2020-01-27 17:07:37 +01:00
|
|
|
package org.gcube.informationsystem.resourceregistry.contexts.security;
|
2017-11-30 18:06:08 +01:00
|
|
|
|
2021-10-21 16:32:05 +02:00
|
|
|
import java.util.UUID;
|
|
|
|
|
2017-11-30 18:06:08 +01:00
|
|
|
import org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException;
|
2021-10-22 19:26:36 +02:00
|
|
|
import org.gcube.informationsystem.resourceregistry.contexts.ContextUtility;
|
2017-11-30 18:06:08 +01:00
|
|
|
import org.slf4j.Logger;
|
|
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @author Luca Frosini (ISTI - CNR)
|
|
|
|
*/
|
|
|
|
public class ContextSecurityContext extends SecurityContext {
|
|
|
|
|
|
|
|
private static Logger logger = LoggerFactory.getLogger(SecurityContext.class);
|
|
|
|
|
2021-10-22 19:26:36 +02:00
|
|
|
private static final String CONTEXT_SECURITY_CONTEXT;
|
|
|
|
private static final UUID CONTEXT_SECURITY_CONTEXT_UUID;
|
2021-10-21 16:32:05 +02:00
|
|
|
|
|
|
|
static {
|
|
|
|
CONTEXT_SECURITY_CONTEXT = "ffffffff-ffff-ffff-ffff-ffffffffffff";
|
|
|
|
CONTEXT_SECURITY_CONTEXT_UUID = UUID.fromString(CONTEXT_SECURITY_CONTEXT);
|
|
|
|
}
|
|
|
|
|
2021-10-22 19:26:36 +02:00
|
|
|
private static ContextSecurityContext instance;
|
|
|
|
|
|
|
|
public static ContextSecurityContext getInstance() throws ResourceRegistryException {
|
|
|
|
if(instance==null) {
|
|
|
|
instance = new ContextSecurityContext();
|
|
|
|
ContextUtility contextUtility = ContextUtility.getInstance();
|
|
|
|
contextUtility.addSecurityContext(CONTEXT_SECURITY_CONTEXT, instance);
|
|
|
|
}
|
|
|
|
return instance;
|
|
|
|
}
|
|
|
|
|
|
|
|
private ContextSecurityContext() throws ResourceRegistryException {
|
2021-10-21 16:32:05 +02:00
|
|
|
super(CONTEXT_SECURITY_CONTEXT_UUID, false);
|
2017-11-30 18:06:08 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
2023-05-11 18:35:56 +02:00
|
|
|
protected Role addExtraRules(Role role, PermissionMode permissionMode) {
|
2017-11-30 18:06:08 +01:00
|
|
|
logger.trace("Adding extra rules for {}", role.getName());
|
|
|
|
switch(permissionMode) {
|
|
|
|
case WRITER:
|
2023-05-11 18:35:56 +02:00
|
|
|
role.addRule(Rule.ResourceGeneric.CLUSTER, null, Role.PERMISSION_ALL);
|
|
|
|
role.addRule(Rule.ResourceGeneric.SYSTEM_CLUSTERS, null, Role.PERMISSION_ALL);
|
|
|
|
role.addRule(Rule.ResourceGeneric.CLASS, null, Role.PERMISSION_ALL);
|
2017-11-30 18:06:08 +01:00
|
|
|
break;
|
|
|
|
|
|
|
|
case READER:
|
2023-05-11 18:35:56 +02:00
|
|
|
role.addRule(Rule.ResourceGeneric.CLUSTER, null, Role.PERMISSION_READ);
|
|
|
|
role.addRule(Rule.ResourceGeneric.SYSTEM_CLUSTERS, null, Role.PERMISSION_READ);
|
|
|
|
role.addRule(Rule.ResourceGeneric.CLASS, null, Role.PERMISSION_READ);
|
2017-11-30 18:06:08 +01:00
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
return role;
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|