use of org.motechproject.security.domain.MotechURLSecurityRule in project motech by motech.
the class MotechSecurityRulesDao method addOrUpdate.
/**
* Reads rules from {@link org.motechproject.security.domain.MotechSecurityConfiguration}
* and split them into those to be created, updated or removed.
* Before updating {@link MotechURLSecurityRuleDataService}
* is checked for old rule with the same id - update will be done
* only if it exists. Same thing happens for rules to be removed.
*
* @param config
*/
@Transactional
public void addOrUpdate(MotechSecurityConfiguration config) {
List<MotechURLSecurityRule> newRules = config.getSecurityRules();
List<MotechURLSecurityRule> oldRules = dataService.retrieveAll();
final Collection newRulesIDs = CollectionUtils.collect(newRules, IDTransformer.INSTANCE);
final Collection oldRulesIDs = CollectionUtils.collect(oldRules, IDTransformer.INSTANCE);
List<MotechURLSecurityRule> create = new ArrayList<>(newRules);
CollectionUtils.filter(create, new MotechSecurityRulePredicate() {
@Override
protected boolean match(MotechURLSecurityRule rule) {
return null == rule.getId();
}
});
List<MotechURLSecurityRule> update = new ArrayList<>(newRules);
CollectionUtils.filter(update, new MotechSecurityRulePredicate() {
@Override
protected boolean match(MotechURLSecurityRule rule) {
return null != rule.getId() && oldRulesIDs.contains(rule.getId());
}
});
List<MotechURLSecurityRule> delete = new ArrayList<>(oldRules);
CollectionUtils.filter(delete, new MotechSecurityRulePredicate() {
@Override
protected boolean match(MotechURLSecurityRule rule) {
return null != rule.getId() && !newRulesIDs.contains(rule.getId());
}
});
LOGGER.debug("Processing rules: {}/{}/{} (Create/Update/Delete)", create.size(), update.size(), delete.size());
for (MotechURLSecurityRule rule : create) {
dataService.create(rule);
}
for (MotechURLSecurityRule rule : update) {
dataService.update(rule);
}
for (MotechURLSecurityRule rule : delete) {
dataService.delete(rule);
}
LOGGER.debug("Processed rules: {}/{}/{} (Create/Update/Delete)", create.size(), update.size(), delete.size());
}
use of org.motechproject.security.domain.MotechURLSecurityRule in project motech by motech.
the class MotechProxyManager method initializeProxyChain.
/**
* This method serves the same purpose of rebuildProxyChain, but does not require
* any kind of security authentication so it should only ever be used by the activator,
* which does not have an authentication object.
*/
@Transactional
public void initializeProxyChain() {
LOGGER.info("Initializing proxy chain");
MotechSecurityConfiguration securityConfiguration = securityRulesDAO.getMotechSecurityConfiguration();
List<MotechURLSecurityRule> securityRules = securityConfiguration.getSecurityRules();
List<MotechURLSecurityRule> systemRules = getDefaultSecurityConfiguration().getSecurityRules();
for (MotechURLSecurityRule rule : systemRules) {
if (!securityRules.contains(rule)) {
LOGGER.debug("Found new rule, not present in database. Adding.");
securityRules.add(rule);
}
}
// remove rules that have origin set to SYSTEM_PLATFORM and are no longer in the default configuration
Iterator<MotechURLSecurityRule> it = securityRules.iterator();
while (it.hasNext()) {
MotechURLSecurityRule ruleFromDb = it.next();
if (SYSTEM_ORIGIN.equals(ruleFromDb.getOrigin()) && !systemRules.contains(ruleFromDb)) {
it.remove();
}
}
securityRulesDAO.addOrUpdate(securityConfiguration);
updateSecurityChain(securityRules);
LOGGER.info("Initialized proxy chain");
}
use of org.motechproject.security.domain.MotechURLSecurityRule in project motech by motech.
the class MotechProxyManager method updateSecurityChain.
/**
* Updates security chain with given {@link org.motechproject.security.domain.MotechURLSecurityRule}
*
* @param securityRules list that contains new security rules
*/
private void updateSecurityChain(List<MotechURLSecurityRule> securityRules) {
LOGGER.debug("Updating security chain");
// sort rules by priority descending
TreeSet<MotechURLSecurityRule> sortedRules = new TreeSet<>(new SecurityRuleComparator());
sortedRules.addAll(securityRules);
List<SecurityFilterChain> newFilterChains = new ArrayList<>();
for (MotechURLSecurityRule securityRule : sortedRules) {
if (securityRule.isActive() && !securityRule.isDeleted()) {
LOGGER.debug("Creating SecurityFilterChain for: {}", securityRule.getPattern());
for (HTTPMethod method : securityRule.getMethodsRequired()) {
newFilterChains.add(securityRuleBuilder.buildSecurityChain(securityRule, method));
}
LOGGER.debug("Created SecurityFilterChain for: {}", securityRule.getPattern());
}
}
proxy = new FilterChainProxy(newFilterChains);
LOGGER.debug("Updated security chain.");
}
Aggregations