Fixed Security Context Management

git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/information-system/resource-registry@131059 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
Luca Frosini 2016-08-31 15:25:24 +00:00
parent f3db7c8138
commit 81357b035d
7 changed files with 32 additions and 17 deletions

9
distro/web.xml Normal file
View File

@ -0,0 +1,9 @@
<web-app>
<servlet>
<servlet-name>org.gcube.informationsystem.resourceregistry.ResourceInitializer</servlet-name>
</servlet>
<servlet-mapping>
<servlet-name>org.gcube.informationsystem.resourceregistry.ResourceInitializer</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
</web-app>

View File

@ -9,8 +9,6 @@ public class ResourceInitializer extends ResourceConfig {
public ResourceInitializer(){
packages("org.gcube.informationsystem.resourceregistry.resources");
}
}

View File

@ -67,9 +67,9 @@ public class SecurityContext {
SecurityContextMapper.PermissionMode.READER,
SecurityContextMapper.SecurityType.ROLE, contextID));
oSecurity.allowRole(oDocument, ORestrictedOperation.ALLOW_ALL, DEFAULT_WRITER_ROLE);
//oSecurity.allowRole(oDocument, ORestrictedOperation.ALLOW_ALL, DEFAULT_WRITER_ROLE);
//oSecurity.allowRole(oDocument, ORestrictedOperation.ALLOW_READ, DEFAULT_READER_ROLE);
oSecurity.allowRole(oDocument, ORestrictedOperation.ALLOW_READ, DEFAULT_READER_ROLE);
}
public static void createSecurityContext(OrientGraph orientGraph, String contextID){
@ -84,13 +84,13 @@ public class SecurityContext {
SecurityContextMapper.PermissionMode.WRITER,
SecurityContextMapper.SecurityType.ROLE, contextID),
writer, ALLOW_MODES.DENY_ALL_BUT);
ORole readerRole = oSecurity.createRole(
SecurityContextMapper.getSecurityRoleOrUserName(
SecurityContextMapper.PermissionMode.READER,
SecurityContextMapper.SecurityType.ROLE, contextID),
reader, ALLOW_MODES.DENY_ALL_BUT);
oSecurity.createUser(
SecurityContextMapper.getSecurityRoleOrUserName(
SecurityContextMapper.PermissionMode.WRITER,

View File

@ -11,6 +11,7 @@ import java.net.URLEncoder;
import org.gcube.informationsystem.resourceregistry.api.Query;
import org.gcube.informationsystem.resourceregistry.api.exceptions.InvalidQueryException;
import org.gcube.informationsystem.resourceregistry.api.exceptions.context.ContextException;
import org.gcube.informationsystem.resourceregistry.dbinitialization.SecurityContextMapper;
import org.gcube.informationsystem.resourceregistry.dbinitialization.DatabaseEnvironment;
import org.gcube.informationsystem.resourceregistry.dbinitialization.SecurityContextMapper.PermissionMode;
@ -63,7 +64,12 @@ public class QueryImpl implements Query {
throws InvalidQueryException {
String readerUsername = ContextUtility.getActualSecurityRoleOrUserName(SecurityContextMapper.PermissionMode.READER, SecurityContextMapper.SecurityType.USER);
String readerUsername;
try {
readerUsername = ContextUtility.getActualSecurityRoleOrUserName(SecurityContextMapper.PermissionMode.READER, SecurityContextMapper.SecurityType.USER);
} catch (ContextException e1) {
throw new RuntimeException(e1);
}
logger.trace("Reader Username : {}", readerUsername);
try {

View File

@ -129,10 +129,10 @@ public class ContextUtility {
public static String getActualSecurityRoleOrUserName(
SecurityContextMapper.PermissionMode permissionMode,
SecurityContextMapper.SecurityType securityType) {
String scope = ScopeProvider.instance.get();
SecurityContextMapper.SecurityType securityType) throws ContextException {
String contexUUID = getActualContextUUID();
return SecurityContextMapper.getSecurityRoleOrUserName(permissionMode,
securityType, scope);
securityType, contexUUID);
}
}

View File

@ -43,7 +43,7 @@ public class EntityManagementImplTest {
@Test
public void testCreateReadDeleteFacet() throws Exception {
ScopeProvider.instance.set("/gcube/devsec");
ScopeProvider.instance.set("/gcube/devNext");
CPUFacetImpl cpuFacetImpl = new CPUFacetImpl();
cpuFacetImpl.setClockSpeed("1 GHz");
@ -65,8 +65,9 @@ public class EntityManagementImplTest {
Entities.marshal(cpuFacetImpl, stringWriter);
cpuFacetImpl.setVendor("Luca");
String newclockSpeed = "2 GHz";
JsonNode jsonNode = Utility.getJSONNode(stringWriter.toString());
((ObjectNode) jsonNode).remove("clockSpeed");
((ObjectNode) jsonNode).put("clockSpeed", newclockSpeed);
((ObjectNode) jsonNode).put("My", "Test");
stringWriter = new StringWriter();
@ -114,16 +115,15 @@ public class EntityManagementImplTest {
ScopeProvider.instance.set("/gcube/devNext");
try {
readJson = entityManagementImpl.readFacet(uuid);
logger.debug("You should not be able to read Feact with UUID {}",
logger.debug("You should not be able to read Facet with UUID {}",
uuid);
throw new Exception(
"You should not be able to read Feact with UUID " + uuid);
"You should not be able to read Facet with UUID " + uuid);
} catch (FacetNotFoundException e) {
logger.debug("Good the facet created in /gcube/devsec is not visible in /gcube/devNext");
}
jsonObject = new JSONObject(stringWriter.toString());
jsonObject.remove("clockSpeed");
jsonObject.put("My", "Test");
try {
@ -173,7 +173,7 @@ public class EntityManagementImplTest {
ContactFacet contactFacet = new ContactFacetImpl();
contactFacet.setName("Luca");
contactFacet.setSurname("Frosini");
contactFacet.setEMail("info@lcuafrosini.com");
contactFacet.setEMail("info@lucafrosini.com");
StringWriter stringWriter = new StringWriter();
Entities.marshal(contactFacet, stringWriter);

View File

@ -3,6 +3,7 @@
*/
package org.gcube.informationsystem.resourceregistry.resources.impl;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.informationsystem.resourceregistry.api.exceptions.InvalidQueryException;
import org.junit.Test;
import org.slf4j.Logger;
@ -18,6 +19,7 @@ public class QueryImplTest {
@Test
public void testQuery() throws InvalidQueryException{
ScopeProvider.instance.set("/gcube/devNext");
QueryImpl queryImpl = new QueryImpl();
String ret = queryImpl.execute("select * from CPUFacet", null);
logger.debug(ret);