Example 6 with AdminClient
use of edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClient in project OA4MP by ncsa.
the class PermissionServer method listAdmins.
/**
* Returns a list of admins for a given client. This will check that the permissions exist for this operation.
*
* @param request
* @return
*/
public PermissionResponse listAdmins(ListAdminsRequest request) {
// request needs an client id
// canRead(request);
List<Identifier> adminIDs = getPermissionStore().getAdmins(request.getClient().getIdentifier());
List<AdminClient> admins = new LinkedList<>();
for (Identifier id : adminIDs) {
try {
getPermissionStore().get(id, request.getClient().getIdentifier());
admins.add(getAdminClientStore().get(id));
} catch (Throwable t) {
// rock on
}
}
return new ListAdminsResponse(admins);
}
Also used :
Identifier(edu.uiuc.ncsa.security.core.Identifier)
LinkedList(java.util.LinkedList)
AdminClient(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClient)
Example 7 with AdminClient
use of edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClient in project OA4MP by ncsa.
the class AttributeServer method removeAdminClient.
/**
* Remove a subset of attributes for an admin client.
*
* @param request
* @return
*/
protected AttributeAdminClientResponse removeAdminClient(AttributeRemoveRequest request) {
AdminClient client = getAdminClientStore().get(request.getAdminClient().getIdentifier());
ColumnMap map = new ColumnMap();
getACConverter().toMap(client, map);
for (String key : request.getAttributes()) {
// don't let anyone change the identifier.
if (!key.equals(getACConverter().getKeys().identifier())) {
map.remove(key);
}
}
AdminClient updatedClient = getACConverter().fromMap(map, null);
getAdminClientStore().save(updatedClient);
AttributeAdminClientResponse attributeClientResponse = new AttributeAdminClientResponse(updatedClient);
return attributeClientResponse;
}
Also used :
ColumnMap(edu.uiuc.ncsa.security.storage.sql.internals.ColumnMap)
AdminClient(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClient)
Example 8 with AdminClient
use of edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClient in project OA4MP by ncsa.
the class ClientServerTest method testRemove.
public void testRemove(CMTestStoreProvider tp2) throws Exception {
CC cc = setupClients(tp2);
// so approve this
ClientServer server = new ClientServer(tp2.getCOSE());
ApproveRequest approveRequest = RequestFactory.createRequest(cc.adminClient, new TypeClient(), new ActionApprove(), cc.client, null);
server.process(approveRequest);
assert tp2.getClientApprovalStore().containsKey(cc.client.getIdentifier());
assert tp2.getClientApprovalStore().get(cc.client.getIdentifier()).isApproved();
assert !tp2.getPermissionStore().get(cc.adminClient.getIdentifier(), cc.client.getIdentifier()).isEmpty();
AdminClient ac2 = getAdminClient(tp2.getAdminClientStore());
PermissionServer permissionServer = new PermissionServer(tp2.getCOSE());
AddClientRequest addClientRequest = RequestFactory.createRequest(ac2, new TypePermission(), new ActionAdd(), cc.client, null);
permissionServer.process(addClientRequest);
assert !tp2.getPermissionStore().get(ac2.getIdentifier(), cc.client.getIdentifier()).isEmpty();
// ok, so now we have a couple of admin clients with permissions on this client and it is approved. Let's
// see if everything gets cleaned out.
RemoveRequest removeRequest = RequestFactory.createRequest(cc.adminClient, new TypeClient(), new ActionRemove(), cc.client, null);
server.process(removeRequest);
assert !tp2.getClientStore().containsKey(cc.client.getIdentifier());
assert !tp2.getClientApprovalStore().containsKey(cc.client.getIdentifier());
assert tp2.getPermissionStore().get(cc.adminClient.getIdentifier(), cc.client.getIdentifier()).isEmpty();
assert tp2.getPermissionStore().get(ac2.getIdentifier(), cc.client.getIdentifier()).isEmpty();
}
Also used :
PermissionServer(edu.uiuc.ncsa.myproxy.oa4mp.oauth2.cm.util.permissions.PermissionServer)
TypeClient(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.types.TypeClient)
TypePermission(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.types.TypePermission)
AdminClient(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClient)
AddClientRequest(edu.uiuc.ncsa.myproxy.oa4mp.oauth2.cm.util.permissions.AddClientRequest)
Example 9 with AdminClient
use of edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClient in project OA4MP by ncsa.
the class PermissionServerTest method testGetAdmins.
public void testGetAdmins(CMTestStoreProvider tp2) throws Exception {
int clientCount = 4;
CC cc = setupClients(tp2);
List<AdminClient> admins = new LinkedList<>();
for (int i = 0; i < clientCount; i++) {
AdminClient ac2 = getAdminClient(tp2.getAdminClientStore());
Permission p = tp2.getPermissionStore().create();
p.setDelete(true);
p.setRead(true);
p.setApprove(true);
p.setCreate(true);
p.setWrite(true);
p.setAdminID(ac2.getIdentifier());
p.setClientID(cc.client.getIdentifier());
tp2.getPermissionStore().save(p);
admins.add(ac2);
}
admins.add(cc.adminClient);
// need this list of identifiers later for checking that the returned result is correct.
List<Identifier> adminIDs = new LinkedList<>();
for (AdminClient ac : admins) {
adminIDs.add(ac.getIdentifier());
}
PermissionServer permissionServer = new PermissionServer(tp2.getCOSE());
// ListAdminsRequest req = new ListAdminsRequest(cc.adminClient, cc.client);
ListAdminsRequest req = (ListAdminsRequest) RequestFactory.createRequest(null, new TypePermission(), new ActionList(), cc.client, null);
ListAdminsResponse resp = (ListAdminsResponse) permissionServer.process(req);
// so add a bunch of admins for a single client and check that they all come back.
List<AdminClient> returnedACs = resp.getAdmins();
assert returnedACs.size() == admins.size();
for (AdminClient x : returnedACs) {
assert adminIDs.contains(x.getIdentifier());
}
}
Also used :
LinkedList(java.util.LinkedList)
Identifier(edu.uiuc.ncsa.security.core.Identifier)
TypePermission(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.types.TypePermission)
TypePermission(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.types.TypePermission)
Permission(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.Permission)
ActionList(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.actions.ActionList)
AdminClient(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClient)
Example 10 with AdminClient
use of edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClient in project OA4MP by ncsa.
the class PermissionTest method testAttributes.
public void testAttributes(PermissionsStore pStore, ClientStore clientStore, AdminClientStore acStore) throws Exception {
AdminClient ac = (AdminClient) acStore.create();
OA2Client c = (OA2Client) clientStore.create();
Permission p = (Permission) pStore.create();
p.setAdminID(ac.getIdentifier());
p.setClientID(c.getIdentifier());
p.setApprove(false);
pStore.save(p);
Permission p2 = (Permission) pStore.get(p.getIdentifier());
assert p2.equals(p);
p.setCreate(false);
pStore.save(p);
p2 = (Permission) pStore.get(p.getIdentifier());
assert p2.equals(p);
p.setRead(false);
pStore.save(p);
p2 = (Permission) pStore.get(p.getIdentifier());
assert p2.equals(p);
p.setDelete(false);
pStore.save(p);
p2 = (Permission) pStore.get(p.getIdentifier());
assert p2.equals(p);
p.setDelete(false);
pStore.save(p);
p2 = (Permission) pStore.get(p.getIdentifier());
assert p2.equals(p);
}
Also used :
OA2Client(edu.uiuc.ncsa.security.oauth_2_0.OA2Client)
Permission(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.Permission)
AdminClient(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClient)
Aggregations
AdminClient (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClient)20
Permission (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.Permission)5
Identifier (edu.uiuc.ncsa.security.core.Identifier)4
OA2Client (edu.uiuc.ncsa.security.oauth_2_0.OA2Client)4
TypePermission (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.types.TypePermission)3
ColumnMap (edu.uiuc.ncsa.security.storage.sql.internals.ColumnMap)3
JSONObject (net.sf.json.JSONObject)3
AdminClientKeys (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClientKeys)2
PermissionList (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.PermissionList)2
PrintWriter (java.io.PrintWriter)2
LinkedList (java.util.LinkedList)2
OA2SE (edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2SE)1
AddClientRequest (edu.uiuc.ncsa.myproxy.oa4mp.oauth2.cm.util.permissions.AddClientRequest)1
PermissionServer (edu.uiuc.ncsa.myproxy.oa4mp.oauth2.cm.util.permissions.PermissionServer)1
ActionAdd (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.actions.ActionAdd)1
ActionList (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.actions.ActionList)1
TypeClient (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.types.TypeClient)1
GeneralException (edu.uiuc.ncsa.security.core.exceptions.GeneralException)1
BasicIdentifier (edu.uiuc.ncsa.security.core.util.BasicIdentifier)1
ClientApproval (edu.uiuc.ncsa.security.delegation.server.storage.ClientApproval)1
