Example 1 with ResponseCode
use of edu.umass.cs.gnscommon.ResponseCode in project GNS by MobilityFirst.
the class Select method aclCheckFilterFields.
/**
* This filters individual fields if the cannot be accessed by the reader.
*
* @param packet
* @param records
* @param reader
* @param app
* @return
*/
private static JSONArray aclCheckFilterFields(SelectRequestPacket packet, JSONArray records, String reader, GNSApplicationInterface<String> app) {
for (int i = 0; i < records.length(); i++) {
try {
JSONObject record = records.getJSONObject(i);
String guid = record.getString(NameRecord.NAME.getName());
// Look at the keys in the values map
JSONObject valuesMap = record.getJSONObject(NameRecord.VALUES_MAP.getName());
Iterator<?> keys = valuesMap.keys();
while (keys.hasNext()) {
String field = (String) keys.next();
if (!InternalField.isInternalField(field)) {
LOGGER.log(Level.FINE, "{0} Checking: {1}", new Object[] { app.getNodeID(), field });
ResponseCode responseCode = NSAuthentication.signatureAndACLCheck(null, guid, field, null, reader, null, null, MetaDataTypeName.READ_WHITELIST, app, true);
if (!responseCode.isOKResult()) {
LOGGER.log(Level.FINE, "{0} Removing: {1}", new Object[] { app.getNodeID(), field });
// removing the offending field
keys.remove();
}
}
}
} catch (JSONException | InvalidKeyException | InvalidKeySpecException | SignatureException | NoSuchAlgorithmException | FailedDBOperationException | UnsupportedEncodingException e) {
// ignore json errros
LOGGER.log(Level.FINE, "{0} Problem getting guid from json: {1}", new Object[] { app.getNodeID(), e.getMessage() });
}
}
return records;
}
Also used :
ResponseCode(edu.umass.cs.gnscommon.ResponseCode)
JSONException(org.json.JSONException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
SignatureException(java.security.SignatureException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
FailedDBOperationException(edu.umass.cs.gnscommon.exceptions.server.FailedDBOperationException)
JSONObject(org.json.JSONObject)
JSONObject(org.json.JSONObject)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
Example 2 with ResponseCode
use of edu.umass.cs.gnscommon.ResponseCode in project GNS by MobilityFirst.
the class Select method aclCheckFilterForRecordsArray.
/**
* This filters entire records if the query uses fields that cannot be accessed in the
* returned record by the reader. Otherwise the user would be able to determine that
* some GUIDS contain specific values for fields they can't access.
*
* @param packet
* @param records
* @param reader
* @param app
* @return
*/
private static JSONArray aclCheckFilterForRecordsArray(SelectRequestPacket packet, JSONArray records, String reader, GNSApplicationInterface<String> app) {
JSONArray result = new JSONArray();
for (int i = 0; i < records.length(); i++) {
try {
JSONObject record = records.getJSONObject(i);
String guid = record.getString(NameRecord.NAME.getName());
List<String> queryFields = getFieldsForQueryType(packet);
ResponseCode responseCode = NSAuthentication.signatureAndACLCheck(null, guid, null, queryFields, reader, null, null, MetaDataTypeName.READ_WHITELIST, app, true);
LOGGER.log(Level.FINE, "{0} ACL check for select: guid={0} queryFields={1} responsecode={2}", new Object[] { app.getNodeID(), guid, queryFields, responseCode });
if (responseCode.isOKResult()) {
result.put(record);
}
} catch (JSONException | InvalidKeyException | InvalidKeySpecException | SignatureException | NoSuchAlgorithmException | FailedDBOperationException | UnsupportedEncodingException e) {
// ignore json errros
LOGGER.log(Level.FINE, "{0} Problem getting guid from json: {1}", new Object[] { app.getNodeID(), e.getMessage() });
}
}
return result;
}
Also used :
ResponseCode(edu.umass.cs.gnscommon.ResponseCode)
JSONArray(org.json.JSONArray)
JSONException(org.json.JSONException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
SignatureException(java.security.SignatureException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
FailedDBOperationException(edu.umass.cs.gnscommon.exceptions.server.FailedDBOperationException)
JSONObject(org.json.JSONObject)
JSONObject(org.json.JSONObject)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
Example 3 with ResponseCode
use of edu.umass.cs.gnscommon.ResponseCode in project GNS by MobilityFirst.
the class AclAdd method execute.
@Override
public CommandResponse execute(InternalRequestHeader header, CommandPacket commandPacket, ClientRequestHandlerInterface handler) throws InvalidKeyException, InvalidKeySpecException, JSONException, NoSuchAlgorithmException, SignatureException, ParseException {
JSONObject json = commandPacket.getCommand();
String guid = json.getString(GNSProtocol.GUID.toString());
String field = json.getString(GNSProtocol.FIELD.toString());
// The guid that wants to access this field
String accesser = json.getString(GNSProtocol.ACCESSER.toString());
// allows someone other than guid to change the acl, defaults to guid
String writer = json.optString(GNSProtocol.WRITER.toString(), guid);
String accessType = json.getString(GNSProtocol.ACL_TYPE.toString());
String signature = json.getString(GNSProtocol.SIGNATURE.toString());
String message = json.getString(GNSProtocol.SIGNATUREFULLMESSAGE.toString());
// can be null on older client
Date timestamp = json.has(GNSProtocol.TIMESTAMP.toString()) ? Format.parseDateISO8601UTC(json.getString(GNSProtocol.TIMESTAMP.toString())) : null;
MetaDataTypeName access;
if ((access = MetaDataTypeName.valueOf(accessType)) == null) {
return new CommandResponse(ResponseCode.BAD_ACL_TYPE_ERROR, GNSProtocol.BAD_RESPONSE.toString() + " " + GNSProtocol.BAD_ACL_TYPE.toString() + "Should be one of " + Arrays.toString(MetaDataTypeName.values()));
}
// Lookup the public key of the guid that we're giving access to the field.
String accessorPublicKey;
if (GNSProtocol.EVERYONE.toString().equals(accesser)) {
accessorPublicKey = GNSProtocol.EVERYONE.toString();
} else {
GuidInfo accessorGuidInfo;
if ((accessorGuidInfo = AccountAccess.lookupGuidInfoAnywhere(header, accesser, handler)) == null) {
return new CommandResponse(ResponseCode.BAD_GUID_ERROR, GNSProtocol.BAD_RESPONSE.toString() + " " + GNSProtocol.BAD_GUID.toString() + " " + accesser);
} else {
accessorPublicKey = accessorGuidInfo.getPublicKey();
}
}
// This is where we update the ACL. Put the public key of the accessing guid in the appropriate ACL list.
ResponseCode responseCode;
if (!(responseCode = FieldMetaData.add(header, commandPacket, access, guid, field, accessorPublicKey, writer, signature, message, timestamp, handler)).isExceptionOrError()) {
return new CommandResponse(ResponseCode.NO_ERROR, GNSProtocol.OK_RESPONSE.toString());
} else {
return new CommandResponse(responseCode, responseCode.getProtocolCode());
}
}
Also used :
ResponseCode(edu.umass.cs.gnscommon.ResponseCode)
JSONObject(org.json.JSONObject)
GuidInfo(edu.umass.cs.gnsserver.gnsapp.clientCommandProcessor.commandSupport.GuidInfo)
CommandResponse(edu.umass.cs.gnsserver.gnsapp.clientCommandProcessor.commandSupport.CommandResponse)
Date(java.util.Date)
MetaDataTypeName(edu.umass.cs.gnsserver.gnsapp.clientCommandProcessor.commandSupport.MetaDataTypeName)
Example 4 with ResponseCode
use of edu.umass.cs.gnscommon.ResponseCode in project GNS by MobilityFirst.
the class AclRemove method execute.
@Override
public CommandResponse execute(InternalRequestHeader header, CommandPacket commandPacket, ClientRequestHandlerInterface handler) throws InvalidKeyException, InvalidKeySpecException, JSONException, NoSuchAlgorithmException, SignatureException, ParseException {
JSONObject json = commandPacket.getCommand();
String guid = json.getString(GNSProtocol.GUID.toString());
String field = json.getString(GNSProtocol.FIELD.toString());
// The guid that is losing access to this field
String accesser = json.getString(GNSProtocol.ACCESSER.toString());
// allows someone other than guid to change the acl, defaults to guid
String writer = json.optString(GNSProtocol.WRITER.toString(), guid);
String accessType = json.getString(GNSProtocol.ACL_TYPE.toString());
String signature = json.getString(GNSProtocol.SIGNATURE.toString());
String message = json.getString(GNSProtocol.SIGNATUREFULLMESSAGE.toString());
Date timestamp = json.has(GNSProtocol.TIMESTAMP.toString()) ? Format.parseDateISO8601UTC(json.getString(GNSProtocol.TIMESTAMP.toString())) : // can be null on older client
null;
MetaDataTypeName access;
if ((access = MetaDataTypeName.valueOf(accessType)) == null) {
return new CommandResponse(ResponseCode.BAD_ACL_TYPE_ERROR, GNSProtocol.BAD_RESPONSE.toString() + " " + GNSProtocol.BAD_ACL_TYPE.toString() + "Should be one of " + Arrays.toString(MetaDataTypeName.values()));
}
ResponseCode responseCode;
// We need the public key
String accessorPublicKey;
if (GNSProtocol.EVERYONE.toString().equals(accesser)) {
accessorPublicKey = GNSProtocol.EVERYONE.toString();
} else {
GuidInfo accessorGuidInfo;
if ((accessorGuidInfo = AccountAccess.lookupGuidInfoAnywhere(header, accesser, handler)) == null) {
return new CommandResponse(ResponseCode.BAD_GUID_ERROR, GNSProtocol.BAD_RESPONSE.toString() + " " + GNSProtocol.BAD_GUID.toString() + " " + accesser);
} else {
accessorPublicKey = accessorGuidInfo.getPublicKey();
}
}
if (!(responseCode = FieldMetaData.removeValue(header, commandPacket, access, guid, accesser, field, accessorPublicKey, writer, signature, message, timestamp, handler)).isExceptionOrError()) {
return new CommandResponse(ResponseCode.NO_ERROR, GNSProtocol.OK_RESPONSE.toString());
} else {
return new CommandResponse(responseCode, responseCode.getProtocolCode());
}
}
Also used :
ResponseCode(edu.umass.cs.gnscommon.ResponseCode)
JSONObject(org.json.JSONObject)
GuidInfo(edu.umass.cs.gnsserver.gnsapp.clientCommandProcessor.commandSupport.GuidInfo)
CommandResponse(edu.umass.cs.gnsserver.gnsapp.clientCommandProcessor.commandSupport.CommandResponse)
Date(java.util.Date)
MetaDataTypeName(edu.umass.cs.gnsserver.gnsapp.clientCommandProcessor.commandSupport.MetaDataTypeName)
Example 5 with ResponseCode
use of edu.umass.cs.gnscommon.ResponseCode in project GNS by MobilityFirst.
the class FieldDeleteAcl method execute.
@Override
public CommandResponse execute(InternalRequestHeader header, CommandPacket commandPacket, ClientRequestHandlerInterface handler) throws InvalidKeyException, InvalidKeySpecException, JSONException, NoSuchAlgorithmException, SignatureException, ParseException {
JSONObject json = commandPacket.getCommand();
String guid = json.getString(GNSProtocol.GUID.toString());
String field = json.getString(GNSProtocol.FIELD.toString());
String accessType = json.getString(GNSProtocol.ACL_TYPE.toString());
// allows someone other than guid to delete acl, defaults to guid
String writer = json.optString(GNSProtocol.WRITER.toString(), guid);
String signature = json.getString(GNSProtocol.SIGNATURE.toString());
String message = json.getString(GNSProtocol.SIGNATUREFULLMESSAGE.toString());
Date timestamp = json.has(GNSProtocol.TIMESTAMP.toString()) ? Format.parseDateISO8601UTC(json.getString(GNSProtocol.TIMESTAMP.toString())) : // can be null on older client
null;
MetaDataTypeName access;
if ((access = MetaDataTypeName.valueOf(accessType)) == null) {
return new CommandResponse(ResponseCode.BAD_ACL_TYPE_ERROR, GNSProtocol.BAD_RESPONSE.toString() + " " + GNSProtocol.BAD_ACL_TYPE.toString() + "Should be one of " + Arrays.toString(MetaDataTypeName.values()));
}
ResponseCode responseCode;
if (!(responseCode = FieldMetaData.deleteField(header, commandPacket, access, guid, field, writer, signature, message, timestamp, handler)).isExceptionOrError()) {
return new CommandResponse(ResponseCode.NO_ERROR, GNSProtocol.OK_RESPONSE.toString());
} else {
return new CommandResponse(responseCode, GNSProtocol.BAD_RESPONSE.toString() + " " + responseCode.getProtocolCode());
}
}
Also used :
ResponseCode(edu.umass.cs.gnscommon.ResponseCode)
JSONObject(org.json.JSONObject)
CommandResponse(edu.umass.cs.gnsserver.gnsapp.clientCommandProcessor.commandSupport.CommandResponse)
Date(java.util.Date)
MetaDataTypeName(edu.umass.cs.gnsserver.gnsapp.clientCommandProcessor.commandSupport.MetaDataTypeName)
Aggregations
ResponseCode (edu.umass.cs.gnscommon.ResponseCode)40
JSONObject (org.json.JSONObject)28
Date (java.util.Date)18
CommandResponse (edu.umass.cs.gnsserver.gnsapp.clientCommandProcessor.commandSupport.CommandResponse)16
JSONException (org.json.JSONException)14
ClientException (edu.umass.cs.gnscommon.exceptions.client.ClientException)13
ResultValue (edu.umass.cs.gnsserver.utils.ResultValue)8
FailedDBOperationException (edu.umass.cs.gnscommon.exceptions.server.FailedDBOperationException)7
InternalRequestException (edu.umass.cs.gnscommon.exceptions.server.InternalRequestException)7
IOException (java.io.IOException)7
MetaDataTypeName (edu.umass.cs.gnsserver.gnsapp.clientCommandProcessor.commandSupport.MetaDataTypeName)6
RandomString (edu.umass.cs.gnscommon.utils.RandomString)5
ValuesMap (edu.umass.cs.gnsserver.utils.ValuesMap)5
GuidInfo (edu.umass.cs.gnsserver.gnsapp.clientCommandProcessor.commandSupport.GuidInfo)4
CreateServiceName (edu.umass.cs.reconfiguration.reconfigurationpackets.CreateServiceName)4
UnsupportedEncodingException (java.io.UnsupportedEncodingException)3
InvalidKeyException (java.security.InvalidKeyException)3
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3
SignatureException (java.security.SignatureException)3
InvalidKeySpecException (java.security.spec.InvalidKeySpecException)3
