Examples with FilterStrategy ddf.catalog.security.FilterStrategy used on opensource projects

Search in sources :

Example 1 with FilterStrategy

use of ddf.catalog.security.FilterStrategy in project ddf by codice.

the class FilterPlugin method processPostQuery.

@Override
public QueryResponse processPostQuery(QueryResponse input) throws StopProcessingException {
    if (input.getRequest() == null || input.getRequest().getProperties() == null) {
        throw new StopProcessingException("Unable to filter contents of current message, no user Subject available.");
    }
    Subject subject = getSubject(input);
    List<Result> results = input.getResults();
    List<Result> newResults = new ArrayList<>(results.size());
    Metacard metacard;
    KeyValueCollectionPermission securityPermission = new KeyValueCollectionPermission(CollectionPermission.READ_ACTION);
    int filteredMetacards = 0;
    for (Result result : results) {
        metacard = result.getMetacard();
        Attribute attr = metacard.getAttribute(Metacard.SECURITY);
        if (!checkPermissions(attr, securityPermission, subject, CollectionPermission.READ_ACTION)) {
            for (FilterStrategy filterStrategy : filterStrategies.values()) {
                FilterResult filterResult = filterStrategy.process(input, metacard);
                if (filterResult.processed()) {
                    if (filterResult.metacard() != null) {
                        newResults.add(new ResultImpl(filterResult.metacard()));
                    }
                    break;
                //returned responses are ignored for queries
                }
            }
            filteredMetacards++;
        } else {
            newResults.add(result);
        }
    }
    if (filteredMetacards > 0) {
        SecurityLogger.audit("Filtered " + filteredMetacards + " metacards, returned " + newResults.size(), subject);
    }
    input.getResults().clear();
    input.getResults().addAll(newResults);
    newResults.clear();
    return input;
}
Also used : Metacard(ddf.catalog.data.Metacard) KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) Attribute(ddf.catalog.data.Attribute) ArrayList(java.util.ArrayList) FilterStrategy(ddf.catalog.security.FilterStrategy) ResultImpl(ddf.catalog.data.impl.ResultImpl) StopProcessingException(ddf.catalog.plugin.StopProcessingException) FilterResult(ddf.catalog.security.FilterResult) Subject(org.apache.shiro.subject.Subject) FilterResult(ddf.catalog.security.FilterResult) Result(ddf.catalog.data.Result)

Example 2 with FilterStrategy

use of ddf.catalog.security.FilterStrategy in project ddf by codice.

the class FilterPlugin method processPostDelete.

@Override
public DeleteResponse processPostDelete(DeleteResponse input) throws StopProcessingException {
    if (input.getRequest() == null || input.getRequest().getProperties() == null) {
        throw new StopProcessingException("Unable to filter contents of current message, no user Subject available.");
    }
    Subject subject = getSubject(input);
    List<Metacard> results = input.getDeletedMetacards();
    List<Metacard> newResults = new ArrayList<>(results.size());
    KeyValueCollectionPermission securityPermission = new KeyValueCollectionPermission(CollectionPermission.READ_ACTION);
    int filteredMetacards = 0;
    for (Metacard metacard : results) {
        Attribute attr = metacard.getAttribute(Metacard.SECURITY);
        if (!checkPermissions(attr, securityPermission, subject, CollectionPermission.READ_ACTION)) {
            for (FilterStrategy filterStrategy : filterStrategies.values()) {
                FilterResult filterResult = filterStrategy.process(input, metacard);
                if (filterResult.processed()) {
                    if (filterResult.metacard() != null) {
                        newResults.add(filterResult.metacard());
                    }
                    break;
                //returned responses are ignored for deletes
                }
            }
            filteredMetacards++;
        } else {
            newResults.add(metacard);
        }
    }
    if (filteredMetacards > 0) {
        SecurityLogger.audit("Filtered " + filteredMetacards + " metacards, returned " + newResults.size(), subject);
    }
    input.getDeletedMetacards().clear();
    input.getDeletedMetacards().addAll(newResults);
    newResults.clear();
    return input;
}
Also used : Metacard(ddf.catalog.data.Metacard) KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) Attribute(ddf.catalog.data.Attribute) ArrayList(java.util.ArrayList) FilterStrategy(ddf.catalog.security.FilterStrategy) StopProcessingException(ddf.catalog.plugin.StopProcessingException) FilterResult(ddf.catalog.security.FilterResult) Subject(org.apache.shiro.subject.Subject)

Example 3 with FilterStrategy

use of ddf.catalog.security.FilterStrategy in project ddf by codice.

the class FilterPlugin method addStrategy.

public void addStrategy(ServiceReference<FilterStrategy> filterStrategyRef) {
    Bundle bundle = FrameworkUtil.getBundle(FilterPlugin.class);
    if (bundle != null) {
        FilterStrategy filterStrategy = bundle.getBundleContext().getService(filterStrategyRef);
        filterStrategies.put(filterStrategyRef, filterStrategy);
    }
}
Also used : Bundle(org.osgi.framework.Bundle) FilterStrategy(ddf.catalog.security.FilterStrategy)

Example 4 with FilterStrategy

use of ddf.catalog.security.FilterStrategy in project ddf by codice.

the class FilterPlugin method processPostResource.

@Override
public ResourceResponse processPostResource(ResourceResponse input, Metacard metacard) throws StopProcessingException {
    if (input.getRequest() == null || input.getRequest().getProperties() == null) {
        throw new StopProcessingException("Unable to filter contents of current message, no user Subject available.");
    }
    KeyValueCollectionPermission securityPermission = new KeyValueCollectionPermission(CollectionPermission.READ_ACTION);
    Subject subject = getSubject(input);
    Attribute attr = metacard.getAttribute(Metacard.SECURITY);
    if (!checkPermissions(attr, securityPermission, subject, CollectionPermission.READ_ACTION)) {
        for (FilterStrategy filterStrategy : filterStrategies.values()) {
            FilterResult filterResult = filterStrategy.process(input, metacard);
            if (filterResult.processed()) {
                if (filterResult.response() == null) {
                    throw new StopProcessingException("Subject not permitted to receive resource");
                } else {
                    input = (ResourceResponse) filterResult.response();
                }
                break;
            //returned metacards are ignored for resource requests
            }
        }
        if (filterStrategies.size() == 0) {
            throw new StopProcessingException("Subject not permitted to receive resource");
        }
    }
    return input;
}
Also used : KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission) Attribute(ddf.catalog.data.Attribute) FilterStrategy(ddf.catalog.security.FilterStrategy) StopProcessingException(ddf.catalog.plugin.StopProcessingException) FilterResult(ddf.catalog.security.FilterResult) Subject(org.apache.shiro.subject.Subject)

Aggregations

FilterStrategy (ddf.catalog.security.FilterStrategy)4 Attribute (ddf.catalog.data.Attribute)3 StopProcessingException (ddf.catalog.plugin.StopProcessingException)3 FilterResult (ddf.catalog.security.FilterResult)3 KeyValueCollectionPermission (ddf.security.permission.KeyValueCollectionPermission)3 Subject (org.apache.shiro.subject.Subject)3 Metacard (ddf.catalog.data.Metacard)2 ArrayList (java.util.ArrayList)2 Result (ddf.catalog.data.Result)1 ResultImpl (ddf.catalog.data.impl.ResultImpl)1 Bundle (org.osgi.framework.Bundle)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial