Examples with AccessControlList org.opencastproject.security.api.AccessControlList used on opensource projects

Search in sources :

Example 96 with AccessControlList

use of org.opencastproject.security.api.AccessControlList in project opencast by opencast.

the class SearchServicePersistenceTest method testAdding.

@Test
public void testAdding() throws Exception {
    Date modifictaionDate = new Date();
    searchDatabase.storeMediaPackage(mediaPackage, accessControlList, modifictaionDate);
    Iterator<Tuple<MediaPackage, String>> mediaPackages = searchDatabase.getAllMediaPackages();
    while (mediaPackages.hasNext()) {
        Tuple<MediaPackage, String> mediaPackage = mediaPackages.next();
        String mediaPackageId = mediaPackage.getA().getIdentifier().toString();
        AccessControlList acl = searchDatabase.getAccessControlList(mediaPackageId);
        Assert.assertEquals(accessControlList.getEntries().size(), acl.getEntries().size());
        Assert.assertEquals(accessControlList.getEntries().get(0), acl.getEntries().get(0));
        Assert.assertNull(searchDatabase.getDeletionDate(mediaPackageId));
        Assert.assertEquals(modifictaionDate, searchDatabase.getModificationDate(mediaPackageId));
        Assert.assertEquals(mediaPackage.getA(), searchDatabase.getMediaPackage(mediaPackageId));
        Assert.assertEquals(securityService.getOrganization().getId(), mediaPackage.getB());
        Assert.assertEquals(securityService.getOrganization().getId(), searchDatabase.getOrganizationId(mediaPackageId));
    }
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) MediaPackage(org.opencastproject.mediapackage.MediaPackage) Date(java.util.Date) Tuple(org.opencastproject.util.data.Tuple) Test(org.junit.Test)

Example 97 with AccessControlList

use of org.opencastproject.security.api.AccessControlList in project opencast by opencast.

the class SearchServicePersistenceTest method setUp.

/**
 * @throws java.lang.Exception
 */
@Before
public void setUp() throws Exception {
    securityService = EasyMock.createNiceMock(SecurityService.class);
    DefaultOrganization defaultOrganization = new DefaultOrganization();
    User user = new JaxbUser("admin", "test", defaultOrganization, new JaxbRole(SecurityConstants.GLOBAL_ADMIN_ROLE, defaultOrganization));
    EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
    EasyMock.expect(securityService.getUser()).andReturn(user).anyTimes();
    EasyMock.replay(securityService);
    searchDatabase = new SearchServiceDatabaseImpl();
    searchDatabase.setEntityManagerFactory(newTestEntityManagerFactory(SearchServiceDatabaseImpl.PERSISTENCE_UNIT));
    searchDatabase.setSecurityService(securityService);
    searchDatabase.activate(null);
    mediaPackage = MediaPackageBuilderFactory.newInstance().newMediaPackageBuilder().createNew();
    accessControlList = new AccessControlList();
    List<AccessControlEntry> acl = accessControlList.getEntries();
    acl.add(new AccessControlEntry("admin", Permissions.Action.WRITE.toString(), true));
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) User(org.opencastproject.security.api.User) JaxbUser(org.opencastproject.security.api.JaxbUser) JaxbRole(org.opencastproject.security.api.JaxbRole) SecurityService(org.opencastproject.security.api.SecurityService) AccessControlEntry(org.opencastproject.security.api.AccessControlEntry) JaxbUser(org.opencastproject.security.api.JaxbUser) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization) Before(org.junit.Before)

Example 98 with AccessControlList

use of org.opencastproject.security.api.AccessControlList in project opencast by opencast.

the class SchedulerServiceRemoteImpl method getAccessControlList.

@Override
public AccessControlList getAccessControlList(String eventId) throws NotFoundException, UnauthorizedException, SchedulerException {
    HttpGet get = new HttpGet(eventId.concat("/acl"));
    HttpResponse response = getResponse(get, SC_OK, SC_NOT_FOUND, SC_NO_CONTENT, SC_UNAUTHORIZED);
    try {
        if (response != null) {
            switch(response.getStatusLine().getStatusCode()) {
                case SC_NOT_FOUND:
                    throw new NotFoundException("Event '" + eventId + "' not found on remote scheduler service!");
                case SC_NO_CONTENT:
                    return null;
                case SC_UNAUTHORIZED:
                    logger.info("Unauthorized to get acl of the event {}.", eventId);
                    throw new UnauthorizedException("Unauthorized to get acl of the event " + eventId);
                default:
                    String aclString = EntityUtils.toString(response.getEntity(), "UTF-8");
                    AccessControlList accessControlList = AccessControlParser.parseAcl(aclString);
                    logger.info("Successfully get event {} access control list from the remote scheduler service", eventId);
                    return accessControlList;
            }
        }
    } catch (NotFoundException e) {
        throw e;
    } catch (UnauthorizedException e) {
        throw e;
    } catch (Exception e) {
        throw new SchedulerException("Unable to get event access control list from remote scheduler service: " + e);
    } finally {
        closeConnection(response);
    }
    throw new SchedulerException("Unable to get event access control list from remote scheduler service");
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) SchedulerException(org.opencastproject.scheduler.api.SchedulerException) HttpGet(org.apache.http.client.methods.HttpGet) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) HttpResponse(org.apache.http.HttpResponse) NotFoundException(org.opencastproject.util.NotFoundException) SchedulerException(org.opencastproject.scheduler.api.SchedulerException) SchedulerTransactionLockException(org.opencastproject.scheduler.api.SchedulerTransactionLockException) SchedulerConflictException(org.opencastproject.scheduler.api.SchedulerConflictException) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) NotFoundException(org.opencastproject.util.NotFoundException)

Example 99 with AccessControlList

use of org.opencastproject.security.api.AccessControlList in project opencast by opencast.

the class SearchServiceDatabaseImpl method getDeletionDate.

/**
 * {@inheritDoc}
 *
 * @see org.opencastproject.search.impl.persistence.SearchServiceDatabase#getDeletionDate(String)
 */
@Override
public Date getDeletionDate(String mediaPackageId) throws NotFoundException, SearchServiceDatabaseException {
    EntityManager em = null;
    EntityTransaction tx = null;
    try {
        em = emf.createEntityManager();
        tx = em.getTransaction();
        tx.begin();
        SearchEntity searchEntity = getSearchEntity(mediaPackageId, em);
        if (searchEntity == null) {
            throw new NotFoundException("No media package with id=" + mediaPackageId + " exists");
        }
        // Ensure this user is allowed to read this media package
        String accessControlXml = searchEntity.getAccessControl();
        if (accessControlXml != null) {
            AccessControlList acl = AccessControlParser.parseAcl(accessControlXml);
            User currentUser = securityService.getUser();
            Organization currentOrg = securityService.getOrganization();
            if (!AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, READ.toString()))
                throw new UnauthorizedException(currentUser + " is not authorized to read media package " + mediaPackageId);
        }
        return searchEntity.getDeletionDate();
    } catch (NotFoundException e) {
        throw e;
    } catch (Exception e) {
        logger.error("Could not get deletion date {}: {}", mediaPackageId, e.getMessage());
        if (tx.isActive()) {
            tx.rollback();
        }
        throw new SearchServiceDatabaseException(e);
    } finally {
        if (em != null)
            em.close();
    }
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) EntityTransaction(javax.persistence.EntityTransaction) EntityManager(javax.persistence.EntityManager) User(org.opencastproject.security.api.User) Organization(org.opencastproject.security.api.Organization) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) NotFoundException(org.opencastproject.util.NotFoundException) NoResultException(javax.persistence.NoResultException) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) NotFoundException(org.opencastproject.util.NotFoundException)

Example 100 with AccessControlList

use of org.opencastproject.security.api.AccessControlList in project opencast by opencast.

the class SearchServiceDatabaseImpl method getModificationDate.

/**
 * {@inheritDoc}
 *
 * @see org.opencastproject.search.impl.persistence.SearchServiceDatabase#getModificationDate(String)
 */
@Override
public Date getModificationDate(String mediaPackageId) throws NotFoundException, SearchServiceDatabaseException {
    EntityManager em = null;
    EntityTransaction tx = null;
    try {
        em = emf.createEntityManager();
        tx = em.getTransaction();
        tx.begin();
        SearchEntity searchEntity = getSearchEntity(mediaPackageId, em);
        if (searchEntity == null)
            throw new NotFoundException("No media package with id=" + mediaPackageId + " exists");
        // Ensure this user is allowed to read this media package
        String accessControlXml = searchEntity.getAccessControl();
        if (accessControlXml != null) {
            AccessControlList acl = AccessControlParser.parseAcl(accessControlXml);
            User currentUser = securityService.getUser();
            Organization currentOrg = securityService.getOrganization();
            if (!AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, READ.toString()))
                throw new UnauthorizedException(currentUser + " is not authorized to read media package " + mediaPackageId);
        }
        return searchEntity.getModificationDate();
    } catch (NotFoundException e) {
        throw e;
    } catch (Exception e) {
        logger.error("Could not get modification date {}: {}", mediaPackageId, e.getMessage());
        if (tx.isActive()) {
            tx.rollback();
        }
        throw new SearchServiceDatabaseException(e);
    } finally {
        if (em != null)
            em.close();
    }
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) EntityTransaction(javax.persistence.EntityTransaction) EntityManager(javax.persistence.EntityManager) User(org.opencastproject.security.api.User) Organization(org.opencastproject.security.api.Organization) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) NotFoundException(org.opencastproject.util.NotFoundException) NoResultException(javax.persistence.NoResultException) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) NotFoundException(org.opencastproject.util.NotFoundException)

Aggregations

AccessControlList (org.opencastproject.security.api.AccessControlList)108 NotFoundException (org.opencastproject.util.NotFoundException)46 UnauthorizedException (org.opencastproject.security.api.UnauthorizedException)38 AccessControlEntry (org.opencastproject.security.api.AccessControlEntry)30 MediaPackage (org.opencastproject.mediapackage.MediaPackage)27 Test (org.junit.Test)26 IOException (java.io.IOException)22 Organization (org.opencastproject.security.api.Organization)22 User (org.opencastproject.security.api.User)21 DublinCoreCatalog (org.opencastproject.metadata.dublincore.DublinCoreCatalog)19 ArrayList (java.util.ArrayList)18 SeriesException (org.opencastproject.series.api.SeriesException)18 ManagedAcl (org.opencastproject.authorization.xacml.manager.api.ManagedAcl)16 MediaPackageException (org.opencastproject.mediapackage.MediaPackageException)16 Date (java.util.Date)15 SchedulerException (org.opencastproject.scheduler.api.SchedulerException)14 Path (javax.ws.rs.Path)13 RestQuery (org.opencastproject.util.doc.rest.RestQuery)13 WebApplicationException (javax.ws.rs.WebApplicationException)12 File (java.io.File)10
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial