Lucio Lelii 2016-02-01 14:14:51 +00:00
parent f3f777adb8
commit 00091c59ee
7 changed files with 66 additions and 33 deletions

View File

@ -17,6 +17,11 @@
</properties> </properties>
<dependencies> <dependencies>
<dependency>
<groupId>org.reflections</groupId>
<artifactId>reflections</artifactId>
<version>0.9.9-RC1</version>
</dependency>
<dependency> <dependency>
<groupId>org.gcube.core</groupId> <groupId>org.gcube.core</groupId>
<artifactId>common-scope</artifactId> <artifactId>common-scope</artifactId>

View File

@ -6,10 +6,12 @@ import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy; import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target; import java.lang.annotation.Target;
import org.gcube.common.authorization.library.policies.Mode;
@Inherited @Inherited
@Retention(RetentionPolicy.RUNTIME) @Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD) @Target(ElementType.METHOD)
public @interface IsAllowedFor { public @interface AuthorizationControl {
String[] roles(); Mode[] check() default {Mode.ALL};
} }

View File

@ -1,14 +0,0 @@
package org.gcube.common.authorization.library.annotations;
import java.lang.annotation.ElementType;
import java.lang.annotation.Inherited;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
@Inherited
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface SubjectToQuota {
}

View File

@ -0,0 +1,6 @@
package org.gcube.common.authorization.library.policies;
public enum Mode {
ALL, ACCESS, WRITE, EXECUTE;
}

View File

@ -22,6 +22,8 @@ public abstract class Policy {
public abstract String getContext(); public abstract String getContext();
public abstract Mode getMode();
public long getId() { public long getId() {
return id; return id;
} }

View File

@ -11,7 +11,8 @@ public class Service2ServicePolicy extends Policy{
private ServiceAccess client; private ServiceAccess client;
private String context; private String context;
private ServiceAccess serviceAccess; private ServiceAccess serviceAccess;
private Mode mode = Mode.ALL;
protected Service2ServicePolicy(){} protected Service2ServicePolicy(){}
public Service2ServicePolicy(String context, ServiceAccess serviceAccess, public Service2ServicePolicy(String context, ServiceAccess serviceAccess,
@ -21,6 +22,12 @@ public class Service2ServicePolicy extends Policy{
this.client = client; this.client = client;
} }
public Service2ServicePolicy(String context, ServiceAccess serviceAccess,
ServiceAccess client, Mode mode) {
this(context, serviceAccess, client);
this.mode = mode;
}
@Override @Override
public PolicyType getPolicyType() { public PolicyType getPolicyType() {
return PolicyType.SERVICE; return PolicyType.SERVICE;
@ -28,7 +35,7 @@ public class Service2ServicePolicy extends Policy{
@Override @Override
public String getPolicyAsString() { public String getPolicyAsString() {
return this.context+","+serviceAccess.getAsString()+","+serviceAccess.getAsString(); return this.context+","+serviceAccess.getAsString()+","+serviceAccess.getAsString()+"["+mode.toString()+"]";
} }
public ServiceAccess getClient() { public ServiceAccess getClient() {
@ -48,8 +55,8 @@ public class Service2ServicePolicy extends Policy{
final int prime = 31; final int prime = 31;
int result = 1; int result = 1;
result = prime * result + ((client == null) ? 0 : client.hashCode()); result = prime * result + ((client == null) ? 0 : client.hashCode());
result = prime * result result = prime * result + ((context == null) ? 0 : context.hashCode());
+ ((context == null) ? 0 : context.hashCode()); result = prime * result + ((mode == null) ? 0 : mode.hashCode());
result = prime * result result = prime * result
+ ((serviceAccess == null) ? 0 : serviceAccess.hashCode()); + ((serviceAccess == null) ? 0 : serviceAccess.hashCode());
return result; return result;
@ -74,6 +81,8 @@ public class Service2ServicePolicy extends Policy{
return false; return false;
} else if (!context.equals(other.context)) } else if (!context.equals(other.context))
return false; return false;
if (mode != other.mode)
return false;
if (serviceAccess == null) { if (serviceAccess == null) {
if (other.serviceAccess != null) if (other.serviceAccess != null)
return false; return false;
@ -81,11 +90,17 @@ public class Service2ServicePolicy extends Policy{
return false; return false;
return true; return true;
} }
@Override @Override
public String toString() { public String toString() {
return "Service2ServicePolicy [client=" + client + ", environment=" return "Service2ServicePolicy [id="+getId()+" client=" + client + ", context="
+ context + ", serviceAccess=" + serviceAccess + ", id = "+id+"]"; + context + ", serviceAccess=" + serviceAccess + ", mode="
+ mode + "]";
}
@Override
public Mode getMode() {
return this.mode;
} }

View File

@ -18,6 +18,8 @@ public class User2ServicePolicy extends Policy {
private String context; private String context;
private ServiceAccess serviceAccess; private ServiceAccess serviceAccess;
private Mode mode = Mode.ALL;
protected User2ServicePolicy(){} protected User2ServicePolicy(){}
public User2ServicePolicy(String context, ServiceAccess serviceAccess, UserEntity entity) { public User2ServicePolicy(String context, ServiceAccess serviceAccess, UserEntity entity) {
@ -26,6 +28,12 @@ public class User2ServicePolicy extends Policy {
this.entity = entity; this.entity = entity;
} }
public User2ServicePolicy(String context, ServiceAccess serviceAccess, UserEntity entity, Mode mode) {
this(context, serviceAccess, entity);
this.mode = mode;
}
public UserEntity getEntity() { public UserEntity getEntity() {
return entity; return entity;
} }
@ -41,20 +49,22 @@ public class User2ServicePolicy extends Policy {
@Override @Override
public String getPolicyAsString() { public String getPolicyAsString() {
return this.context+","+serviceAccess.getAsString()+","+entity.getAsString(); return this.context+","+serviceAccess.getAsString()+","+entity.getAsString()+"["+mode.toString()+"]";
} }
public String getContext() { public String getContext() {
return context; return context;
} }
@Override @Override
public int hashCode() { public int hashCode() {
final int prime = 31; final int prime = 31;
int result = 1; int result = 1;
result = prime * result + ((context == null) ? 0 : context.hashCode());
result = prime * result + ((entity == null) ? 0 : entity.hashCode()); result = prime * result + ((entity == null) ? 0 : entity.hashCode());
result = prime * result result = prime * result + ((mode == null) ? 0 : mode.hashCode());
+ ((context == null) ? 0 : context.hashCode());
result = prime * result result = prime * result
+ ((serviceAccess == null) ? 0 : serviceAccess.hashCode()); + ((serviceAccess == null) ? 0 : serviceAccess.hashCode());
return result; return result;
@ -69,15 +79,17 @@ public class User2ServicePolicy extends Policy {
if (getClass() != obj.getClass()) if (getClass() != obj.getClass())
return false; return false;
User2ServicePolicy other = (User2ServicePolicy) obj; User2ServicePolicy other = (User2ServicePolicy) obj;
if (context == null) {
if (other.context != null)
return false;
} else if (!context.equals(other.context))
return false;
if (entity == null) { if (entity == null) {
if (other.entity != null) if (other.entity != null)
return false; return false;
} else if (!entity.equals(other.entity)) } else if (!entity.equals(other.entity))
return false; return false;
if (context == null) { if (mode != other.mode)
if (other.context != null)
return false;
} else if (!context.equals(other.context))
return false; return false;
if (serviceAccess == null) { if (serviceAccess == null) {
if (other.serviceAccess != null) if (other.serviceAccess != null)
@ -86,11 +98,16 @@ public class User2ServicePolicy extends Policy {
return false; return false;
return true; return true;
} }
@Override @Override
public String toString() { public String toString() {
return "User2ServicePolicy [entity=" + entity + ", environment=" return "User2ServicePolicy [id="+getId()+" entity=" + entity + ", context=" + context
+ context + ", serviceAccess=" + serviceAccess + ", id = "+id+"]"; + ", serviceAccess=" + serviceAccess + ", mode=" + mode + "]";
}
@Override
public Mode getMode() {
return this.mode;
} }
} }