gCubeSystem
/
resource-registry
16
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
resource-registry/src/main/java/org/gcube/informationsystem/resourceregistry/context/SecurityContextMapper.java

195 lines
6.1 KiB
Java
Raw Blame History

/**
*
*/
package org.gcube.informationsystem.resourceregistry.context;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import org.gcube.informationsystem.resourceregistry.dbinitialization.DatabaseEnvironment;
import org.gcube.informationsystem.resourceregistry.dbinitialization.DatabaseIntializator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.orientechnologies.orient.core.db.document.ODatabaseDocumentTx;
import com.tinkerpop.blueprints.impls.orient.OrientGraph;
import com.tinkerpop.blueprints.impls.orient.OrientGraphFactory;
import com.tinkerpop.blueprints.impls.orient.OrientGraphNoTx;
/**
* @author Luca Frosini (ISTI - CNR)
*
*/
public abstract class SecurityContextMapper {
private static Logger logger = LoggerFactory
.getLogger(SecurityContextMapper.class);
// Used to persist Schemas
protected static final String ADMIN_SECURITY_CONTEXT = "00000000-0000-0000-0000-000000000000";
protected static final UUID ADMIN_SECURITY_CONTEXT_UUID = UUID.fromString(ADMIN_SECURITY_CONTEXT);
// Used to Persist Context and thei relations
public static final String MANAGEMENT_SECURITY_CONTEXT = "ffffffff-ffff-ffff-ffff-ffffffffffff";
public static final UUID MANAGEMENT_SECURITY_CONTEXT_UUID = UUID.fromString(MANAGEMENT_SECURITY_CONTEXT);
private static final Map<PermissionMode, Map<UUID, OrientGraphFactory>> securityContextFactories;
static {
try {
boolean created = DatabaseIntializator.initGraphDB();
logger.trace("Creating factory for {} connecting as {}",
DatabaseEnvironment.DB_URI,
DatabaseEnvironment.CHANGED_ADMIN_USERNAME);
securityContextFactories = new HashMap<>();
OrientGraphFactory factory = new OrientGraphFactory(
DatabaseEnvironment.DB_URI,
DatabaseEnvironment.CHANGED_ADMIN_USERNAME,
DatabaseEnvironment.CHANGED_ADMIN_PASSWORD)
.setupPool(1, 10);
factory.setConnectionStrategy(DatabaseIntializator.CONNECTION_STRATEGY_PARAMETER.toString());
for (PermissionMode p : PermissionMode.values()) {
Map<UUID, OrientGraphFactory> map = new HashMap<>();
securityContextFactories.put(p, map);
getSecurityContextFactory(ADMIN_SECURITY_CONTEXT_UUID, p, false);
}
if (created) {
OrientGraph orientGraph = factory.getTx();
SecurityContext.createSecurityContext(orientGraph, MANAGEMENT_SECURITY_CONTEXT_UUID);
getSecurityContextFactory(MANAGEMENT_SECURITY_CONTEXT_UUID,
PermissionMode.READER, false);
getSecurityContextFactory(MANAGEMENT_SECURITY_CONTEXT_UUID,
PermissionMode.WRITER, false);
DatabaseIntializator.createEntitiesAndRelations();
}
} catch (Exception e) {
logger.error("Error initializing database connection", e);
throw new RuntimeException(
"Error initializing database connection", e);
}
}
public enum SecurityType {
ROLE("Role"), USER("User");
private final String name;
private SecurityType(String name) {
this.name = name;
}
public String toString() {
return name;
}
}
public enum PermissionMode {
READER("Reader"), WRITER("Writer");
private final String name;
private PermissionMode(String name) {
this.name = name;
}
public String toString() {
return name;
}
}
/**
* @param context Context UUID. For ADMIN operation uses SecurityContextMapper.ADMIN_SECURITY_CONTEXT_UUID
* @return
*/
private static OrientGraphFactory getSecurityContextFactory(
UUID context, PermissionMode permissionMode, boolean recreate) {
OrientGraphFactory factory = null;
Map<UUID, OrientGraphFactory> permissionSecurityContextFactories = securityContextFactories.get(permissionMode);
if(recreate) {
permissionSecurityContextFactories.remove(context);
}else {
factory = permissionSecurityContextFactories.get(context);
}
if (factory == null) {
String username = null;
String password = null;
if(context.compareTo(ADMIN_SECURITY_CONTEXT_UUID)==0){
username = DatabaseEnvironment.CHANGED_ADMIN_USERNAME;
password = DatabaseEnvironment.CHANGED_ADMIN_PASSWORD;
}else {
username = getSecurityRoleOrUserName(permissionMode, SecurityType.USER, context);
password = DatabaseEnvironment.DEFAULT_PASSWORDS.get(permissionMode);
}
factory = new OrientGraphFactory(DatabaseEnvironment.DB_URI,
username, password).setupPool(1, 10);
factory.setConnectionStrategy(DatabaseIntializator.CONNECTION_STRATEGY_PARAMETER.toString());
permissionSecurityContextFactories.put(context, factory);
}
return factory;
}
protected static OrientGraph getSecurityContextGraph(
UUID context, PermissionMode permissionMode) {
OrientGraphFactory factory = getSecurityContextFactory(context, permissionMode, false);
OrientGraph orientGraph = factory.getTx();
if(orientGraph.isClosed()) {
factory = getSecurityContextFactory(context, permissionMode, true);
orientGraph = factory.getTx();
}
return orientGraph;
}
protected static OrientGraphNoTx getSecurityContextGraphNoTx(
UUID context, PermissionMode permissionMode) {
OrientGraphFactory factory = getSecurityContextFactory(context, permissionMode, false);
OrientGraphNoTx orientGraphNoTx = factory.getNoTx();
if(orientGraphNoTx.isClosed()) {
factory = getSecurityContextFactory(context, permissionMode, true);
orientGraphNoTx = factory.getNoTx();
}
return orientGraphNoTx;
}
public static ODatabaseDocumentTx getSecurityContextDatabaseDocumentTx(
UUID context, PermissionMode permissionMode) {
OrientGraphFactory factory = getSecurityContextFactory(context, permissionMode, false);
ODatabaseDocumentTx databaseDocumentTx = factory.getDatabase();
if(databaseDocumentTx.isClosed()) {
factory = getSecurityContextFactory(context, permissionMode, true);
databaseDocumentTx = factory.getDatabase();
}
return databaseDocumentTx;
}
public static String getSecurityRoleOrUserName(
PermissionMode permissionMode, SecurityType securityType,
UUID context) {
StringBuilder stringBuilder = new StringBuilder();
stringBuilder.append(permissionMode);
stringBuilder.append(securityType);
stringBuilder.append("_");
stringBuilder.append(context.toString());
return stringBuilder.toString();
}
}
View Git Blame Copy Permalink