resource-registry/src/main/java/org/gcube/informationsystem/resourceregistry/contexts/security/AdminSecurityContext.java

package org.gcube.informationsystem.resourceregistry.contexts.security;

import java.util.UUID;

import org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException;
import org.gcube.informationsystem.resourceregistry.dbinitialization.DatabaseEnvironment;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.orientechnologies.orient.core.metadata.security.ORole;
import com.orientechnologies.orient.core.metadata.security.ORule;
import com.orientechnologies.orient.core.metadata.security.OSecurity;

/**
 * @author Luca Frosini (ISTI - CNR)
 */
public class AdminSecurityContext extends SecurityContext {
	
	private static Logger logger = LoggerFactory.getLogger(SecurityContext.class);
	
	public static final String ADMIN_SECURITY_CONTEXT;
	public static final UUID ADMIN_SECURITY_CONTEXT_UUID;
	
	static {
		ADMIN_SECURITY_CONTEXT = "00000000-0000-0000-0000-000000000000";
		ADMIN_SECURITY_CONTEXT_UUID = UUID.fromString(ADMIN_SECURITY_CONTEXT);
	}
	
	public AdminSecurityContext() throws ResourceRegistryException {
		super(ADMIN_SECURITY_CONTEXT_UUID, false);
	}
	
	@Override
	public void create() {
		throw new RuntimeException("Cannot use this method for Admin Context");
	}
	
	@Override
	protected ORole getSuperRole(OSecurity oSecurity, PermissionMode permissionMode) {
		return oSecurity.getRole(DatabaseEnvironment.DEFAULT_ADMIN_ROLE);
	}
	
	@Override
	protected ORole addExtraRules(ORole role, PermissionMode permissionMode) {
		logger.trace("Adding extra rules for {}", role.getName());
		switch(permissionMode) {
			case WRITER:
				role.addRule(ORule.ResourceGeneric.BYPASS_RESTRICTED, null, ORole.PERMISSION_ALL);
				break;
			
			case READER:
				role.addRule(ORule.ResourceGeneric.BYPASS_RESTRICTED, null, ORole.PERMISSION_READ);
				break;
			
			default:
				break;
		}
		return role;
	}
	
}
Reorganizing packages 2020-01-27 17:07:37 +01:00			`package org.gcube.informationsystem.resourceregistry.contexts.security;`
Refs #10435: Add support for hierarchical roles to support child context overview Task-Url: https://support.d4science.org/issues/10435 git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/information-system/resource-registry@158968 82a268e6-3cf1-43bd-a215-b396298e98cf 2017-11-30 18:06:08 +01:00
Added support to manage reserved UUID 2021-10-21 16:32:05 +02:00			`import java.util.UUID;`

Refs #10435: Add support for hierarchical roles to support child context overview Task-Url: https://support.d4science.org/issues/10435 git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/information-system/resource-registry@158968 82a268e6-3cf1-43bd-a215-b396298e98cf 2017-11-30 18:06:08 +01:00			`import org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException;`
			`import org.gcube.informationsystem.resourceregistry.dbinitialization.DatabaseEnvironment;`
			`import org.slf4j.Logger;`
			`import org.slf4j.LoggerFactory;`

			`import com.orientechnologies.orient.core.metadata.security.ORole;`
			`import com.orientechnologies.orient.core.metadata.security.ORule;`
			`import com.orientechnologies.orient.core.metadata.security.OSecurity;`

			`/**`
			`* @author Luca Frosini (ISTI - CNR)`
			`*/`
			`public class AdminSecurityContext extends SecurityContext {`

			`private static Logger logger = LoggerFactory.getLogger(SecurityContext.class);`

Added support to manage reserved UUID 2021-10-21 16:32:05 +02:00			`public static final String ADMIN_SECURITY_CONTEXT;`
			`public static final UUID ADMIN_SECURITY_CONTEXT_UUID;`

			`static {`
			`ADMIN_SECURITY_CONTEXT = "00000000-0000-0000-0000-000000000000";`
			`ADMIN_SECURITY_CONTEXT_UUID = UUID.fromString(ADMIN_SECURITY_CONTEXT);`
			`}`

Refs #10435: Add support for hierarchical roles to support child context overview Task-Url: https://support.d4science.org/issues/10435 git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/information-system/resource-registry@158968 82a268e6-3cf1-43bd-a215-b396298e98cf 2017-11-30 18:06:08 +01:00			`public AdminSecurityContext() throws ResourceRegistryException {`
Added support to manage reserved UUID 2021-10-21 16:32:05 +02:00			`super(ADMIN_SECURITY_CONTEXT_UUID, false);`
Refs #10435: Add support for hierarchical roles to support child context overview Task-Url: https://support.d4science.org/issues/10435 git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/information-system/resource-registry@158968 82a268e6-3cf1-43bd-a215-b396298e98cf 2017-11-30 18:06:08 +01:00			`}`

			`@Override`
			`public void create() {`
			`throw new RuntimeException("Cannot use this method for Admin Context");`
			`}`

Fixes #10435: Add support for hierarchical roles to support child context overview Task-Url: https://support.d4science.org/issues/10435 git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/information-system/resource-registry@160040 82a268e6-3cf1-43bd-a215-b396298e98cf 2017-12-05 10:10:34 +01:00			`@Override`
Refs #10435: Add support for hierarchical roles to support child context overview Task-Url: https://support.d4science.org/issues/10435 git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/information-system/resource-registry@158968 82a268e6-3cf1-43bd-a215-b396298e98cf 2017-11-30 18:06:08 +01:00			`protected ORole getSuperRole(OSecurity oSecurity, PermissionMode permissionMode) {`
			`return oSecurity.getRole(DatabaseEnvironment.DEFAULT_ADMIN_ROLE);`
			`}`

			`@Override`
			`protected ORole addExtraRules(ORole role, PermissionMode permissionMode) {`
			`logger.trace("Adding extra rules for {}", role.getName());`
			`switch(permissionMode) {`
			`case WRITER:`
			`role.addRule(ORule.ResourceGeneric.BYPASS_RESTRICTED, null, ORole.PERMISSION_ALL);`
			`break;`

			`case READER:`
			`role.addRule(ORule.ResourceGeneric.BYPASS_RESTRICTED, null, ORole.PERMISSION_READ);`
			`break;`

			`default:`
			`break;`
			`}`
			`return role;`
			`}`

			`}`