[New] Added helper methods for running as a system user
This commit is contained in:
parent
b9f3e5d13c
commit
d8a68f26fd
|
@ -20,16 +20,6 @@ import java.io.FileInputStream;
|
||||||
import java.text.MessageFormat;
|
import java.text.MessageFormat;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
import li.strolch.agent.api.ComponentContainer;
|
|
||||||
import li.strolch.agent.api.StrolchComponent;
|
|
||||||
import li.strolch.agent.api.StrolchRealm;
|
|
||||||
import li.strolch.exception.StrolchException;
|
|
||||||
import li.strolch.model.audit.AccessType;
|
|
||||||
import li.strolch.model.audit.Audit;
|
|
||||||
import li.strolch.persistence.api.StrolchTransaction;
|
|
||||||
import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants;
|
|
||||||
import li.strolch.runtime.configuration.ComponentConfiguration;
|
|
||||||
import li.strolch.runtime.configuration.RuntimeConfiguration;
|
|
||||||
import ch.eitchnet.privilege.base.AccessDeniedException;
|
import ch.eitchnet.privilege.base.AccessDeniedException;
|
||||||
import ch.eitchnet.privilege.base.PrivilegeException;
|
import ch.eitchnet.privilege.base.PrivilegeException;
|
||||||
import ch.eitchnet.privilege.handler.DefaultPrivilegeHandler;
|
import ch.eitchnet.privilege.handler.DefaultPrivilegeHandler;
|
||||||
|
@ -44,6 +34,16 @@ import ch.eitchnet.privilege.model.PrivilegeContext;
|
||||||
import ch.eitchnet.privilege.model.internal.PrivilegeContainerModel;
|
import ch.eitchnet.privilege.model.internal.PrivilegeContainerModel;
|
||||||
import ch.eitchnet.privilege.xml.PrivilegeConfigSaxReader;
|
import ch.eitchnet.privilege.xml.PrivilegeConfigSaxReader;
|
||||||
import ch.eitchnet.utils.helper.XmlHelper;
|
import ch.eitchnet.utils.helper.XmlHelper;
|
||||||
|
import li.strolch.agent.api.ComponentContainer;
|
||||||
|
import li.strolch.agent.api.StrolchComponent;
|
||||||
|
import li.strolch.agent.api.StrolchRealm;
|
||||||
|
import li.strolch.exception.StrolchException;
|
||||||
|
import li.strolch.model.audit.AccessType;
|
||||||
|
import li.strolch.model.audit.Audit;
|
||||||
|
import li.strolch.persistence.api.StrolchTransaction;
|
||||||
|
import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants;
|
||||||
|
import li.strolch.runtime.configuration.ComponentConfiguration;
|
||||||
|
import li.strolch.runtime.configuration.RuntimeConfiguration;
|
||||||
|
|
||||||
public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements PrivilegeHandler {
|
public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements PrivilegeHandler {
|
||||||
|
|
||||||
|
@ -178,8 +178,8 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void runAsSystem(String systemUsername, SystemUserAction action) throws PrivilegeException {
|
public <T extends SystemUserAction> T runAsSystem(String systemUsername, T action) throws PrivilegeException {
|
||||||
this.privilegeHandler.runAsSystem(systemUsername, action);
|
return this.privilegeHandler.runAsSystem(systemUsername, action);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
|
@ -70,7 +70,8 @@ public interface PrivilegeHandler {
|
||||||
* @see ch.eitchnet.privilege.handler.PrivilegeHandler#runAsSystem(java.lang.String,
|
* @see ch.eitchnet.privilege.handler.PrivilegeHandler#runAsSystem(java.lang.String,
|
||||||
* ch.eitchnet.privilege.handler.SystemUserAction)
|
* ch.eitchnet.privilege.handler.SystemUserAction)
|
||||||
*/
|
*/
|
||||||
public abstract void runAsSystem(String systemUsername, SystemUserAction action) throws PrivilegeException;
|
public abstract <T extends SystemUserAction> T runAsSystem(String systemUsername, T action)
|
||||||
|
throws PrivilegeException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param certificate
|
* @param certificate
|
||||||
|
|
|
@ -0,0 +1,31 @@
|
||||||
|
package li.strolch.runtime.privilege;
|
||||||
|
|
||||||
|
import ch.eitchnet.privilege.handler.SystemUserAction;
|
||||||
|
import ch.eitchnet.privilege.model.PrivilegeContext;
|
||||||
|
import li.strolch.service.api.AbstractService;
|
||||||
|
import li.strolch.service.api.ServiceArgument;
|
||||||
|
import li.strolch.service.api.ServiceHandler;
|
||||||
|
import li.strolch.service.api.ServiceResult;
|
||||||
|
|
||||||
|
public class RunAsAgent<T extends ServiceArgument, U extends ServiceResult> extends SystemUserAction {
|
||||||
|
|
||||||
|
private ServiceHandler svcHandler;
|
||||||
|
private AbstractService<T, U> svc;
|
||||||
|
private T arg;
|
||||||
|
private U result;
|
||||||
|
|
||||||
|
public RunAsAgent(ServiceHandler svcHandler, AbstractService<T, U> svc, T arg) {
|
||||||
|
this.svcHandler = svcHandler;
|
||||||
|
this.svc = svc;
|
||||||
|
this.arg = arg;
|
||||||
|
}
|
||||||
|
|
||||||
|
public U getResult() {
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void execute(PrivilegeContext privilegeContext) {
|
||||||
|
this.result = svcHandler.doService(privilegeContext.getCertificate(), svc, arg);
|
||||||
|
}
|
||||||
|
}
|
|
@ -17,19 +17,21 @@ package li.strolch.service.api;
|
||||||
|
|
||||||
import java.text.MessageFormat;
|
import java.text.MessageFormat;
|
||||||
|
|
||||||
|
import org.slf4j.Logger;
|
||||||
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
|
import ch.eitchnet.privilege.base.PrivilegeException;
|
||||||
|
import ch.eitchnet.privilege.handler.SystemUserAction;
|
||||||
|
import ch.eitchnet.privilege.model.Certificate;
|
||||||
|
import ch.eitchnet.privilege.model.PrivilegeContext;
|
||||||
|
import ch.eitchnet.utils.dbc.DBC;
|
||||||
import li.strolch.agent.api.ComponentContainer;
|
import li.strolch.agent.api.ComponentContainer;
|
||||||
import li.strolch.agent.api.StrolchComponent;
|
import li.strolch.agent.api.StrolchComponent;
|
||||||
import li.strolch.agent.api.StrolchRealm;
|
import li.strolch.agent.api.StrolchRealm;
|
||||||
import li.strolch.exception.StrolchException;
|
import li.strolch.exception.StrolchException;
|
||||||
import li.strolch.persistence.api.StrolchTransaction;
|
import li.strolch.persistence.api.StrolchTransaction;
|
||||||
import li.strolch.runtime.configuration.RuntimeConfiguration;
|
import li.strolch.runtime.configuration.RuntimeConfiguration;
|
||||||
|
import li.strolch.runtime.privilege.PrivilegeHandler;
|
||||||
import org.slf4j.Logger;
|
|
||||||
import org.slf4j.LoggerFactory;
|
|
||||||
|
|
||||||
import ch.eitchnet.privilege.model.Certificate;
|
|
||||||
import ch.eitchnet.privilege.model.PrivilegeContext;
|
|
||||||
import ch.eitchnet.utils.dbc.DBC;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Robert von Burg <eitch@eitchnet.ch>
|
* @author Robert von Burg <eitch@eitchnet.ch>
|
||||||
|
@ -91,6 +93,15 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
|
||||||
return this.container;
|
return this.container;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the reference to the {@link PrivilegeHandler}
|
||||||
|
*
|
||||||
|
* @return the privilege handler
|
||||||
|
*/
|
||||||
|
public PrivilegeHandler getPrivilegeHandler() throws IllegalArgumentException {
|
||||||
|
return this.container.getPrivilegeHandler();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the reference to the {@link StrolchComponent} with the given name, if it exists. If it does not exist, an
|
* Returns the reference to the {@link StrolchComponent} with the given name, if it exists. If it does not exist, an
|
||||||
* {@link IllegalArgumentException} is thrown
|
* {@link IllegalArgumentException} is thrown
|
||||||
|
@ -197,6 +208,23 @@ public abstract class AbstractService<T extends ServiceArgument, U extends Servi
|
||||||
return this.container.getRealm(getCertificate()).openTx(getCertificate(), action);
|
return this.container.getRealm(getCertificate()).openTx(getCertificate(), action);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Performs the given {@link SystemUserAction} as a system user with the given username. Returns the action for
|
||||||
|
* chaining calls
|
||||||
|
*
|
||||||
|
* @param username
|
||||||
|
* the name of the system user to perform the action as
|
||||||
|
* @param action
|
||||||
|
* the action to perform
|
||||||
|
*
|
||||||
|
* @return the action performed for chaining calls
|
||||||
|
*
|
||||||
|
* @throws PrivilegeException
|
||||||
|
*/
|
||||||
|
protected <V extends SystemUserAction> V runAs(String username, V action) throws PrivilegeException {
|
||||||
|
return this.container.getPrivilegeHandler().runAsSystem(username, action);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This method is final as it enforces that the argument is valid, and catches all exceptions and enforces that a
|
* This method is final as it enforces that the argument is valid, and catches all exceptions and enforces that a
|
||||||
* service result is returned. A concrete implementation will implement the business logic in
|
* service result is returned. A concrete implementation will implement the business logic in
|
||||||
|
|
|
@ -18,6 +18,8 @@ package li.strolch.service.api;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
|
import ch.eitchnet.privilege.base.PrivilegeException;
|
||||||
|
import ch.eitchnet.privilege.handler.SystemUserAction;
|
||||||
import ch.eitchnet.privilege.model.Restrictable;
|
import ch.eitchnet.privilege.model.Restrictable;
|
||||||
import li.strolch.agent.api.ComponentContainer;
|
import li.strolch.agent.api.ComponentContainer;
|
||||||
import li.strolch.agent.api.StrolchComponent;
|
import li.strolch.agent.api.StrolchComponent;
|
||||||
|
@ -100,6 +102,23 @@ public abstract class Command implements Restrictable {
|
||||||
return policy;
|
return policy;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Performs the given {@link SystemUserAction} as a system user with the given username. Returns the action for
|
||||||
|
* chaining calls
|
||||||
|
*
|
||||||
|
* @param username
|
||||||
|
* the name of the system user to perform the action as
|
||||||
|
* @param action
|
||||||
|
* the action to perform
|
||||||
|
*
|
||||||
|
* @return the action performed for chaining calls
|
||||||
|
*
|
||||||
|
* @throws PrivilegeException
|
||||||
|
*/
|
||||||
|
protected <V extends SystemUserAction> V runAs(String username, V action) throws PrivilegeException {
|
||||||
|
return this.container.getPrivilegeHandler().runAsSystem(username, action);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the {@link StrolchTransaction} bound to this {@link Command}'s runtime
|
* Returns the {@link StrolchTransaction} bound to this {@link Command}'s runtime
|
||||||
*
|
*
|
||||||
|
|
Loading…
Reference in New Issue