public static Object unwrap(Object obj) { if (obj instanceof LayerGroupInfo) { return unwrap((LayerGroupInfo) obj); } if (obj instanceof LayerInfo) { return unwrap((LayerInfo) obj); } if (obj instanceof ResourceInfo) { return unwrap((ResourceInfo) obj); } if (obj instanceof StoreInfo) { return unwrap((StoreInfo) obj); } if (obj instanceof SecureCatalogImpl) { return ((SecureCatalogImpl) obj).delegate; } return obj; } // -------------------------------------------------------------------
public CoverageInfo getCoverageByName(String ns, String name) { return catalog.getCoverageByName(ns, name); }
public CoverageStoreInfo getCoverageStoreByName(WorkspaceInfo workspace, String name) { return catalog.getCoverageStoreByName(workspace, name); }
@Test public void testWideOpen() throws Exception { buildManager("wideOpen.properties"); // use no user at all SecurityContextHolder.getContext().setAuthentication(anonymous); assertSame(states, sc.getFeatureTypeByName("topp:states")); assertSame(arcGrid, sc.getCoverageByName("nurc:arcgrid")); assertSame(states, sc.getResourceByName("topp:states", FeatureTypeInfo.class)); assertSame(arcGrid, sc.getResourceByName("nurc:arcgrid", CoverageInfo.class)); assertSame(cascaded, sc.getResourceByName("topp:cascaded", WMSLayerInfo.class)); assertSame(cascadedWmts, sc.getResourceByName("topp:cascadedWmts", WMTSLayerInfo.class)); assertEquals(toppWs, sc.getWorkspaceByName("topp")); assertSame(statesStore, sc.getDataStoreByName("states")); assertSame(roadsStore, sc.getDataStoreByName("roads")); assertSame(arcGridStore, sc.getCoverageStoreByName("arcGrid")); assertThatBoth( sc.getFeatureTypes(), sc.list(FeatureTypeInfo.class, Predicates.acceptAll()), equalTo(featureTypes)); assertThatBoth( sc.getCoverages(), sc.list(CoverageInfo.class, Predicates.acceptAll()), equalTo(coverages)); assertThatBoth( sc.getWorkspaces(), sc.list(WorkspaceInfo.class, Predicates.acceptAll()), equalTo(workspaces)); }
@Test public void testWMSLayerGroupAllowsAccess() throws Exception { // prepare the stage setupRequestThreadLocal("WMS"); buildManager("namedTreeAllow.properties"); // try with read only user, only layer group A and its contents should be visible SecurityContextHolder.getContext().setAuthentication(roUser); assertNotNull(sc.getLayerGroupByName(namedTreeA.getName())); assertNotNull(sc.getLayerByName(statesLayer.prefixedName())); assertNotNull(sc.getLayerByName(roadsLayer.prefixedName())); assertNotNull(sc.getLayerByName(citiesLayer.prefixedName())); // layer group B should not be accessible assertNull(sc.getLayerGroupByName(containerTreeB.prefixedName())); assertNull(sc.getLayerByName(landmarksLayer.prefixedName())); // the single group not available either assertNull(sc.getLayerGroupByName(singleGroupC.prefixedName())); assertNull(sc.getLayerByName(basesLayer.prefixedName())); // the ws specific group is not available either assertNull(sc.getLayerGroupByName("nurc", "wsContainerD")); assertNull(sc.getLayerByName(arcGridLayer.prefixedName())); }
@Test public void testWmsSingleGroupCMilitaryOnly() throws Exception { // prepare the stage setupRequestThreadLocal("WMS"); buildManager("singleGroupCMilitaryOnly.properties"); // try with read only user, layer group A and its contents should be fine SecurityContextHolder.getContext().setAuthentication(roUser); assertNotNull(sc.getLayerGroupByName(namedTreeA.getName())); assertNotNull(sc.getLayerByName(statesLayer.prefixedName())); assertNotNull(sc.getLayerByName(roadsLayer.prefixedName())); assertNotNull(sc.getLayerByName(citiesLayer.prefixedName())); // layer group B and landmarks should also be accessible assertNotNull(sc.getLayerGroupByName(containerTreeB.prefixedName())); assertNotNull(sc.getLayerByName(landmarksLayer.prefixedName())); // check the single group is not available, but its extra layer is assertNull(sc.getLayerGroupByName(singleGroupC.prefixedName())); assertNotNull(sc.getLayerByName(basesLayer.prefixedName())); // check the mil user sees everything instead SecurityContextHolder.getContext().setAuthentication(milUser); assertNotNull(sc.getFeatureTypeByName("topp:states")); assertNotNull(sc.getLayerGroupByName(namedTreeA.getName())); assertNotNull(sc.getLayerByName(statesLayer.prefixedName())); assertNotNull(sc.getLayerByName(roadsLayer.prefixedName())); assertNotNull(sc.getLayerGroupByName(containerTreeB.prefixedName())); LayerGroupInfo securedSingleGroup = sc.getLayerGroupByName(singleGroupC.prefixedName()); assertNotNull(securedSingleGroup); assertEquals(2, securedSingleGroup.layers().size()); assertEquals(statesLayer.prefixedName(), securedSingleGroup.layers().get(0).prefixedName()); assertEquals(basesLayer.prefixedName(), securedSingleGroup.layers().get(1).prefixedName()); }
@Test public void testAccessToLayer() throws Exception { CatalogFilterAccessManager mgr = setupAccessManager(); SecureCatalogImpl sc = new SecureCatalogImpl(catalog, mgr) {}; assertNotNull(sc.getLayerByName("topp:states")); WorkspaceInfo ws = sc.getWorkspaceByName("nurc"); LocalWorkspace.set(ws); assertNull(sc.getWorkspaceByName("topp")); assertNull(sc.getResourceByName("topp:states", ResourceInfo.class)); assertNull(sc.getLayerByName("topp:states")); }
@Test public void testAccessToLayerGroupNoInheritance() throws Exception { CatalogFilterAccessManager mgr = setupAccessManager(); inheritance.setValue("false"); SecureCatalogImpl sc = new SecureCatalogImpl(catalog, mgr) {}; assertThat(sc.getLayerGroups(), hasItem(equalTo(layerGroupGlobal))); assertThat(sc.getLayerGroups(), hasItem(equalTo(layerGroupTopp))); WorkspaceInfo ws = sc.getWorkspaceByName("topp"); LocalWorkspace.set(ws); assertThat(sc.getLayerGroups(), not(hasItem(equalTo(layerGroupGlobal)))); assertThat(sc.getLayerGroups(), hasItem(equalTo(layerGroupTopp))); LocalWorkspace.remove(); ws = sc.getWorkspaceByName("nurc"); LocalWorkspace.set(ws); assertThat(sc.getLayerGroups(), not(hasItem(equalTo(layerGroupGlobal)))); assertThat(sc.getLayerGroups(), not(hasItem(equalTo(layerGroupTopp)))); LocalWorkspace.remove(); }
public LayerGroupInfo getLayerGroupByName(String name) { return catalog.getLayerGroupByName(name); }
public FeatureTypeInfo getFeatureTypeByName(Name name) { return catalog.getFeatureTypeByName(name); }
assertTrue(sc.getFeatureTypeByName("topp:roads") instanceof SecuredFeatureTypeInfo); assertTrue(sc.getDataStoreByName("roads") instanceof SecuredDataStoreInfo); assertNull(sc.getFeatureTypeByName("topp:states")); assertTrue(sc.getDataStoreByName("states") instanceof SecuredDataStoreInfo); assertTrue(sc.getFeatureTypeByName("topp:landmarks") instanceof SecuredFeatureTypeInfo); assertNull(sc.getFeatureTypeByName("topp:bases")); assertTrue(sc.getFeatureTypeByName("topp:roads") instanceof SecuredFeatureTypeInfo); assertTrue(sc.getDataStoreByName("roads") instanceof SecuredDataStoreInfo); assertTrue(sc.getFeatureTypeByName("topp:states") instanceof SecuredFeatureTypeInfo); assertTrue(sc.getDataStoreByName("states") instanceof SecuredDataStoreInfo); assertTrue(sc.getFeatureTypeByName("topp:landmarks") instanceof SecuredFeatureTypeInfo); assertNull(sc.getFeatureTypeByName("topp:bases")); assertTrue(sc.getFeatureTypeByName("topp:roads") instanceof SecuredFeatureTypeInfo); assertTrue(sc.getDataStoreByName("roads") instanceof SecuredDataStoreInfo); assertSame(states, sc.getFeatureTypeByName("topp:states")); assertTrue(sc.getDataStoreByName("states") instanceof SecuredDataStoreInfo); assertSame(landmarks, sc.getFeatureTypeByName("topp:landmarks")); assertNull(sc.getFeatureTypeByName("topp:bases")); assertTrue(sc.getFeatureTypeByName("topp:roads") instanceof SecuredFeatureTypeInfo); assertTrue(sc.getDataStoreByName("roads") instanceof SecuredDataStoreInfo); assertNull(sc.getFeatureTypeByName("topp:states")); assertTrue(sc.getDataStoreByName("states") instanceof SecuredDataStoreInfo);
@Test public void testLockedLayerInGroupMustNotHideGroup() throws Exception { buildManager("lockedLayerInLayerGroup.properties"); SecurityContextHolder.getContext().setAuthentication(rwUser); assertSame(states, sc.getFeatureTypeByName("topp:states")); assertSame(roads, sc.getFeatureTypeByName("topp:roads")); LayerGroupInfo layerGroup = sc.getLayerGroupByName("topp", "layerGroupWithSomeLockedLayer"); assertEquals(2, layerGroup.getLayers().size()); // try with read-only user, not empty LayerGroup should be returned SecurityContextHolder.getContext().setAuthentication(roUser); assertNull(sc.getFeatureTypeByName("topp:states")); assertSame(roads, sc.getFeatureTypeByName("topp:roads")); layerGroup = sc.getLayerGroupByName("topp", "layerGroupWithSomeLockedLayer"); assertNotNull(layerGroup); assertTrue(layerGroup instanceof SecuredLayerGroupInfo); assertEquals(1, layerGroup.getLayers().size()); // try with anonymous user, empty LayerGroup should be returned SecurityContextHolder.getContext().setAuthentication(anonymous); assertNull(sc.getFeatureTypeByName("topp:states")); assertNull(sc.getFeatureTypeByName("topp:roads")); layerGroup = sc.getLayerGroupByName("topp", "layerGroupWithSomeLockedLayer"); assertNotNull(layerGroup); assertTrue(layerGroup instanceof SecuredLayerGroupInfo); assertEquals(0, layerGroup.getLayers().size()); }
public DataStoreInfo getDataStoreByName(String workspaceName, String name) { return catalog.getDataStoreByName(workspaceName, name); }
public LayerInfo getLayerByName(String name) { return catalog.getLayerByName(name); }
public List<CoverageInfo> getCoverages() { return catalog.getCoverages(); }
public List<LayerGroupInfo> getLayerGroups() { return catalog.getLayerGroups(); }
public List<FeatureTypeInfo> getFeatureTypes() { return catalog.getFeatureTypes(); }
assertNull(sc.getFeatureTypeByName("topp:states")); assertNull(sc.getCoverageByName("nurc:arcgrid")); assertNull(sc.getResourceByName("topp:states", FeatureTypeInfo.class)); assertNull(sc.getResourceByName("nurc:arcgrid", CoverageInfo.class)); assertNull(sc.getWorkspaceByName("topp")); assertNull(sc.getDataStoreByName("states")); assertNull(sc.getDataStoreByName("roads")); assertNull(sc.getCoverageStoreByName("arcGrid")); sc.getFeatureTypes(), sc.list(FeatureTypeInfo.class, Predicates.acceptAll()), empty()); assertThatBoth( sc.getCoverages(), sc.list(CoverageInfo.class, Predicates.acceptAll()), empty()); assertThatBoth( sc.getWorkspaces(), sc.list(WorkspaceInfo.class, Predicates.acceptAll()), empty()); assertSame(states, sc.getFeatureTypeByName("topp:states")); assertSame(arcGrid, sc.getCoverageByName("nurc:arcgrid")); assertSame(states, sc.getResourceByName("topp:states", FeatureTypeInfo.class)); assertSame(arcGrid, sc.getResourceByName("nurc:arcgrid", CoverageInfo.class)); assertEquals(toppWs, sc.getWorkspaceByName("topp")); assertSame(statesStore, sc.getDataStoreByName("states")); assertSame(roadsStore, sc.getDataStoreByName("roads")); assertSame(arcGridStore, sc.getCoverageStoreByName("arcGrid")); sc.getFeatureTypes(), sc.list(FeatureTypeInfo.class, Predicates.acceptAll()), equalTo(featureTypes));
@Test public void testWMSLayerGroupAllowWorkspaceOverride() throws Exception { // prepare the stage setupRequestThreadLocal("WMS"); buildManager("namedTreeAllowWorkspaceOverride.properties"); // try with read only user, only layer group A and its contents should be visible SecurityContextHolder.getContext().setAuthentication(roUser); assertNotNull(sc.getLayerGroupByName(namedTreeA.getName())); assertNull(sc.getLayerByName(statesLayer.prefixedName())); assertNull(sc.getLayerByName(roadsLayer.prefixedName())); assertNotNull(sc.getLayerByName(citiesLayer.prefixedName())); // layer group B should not be accessible assertNull(sc.getLayerGroupByName(containerTreeB.prefixedName())); assertNull(sc.getLayerByName(landmarksLayer.prefixedName())); // the single group not available either assertNull(sc.getLayerGroupByName(singleGroupC.prefixedName())); assertNull(sc.getLayerByName(basesLayer.prefixedName())); // the ws specific group is not available either assertNull(sc.getLayerGroupByName("nurc", "wsContainerD")); assertNull(sc.getLayerByName(arcGridLayer.prefixedName())); }
assertNotNull(sc.getLayerGroupByName(namedTreeA.getName())); assertNotNull(sc.getLayerByName(statesLayer.prefixedName())); assertNotNull(sc.getLayerByName(roadsLayer.prefixedName())); assertNotNull(sc.getLayerByName(citiesLayer.prefixedName())); assertNotNull(sc.getLayerGroupByName(containerTreeB.prefixedName())); assertNotNull(sc.getLayerByName(landmarksLayer.prefixedName())); assertNotNull(sc.getLayerGroupByName(singleGroupC.prefixedName())); assertNotNull(sc.getLayerByName(basesLayer.prefixedName())); assertNull(sc.getLayerGroupByName("nurc", "wsContainerD")); assertNull(sc.getLayerByName(arcGridLayer.prefixedName())); assertNotNull(sc.getFeatureTypeByName("topp:states")); assertNotNull(sc.getLayerGroupByName(namedTreeA.getName())); assertNotNull(sc.getLayerByName(statesLayer.prefixedName())); assertNotNull(sc.getLayerByName(roadsLayer.prefixedName())); assertNotNull(sc.getLayerGroupByName(containerTreeB.prefixedName())); LayerGroupInfo securedSingleGroup = sc.getLayerGroupByName(singleGroupC.prefixedName()); assertNotNull(securedSingleGroup); assertEquals(2, securedSingleGroup.layers().size()); assertEquals(statesLayer.prefixedName(), securedSingleGroup.layers().get(0).prefixedName()); assertEquals(basesLayer.prefixedName(), securedSingleGroup.layers().get(1).prefixedName()); LayerGroupInfo wsSpecificGroup = sc.getLayerGroupByName("nurc", "wsContainerD"); assertNotNull(wsSpecificGroup); assertEquals(1, wsSpecificGroup.getLayers().size()); assertNotNull(sc.getLayerByName(arcGridLayer.prefixedName()));