allowed context retrieved on request
This commit is contained in:
parent
8030b049d0
commit
80f5de688a
|
@ -3,12 +3,8 @@ package org.gcube.smartgears.configuration.container;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.HashSet;
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Set;
|
|
||||||
|
|
||||||
import javax.xml.bind.annotation.XmlTransient;
|
|
||||||
|
|
||||||
import org.gcube.common.validator.ValidationError;
|
import org.gcube.common.validator.ValidationError;
|
||||||
import org.gcube.common.validator.Validator;
|
import org.gcube.common.validator.Validator;
|
||||||
|
@ -46,9 +42,6 @@ public class ContainerConfiguration {
|
||||||
|
|
||||||
@NotEmpty @NotNull
|
@NotEmpty @NotNull
|
||||||
private String accountingFallbackLocation;
|
private String accountingFallbackLocation;
|
||||||
|
|
||||||
@XmlTransient
|
|
||||||
private Set<String> allowedContext = new HashSet<String>();
|
|
||||||
|
|
||||||
private List<ApplicationConfiguration> apps = new ArrayList<ApplicationConfiguration>();
|
private List<ApplicationConfiguration> apps = new ArrayList<ApplicationConfiguration>();
|
||||||
|
|
||||||
|
@ -234,15 +227,6 @@ public class ContainerConfiguration {
|
||||||
return baseConfiguration.getPublicationFrequencyInSeconds();
|
return baseConfiguration.getPublicationFrequencyInSeconds();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public Set<String> allowedContexts() {
|
|
||||||
return allowedContext;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void allowedContexts(Set<String> allowedContexts) {
|
|
||||||
this.allowedContext = allowedContexts;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Validates this configuration
|
* Validates this configuration
|
||||||
*
|
*
|
||||||
|
|
|
@ -5,6 +5,8 @@ import static org.gcube.smartgears.handlers.application.request.RequestError.app
|
||||||
import static org.gcube.smartgears.handlers.application.request.RequestError.application_unavailable_error;
|
import static org.gcube.smartgears.handlers.application.request.RequestError.application_unavailable_error;
|
||||||
import static org.gcube.smartgears.handlers.application.request.RequestError.invalid_request_error;
|
import static org.gcube.smartgears.handlers.application.request.RequestError.invalid_request_error;
|
||||||
|
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
import javax.xml.bind.annotation.XmlRootElement;
|
import javax.xml.bind.annotation.XmlRootElement;
|
||||||
|
|
||||||
import org.gcube.common.security.ContextBean;
|
import org.gcube.common.security.ContextBean;
|
||||||
|
@ -92,10 +94,11 @@ public class RequestValidator extends RequestHandler {
|
||||||
ContextBean bean = new ContextBean(context);
|
ContextBean bean = new ContextBean(context);
|
||||||
|
|
||||||
ContainerConfiguration conf = appContext.container().configuration();
|
ContainerConfiguration conf = appContext.container().configuration();
|
||||||
if (!conf.allowedContexts().contains(context) &&
|
Set<String> allowedContexts =conf.authorizationProvider().getContexts();
|
||||||
|
if (!allowedContexts.contains(context) &&
|
||||||
!(conf.authorizeChildrenContext() && bean.is(Type.VRE)
|
!(conf.authorizeChildrenContext() && bean.is(Type.VRE)
|
||||||
&& conf.allowedContexts().contains(bean.enclosingScope().toString()) ) ) {
|
&& allowedContexts.contains(bean.enclosingScope().toString()) ) ) {
|
||||||
log.warn("rejecting call to {} in invalid context {}, allowed context are {}",appContext.name(),context,appContext.container().configuration().allowedContexts());
|
log.warn("rejecting call to {} in invalid context {}, allowed context are {}",appContext.name(),context,allowedContexts);
|
||||||
invalid_request_error.fire(appContext.name()+" cannot be called in scope "+context);
|
invalid_request_error.fire(appContext.name()+" cannot be called in scope "+context);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -111,10 +111,7 @@ public class ContainerManager {
|
||||||
log.error("no valid contexts found, moving the container to failed");
|
log.error("no valid contexts found, moving the container to failed");
|
||||||
throw new RuntimeException("no valid contexts found, moving the container to failed");
|
throw new RuntimeException("no valid contexts found, moving the container to failed");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
//context.configuration().startTokens().removeAll(tokensToRemove);
|
|
||||||
context.configuration().allowedContexts(foundContexts);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public void manage(ApplicationContext app) {
|
public void manage(ApplicationContext app) {
|
||||||
|
|
|
@ -9,5 +9,7 @@ public interface PersistenceWriter {
|
||||||
File writefile(String path);
|
File writefile(String path);
|
||||||
|
|
||||||
long getFreeSpace();
|
long getFreeSpace();
|
||||||
|
|
||||||
|
String getLocation();
|
||||||
|
|
||||||
}
|
}
|
Loading…
Reference in New Issue