git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/Common/authorization-common-library@174481 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
33b0a0eae5
commit
96a03e8768
|
@ -22,7 +22,7 @@
|
|||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.7">
|
||||
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
|
||||
<attributes>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
eclipse.preferences.version=1
|
||||
org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
|
||||
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.7
|
||||
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.8
|
||||
org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
|
||||
org.eclipse.jdt.core.compiler.compliance=1.7
|
||||
org.eclipse.jdt.core.compiler.compliance=1.8
|
||||
org.eclipse.jdt.core.compiler.debug.lineNumber=generate
|
||||
org.eclipse.jdt.core.compiler.debug.localVariable=generate
|
||||
org.eclipse.jdt.core.compiler.debug.sourceFile=generate
|
||||
org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
|
||||
org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
|
||||
org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
|
||||
org.eclipse.jdt.core.compiler.source=1.7
|
||||
org.eclipse.jdt.core.compiler.source=1.8
|
||||
|
|
2
pom.xml
2
pom.xml
|
@ -3,7 +3,7 @@
|
|||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.gcube.common</groupId>
|
||||
<artifactId>common-authorization</artifactId>
|
||||
<version>2.1.1-SNAPSHOT</version>
|
||||
<version>2.1.3-SNAPSHOT</version>
|
||||
<name>authorization service common library</name>
|
||||
|
||||
<parent>
|
||||
|
|
|
@ -13,5 +13,6 @@ import org.gcube.common.authorization.library.policies.Action;
|
|||
@Target(ElementType.METHOD)
|
||||
public @interface AuthorizationControl {
|
||||
|
||||
Action[] check() default {Action.ALL};
|
||||
Action[] actions() default {Action.ALL};
|
||||
String[] allowed() default {};
|
||||
}
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
package org.gcube.common.authorization.library.aspect;
|
||||
|
||||
import java.lang.reflect.Method;
|
||||
import java.util.Arrays;
|
||||
|
||||
import org.aspectj.lang.JoinPoint;
|
||||
import org.aspectj.lang.annotation.Aspect;
|
||||
|
@ -9,6 +10,7 @@ import org.aspectj.lang.annotation.Before;
|
|||
import org.aspectj.lang.annotation.Pointcut;
|
||||
import org.aspectj.lang.reflect.MethodSignature;
|
||||
import org.gcube.common.authorization.library.annotations.AuthorizationControl;
|
||||
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
|
@ -16,7 +18,7 @@ import org.slf4j.LoggerFactory;
|
|||
public class AuthorizationAspect {
|
||||
|
||||
Logger log = LoggerFactory.getLogger(AuthorizationAspect.class);
|
||||
|
||||
|
||||
@Pointcut("@annotation(org.gcube.common.authorization.library.annotations.AuthorizationControl)")
|
||||
public void authorizationEntyPoint() {
|
||||
}
|
||||
|
@ -30,7 +32,10 @@ public class AuthorizationAspect {
|
|||
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
|
||||
Method method = signature.getMethod();
|
||||
AuthorizationControl authAnn = (AuthorizationControl) method.getAnnotation(AuthorizationControl.class);
|
||||
log.info("aspect before with annotation {} and value {} in method {}", authAnn.annotationType(), authAnn.check(), method.getName());
|
||||
log.info("aspect before with annotation {} and value {} in method {}", authAnn.annotationType(), authAnn.actions(), authAnn.allowed(), method.getName());
|
||||
String userId = AuthorizationProvider.instance.get().getClient().getId();
|
||||
if (authAnn.allowed().length!=0 && !Arrays.asList(authAnn.allowed()).contains(userId))
|
||||
throw new RuntimeException("user not allowed to call method "+method.getName());
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue