CheckUIDAccountPlugin.java example

Explorer

dcache-master
- archetypes
  - dcache-nearline-plugin-archetype
    - src
      - main
        resources
        archetype-resources
        src
        main
        java
        PluginNearlineStorage.java
        PluginNearlineStorageProvider.java
- modules

package org.dcache.gplazma;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.security.Principal;
import java.util.Properties;
import java.util.Set;

import org.dcache.auth.UidPrincipal;
import org.dcache.gplazma.plugins.GPlazmaAccountPlugin;

import static com.google.common.base.Preconditions.checkArgument;
import static org.dcache.gplazma.util.Preconditions.checkAuthentication;

/**
 * This account plugin succeeds if the specified uid principal is present
 * fails otherwise
 * @author timur
 */
public class CheckUIDAccountPlugin implements GPlazmaAccountPlugin {
    public static final Logger LOGGER = LoggerFactory.getLogger(CheckUIDAccountPlugin.class);

    private static boolean _called;

    private final UidPrincipal _uid;


    public CheckUIDAccountPlugin(Properties properties) {
        checkArgument(properties.getProperty("uid")!=null, "UID must be set.");

        _uid = new UidPrincipal(properties.getProperty("uid"));
    }

    @Override
    public void account(Set<Principal> authorizedPrincipals) throws AuthenticationException {
        LOGGER.debug("account is called");

        checkAuthentication(authorizedPrincipals.contains(_uid),
                "uid "+_uid+" was not present in authorizedPrincipals");

        _called = true;
    }

    /**
     * thread unsafe way of checking if account method of any instance
     * of the CheckUIDAccountPlugin was called since the last reset was called
     * @return the called
     */
    public static boolean isCalled() {
        return _called;
    }

    /**
     * resets the value of called to false
     */
    public static void reset() {
        _called = false;
    }

}