63 lines
2.0 KiB
Java
63 lines
2.0 KiB
Java
package org.gcube.informationsystem.resourceregistry.contexts.security;
|
|
|
|
import java.util.UUID;
|
|
|
|
import org.gcube.informationsystem.resourceregistry.api.exceptions.ResourceRegistryException;
|
|
import org.gcube.informationsystem.resourceregistry.contexts.ContextUtility;
|
|
import org.slf4j.Logger;
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
/**
|
|
* @author Luca Frosini (ISTI - CNR)
|
|
*/
|
|
public class TypeSecurityContext extends SecurityContext {
|
|
|
|
private static Logger logger = LoggerFactory.getLogger(SecurityContext.class);
|
|
|
|
private static final String SCHEMA_SECURITY_CONTEXT;
|
|
private static final UUID SCHEMA_SECURITY_CONTEXT_UUID;
|
|
|
|
static {
|
|
SCHEMA_SECURITY_CONTEXT = "eeeeeeee-eeee-eeee-eeee-eeeeeeeeeeee";
|
|
SCHEMA_SECURITY_CONTEXT_UUID = UUID.fromString(SCHEMA_SECURITY_CONTEXT);
|
|
}
|
|
|
|
private static TypeSecurityContext instance;
|
|
|
|
public static TypeSecurityContext getInstance() throws ResourceRegistryException {
|
|
if(instance==null) {
|
|
instance = new TypeSecurityContext();
|
|
ContextUtility contextUtility = ContextUtility.getInstance();
|
|
contextUtility.addSecurityContext(SCHEMA_SECURITY_CONTEXT, instance);
|
|
}
|
|
return instance;
|
|
}
|
|
|
|
private TypeSecurityContext() throws ResourceRegistryException {
|
|
super(SCHEMA_SECURITY_CONTEXT_UUID, false);
|
|
}
|
|
|
|
@Override
|
|
protected ORole addExtraRules(ORole role, PermissionMode permissionMode) {
|
|
logger.trace("Adding extra rules for {}", role.getName());
|
|
switch(permissionMode) {
|
|
case WRITER:
|
|
role.addRule(ORule.ResourceGeneric.CLUSTER, null, ORole.PERMISSION_ALL);
|
|
role.addRule(ORule.ResourceGeneric.SYSTEM_CLUSTERS, null, ORole.PERMISSION_ALL);
|
|
role.addRule(ORule.ResourceGeneric.CLASS, null, ORole.PERMISSION_ALL);
|
|
break;
|
|
|
|
case READER:
|
|
role.addRule(ORule.ResourceGeneric.CLUSTER, null, ORole.PERMISSION_READ);
|
|
role.addRule(ORule.ResourceGeneric.SYSTEM_CLUSTERS, null, ORole.PERMISSION_READ);
|
|
role.addRule(ORule.ResourceGeneric.CLASS, null, ORole.PERMISSION_READ);
|
|
break;
|
|
|
|
default:
|
|
break;
|
|
}
|
|
return role;
|
|
}
|
|
|
|
}
|