String username = validateUsername(filter.getUser()); finalRoleFilter = Collections.singleton(rolename); } else { LOGGER.warn("User does not belong to role [User:"+filter.getUser()+"] [Role:"+filter.getRole()+"] [Roles:"+assignedRoles+"]"); return null; } else if(filter.getUser().getType() != FilterType.ANY) { filter.setRole(SpecialFilterType.DEFAULT); } else {
@Override public Response delete(String name, boolean cascade) throws ConflictRestEx, NotFoundRestEx, InternalErrorRestEx { try { if ( cascade ) { ruleAdminService.deleteRulesByRole(name); } else { RuleFilter filter = new RuleFilter(SpecialFilterType.ANY); filter.setRole(name); filter.getUser().setIncludeDefault(false); long cnt = ruleAdminService.count(filter); if ( cnt > 0 ) { throw new ConflictRestEx("Existing rules reference the role " + name); } } UserGroup role = userGroupAdminService.get(name); if ( ! userGroupAdminService.delete(role.getId())) { LOGGER.warn("Role not found: " + name); throw new NotFoundRestEx("Role not found: " + name); } return Response.status(Status.OK).entity("OK\n").build(); } catch (GeoFenceRestEx ex) { // already handled throw ex; } catch (NotFoundServiceEx ex) { LOGGER.warn("Role not found: " + name); throw new NotFoundRestEx("Role not found: " + name); } catch (Exception ex) { LOGGER.error(ex.getMessage(), ex); throw new InternalErrorRestEx(ex.getMessage()); } }
@Override public Response delete(String username, boolean cascade) throws ConflictRestEx, NotFoundRestEx, InternalErrorRestEx { try { if ( cascade ) { ruleAdminService.deleteRulesByUser(username); } else { RuleFilter filter = new RuleFilter(SpecialFilterType.ANY); filter.setUser(username); filter.getUser().setIncludeDefault(false); long cnt = ruleAdminService.count(filter); if ( cnt > 0 ) { throw new ConflictRestEx("Existing rules reference the user " + username); } } GSUser user = userAdminService.get(username); // may throw NotFoundServiceEx if ( ! userAdminService.delete(user.getId())) { LOGGER.warn("ILLEGAL STATE -- User not found: " + user); // this should not happen throw new NotFoundRestEx("ILLEGAL STATE -- User not found: " + user); } return Response.status(Status.OK).entity("OK\n").build(); } catch (GeoFenceRestEx ex) { // already handled throw ex; } catch (NotFoundServiceEx ex) { LOGGER.warn("User not found: " + username); throw new NotFoundRestEx("User not found: " +username); } catch (Exception ex) { LOGGER.error(ex.getMessage(), ex); throw new InternalErrorRestEx(ex.getMessage()); } }
protected RuleFilter buildFilter( String userName, Boolean userDefault, String roleName, Boolean groupDefault, String workspace, Boolean workspaceDefault) { RuleFilter filter = new RuleFilter(SpecialFilterType.ANY, true); setFilter(filter.getUser(), userName, userDefault); setFilter(filter.getRole(), roleName, groupDefault); setFilter(filter.getWorkspace(), workspace, workspaceDefault); return filter; }
protected AdminRule getAdminAuthAux(RuleFilter filter, TextFilter roleFilter) { Search searchCriteria = new Search(AdminRule.class); searchCriteria.addSortAsc("priority"); addStringCriteria(searchCriteria, "username", filter.getUser()); addStringCriteria(searchCriteria, "rolename", roleFilter); addCriteria(searchCriteria, "instance", filter.getInstance()); addStringCriteria(searchCriteria, "workspace", filter.getWorkspace()); // we only need the first match, no need to aggregate (no LIMIT rules here) searchCriteria.setMaxResults(1); List<AdminRule> found = adminRuleDAO.search(searchCriteria); found = filterByAddress(filter, found); switch(found.size()) { case 0: return null; case 1: return found.get(0); default: // should not happen throw new IllegalStateException("Too many admin auth rules"); } }
public long count(RuleFilter ruleFilter) { return count( ruleFilter.getUser(), ruleFilter.getRole(), ruleFilter.getInstance(), ruleFilter.getService(), ruleFilter.getRequest(), ruleFilter.getWorkspace(), ruleFilter.getLayer()); }
public RESTOutputRuleList get(Integer page, Integer entries, boolean full, RuleFilter ruleFilter) { return get( page, entries, full, ruleFilter.getUser(), ruleFilter.getRole(), ruleFilter.getInstance(), ruleFilter.getService(), ruleFilter.getRequest(), ruleFilter.getWorkspace(), ruleFilter.getLayer()); }
private Search buildFixedRuleSearch(RuleFilter filter) { Search searchCriteria = new Search(AdminRule.class); if(filter != null) { addFixedStringCriteria(searchCriteria, "username", filter.getUser()); addFixedStringCriteria(searchCriteria, "rolename", filter.getRole()); addFixedCriteria(searchCriteria, "instance", filter.getInstance()); addFixedStringCriteria(searchCriteria, "workspace", filter.getWorkspace()); } return searchCriteria; }
private Search buildRuleSearch(RuleFilter filter) { Search searchCriteria = new Search(AdminRule.class); if(filter != null) { addStringCriteria(searchCriteria, "username", filter.getUser()); addStringCriteria(searchCriteria, "rolename", filter.getRole()); addCriteria(searchCriteria, "instance", filter.getInstance()); addStringCriteria(searchCriteria, "workspace", filter.getWorkspace()); } return searchCriteria; }
protected RuleFilter buildFilter( String userName, Boolean userDefault, String roleName, Boolean groupDefault, Long instanceId, String instanceName, Boolean instanceDefault, String workspace, Boolean workspaceDefault) throws BadRequestRestEx { RuleFilter filter = new RuleFilter(SpecialFilterType.ANY, true); setFilter(filter.getUser(), userName, userDefault); setFilter(filter.getRole(), roleName, groupDefault); setFilter(filter.getInstance(), instanceId, instanceName, instanceDefault); setFilter(filter.getWorkspace(), workspace, workspaceDefault); return filter; }
private Search buildRuleSearch(RuleFilter filter) { Search searchCriteria = new Search(Rule.class); if(filter != null) { addStringCriteria(searchCriteria, "username", filter.getUser()); addStringCriteria(searchCriteria, "rolename", filter.getRole()); addCriteria(searchCriteria, "instance", filter.getInstance()); addStringCriteria(searchCriteria, "service", filter.getService()); // see class' javadoc addStringCriteria(searchCriteria, "request", filter.getRequest()); // see class' javadoc addStringCriteria(searchCriteria, "workspace", filter.getWorkspace()); addStringCriteria(searchCriteria, "layer", filter.getLayer()); } return searchCriteria; }
private Search buildFixedRuleSearch(RuleFilter filter) { Search searchCriteria = new Search(Rule.class); if(filter != null) { addFixedStringCriteria(searchCriteria, "username", filter.getUser()); addFixedStringCriteria(searchCriteria, "rolename", filter.getRole()); addFixedCriteria(searchCriteria, "instance", filter.getInstance()); addFixedStringCriteria(searchCriteria, "service", filter.getService()); // see class' javadoc addFixedStringCriteria(searchCriteria, "request", filter.getRequest()); // see class' javadoc addFixedStringCriteria(searchCriteria, "workspace", filter.getWorkspace()); addFixedStringCriteria(searchCriteria, "layer", filter.getLayer()); } return searchCriteria; }
protected RuleFilter buildFilter( String userName, Boolean userDefault, String roleName, Boolean groupDefault, Long instanceId, String instanceName, Boolean instanceDefault, String serviceName, Boolean serviceDefault, String requestName, Boolean requestDefault, String workspace, Boolean workspaceDefault, String layer, Boolean layerDefault) throws BadRequestRestEx { RuleFilter filter = new RuleFilter(SpecialFilterType.ANY, true); setFilter(filter.getUser(), userName, userDefault); setFilter(filter.getRole(), roleName, groupDefault); setFilter(filter.getInstance(), instanceId, instanceName, instanceDefault); setFilter(filter.getService(), serviceName, serviceDefault); setFilter(filter.getRequest(), requestName, requestDefault); setFilter(filter.getWorkspace(), workspace, workspaceDefault); setFilter(filter.getLayer(), layer, layerDefault); return filter; }
protected List<Rule> getRuleAux(RuleFilter filter, TextFilter roleFilter) { Search searchCriteria = new Search(Rule.class); searchCriteria.addSortAsc("priority"); addStringCriteria(searchCriteria, "username", filter.getUser()); addStringCriteria(searchCriteria, "rolename", roleFilter); addCriteria(searchCriteria, "instance", filter.getInstance()); addStringCriteria(searchCriteria, "service", filter.getService()); // see class' javadoc addStringCriteria(searchCriteria, "request", filter.getRequest()); // see class' javadoc addStringCriteria(searchCriteria, "workspace", filter.getWorkspace()); addStringCriteria(searchCriteria, "layer", filter.getLayer()); List<Rule> found = ruleDAO.search(searchCriteria); found = filterByAddress(filter, found); return found; }
protected RuleFilter buildFilter( String userName, Boolean userDefault, String roleName, Boolean groupDefault, Long instanceId, String instanceName, Boolean instanceDefault, String serviceName, Boolean serviceDefault, String requestName, Boolean requestDefault, String workspace, Boolean workspaceDefault, String layer, Boolean layerDefault) { RuleFilter filter = new RuleFilter(SpecialFilterType.ANY, true); setFilter(filter.getUser(), userName, userDefault); setFilter(filter.getRole(), roleName, groupDefault); setFilter(filter.getInstance(), instanceId, instanceName, instanceDefault); setFilter(filter.getService(), serviceName, serviceDefault); setFilter(filter.getRequest(), requestName, requestDefault); setFilter(filter.getWorkspace(), workspace, workspaceDefault); setFilter(filter.getLayer(), layer, layerDefault); return filter; }