[Interface] modified privilege to have only two configuration files: Privilege.xml for the configuration for the handlers and Policies. and PrivilegeModel.xml for the configuration of the run time modifiable data (roles, users, privileges)
This commit is contained in:
parent
e7b8de2765
commit
f26013583d
|
@ -0,0 +1,29 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<Privilege>
|
||||
|
||||
<Container>
|
||||
|
||||
<Parameters>
|
||||
<!-- parameters for the container itself -->
|
||||
</Parameters>
|
||||
|
||||
<EncryptionHandler class="ch.eitchnet.privilege.handler.DefaultEncryptionHandler">
|
||||
<Parameters>
|
||||
<Parameter name="hashAlgorithm" value="SHA-256" />
|
||||
</Parameters>
|
||||
</EncryptionHandler>
|
||||
|
||||
<PersistenceHandler class="ch.eitchnet.privilege.handler.XmlPersistenceHandler">
|
||||
<Parameters>
|
||||
<Parameter name="basePath" value="./config" />
|
||||
<Parameter name="modelXmlFile" value="PrivilegeModel.xml" />
|
||||
</Parameters>
|
||||
</PersistenceHandler>
|
||||
|
||||
</Container>
|
||||
|
||||
<Policies>
|
||||
<Policy name="DefaultPrivilege" class="ch.eitchnet.privilege.policy.DefaultPrivilege" />
|
||||
</Policies>
|
||||
|
||||
</Privilege>
|
|
@ -1,22 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<PrivilegeContainer>
|
||||
|
||||
<PrivilegeHandler class="ch.eitchnet.privilege.handler.DefaultPrivilegeHandler" />
|
||||
|
||||
<EncryptionHandler class="ch.eitchnet.privilege.handler.DefaultEncryptionHandler">
|
||||
<Parameters>
|
||||
<Parameter name="hashAlgorithm" value="SHA-256" />
|
||||
</Parameters>
|
||||
</EncryptionHandler>
|
||||
|
||||
<PersistenceHandler class="ch.eitchnet.privilege.handler.XmlPersistenceHandler">
|
||||
<Parameters>
|
||||
<Parameter name="basePath" value="./config" />
|
||||
<Parameter name="usersXmlFile" value="PrivilegeUsers.xml" />
|
||||
<Parameter name="rolesXmlFile" value="PrivilegeRoles.xml" />
|
||||
<Parameter name="privilegesXmlFile" value="Privileges.xml" />
|
||||
<Parameter name="policyXmlFile" value="PrivilegePolicies.xml" />
|
||||
</Parameters>
|
||||
</PersistenceHandler>
|
||||
|
||||
</PrivilegeContainer>
|
|
@ -0,0 +1,49 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<UsersAndRoles>
|
||||
|
||||
<Privileges>
|
||||
<Privilege name="NoRestriction" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Deny></Deny>
|
||||
<Allow></Allow>
|
||||
</Privilege>
|
||||
|
||||
<Privilege name="Service" policy="DefaultPrivilege">
|
||||
<AllAllowed>false</AllAllowed>
|
||||
<Deny></Deny>
|
||||
<Allow>ch.eitchnet.privilege.test.TestRestrictable</Allow>
|
||||
</Privilege>
|
||||
</Privileges>
|
||||
|
||||
<Users>
|
||||
|
||||
<User userId="1" username="eitch" password="c775e7b757ede630cd0aa1113bd102661ab38829ca52a6422ab782862f268646">
|
||||
<Firstname>Robert</Firstname>
|
||||
<Surname>von Burg</Surname>
|
||||
<State>ENABLED</State>
|
||||
<Locale>en_GB</Locale>
|
||||
<Roles>
|
||||
<Role>PrivilegeAdmin</Role>
|
||||
<Role>admin</Role>
|
||||
<Role>serviceExecutor</Role>
|
||||
</Roles>
|
||||
</User>
|
||||
|
||||
</Users>
|
||||
|
||||
<Roles>
|
||||
|
||||
<Role name="PrivilegeAdmin" />
|
||||
|
||||
<Role name="admin">
|
||||
<Privilege name="NoRestriction" />
|
||||
</Role>
|
||||
|
||||
<Role name="user" />
|
||||
|
||||
<Role name="serviceExecutor">
|
||||
<Privilege name="Service" />
|
||||
</Role>
|
||||
|
||||
</Roles>
|
||||
</UsersAndRoles>
|
|
@ -1,6 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<PrivilegePolicies>
|
||||
|
||||
<Policy name="DefaultPrivilege" class="ch.eitchnet.privilege.policy.DefaultPrivilege" />
|
||||
|
||||
</PrivilegePolicies>
|
|
@ -1,13 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<PrivilegeRoles>
|
||||
|
||||
<Role name="PrivilegeAdmin" />
|
||||
<Role name="admin">
|
||||
<Privilege name="NoRestriction" />
|
||||
</Role>
|
||||
<Role name="user" />
|
||||
<Role name="serviceExecutor">
|
||||
<Privilege name="Service" />
|
||||
</Role>
|
||||
|
||||
</PrivilegeRoles>
|
|
@ -1,16 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<PrivilegesUsers>
|
||||
|
||||
<User username="eitch" password="c775e7b757ede630cd0aa1113bd102661ab38829ca52a6422ab782862f268646">
|
||||
<Firstname>Robert</Firstname>
|
||||
<Surname>von Burg</Surname>
|
||||
<State>ENABLED</State>
|
||||
<Locale>en_GB</Locale>
|
||||
<Roles>
|
||||
<Role>PrivilegeAdmin</Role>
|
||||
<Role>admin</Role>
|
||||
<Role>serviceExecutor</Role>
|
||||
</Roles>
|
||||
</User>
|
||||
|
||||
</PrivilegesUsers>
|
|
@ -1,16 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<Privileges>
|
||||
|
||||
<Privilege name="NoRestriction" policy="DefaultPrivilege">
|
||||
<AllAllowed>true</AllAllowed>
|
||||
<Deny></Deny>
|
||||
<Allow></Allow>
|
||||
</Privilege>
|
||||
|
||||
<Privilege name="Service" policy="DefaultPrivilege">
|
||||
<AllAllowed>false</AllAllowed>
|
||||
<Deny></Deny>
|
||||
<Allow>ch.eitchnet.privilege.test.TestRestrictable</Allow>
|
||||
</Privilege>
|
||||
|
||||
</Privileges>
|
|
@ -645,8 +645,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
Certificate certificate = new Certificate(sessionId, username, authToken, authPassword, user.getLocale());
|
||||
|
||||
// create and save a new session
|
||||
Session session = new Session(sessionId, authToken, authPassword, user.getUsername(),
|
||||
System.currentTimeMillis());
|
||||
Session session = new Session(sessionId, username, authToken, authPassword, System.currentTimeMillis());
|
||||
this.sessionMap.put(sessionId, new CertificateSessionPair(session, certificate));
|
||||
|
||||
// log
|
||||
|
|
|
@ -151,6 +151,8 @@ public interface PersistenceHandler {
|
|||
*
|
||||
* @param parameterMap
|
||||
* a map containing configuration properties
|
||||
* @param policyMap
|
||||
* map of policy key/policy class pairs
|
||||
*/
|
||||
public void initialize(Map<String, String> parameterMap);
|
||||
public void initialize(Map<String, String> parameterMap, Map<String, Class<PrivilegePolicy>> policyMap);
|
||||
}
|
||||
|
|
|
@ -36,7 +36,7 @@ import ch.eitchnet.privilege.policy.PrivilegePolicy;
|
|||
|
||||
/**
|
||||
* {@link PersistenceHandler} implementation which reads the configuration from XML files. These configuration is passed
|
||||
* in {@link #initialize(Map)}
|
||||
* in {@link #initialize(Map, Map)}
|
||||
*
|
||||
* @author rvonburg
|
||||
*/
|
||||
|
@ -49,11 +49,9 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
private Map<String, Privilege> privilegeMap;
|
||||
private Map<String, Class<PrivilegePolicy>> policyMap;
|
||||
|
||||
private long usersFileDate;
|
||||
private long modelsFileDate;
|
||||
private boolean userMapDirty;
|
||||
private long rolesFileDate;
|
||||
private boolean roleMapDirty;
|
||||
private long privilegesFileDate;
|
||||
private boolean privilegeMapDirty;
|
||||
|
||||
private Map<String, String> parameterMap;
|
||||
|
@ -171,87 +169,51 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
@Override
|
||||
public boolean persist() {
|
||||
|
||||
// USERS
|
||||
// get users file name
|
||||
String usersFileName = this.parameterMap.get(XmlConstants.XML_PARAM_USERS_FILE);
|
||||
if (usersFileName == null || usersFileName.isEmpty()) {
|
||||
// get models file name
|
||||
String modelFileName = this.parameterMap.get(XmlConstants.XML_PARAM_MODEL_FILE);
|
||||
if (modelFileName == null || modelFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_USERS_FILE + " is invalid");
|
||||
+ XmlConstants.XML_PARAM_MODEL_FILE + " is invalid");
|
||||
}
|
||||
// get users file
|
||||
File usersFile = new File(this.basePath + "/" + usersFileName);
|
||||
boolean usersFileUnchanged = usersFile.exists() && usersFile.lastModified() == this.usersFileDate;
|
||||
if (!this.userMapDirty && usersFileUnchanged) {
|
||||
logger.warn("No users unpersisted and user file unchanged on file system");
|
||||
} else {
|
||||
logger.info("Persisting users...");
|
||||
|
||||
// build XML DOM of users
|
||||
List<Element> users = toDomUsers();
|
||||
Element rootElement = DocumentFactory.getInstance().createElement(XmlConstants.XML_USERS);
|
||||
for (Element userElement : users) {
|
||||
rootElement.add(userElement);
|
||||
}
|
||||
|
||||
// write DOM to file
|
||||
XmlHelper.writeElement(rootElement, usersFile);
|
||||
this.userMapDirty = true;
|
||||
// get model file
|
||||
File modelFile = new File(this.basePath + "/" + modelFileName);
|
||||
boolean modelFileUnchanged = modelFile.exists() && modelFile.lastModified() == this.modelsFileDate;
|
||||
if (!(modelFileUnchanged && this.privilegeMapDirty && this.roleMapDirty && this.userMapDirty)) {
|
||||
logger.warn("Not persisting as current file is unchanged and model data is not dirty");
|
||||
return false;
|
||||
}
|
||||
|
||||
DocumentFactory docFactory = DocumentFactory.getInstance();
|
||||
|
||||
// create root element
|
||||
Element rootElement = docFactory.createElement(XmlConstants.XML_ROOT_PRIVILEGE_USERS_AND_ROLES);
|
||||
|
||||
// USERS
|
||||
// build XML DOM of users
|
||||
List<Element> users = toDomUsers();
|
||||
Element usersElement = docFactory.createElement(XmlConstants.XML_USERS);
|
||||
for (Element userElement : users) {
|
||||
usersElement.add(userElement);
|
||||
}
|
||||
rootElement.add(usersElement);
|
||||
|
||||
// ROLES
|
||||
// get roles file name
|
||||
String rolesFileName = this.parameterMap.get(XmlConstants.XML_PARAM_ROLES_FILE);
|
||||
if (rolesFileName == null || rolesFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_ROLES_FILE + " is invalid");
|
||||
}
|
||||
// get roles file
|
||||
File rolesFile = new File(this.basePath + "/" + rolesFileName);
|
||||
boolean rolesFileUnchanged = rolesFile.exists() && rolesFile.lastModified() == this.rolesFileDate;
|
||||
if (!this.roleMapDirty && rolesFileUnchanged) {
|
||||
logger.warn("No roles unpersisted and roles file unchanged on file system");
|
||||
} else {
|
||||
logger.info("Persisting roles...");
|
||||
|
||||
// build XML DOM of roles
|
||||
List<Element> roles = toDomRoles();
|
||||
Element rootElement = DocumentFactory.getInstance().createElement(XmlConstants.XML_ROLES);
|
||||
for (Element roleElement : roles) {
|
||||
rootElement.add(roleElement);
|
||||
}
|
||||
|
||||
// write DOM to file
|
||||
XmlHelper.writeElement(rootElement, rolesFile);
|
||||
this.roleMapDirty = true;
|
||||
// build XML DOM of roles
|
||||
List<Element> roles = toDomRoles();
|
||||
Element rolesElement = docFactory.createElement(XmlConstants.XML_ROLES);
|
||||
for (Element roleElement : roles) {
|
||||
rolesElement.add(roleElement);
|
||||
}
|
||||
rootElement.add(rolesElement);
|
||||
|
||||
// PRIVILEGES
|
||||
// get privileges file name
|
||||
String privilegesFileName = this.parameterMap.get(XmlConstants.XML_PARAM_PRIVILEGES_FILE);
|
||||
if (privilegesFileName == null || privilegesFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_PRIVILEGES_FILE + " is invalid");
|
||||
}
|
||||
// get privileges file
|
||||
File privilegesFile = new File(this.basePath + "/" + privilegesFileName);
|
||||
boolean privilegesFileUnchanged = privilegesFile.exists()
|
||||
&& privilegesFile.lastModified() == this.privilegesFileDate;
|
||||
if (!this.privilegeMapDirty && privilegesFileUnchanged) {
|
||||
logger.warn("No privileges unpersisted and privileges file unchanged on file system");
|
||||
} else {
|
||||
logger.info("Persisting privileges...");
|
||||
|
||||
// build XML DOM of privileges
|
||||
List<Element> privileges = toDomPrivileges();
|
||||
Element rootElement = DocumentFactory.getInstance().createElement(XmlConstants.XML_PRIVILEGES);
|
||||
for (Element privilegeElement : privileges) {
|
||||
rootElement.add(privilegeElement);
|
||||
}
|
||||
|
||||
// write DOM to file
|
||||
XmlHelper.writeElement(rootElement, privilegesFile);
|
||||
this.privilegeMapDirty = true;
|
||||
// build XML DOM of privileges
|
||||
List<Element> privileges = toDomPrivileges();
|
||||
Element privilegesElement = docFactory.createElement(XmlConstants.XML_PRIVILEGES);
|
||||
for (Element privilegeElement : privileges) {
|
||||
privilegesElement.add(privilegeElement);
|
||||
}
|
||||
rootElement.add(privilegesElement);
|
||||
|
||||
// reset dirty states and return if something was dirty, false otherwise
|
||||
if (this.userMapDirty || this.roleMapDirty || this.privilegeMapDirty) {
|
||||
|
@ -274,12 +236,12 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
* @see ch.eitchnet.privilege.handler.EncryptionHandler#initialize(java.util.Map)
|
||||
*/
|
||||
@Override
|
||||
public void initialize(Map<String, String> parameterMap) {
|
||||
public void initialize(Map<String, String> parameterMap, Map<String, Class<PrivilegePolicy>> policyMap) {
|
||||
|
||||
this.roleMap = Collections.synchronizedMap(new HashMap<String, Role>());
|
||||
this.userMap = Collections.synchronizedMap(new HashMap<String, User>());
|
||||
this.privilegeMap = Collections.synchronizedMap(new HashMap<String, Privilege>());
|
||||
this.policyMap = Collections.synchronizedMap(new HashMap<String, Class<PrivilegePolicy>>());
|
||||
this.policyMap = policyMap;
|
||||
|
||||
// get and validate base bath
|
||||
this.basePath = parameterMap.get(XmlConstants.XML_PARAM_BASE_PATH);
|
||||
|
@ -289,96 +251,42 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
+ XmlConstants.XML_PARAM_BASE_PATH + " is invalid");
|
||||
}
|
||||
|
||||
// get model file name
|
||||
String modelFileName = parameterMap.get(XmlConstants.XML_PARAM_MODEL_FILE);
|
||||
if (modelFileName == null || modelFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_MODEL_FILE + " is invalid");
|
||||
}
|
||||
|
||||
// validate file exists
|
||||
File modelsFile = new File(this.basePath + "/" + modelFileName);
|
||||
if (!modelsFile.exists()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_MODEL_FILE + " is invalid as models file does not exist at path "
|
||||
+ modelsFile.getAbsolutePath());
|
||||
}
|
||||
|
||||
// parse models xml file to XML document
|
||||
Element modelsRootElement = XmlHelper.parseDocument(modelsFile).getRootElement();
|
||||
this.modelsFileDate = modelsFile.lastModified();
|
||||
|
||||
// ROLES
|
||||
// get roles file name
|
||||
String rolesFileName = parameterMap.get(XmlConstants.XML_PARAM_ROLES_FILE);
|
||||
if (rolesFileName == null || rolesFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_ROLES_FILE + " is invalid");
|
||||
}
|
||||
|
||||
// get roles file
|
||||
File rolesFile = new File(this.basePath + "/" + rolesFileName);
|
||||
if (!rolesFile.exists()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_ROLES_FILE + " is invalid as roles file does not exist at path "
|
||||
+ rolesFile.getAbsolutePath());
|
||||
}
|
||||
|
||||
// parse roles xml file to XML document
|
||||
Element rolesRootElement = XmlHelper.parseDocument(rolesFile).getRootElement();
|
||||
|
||||
// get roles element
|
||||
Element rolesElement = modelsRootElement.element(XmlConstants.XML_ROLES);
|
||||
// read roles
|
||||
readRoles(rolesRootElement);
|
||||
this.rolesFileDate = rolesFile.lastModified();
|
||||
readRoles(rolesElement);
|
||||
|
||||
// USERS
|
||||
// get users file name
|
||||
String usersFileName = parameterMap.get(XmlConstants.XML_PARAM_USERS_FILE);
|
||||
if (usersFileName == null || usersFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_USERS_FILE + " is invalid");
|
||||
}
|
||||
|
||||
// get users file
|
||||
File usersFile = new File(this.basePath + "/" + usersFileName);
|
||||
if (!usersFile.exists()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_USERS_FILE + " is invalid as users file does not exist at path "
|
||||
+ usersFile.getAbsolutePath());
|
||||
}
|
||||
|
||||
// parse users xml file to XML document
|
||||
Element usersRootElement = XmlHelper.parseDocument(usersFile).getRootElement();
|
||||
|
||||
// get users element
|
||||
Element usersElement = modelsRootElement.element(XmlConstants.XML_USERS);
|
||||
// read users
|
||||
readUsers(usersRootElement);
|
||||
this.usersFileDate = usersFile.lastModified();
|
||||
readUsers(usersElement);
|
||||
|
||||
// PRIVILEGES
|
||||
// get privileges file name
|
||||
String privilegesFileName = parameterMap.get(XmlConstants.XML_PARAM_PRIVILEGES_FILE);
|
||||
if (privilegesFileName == null || privilegesFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_PRIVILEGES_FILE + " is invalid");
|
||||
}
|
||||
|
||||
// get privileges file
|
||||
File privilegesFile = new File(this.basePath + "/" + privilegesFileName);
|
||||
if (!privilegesFile.exists()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_PRIVILEGES_FILE + " is invalid as privileges file does not exist at path "
|
||||
+ privilegesFile.getAbsolutePath());
|
||||
}
|
||||
|
||||
// parse privileges xml file to XML document
|
||||
Element privilegesRootElement = XmlHelper.parseDocument(privilegesFile).getRootElement();
|
||||
|
||||
// get privileges element
|
||||
Element privilegesElement = modelsRootElement.element(XmlConstants.XML_PRIVILEGES);
|
||||
// read privileges
|
||||
readPrivileges(privilegesRootElement);
|
||||
this.privilegesFileDate = privilegesFile.lastModified();
|
||||
|
||||
// POLICIES
|
||||
// get policy file name
|
||||
String policyFileName = parameterMap.get(XmlConstants.XML_PARAM_POLICY_FILE);
|
||||
if (policyFileName == null || policyFileName.isEmpty()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_POLICY_FILE + " is invalid");
|
||||
}
|
||||
|
||||
// get policy file
|
||||
File policyFile = new File(this.basePath + "/" + policyFileName);
|
||||
if (!policyFile.exists()) {
|
||||
throw new PrivilegeException("[" + PersistenceHandler.class.getName() + "] Defined parameter "
|
||||
+ XmlConstants.XML_PARAM_POLICY_FILE + " is invalid as policy file does not exist at path "
|
||||
+ policyFile.getAbsolutePath());
|
||||
}
|
||||
|
||||
// parse policy xml file to XML document
|
||||
Element policiesRootElement = XmlHelper.parseDocument(policyFile).getRootElement();
|
||||
|
||||
// read policies
|
||||
readPolicies(policiesRootElement);
|
||||
readPrivileges(privilegesElement);
|
||||
|
||||
this.userMapDirty = false;
|
||||
this.roleMapDirty = false;
|
||||
|
@ -397,8 +305,10 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (!privilegeAdminExists) {
|
||||
logger.warn("No User with PrivilegeAdmin role exists. Privilege modifications will not be possible!");
|
||||
logger.warn("No User with role '" + PrivilegeHandler.PRIVILEGE_ADMIN_ROLE
|
||||
+ "' exists. Privilege modifications will not be possible!");
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -441,6 +351,7 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
// create user
|
||||
User user = new User(userId, username, password, firstname, surname, userState,
|
||||
Collections.unmodifiableSet(roles), locale);
|
||||
logger.info("Added user " + user);
|
||||
|
||||
// put user in map
|
||||
this.userMap.put(username, user);
|
||||
|
@ -516,23 +427,6 @@ public class XmlPersistenceHandler implements PersistenceHandler {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param policiesRootElement
|
||||
*/
|
||||
private void readPolicies(Element policiesRootElement) {
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
List<Element> policyElements = policiesRootElement.elements(XmlConstants.XML_POLICY);
|
||||
for (Element policyElement : policyElements) {
|
||||
String policyName = policyElement.attributeValue(XmlConstants.XML_ATTR_NAME);
|
||||
String policyClass = policyElement.attributeValue(XmlConstants.XML_ATTR_CLASS);
|
||||
|
||||
Class<PrivilegePolicy> clazz = ClassHelper.loadClass(policyClass);
|
||||
|
||||
this.policyMap.put(policyName, clazz);
|
||||
}
|
||||
}
|
||||
|
||||
private List<Element> toDomPrivileges() {
|
||||
|
||||
List<Element> privilegesAsElements = new ArrayList<Element>(this.privilegeMap.size());
|
||||
|
|
|
@ -46,17 +46,13 @@ public class BootstrapConfigurationHelper {
|
|||
|
||||
private static String path;
|
||||
|
||||
private static String defaultPrivilegeContainerXmlFile = "PrivilegeContainer.xml";
|
||||
private static String defaultPrivilegeContainerXmlFile = "Privilege.xml";
|
||||
|
||||
private static String usersFileName = "PrivilegeUsers.xml";
|
||||
private static String rolesFileName = "PrivilegeRoles.xml";
|
||||
private static String privilegesFileName = "Privileges.xml";
|
||||
private static String basePath = "";
|
||||
private static String modelFileName = "PrivilegeUsers.xml";
|
||||
|
||||
private static String hashAlgorithm = "SHA-256";
|
||||
|
||||
private static String policyXmlFile = "PrivilegePolicies.xml";
|
||||
|
||||
private static String defaultPrivilegeHandler = "ch.eitchnet.privilege.handler.DefaultPrivilegeHandler";
|
||||
private static String defaultPersistenceHandler = "ch.eitchnet.privilege.handler.DefaultPersistenceHandler";
|
||||
private static String defaultEncryptionHandler = "ch.eitchnet.privilege.handler.DefaultEncryptionHandler";
|
||||
|
||||
|
@ -116,48 +112,35 @@ public class BootstrapConfigurationHelper {
|
|||
// create document root
|
||||
DocumentFactory factory = DocumentFactory.getInstance();
|
||||
Document doc = factory.createDocument(XmlHelper.DEFAULT_ENCODING);
|
||||
doc.setName(XmlConstants.XML_ROOT_PRIVILEGE_CONTAINER);
|
||||
Element rootElement = factory.createElement(XmlConstants.XML_ROOT_PRIVILEGE_CONTAINER);
|
||||
doc.setName(XmlConstants.XML_ROOT_PRIVILEGE);
|
||||
Element rootElement = factory.createElement(XmlConstants.XML_ROOT_PRIVILEGE);
|
||||
doc.setRootElement(rootElement);
|
||||
|
||||
Element containerElement = factory.createElement(XmlConstants.XML_CONTAINER);
|
||||
|
||||
Element parameterElement;
|
||||
Element parametersElement;
|
||||
|
||||
// create PersistenceHandler
|
||||
Element persistenceHandlerElem = factory.createElement(XmlConstants.XML_HANDLER_PERSISTENCE);
|
||||
rootElement.add(persistenceHandlerElem);
|
||||
containerElement.add(persistenceHandlerElem);
|
||||
persistenceHandlerElem.addAttribute(XmlConstants.XML_ATTR_CLASS, defaultPersistenceHandler);
|
||||
parametersElement = factory.createElement(XmlConstants.XML_PARAMETERS);
|
||||
persistenceHandlerElem.add(parametersElement);
|
||||
// Parameter usersXmlFile
|
||||
// Parameter basePath
|
||||
parameterElement = factory.createElement(XmlConstants.XML_PARAMETER);
|
||||
parameterElement.addAttribute(XmlConstants.XML_ATTR_NAME, XmlConstants.XML_PARAM_USERS_FILE);
|
||||
parameterElement.addAttribute(XmlConstants.XML_ATTR_VALUE, usersFileName);
|
||||
parameterElement.addAttribute(XmlConstants.XML_ATTR_NAME, XmlConstants.XML_PARAM_BASE_PATH);
|
||||
parameterElement.addAttribute(XmlConstants.XML_ATTR_VALUE, basePath);
|
||||
parametersElement.add(parameterElement);
|
||||
// Parameter rolesXmlFile
|
||||
// Parameter modelXmlFile
|
||||
parameterElement = factory.createElement(XmlConstants.XML_PARAMETER);
|
||||
parameterElement.addAttribute(XmlConstants.XML_ATTR_NAME, XmlConstants.XML_PARAM_ROLES_FILE);
|
||||
parameterElement.addAttribute(XmlConstants.XML_ATTR_VALUE, rolesFileName);
|
||||
parameterElement.addAttribute(XmlConstants.XML_ATTR_NAME, XmlConstants.XML_PARAM_MODEL_FILE);
|
||||
parameterElement.addAttribute(XmlConstants.XML_ATTR_VALUE, modelFileName);
|
||||
parametersElement.add(parameterElement);
|
||||
// Parameter privilegesXmlFile
|
||||
parameterElement = factory.createElement(XmlConstants.XML_PARAMETER);
|
||||
parameterElement.addAttribute(XmlConstants.XML_ATTR_NAME, XmlConstants.XML_PARAM_PRIVILEGES_FILE);
|
||||
parameterElement.addAttribute(XmlConstants.XML_ATTR_VALUE, privilegesFileName);
|
||||
parametersElement.add(parameterElement);
|
||||
// Parameter policyXmlFile
|
||||
parameterElement = factory.createElement(XmlConstants.XML_PARAMETER);
|
||||
parameterElement.addAttribute(XmlConstants.XML_ATTR_NAME, XmlConstants.XML_PARAM_POLICY_FILE);
|
||||
parameterElement.addAttribute(XmlConstants.XML_ATTR_VALUE, policyXmlFile);
|
||||
parametersElement.add(parameterElement);
|
||||
|
||||
// create PrivilegeHandler
|
||||
Element privilegeHandlerElem = factory.createElement(XmlConstants.XML_HANDLER_PRIVILEGE);
|
||||
rootElement.add(privilegeHandlerElem);
|
||||
privilegeHandlerElem.addAttribute(XmlConstants.XML_ATTR_CLASS, defaultPrivilegeHandler);
|
||||
|
||||
// create EncryptionHandler
|
||||
Element encryptionHandlerElem = factory.createElement(XmlConstants.XML_HANDLER_ENCRYPTION);
|
||||
rootElement.add(encryptionHandlerElem);
|
||||
containerElement.add(encryptionHandlerElem);
|
||||
encryptionHandlerElem.addAttribute(XmlConstants.XML_ATTR_CLASS, defaultEncryptionHandler);
|
||||
parametersElement = factory.createElement(XmlConstants.XML_PARAMETERS);
|
||||
encryptionHandlerElem.add(parametersElement);
|
||||
|
|
|
@ -18,10 +18,12 @@ import java.util.Map;
|
|||
import org.apache.log4j.Logger;
|
||||
import org.dom4j.Element;
|
||||
|
||||
import ch.eitchnet.privilege.handler.DefaultPrivilegeHandler;
|
||||
import ch.eitchnet.privilege.handler.EncryptionHandler;
|
||||
import ch.eitchnet.privilege.handler.PersistenceHandler;
|
||||
import ch.eitchnet.privilege.handler.PrivilegeHandler;
|
||||
import ch.eitchnet.privilege.i18n.PrivilegeException;
|
||||
import ch.eitchnet.privilege.policy.PrivilegePolicy;
|
||||
|
||||
/**
|
||||
* This class implements the initializing of the {@link PrivilegeHandler} by loading an XML file containing the
|
||||
|
@ -36,36 +38,38 @@ public class InitializationHelper {
|
|||
/**
|
||||
* Initializes the {@link PrivilegeHandler} from the configuration file
|
||||
*
|
||||
* @param privilegeContainerXmlFile
|
||||
* @param privilegeXmlFile
|
||||
* a {@link File} reference to the XML file containing the configuration for Privilege
|
||||
*
|
||||
* @return the {@link PrivilegeHandler} instance loaded from the configuration file
|
||||
*/
|
||||
public static PrivilegeHandler initializeFromXml(File privilegeContainerXmlFile) {
|
||||
public static PrivilegeHandler initializeFromXml(File privilegeXmlFile) {
|
||||
|
||||
// make sure file exists
|
||||
if (!privilegeContainerXmlFile.exists()) {
|
||||
throw new PrivilegeException("Privilige file does not exist at path "
|
||||
+ privilegeContainerXmlFile.getAbsolutePath());
|
||||
if (!privilegeXmlFile.exists()) {
|
||||
throw new PrivilegeException("Privilege file does not exist at path " + privilegeXmlFile.getAbsolutePath());
|
||||
}
|
||||
|
||||
// parse container xml file to XML document
|
||||
Element containerRootElement = XmlHelper.parseDocument(privilegeContainerXmlFile).getRootElement();
|
||||
Element rootElement = XmlHelper.parseDocument(privilegeXmlFile).getRootElement();
|
||||
Element containerElement = rootElement.element(XmlConstants.XML_CONTAINER);
|
||||
|
||||
// instantiate encryption handler
|
||||
Element encryptionHandlerElement = containerRootElement.element(XmlConstants.XML_HANDLER_ENCRYPTION);
|
||||
Element encryptionHandlerElement = containerElement.element(XmlConstants.XML_HANDLER_ENCRYPTION);
|
||||
String encryptionHandlerClassName = encryptionHandlerElement.attributeValue(XmlConstants.XML_ATTR_CLASS);
|
||||
EncryptionHandler encryptionHandler = ClassHelper.instantiateClass(encryptionHandlerClassName);
|
||||
|
||||
// instantiate persistence handler
|
||||
Element persistenceHandlerElement = containerRootElement.element(XmlConstants.XML_HANDLER_PERSISTENCE);
|
||||
Element persistenceHandlerElement = containerElement.element(XmlConstants.XML_HANDLER_PERSISTENCE);
|
||||
String persistenceHandlerClassName = persistenceHandlerElement.attributeValue(XmlConstants.XML_ATTR_CLASS);
|
||||
PersistenceHandler persistenceHandler = ClassHelper.instantiateClass(persistenceHandlerClassName);
|
||||
|
||||
// instantiate privilege handler
|
||||
Element privilegeHandlerElement = containerRootElement.element(XmlConstants.XML_HANDLER_PRIVILEGE);
|
||||
String privilegeHandlerClassName = privilegeHandlerElement.attributeValue(XmlConstants.XML_ATTR_CLASS);
|
||||
PrivilegeHandler privilegeHandler = ClassHelper.instantiateClass(privilegeHandlerClassName);
|
||||
PrivilegeHandler privilegeHandler = new DefaultPrivilegeHandler();
|
||||
|
||||
// get policies
|
||||
Element policiesElement = rootElement.element(XmlConstants.XML_POLICIES);
|
||||
Map<String, Class<PrivilegePolicy>> policyMap = convertToPolicyMap(policiesElement);
|
||||
|
||||
try {
|
||||
|
||||
|
@ -89,7 +93,7 @@ public class InitializationHelper {
|
|||
Map<String, String> parameterMap = convertToParameterMap(parameterElement);
|
||||
|
||||
// initialize persistence handler
|
||||
persistenceHandler.initialize(parameterMap);
|
||||
persistenceHandler.initialize(parameterMap, policyMap);
|
||||
|
||||
} catch (Exception e) {
|
||||
logger.error(e, e);
|
||||
|
@ -100,7 +104,7 @@ public class InitializationHelper {
|
|||
try {
|
||||
|
||||
// get parameters
|
||||
Element parameterElement = privilegeHandlerElement.element(XmlConstants.XML_PARAMETERS);
|
||||
Element parameterElement = containerElement.element(XmlConstants.XML_PARAMETERS);
|
||||
Map<String, String> parameterMap = convertToParameterMap(parameterElement);
|
||||
|
||||
// initialize privilege handler
|
||||
|
@ -108,7 +112,8 @@ public class InitializationHelper {
|
|||
|
||||
} catch (Exception e) {
|
||||
logger.error(e, e);
|
||||
throw new PrivilegeException("PrivilegeHandler " + privilegeHandlerClassName + " could not be initialized");
|
||||
throw new PrivilegeException("PrivilegeHandler " + privilegeHandler.getClass().getName()
|
||||
+ " could not be initialized");
|
||||
}
|
||||
|
||||
return privilegeHandler;
|
||||
|
@ -147,4 +152,37 @@ public class InitializationHelper {
|
|||
|
||||
return parameterMap;
|
||||
}
|
||||
|
||||
/**
|
||||
* Converts an {@link XmlConstants#XML_POLICIES} element containing {@link XmlConstants#XML_POLICY} elements to a
|
||||
* {@link Map} of String/Class pairs
|
||||
*
|
||||
* @param element
|
||||
* the XML {@link Element} with name {@link XmlConstants#XML_POLICIES} containing
|
||||
* {@link XmlConstants#XML_POLICY} elements
|
||||
*
|
||||
* @return the {@link Map} of the policy name/class combinations from the given {@link Element}
|
||||
*/
|
||||
@SuppressWarnings("unchecked")
|
||||
public static Map<String, Class<PrivilegePolicy>> convertToPolicyMap(Element element) {
|
||||
|
||||
Map<String, Class<PrivilegePolicy>> policyMap = new HashMap<String, Class<PrivilegePolicy>>();
|
||||
|
||||
List<Element> policyElements = element.elements(XmlConstants.XML_POLICY);
|
||||
for (Element policyElement : policyElements) {
|
||||
String policyName = policyElement.attributeValue(XmlConstants.XML_ATTR_NAME);
|
||||
String policyClass = policyElement.attributeValue(XmlConstants.XML_ATTR_CLASS);
|
||||
|
||||
Class<PrivilegePolicy> clazz;
|
||||
try {
|
||||
clazz = ClassHelper.loadClass(policyClass);
|
||||
} catch (PrivilegeException e) {
|
||||
throw new PrivilegeException("The Policy with name " + policyName + " does not exist", e);
|
||||
}
|
||||
|
||||
policyMap.put(policyName, clazz);
|
||||
}
|
||||
|
||||
return policyMap;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -19,32 +19,38 @@ public class XmlConstants {
|
|||
/**
|
||||
* XML_ROOT_PRIVILEGE_CONTAINER = "PrivilegeContainer" :
|
||||
*/
|
||||
public static final String XML_ROOT_PRIVILEGE_CONTAINER = "PrivilegeContainer";
|
||||
public static final String XML_ROOT_PRIVILEGE = "Privilege";
|
||||
|
||||
/**
|
||||
* XML_ROOT_PRIVILEGE_ROLES = "PrivilegeRoles" :
|
||||
* XML_CONTAINER = "Container" :
|
||||
*/
|
||||
public static final String XML_ROOT_PRIVILEGE_ROLES = "PrivilegeRoles";
|
||||
public static final String XML_CONTAINER = "Container";
|
||||
|
||||
/**
|
||||
* XML_ROOT_PRIVILEGES = "Privileges" :
|
||||
* XML_POLICIES = "Policies" :
|
||||
*/
|
||||
public static final String XML_ROOT_PRIVILEGES = "Privileges";
|
||||
public static final String XML_POLICIES = "Policies";
|
||||
|
||||
/**
|
||||
* XML_ROOT_PRIVILEGE_USERS = "PrivilegesUsers" :
|
||||
* XML_PRIVILEGES = "Privileges" :
|
||||
*/
|
||||
public static final String XML_ROOT_PRIVILEGE_USERS = "PrivilegesUsers";
|
||||
public static final String XML_PRIVILEGES = "Privileges";
|
||||
|
||||
/**
|
||||
* XML_ROOT_PRIVILEGE_POLICIES = "PrivilegePolicies" :
|
||||
* XML_ROOT_PRIVILEGE_USERS_AND_ROLES = "UsersAndRoles" :
|
||||
*/
|
||||
public static final String XML_ROOT_PRIVILEGE_POLICIES = "PrivilegePolicies";
|
||||
public static final String XML_ROOT_PRIVILEGE_USERS_AND_ROLES = "UsersAndRoles";
|
||||
|
||||
/**
|
||||
* XML_HANDLER_PERSISTENCE = "PersistenceHandler" :
|
||||
*/
|
||||
public static final String XML_HANDLER_PERSISTENCE = "PersistenceHandler";
|
||||
|
||||
/**
|
||||
* XML_HANDLER_ENCRYPTION = "EncryptionHandler" :
|
||||
*/
|
||||
public static final String XML_HANDLER_ENCRYPTION = "EncryptionHandler";
|
||||
|
||||
/**
|
||||
* XML_HANDLER_PRIVILEGE = "PrivilegeHandler" :
|
||||
*/
|
||||
|
@ -54,62 +60,72 @@ public class XmlConstants {
|
|||
* XML_ROLES = "Roles" :
|
||||
*/
|
||||
public static final String XML_ROLES = "Roles";
|
||||
|
||||
/**
|
||||
* XML_ROLE = "Role" :
|
||||
*/
|
||||
public static final String XML_ROLE = "Role";
|
||||
|
||||
/**
|
||||
* XML_USERS = "Users" :
|
||||
*/
|
||||
public static final String XML_USERS = "Users";
|
||||
|
||||
/**
|
||||
* XML_USER = "User"
|
||||
*/
|
||||
public static final String XML_USER = "User";
|
||||
/**
|
||||
* XML_PRIVILEGES = "Privileges" :
|
||||
*/
|
||||
public static final String XML_PRIVILEGES = "Privileges";
|
||||
|
||||
/**
|
||||
* XML_PRIVILEGE = "Privilege" :
|
||||
*/
|
||||
public static final String XML_PRIVILEGE = "Privilege";
|
||||
|
||||
/**
|
||||
* XML_POLICY = "Policy" :
|
||||
*/
|
||||
public static final String XML_POLICY = "Policy";
|
||||
|
||||
/**
|
||||
* XML_PARAMETERS = "Parameters" :
|
||||
*/
|
||||
public static final String XML_PARAMETERS = "Parameters";
|
||||
|
||||
/**
|
||||
* XML_PARAMETER = "Parameter" :
|
||||
*/
|
||||
public static final String XML_PARAMETER = "Parameter";
|
||||
|
||||
/**
|
||||
* XML_ALL_ALLOWED = "AllAllowed" :
|
||||
*/
|
||||
public static final String XML_ALL_ALLOWED = "AllAllowed";
|
||||
|
||||
/**
|
||||
* XML_DENY = "Deny" :
|
||||
*/
|
||||
public static final String XML_DENY = "Deny";
|
||||
|
||||
/**
|
||||
* XML_ALLOW = "Allow" :
|
||||
*/
|
||||
public static final String XML_ALLOW = "Allow";
|
||||
|
||||
/**
|
||||
* XML_FIRSTNAME = "Firstname" :
|
||||
*/
|
||||
public static final String XML_FIRSTNAME = "Firstname";
|
||||
|
||||
/**
|
||||
* XML_SURNAME = "Surname" :
|
||||
*/
|
||||
public static final String XML_SURNAME = "Surname";
|
||||
|
||||
/**
|
||||
* XML_STATE = "State" :
|
||||
*/
|
||||
public static final String XML_STATE = "State";
|
||||
|
||||
/**
|
||||
* XML_LOCALE = "Locale" :
|
||||
*/
|
||||
|
@ -119,26 +135,32 @@ public class XmlConstants {
|
|||
* XML_ATTR_CLASS = "class" :
|
||||
*/
|
||||
public static final String XML_ATTR_CLASS = "class";
|
||||
|
||||
/**
|
||||
* XML_ATTR_NAME = "name" :
|
||||
*/
|
||||
public static final String XML_ATTR_NAME = "name";
|
||||
|
||||
/**
|
||||
* XML_ATTR_VALUE = "value" :
|
||||
*/
|
||||
public static final String XML_ATTR_VALUE = "value";
|
||||
|
||||
/**
|
||||
* XML_ATTR_POLICY = "policy" :
|
||||
*/
|
||||
public static final String XML_ATTR_POLICY = "policy";
|
||||
|
||||
/**
|
||||
* XML_ATTR_USER_ID = "userId" :
|
||||
*/
|
||||
public static final String XML_ATTR_USER_ID = "userId";
|
||||
|
||||
/**
|
||||
* XML_ATTR_USERNAME = "username" :
|
||||
*/
|
||||
public static final String XML_ATTR_USERNAME = "username";
|
||||
|
||||
/**
|
||||
* XML_ATTR_PASSWORD = "password" :
|
||||
*/
|
||||
|
@ -148,22 +170,12 @@ public class XmlConstants {
|
|||
* XML_PARAM_HASH_ALGORITHM = "hashAlgorithm" :
|
||||
*/
|
||||
public static final String XML_PARAM_HASH_ALGORITHM = "hashAlgorithm";
|
||||
|
||||
/**
|
||||
* XML_PARAM_POLICY_FILE = "policyXmlFile" :
|
||||
* XML_PARAM_MODEL_FILE = "modelXmlFile" :
|
||||
*/
|
||||
public static final String XML_PARAM_POLICY_FILE = "policyXmlFile";
|
||||
/**
|
||||
* XML_PARAM_ROLES_FILE = "rolesXmlFile" :
|
||||
*/
|
||||
public static final String XML_PARAM_ROLES_FILE = "rolesXmlFile";
|
||||
/**
|
||||
* XML_PARAM_USERS_FILE = "usersXmlFile" :
|
||||
*/
|
||||
public static final String XML_PARAM_USERS_FILE = "usersXmlFile";
|
||||
/**
|
||||
* XML_PARAM_PRIVILEGES_FILE = "privilegesXmlFile" :
|
||||
*/
|
||||
public static final String XML_PARAM_PRIVILEGES_FILE = "privilegesXmlFile";
|
||||
public static final String XML_PARAM_MODEL_FILE = "modelXmlFile";
|
||||
|
||||
/**
|
||||
* XML_PARAM_BASE_PATH = "basePath" :
|
||||
*/
|
||||
|
|
|
@ -15,6 +15,7 @@ import java.util.HashSet;
|
|||
import java.util.Set;
|
||||
|
||||
import ch.eitchnet.privilege.handler.PrivilegeHandler;
|
||||
import ch.eitchnet.privilege.i18n.PrivilegeException;
|
||||
import ch.eitchnet.privilege.model.PrivilegeRep;
|
||||
import ch.eitchnet.privilege.model.Restrictable;
|
||||
import ch.eitchnet.privilege.policy.PrivilegePolicy;
|
||||
|
@ -30,7 +31,10 @@ import ch.eitchnet.privilege.policy.PrivilegePolicy;
|
|||
* {@link Privilege}s have allow and deny rules which the configured {@link PrivilegeHandler} uses to
|
||||
* </p>
|
||||
*
|
||||
* <p>Note: This is an internal object which is not to be serialized or passed to clients, {@link PrivilegeRep}s are used for that</p>
|
||||
* <p>
|
||||
* Note: This is an internal object which is not to be serialized or passed to clients, {@link PrivilegeRep}s are used
|
||||
* for that
|
||||
* </p>
|
||||
*
|
||||
* @author rvonburg
|
||||
*/
|
||||
|
@ -58,6 +62,20 @@ public final class Privilege {
|
|||
* a list of allow rules for this {@link Privilege}
|
||||
*/
|
||||
public Privilege(String name, String policy, boolean allAllowed, Set<String> denyList, Set<String> allowList) {
|
||||
|
||||
if (name == null || name.isEmpty()) {
|
||||
throw new PrivilegeException("No name defined!");
|
||||
}
|
||||
if (policy == null || policy.isEmpty()) {
|
||||
throw new PrivilegeException("No policy defined!");
|
||||
}
|
||||
if (denyList == null) {
|
||||
throw new PrivilegeException("No denyList defined!");
|
||||
}
|
||||
if (allowList == null) {
|
||||
throw new PrivilegeException("No allowList defined!");
|
||||
}
|
||||
|
||||
this.name = name;
|
||||
this.policy = policy;
|
||||
this.allAllowed = allAllowed;
|
||||
|
|
|
@ -14,6 +14,7 @@ import java.util.Collections;
|
|||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
import ch.eitchnet.privilege.i18n.PrivilegeException;
|
||||
import ch.eitchnet.privilege.model.RoleRep;
|
||||
|
||||
/**
|
||||
|
@ -43,6 +44,14 @@ public final class Role {
|
|||
* a set of names of privileges granted to this role
|
||||
*/
|
||||
public Role(String name, Set<String> privileges) {
|
||||
|
||||
if (name == null || name.isEmpty()) {
|
||||
throw new PrivilegeException("No name defined!");
|
||||
}
|
||||
if (privileges == null) {
|
||||
throw new PrivilegeException("No privileges defined!");
|
||||
}
|
||||
|
||||
this.name = name;
|
||||
this.privileges = Collections.unmodifiableSet(privileges);
|
||||
}
|
||||
|
|
|
@ -11,6 +11,7 @@
|
|||
package ch.eitchnet.privilege.model.internal;
|
||||
|
||||
import ch.eitchnet.privilege.handler.PrivilegeHandler;
|
||||
import ch.eitchnet.privilege.i18n.PrivilegeException;
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
|
||||
/**
|
||||
|
@ -59,6 +60,20 @@ public final class Session {
|
|||
* the time the user logged in
|
||||
*/
|
||||
public Session(String sessionId, String username, String authToken, String authPassword, long loginTime) {
|
||||
|
||||
if (sessionId == null || sessionId.isEmpty()) {
|
||||
throw new PrivilegeException("No sessionId defined!");
|
||||
}
|
||||
if (username == null || username.isEmpty()) {
|
||||
throw new PrivilegeException("No username defined!");
|
||||
}
|
||||
if (authToken == null || authToken.isEmpty()) {
|
||||
throw new PrivilegeException("No authToken defined!");
|
||||
}
|
||||
if (authPassword == null || authPassword.isEmpty()) {
|
||||
throw new PrivilegeException("No authPassword defined!");
|
||||
}
|
||||
|
||||
this.sessionId = sessionId;
|
||||
this.username = username;
|
||||
this.authToken = authToken;
|
||||
|
|
|
@ -15,6 +15,7 @@ import java.util.HashSet;
|
|||
import java.util.Locale;
|
||||
import java.util.Set;
|
||||
|
||||
import ch.eitchnet.privilege.i18n.PrivilegeException;
|
||||
import ch.eitchnet.privilege.model.UserRep;
|
||||
import ch.eitchnet.privilege.model.UserState;
|
||||
|
||||
|
@ -69,6 +70,29 @@ public final class User {
|
|||
public User(String userId, String username, String password, String firstname, String surname, UserState userState,
|
||||
Set<String> roles, Locale locale) {
|
||||
|
||||
if (userId == null || userId.isEmpty()) {
|
||||
throw new PrivilegeException("No UserId defined!");
|
||||
}
|
||||
if (username == null || username.isEmpty()) {
|
||||
throw new PrivilegeException("No username defined!");
|
||||
}
|
||||
|
||||
// password may be null, meaning not able to login
|
||||
|
||||
if (firstname == null || firstname.isEmpty()) {
|
||||
throw new PrivilegeException("No firstname defined!");
|
||||
}
|
||||
if (surname == null || surname.isEmpty()) {
|
||||
throw new PrivilegeException("No surname defined!");
|
||||
}
|
||||
if (userState == null) {
|
||||
throw new PrivilegeException("No userState defined!");
|
||||
}
|
||||
|
||||
// roles may be null, meaning not able to login and must be added later
|
||||
|
||||
// local may be null, meaning use system default
|
||||
|
||||
this.userId = userId;
|
||||
|
||||
this.username = username;
|
||||
|
|
|
@ -55,7 +55,7 @@ public class PrivilegeTest {
|
|||
|
||||
// initialize container
|
||||
String pwd = System.getProperty("user.dir");
|
||||
File privilegeContainerXmlFile = new File(pwd + "/config/PrivilegeContainer.xml");
|
||||
File privilegeContainerXmlFile = new File(pwd + "/config/Privilege.xml");
|
||||
privilegeHandler = InitializationHelper.initializeFromXml(privilegeContainerXmlFile);
|
||||
} catch (Exception e) {
|
||||
logger.error(e, e);
|
||||
|
|
Loading…
Reference in New Issue