gCubeSystem
/
resource-registry
16
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
resource-registry/src/main/java/org/gcube/informationsystem/resourceregistry/contexts/security/ContextSecurityContext.java

63 lines
2.0 KiB
Java
Raw Blame History

package org.gcube.informationsystem.resourceregistry.contexts.security;
import java.util.UUID;
import org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException;
import org.gcube.informationsystem.resourceregistry.contexts.ContextUtility;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* @author Luca Frosini (ISTI - CNR)
*/
public class ContextSecurityContext extends SecurityContext {
private static Logger logger = LoggerFactory.getLogger(SecurityContext.class);
private static final String CONTEXT_SECURITY_CONTEXT;
private static final UUID CONTEXT_SECURITY_CONTEXT_UUID;
static {
CONTEXT_SECURITY_CONTEXT = "ffffffff-ffff-ffff-ffff-ffffffffffff";
CONTEXT_SECURITY_CONTEXT_UUID = UUID.fromString(CONTEXT_SECURITY_CONTEXT);
}
private static ContextSecurityContext instance;
public static ContextSecurityContext getInstance() throws ResourceRegistryException {
if(instance==null) {
instance = new ContextSecurityContext();
ContextUtility contextUtility = ContextUtility.getInstance();
contextUtility.addSecurityContext(CONTEXT_SECURITY_CONTEXT, instance);
}
return instance;
}
private ContextSecurityContext() throws ResourceRegistryException {
super(CONTEXT_SECURITY_CONTEXT_UUID, false);
}
@Override
protected Role addExtraRules(Role role, PermissionMode permissionMode) {
logger.trace("Adding extra rules for {}", role.getName());
switch(permissionMode) {
case WRITER:
role.addRule(Rule.ResourceGeneric.CLUSTER, null, Role.PERMISSION_ALL);
role.addRule(Rule.ResourceGeneric.SYSTEM_CLUSTERS, null, Role.PERMISSION_ALL);
role.addRule(Rule.ResourceGeneric.CLASS, null, Role.PERMISSION_ALL);
break;
case READER:
role.addRule(Rule.ResourceGeneric.CLUSTER, null, Role.PERMISSION_READ);
role.addRule(Rule.ResourceGeneric.SYSTEM_CLUSTERS, null, Role.PERMISSION_READ);
role.addRule(Rule.ResourceGeneric.CLASS, null, Role.PERMISSION_READ);
break;
default:
break;
}
return role;
}
}
View Git Blame Copy Permalink