Added missing commit
git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/information-system/resource-registry@133679 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
36d21a8542
commit
a45c5c04be
|
@ -15,6 +15,7 @@ import com.orientechnologies.orient.core.metadata.security.ORestrictedOperation;
|
||||||
import com.orientechnologies.orient.core.metadata.security.ORole;
|
import com.orientechnologies.orient.core.metadata.security.ORole;
|
||||||
import com.orientechnologies.orient.core.metadata.security.OSecurity;
|
import com.orientechnologies.orient.core.metadata.security.OSecurity;
|
||||||
import com.orientechnologies.orient.core.metadata.security.OSecurityRole.ALLOW_MODES;
|
import com.orientechnologies.orient.core.metadata.security.OSecurityRole.ALLOW_MODES;
|
||||||
|
import com.orientechnologies.orient.core.metadata.security.OUser;
|
||||||
import com.orientechnologies.orient.core.record.impl.ODocument;
|
import com.orientechnologies.orient.core.record.impl.ODocument;
|
||||||
import com.tinkerpop.blueprints.Direction;
|
import com.tinkerpop.blueprints.Direction;
|
||||||
import com.tinkerpop.blueprints.Edge;
|
import com.tinkerpop.blueprints.Edge;
|
||||||
|
@ -100,30 +101,44 @@ public class SecurityContext {
|
||||||
ORole writer = oSecurity.getRole(DEFAULT_WRITER_ROLE);
|
ORole writer = oSecurity.getRole(DEFAULT_WRITER_ROLE);
|
||||||
ORole reader = oSecurity.getRole(DEFAULT_READER_ROLE);
|
ORole reader = oSecurity.getRole(DEFAULT_READER_ROLE);
|
||||||
|
|
||||||
ORole writerRole = oSecurity.createRole(SecurityContextMapper
|
String writeRoleName = SecurityContextMapper.getSecurityRoleOrUserName(
|
||||||
.getSecurityRoleOrUserName(
|
|
||||||
SecurityContextMapper.PermissionMode.WRITER,
|
SecurityContextMapper.PermissionMode.WRITER,
|
||||||
SecurityContextMapper.SecurityType.ROLE, context),
|
SecurityContextMapper.SecurityType.ROLE, context);
|
||||||
|
ORole writerRole = oSecurity.createRole(writeRoleName,
|
||||||
writer, ALLOW_MODES.DENY_ALL_BUT);
|
writer, ALLOW_MODES.DENY_ALL_BUT);
|
||||||
|
writerRole.save();
|
||||||
|
logger.trace("{} created", writerRole);
|
||||||
|
|
||||||
ORole readerRole = oSecurity.createRole(SecurityContextMapper
|
|
||||||
.getSecurityRoleOrUserName(
|
String readerRoleName = SecurityContextMapper.getSecurityRoleOrUserName(
|
||||||
SecurityContextMapper.PermissionMode.READER,
|
SecurityContextMapper.PermissionMode.READER,
|
||||||
SecurityContextMapper.SecurityType.ROLE, context),
|
SecurityContextMapper.SecurityType.ROLE, context);
|
||||||
|
ORole readerRole = oSecurity.createRole(readerRoleName,
|
||||||
reader, ALLOW_MODES.DENY_ALL_BUT);
|
reader, ALLOW_MODES.DENY_ALL_BUT);
|
||||||
|
readerRole.save();
|
||||||
|
logger.trace("{} created", readerRole);
|
||||||
|
|
||||||
oSecurity.createUser(SecurityContextMapper.getSecurityRoleOrUserName(
|
|
||||||
|
String writerUserName = SecurityContextMapper.getSecurityRoleOrUserName(
|
||||||
SecurityContextMapper.PermissionMode.WRITER,
|
SecurityContextMapper.PermissionMode.WRITER,
|
||||||
SecurityContextMapper.SecurityType.USER, context),
|
SecurityContextMapper.SecurityType.USER, context);
|
||||||
|
OUser writerUser = oSecurity.createUser(writerUserName,
|
||||||
DatabaseEnvironment.DEFAULT_PASSWORDS
|
DatabaseEnvironment.DEFAULT_PASSWORDS
|
||||||
.get(SecurityContextMapper.PermissionMode.WRITER),
|
.get(SecurityContextMapper.PermissionMode.WRITER),
|
||||||
writerRole);
|
writerRole);
|
||||||
oSecurity.createUser(SecurityContextMapper.getSecurityRoleOrUserName(
|
writerUser.save();
|
||||||
|
logger.trace("{} created", writerUser);
|
||||||
|
|
||||||
|
|
||||||
|
String readerUserName = SecurityContextMapper.getSecurityRoleOrUserName(
|
||||||
SecurityContextMapper.PermissionMode.READER,
|
SecurityContextMapper.PermissionMode.READER,
|
||||||
SecurityContextMapper.SecurityType.USER, context),
|
SecurityContextMapper.SecurityType.USER, context);
|
||||||
|
OUser readerUser = oSecurity.createUser(readerUserName,
|
||||||
DatabaseEnvironment.DEFAULT_PASSWORDS
|
DatabaseEnvironment.DEFAULT_PASSWORDS
|
||||||
.get(SecurityContextMapper.PermissionMode.READER),
|
.get(SecurityContextMapper.PermissionMode.READER),
|
||||||
readerRole);
|
readerRole);
|
||||||
|
readerUser.save();
|
||||||
|
logger.trace("{} created", readerUser);
|
||||||
|
|
||||||
oDatabaseDocumentTx.commit();
|
oDatabaseDocumentTx.commit();
|
||||||
|
|
||||||
|
@ -132,7 +147,6 @@ public class SecurityContext {
|
||||||
context.toString());
|
context.toString());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public static void deleteSecurityContext(OrientGraph orientGraph,
|
public static void deleteSecurityContext(OrientGraph orientGraph,
|
||||||
UUID context, boolean commit) {
|
UUID context, boolean commit) {
|
||||||
|
|
||||||
|
@ -146,42 +160,39 @@ public class SecurityContext {
|
||||||
SecurityContextMapper.PermissionMode.READER,
|
SecurityContextMapper.PermissionMode.READER,
|
||||||
SecurityContextMapper.SecurityType.USER, context);
|
SecurityContextMapper.SecurityType.USER, context);
|
||||||
boolean dropped = oSecurity.dropUser(user);
|
boolean dropped = oSecurity.dropUser(user);
|
||||||
if(dropped){
|
if (dropped) {
|
||||||
logger.trace("{} successfully dropped", user);
|
logger.trace("{} successfully dropped", user);
|
||||||
}else{
|
} else {
|
||||||
logger.error("{} was not dropped successfully", user);
|
logger.error("{} was not dropped successfully", user);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
user = SecurityContextMapper.getSecurityRoleOrUserName(
|
user = SecurityContextMapper.getSecurityRoleOrUserName(
|
||||||
SecurityContextMapper.PermissionMode.WRITER,
|
SecurityContextMapper.PermissionMode.WRITER,
|
||||||
SecurityContextMapper.SecurityType.USER, context);
|
SecurityContextMapper.SecurityType.USER, context);
|
||||||
dropped = oSecurity.dropUser(user);
|
dropped = oSecurity.dropUser(user);
|
||||||
if(dropped){
|
if (dropped) {
|
||||||
logger.trace("{} successfully dropped", user);
|
logger.trace("{} successfully dropped", user);
|
||||||
}else{
|
} else {
|
||||||
logger.error("{} was not dropped successfully", user);
|
logger.error("{} was not dropped successfully", user);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
String role = SecurityContextMapper.getSecurityRoleOrUserName(
|
String role = SecurityContextMapper.getSecurityRoleOrUserName(
|
||||||
SecurityContextMapper.PermissionMode.READER,
|
SecurityContextMapper.PermissionMode.READER,
|
||||||
SecurityContextMapper.SecurityType.ROLE, context);
|
SecurityContextMapper.SecurityType.ROLE, context);
|
||||||
dropped = oSecurity.dropRole(role);
|
dropped = oSecurity.dropRole(role);
|
||||||
if(dropped){
|
if (dropped) {
|
||||||
logger.trace("{} successfully dropped", role);
|
logger.trace("{} successfully dropped", role);
|
||||||
}else{
|
} else {
|
||||||
logger.error("{} was not dropped successfully", role);
|
logger.error("{} was not dropped successfully", role);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
role = SecurityContextMapper.getSecurityRoleOrUserName(
|
role = SecurityContextMapper.getSecurityRoleOrUserName(
|
||||||
SecurityContextMapper.PermissionMode.WRITER,
|
SecurityContextMapper.PermissionMode.WRITER,
|
||||||
SecurityContextMapper.SecurityType.ROLE, context);
|
SecurityContextMapper.SecurityType.ROLE, context);
|
||||||
dropped = oSecurity.dropRole(role);
|
dropped = oSecurity.dropRole(role);
|
||||||
if(dropped){
|
if (dropped) {
|
||||||
logger.trace("{} successfully dropped", role);
|
logger.trace("{} successfully dropped", role);
|
||||||
}else{
|
} else {
|
||||||
logger.error("{} was not dropped successfully", role);
|
logger.error("{} was not dropped successfully", role);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue