63 lines
2.0 KiB
Java
63 lines
2.0 KiB
Java
package org.gcube.informationsystem.resourceregistry.contexts.security;
|
|
|
|
import java.util.UUID;
|
|
|
|
import org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException;
|
|
import org.gcube.informationsystem.resourceregistry.contexts.ContextUtility;
|
|
import org.slf4j.Logger;
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
/**
|
|
* @author Luca Frosini (ISTI - CNR)
|
|
*/
|
|
public class ContextSecurityContext extends SecurityContext {
|
|
|
|
private static Logger logger = LoggerFactory.getLogger(SecurityContext.class);
|
|
|
|
private static final String CONTEXT_SECURITY_CONTEXT;
|
|
private static final UUID CONTEXT_SECURITY_CONTEXT_UUID;
|
|
|
|
static {
|
|
CONTEXT_SECURITY_CONTEXT = "ffffffff-ffff-ffff-ffff-ffffffffffff";
|
|
CONTEXT_SECURITY_CONTEXT_UUID = UUID.fromString(CONTEXT_SECURITY_CONTEXT);
|
|
}
|
|
|
|
private static ContextSecurityContext instance;
|
|
|
|
public static ContextSecurityContext getInstance() throws ResourceRegistryException {
|
|
if(instance==null) {
|
|
instance = new ContextSecurityContext();
|
|
ContextUtility contextUtility = ContextUtility.getInstance();
|
|
contextUtility.addSecurityContext(CONTEXT_SECURITY_CONTEXT, instance);
|
|
}
|
|
return instance;
|
|
}
|
|
|
|
private ContextSecurityContext() throws ResourceRegistryException {
|
|
super(CONTEXT_SECURITY_CONTEXT_UUID, false);
|
|
}
|
|
|
|
@Override
|
|
protected Role addExtraRules(Role role, PermissionMode permissionMode) {
|
|
logger.trace("Adding extra rules for {}", role.getName());
|
|
switch(permissionMode) {
|
|
case WRITER:
|
|
role.addRule(Rule.ResourceGeneric.CLUSTER, null, Role.PERMISSION_ALL);
|
|
role.addRule(Rule.ResourceGeneric.SYSTEM_CLUSTERS, null, Role.PERMISSION_ALL);
|
|
role.addRule(Rule.ResourceGeneric.CLASS, null, Role.PERMISSION_ALL);
|
|
break;
|
|
|
|
case READER:
|
|
role.addRule(Rule.ResourceGeneric.CLUSTER, null, Role.PERMISSION_READ);
|
|
role.addRule(Rule.ResourceGeneric.SYSTEM_CLUSTERS, null, Role.PERMISSION_READ);
|
|
role.addRule(Rule.ResourceGeneric.CLASS, null, Role.PERMISSION_READ);
|
|
break;
|
|
|
|
default:
|
|
break;
|
|
}
|
|
return role;
|
|
}
|
|
|
|
}
|