Search in sources :

Example 1 with PermissionList

use of edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.PermissionList in project OA4MP by ncsa.

the class PermissionServer method addClient.

/**
 * Adds a given client to the list of clients managed by this admin
 *
 * @param request
 * @return
 */
public PermissionResponse addClient(AddClientRequest request) {
    // request needs admin and client.
    // Check if there is one already -- don't fill up table with redundant permissions.
    Permission p = null;
    PermissionList pList = getPermissionStore().get(request.getAdminClient().getIdentifier(), request.getClient().getIdentifier());
    switch(pList.size()) {
        case 0:
            p = getPermissionStore().create();
            break;
        case 1:
            p = pList.get(0);
            break;
        default:
            throw new GeneralException("Internal error. Multiple permissiions entries found");
    }
    p.setAdminID(request.getAdminClient().getIdentifier());
    p.setClientID(request.getClient().getIdentifier());
    p.setApprove(true);
    p.setCreate(true);
    p.setDelete(true);
    p.setRead(true);
    p.setWrite(true);
    getPermissionStore().save(p);
    return new AddClientResponse();
}
Also used : GeneralException(edu.uiuc.ncsa.security.core.exceptions.GeneralException) PermissionList(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.PermissionList) Permission(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.Permission)

Example 2 with PermissionList

use of edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.PermissionList in project OA4MP by ncsa.

the class PermissionServer method removeClient.

/**
 * removes a client from management by an admin. This does NOT remove the client!!
 *
 * @param request
 * @return
 */
public PermissionResponse removeClient(RemoveClientRequest request) {
    // request needs admin as src, client as target
    canWrite(request);
    PermissionList permissionList = getPermissionStore().get(request.getAdminClient().getIdentifier(), request.getClient().getIdentifier());
    // remove all of these permissions
    for (Permission p : permissionList) {
        getPermissionStore().remove(p.getIdentifier());
    }
    return new PermissionResponse();
}
Also used : PermissionList(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.PermissionList) Permission(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.Permission)

Example 3 with PermissionList

use of edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.PermissionList in project OA4MP by ncsa.

the class ClientServer method remove.

/**
 * remove the client completely and all references to it.
 *
 * @param request
 * @return
 */
public ClientResponse remove(RemoveRequest request) {
    canDelete(request);
    Identifier clientID = request.getClient().getIdentifier();
    getClientApprovalStore().remove(clientID);
    List<Identifier> admins = getPermissionStore().getAdmins(clientID);
    // remove all permissions for this client and these admins
    for (Identifier adminID : admins) {
        PermissionList permissions = getPermissionStore().get(adminID, clientID);
        for (Permission p : permissions) {
            getPermissionStore().remove(p.getIdentifier());
        }
    }
    getClientStore().remove(clientID);
    return new ClientResponse();
}
Also used : Identifier(edu.uiuc.ncsa.security.core.Identifier) PermissionList(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.PermissionList) TypePermission(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.types.TypePermission) Permission(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.Permission)

Example 4 with PermissionList

use of edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.PermissionList in project OA4MP by ncsa.

the class DDServerTests method setupClients.

protected CC setupClients(CMTestStoreProvider tp2) throws Exception {
    AdminClient adminClient = getAdminClient(tp2.getAdminClientStore());
    ClientApproval clientApproval = tp2.getClientApprovalStore().create();
    clientApproval.setIdentifier(adminClient.getIdentifier());
    clientApproval.setApproved(true);
    clientApproval.setApprover("junit");
    tp2.getClientApprovalStore().save(clientApproval);
    OA2Client client = getOa2Client(tp2.getClientStore());
    PermissionList permissions = tp2.getPermissionStore().get(adminClient.getIdentifier(), client.getIdentifier());
    if (permissions.isEmpty()) {
        Permission p = tp2.getPermissionStore().create();
        p.setAdminID(adminClient.getIdentifier());
        p.setClientID(client.getIdentifier());
        p.setRead(true);
        p.setWrite(true);
        p.setDelete(true);
        p.setApprove(true);
        p.setCreate(true);
        tp2.getPermissionStore().save(p);
    }
    CC cc = new CC();
    cc.adminClient = adminClient;
    cc.client = client;
    return cc;
}
Also used : ClientApproval(edu.uiuc.ncsa.security.delegation.server.storage.ClientApproval) PermissionList(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.PermissionList) Permission(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.Permission) AdminClient(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClient)

Example 5 with PermissionList

use of edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.PermissionList in project OA4MP by ncsa.

the class PermissionServerTest method addClient.

/**
 * Adds a client to the permissions of an admin.
 *
 * @param tp2
 * @throws Exception
 */
public void addClient(CMTestStoreProvider tp2) throws Exception {
    AdminClient adminClient = getAdminClient(tp2.getAdminClientStore());
    OA2Client client = getOa2Client(tp2.getClientStore());
    PermissionServer permissionServer = new PermissionServer(tp2.getCOSE());
    AddClientRequest req = RequestFactory.createRequest(adminClient, new TypePermission(), new ActionAdd(), client, null);
    // AddClientRequest req = new AddClientRequest(adminClient, client);
    AddClientResponse response = (AddClientResponse) permissionServer.process(req);
    PermissionList permissionList = tp2.getPermissionStore().get(adminClient.getIdentifier(), client.getIdentifier());
    try {
        permissionList.canApprove();
        permissionList.canCreate();
        permissionList.canDelete();
        permissionList.canRead();
        permissionList.canWrite();
    } catch (Throwable t) {
        assert false : "failed to have correct permissions";
    }
}
Also used : OA2Client(edu.uiuc.ncsa.security.oauth_2_0.OA2Client) PermissionList(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.PermissionList) TypePermission(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.types.TypePermission) ActionAdd(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.actions.ActionAdd) AdminClient(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClient)

Aggregations

PermissionList (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.PermissionList)5 Permission (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.permissions.Permission)4 AdminClient (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClient)2 TypePermission (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.types.TypePermission)2 ActionAdd (edu.uiuc.ncsa.myproxy.oa4mp.server.admin.things.actions.ActionAdd)1 Identifier (edu.uiuc.ncsa.security.core.Identifier)1 GeneralException (edu.uiuc.ncsa.security.core.exceptions.GeneralException)1 ClientApproval (edu.uiuc.ncsa.security.delegation.server.storage.ClientApproval)1 OA2Client (edu.uiuc.ncsa.security.oauth_2_0.OA2Client)1