2020-06-18 10:56:20 +02:00
|
|
|
package org.gcube.oidc;
|
2020-05-21 15:47:28 +02:00
|
|
|
|
|
|
|
import java.util.ArrayList;
|
|
|
|
import java.util.Collections;
|
|
|
|
import java.util.List;
|
|
|
|
import java.util.Map;
|
|
|
|
|
2020-07-03 17:31:19 +02:00
|
|
|
import org.slf4j.Logger;
|
|
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
|
2020-05-21 15:47:28 +02:00
|
|
|
public class SlashSeparatedContextMapper extends AbstractOIDCToSitesAndRolesMapper {
|
|
|
|
|
2020-07-03 17:31:19 +02:00
|
|
|
protected static final Logger logger = LoggerFactory.getLogger(SlashSeparatedContextMapper.class);
|
|
|
|
|
2020-05-21 15:47:28 +02:00
|
|
|
private static final String SPLIT_REGEXP = "/";
|
|
|
|
|
|
|
|
private static final int EMPTY_TOKEN_INDEX = 0;
|
|
|
|
|
|
|
|
private static final int ROOT_VO_TOKEN_INDEX = EMPTY_TOKEN_INDEX + 1;
|
|
|
|
|
|
|
|
private static final int VO_TOKEN_INDEX = ROOT_VO_TOKEN_INDEX + 1;
|
|
|
|
|
|
|
|
private static final int VRE_TOKEN_INDEX = VO_TOKEN_INDEX + 1;
|
|
|
|
|
|
|
|
public SlashSeparatedContextMapper(Map<String, List<String>> resourceName2AccessRoles) {
|
|
|
|
super(resourceName2AccessRoles);
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public Site map(String rootSite) throws SitesMapperExecption {
|
|
|
|
List<String> sites = new ArrayList<String>(resourceName2AccessRoles.keySet());
|
|
|
|
Collections.sort(sites);
|
|
|
|
// Sorting sites, the containers site should come before contained one
|
|
|
|
Site gwSitesTree = null;
|
|
|
|
for (String site : sites) {
|
2021-03-17 11:38:27 +01:00
|
|
|
logger.debug("Checking site: " + site);
|
2020-05-21 15:47:28 +02:00
|
|
|
List<String> roles = resourceName2AccessRoles.get(site);
|
2020-07-03 17:31:19 +02:00
|
|
|
logger.debug("Roles for site are: {}", roles);
|
2020-05-21 15:47:28 +02:00
|
|
|
String[] siteTokens = site.split(SPLIT_REGEXP);
|
2020-07-03 17:31:19 +02:00
|
|
|
logger.debug("Tokens are: {}", siteTokens.length);
|
2021-01-27 17:09:15 +01:00
|
|
|
if (siteTokens.length < 2) {
|
|
|
|
logger.debug("Skipping resource not starting with '{}'", SPLIT_REGEXP);
|
|
|
|
continue;
|
2020-05-21 15:47:28 +02:00
|
|
|
}
|
|
|
|
String rootVO = siteTokens[ROOT_VO_TOKEN_INDEX];
|
2020-07-03 17:31:19 +02:00
|
|
|
logger.debug("Root VO is: {}", rootVO);
|
2020-05-21 15:47:28 +02:00
|
|
|
if (!rootSite.equals(rootVO)) {
|
2021-03-17 11:38:27 +01:00
|
|
|
logger.debug("Skipping evaluation of site tree not belonging to this Root VO: {}", rootVO);
|
2020-05-21 15:47:28 +02:00
|
|
|
continue;
|
|
|
|
} else {
|
2021-03-17 11:38:27 +01:00
|
|
|
logger.debug("Site belongs to this Root VO");
|
2020-05-21 15:47:28 +02:00
|
|
|
}
|
|
|
|
if (siteTokens.length >= VO_TOKEN_INDEX + 1) {
|
|
|
|
if (gwSitesTree == null) {
|
|
|
|
logger.warn(rootVO + " Root VO's permissions are not set for user");
|
|
|
|
gwSitesTree = new Site(rootVO, null);
|
|
|
|
}
|
|
|
|
String vo = siteTokens[VO_TOKEN_INDEX];
|
2020-07-03 17:31:19 +02:00
|
|
|
logger.debug("VO is: {}", vo);
|
2020-05-21 15:47:28 +02:00
|
|
|
if (siteTokens.length == VRE_TOKEN_INDEX + 1) {
|
|
|
|
if (!gwSitesTree.getChildren().containsKey(vo)) {
|
|
|
|
logger.warn(vo + " VO's permissions are not set for user");
|
|
|
|
gwSitesTree.getChildren().put(vo, new Site(vo, null));
|
|
|
|
}
|
|
|
|
String vre = siteTokens[VRE_TOKEN_INDEX];
|
2020-07-03 17:31:19 +02:00
|
|
|
logger.debug("VRE is: {}", vre);
|
2021-03-17 11:38:27 +01:00
|
|
|
logger.debug("Adding leaf site: {}", vre);
|
2020-05-21 15:47:28 +02:00
|
|
|
gwSitesTree.getChildren().get(vo).getChildren().put(vre, new Site(vre, roles));
|
|
|
|
} else if (!gwSitesTree.getChildren().containsKey(vo)) {
|
2021-03-17 11:38:27 +01:00
|
|
|
logger.debug("Creating site for VO: {}", vo);
|
2020-05-21 15:47:28 +02:00
|
|
|
gwSitesTree.getChildren().put(vo, new Site(vo, roles));
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
if (gwSitesTree == null) {
|
2021-03-17 11:38:27 +01:00
|
|
|
logger.debug("Creating site for Root VO: {}", rootVO);
|
2020-05-21 15:47:28 +02:00
|
|
|
gwSitesTree = new Site(rootVO, roles);
|
|
|
|
} else {
|
|
|
|
if (gwSitesTree.getRoles() == null) {
|
2021-03-17 11:38:27 +01:00
|
|
|
logger.debug("Setting out of order roles for Root VO");
|
2020-05-21 15:47:28 +02:00
|
|
|
} else {
|
|
|
|
logger.warn("Duplicated roles definition for Root VO");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return gwSitesTree;
|
|
|
|
}
|
|
|
|
}
|