Example 31 with Permissions
use of nl.uva.cs.lobcder.auth.Permissions in project lobcder by skoulouzis.
the class WebDataResource method getPriviledges.
@Override
public List<Priviledge> getPriviledges(Auth auth) {
final MyPrincipal currentPrincipal = getPrincipal();
List<Priviledge> perm = new ArrayList<>();
if (currentPrincipal.getUserId().equals(getLogicalData().getOwner())) {
perm.add(Priviledge.ALL);
return perm;
}
Set<String> currentRoles = currentPrincipal.getRoles();
// We are supposed to get permissions for this resource for the current user
Permissions p;
try {
p = getPermissions();
} catch (SQLException e) {
Logger.getLogger(WebDataResource.class.getName()).log(Level.SEVERE, "Could not get Permissions for resource " + getPath(), e);
return perm;
}
Set<String> readRoles = p.getRead();
Set<String> writeRoles = p.getWrite();
readRoles.retainAll(currentRoles);
if (!readRoles.isEmpty()) {
perm.add(Priviledge.READ);
perm.add(Priviledge.READ_ACL);
perm.add(Priviledge.READ_CONTENT);
perm.add(Priviledge.READ_CURRENT_USER_PRIVILEDGE);
perm.add(Priviledge.READ_PROPERTIES);
}
writeRoles.retainAll(currentRoles);
if (!writeRoles.isEmpty()) {
perm.add(Priviledge.WRITE);
perm.add(Priviledge.BIND);
perm.add(Priviledge.UNBIND);
perm.add(Priviledge.UNLOCK);
perm.add(Priviledge.WRITE_ACL);
perm.add(Priviledge.WRITE_CONTENT);
perm.add(Priviledge.WRITE_PROPERTIES);
}
return perm;
}
Also used :
MyPrincipal(nl.uva.cs.lobcder.auth.MyPrincipal)
Permissions(nl.uva.cs.lobcder.auth.Permissions)
Example 32 with Permissions
use of nl.uva.cs.lobcder.auth.Permissions in project lobcder by skoulouzis.
the class WebDataResource method getAccessControlList.
@Override
public Map<Principal, List<Priviledge>> getAccessControlList() {
Logger.getLogger(WebDataResource.class.getName()).log(Level.FINE, "getAccessControlList for {0}", getPath());
Permissions resourcePermission;
HashMap<Principal, List<Priviledge>> acl = new HashMap<>();
try {
// Do the mapping
Principal p = new DavPrincipals.AbstractDavPrincipal(getPrincipalURL()) {
@Override
public boolean matches(Auth auth, Resource current) {
return true;
}
};
resourcePermission = getPermissions();
List<Priviledge> perm = new ArrayList<>();
if (getPrincipal().canRead(resourcePermission)) {
perm.add(Priviledge.READ);
perm.add(Priviledge.READ_ACL);
perm.add(Priviledge.READ_CONTENT);
perm.add(Priviledge.READ_CURRENT_USER_PRIVILEDGE);
perm.add(Priviledge.READ_PROPERTIES);
}
if (getPrincipal().canWrite(resourcePermission)) {
perm.add(Priviledge.WRITE);
perm.add(Priviledge.BIND);
perm.add(Priviledge.UNBIND);
perm.add(Priviledge.UNLOCK);
perm.add(Priviledge.WRITE_ACL);
perm.add(Priviledge.WRITE_CONTENT);
perm.add(Priviledge.WRITE_PROPERTIES);
}
acl.put(p, perm);
for (String r : resourcePermission.getRead()) {
perm = new ArrayList<>();
p = new DavPrincipals.AbstractDavPrincipal(getRoleUrlPrefix() + r) {
@Override
public boolean matches(Auth auth, Resource current) {
return true;
}
};
perm.add(Priviledge.READ);
perm.add(Priviledge.READ_ACL);
perm.add(Priviledge.READ_CONTENT);
perm.add(Priviledge.READ_CURRENT_USER_PRIVILEDGE);
perm.add(Priviledge.READ_PROPERTIES);
acl.put(p, perm);
}
for (String r : resourcePermission.getWrite()) {
perm = new ArrayList<>();
p = new DavPrincipals.AbstractDavPrincipal(getRoleUrlPrefix() + r) {
@Override
public boolean matches(Auth auth, Resource current) {
return true;
}
};
perm.add(Priviledge.WRITE);
perm.add(Priviledge.BIND);
perm.add(Priviledge.UNBIND);
perm.add(Priviledge.UNLOCK);
perm.add(Priviledge.WRITE_ACL);
perm.add(Priviledge.WRITE_CONTENT);
perm.add(Priviledge.WRITE_PROPERTIES);
acl.put(p, perm);
}
} catch (SQLException e) {
Logger.getLogger(WebDataResource.class.getName()).log(Level.SEVERE, "Cannot read permissions for resource " + getPath(), e);
}
return acl;
}
Also used :
DavPrincipals(io.milton.principal.DavPrincipals)
Permissions(nl.uva.cs.lobcder.auth.Permissions)
HrefList(io.milton.http.values.HrefList)
Principal(io.milton.principal.Principal)
MyPrincipal(nl.uva.cs.lobcder.auth.MyPrincipal)
Example 33 with Permissions
use of nl.uva.cs.lobcder.auth.Permissions in project lobcder by skoulouzis.
the class SetBulkPermissionsResource method setPermissions.
// @PUT
// @Consumes({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
public void setPermissions(@QueryParam("path") String path, JAXBElement<Permissions> jbPermissions) throws UnsupportedEncodingException {
try (Connection connection = catalogue.getConnection()) {
try {
Permissions permissions = jbPermissions.getValue();
MyPrincipal mp = (MyPrincipal) request.getAttribute("myprincipal");
setPermissionsJava(path, permissions, mp, connection);
connection.commit();
} catch (SQLException ex) {
Logger.getLogger(SetBulkPermissionsResource.class.getName()).log(Level.SEVERE, null, ex);
connection.rollback();
throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
}
} catch (SQLException ex) {
Logger.getLogger(SetBulkPermissionsResource.class.getName()).log(Level.SEVERE, null, ex);
throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
}
}
Also used :
MyPrincipal(nl.uva.cs.lobcder.auth.MyPrincipal)
Permissions(nl.uva.cs.lobcder.auth.Permissions)
Example 34 with Permissions
use of nl.uva.cs.lobcder.auth.Permissions in project lobcder by skoulouzis.
the class SetBulkPermissionsResource method setPermissionsJava.
private void setPermissionsJava(String rootPath, Permissions perm, MyPrincipal principal, @Nonnull Connection connection) throws SQLException, UnsupportedEncodingException {
LogicalData ld = catalogue.getLogicalDataByPath(io.milton.common.Path.path(rootPath), connection);
Permissions p = catalogue.getPermissions(ld.getUid(), ld.getOwner(), connection);
if (ld.isFolder() && principal.canRead(p)) {
try (PreparedStatement ps = connection.prepareStatement("SELECT uid, ownerId, datatype FROM ldata_table WHERE parentRef = ?")) {
setPermissionsJava(ld.getUid(), principal, ps, perm, connection);
}
}
if (principal.canWrite(p)) {
catalogue.updateOwner(ld.getUid(), perm.getOwner(), connection);
catalogue.setPermissions(ld.getUid(), perm, connection);
}
}
Also used :
LogicalData(nl.uva.cs.lobcder.resources.LogicalData)
Permissions(nl.uva.cs.lobcder.auth.Permissions)
Example 35 with Permissions
use of nl.uva.cs.lobcder.auth.Permissions in project lobcder by skoulouzis.
the class SetBulkPermissionsResource method setPermissionsJava.
private void setPermissionsJava(Long uid, MyPrincipal principal, PreparedStatement ps, Permissions perm, Connection cn) throws SQLException {
ps.setLong(1, uid);
ArrayList<Long> updatePermIds = new ArrayList<>();
try (ResultSet resultSet = ps.executeQuery()) {
while (resultSet.next()) {
Long entry_uid = resultSet.getLong(1);
String entry_owner = resultSet.getString(2);
String entry_datatype = resultSet.getString(3);
Permissions entry_p = catalogue.getPermissions(entry_uid, entry_owner, cn);
if (entry_datatype.equals(Constants.LOGICAL_FOLDER) && principal.canRead(entry_p)) {
setPermissionsJava(entry_uid, principal, ps, perm, cn);
}
if (principal.canWrite(entry_p)) {
updatePermIds.add(entry_uid);
}
}
}
for (Long e_uid : updatePermIds) {
catalogue.updateOwner(e_uid, perm.getOwner(), cn);
catalogue.setPermissions(e_uid, perm, cn);
}
}
Also used :
ArrayList(java.util.ArrayList)
Permissions(nl.uva.cs.lobcder.auth.Permissions)
Aggregations
Permissions (nl.uva.cs.lobcder.auth.Permissions)40
LogicalData (nl.uva.cs.lobcder.resources.LogicalData)29
SQLException (java.sql.SQLException)23
Connection (java.sql.Connection)22
MyPrincipal (nl.uva.cs.lobcder.auth.MyPrincipal)21
ArrayList (java.util.ArrayList)7
BadRequestException (io.milton.http.exceptions.BadRequestException)6
NotAuthorizedException (io.milton.http.exceptions.NotAuthorizedException)6
PDRIDescr (nl.uva.cs.lobcder.resources.PDRIDescr)5
PreparedStatement (java.sql.PreparedStatement)4
ResultSet (java.sql.ResultSet)4
Stack (java.util.Stack)4
Path (io.milton.common.Path)3
Path (javax.ws.rs.Path)3
JAXBElement (javax.xml.bind.JAXBElement)3
QName (javax.xml.namespace.QName)3
LogicalDataWrapped (nl.uva.cs.lobcder.rest.wrappers.LogicalDataWrapped)3
ConflictException (io.milton.http.exceptions.ConflictException)2
IOException (java.io.IOException)2
URISyntaxException (java.net.URISyntaxException)2
