gCubeSystem
/
authorization-client
16
0
Fork 0
Code Issues Pull Requests Releases 2 Wiki Activity

git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/Common/authorization-common-client@122871 82a268e6-3cf1-43bd-a215-b396298e98cf

This commit is contained in:
Lucio Lelii 2016-02-05 16:23:25 +00:00
parent ce089c4f5c
commit 276947bdd8
2 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/main/java/org/gcube/common/authorization/client/helper/Authorization.java
View File

@ -16,7 +16,7 @@ import org.gcube.common.authorization.client.exceptions.UnauthorizedAccessExcept
import org.gcube.common.authorization.library.AuthorizationEntry;
import org.gcube.common.authorization.library.PolicyUtils;
import org.gcube.common.authorization.library.annotations.AuthorizationControl;
import org.gcube.common.authorization.library.policies.Mode;
import org.gcube.common.authorization.library.policies.Action;
import org.gcube.common.authorization.library.policies.Policy;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import org.gcube.common.authorization.library.provider.ServiceIdentifier;
@ -62,7 +62,7 @@ public class Authorization {
if (SecurityTokenProvider.instance.get()==null)
throw new RuntimeException("the Security token is not set");
Authorizable obj = (Authorizable) self;
Mode[] modes = null;
Action[] modes = null;
if (thisMethod.isAnnotationPresent(AuthorizationControl.class))
modes = thisMethod.getAnnotation(AuthorizationControl.class).check();
checkAuthorization(obj.getServiceClass(), obj.getServiceName(), modes);
@ -77,12 +77,12 @@ public class Authorization {
}
}
public static void checkAuthorization(String serviceClass, String serviceName, Mode ... modes) throws Exception{
public static void checkAuthorization(String serviceClass, String serviceName, Action ... modes) throws Exception{
if (modes==null || modes.length==0) return;
if (SecurityTokenProvider.instance.get()==null)
throw new UnauthorizedAccessException("the Security token is not set");
List<Mode> modesList = Arrays.asList(modes);
List<Action> modesList = Arrays.asList(modes);
AuthorizationEntry entry = authorizationService().get(SecurityTokenProvider.instance.get());
@ -91,7 +91,7 @@ public class Authorization {
ServiceIdentifier serviceIdentifier = new ServiceIdentifier(serviceClass, serviceName, "*");
for (Policy policy: entry.getPolicies())
if (PolicyUtils.isPolicyValidForClient(policy.getServiceAccess(), serviceIdentifier))
if (modesList.contains(policy.getMode()) || policy.getMode()==Mode.ALL)
if (modesList.contains(policy.getMode()) || policy.getMode()==Action.ALL)
throw new UnauthorizedAccessException("the invoked method is protected by the Authorization system, cannot be invoked by "+entry.getClientInfo().getId());
}

8
src/test/java/org/gcube/common/authorizationservice/cl/CallTest.java
View File

@ -6,11 +6,11 @@ import java.util.ArrayList;
import java.util.List;
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
import org.gcube.common.authorization.library.policies.Mode;
import org.gcube.common.authorization.library.policies.Action;
import org.gcube.common.authorization.library.policies.Policy;
import org.gcube.common.authorization.library.policies.ServiceAccess;
import org.gcube.common.authorization.library.policies.User;
import org.gcube.common.authorization.library.policies.User2ServicePolicy;
import org.gcube.common.authorization.library.policies.Users;
import org.gcube.common.authorization.library.provider.UserInfo;
import org.junit.Test;
public class CallTest {
@ -29,7 +29,7 @@ public class CallTest {
public void requestToken() throws Exception {
//ScopeProvider.instance.set("/gcube/devsec");
String token = authorizationService().generateToken(new UserInfo("luca.frosini", new ArrayList<String>()), "/gcube/devsec");
String token = authorizationService().generateToken(new UserInfo("costantino", new ArrayList<String>()), "/gcube");
System.out.println("token is: "+token);
}
@ -37,7 +37,7 @@ public class CallTest {
@Test
public void addPolicy() throws Exception {
List<Policy> policies = new ArrayList<Policy>();
policies.add(new User2ServicePolicy("/gcube/devsec", new ServiceAccess(), new User("lucio.lelii"), Mode.ACCESS ));
policies.add(new User2ServicePolicy("/gcube/devsec", new ServiceAccess(), Users.one("lucio.lelii"), Action.ACCESS ));
authorizationService().addPolicies(policies);
}