||
|
@ -59,43 +60,61 @@ public class DefaultPersistenceHandler implements PersistenceHandler {
|
|||
* ch.eitchnet.privilege.model.internal.Privilege)
|
||||
*/
|
||||
@Override
|
||||
public void addOrReplacePrivilege(Certificate certificate, Privilege privilege) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
public void addOrReplacePrivilege(Privilege privilege) {
|
||||
privilegeMap.put(privilege.getName(), privilege);
|
||||
privilegeMapDirty = true;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#removePrivilege(java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public Privilege removePrivilege(String privilegeName) {
|
||||
Privilege privilege = privilegeMap.remove(privilegeName);
|
||||
privilegeMapDirty = privilege != null;
|
||||
return privilege;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#addOrReplaceRole(ch.eitchnet.privilege.model.Certificate,
|
||||
* ch.eitchnet.privilege.model.internal.Role)
|
||||
*/
|
||||
@Override
|
||||
public void addOrReplaceRole(Certificate certificate, Role role) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
public void addOrReplaceRole(Role role) {
|
||||
roleMap.put(role.getName(), role);
|
||||
roleMapDirty = true;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#removeRole(java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public Role removeRole(String roleName) {
|
||||
Role role = roleMap.remove(roleName);
|
||||
roleMapDirty = role != null;
|
||||
return role;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#addOrReplaceUser(ch.eitchnet.privilege.model.Certificate,
|
||||
* ch.eitchnet.privilege.model.internal.User)
|
||||
*/
|
||||
@Override
|
||||
public void addOrReplaceUser(Certificate certificate, User user) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
||||
public void addOrReplaceUser(User user) {
|
||||
userMap.put(user.getUsername(), user);
|
||||
userMapDirty = true;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#removeUser(java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public User removeUser(String username) {
|
||||
User user = userMap.remove(username);
|
||||
userMapDirty = user != null;
|
||||
return user;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#getPrivilege(java.lang.String)
|
||||
*/
|
||||
|
@ -121,44 +140,50 @@ public class DefaultPersistenceHandler implements PersistenceHandler {
|
|||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#persist()
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#persist(ch.eitchnet.privilege.model.Certificate)
|
||||
*/
|
||||
@Override
|
||||
public void persist(Certificate certificate) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
public boolean persist(Certificate certificate) {
|
||||
|
||||
// USERS
|
||||
if (!userMapDirty) {
|
||||
logger.warn("No users unpersisted.");
|
||||
// get users file name
|
||||
String usersFileName = parameterMap.get(XmlConstants.XML_PARAM_USERS_FILE);
|
||||
if (usersFileName == null || usersFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + SessionHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_USERS_FILE + " is invalid");
|
||||
}
|
||||
// get users file
|
||||
File usersFile = new File(PrivilegeContainer.getInstance().getBasePath() + "/" + usersFileName);
|
||||
boolean usersFileUnchanged = usersFile.exists() && usersFile.lastModified() == usersFileDate;
|
||||
if (!userMapDirty && usersFileUnchanged) {
|
||||
logger.warn("No users unpersisted and user file unchanged on file system");
|
||||
} else {
|
||||
logger.info("Persisting users...");
|
||||
|
||||
// build XML DOM of users
|
||||
List<Element> users = toDomUsers();
|
||||
List<Element> users = toDomUsers(certificate);
|
||||
Element rootElement = DocumentFactory.getInstance().createElement(XmlConstants.XML_USERS);
|
||||
for (Element userElement : users) {
|
||||
rootElement.add(userElement);
|
||||
}
|
||||
|
||||
// get users file name
|
||||
String usersFileName = parameterMap.get(XmlConstants.XML_PARAM_USERS_FILE);
|
||||
if (usersFileName == null || usersFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + SessionHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_USERS_FILE + " is invalid");
|
||||
}
|
||||
|
||||
// get users file
|
||||
File usersFile = new File(PrivilegeContainer.getInstance().getBasePath() + "/" + usersFileName);
|
||||
|
||||
// write DOM to file
|
||||
XmlHelper.writeDocument(rootElement, usersFile);
|
||||
userMapDirty = true;
|
||||
}
|
||||
|
||||
// ROLES
|
||||
if (!roleMapDirty) {
|
||||
logger.warn("No roles unpersisted.");
|
||||
// get roles file name
|
||||
String rolesFileName = parameterMap.get(XmlConstants.XML_PARAM_ROLES_FILE);
|
||||
if (rolesFileName == null || rolesFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + SessionHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_ROLES_FILE + " is invalid");
|
||||
}
|
||||
// get roles file
|
||||
File rolesFile = new File(PrivilegeContainer.getInstance().getBasePath() + "/" + rolesFileName);
|
||||
boolean rolesFileUnchanged = rolesFile.exists() && rolesFile.lastModified() == rolesFileDate;
|
||||
if (!roleMapDirty && rolesFileUnchanged) {
|
||||
logger.warn("No roles unpersisted and roles file unchanged on file system");
|
||||
} else {
|
||||
logger.info("Persisting roles...");
|
||||
|
||||
|
@ -169,23 +194,24 @@ public class DefaultPersistenceHandler implements PersistenceHandler {
|
|||
rootElement.add(roleElement);
|
||||
}
|
||||
|
||||
// get roles file name
|
||||
String rolesFileName = parameterMap.get(XmlConstants.XML_PARAM_ROLES_FILE);
|
||||
if (rolesFileName == null || rolesFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + SessionHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_ROLES_FILE + " is invalid");
|
||||
}
|
||||
|
||||
// get roles file
|
||||
File rolesFile = new File(PrivilegeContainer.getInstance().getBasePath() + "/" + rolesFileName);
|
||||
|
||||
// write DOM to file
|
||||
XmlHelper.writeDocument(rootElement, rolesFile);
|
||||
roleMapDirty = true;
|
||||
}
|
||||
|
||||
// PRIVILEGES
|
||||
if (!privilegeMapDirty) {
|
||||
logger.warn("No privileges unpersisted.");
|
||||
// get privileges file name
|
||||
String privilegesFileName = parameterMap.get(XmlConstants.XML_PARAM_PRIVILEGES_FILE);
|
||||
if (privilegesFileName == null || privilegesFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + SessionHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_PRIVILEGES_FILE + " is invalid");
|
||||
}
|
||||
// get privileges file
|
||||
File privilegesFile = new File(PrivilegeContainer.getInstance().getBasePath() + "/" + privilegesFileName);
|
||||
boolean privilegesFileUnchanged = privilegesFile.exists()
|
||||
&& privilegesFile.lastModified() == privilegesFileDate;
|
||||
if (!privilegeMapDirty && privilegesFileUnchanged) {
|
||||
logger.warn("No privileges unpersisted and privileges file unchanged on file system");
|
||||
} else {
|
||||
logger.info("Persisting privileges...");
|
||||
|
||||
|
@ -196,23 +222,26 @@ public class DefaultPersistenceHandler implements PersistenceHandler {
|
|||
rootElement.add(privilegeElement);
|
||||
}
|
||||
|
||||
// get privileges file name
|
||||
String privilegesFileName = parameterMap.get(XmlConstants.XML_PARAM_PRIVILEGES_FILE);
|
||||
if (privilegesFileName == null || privilegesFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + SessionHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_PRIVILEGES_FILE + " is invalid");
|
||||
}
|
||||
|
||||
// get privileges file
|
||||
File privilegesFile = new File(PrivilegeContainer.getInstance().getBasePath() + "/" + privilegesFileName);
|
||||
|
||||
// write DOM to file
|
||||
XmlHelper.writeDocument(rootElement, privilegesFile);
|
||||
privilegeMapDirty = true;
|
||||
}
|
||||
|
||||
userMapDirty = false;
|
||||
roleMapDirty = false;
|
||||
privilegeMapDirty = false;
|
||||
// reset dirty states and return if something was dirty, false otherwise
|
||||
if (userMapDirty || roleMapDirty || privilegeMapDirty) {
|
||||
userMapDirty = false;
|
||||
roleMapDirty = false;
|
||||
privilegeMapDirty = false;
|
||||
|
||||
return true;
|
||||
|
||||
} else {
|
||||
userMapDirty = false;
|
||||
roleMapDirty = false;
|
||||
privilegeMapDirty = false;
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -249,6 +278,7 @@ public class DefaultPersistenceHandler implements PersistenceHandler {
|
|||
|
||||
// read roles
|
||||
readRoles(rolesRootElement);
|
||||
rolesFileDate = rolesFile.lastModified();
|
||||
|
||||
// get users file name
|
||||
String usersFileName = parameterMap.get(XmlConstants.XML_PARAM_USERS_FILE);
|
||||
|
@ -270,6 +300,7 @@ public class DefaultPersistenceHandler implements PersistenceHandler {
|
|||
|
||||
// read users
|
||||
readUsers(usersRootElement);
|
||||
usersFileDate = usersFile.lastModified();
|
||||
|
||||
// get privileges file name
|
||||
String privilegesFileName = parameterMap.get(XmlConstants.XML_PARAM_PRIVILEGES_FILE);
|
||||
|
@ -291,6 +322,7 @@ public class DefaultPersistenceHandler implements PersistenceHandler {
|
|||
|
||||
// read privileges
|
||||
readPrivileges(privilegesRootElement);
|
||||
privilegesFileDate = privilegesFile.lastModified();
|
||||
|
||||
userMapDirty = false;
|
||||
roleMapDirty = false;
|
||||
|
@ -487,7 +519,7 @@ public class DefaultPersistenceHandler implements PersistenceHandler {
|
|||
return rolesAsElements;
|
||||
}
|
||||
|
||||
private List<Element> toDomUsers() {
|
||||
private List<Element> toDomUsers(Certificate certificate) {
|
||||
|
||||
List<Element> usersAsElements = new ArrayList<Element>(userMap.size());
|
||||
|
||||
|
@ -500,7 +532,7 @@ public class DefaultPersistenceHandler implements PersistenceHandler {
|
|||
// create the user element
|
||||
Element userElement = documentFactory.createElement(XmlConstants.XML_USER);
|
||||
userElement.addAttribute(XmlConstants.XML_ATTR_USERNAME, user.getUsername());
|
||||
userElement.addAttribute(XmlConstants.XML_ATTR_PASSWORD, user.getPassword());
|
||||
userElement.addAttribute(XmlConstants.XML_ATTR_PASSWORD, user.getPassword(certificate));
|
||||
|
||||
// add first name element
|
||||
Element firstnameElement = documentFactory.createElement(XmlConstants.XML_FIRSTNAME);
|
||||
|
|
|
@ -36,7 +36,6 @@ public class DefaultSessionHandler implements SessionHandler {
|
|||
|
||||
private static long lastSessionId;
|
||||
|
||||
private PersistenceHandler persistenceHandler;
|
||||
private Map<String, CertificateSessionPair> sessionMap;
|
||||
|
||||
/**
|
||||
|
@ -66,7 +65,7 @@ public class DefaultSessionHandler implements SessionHandler {
|
|||
PrivilegeContainer privilegeContainer = PrivilegeContainer.getInstance();
|
||||
|
||||
// get user object
|
||||
User user = persistenceHandler.getUser(certificate.getUsername());
|
||||
User user = PrivilegeContainer.getInstance().getModelHandler().getUser(certificate.getUsername());
|
||||
if (user == null) {
|
||||
throw new PrivilegeException(
|
||||
"Oh boy, how did this happen: No User in user map although the certificate is valid!");
|
||||
|
@ -80,7 +79,7 @@ public class DefaultSessionHandler implements SessionHandler {
|
|||
PolicyHandler policyHandler = privilegeContainer.getPolicyHandler();
|
||||
for (String roleName : user.getRoles()) {
|
||||
|
||||
Role role = persistenceHandler.getRole(roleName);
|
||||
Role role = PrivilegeContainer.getInstance().getModelHandler().getRole(roleName);
|
||||
if (role == null) {
|
||||
logger.error("No role is defined with name " + roleName + " which is configured for user " + user);
|
||||
continue;
|
||||
|
@ -124,7 +123,8 @@ public class DefaultSessionHandler implements SessionHandler {
|
|||
+ certificate.getSessionId());
|
||||
|
||||
// get user object
|
||||
User user = persistenceHandler.getUser(certificateSessionPair.session.getUsername());
|
||||
User user = PrivilegeContainer.getInstance().getModelHandler().getUser(
|
||||
certificateSessionPair.session.getUsername());
|
||||
|
||||
// if user exists, then certificate is valid
|
||||
if (user == null) {
|
||||
|
@ -156,13 +156,13 @@ public class DefaultSessionHandler implements SessionHandler {
|
|||
String passwordHash = encryptionHandler.convertToHash(password);
|
||||
|
||||
// get user object
|
||||
User user = persistenceHandler.getUser(username);
|
||||
User user = PrivilegeContainer.getInstance().getModelHandler().getUser(username);
|
||||
// no user means no authentication
|
||||
if (user == null)
|
||||
throw new AccessDeniedException("There is no user defined with the credentials: " + username + " / ***...");
|
||||
|
||||
// validate password
|
||||
if (!user.getPassword().equals(passwordHash))
|
||||
if (!user.isPassword(passwordHash))
|
||||
throw new AccessDeniedException("Password is incorrect for " + username + " / ***...");
|
||||
|
||||
// validate if user is allowed to login
|
||||
|
|
|
@ -0,0 +1,77 @@
|
|||
/*
|
||||
* Copyright (c) 2010
|
||||
*
|
||||
* Robert von Burg
|
||||
* eitch@eitchnet.ch
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.handler;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
|
||||
import ch.eitchnet.privilege.base.PrivilegeContainerObject;
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
import ch.eitchnet.privilege.model.PrivilegeRep;
|
||||
import ch.eitchnet.privilege.model.RoleRep;
|
||||
import ch.eitchnet.privilege.model.UserRep;
|
||||
import ch.eitchnet.privilege.model.UserState;
|
||||
import ch.eitchnet.privilege.model.internal.Privilege;
|
||||
import ch.eitchnet.privilege.model.internal.Role;
|
||||
import ch.eitchnet.privilege.model.internal.User;
|
||||
|
||||
/**
|
||||
* @author rvonburg
|
||||
*
|
||||
*/
|
||||
public interface ModelHandler extends PrivilegeContainerObject {
|
||||
|
||||
public void setPersistenceHandler(PersistenceHandler persistenceHandler);
|
||||
|
||||
public User getUser(String username);
|
||||
|
||||
public void addOrReplaceUser(Certificate certificate, UserRep userRep);
|
||||
|
||||
public UserRep removeUser(Certificate certificate, String username);
|
||||
|
||||
public void setUserPassword(Certificate certificate, String username, String password);
|
||||
|
||||
public void setUserNamePassword(Certificate certificate, String username, String firstname, String surname);
|
||||
|
||||
public void setUserState(Certificate certificate, String username, UserState state);
|
||||
|
||||
public void setUserLocaleState(Certificate certificate, String username, Locale locale);
|
||||
|
||||
public void addRoleToUser(Certificate certificate, String username, String rolename);
|
||||
|
||||
public void removeRoleFromUser(Certificate certificate, String username, String rolename);
|
||||
|
||||
public void addOrReplaceRole(Certificate certificate, RoleRep roleRep);
|
||||
|
||||
public Role getRole(String roleName);
|
||||
|
||||
public RoleRep removeRole(Certificate certificate, String roleName);
|
||||
|
||||
public void addPrivilegeToRole(Certificate certificate, String roleName, String privilegeName);
|
||||
|
||||
public void removePrivilegeFromRole(Certificate certificate, String roleName, String privilegeName);
|
||||
|
||||
public Privilege getPrivilege(String privilegeName);
|
||||
|
||||
public void addOrReplacePrivilege(Certificate certificate, PrivilegeRep privilegeRep);
|
||||
|
||||
public PrivilegeRep removePrivilege(Certificate certificate, String privilegeName);
|
||||
|
||||
public void setPrivilegePolicy(Certificate certificate, String privilegeName, String policyName);
|
||||
|
||||
public void setPrivilegeAllAllowed(Certificate certificate, String privilegeName, boolean allAllowed);
|
||||
|
||||
public void setPrivilegeDenyList(Certificate certificate, String privilegeName, List<String> denyList);
|
||||
|
||||
public void setPrivilegeAllowList(Certificate certificate, String privilegeName, List<String> allowList);
|
||||
|
||||
public boolean persist(Certificate certificate);
|
||||
}
|
|
@ -1,41 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2010
|
||||
*
|
||||
* Robert von Burg
|
||||
* eitch@eitchnet.ch
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.handler;
|
||||
|
||||
import ch.eitchnet.privilege.base.PrivilegeContainerObject;
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
import ch.eitchnet.privilege.model.PrivilegeRep;
|
||||
import ch.eitchnet.privilege.model.RoleRep;
|
||||
import ch.eitchnet.privilege.model.UserRep;
|
||||
import ch.eitchnet.privilege.model.UserState;
|
||||
import ch.eitchnet.privilege.model.internal.Privilege;
|
||||
|
||||
/**
|
||||
* @author rvonburg
|
||||
*
|
||||
*/
|
||||
public interface ModificationHandler extends PrivilegeContainerObject {
|
||||
|
||||
public void addOrReplaceUser(Certificate certificate, UserRep userRep);
|
||||
|
||||
public void setUserPassword(Certificate certificate, String username, String password);
|
||||
|
||||
public void setUserState(Certificate certificate, String username, UserState state);
|
||||
|
||||
public void addOrReplaceRole(Certificate certificate, RoleRep roleRep);
|
||||
|
||||
public void addRoleToUser(Certificate certificate, String username, String role);
|
||||
|
||||
public void addOrReplacePrivilege(Certificate certificate, Privilege privilege);
|
||||
|
||||
public void addPrivilegeToRole(Certificate certificate, String roleName, PrivilegeRep privilegeRep);
|
||||
|
||||
}
|
|
@ -27,15 +27,21 @@ public interface PersistenceHandler extends PrivilegeContainerObject {
|
|||
|
||||
public User getUser(String username);
|
||||
|
||||
public void addOrReplaceUser(Certificate certificate, User user);
|
||||
public void addOrReplaceUser(User user);
|
||||
|
||||
public User removeUser(String username);
|
||||
|
||||
public Role getRole(String roleName);
|
||||
|
||||
public void addOrReplaceRole(Certificate certificate, Role role);
|
||||
public void addOrReplaceRole(Role role);
|
||||
|
||||
public Role removeRole(String roleName);
|
||||
|
||||
public Privilege getPrivilege(String privilegeName);
|
||||
|
||||
public void addOrReplacePrivilege(Certificate certificate, Privilege privilege);
|
||||
public void addOrReplacePrivilege(Privilege privilege);
|
||||
|
||||
public void persist(Certificate certificate);
|
||||
public Privilege removePrivilege(String privilegeName);
|
||||
|
||||
public boolean persist(Certificate certificate);
|
||||
}
|
||||
|
|
|
@ -18,7 +18,7 @@ import ch.eitchnet.privilege.model.internal.User;
|
|||
|
||||
/**
|
||||
* @author rvonburg
|
||||
*
|
||||
*
|
||||
*/
|
||||
public class PrivilegeHelper {
|
||||
|
||||
|
@ -29,7 +29,7 @@ public class PrivilegeHelper {
|
|||
}
|
||||
|
||||
// get user object
|
||||
User user = PrivilegeContainer.getInstance().getPersistenceHandler().getUser(certificate.getUsername());
|
||||
User user = PrivilegeContainer.getInstance().getModelHandler().getUser(certificate.getUsername());
|
||||
if (user == null) {
|
||||
throw new PrivilegeException(
|
||||
"Oh boy, how did this happen: No User in user map although the certificate is valid!");
|
||||
|
|
|
@ -19,7 +19,7 @@ import org.apache.log4j.Logger;
|
|||
import org.apache.log4j.PatternLayout;
|
||||
|
||||
import ch.eitchnet.privilege.base.PrivilegeContainer;
|
||||
import ch.eitchnet.privilege.handler.PersistenceHandler;
|
||||
import ch.eitchnet.privilege.handler.ModelHandler;
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
|
||||
/**
|
||||
|
@ -43,7 +43,7 @@ public class TestConfigurationHelper {
|
|||
PrivilegeContainer privilegeContainer = PrivilegeContainer.getInstance();
|
||||
privilegeContainer.initialize(privilegeContainerXml);
|
||||
|
||||
PersistenceHandler persistenceHandler = privilegeContainer.getPersistenceHandler();
|
||||
ModelHandler modelHandler = privilegeContainer.getModelHandler();
|
||||
|
||||
for (int i = 0; i < 10; i++) {
|
||||
// let's authenticate a session
|
||||
|
|
|
@ -14,7 +14,9 @@ import java.util.Collections;
|
|||
import java.util.Locale;
|
||||
import java.util.Set;
|
||||
|
||||
import ch.eitchnet.privilege.helper.PrivilegeHelper;
|
||||
import ch.eitchnet.privilege.i18n.PrivilegeException;
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
import ch.eitchnet.privilege.model.UserRep;
|
||||
import ch.eitchnet.privilege.model.UserState;
|
||||
|
||||
|
@ -64,8 +66,18 @@ public final class User {
|
|||
/**
|
||||
* @return the password
|
||||
*/
|
||||
public String getPassword() {
|
||||
return password;
|
||||
public String getPassword(Certificate certificate) {
|
||||
if (PrivilegeHelper.isUserPrivilegeAdmin(certificate))
|
||||
return password;
|
||||
else
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the password
|
||||
*/
|
||||
public boolean isPassword(String password) {
|
||||
return this.password.equals(password);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -40,7 +40,7 @@ public class DefaultRestriction implements RestrictionPolicy {
|
|||
}
|
||||
|
||||
// get restriction object for users role
|
||||
Privilege privilege = PrivilegeContainer.getInstance().getPersistenceHandler().getPrivilege(restrictionKey);
|
||||
Privilege privilege = PrivilegeContainer.getInstance().getModelHandler().getPrivilege(restrictionKey);
|
||||
|
||||
// no restriction object means no privilege
|
||||
// TODO should default deny/allow policy be configurable?
|
||||
|
|
Loading…
Reference in New Issue