Example 16 with MyPrincipal
use of nl.uva.cs.lobcder.auth.MyPrincipal in project lobcder by skoulouzis.
the class PermissionsResource method getPermissions.
/**
* Gets the resource's permissions: owner, read, write
*
* @param uid the id of the resource
* @return the resource's permissions: owner, read, write
*/
@Path("{uid}/")
@GET
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Permissions getPermissions(@PathParam("uid") Long uid) {
try (Connection cn = catalogue.getConnection()) {
LogicalData res = catalogue.getLogicalDataByUid(uid, cn);
if (res == null) {
throw new WebApplicationException(Response.Status.NOT_FOUND);
}
MyPrincipal mp = (MyPrincipal) request.getAttribute("myprincipal");
Permissions p = catalogue.getPermissions(uid, res.getOwner(), cn);
if (!mp.canRead(p)) {
throw new WebApplicationException(Response.Status.UNAUTHORIZED);
}
return p;
} catch (SQLException ex) {
Logger.getLogger(PermissionsResource.class.getName()).log(Level.SEVERE, null, ex);
throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
}
}
Also used :
LogicalData(nl.uva.cs.lobcder.resources.LogicalData)
MyPrincipal(nl.uva.cs.lobcder.auth.MyPrincipal)
SQLException(java.sql.SQLException)
Connection(java.sql.Connection)
Permissions(nl.uva.cs.lobcder.auth.Permissions)
Example 17 with MyPrincipal
use of nl.uva.cs.lobcder.auth.MyPrincipal in project lobcder by skoulouzis.
the class PermissionsResource method setPermissions.
/**
* Sets the resource's permissions: owner, read, write
*
* @param uid the id of the resource
* @param jbPermissions the permissions: owner, read, write
*/
@Path("{uid}/")
@PUT
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public void setPermissions(@PathParam("uid") Long uid, JAXBElement<Permissions> jbPermissions) {
try (Connection cn = catalogue.getConnection()) {
try {
LogicalData res = catalogue.getLogicalDataByUid(uid, cn);
if (res == null) {
throw new WebApplicationException(Response.Status.NOT_FOUND);
}
MyPrincipal mp = (MyPrincipal) request.getAttribute("myprincipal");
Permissions p = catalogue.getPermissions(uid, res.getOwner(), cn);
if (!mp.canWrite(p)) {
throw new WebApplicationException(Response.Status.UNAUTHORIZED);
}
Permissions permissions = jbPermissions.getValue();
catalogue.updateOwner(uid, permissions.getOwner(), cn);
catalogue.setPermissions(uid, permissions, cn);
cn.commit();
} catch (SQLException ex) {
Logger.getLogger(PermissionsResource.class.getName()).log(Level.SEVERE, null, ex);
cn.rollback();
throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
}
} catch (SQLException ex) {
Logger.getLogger(PermissionsResource.class.getName()).log(Level.SEVERE, null, ex);
throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
}
}
Also used :
LogicalData(nl.uva.cs.lobcder.resources.LogicalData)
MyPrincipal(nl.uva.cs.lobcder.auth.MyPrincipal)
SQLException(java.sql.SQLException)
Connection(java.sql.Connection)
Permissions(nl.uva.cs.lobcder.auth.Permissions)
Example 18 with MyPrincipal
use of nl.uva.cs.lobcder.auth.MyPrincipal in project lobcder by skoulouzis.
the class PermissionsResource method setPermissionsRecursive.
@Path("recursive/{uid}/")
@PUT
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public UIDS setPermissionsRecursive(@PathParam("uid") Long uid_p, @DefaultValue("False") @QueryParam("getall") Boolean getall, JAXBElement<Permissions> jbPermissions) {
UIDS result = new UIDS();
try (Connection connection = catalogue.getConnection()) {
try {
Permissions permissions = jbPermissions.getValue();
MyPrincipal principal = (MyPrincipal) request.getAttribute("myprincipal");
LogicalData ld = catalogue.getLogicalDataByUid(uid_p, connection);
Stack<Long> folders = new Stack<>();
ArrayList<Long> elements = new ArrayList<>();
ArrayList<Long> changeOwner = new ArrayList<>();
Permissions p = catalogue.getPermissions(ld.getUid(), ld.getOwner(), connection);
if (ld.isFolder() && principal.canRead(p)) {
folders.add(ld.getUid());
}
if (principal.canWrite(p)) {
elements.add(ld.getUid());
if (permissions.getOwner() != null && !ld.getOwner().equals(permissions.getOwner())) {
changeOwner.add(ld.getUid());
}
}
try (PreparedStatement ps = connection.prepareStatement("SELECT uid, ownerId, datatype FROM ldata_table WHERE parentRef = ?")) {
while (!folders.isEmpty()) {
Long curUid = folders.pop();
ps.setLong(1, curUid);
try (ResultSet resultSet = ps.executeQuery()) {
while (resultSet.next()) {
Long entry_uid = resultSet.getLong(1);
String entry_owner = resultSet.getString(2);
String entry_datatype = resultSet.getString(3);
Permissions entry_p = catalogue.getPermissions(entry_uid, entry_owner, connection);
if (entry_datatype.equals(Constants.LOGICAL_FOLDER) && principal.canRead(entry_p)) {
folders.push(entry_uid);
}
if (principal.canWrite(entry_p)) {
elements.add(entry_uid);
if (permissions.getOwner() != null && !entry_owner.equals(permissions.getOwner())) {
changeOwner.add(entry_uid);
}
}
}
}
}
}
try (PreparedStatement ps = connection.prepareStatement("SELECT permType, roleName, ldUidRef, id FROM permission_table WHERE permission_table.ldUidRef = ?", java.sql.ResultSet.TYPE_FORWARD_ONLY, java.sql.ResultSet.CONCUR_UPDATABLE)) {
for (Long uid : elements) {
ps.setLong(1, uid);
ResultSet rs = ps.executeQuery();
Set<String> read = new HashSet<>(permissions.getRead());
Set<String> write = new HashSet<>(permissions.getWrite());
boolean updateFlag = false;
while (rs.next()) {
String permType = rs.getString(1);
String roleName = rs.getString(2);
if (permType.equals("read")) {
if (!read.remove(roleName)) {
rs.deleteRow();
updateFlag = true;
}
} else if (permType.equals("write")) {
if (!write.remove(roleName)) {
rs.deleteRow();
updateFlag = true;
}
}
}
for (String role : read) {
rs.moveToInsertRow();
rs.updateString(1, "read");
rs.updateString(2, role);
rs.updateLong(3, uid);
rs.insertRow();
}
for (String role : write) {
rs.moveToInsertRow();
rs.updateString(1, "write");
rs.updateString(2, role);
rs.updateLong(3, uid);
rs.insertRow();
}
if (getall || updateFlag || !read.isEmpty() || !write.isEmpty()) {
String myuid = catalogue.getGlobalID(uid, connection);
if (myuid != null) {
result.uids.add(myuid);
}
}
}
}
if (permissions.getOwner() != null && !permissions.getOwner().isEmpty()) {
try (PreparedStatement ps = connection.prepareStatement("SELECT ownerId, uid from ldata_table WHERE uid = ?", java.sql.ResultSet.TYPE_FORWARD_ONLY, java.sql.ResultSet.CONCUR_UPDATABLE)) {
for (Long uid : changeOwner) {
ps.setLong(1, uid);
ResultSet rs = ps.executeQuery();
if (rs.next()) {
rs.updateString(1, permissions.getOwner());
rs.updateRow();
if (!getall) {
result.uids.add(catalogue.getGlobalID(uid, connection));
}
}
}
}
}
connection.commit();
return result;
} catch (SQLException ex) {
Logger.getLogger(PermissionsResource.class.getName()).log(Level.SEVERE, null, ex);
connection.rollback();
throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
}
} catch (SQLException ex) {
Logger.getLogger(PermissionsResource.class.getName()).log(Level.SEVERE, null, ex);
throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
}
}
Also used :
SQLException(java.sql.SQLException)
Connection(java.sql.Connection)
ArrayList(java.util.ArrayList)
PreparedStatement(java.sql.PreparedStatement)
Stack(java.util.Stack)
LogicalData(nl.uva.cs.lobcder.resources.LogicalData)
MyPrincipal(nl.uva.cs.lobcder.auth.MyPrincipal)
Permissions(nl.uva.cs.lobcder.auth.Permissions)
ResultSet(java.sql.ResultSet)
HashSet(java.util.HashSet)
Example 19 with MyPrincipal
use of nl.uva.cs.lobcder.auth.MyPrincipal in project lobcder by skoulouzis.
the class SetBulkPermissionsResource method setPermissions2.
/**
* Sets permissions for folder and subtree
*
* @param path the folder's path
* @param jbPermissions the permissions: owner, read, write
*/
@PUT
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public void setPermissions2(@QueryParam("path") String path, JAXBElement<Permissions> jbPermissions) throws UnsupportedEncodingException {
try (Connection connection = catalogue.getConnection()) {
try {
Permissions permissions = jbPermissions.getValue();
MyPrincipal principal = (MyPrincipal) request.getAttribute("myprincipal");
LogicalData ld = catalogue.getLogicalDataByPath(io.milton.common.Path.path(path), connection);
Stack<Long> folders = new Stack<>();
ArrayList<Long> elements = new ArrayList<>();
ArrayList<Long> changeOwner = new ArrayList<>();
Permissions p = catalogue.getPermissions(ld.getUid(), ld.getOwner(), connection);
if (ld.isFolder() && principal.canRead(p)) {
folders.add(ld.getUid());
}
if (principal.canWrite(p)) {
elements.add(ld.getUid());
if (!ld.getOwner().equals(permissions.getOwner())) {
changeOwner.add(ld.getUid());
}
}
try (PreparedStatement ps = connection.prepareStatement("SELECT uid, ownerId, datatype FROM ldata_table WHERE parentRef = ?")) {
while (!folders.isEmpty()) {
Long curUid = folders.pop();
ps.setLong(1, curUid);
try (ResultSet resultSet = ps.executeQuery()) {
while (resultSet.next()) {
Long entry_uid = resultSet.getLong(1);
String entry_owner = resultSet.getString(2);
String entry_datatype = resultSet.getString(3);
Permissions entry_p = catalogue.getPermissions(entry_uid, entry_owner, connection);
if (entry_datatype.equals(Constants.LOGICAL_FOLDER) && principal.canRead(entry_p)) {
folders.push(entry_uid);
}
if (principal.canWrite(entry_p)) {
elements.add(entry_uid);
if (!entry_owner.equals(permissions.getOwner())) {
changeOwner.add(entry_uid);
}
}
}
}
}
}
final int batchSize = 100;
int count = 0;
try (PreparedStatement psDel = connection.prepareStatement("DELETE FROM permission_table WHERE permission_table.ldUidRef = ?");
PreparedStatement psIns = connection.prepareStatement("INSERT INTO permission_table (permType, ldUidRef, roleName) VALUES (?, ?, ?)")) {
for (Long uid : elements) {
psDel.setLong(1, uid);
psDel.addBatch();
for (String cr : permissions.getRead()) {
psIns.setString(1, "read");
psIns.setLong(2, uid);
psIns.setString(3, cr);
psIns.addBatch();
}
for (String cw : permissions.getWrite()) {
psIns.setString(1, "write");
psIns.setLong(2, uid);
psIns.setString(3, cw);
psIns.addBatch();
}
count++;
if (count % batchSize == 0) {
psDel.executeBatch();
psIns.executeBatch();
}
}
psDel.executeBatch();
psIns.executeBatch();
}
try (PreparedStatement ps = connection.prepareStatement("UPDATE ldata_table SET ownerId = ? WHERE uid = ?")) {
count = 0;
ps.setString(1, permissions.getOwner());
for (Long uid : changeOwner) {
ps.setLong(2, uid);
ps.addBatch();
count++;
if (count % batchSize == 0) {
ps.executeBatch();
}
}
ps.executeBatch();
}
connection.commit();
} catch (SQLException ex) {
Logger.getLogger(SetBulkPermissionsResource.class.getName()).log(Level.SEVERE, null, ex);
connection.rollback();
throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
}
} catch (SQLException ex) {
Logger.getLogger(SetBulkPermissionsResource.class.getName()).log(Level.SEVERE, null, ex);
throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
}
}
Also used :
ArrayList(java.util.ArrayList)
Stack(java.util.Stack)
LogicalData(nl.uva.cs.lobcder.resources.LogicalData)
MyPrincipal(nl.uva.cs.lobcder.auth.MyPrincipal)
Permissions(nl.uva.cs.lobcder.auth.Permissions)
Example 20 with MyPrincipal
use of nl.uva.cs.lobcder.auth.MyPrincipal in project lobcder by skoulouzis.
the class Translator method getShortWeb.
/**
* Gets short token
* @param longTocken the long token
* @return the short token
* @throws SQLException
*/
@Path("{longTocken}/")
@Produces(MediaType.TEXT_PLAIN)
@GET
public Response getShortWeb(@PathParam("longTocken") String longTocken) throws SQLException {
try {
MyPrincipal principal = SingletonesHelper.getInstance().getTktAuth().checkToken("from_translator", longTocken);
Long expDate = principal.getValidUntil();
String userId = principal.getUserId();
try (Connection cn = SingletonesHelper.getInstance().getDataSource().getConnection()) {
String shortId = null;
String longId = null;
try (PreparedStatement ps = cn.prepareStatement("SELECT short_tkt, " + "userId, long_tkt, exp_date FROM tokens_table WHERE userId = ?", ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_UPDATABLE)) {
ps.setString(1, userId);
try (ResultSet rs = ps.executeQuery()) {
if (rs.next()) {
shortId = rs.getString(1);
longId = rs.getString(3);
if (!longId.equals(longTocken)) {
rs.updateString(3, longTocken);
rs.updateTimestamp(4, new Timestamp(expDate.longValue() * 1000));
rs.updateRow();
}
} else {
rs.moveToInsertRow();
shortId = org.apache.commons.lang3.RandomStringUtils.randomAlphanumeric(12);
rs.updateString(1, shortId);
rs.updateString(2, userId);
rs.updateString(3, longTocken);
rs.updateTimestamp(4, new Timestamp(expDate.longValue() * 1000));
rs.insertRow();
}
}
}
;
// deleteOld(cn);
return Response.ok(shortId).build();
} catch (SQLException e) {
return Response.serverError().entity(e).build();
}
} catch (Throwable th) {
return Response.status(Response.Status.UNAUTHORIZED).entity("Ticket is not valid").build();
}
}
Also used :
MyPrincipal(nl.uva.cs.lobcder.auth.MyPrincipal)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Aggregations
MyPrincipal (nl.uva.cs.lobcder.auth.MyPrincipal)37
Connection (java.sql.Connection)23
SQLException (java.sql.SQLException)22
Permissions (nl.uva.cs.lobcder.auth.Permissions)20
LogicalData (nl.uva.cs.lobcder.resources.LogicalData)20
Path (javax.ws.rs.Path)11
ArrayList (java.util.ArrayList)8
GET (javax.ws.rs.GET)8
Produces (javax.ws.rs.Produces)7
WebApplicationException (javax.ws.rs.WebApplicationException)5
PreparedStatement (java.sql.PreparedStatement)4
Stack (java.util.Stack)4
ResultSet (java.sql.ResultSet)3
Date (java.util.Date)3
HashSet (java.util.HashSet)3
Consumes (javax.ws.rs.Consumes)3
PUT (javax.ws.rs.PUT)3
JAXBElement (javax.xml.bind.JAXBElement)3
QName (javax.xml.namespace.QName)3
PDRIDescr (nl.uva.cs.lobcder.resources.PDRIDescr)3
