Search in sources :

Example 1 with AclService

use of org.opencastproject.authorization.xacml.manager.api.AclService in project opencast by opencast.

the class AbstractAclServiceRestEndpoint method getTransitionsAsJson.

@GET
@Path("/transitions.json")
@Produces(MediaType.APPLICATION_JSON)
@RestQuery(name = "gettransitionsasjson", description = "Get the transitions as json", returnDescription = "Get the transitions as json", restParameters = { @RestParameter(name = "after", isRequired = false, description = "All transitions with an application date after this one", type = STRING), @RestParameter(name = "before", isRequired = false, description = "All transitions with an application date before this one", type = STRING), @RestParameter(name = "scope", isRequired = false, description = "The transition scope", type = STRING), @RestParameter(name = "id", isRequired = false, description = "The series or episode identifier", type = STRING), @RestParameter(name = "transitionId", isRequired = false, description = "The transition identifier", type = STRING), @RestParameter(name = "managedAclId", isRequired = false, description = "The managed acl identifier", type = INTEGER), @RestParameter(name = "done", isRequired = false, description = "Indicates if already applied", type = BOOLEAN) }, reponses = { @RestResponse(responseCode = SC_OK, description = "The request was processed succesfully"), @RestResponse(responseCode = SC_BAD_REQUEST, description = "Error parsing the given scope"), @RestResponse(responseCode = SC_INTERNAL_SERVER_ERROR, description = "Error during processing the request") })
public Response getTransitionsAsJson(@QueryParam("after") String afterStr, @QueryParam("before") String beforeStr, @QueryParam("scope") String scopeStr, @QueryParam("id") String id, @QueryParam("transitionId") Long transitionId, @QueryParam("managedAclId") Long managedAclId, @QueryParam("done") Boolean done) {
    try {
        final TransitionQuery query = TransitionQuery.query();
        if (StringUtils.isNotBlank(afterStr))
            query.after(new Date(DateTimeSupport.fromUTC(afterStr)));
        if (StringUtils.isNotBlank(beforeStr))
            query.before(new Date(DateTimeSupport.fromUTC(beforeStr)));
        if (StringUtils.isNotBlank(id))
            query.withId(id);
        if (StringUtils.isNotBlank(scopeStr)) {
            if ("episode".equalsIgnoreCase(scopeStr))
                query.withScope(AclScope.Episode);
            else if ("series".equalsIgnoreCase(scopeStr))
                query.withScope(AclScope.Series);
            else
                return badRequest();
        }
        if (transitionId != null)
            query.withTransitionId(transitionId);
        if (managedAclId != null)
            query.withAclId(managedAclId);
        if (done != null)
            query.withDone(done);
        final AclService aclService = aclService();
        // run query
        final TransitionResult r = aclService().getTransitions(query);
        // episodeId -> [transitions]
        final Map<String, List<EpisodeACLTransition>> episodeGroup = groupByEpisodeId(r.getEpisodeTransistions());
        // seriesId -> [transitions]
        final Map<String, List<SeriesACLTransition>> seriesGroup = groupBySeriesId(r.getSeriesTransistions());
        final Jsons.Obj episodesObj = buildEpisodesObj(episodeGroup);
        final Jsons.Obj seriesObj = buildSeriesObj(seriesGroup);
        // create final response
        return ok(obj(p("episodes", episodesObj), p("series", seriesObj)).toJson());
    } catch (Exception e) {
        logger.error("Error generating getTransitions response", e);
        return serverError();
    }
}
Also used : Jsons(org.opencastproject.util.Jsons) TransitionQuery(org.opencastproject.authorization.xacml.manager.api.TransitionQuery) JsonConv.fullAccessControlList(org.opencastproject.authorization.xacml.manager.endpoint.JsonConv.fullAccessControlList) List(java.util.List) AccessControlList(org.opencastproject.security.api.AccessControlList) AclService(org.opencastproject.authorization.xacml.manager.api.AclService) TransitionResult(org.opencastproject.authorization.xacml.manager.api.TransitionResult) Date(java.util.Date) AclTransitionDbDuplicatedException(org.opencastproject.authorization.xacml.manager.impl.AclTransitionDbDuplicatedException) SeriesException(org.opencastproject.series.api.SeriesException) WebApplicationException(javax.ws.rs.WebApplicationException) AclServiceException(org.opencastproject.authorization.xacml.manager.api.AclServiceException) AclServiceNoReferenceException(org.opencastproject.authorization.xacml.manager.api.AclServiceNoReferenceException) NotFoundException(org.opencastproject.util.NotFoundException) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) RestQuery(org.opencastproject.util.doc.rest.RestQuery)

Example 2 with AclService

use of org.opencastproject.authorization.xacml.manager.api.AclService in project opencast by opencast.

the class AssetManagerMessageReceiverImplTest method setUp.

@Before
public void setUp() throws Exception {
    workspace = createNiceMock(Workspace.class);
    expect(workspace.read(EasyMock.anyObject(URI.class))).andAnswer(() -> getClass().getResourceAsStream("/dublincore.xml")).anyTimes();
    replay(workspace);
    AclService aclService = createNiceMock(AclService.class);
    expect(aclService.getAcls()).andReturn(new ArrayList<>()).anyTimes();
    replay(aclService);
    DefaultOrganization organization = new DefaultOrganization();
    AclServiceFactory aclServiceFactory = createNiceMock(AclServiceFactory.class);
    expect(aclServiceFactory.serviceFor(organization)).andReturn(aclService).anyTimes();
    replay(aclServiceFactory);
    SecurityService securityService = TestSearchIndex.createSecurityService(organization);
    assetManager = new AssetManagerMessageReceiverImpl();
    assetManager.setAclServiceFactory(aclServiceFactory);
    assetManager.setSecurityService(securityService);
    assetManager.setSearchIndex(index);
}
Also used : AclServiceFactory(org.opencastproject.authorization.xacml.manager.api.AclServiceFactory) SecurityService(org.opencastproject.security.api.SecurityService) ArrayList(java.util.ArrayList) AclService(org.opencastproject.authorization.xacml.manager.api.AclService) Workspace(org.opencastproject.workspace.api.Workspace) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization) Before(org.junit.Before)

Example 3 with AclService

use of org.opencastproject.authorization.xacml.manager.api.AclService in project opencast by opencast.

the class AbstractAclServiceRestEndpoint method applyAclToEpisode.

@POST
@Path("/apply/episode/{episodeId}")
@RestQuery(name = "applyAclToEpisode", description = "Immediate application of an ACL to an episode", returnDescription = "Status code", pathParameters = { @RestParameter(name = "episodeId", isRequired = true, description = "The episode ID", type = STRING) }, restParameters = { @RestParameter(name = "aclId", isRequired = false, description = "The ID of the ACL to apply. If missing the episode ACL will be deleted to fall back to the series ACL", type = INTEGER), @RestParameter(name = "workflowDefinitionId", isRequired = false, description = "The optional workflow to apply to the episode after", type = STRING), @RestParameter(name = "workflowParams", isRequired = false, description = "Parameters for the optional workflow", type = STRING) }, reponses = { @RestResponse(responseCode = SC_OK, description = "The ACL has been successfully applied"), @RestResponse(responseCode = SC_NOT_FOUND, description = "The ACL or the episode has not been found"), @RestResponse(responseCode = SC_INTERNAL_SERVER_ERROR, description = "Internal error") })
public Response applyAclToEpisode(@PathParam("episodeId") String episodeId, @FormParam("aclId") Long aclId, @FormParam("workflowDefinitionId") String workflowDefinitionId, @FormParam("workflowParams") String workflowParams) {
    final AclService aclService = aclService();
    final Option<Option<ManagedAcl>> macl = option(aclId).map(getManagedAcl(aclService));
    if (macl.isSome() && macl.get().isNone())
        return notFound();
    final Option<ConfiguredWorkflowRef> workflow = createConfiguredWorkflowRef(workflowDefinitionId, workflowParams);
    try {
        if (aclService.applyAclToEpisode(episodeId, Options.join(macl), workflow))
            return ok();
        else
            return notFound();
    } catch (AclServiceException e) {
        logger.error("Error applying acl to episode {}", episodeId);
        return serverError();
    }
}
Also used : AclServiceException(org.opencastproject.authorization.xacml.manager.api.AclServiceException) Option(org.opencastproject.util.data.Option) AclService(org.opencastproject.authorization.xacml.manager.api.AclService) ConfiguredWorkflowRef(org.opencastproject.workflow.api.ConfiguredWorkflowRef) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) RestQuery(org.opencastproject.util.doc.rest.RestQuery)

Example 4 with AclService

use of org.opencastproject.authorization.xacml.manager.api.AclService in project opencast by opencast.

the class AbstractAclServiceRestEndpoint method getTransitionsFor.

@GET
@Path("/transitionsfor.json")
@Produces(MediaType.APPLICATION_JSON)
@RestQuery(name = "getTransitionsForAsJson", description = "Get the transitions for a list of episodes and/or series as json. At least one of the lists must not be empty.", returnDescription = "Get the transitions as json", restParameters = { @RestParameter(name = "episodeIds", isRequired = false, description = "A list of comma separated episode IDs", type = STRING), @RestParameter(name = "seriesIds", isRequired = false, description = "A list of comma separated series IDs", type = STRING), @RestParameter(name = "done", isRequired = false, description = "Indicates if already applied transitions should be included", type = BOOLEAN) }, reponses = { @RestResponse(responseCode = SC_OK, description = "The request was processed succesfully"), @RestResponse(responseCode = SC_BAD_REQUEST, description = "Parameter error"), @RestResponse(responseCode = SC_INTERNAL_SERVER_ERROR, description = "Error during processing the request") })
public Response getTransitionsFor(@QueryParam("episodeIds") String episodeIds, @QueryParam("seriesIds") String seriesIds, @DefaultValue("false") @QueryParam("done") final boolean done) {
    final Monadics.ListMonadic<String> eIds = splitCommaSeparatedParam(option(episodeIds));
    final Monadics.ListMonadic<String> sIds = splitCommaSeparatedParam(option(seriesIds));
    if (eIds.value().isEmpty() && sIds.value().isEmpty()) {
        return badRequest();
    }
    final AclService aclService = aclService();
    try {
        // episodeId -> [transitions]
        final Map<String, List<EpisodeACLTransition>> eTs = eIds.foldl(MultiMap.<String, EpisodeACLTransition>multiHashMapWithArrayList(), new Function2.X<MultiMap<String, EpisodeACLTransition>, String, MultiMap<String, EpisodeACLTransition>>() {

            @Override
            public MultiMap<String, EpisodeACLTransition> xapply(MultiMap<String, EpisodeACLTransition> mmap, String id) throws Exception {
                // todo it is quite expensive to query each episode separately
                final TransitionQuery q = TransitionQuery.query().withId(id).withScope(AclScope.Episode).withDone(done);
                return mmap.putAll(id, aclService.getTransitions(q).getEpisodeTransistions());
            }
        }).value();
        // seriesId -> [transitions]
        final Map<String, List<SeriesACLTransition>> sTs = sIds.foldl(MultiMap.<String, SeriesACLTransition>multiHashMapWithArrayList(), new Function2.X<MultiMap<String, SeriesACLTransition>, String, MultiMap<String, SeriesACLTransition>>() {

            @Override
            public MultiMap<String, SeriesACLTransition> xapply(MultiMap<String, SeriesACLTransition> mmap, String id) throws Exception {
                // todo it is quite expensive to query each series separately
                final TransitionQuery q = TransitionQuery.query().withId(id).withScope(AclScope.Series).withDone(done);
                return mmap.putAll(id, aclService.getTransitions(q).getSeriesTransistions());
            }
        }).value();
        final Jsons.Obj episodesObj = buildEpisodesObj(eTs);
        final Jsons.Obj seriesObj = buildSeriesObj(sTs);
        return ok(obj(p("episodes", episodesObj), p("series", seriesObj)).toJson());
    } catch (Exception e) {
        logger.error("Error generating getTransitionsFor response", e);
        return serverError();
    }
}
Also used : Monadics(org.opencastproject.util.data.Monadics) Jsons(org.opencastproject.util.Jsons) SeriesACLTransition(org.opencastproject.authorization.xacml.manager.api.SeriesACLTransition) AclTransitionDbDuplicatedException(org.opencastproject.authorization.xacml.manager.impl.AclTransitionDbDuplicatedException) SeriesException(org.opencastproject.series.api.SeriesException) WebApplicationException(javax.ws.rs.WebApplicationException) AclServiceException(org.opencastproject.authorization.xacml.manager.api.AclServiceException) AclServiceNoReferenceException(org.opencastproject.authorization.xacml.manager.api.AclServiceNoReferenceException) NotFoundException(org.opencastproject.util.NotFoundException) MultiMap(org.opencastproject.util.data.MultiMap) TransitionQuery(org.opencastproject.authorization.xacml.manager.api.TransitionQuery) JsonConv.fullAccessControlList(org.opencastproject.authorization.xacml.manager.endpoint.JsonConv.fullAccessControlList) List(java.util.List) AccessControlList(org.opencastproject.security.api.AccessControlList) AclService(org.opencastproject.authorization.xacml.manager.api.AclService) EpisodeACLTransition(org.opencastproject.authorization.xacml.manager.api.EpisodeACLTransition) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) RestQuery(org.opencastproject.util.doc.rest.RestQuery)

Example 5 with AclService

use of org.opencastproject.authorization.xacml.manager.api.AclService in project opencast by opencast.

the class OsgiAclServiceFactory method repopulate.

@Override
public void repopulate(final String indexName) {
    final String destinationId = AclItem.ACL_QUEUE_PREFIX + WordUtils.capitalize(indexName);
    for (final Organization organization : organizationDirectoryService.getOrganizations()) {
        SecurityUtil.runAs(securityService, organization, SecurityUtil.createSystemUser(cc, organization), new Effect0() {

            @Override
            protected void run() {
                AclService aclService = serviceFor(organization);
                List<ManagedAcl> acls = aclService.getAcls();
                int total = aclService.getAcls().size();
                logger.info("Re-populating index with acls. There are {} acls(s) to add to the index.", total);
                int current = 1;
                for (ManagedAcl acl : acls) {
                    logger.trace("Adding acl '{}' for org '{}'", acl.getName(), organization.getId());
                    messageSender.sendObjectMessage(destinationId, MessageSender.DestinationType.Queue, AclItem.create(acl.getName()));
                    messageSender.sendObjectMessage(IndexProducer.RESPONSE_QUEUE, MessageSender.DestinationType.Queue, IndexRecreateObject.update(indexName, IndexRecreateObject.Service.Acl, total, current));
                    current++;
                }
            }
        });
    }
    Organization organization = new DefaultOrganization();
    SecurityUtil.runAs(securityService, organization, SecurityUtil.createSystemUser(cc, organization), new Effect0() {

        @Override
        protected void run() {
            messageSender.sendObjectMessage(IndexProducer.RESPONSE_QUEUE, MessageSender.DestinationType.Queue, IndexRecreateObject.end(indexName, IndexRecreateObject.Service.Acl));
        }
    });
}
Also used : Organization(org.opencastproject.security.api.Organization) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization) Effect0(org.opencastproject.util.data.Effect0) ManagedAcl(org.opencastproject.authorization.xacml.manager.api.ManagedAcl) List(java.util.List) AclService(org.opencastproject.authorization.xacml.manager.api.AclService) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization)

Aggregations

AclService (org.opencastproject.authorization.xacml.manager.api.AclService)6 List (java.util.List)3 Path (javax.ws.rs.Path)3 AclServiceException (org.opencastproject.authorization.xacml.manager.api.AclServiceException)3 AccessControlList (org.opencastproject.security.api.AccessControlList)3 DefaultOrganization (org.opencastproject.security.api.DefaultOrganization)3 RestQuery (org.opencastproject.util.doc.rest.RestQuery)3 ArrayList (java.util.ArrayList)2 GET (javax.ws.rs.GET)2 Produces (javax.ws.rs.Produces)2 WebApplicationException (javax.ws.rs.WebApplicationException)2 AclServiceFactory (org.opencastproject.authorization.xacml.manager.api.AclServiceFactory)2 AclServiceNoReferenceException (org.opencastproject.authorization.xacml.manager.api.AclServiceNoReferenceException)2 ManagedAcl (org.opencastproject.authorization.xacml.manager.api.ManagedAcl)2 TransitionQuery (org.opencastproject.authorization.xacml.manager.api.TransitionQuery)2 JsonConv.fullAccessControlList (org.opencastproject.authorization.xacml.manager.endpoint.JsonConv.fullAccessControlList)2 AclTransitionDbDuplicatedException (org.opencastproject.authorization.xacml.manager.impl.AclTransitionDbDuplicatedException)2 SecurityService (org.opencastproject.security.api.SecurityService)2 SeriesException (org.opencastproject.series.api.SeriesException)2 Jsons (org.opencastproject.util.Jsons)2