Lucio Lelii 2018-11-29 18:17:29 +00:00
parent 33b0a0eae5
commit 96a03e8768
5 changed files with 14 additions and 8 deletions

View File

@ -22,7 +22,7 @@
<attribute name="maven.pomderived" value="true"/> <attribute name="maven.pomderived" value="true"/>
</attributes> </attributes>
</classpathentry> </classpathentry>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.7"> <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
<attributes> <attributes>
<attribute name="maven.pomderived" value="true"/> <attribute name="maven.pomderived" value="true"/>
</attributes> </attributes>

View File

@ -1,12 +1,12 @@
eclipse.preferences.version=1 eclipse.preferences.version=1
org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.7 org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.8
org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
org.eclipse.jdt.core.compiler.compliance=1.7 org.eclipse.jdt.core.compiler.compliance=1.8
org.eclipse.jdt.core.compiler.debug.lineNumber=generate org.eclipse.jdt.core.compiler.debug.lineNumber=generate
org.eclipse.jdt.core.compiler.debug.localVariable=generate org.eclipse.jdt.core.compiler.debug.localVariable=generate
org.eclipse.jdt.core.compiler.debug.sourceFile=generate org.eclipse.jdt.core.compiler.debug.sourceFile=generate
org.eclipse.jdt.core.compiler.problem.assertIdentifier=error org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
org.eclipse.jdt.core.compiler.problem.enumIdentifier=error org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
org.eclipse.jdt.core.compiler.source=1.7 org.eclipse.jdt.core.compiler.source=1.8

View File

@ -3,7 +3,7 @@
<modelVersion>4.0.0</modelVersion> <modelVersion>4.0.0</modelVersion>
<groupId>org.gcube.common</groupId> <groupId>org.gcube.common</groupId>
<artifactId>common-authorization</artifactId> <artifactId>common-authorization</artifactId>
<version>2.1.1-SNAPSHOT</version> <version>2.1.3-SNAPSHOT</version>
<name>authorization service common library</name> <name>authorization service common library</name>
<parent> <parent>

View File

@ -13,5 +13,6 @@ import org.gcube.common.authorization.library.policies.Action;
@Target(ElementType.METHOD) @Target(ElementType.METHOD)
public @interface AuthorizationControl { public @interface AuthorizationControl {
Action[] check() default {Action.ALL}; Action[] actions() default {Action.ALL};
String[] allowed() default {};
} }

View File

@ -2,6 +2,7 @@
package org.gcube.common.authorization.library.aspect; package org.gcube.common.authorization.library.aspect;
import java.lang.reflect.Method; import java.lang.reflect.Method;
import java.util.Arrays;
import org.aspectj.lang.JoinPoint; import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect; import org.aspectj.lang.annotation.Aspect;
@ -9,6 +10,7 @@ import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut; import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature; import org.aspectj.lang.reflect.MethodSignature;
import org.gcube.common.authorization.library.annotations.AuthorizationControl; import org.gcube.common.authorization.library.annotations.AuthorizationControl;
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@ -16,7 +18,7 @@ import org.slf4j.LoggerFactory;
public class AuthorizationAspect { public class AuthorizationAspect {
Logger log = LoggerFactory.getLogger(AuthorizationAspect.class); Logger log = LoggerFactory.getLogger(AuthorizationAspect.class);
@Pointcut("@annotation(org.gcube.common.authorization.library.annotations.AuthorizationControl)") @Pointcut("@annotation(org.gcube.common.authorization.library.annotations.AuthorizationControl)")
public void authorizationEntyPoint() { public void authorizationEntyPoint() {
} }
@ -30,7 +32,10 @@ public class AuthorizationAspect {
MethodSignature signature = (MethodSignature) joinPoint.getSignature(); MethodSignature signature = (MethodSignature) joinPoint.getSignature();
Method method = signature.getMethod(); Method method = signature.getMethod();
AuthorizationControl authAnn = (AuthorizationControl) method.getAnnotation(AuthorizationControl.class); AuthorizationControl authAnn = (AuthorizationControl) method.getAnnotation(AuthorizationControl.class);
log.info("aspect before with annotation {} and value {} in method {}", authAnn.annotationType(), authAnn.check(), method.getName()); log.info("aspect before with annotation {} and value {} in method {}", authAnn.annotationType(), authAnn.actions(), authAnn.allowed(), method.getName());
String userId = AuthorizationProvider.instance.get().getClient().getId();
if (authAnn.allowed().length!=0 && !Arrays.asList(authAnn.allowed()).contains(userId))
throw new RuntimeException("user not allowed to call method "+method.getName());
} }
} }