[Bugfix] cleaned up a lot of warnings
This commit is contained in:
parent
1d410a6ede
commit
a3e2515f38
|
@ -1,4 +1,4 @@
|
|||
#Wed May 19 19:28:29 CEST 2010
|
||||
#Sun Sep 19 16:32:10 CEST 2010
|
||||
eclipse.preferences.version=1
|
||||
org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
|
||||
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.6
|
||||
|
@ -7,6 +7,81 @@ org.eclipse.jdt.core.compiler.compliance=1.6
|
|||
org.eclipse.jdt.core.compiler.debug.lineNumber=generate
|
||||
org.eclipse.jdt.core.compiler.debug.localVariable=generate
|
||||
org.eclipse.jdt.core.compiler.debug.sourceFile=generate
|
||||
org.eclipse.jdt.core.compiler.doc.comment.support=enabled
|
||||
org.eclipse.jdt.core.compiler.problem.annotationSuperInterface=warning
|
||||
org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
|
||||
org.eclipse.jdt.core.compiler.problem.autoboxing=warning
|
||||
org.eclipse.jdt.core.compiler.problem.comparingIdentical=warning
|
||||
org.eclipse.jdt.core.compiler.problem.deadCode=warning
|
||||
org.eclipse.jdt.core.compiler.problem.deprecation=warning
|
||||
org.eclipse.jdt.core.compiler.problem.deprecationInDeprecatedCode=disabled
|
||||
org.eclipse.jdt.core.compiler.problem.deprecationWhenOverridingDeprecatedMethod=enabled
|
||||
org.eclipse.jdt.core.compiler.problem.discouragedReference=warning
|
||||
org.eclipse.jdt.core.compiler.problem.emptyStatement=warning
|
||||
org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
|
||||
org.eclipse.jdt.core.compiler.problem.fallthroughCase=warning
|
||||
org.eclipse.jdt.core.compiler.problem.fatalOptionalError=enabled
|
||||
org.eclipse.jdt.core.compiler.problem.fieldHiding=warning
|
||||
org.eclipse.jdt.core.compiler.problem.finalParameterBound=warning
|
||||
org.eclipse.jdt.core.compiler.problem.finallyBlockNotCompletingNormally=warning
|
||||
org.eclipse.jdt.core.compiler.problem.forbiddenReference=error
|
||||
org.eclipse.jdt.core.compiler.problem.hiddenCatchBlock=warning
|
||||
org.eclipse.jdt.core.compiler.problem.incompatibleNonInheritedInterfaceMethod=warning
|
||||
org.eclipse.jdt.core.compiler.problem.incompleteEnumSwitch=warning
|
||||
org.eclipse.jdt.core.compiler.problem.indirectStaticAccess=warning
|
||||
org.eclipse.jdt.core.compiler.problem.invalidJavadoc=warning
|
||||
org.eclipse.jdt.core.compiler.problem.invalidJavadocTags=enabled
|
||||
org.eclipse.jdt.core.compiler.problem.invalidJavadocTagsDeprecatedRef=enabled
|
||||
org.eclipse.jdt.core.compiler.problem.invalidJavadocTagsNotVisibleRef=enabled
|
||||
org.eclipse.jdt.core.compiler.problem.invalidJavadocTagsVisibility=private
|
||||
org.eclipse.jdt.core.compiler.problem.localVariableHiding=ignore
|
||||
org.eclipse.jdt.core.compiler.problem.methodWithConstructorName=warning
|
||||
org.eclipse.jdt.core.compiler.problem.missingDeprecatedAnnotation=warning
|
||||
org.eclipse.jdt.core.compiler.problem.missingHashCodeMethod=warning
|
||||
org.eclipse.jdt.core.compiler.problem.missingJavadocComments=warning
|
||||
org.eclipse.jdt.core.compiler.problem.missingJavadocCommentsOverriding=enabled
|
||||
org.eclipse.jdt.core.compiler.problem.missingJavadocCommentsVisibility=private
|
||||
org.eclipse.jdt.core.compiler.problem.missingJavadocTagDescription=all_standard_tags
|
||||
org.eclipse.jdt.core.compiler.problem.missingJavadocTags=warning
|
||||
org.eclipse.jdt.core.compiler.problem.missingJavadocTagsOverriding=enabled
|
||||
org.eclipse.jdt.core.compiler.problem.missingJavadocTagsVisibility=private
|
||||
org.eclipse.jdt.core.compiler.problem.missingOverrideAnnotation=warning
|
||||
org.eclipse.jdt.core.compiler.problem.missingSerialVersion=warning
|
||||
org.eclipse.jdt.core.compiler.problem.missingSynchronizedOnInheritedMethod=warning
|
||||
org.eclipse.jdt.core.compiler.problem.noEffectAssignment=warning
|
||||
org.eclipse.jdt.core.compiler.problem.noImplicitStringConversion=warning
|
||||
org.eclipse.jdt.core.compiler.problem.nonExternalizedStringLiteral=ignore
|
||||
org.eclipse.jdt.core.compiler.problem.nullReference=warning
|
||||
org.eclipse.jdt.core.compiler.problem.overridingPackageDefaultMethod=warning
|
||||
org.eclipse.jdt.core.compiler.problem.parameterAssignment=warning
|
||||
org.eclipse.jdt.core.compiler.problem.possibleAccidentalBooleanAssignment=warning
|
||||
org.eclipse.jdt.core.compiler.problem.potentialNullReference=warning
|
||||
org.eclipse.jdt.core.compiler.problem.rawTypeReference=warning
|
||||
org.eclipse.jdt.core.compiler.problem.redundantNullCheck=warning
|
||||
org.eclipse.jdt.core.compiler.problem.redundantSuperinterface=warning
|
||||
org.eclipse.jdt.core.compiler.problem.specialParameterHidingField=enabled
|
||||
org.eclipse.jdt.core.compiler.problem.staticAccessReceiver=warning
|
||||
org.eclipse.jdt.core.compiler.problem.suppressWarnings=enabled
|
||||
org.eclipse.jdt.core.compiler.problem.syntheticAccessEmulation=warning
|
||||
org.eclipse.jdt.core.compiler.problem.typeParameterHiding=warning
|
||||
org.eclipse.jdt.core.compiler.problem.uncheckedTypeOperation=warning
|
||||
org.eclipse.jdt.core.compiler.problem.undocumentedEmptyBlock=warning
|
||||
org.eclipse.jdt.core.compiler.problem.unhandledWarningToken=warning
|
||||
org.eclipse.jdt.core.compiler.problem.unnecessaryElse=warning
|
||||
org.eclipse.jdt.core.compiler.problem.unnecessaryTypeCheck=warning
|
||||
org.eclipse.jdt.core.compiler.problem.unqualifiedFieldAccess=warning
|
||||
org.eclipse.jdt.core.compiler.problem.unusedDeclaredThrownException=warning
|
||||
org.eclipse.jdt.core.compiler.problem.unusedDeclaredThrownExceptionExemptExceptionAndThrowable=enabled
|
||||
org.eclipse.jdt.core.compiler.problem.unusedDeclaredThrownExceptionIncludeDocCommentReference=enabled
|
||||
org.eclipse.jdt.core.compiler.problem.unusedDeclaredThrownExceptionWhenOverriding=disabled
|
||||
org.eclipse.jdt.core.compiler.problem.unusedImport=warning
|
||||
org.eclipse.jdt.core.compiler.problem.unusedLabel=warning
|
||||
org.eclipse.jdt.core.compiler.problem.unusedLocal=warning
|
||||
org.eclipse.jdt.core.compiler.problem.unusedParameter=warning
|
||||
org.eclipse.jdt.core.compiler.problem.unusedParameterIncludeDocCommentReference=enabled
|
||||
org.eclipse.jdt.core.compiler.problem.unusedParameterWhenImplementingAbstract=disabled
|
||||
org.eclipse.jdt.core.compiler.problem.unusedParameterWhenOverridingConcrete=disabled
|
||||
org.eclipse.jdt.core.compiler.problem.unusedPrivateMember=warning
|
||||
org.eclipse.jdt.core.compiler.problem.unusedWarningToken=warning
|
||||
org.eclipse.jdt.core.compiler.problem.varargsArgumentNeedCast=warning
|
||||
org.eclipse.jdt.core.compiler.source=1.6
|
||||
|
|
|
@ -38,10 +38,10 @@ public class DefaultEncryptionHandler implements EncryptionHandler {
|
|||
public String convertToHash(String string) {
|
||||
try {
|
||||
|
||||
return EncryptionHelper.encryptString(hashAlgorithm, string);
|
||||
return EncryptionHelper.encryptString(this.hashAlgorithm, string);
|
||||
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
throw new PrivilegeException("Algorithm " + hashAlgorithm + " was not found!", e);
|
||||
throw new PrivilegeException("Algorithm " + this.hashAlgorithm + " was not found!", e);
|
||||
} catch (UnsupportedEncodingException e) {
|
||||
throw new PrivilegeException("Charset ASCII is not supported!", e);
|
||||
}
|
||||
|
@ -53,7 +53,7 @@ public class DefaultEncryptionHandler implements EncryptionHandler {
|
|||
@Override
|
||||
public String nextToken() {
|
||||
byte[] bytes = new byte[16];
|
||||
secureRandom.nextBytes(bytes);
|
||||
this.secureRandom.nextBytes(bytes);
|
||||
String randomString = new String(bytes);
|
||||
//String randomString = new BigInteger(80, secureRandom).toString(32); // 80 big integer bits = 16 chars
|
||||
return randomString;
|
||||
|
@ -65,11 +65,11 @@ public class DefaultEncryptionHandler implements EncryptionHandler {
|
|||
@Override
|
||||
public void initialize(Map<String, String> parameterMap) {
|
||||
|
||||
secureRandom = new SecureRandom();
|
||||
this.secureRandom = new SecureRandom();
|
||||
|
||||
// get hash algorithm parameters
|
||||
hashAlgorithm = parameterMap.get(XmlConstants.XML_PARAM_HASH_ALGORITHM);
|
||||
if (hashAlgorithm == null || hashAlgorithm.isEmpty()) {
|
||||
this.hashAlgorithm = parameterMap.get(XmlConstants.XML_PARAM_HASH_ALGORITHM);
|
||||
if (this.hashAlgorithm == null || this.hashAlgorithm.isEmpty()) {
|
||||
throw new PrivilegeException("[" + EncryptionHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_HASH_ALGORITHM + " is invalid");
|
||||
}
|
||||
|
@ -77,7 +77,7 @@ public class DefaultEncryptionHandler implements EncryptionHandler {
|
|||
// test hash algorithm
|
||||
try {
|
||||
convertToHash("test");
|
||||
logger.info("Using hashing algorithm " + hashAlgorithm);
|
||||
logger.info("Using hashing algorithm " + this.hashAlgorithm);
|
||||
} catch (Exception e) {
|
||||
throw new PrivilegeException("[" + EncryptionHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_HASH_ALGORITHM + " is invalid because of underlying exception: "
|
||||
|
|
|
@ -38,13 +38,29 @@ import ch.eitchnet.privilege.policy.PrivilegePolicy;
|
|||
*/
|
||||
public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
||||
|
||||
/**
|
||||
* log4j logger
|
||||
*/
|
||||
private static final Logger logger = Logger.getLogger(DefaultPrivilegeHandler.class);
|
||||
|
||||
/**
|
||||
* last assigned id for the {@link Session}s
|
||||
*/
|
||||
private static long lastSessionId;
|
||||
|
||||
/**
|
||||
* Map keeping a reference to all active sessions with their certificates
|
||||
*/
|
||||
private Map<String, CertificateSessionPair> sessionMap;
|
||||
|
||||
/**
|
||||
* The persistence handler is used for getting objects and saving changes
|
||||
*/
|
||||
private PersistenceHandler persistenceHandler;
|
||||
|
||||
/**
|
||||
* The encryption handler is used for generating hashes and tokens
|
||||
*/
|
||||
private EncryptionHandler encryptionHandler;
|
||||
|
||||
/**
|
||||
|
@ -52,7 +68,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
*/
|
||||
@Override
|
||||
public PrivilegeRep getPrivilege(String privilegeName) {
|
||||
return persistenceHandler.getPrivilege(privilegeName).asPrivilegeRep();
|
||||
return this.persistenceHandler.getPrivilege(privilegeName).asPrivilegeRep();
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -60,7 +76,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
*/
|
||||
@Override
|
||||
public RoleRep getRole(String roleName) {
|
||||
return persistenceHandler.getRole(roleName).asRoleRep();
|
||||
return this.persistenceHandler.getRole(roleName).asRoleRep();
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -68,7 +84,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
*/
|
||||
@Override
|
||||
public UserRep getUser(String username) {
|
||||
return persistenceHandler.getUser(username).asUserRep();
|
||||
return this.persistenceHandler.getUser(username).asUserRep();
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -76,7 +92,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
*/
|
||||
@Override
|
||||
public PrivilegePolicy getPolicy(String policyName) {
|
||||
return persistenceHandler.getPolicy(policyName);
|
||||
return this.persistenceHandler.getPolicy(policyName);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -94,7 +110,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
.isAllAllowed(), privilegeRep.getDenyList(), privilegeRep.getAllowList());
|
||||
|
||||
// delegate to persistence handler
|
||||
persistenceHandler.addOrReplacePrivilege(privilege);
|
||||
this.persistenceHandler.addOrReplacePrivilege(privilege);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -111,7 +127,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
Role role = new Role(roleRep.getName(), roleRep.getPrivileges());
|
||||
|
||||
// delegate to persistence handler
|
||||
persistenceHandler.addOrReplaceRole(role);
|
||||
this.persistenceHandler.addOrReplaceRole(role);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -124,22 +140,22 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
// validate who is doing this
|
||||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
// validate password meets basic requirements
|
||||
validatePassword(password);
|
||||
String passwordHash = null;
|
||||
if (password != null) {
|
||||
|
||||
// hash password
|
||||
String passwordHash;
|
||||
if (password == null)
|
||||
passwordHash = null;
|
||||
else
|
||||
passwordHash = encryptionHandler.convertToHash(password);
|
||||
// validate password meets basic requirements
|
||||
validatePassword(password);
|
||||
|
||||
// hash password
|
||||
passwordHash = this.encryptionHandler.convertToHash(password);
|
||||
}
|
||||
|
||||
// create new user
|
||||
User user = new User(userRep.getUsername(), passwordHash, userRep.getFirstname(), userRep.getSurname(), userRep
|
||||
.getUserState(), userRep.getRoles(), userRep.getLocale());
|
||||
|
||||
// delegate to persistence handler
|
||||
persistenceHandler.addOrReplaceUser(user);
|
||||
this.persistenceHandler.addOrReplaceUser(user);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -153,7 +169,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
// get role
|
||||
Role role = persistenceHandler.getRole(roleName);
|
||||
Role role = this.persistenceHandler.getRole(roleName);
|
||||
if (role == null) {
|
||||
throw new PrivilegeException("Role " + roleName + " does not exist!");
|
||||
}
|
||||
|
@ -178,7 +194,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
Role newRole = new Role(role.getName(), newPrivileges);
|
||||
|
||||
// delegate role replacement to persistence handler
|
||||
persistenceHandler.addOrReplaceRole(newRole);
|
||||
this.persistenceHandler.addOrReplaceRole(newRole);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -192,7 +208,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
// get user
|
||||
User user = persistenceHandler.getUser(username);
|
||||
User user = this.persistenceHandler.getUser(username);
|
||||
if (user == null) {
|
||||
throw new PrivilegeException("User " + username + " does not exist!");
|
||||
}
|
||||
|
@ -217,7 +233,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
.getState(), newRoles, user.getLocale());
|
||||
|
||||
// delegate user replacement to persistence handler
|
||||
persistenceHandler.addOrReplaceUser(newUser);
|
||||
this.persistenceHandler.addOrReplaceUser(newUser);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -231,13 +247,13 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
// delegate privilege removal to persistence handler
|
||||
Privilege removedPrivilege = persistenceHandler.removePrivilege(privilegeName);
|
||||
Privilege removedPrivilege = this.persistenceHandler.removePrivilege(privilegeName);
|
||||
|
||||
if (removedPrivilege == null)
|
||||
return null;
|
||||
|
||||
// return privilege rep if it was removed
|
||||
if (removedPrivilege != null)
|
||||
return removedPrivilege.asPrivilegeRep();
|
||||
else
|
||||
return null;
|
||||
return removedPrivilege.asPrivilegeRep();
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -251,7 +267,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
// get role
|
||||
Role role = persistenceHandler.getRole(roleName);
|
||||
Role role = this.persistenceHandler.getRole(roleName);
|
||||
if (role == null) {
|
||||
throw new PrivilegeException("Role " + roleName + " does not exist!");
|
||||
}
|
||||
|
@ -269,7 +285,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
Role newRole = new Role(role.getName(), newPrivileges);
|
||||
|
||||
// delegate user replacement to persistence handler
|
||||
persistenceHandler.addOrReplaceRole(newRole);
|
||||
this.persistenceHandler.addOrReplaceRole(newRole);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -283,13 +299,13 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
// delegate role removal to persistence handler
|
||||
Role removedRole = persistenceHandler.removeRole(roleName);
|
||||
Role removedRole = this.persistenceHandler.removeRole(roleName);
|
||||
|
||||
// return role rep if it was removed
|
||||
if (removedRole != null)
|
||||
return removedRole.asRoleRep();
|
||||
else
|
||||
if (removedRole == null)
|
||||
return null;
|
||||
|
||||
// return role rep if it was removed
|
||||
return removedRole.asRoleRep();
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -303,7 +319,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
// get User
|
||||
User user = persistenceHandler.getUser(username);
|
||||
User user = this.persistenceHandler.getUser(username);
|
||||
if (user == null) {
|
||||
throw new PrivilegeException("User " + username + " does not exist!");
|
||||
}
|
||||
|
@ -322,7 +338,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
.getState(), newRoles, user.getLocale());
|
||||
|
||||
// delegate user replacement to persistence handler
|
||||
persistenceHandler.addOrReplaceUser(newUser);
|
||||
this.persistenceHandler.addOrReplaceUser(newUser);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -336,13 +352,15 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
// delegate user removal to persistence handler
|
||||
User removedUser = persistenceHandler.removeUser(username);
|
||||
User removedUser = this.persistenceHandler.removeUser(username);
|
||||
|
||||
// return user rep if it was removed
|
||||
if (removedUser != null)
|
||||
return removedUser.asUserRep();
|
||||
else
|
||||
if (removedUser == null)
|
||||
return null;
|
||||
|
||||
// return user rep if it was removed
|
||||
return removedUser.asUserRep();
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -356,7 +374,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
// get Privilege
|
||||
Privilege privilege = persistenceHandler.getPrivilege(privilegeName);
|
||||
Privilege privilege = this.persistenceHandler.getPrivilege(privilegeName);
|
||||
if (privilege == null) {
|
||||
throw new PrivilegeException("Privilege " + privilegeName + " does not exist!");
|
||||
}
|
||||
|
@ -373,7 +391,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
.getDenyList(), privilege.getAllowList());
|
||||
|
||||
// delegate privilege replacement to persistence handler
|
||||
persistenceHandler.addOrReplacePrivilege(newPrivilege);
|
||||
this.persistenceHandler.addOrReplacePrivilege(newPrivilege);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -387,7 +405,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
// get Privilege
|
||||
Privilege privilege = persistenceHandler.getPrivilege(privilegeName);
|
||||
Privilege privilege = this.persistenceHandler.getPrivilege(privilegeName);
|
||||
if (privilege == null) {
|
||||
throw new PrivilegeException("Privilege " + privilegeName + " does not exist!");
|
||||
}
|
||||
|
@ -397,7 +415,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
privilege.getDenyList(), allowList);
|
||||
|
||||
// delegate privilege replacement to persistence handler
|
||||
persistenceHandler.addOrReplacePrivilege(newPrivilege);
|
||||
this.persistenceHandler.addOrReplacePrivilege(newPrivilege);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -411,7 +429,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
// get Privilege
|
||||
Privilege privilege = persistenceHandler.getPrivilege(privilegeName);
|
||||
Privilege privilege = this.persistenceHandler.getPrivilege(privilegeName);
|
||||
if (privilege == null) {
|
||||
throw new PrivilegeException("Privilege " + privilegeName + " does not exist!");
|
||||
}
|
||||
|
@ -421,7 +439,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
denyList, privilege.getAllowList());
|
||||
|
||||
// delegate privilege replacement to persistence handler
|
||||
persistenceHandler.addOrReplacePrivilege(newPrivilege);
|
||||
this.persistenceHandler.addOrReplacePrivilege(newPrivilege);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -435,7 +453,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
// get Privilege
|
||||
Privilege privilege = persistenceHandler.getPrivilege(privilegeName);
|
||||
Privilege privilege = this.persistenceHandler.getPrivilege(privilegeName);
|
||||
if (privilege == null) {
|
||||
throw new PrivilegeException("Privilege " + privilegeName + " does not exist!");
|
||||
}
|
||||
|
@ -445,7 +463,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
.getDenyList(), privilege.getAllowList());
|
||||
|
||||
// delegate privilege replacement to persistence handler
|
||||
persistenceHandler.addOrReplacePrivilege(newPrivilege);
|
||||
this.persistenceHandler.addOrReplacePrivilege(newPrivilege);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -459,7 +477,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
// get User
|
||||
User user = persistenceHandler.getUser(username);
|
||||
User user = this.persistenceHandler.getUser(username);
|
||||
if (user == null) {
|
||||
throw new PrivilegeException("User " + username + " does not exist!");
|
||||
}
|
||||
|
@ -469,7 +487,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
.getState(), user.getRoles(), locale);
|
||||
|
||||
// delegate user replacement to persistence handler
|
||||
persistenceHandler.addOrReplaceUser(newUser);
|
||||
this.persistenceHandler.addOrReplaceUser(newUser);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -483,7 +501,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
// get User
|
||||
User user = persistenceHandler.getUser(username);
|
||||
User user = this.persistenceHandler.getUser(username);
|
||||
if (user == null) {
|
||||
throw new PrivilegeException("User " + username + " does not exist!");
|
||||
}
|
||||
|
@ -493,7 +511,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
.getRoles(), user.getLocale());
|
||||
|
||||
// delegate user replacement to persistence handler
|
||||
persistenceHandler.addOrReplaceUser(newUser);
|
||||
this.persistenceHandler.addOrReplaceUser(newUser);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -507,20 +525,27 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
// get User
|
||||
User user = persistenceHandler.getUser(username);
|
||||
User user = this.persistenceHandler.getUser(username);
|
||||
if (user == null) {
|
||||
throw new PrivilegeException("User " + username + " does not exist!");
|
||||
}
|
||||
|
||||
// hash password
|
||||
String passwordHash = encryptionHandler.convertToHash(password);
|
||||
String passwordHash = null;
|
||||
if (password != null) {
|
||||
|
||||
// validate password meets basic requirements
|
||||
validatePassword(password);
|
||||
|
||||
// hash password
|
||||
passwordHash = this.encryptionHandler.convertToHash(password);
|
||||
}
|
||||
|
||||
// create new user
|
||||
User newUser = new User(user.getUsername(), passwordHash, user.getFirstname(), user.getSurname(), user
|
||||
.getState(), user.getRoles(), user.getLocale());
|
||||
|
||||
// delegate user replacement to persistence handler
|
||||
persistenceHandler.addOrReplaceUser(newUser);
|
||||
this.persistenceHandler.addOrReplaceUser(newUser);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -534,7 +559,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
// get User
|
||||
User user = persistenceHandler.getUser(username);
|
||||
User user = this.persistenceHandler.getUser(username);
|
||||
if (user == null) {
|
||||
throw new PrivilegeException("User " + username + " does not exist!");
|
||||
}
|
||||
|
@ -544,11 +569,11 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
user.getRoles(), user.getLocale());
|
||||
|
||||
// delegate user replacement to persistence handler
|
||||
persistenceHandler.addOrReplaceUser(newUser);
|
||||
this.persistenceHandler.addOrReplaceUser(newUser);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.SessionHandler#authenticate(java.lang.String, java.lang.String)
|
||||
* @see ch.eitchnet.privilege.handler.PrivilegeHandler#authenticate(java.lang.String, java.lang.String)
|
||||
*
|
||||
* @throws AccessDeniedException
|
||||
* if the user credentials are not valid
|
||||
|
@ -563,16 +588,19 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
throw new PrivilegeException("The given password is shorter than 3 characters");
|
||||
|
||||
// we only work with hashed passwords
|
||||
String passwordHash = encryptionHandler.convertToHash(password);
|
||||
String passwordHash = this.encryptionHandler.convertToHash(password);
|
||||
|
||||
// get user object
|
||||
User user = persistenceHandler.getUser(username);
|
||||
User user = this.persistenceHandler.getUser(username);
|
||||
// no user means no authentication
|
||||
if (user == null)
|
||||
throw new AccessDeniedException("There is no user defined with the credentials: " + username + " / ***...");
|
||||
|
||||
// validate password
|
||||
if (!user.isPassword(passwordHash))
|
||||
String pwHash = user.getPassword();
|
||||
if (pwHash == null)
|
||||
throw new AccessDeniedException("User has no password and may not login!");
|
||||
if (!pwHash.equals(passwordHash))
|
||||
throw new AccessDeniedException("Password is incorrect for " + username + " / ***...");
|
||||
|
||||
// validate if user is allowed to login
|
||||
|
@ -585,8 +613,8 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
}
|
||||
|
||||
// get 2 auth tokens
|
||||
String authToken = encryptionHandler.nextToken();
|
||||
String authPassword = encryptionHandler.nextToken();
|
||||
String authToken = this.encryptionHandler.nextToken();
|
||||
String authPassword = this.encryptionHandler.nextToken();
|
||||
|
||||
// get next session id
|
||||
String sessionId = nextSessionId();
|
||||
|
@ -597,7 +625,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
// create and save a new session
|
||||
Session session = new Session(sessionId, authToken, authPassword, user.getUsername(), System
|
||||
.currentTimeMillis());
|
||||
sessionMap.put(sessionId, new CertificateSessionPair(session, certificate));
|
||||
this.sessionMap.put(sessionId, new CertificateSessionPair(session, certificate));
|
||||
|
||||
// log
|
||||
logger.info("Authenticated: " + session);
|
||||
|
@ -609,12 +637,13 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
/**
|
||||
* TODO What is better, validate from {@link Restrictable} to {@link User} or the opposite direction?
|
||||
*
|
||||
* @see ch.eitchnet.privilege.handler.SessionHandler#actionAllowed(ch.eitchnet.privilege.model.Certificate,
|
||||
* ch.eitchnet.privilege.model.Restrictable)
|
||||
*
|
||||
* @throws AccessDeniedException
|
||||
* if the {@link Certificate} is not for a currently logged in {@link User} or if the user may not
|
||||
* perform the action defined by the {@link Restrictable} implementation
|
||||
*
|
||||
* @see ch.eitchnet.privilege.handler.PrivilegeHandler#actionAllowed(ch.eitchnet.privilege.model.Certificate,
|
||||
* ch.eitchnet.privilege.model.Restrictable)
|
||||
*/
|
||||
@Override
|
||||
public boolean actionAllowed(Certificate certificate, Restrictable restrictable) {
|
||||
|
@ -631,7 +660,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
throw new PrivilegeException("Restrictable may not be null!");
|
||||
|
||||
// get user object
|
||||
User user = persistenceHandler.getUser(certificate.getUsername());
|
||||
User user = this.persistenceHandler.getUser(certificate.getUsername());
|
||||
if (user == null) {
|
||||
throw new PrivilegeException(
|
||||
"Oh boy, how did this happen: No User in user map although the certificate is valid!");
|
||||
|
@ -644,7 +673,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
// now iterate roles and validate on policies
|
||||
for (String roleName : user.getRoles()) {
|
||||
|
||||
Role role = persistenceHandler.getRole(roleName);
|
||||
Role role = this.persistenceHandler.getRole(roleName);
|
||||
if (role == null) {
|
||||
logger.error("No role is defined with name " + roleName + " which is configured for user " + user);
|
||||
continue;
|
||||
|
@ -661,7 +690,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.PolicyHandler#actionAllowed(ch.eitchnet.privilege.model.internal.Role,
|
||||
* @see ch.eitchnet.privilege.handler.PrivilegeHandler#actionAllowed(ch.eitchnet.privilege.model.internal.Role,
|
||||
* ch.eitchnet.privilege.model.Restrictable)
|
||||
*/
|
||||
@Override
|
||||
|
@ -687,7 +716,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
}
|
||||
|
||||
// get the privilege for this restrictable
|
||||
Privilege privilege = persistenceHandler.getPrivilege(privilegeName);
|
||||
Privilege privilege = this.persistenceHandler.getPrivilege(privilegeName);
|
||||
if (privilege == null) {
|
||||
throw new PrivilegeException("No Privilege exists with the name " + privilegeName + " for Restrictable "
|
||||
+ restrictable.getClass().getName());
|
||||
|
@ -705,7 +734,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.SessionHandler#isCertificateValid(ch.eitchnet.privilege.model.Certificate)
|
||||
* @see ch.eitchnet.privilege.handler.PrivilegeHandler#isCertificateValid(ch.eitchnet.privilege.model.Certificate)
|
||||
*/
|
||||
@Override
|
||||
public boolean isCertificateValid(Certificate certificate) {
|
||||
|
@ -715,7 +744,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
throw new PrivilegeException("Certificate may not be null!");
|
||||
|
||||
// first see if a session exists for this certificate
|
||||
CertificateSessionPair certificateSessionPair = sessionMap.get(certificate.getSessionId());
|
||||
CertificateSessionPair certificateSessionPair = this.sessionMap.get(certificate.getSessionId());
|
||||
if (certificateSessionPair == null)
|
||||
throw new AccessDeniedException("There is no session information for " + certificate.toString());
|
||||
|
||||
|
@ -732,15 +761,16 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
+ certificate.getSessionId());
|
||||
|
||||
// get user object
|
||||
User user = persistenceHandler.getUser(certificateSessionPair.session.getUsername());
|
||||
User user = this.persistenceHandler.getUser(certificateSessionPair.session.getUsername());
|
||||
|
||||
// if user exists, then certificate is valid
|
||||
if (user == null) {
|
||||
throw new PrivilegeException(
|
||||
"Oh boy, how did this happen: No User in user map although the certificate is valid!");
|
||||
} else {
|
||||
return true;
|
||||
}
|
||||
|
||||
// everything is ok, so return true as the certificate must be valid
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -755,7 +785,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
}
|
||||
|
||||
// get user object
|
||||
User user = persistenceHandler.getUser(certificate.getUsername());
|
||||
User user = this.persistenceHandler.getUser(certificate.getUsername());
|
||||
if (user == null) {
|
||||
throw new PrivilegeException(
|
||||
"Oh boy, how did this happen: No User in user map although the certificate is valid! Certificate: "
|
||||
|
@ -789,7 +819,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
// validate who is doing this
|
||||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
return persistenceHandler.persist(certificate);
|
||||
return this.persistenceHandler.persist(certificate);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -804,7 +834,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
this.persistenceHandler = persistenceHandler;
|
||||
|
||||
lastSessionId = 0l;
|
||||
sessionMap = new HashMap<String, CertificateSessionPair>();
|
||||
this.sessionMap = new HashMap<String, CertificateSessionPair>();
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -820,9 +850,13 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
* @author rvonburg
|
||||
*/
|
||||
private class CertificateSessionPair {
|
||||
private Session session;
|
||||
private Certificate certificate;
|
||||
public final Session session;
|
||||
public final Certificate certificate;
|
||||
|
||||
/**
|
||||
* @param session
|
||||
* @param certificate
|
||||
*/
|
||||
public CertificateSessionPair(Session session, Certificate certificate) {
|
||||
this.session = session;
|
||||
this.certificate = certificate;
|
||||
|
|
|
@ -13,24 +13,36 @@ package ch.eitchnet.privilege.handler;
|
|||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* The {@link EncryptionHandler} exposes API which is used to handle encrypting of strings, or returning secure tokens
|
||||
* for certificates and so forth
|
||||
*
|
||||
* @author rvonburg
|
||||
*
|
||||
*/
|
||||
public interface EncryptionHandler {
|
||||
|
||||
/**
|
||||
* @return
|
||||
* Calculates or generates a token which can be used to identify certificates and so forth
|
||||
*
|
||||
* @return the secure token
|
||||
*/
|
||||
public String nextToken();
|
||||
|
||||
/**
|
||||
* Converts a given string, e.g. a password to a hash which is defined by the concrete implementation
|
||||
*
|
||||
* @param string
|
||||
* @return
|
||||
* the string to convert
|
||||
* @return the hash of the string after converting
|
||||
*/
|
||||
public String convertToHash(String string);
|
||||
|
||||
/**
|
||||
* Initialize the concrete {@link EncryptionHandler}. The passed parameter map contains any configuration this map
|
||||
* might need
|
||||
*
|
||||
* @param parameterMap
|
||||
* a map containing configuration properties
|
||||
*/
|
||||
public void initialize(Map<String, String> parameterMap);
|
||||
}
|
||||
|
|
|
@ -13,80 +13,135 @@ package ch.eitchnet.privilege.handler;
|
|||
import java.util.Map;
|
||||
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
import ch.eitchnet.privilege.model.Restrictable;
|
||||
import ch.eitchnet.privilege.model.internal.Privilege;
|
||||
import ch.eitchnet.privilege.model.internal.Role;
|
||||
import ch.eitchnet.privilege.model.internal.User;
|
||||
import ch.eitchnet.privilege.policy.PrivilegePolicy;
|
||||
|
||||
/**
|
||||
* <p>
|
||||
* The {@link PersistenceHandler} takes care of retrieving and persisting model objects to the underlying database. This
|
||||
* database can be simple XML files, or an LDAP and so forth
|
||||
* </p>
|
||||
*
|
||||
* <p>
|
||||
* The {@link PersistenceHandler} also serves the special {@link PrivilegePolicy} objects. These policies are special
|
||||
* objects which implement an algorithm to define if an action is allowed on a {@link Restrictable} by a {@link Role}
|
||||
* and {@link Privilege}
|
||||
* </p>
|
||||
*
|
||||
* @author rvonburg
|
||||
*
|
||||
*/
|
||||
public interface PersistenceHandler {
|
||||
|
||||
/**
|
||||
* Returns a {@link User} object from the underlying database
|
||||
*
|
||||
* @param username
|
||||
* @return
|
||||
* the name/id of the {@link User} object to return
|
||||
*
|
||||
* @return the {@link User} object, or null if it was not found
|
||||
*/
|
||||
public User getUser(String username);
|
||||
|
||||
/**
|
||||
* @param user
|
||||
*/
|
||||
public void addOrReplaceUser(User user);
|
||||
|
||||
/**
|
||||
* @param username
|
||||
* @return
|
||||
*/
|
||||
public User removeUser(String username);
|
||||
|
||||
/**
|
||||
* Returns a {@link Role} object from the underlying database
|
||||
*
|
||||
* @param roleName
|
||||
* @return
|
||||
* the name/id of the {@link Role} object to return
|
||||
*
|
||||
* @return the {@link Role} object, or null if it was not found
|
||||
*/
|
||||
public Role getRole(String roleName);
|
||||
|
||||
/**
|
||||
* @param role
|
||||
*/
|
||||
public void addOrReplaceRole(Role role);
|
||||
|
||||
/**
|
||||
* @param roleName
|
||||
* @return
|
||||
*/
|
||||
public Role removeRole(String roleName);
|
||||
|
||||
/**
|
||||
* Returns a {@link Privilege} object from the underlying database
|
||||
*
|
||||
* @param privilegeName
|
||||
* @return
|
||||
* the name/id of the {@link Privilege} object to return
|
||||
*
|
||||
* @return the {@link Privilege} object, or null if it was not found
|
||||
*/
|
||||
public Privilege getPrivilege(String privilegeName);
|
||||
|
||||
/**
|
||||
* @param privilege
|
||||
*/
|
||||
public void addOrReplacePrivilege(Privilege privilege);
|
||||
|
||||
/**
|
||||
* @param privilegeName
|
||||
* @return
|
||||
*/
|
||||
public Privilege removePrivilege(String privilegeName);
|
||||
|
||||
/**
|
||||
* <p>
|
||||
* Thus this method instantiates a {@link PrivilegePolicy} object from the given policyName. The
|
||||
* {@link PrivilegePolicy} is not stored in a database, but rather behind a privilege name a class name is stored
|
||||
* which then is used to instantiate a new object
|
||||
* </p>
|
||||
*
|
||||
* @param policyName
|
||||
* @return
|
||||
* the name/id of the {@link PrivilegePolicy} object to return
|
||||
*
|
||||
* @return the {@link PrivilegePolicy} object, or null if no class is defined for the given policy name
|
||||
*/
|
||||
public PrivilegePolicy getPolicy(String policyName);
|
||||
|
||||
/**
|
||||
* Removes a {@link User} with the given name and returns the removed object if it existed
|
||||
*
|
||||
* @param username
|
||||
* the name of the {@link User} to remove
|
||||
*
|
||||
* @return the {@link User} removed, or null if it did not exist
|
||||
*/
|
||||
public User removeUser(String username);
|
||||
|
||||
/**
|
||||
* Removes a {@link Role} with the given name and returns the removed object if it existed
|
||||
*
|
||||
* @param roleName
|
||||
* the name of the {@link Role} to remove
|
||||
*
|
||||
* @return the {@link Role} removed, or null if it did not exist
|
||||
*/
|
||||
public Role removeRole(String roleName);
|
||||
|
||||
/**
|
||||
* Removes a {@link Privilege} with the given name and returns the removed object if it existed
|
||||
*
|
||||
* @param privilegeName
|
||||
* the name of the {@link Privilege} to remove
|
||||
*
|
||||
* @return the {@link Privilege} removed, or null if it did not exist
|
||||
*/
|
||||
public Privilege removePrivilege(String privilegeName);
|
||||
|
||||
/**
|
||||
* Adds a {@link User} object to the underlying database. If the {@link User} already exists, it is replaced
|
||||
*
|
||||
* @param user
|
||||
* the {@link User} object to add
|
||||
*/
|
||||
public void addOrReplaceUser(User user);
|
||||
|
||||
/**
|
||||
* Adds a {@link Role} object to the underlying database. If the {@link Role} already exists, it is replaced
|
||||
*
|
||||
* @param role
|
||||
* the {@link User} object to add
|
||||
*/
|
||||
public void addOrReplaceRole(Role role);
|
||||
|
||||
/**
|
||||
* Adds a {@link Privilege} object to the underlying database. If the {@link Privilege} already exists, it is
|
||||
* replaced
|
||||
*
|
||||
* @param privilege
|
||||
* the {@link Privilege} object to add
|
||||
*/
|
||||
public void addOrReplacePrivilege(Privilege privilege);
|
||||
|
||||
/**
|
||||
* @param certificate
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
public boolean persist(Certificate certificate);
|
||||
|
||||
|
||||
/**
|
||||
* @param parameterMap
|
||||
*/
|
||||
|
|
|
@ -14,6 +14,7 @@ import java.util.Locale;
|
|||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import ch.eitchnet.privilege.i18n.AccessDeniedException;
|
||||
import ch.eitchnet.privilege.i18n.PrivilegeException;
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
import ch.eitchnet.privilege.model.PrivilegeRep;
|
||||
|
@ -22,6 +23,7 @@ import ch.eitchnet.privilege.model.RoleRep;
|
|||
import ch.eitchnet.privilege.model.UserRep;
|
||||
import ch.eitchnet.privilege.model.UserState;
|
||||
import ch.eitchnet.privilege.model.internal.Role;
|
||||
import ch.eitchnet.privilege.model.internal.User;
|
||||
import ch.eitchnet.privilege.policy.PrivilegePolicy;
|
||||
|
||||
/**
|
||||
|
|
|
@ -60,13 +60,12 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
private String basePath;
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#addOrReplacePrivilege(ch.eitchnet.privilege.model.Certificate,
|
||||
* ch.eitchnet.privilege.model.internal.Privilege)
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#addOrReplacePrivilege(ch.eitchnet.privilege.model.internal.Privilege)
|
||||
*/
|
||||
@Override
|
||||
public void addOrReplacePrivilege(Privilege privilege) {
|
||||
privilegeMap.put(privilege.getName(), privilege);
|
||||
privilegeMapDirty = true;
|
||||
this.privilegeMap.put(privilege.getName(), privilege);
|
||||
this.privilegeMapDirty = true;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -74,19 +73,18 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
*/
|
||||
@Override
|
||||
public Privilege removePrivilege(String privilegeName) {
|
||||
Privilege privilege = privilegeMap.remove(privilegeName);
|
||||
privilegeMapDirty = privilege != null;
|
||||
Privilege privilege = this.privilegeMap.remove(privilegeName);
|
||||
this.privilegeMapDirty = privilege != null;
|
||||
return privilege;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#addOrReplaceRole(ch.eitchnet.privilege.model.Certificate,
|
||||
* ch.eitchnet.privilege.model.internal.Role)
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#addOrReplaceRole(ch.eitchnet.privilege.model.internal.Role)
|
||||
*/
|
||||
@Override
|
||||
public void addOrReplaceRole(Role role) {
|
||||
roleMap.put(role.getName(), role);
|
||||
roleMapDirty = true;
|
||||
this.roleMap.put(role.getName(), role);
|
||||
this.roleMapDirty = true;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -94,19 +92,18 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
*/
|
||||
@Override
|
||||
public Role removeRole(String roleName) {
|
||||
Role role = roleMap.remove(roleName);
|
||||
roleMapDirty = role != null;
|
||||
Role role = this.roleMap.remove(roleName);
|
||||
this.roleMapDirty = role != null;
|
||||
return role;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#addOrReplaceUser(ch.eitchnet.privilege.model.Certificate,
|
||||
* ch.eitchnet.privilege.model.internal.User)
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#addOrReplaceUser(ch.eitchnet.privilege.model.internal.User)
|
||||
*/
|
||||
@Override
|
||||
public void addOrReplaceUser(User user) {
|
||||
userMap.put(user.getUsername(), user);
|
||||
userMapDirty = true;
|
||||
this.userMap.put(user.getUsername(), user);
|
||||
this.userMapDirty = true;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -114,8 +111,8 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
*/
|
||||
@Override
|
||||
public User removeUser(String username) {
|
||||
User user = userMap.remove(username);
|
||||
userMapDirty = user != null;
|
||||
User user = this.userMap.remove(username);
|
||||
this.userMapDirty = user != null;
|
||||
return user;
|
||||
}
|
||||
|
||||
|
@ -124,7 +121,7 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
*/
|
||||
@Override
|
||||
public Privilege getPrivilege(String privilegeName) {
|
||||
return privilegeMap.get(privilegeName);
|
||||
return this.privilegeMap.get(privilegeName);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -132,7 +129,7 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
*/
|
||||
@Override
|
||||
public Role getRole(String roleName) {
|
||||
return roleMap.get(roleName);
|
||||
return this.roleMap.get(roleName);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -140,7 +137,7 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
*/
|
||||
@Override
|
||||
public User getUser(String username) {
|
||||
return userMap.get(username);
|
||||
return this.userMap.get(username);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -150,7 +147,7 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
public PrivilegePolicy getPolicy(String policyName) {
|
||||
|
||||
// get the policies class
|
||||
Class<PrivilegePolicy> policyClazz = policyMap.get(policyName);
|
||||
Class<PrivilegePolicy> policyClazz = this.policyMap.get(policyName);
|
||||
if (policyClazz == null) {
|
||||
return null;
|
||||
}
|
||||
|
@ -169,21 +166,21 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
|
||||
// USERS
|
||||
// get users file name
|
||||
String usersFileName = parameterMap.get(XmlConstants.XML_PARAM_USERS_FILE);
|
||||
String usersFileName = this.parameterMap.get(XmlConstants.XML_PARAM_USERS_FILE);
|
||||
if (usersFileName == null || usersFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_USERS_FILE + " is invalid");
|
||||
}
|
||||
// get users file
|
||||
File usersFile = new File(basePath + "/" + usersFileName);
|
||||
boolean usersFileUnchanged = usersFile.exists() && usersFile.lastModified() == usersFileDate;
|
||||
if (!userMapDirty && usersFileUnchanged) {
|
||||
File usersFile = new File(this.basePath + "/" + usersFileName);
|
||||
boolean usersFileUnchanged = usersFile.exists() && usersFile.lastModified() == this.usersFileDate;
|
||||
if (!this.userMapDirty && usersFileUnchanged) {
|
||||
logger.warn("No users unpersisted and user file unchanged on file system");
|
||||
} else {
|
||||
logger.info("Persisting users...");
|
||||
|
||||
// build XML DOM of users
|
||||
List<Element> users = toDomUsers(certificate);
|
||||
List<Element> users = toDomUsers();
|
||||
Element rootElement = DocumentFactory.getInstance().createElement(XmlConstants.XML_USERS);
|
||||
for (Element userElement : users) {
|
||||
rootElement.add(userElement);
|
||||
|
@ -191,20 +188,20 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
|
||||
// write DOM to file
|
||||
XmlHelper.writeDocument(rootElement, usersFile);
|
||||
userMapDirty = true;
|
||||
this.userMapDirty = true;
|
||||
}
|
||||
|
||||
// ROLES
|
||||
// get roles file name
|
||||
String rolesFileName = parameterMap.get(XmlConstants.XML_PARAM_ROLES_FILE);
|
||||
String rolesFileName = this.parameterMap.get(XmlConstants.XML_PARAM_ROLES_FILE);
|
||||
if (rolesFileName == null || rolesFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_ROLES_FILE + " is invalid");
|
||||
}
|
||||
// get roles file
|
||||
File rolesFile = new File(basePath + "/" + rolesFileName);
|
||||
boolean rolesFileUnchanged = rolesFile.exists() && rolesFile.lastModified() == rolesFileDate;
|
||||
if (!roleMapDirty && rolesFileUnchanged) {
|
||||
File rolesFile = new File(this.basePath + "/" + rolesFileName);
|
||||
boolean rolesFileUnchanged = rolesFile.exists() && rolesFile.lastModified() == this.rolesFileDate;
|
||||
if (!this.roleMapDirty && rolesFileUnchanged) {
|
||||
logger.warn("No roles unpersisted and roles file unchanged on file system");
|
||||
} else {
|
||||
logger.info("Persisting roles...");
|
||||
|
@ -218,21 +215,21 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
|
||||
// write DOM to file
|
||||
XmlHelper.writeDocument(rootElement, rolesFile);
|
||||
roleMapDirty = true;
|
||||
this.roleMapDirty = true;
|
||||
}
|
||||
|
||||
// PRIVILEGES
|
||||
// get privileges file name
|
||||
String privilegesFileName = parameterMap.get(XmlConstants.XML_PARAM_PRIVILEGES_FILE);
|
||||
String privilegesFileName = this.parameterMap.get(XmlConstants.XML_PARAM_PRIVILEGES_FILE);
|
||||
if (privilegesFileName == null || privilegesFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_PRIVILEGES_FILE + " is invalid");
|
||||
}
|
||||
// get privileges file
|
||||
File privilegesFile = new File(basePath + "/" + privilegesFileName);
|
||||
File privilegesFile = new File(this.basePath + "/" + privilegesFileName);
|
||||
boolean privilegesFileUnchanged = privilegesFile.exists()
|
||||
&& privilegesFile.lastModified() == privilegesFileDate;
|
||||
if (!privilegeMapDirty && privilegesFileUnchanged) {
|
||||
&& privilegesFile.lastModified() == this.privilegesFileDate;
|
||||
if (!this.privilegeMapDirty && privilegesFileUnchanged) {
|
||||
logger.warn("No privileges unpersisted and privileges file unchanged on file system");
|
||||
} else {
|
||||
logger.info("Persisting privileges...");
|
||||
|
@ -246,24 +243,24 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
|
||||
// write DOM to file
|
||||
XmlHelper.writeDocument(rootElement, privilegesFile);
|
||||
privilegeMapDirty = true;
|
||||
this.privilegeMapDirty = true;
|
||||
}
|
||||
|
||||
// reset dirty states and return if something was dirty, false otherwise
|
||||
if (userMapDirty || roleMapDirty || privilegeMapDirty) {
|
||||
userMapDirty = false;
|
||||
roleMapDirty = false;
|
||||
privilegeMapDirty = false;
|
||||
if (this.userMapDirty || this.roleMapDirty || this.privilegeMapDirty) {
|
||||
this.userMapDirty = false;
|
||||
this.roleMapDirty = false;
|
||||
this.privilegeMapDirty = false;
|
||||
|
||||
return true;
|
||||
|
||||
} else {
|
||||
userMapDirty = false;
|
||||
roleMapDirty = false;
|
||||
privilegeMapDirty = false;
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
this.userMapDirty = false;
|
||||
this.roleMapDirty = false;
|
||||
this.privilegeMapDirty = false;
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -272,14 +269,14 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
@Override
|
||||
public void initialize(Map<String, String> parameterMap) {
|
||||
|
||||
roleMap = new HashMap<String, Role>();
|
||||
userMap = new HashMap<String, User>();
|
||||
privilegeMap = new HashMap<String, Privilege>();
|
||||
policyMap = new HashMap<String, Class<PrivilegePolicy>>();
|
||||
this.roleMap = new HashMap<String, Role>();
|
||||
this.userMap = new HashMap<String, User>();
|
||||
this.privilegeMap = new HashMap<String, Privilege>();
|
||||
this.policyMap = new HashMap<String, Class<PrivilegePolicy>>();
|
||||
|
||||
// get and validate base bath
|
||||
basePath = parameterMap.get(XmlConstants.XML_PARAM_BASE_PATH);
|
||||
File basePathF = new File(basePath);
|
||||
this.basePath = parameterMap.get(XmlConstants.XML_PARAM_BASE_PATH);
|
||||
File basePathF = new File(this.basePath);
|
||||
if (!basePathF.exists() && !basePathF.isDirectory()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_BASE_PATH + " is invalid");
|
||||
|
@ -294,7 +291,7 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
}
|
||||
|
||||
// get roles file
|
||||
File rolesFile = new File(basePath + "/" + rolesFileName);
|
||||
File rolesFile = new File(this.basePath + "/" + rolesFileName);
|
||||
if (!rolesFile.exists()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_ROLES_FILE + " is invalid as roles file does not exist at path "
|
||||
|
@ -306,7 +303,7 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
|
||||
// read roles
|
||||
readRoles(rolesRootElement);
|
||||
rolesFileDate = rolesFile.lastModified();
|
||||
this.rolesFileDate = rolesFile.lastModified();
|
||||
|
||||
// USERS
|
||||
// get users file name
|
||||
|
@ -317,7 +314,7 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
}
|
||||
|
||||
// get users file
|
||||
File usersFile = new File(basePath + "/" + usersFileName);
|
||||
File usersFile = new File(this.basePath + "/" + usersFileName);
|
||||
if (!usersFile.exists()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_USERS_FILE + " is invalid as users file does not exist at path "
|
||||
|
@ -329,7 +326,7 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
|
||||
// read users
|
||||
readUsers(usersRootElement);
|
||||
usersFileDate = usersFile.lastModified();
|
||||
this.usersFileDate = usersFile.lastModified();
|
||||
|
||||
// PRIVILEGES
|
||||
// get privileges file name
|
||||
|
@ -340,7 +337,7 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
}
|
||||
|
||||
// get privileges file
|
||||
File privilegesFile = new File(basePath + "/" + privilegesFileName);
|
||||
File privilegesFile = new File(this.basePath + "/" + privilegesFileName);
|
||||
if (!privilegesFile.exists()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_PRIVILEGES_FILE + " is invalid as privileges file does not exist at path "
|
||||
|
@ -352,7 +349,7 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
|
||||
// read privileges
|
||||
readPrivileges(privilegesRootElement);
|
||||
privilegesFileDate = privilegesFile.lastModified();
|
||||
this.privilegesFileDate = privilegesFile.lastModified();
|
||||
|
||||
// POLICIES
|
||||
// get policy file name
|
||||
|
@ -363,7 +360,7 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
}
|
||||
|
||||
// get policy file
|
||||
File policyFile = new File(basePath + "/" + policyFileName);
|
||||
File policyFile = new File(this.basePath + "/" + policyFileName);
|
||||
if (!policyFile.exists()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_POLICY_FILE + " is invalid as policy file does not exist at path "
|
||||
|
@ -376,18 +373,18 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
// read policies
|
||||
readPolicies(policiesRootElement);
|
||||
|
||||
userMapDirty = false;
|
||||
roleMapDirty = false;
|
||||
privilegeMapDirty = false;
|
||||
this.userMapDirty = false;
|
||||
this.roleMapDirty = false;
|
||||
this.privilegeMapDirty = false;
|
||||
|
||||
logger.info("Read " + userMap.size() + " Users");
|
||||
logger.info("Read " + roleMap.size() + " Roles");
|
||||
logger.info("Read " + privilegeMap.size() + " Privileges");
|
||||
logger.info("Read " + this.userMap.size() + " Users");
|
||||
logger.info("Read " + this.roleMap.size() + " Roles");
|
||||
logger.info("Read " + this.privilegeMap.size() + " Privileges");
|
||||
|
||||
// validate we have a user with PrivilegeAdmin access
|
||||
boolean privilegeAdminExists = false;
|
||||
for (String username : userMap.keySet()) {
|
||||
User user = userMap.get(username);
|
||||
for (String username : this.userMap.keySet()) {
|
||||
User user = this.userMap.get(username);
|
||||
if (user.hasRole(PrivilegeHandler.PRIVILEGE_ADMIN_ROLE)) {
|
||||
privilegeAdminExists = true;
|
||||
break;
|
||||
|
@ -437,7 +434,7 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
locale);
|
||||
|
||||
// put user in map
|
||||
userMap.put(username, user);
|
||||
this.userMap.put(username, user);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -462,7 +459,7 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
}
|
||||
|
||||
Role role = new Role(roleName, privileges);
|
||||
roleMap.put(roleName, role);
|
||||
this.roleMap.put(roleName, role);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -479,7 +476,7 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
String privilegePolicy = privilegeElement.attributeValue(XmlConstants.XML_ATTR_POLICY);
|
||||
|
||||
String allAllowedS = privilegeElement.element(XmlConstants.XML_ALL_ALLOWED).getTextTrim();
|
||||
boolean allAllowed = Boolean.valueOf(allAllowedS);
|
||||
boolean allAllowed = Boolean.valueOf(allAllowedS).booleanValue();
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
List<Element> denyElements = privilegeElement.elements(XmlConstants.XML_DENY);
|
||||
|
@ -506,7 +503,7 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
}
|
||||
|
||||
Privilege privilege = new Privilege(privilegeName, privilegePolicy, allAllowed, denyList, allowList);
|
||||
privilegeMap.put(privilegeName, privilege);
|
||||
this.privilegeMap.put(privilegeName, privilege);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -523,19 +520,19 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
|
||||
Class<PrivilegePolicy> clazz = ClassHelper.loadClass(policyClass);
|
||||
|
||||
policyMap.put(policyName, clazz);
|
||||
this.policyMap.put(policyName, clazz);
|
||||
}
|
||||
}
|
||||
|
||||
private List<Element> toDomPrivileges() {
|
||||
|
||||
List<Element> privilegesAsElements = new ArrayList<Element>(privilegeMap.size());
|
||||
List<Element> privilegesAsElements = new ArrayList<Element>(this.privilegeMap.size());
|
||||
|
||||
DocumentFactory documentFactory = DocumentFactory.getInstance();
|
||||
for (String privilegeName : privilegeMap.keySet()) {
|
||||
for (String privilegeName : this.privilegeMap.keySet()) {
|
||||
|
||||
// get the privilege object
|
||||
Privilege privilege = privilegeMap.get(privilegeName);
|
||||
Privilege privilege = this.privilegeMap.get(privilegeName);
|
||||
|
||||
// create the privilege element
|
||||
Element privilegeElement = documentFactory.createElement(XmlConstants.XML_PRIVILEGE);
|
||||
|
@ -570,13 +567,13 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
|
||||
private List<Element> toDomRoles() {
|
||||
|
||||
List<Element> rolesAsElements = new ArrayList<Element>(roleMap.size());
|
||||
List<Element> rolesAsElements = new ArrayList<Element>(this.roleMap.size());
|
||||
|
||||
DocumentFactory documentFactory = DocumentFactory.getInstance();
|
||||
for (String roleName : roleMap.keySet()) {
|
||||
for (String roleName : this.roleMap.keySet()) {
|
||||
|
||||
// get the role object
|
||||
Role role = roleMap.get(roleName);
|
||||
Role role = this.roleMap.get(roleName);
|
||||
|
||||
// create the role element
|
||||
Element roleElement = documentFactory.createElement(XmlConstants.XML_ROLE);
|
||||
|
@ -596,15 +593,15 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
return rolesAsElements;
|
||||
}
|
||||
|
||||
private List<Element> toDomUsers(Certificate certificate) {
|
||||
private List<Element> toDomUsers() {
|
||||
|
||||
List<Element> usersAsElements = new ArrayList<Element>(userMap.size());
|
||||
List<Element> usersAsElements = new ArrayList<Element>(this.userMap.size());
|
||||
|
||||
DocumentFactory documentFactory = DocumentFactory.getInstance();
|
||||
for (String userName : userMap.keySet()) {
|
||||
for (String userName : this.userMap.keySet()) {
|
||||
|
||||
// get the user object
|
||||
User user = userMap.get(userName);
|
||||
User user = this.userMap.get(userName);
|
||||
|
||||
// create the user element
|
||||
Element userElement = documentFactory.createElement(XmlConstants.XML_USER);
|
||||
|
|
|
@ -21,7 +21,6 @@ import org.dom4j.Document;
|
|||
import org.dom4j.DocumentFactory;
|
||||
import org.dom4j.Element;
|
||||
|
||||
|
||||
/**
|
||||
* <p>
|
||||
* This class is a simple application which can be used to bootstrap a new configuration for the
|
||||
|
@ -72,10 +71,10 @@ public class BootstrapConfigurationHelper {
|
|||
File pathF = new File(path);
|
||||
if (pathF.exists()) {
|
||||
throw new RuntimeException("Path already exists: " + pathF.getAbsolutePath());
|
||||
} else {
|
||||
if (!pathF.mkdirs()) {
|
||||
throw new RuntimeException("Could not create path " + pathF.getAbsolutePath());
|
||||
}
|
||||
}
|
||||
|
||||
if (!pathF.mkdirs()) {
|
||||
throw new RuntimeException("Could not create path " + pathF.getAbsolutePath());
|
||||
}
|
||||
|
||||
// TODO ask other questions...
|
||||
|
|
|
@ -33,6 +33,7 @@ public class InitializationHelper {
|
|||
|
||||
/**
|
||||
* @param privilegeContainerXmlFile
|
||||
* @return
|
||||
*/
|
||||
public static PrivilegeHandler initializeFromXml(File privilegeContainerXmlFile) {
|
||||
|
||||
|
|
|
@ -60,7 +60,7 @@ public final class Certificate implements Serializable {
|
|||
* @return the locale
|
||||
*/
|
||||
public Locale getLocale() {
|
||||
return locale;
|
||||
return this.locale;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -75,14 +75,14 @@ public final class Certificate implements Serializable {
|
|||
* @return the sessionId
|
||||
*/
|
||||
public String getSessionId() {
|
||||
return sessionId;
|
||||
return this.sessionId;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the username
|
||||
*/
|
||||
public String getUsername() {
|
||||
return username;
|
||||
return this.username;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -94,11 +94,10 @@ public final class Certificate implements Serializable {
|
|||
* @return the authToken if the given authPassword is corret, null otherwise
|
||||
*/
|
||||
public String getAuthToken(String authPassword) {
|
||||
if (this.authPassword.equals(authPassword)) {
|
||||
return authToken;
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
if (this.authPassword.equals(authPassword))
|
||||
return this.authToken;
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -108,11 +107,11 @@ public final class Certificate implements Serializable {
|
|||
public int hashCode() {
|
||||
final int prime = 31;
|
||||
int result = 1;
|
||||
result = prime * result + ((authPassword == null) ? 0 : authPassword.hashCode());
|
||||
result = prime * result + ((authToken == null) ? 0 : authToken.hashCode());
|
||||
result = prime * result + ((locale == null) ? 0 : locale.hashCode());
|
||||
result = prime * result + ((sessionId == null) ? 0 : sessionId.hashCode());
|
||||
result = prime * result + ((username == null) ? 0 : username.hashCode());
|
||||
result = prime * result + ((this.authPassword == null) ? 0 : this.authPassword.hashCode());
|
||||
result = prime * result + ((this.authToken == null) ? 0 : this.authToken.hashCode());
|
||||
result = prime * result + ((this.locale == null) ? 0 : this.locale.hashCode());
|
||||
result = prime * result + ((this.sessionId == null) ? 0 : this.sessionId.hashCode());
|
||||
result = prime * result + ((this.username == null) ? 0 : this.username.hashCode());
|
||||
return result;
|
||||
}
|
||||
|
||||
|
@ -128,30 +127,30 @@ public final class Certificate implements Serializable {
|
|||
if (!(obj instanceof Certificate))
|
||||
return false;
|
||||
Certificate other = (Certificate) obj;
|
||||
if (authPassword == null) {
|
||||
if (this.authPassword == null) {
|
||||
if (other.authPassword != null)
|
||||
return false;
|
||||
} else if (!authPassword.equals(other.authPassword))
|
||||
} else if (!this.authPassword.equals(other.authPassword))
|
||||
return false;
|
||||
if (authToken == null) {
|
||||
if (this.authToken == null) {
|
||||
if (other.authToken != null)
|
||||
return false;
|
||||
} else if (!authToken.equals(other.authToken))
|
||||
} else if (!this.authToken.equals(other.authToken))
|
||||
return false;
|
||||
if (locale == null) {
|
||||
if (this.locale == null) {
|
||||
if (other.locale != null)
|
||||
return false;
|
||||
} else if (!locale.equals(other.locale))
|
||||
} else if (!this.locale.equals(other.locale))
|
||||
return false;
|
||||
if (sessionId == null) {
|
||||
if (this.sessionId == null) {
|
||||
if (other.sessionId != null)
|
||||
return false;
|
||||
} else if (!sessionId.equals(other.sessionId))
|
||||
} else if (!this.sessionId.equals(other.sessionId))
|
||||
return false;
|
||||
if (username == null) {
|
||||
if (this.username == null) {
|
||||
if (other.username != null)
|
||||
return false;
|
||||
} else if (!username.equals(other.username))
|
||||
} else if (!this.username.equals(other.username))
|
||||
return false;
|
||||
return true;
|
||||
}
|
||||
|
@ -163,11 +162,11 @@ public final class Certificate implements Serializable {
|
|||
public String toString() {
|
||||
StringBuilder builder = new StringBuilder();
|
||||
builder.append("Certificate [sessionId=");
|
||||
builder.append(sessionId);
|
||||
builder.append(this.sessionId);
|
||||
builder.append(", username=");
|
||||
builder.append(username);
|
||||
builder.append(this.username);
|
||||
builder.append(", locale=");
|
||||
builder.append(locale);
|
||||
builder.append(this.locale);
|
||||
builder.append("]");
|
||||
return builder.toString();
|
||||
}
|
||||
|
|
|
@ -46,7 +46,7 @@ public class PrivilegeRep implements Serializable {
|
|||
* @return the name
|
||||
*/
|
||||
public String getName() {
|
||||
return name;
|
||||
return this.name;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -61,7 +61,7 @@ public class PrivilegeRep implements Serializable {
|
|||
* @return the policy
|
||||
*/
|
||||
public String getPolicy() {
|
||||
return policy;
|
||||
return this.policy;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -76,7 +76,7 @@ public class PrivilegeRep implements Serializable {
|
|||
* @return the allAllowed
|
||||
*/
|
||||
public boolean isAllAllowed() {
|
||||
return allAllowed;
|
||||
return this.allAllowed;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -91,7 +91,7 @@ public class PrivilegeRep implements Serializable {
|
|||
* @return the denyList
|
||||
*/
|
||||
public Set<String> getDenyList() {
|
||||
return denyList;
|
||||
return this.denyList;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -106,7 +106,7 @@ public class PrivilegeRep implements Serializable {
|
|||
* @return the allowList
|
||||
*/
|
||||
public Set<String> getAllowList() {
|
||||
return allowList;
|
||||
return this.allowList;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -16,7 +16,13 @@ package ch.eitchnet.privilege.model;
|
|||
*/
|
||||
public interface Restrictable {
|
||||
|
||||
/**
|
||||
* @return
|
||||
*/
|
||||
public String getPrivilegeName();
|
||||
|
||||
/**
|
||||
* @return
|
||||
*/
|
||||
public Object getPrivilegeValue();
|
||||
}
|
||||
|
|
|
@ -37,7 +37,7 @@ public class RoleRep implements Serializable {
|
|||
* @return the name
|
||||
*/
|
||||
public String getName() {
|
||||
return name;
|
||||
return this.name;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -52,7 +52,7 @@ public class RoleRep implements Serializable {
|
|||
* @return the privileges
|
||||
*/
|
||||
public Set<String> getPrivileges() {
|
||||
return privileges;
|
||||
return this.privileges;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -51,7 +51,7 @@ public class UserRep implements Serializable {
|
|||
* @return the username
|
||||
*/
|
||||
public String getUsername() {
|
||||
return username;
|
||||
return this.username;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -66,7 +66,7 @@ public class UserRep implements Serializable {
|
|||
* @return the firstname
|
||||
*/
|
||||
public String getFirstname() {
|
||||
return firstname;
|
||||
return this.firstname;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -81,7 +81,7 @@ public class UserRep implements Serializable {
|
|||
* @return the surname
|
||||
*/
|
||||
public String getSurname() {
|
||||
return surname;
|
||||
return this.surname;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -96,7 +96,7 @@ public class UserRep implements Serializable {
|
|||
* @return the userState
|
||||
*/
|
||||
public UserState getUserState() {
|
||||
return userState;
|
||||
return this.userState;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -111,7 +111,7 @@ public class UserRep implements Serializable {
|
|||
* @return the roles
|
||||
*/
|
||||
public Set<String> getRoles() {
|
||||
return roles;
|
||||
return this.roles;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -126,7 +126,7 @@ public class UserRep implements Serializable {
|
|||
* @return the locale
|
||||
*/
|
||||
public Locale getLocale() {
|
||||
return locale;
|
||||
return this.locale;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -12,7 +12,7 @@ package ch.eitchnet.privilege.model;
|
|||
|
||||
/**
|
||||
* @author rvonburg
|
||||
*
|
||||
*
|
||||
*/
|
||||
public enum UserState {
|
||||
NEW,
|
||||
|
|
|
@ -29,6 +29,9 @@ public final class Privilege {
|
|||
private final Set<String> allowList;
|
||||
|
||||
/**
|
||||
*
|
||||
* @param name
|
||||
* @param policy
|
||||
* @param allAllowed
|
||||
* @param denyList
|
||||
* @param allowList
|
||||
|
@ -45,42 +48,43 @@ public final class Privilege {
|
|||
* @return the name
|
||||
*/
|
||||
public String getName() {
|
||||
return name;
|
||||
return this.name;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the policy
|
||||
*/
|
||||
public String getPolicy() {
|
||||
return policy;
|
||||
return this.policy;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the allAllowed
|
||||
*/
|
||||
public boolean isAllAllowed() {
|
||||
return allAllowed;
|
||||
return this.allAllowed;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the allowList
|
||||
*/
|
||||
public Set<String> getAllowList() {
|
||||
return allowList;
|
||||
return this.allowList;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the denyList
|
||||
*/
|
||||
public Set<String> getDenyList() {
|
||||
return denyList;
|
||||
return this.denyList;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return a {@link PrivilegeRep} which is a representation of this object used to serialize and view on clients
|
||||
*/
|
||||
public PrivilegeRep asPrivilegeRep() {
|
||||
return new PrivilegeRep(name, policy, allAllowed, new HashSet<String>(denyList), new HashSet<String>(allowList));
|
||||
return new PrivilegeRep(this.name, this.policy, this.allAllowed, new HashSet<String>(this.denyList),
|
||||
new HashSet<String>(this.allowList));
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -90,15 +94,15 @@ public final class Privilege {
|
|||
public String toString() {
|
||||
StringBuilder builder = new StringBuilder();
|
||||
builder.append("Privilege [name=");
|
||||
builder.append(name);
|
||||
builder.append(this.name);
|
||||
builder.append(", policy=");
|
||||
builder.append(policy);
|
||||
builder.append(this.policy);
|
||||
builder.append(", allAllowed=");
|
||||
builder.append(allAllowed);
|
||||
builder.append(this.allAllowed);
|
||||
builder.append(", denyList=");
|
||||
builder.append(denyList);
|
||||
builder.append(this.denyList);
|
||||
builder.append(", allowList=");
|
||||
builder.append(allowList);
|
||||
builder.append(this.allowList);
|
||||
builder.append("]");
|
||||
return builder.toString();
|
||||
}
|
||||
|
@ -110,11 +114,11 @@ public final class Privilege {
|
|||
public int hashCode() {
|
||||
final int prime = 31;
|
||||
int result = 1;
|
||||
result = prime * result + (allAllowed ? 1231 : 1237);
|
||||
result = prime * result + ((allowList == null) ? 0 : allowList.hashCode());
|
||||
result = prime * result + ((denyList == null) ? 0 : denyList.hashCode());
|
||||
result = prime * result + ((name == null) ? 0 : name.hashCode());
|
||||
result = prime * result + ((policy == null) ? 0 : policy.hashCode());
|
||||
result = prime * result + (this.allAllowed ? 1231 : 1237);
|
||||
result = prime * result + ((this.allowList == null) ? 0 : this.allowList.hashCode());
|
||||
result = prime * result + ((this.denyList == null) ? 0 : this.denyList.hashCode());
|
||||
result = prime * result + ((this.name == null) ? 0 : this.name.hashCode());
|
||||
result = prime * result + ((this.policy == null) ? 0 : this.policy.hashCode());
|
||||
return result;
|
||||
}
|
||||
|
||||
|
@ -130,27 +134,27 @@ public final class Privilege {
|
|||
if (getClass() != obj.getClass())
|
||||
return false;
|
||||
Privilege other = (Privilege) obj;
|
||||
if (allAllowed != other.allAllowed)
|
||||
if (this.allAllowed != other.allAllowed)
|
||||
return false;
|
||||
if (allowList == null) {
|
||||
if (this.allowList == null) {
|
||||
if (other.allowList != null)
|
||||
return false;
|
||||
} else if (!allowList.equals(other.allowList))
|
||||
} else if (!this.allowList.equals(other.allowList))
|
||||
return false;
|
||||
if (denyList == null) {
|
||||
if (this.denyList == null) {
|
||||
if (other.denyList != null)
|
||||
return false;
|
||||
} else if (!denyList.equals(other.denyList))
|
||||
} else if (!this.denyList.equals(other.denyList))
|
||||
return false;
|
||||
if (name == null) {
|
||||
if (this.name == null) {
|
||||
if (other.name != null)
|
||||
return false;
|
||||
} else if (!name.equals(other.name))
|
||||
} else if (!this.name.equals(other.name))
|
||||
return false;
|
||||
if (policy == null) {
|
||||
if (this.policy == null) {
|
||||
if (other.policy != null)
|
||||
return false;
|
||||
} else if (!policy.equals(other.policy))
|
||||
} else if (!this.policy.equals(other.policy))
|
||||
return false;
|
||||
return true;
|
||||
}
|
||||
|
|
|
@ -39,14 +39,14 @@ public final class Role {
|
|||
* @return the name
|
||||
*/
|
||||
public String getName() {
|
||||
return name;
|
||||
return this.name;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return
|
||||
*/
|
||||
public Set<String> getPrivileges() {
|
||||
return privileges;
|
||||
return this.privileges;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -54,14 +54,14 @@ public final class Role {
|
|||
* @return
|
||||
*/
|
||||
public boolean hasPrivilege(String key) {
|
||||
return privileges.contains(key);
|
||||
return this.privileges.contains(key);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return a {@link RoleRep} which is a representation of this object used to serialize and view on clients
|
||||
*/
|
||||
public RoleRep asRoleRep() {
|
||||
return new RoleRep(name, new HashSet<String>(privileges));
|
||||
return new RoleRep(this.name, new HashSet<String>(this.privileges));
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -71,9 +71,9 @@ public final class Role {
|
|||
public String toString() {
|
||||
StringBuilder builder = new StringBuilder();
|
||||
builder.append("Role [name=");
|
||||
builder.append(name);
|
||||
builder.append(this.name);
|
||||
builder.append(", privileges=");
|
||||
builder.append(privileges);
|
||||
builder.append(this.privileges);
|
||||
builder.append("]");
|
||||
return builder.toString();
|
||||
}
|
||||
|
@ -85,8 +85,8 @@ public final class Role {
|
|||
public int hashCode() {
|
||||
final int prime = 31;
|
||||
int result = 1;
|
||||
result = prime * result + ((name == null) ? 0 : name.hashCode());
|
||||
result = prime * result + ((privileges == null) ? 0 : privileges.hashCode());
|
||||
result = prime * result + ((this.name == null) ? 0 : this.name.hashCode());
|
||||
result = prime * result + ((this.privileges == null) ? 0 : this.privileges.hashCode());
|
||||
return result;
|
||||
}
|
||||
|
||||
|
@ -102,15 +102,15 @@ public final class Role {
|
|||
if (getClass() != obj.getClass())
|
||||
return false;
|
||||
Role other = (Role) obj;
|
||||
if (name == null) {
|
||||
if (this.name == null) {
|
||||
if (other.name != null)
|
||||
return false;
|
||||
} else if (!name.equals(other.name))
|
||||
} else if (!this.name.equals(other.name))
|
||||
return false;
|
||||
if (privileges == null) {
|
||||
if (this.privileges == null) {
|
||||
if (other.privileges != null)
|
||||
return false;
|
||||
} else if (!privileges.equals(other.privileges))
|
||||
} else if (!this.privileges.equals(other.privileges))
|
||||
return false;
|
||||
return true;
|
||||
}
|
||||
|
|
|
@ -24,6 +24,12 @@ public final class Session {
|
|||
private final String authPassword;
|
||||
|
||||
/**
|
||||
*
|
||||
* @param sessionId
|
||||
* @param authToken
|
||||
* @param authPassword
|
||||
* @param username
|
||||
* @param loginTime
|
||||
*/
|
||||
public Session(String sessionId, String authToken, String authPassword, String username, long loginTime) {
|
||||
this.sessionId = sessionId;
|
||||
|
@ -37,35 +43,35 @@ public final class Session {
|
|||
* @return the sessionId
|
||||
*/
|
||||
public String getSessionId() {
|
||||
return sessionId;
|
||||
return this.sessionId;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the authToken
|
||||
*/
|
||||
public String getAuthToken() {
|
||||
return authToken;
|
||||
return this.authToken;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the authPassword
|
||||
*/
|
||||
public String getAuthPassword() {
|
||||
return authPassword;
|
||||
return this.authPassword;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the username
|
||||
*/
|
||||
public String getUsername() {
|
||||
return username;
|
||||
return this.username;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the loginTime
|
||||
*/
|
||||
public long getLoginTime() {
|
||||
return loginTime;
|
||||
return this.loginTime;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -75,11 +81,11 @@ public final class Session {
|
|||
public int hashCode() {
|
||||
final int prime = 31;
|
||||
int result = 1;
|
||||
result = prime * result + ((authPassword == null) ? 0 : authPassword.hashCode());
|
||||
result = prime * result + ((authToken == null) ? 0 : authToken.hashCode());
|
||||
result = prime * result + (int) (loginTime ^ (loginTime >>> 32));
|
||||
result = prime * result + ((sessionId == null) ? 0 : sessionId.hashCode());
|
||||
result = prime * result + ((username == null) ? 0 : username.hashCode());
|
||||
result = prime * result + ((this.authPassword == null) ? 0 : this.authPassword.hashCode());
|
||||
result = prime * result + ((this.authToken == null) ? 0 : this.authToken.hashCode());
|
||||
result = prime * result + (int) (this.loginTime ^ (this.loginTime >>> 32));
|
||||
result = prime * result + ((this.sessionId == null) ? 0 : this.sessionId.hashCode());
|
||||
result = prime * result + ((this.username == null) ? 0 : this.username.hashCode());
|
||||
return result;
|
||||
}
|
||||
|
||||
|
@ -95,27 +101,27 @@ public final class Session {
|
|||
if (!(obj instanceof Session))
|
||||
return false;
|
||||
Session other = (Session) obj;
|
||||
if (authPassword == null) {
|
||||
if (this.authPassword == null) {
|
||||
if (other.authPassword != null)
|
||||
return false;
|
||||
} else if (!authPassword.equals(other.authPassword))
|
||||
} else if (!this.authPassword.equals(other.authPassword))
|
||||
return false;
|
||||
if (authToken == null) {
|
||||
if (this.authToken == null) {
|
||||
if (other.authToken != null)
|
||||
return false;
|
||||
} else if (!authToken.equals(other.authToken))
|
||||
} else if (!this.authToken.equals(other.authToken))
|
||||
return false;
|
||||
if (loginTime != other.loginTime)
|
||||
if (this.loginTime != other.loginTime)
|
||||
return false;
|
||||
if (sessionId == null) {
|
||||
if (this.sessionId == null) {
|
||||
if (other.sessionId != null)
|
||||
return false;
|
||||
} else if (!sessionId.equals(other.sessionId))
|
||||
} else if (!this.sessionId.equals(other.sessionId))
|
||||
return false;
|
||||
if (username == null) {
|
||||
if (this.username == null) {
|
||||
if (other.username != null)
|
||||
return false;
|
||||
} else if (!username.equals(other.username))
|
||||
} else if (!this.username.equals(other.username))
|
||||
return false;
|
||||
return true;
|
||||
}
|
||||
|
@ -127,11 +133,11 @@ public final class Session {
|
|||
public String toString() {
|
||||
StringBuilder builder = new StringBuilder();
|
||||
builder.append("Session [sessionId=");
|
||||
builder.append(sessionId);
|
||||
builder.append(this.sessionId);
|
||||
builder.append(", username=");
|
||||
builder.append(username);
|
||||
builder.append(this.username);
|
||||
builder.append(", loginTime=");
|
||||
builder.append(loginTime);
|
||||
builder.append(this.loginTime);
|
||||
builder.append("]");
|
||||
return builder.toString();
|
||||
}
|
||||
|
|
|
@ -65,7 +65,7 @@ public final class User {
|
|||
* @return the username
|
||||
*/
|
||||
public String getUsername() {
|
||||
return username;
|
||||
return this.username;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -81,42 +81,35 @@ public final class User {
|
|||
// field even though? The User object should be private, but maybe I
|
||||
// forgot something?
|
||||
|
||||
return password;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the password
|
||||
*/
|
||||
public boolean isPassword(String password) {
|
||||
return this.password.equals(password);
|
||||
return this.password;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the firstname
|
||||
*/
|
||||
public String getFirstname() {
|
||||
return firstname;
|
||||
return this.firstname;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the surname
|
||||
*/
|
||||
public String getSurname() {
|
||||
return surname;
|
||||
return this.surname;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the userState
|
||||
*/
|
||||
public UserState getState() {
|
||||
return userState;
|
||||
return this.userState;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the roles
|
||||
*/
|
||||
public Set<String> getRoles() {
|
||||
return roles;
|
||||
return this.roles;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -126,21 +119,22 @@ public final class User {
|
|||
* @return true if the this user has the specified role
|
||||
*/
|
||||
public boolean hasRole(String role) {
|
||||
return roles.contains(role);
|
||||
return this.roles.contains(role);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the locale
|
||||
*/
|
||||
public Locale getLocale() {
|
||||
return locale;
|
||||
return this.locale;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return a {@link UserRep} which is a representation of this object used to serialize and view on clients
|
||||
*/
|
||||
public UserRep asUserRep() {
|
||||
return new UserRep(username, firstname, surname, userState, new HashSet<String>(roles), locale);
|
||||
return new UserRep(this.username, this.firstname, this.surname, this.userState,
|
||||
new HashSet<String>(this.roles), this.locale);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -150,17 +144,17 @@ public final class User {
|
|||
public String toString() {
|
||||
StringBuilder builder = new StringBuilder();
|
||||
builder.append("User [username=");
|
||||
builder.append(username);
|
||||
builder.append(this.username);
|
||||
builder.append(", firstname=");
|
||||
builder.append(firstname);
|
||||
builder.append(this.firstname);
|
||||
builder.append(", surname=");
|
||||
builder.append(surname);
|
||||
builder.append(this.surname);
|
||||
builder.append(", locale=");
|
||||
builder.append(locale);
|
||||
builder.append(this.locale);
|
||||
builder.append(", userState=");
|
||||
builder.append(userState);
|
||||
builder.append(this.userState);
|
||||
builder.append(", roles=");
|
||||
builder.append(roles);
|
||||
builder.append(this.roles);
|
||||
builder.append("]");
|
||||
return builder.toString();
|
||||
}
|
||||
|
|
|
@ -14,18 +14,20 @@ import ch.eitchnet.privilege.model.Restrictable;
|
|||
|
||||
/**
|
||||
* @author rvonburg
|
||||
*
|
||||
*
|
||||
*/
|
||||
public class TestRestrictable implements Restrictable {
|
||||
|
||||
/**@see ch.eitchnet.privilege.model.Restrictable#getPrivilegeName()
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.model.Restrictable#getPrivilegeName()
|
||||
*/
|
||||
@Override
|
||||
public String getPrivilegeName() {
|
||||
return "Service";
|
||||
}
|
||||
|
||||
/**@see ch.eitchnet.privilege.model.Restrictable#getPrivilegeValue()
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.model.Restrictable#getPrivilegeValue()
|
||||
*/
|
||||
@Override
|
||||
public Object getPrivilegeValue() {
|
||||
|
|
Loading…
Reference in New Issue