Fixed Security Context Management
git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/information-system/resource-registry@131059 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
f3db7c8138
commit
81357b035d
|
@ -0,0 +1,9 @@
|
|||
<web-app>
|
||||
<servlet>
|
||||
<servlet-name>org.gcube.informationsystem.resourceregistry.ResourceInitializer</servlet-name>
|
||||
</servlet>
|
||||
<servlet-mapping>
|
||||
<servlet-name>org.gcube.informationsystem.resourceregistry.ResourceInitializer</servlet-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
</web-app>
|
|
@ -9,8 +9,6 @@ public class ResourceInitializer extends ResourceConfig {
|
|||
|
||||
public ResourceInitializer(){
|
||||
packages("org.gcube.informationsystem.resourceregistry.resources");
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -67,9 +67,9 @@ public class SecurityContext {
|
|||
SecurityContextMapper.PermissionMode.READER,
|
||||
SecurityContextMapper.SecurityType.ROLE, contextID));
|
||||
|
||||
oSecurity.allowRole(oDocument, ORestrictedOperation.ALLOW_ALL, DEFAULT_WRITER_ROLE);
|
||||
//oSecurity.allowRole(oDocument, ORestrictedOperation.ALLOW_ALL, DEFAULT_WRITER_ROLE);
|
||||
//oSecurity.allowRole(oDocument, ORestrictedOperation.ALLOW_READ, DEFAULT_READER_ROLE);
|
||||
|
||||
oSecurity.allowRole(oDocument, ORestrictedOperation.ALLOW_READ, DEFAULT_READER_ROLE);
|
||||
}
|
||||
|
||||
public static void createSecurityContext(OrientGraph orientGraph, String contextID){
|
||||
|
@ -84,13 +84,13 @@ public class SecurityContext {
|
|||
SecurityContextMapper.PermissionMode.WRITER,
|
||||
SecurityContextMapper.SecurityType.ROLE, contextID),
|
||||
writer, ALLOW_MODES.DENY_ALL_BUT);
|
||||
|
||||
|
||||
ORole readerRole = oSecurity.createRole(
|
||||
SecurityContextMapper.getSecurityRoleOrUserName(
|
||||
SecurityContextMapper.PermissionMode.READER,
|
||||
SecurityContextMapper.SecurityType.ROLE, contextID),
|
||||
reader, ALLOW_MODES.DENY_ALL_BUT);
|
||||
|
||||
|
||||
oSecurity.createUser(
|
||||
SecurityContextMapper.getSecurityRoleOrUserName(
|
||||
SecurityContextMapper.PermissionMode.WRITER,
|
||||
|
|
|
@ -11,6 +11,7 @@ import java.net.URLEncoder;
|
|||
|
||||
import org.gcube.informationsystem.resourceregistry.api.Query;
|
||||
import org.gcube.informationsystem.resourceregistry.api.exceptions.InvalidQueryException;
|
||||
import org.gcube.informationsystem.resourceregistry.api.exceptions.context.ContextException;
|
||||
import org.gcube.informationsystem.resourceregistry.dbinitialization.SecurityContextMapper;
|
||||
import org.gcube.informationsystem.resourceregistry.dbinitialization.DatabaseEnvironment;
|
||||
import org.gcube.informationsystem.resourceregistry.dbinitialization.SecurityContextMapper.PermissionMode;
|
||||
|
@ -63,7 +64,12 @@ public class QueryImpl implements Query {
|
|||
throws InvalidQueryException {
|
||||
|
||||
|
||||
String readerUsername = ContextUtility.getActualSecurityRoleOrUserName(SecurityContextMapper.PermissionMode.READER, SecurityContextMapper.SecurityType.USER);
|
||||
String readerUsername;
|
||||
try {
|
||||
readerUsername = ContextUtility.getActualSecurityRoleOrUserName(SecurityContextMapper.PermissionMode.READER, SecurityContextMapper.SecurityType.USER);
|
||||
} catch (ContextException e1) {
|
||||
throw new RuntimeException(e1);
|
||||
}
|
||||
logger.trace("Reader Username : {}", readerUsername);
|
||||
|
||||
try {
|
||||
|
|
|
@ -129,10 +129,10 @@ public class ContextUtility {
|
|||
|
||||
public static String getActualSecurityRoleOrUserName(
|
||||
SecurityContextMapper.PermissionMode permissionMode,
|
||||
SecurityContextMapper.SecurityType securityType) {
|
||||
String scope = ScopeProvider.instance.get();
|
||||
SecurityContextMapper.SecurityType securityType) throws ContextException {
|
||||
String contexUUID = getActualContextUUID();
|
||||
return SecurityContextMapper.getSecurityRoleOrUserName(permissionMode,
|
||||
securityType, scope);
|
||||
securityType, contexUUID);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -43,7 +43,7 @@ public class EntityManagementImplTest {
|
|||
|
||||
@Test
|
||||
public void testCreateReadDeleteFacet() throws Exception {
|
||||
ScopeProvider.instance.set("/gcube/devsec");
|
||||
ScopeProvider.instance.set("/gcube/devNext");
|
||||
|
||||
CPUFacetImpl cpuFacetImpl = new CPUFacetImpl();
|
||||
cpuFacetImpl.setClockSpeed("1 GHz");
|
||||
|
@ -65,8 +65,9 @@ public class EntityManagementImplTest {
|
|||
Entities.marshal(cpuFacetImpl, stringWriter);
|
||||
cpuFacetImpl.setVendor("Luca");
|
||||
|
||||
String newclockSpeed = "2 GHz";
|
||||
JsonNode jsonNode = Utility.getJSONNode(stringWriter.toString());
|
||||
((ObjectNode) jsonNode).remove("clockSpeed");
|
||||
((ObjectNode) jsonNode).put("clockSpeed", newclockSpeed);
|
||||
((ObjectNode) jsonNode).put("My", "Test");
|
||||
|
||||
stringWriter = new StringWriter();
|
||||
|
@ -114,16 +115,15 @@ public class EntityManagementImplTest {
|
|||
ScopeProvider.instance.set("/gcube/devNext");
|
||||
try {
|
||||
readJson = entityManagementImpl.readFacet(uuid);
|
||||
logger.debug("You should not be able to read Feact with UUID {}",
|
||||
logger.debug("You should not be able to read Facet with UUID {}",
|
||||
uuid);
|
||||
throw new Exception(
|
||||
"You should not be able to read Feact with UUID " + uuid);
|
||||
"You should not be able to read Facet with UUID " + uuid);
|
||||
} catch (FacetNotFoundException e) {
|
||||
logger.debug("Good the facet created in /gcube/devsec is not visible in /gcube/devNext");
|
||||
}
|
||||
|
||||
jsonObject = new JSONObject(stringWriter.toString());
|
||||
jsonObject.remove("clockSpeed");
|
||||
jsonObject.put("My", "Test");
|
||||
|
||||
try {
|
||||
|
@ -173,7 +173,7 @@ public class EntityManagementImplTest {
|
|||
ContactFacet contactFacet = new ContactFacetImpl();
|
||||
contactFacet.setName("Luca");
|
||||
contactFacet.setSurname("Frosini");
|
||||
contactFacet.setEMail("info@lcuafrosini.com");
|
||||
contactFacet.setEMail("info@lucafrosini.com");
|
||||
|
||||
StringWriter stringWriter = new StringWriter();
|
||||
Entities.marshal(contactFacet, stringWriter);
|
||||
|
|
|
@ -3,6 +3,7 @@
|
|||
*/
|
||||
package org.gcube.informationsystem.resourceregistry.resources.impl;
|
||||
|
||||
import org.gcube.common.scope.api.ScopeProvider;
|
||||
import org.gcube.informationsystem.resourceregistry.api.exceptions.InvalidQueryException;
|
||||
import org.junit.Test;
|
||||
import org.slf4j.Logger;
|
||||
|
@ -18,6 +19,7 @@ public class QueryImplTest {
|
|||
|
||||
@Test
|
||||
public void testQuery() throws InvalidQueryException{
|
||||
ScopeProvider.instance.set("/gcube/devNext");
|
||||
QueryImpl queryImpl = new QueryImpl();
|
||||
String ret = queryImpl.execute("select * from CPUFacet", null);
|
||||
logger.debug(ret);
|
||||
|
|
Loading…
Reference in New Issue