@Override public Object secure(Object object, WrapperPolicy policy) { // null safe if (object == null) return null; Class clazz = object.getClass(); // for each supported Info type, log a warning if the object to be secured is already // secured. If this happens, // it could lead to a StackOverflowError if the object is re-wrapped, over time, over and // over agian. if (CoverageInfo.class.isAssignableFrom(clazz)) return new SecuredCoverageInfo(logIfSecured((CoverageInfo) object), policy); else if (CoverageStoreInfo.class.isAssignableFrom(clazz)) return new SecuredCoverageStoreInfo(logIfSecured((CoverageStoreInfo) object), policy); else if (DataStoreInfo.class.isAssignableFrom(clazz)) return new SecuredDataStoreInfo(logIfSecured((DataStoreInfo) object), policy); else if (FeatureTypeInfo.class.isAssignableFrom(clazz)) return new SecuredFeatureTypeInfo(logIfSecured((FeatureTypeInfo) object), policy); else if (LayerInfo.class.isAssignableFrom(clazz)) return new SecuredLayerInfo(logIfSecured((LayerInfo) object), policy); else if (WMSLayerInfo.class.isAssignableFrom(clazz)) return new SecuredWMSLayerInfo(logIfSecured((WMSLayerInfo) object), policy); else if (WMTSLayerInfo.class.isAssignableFrom(clazz)) return new SecuredWMTSLayerInfo(logIfSecured((WMTSLayerInfo) object), policy); else throw new IllegalArgumentException("Don't know how to wrap " + object); } /**
@Override public DataAccess<? extends FeatureType, ? extends Feature> getDataStore( ProgressListener listener) throws IOException { final DataAccess<? extends FeatureType, ? extends Feature> ds = super.getDataStore(listener); if (ds == null) return null; else if (policy.level == AccessLevel.METADATA) throw SecureCatalogImpl.unauthorizedAccess(this.getName()); else return (DataAccess<? extends FeatureType, ? extends Feature>) SecuredObjects.secure(ds, policy); } }
static StoreInfo unwrap(StoreInfo info) { if (info instanceof SecuredDataStoreInfo) return ((SecuredDataStoreInfo) info).unwrap(StoreInfo.class); if (info instanceof SecuredCoverageStoreInfo) return ((SecuredCoverageStoreInfo) info).unwrap(StoreInfo.class); if (info instanceof SecuredWMSStoreInfo) return ((SecuredWMSStoreInfo) info).unwrap(StoreInfo.class); if (info instanceof SecuredWMTSStoreInfo) return ((SecuredWMTSStoreInfo) info).unwrap(StoreInfo.class); return info; }
@Test public void testSecuredDataStoreInfoHide() throws Exception { SecuredDataStoreInfo ro = new SecuredDataStoreInfo(statesStore, WrapperPolicy.hide(null)); ReadOnlyDataStore dataStore = (ReadOnlyDataStore) ro.getDataStore(null); assertTrue(dataStore.policy.isHide()); }
@Test public void testSecuredDataStoreInfoMetadata() throws Exception { SecuredDataStoreInfo ro = new SecuredDataStoreInfo(statesStore, WrapperPolicy.metadata(null)); try { ReadOnlyDataStore dataStore = (ReadOnlyDataStore) ro.getDataStore(null); fail("This should have failed with a security exception"); } catch (Exception e) { if (ReadOnlyDataStoreTest.isSpringSecurityException(e) == false) fail("Should have failed with a security exception"); } } }