/**
* Copyright (c) Codice Foundation
* <p/>
* This is free software: you can redistribute it and/or modify it under the terms of the GNU Lesser
* General Public License as published by the Free Software Foundation, either version 3 of the
* License, or any later version.
* <p/>
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
* even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details. A copy of the GNU Lesser General Public License
* is distributed along with this program and can be found at
* <http://www.gnu.org/licenses/lgpl.html>.
*/
package ddf.catalog.impl.operations;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.apache.shiro.SecurityUtils;
import ddf.catalog.operation.Operation;
import ddf.security.SecurityConstants;
import ddf.security.Subject;
/**
* Support class for dealing with security for the {@code CatalogFrameworkImpl}.
*
* Specifically, this class exists to isolate the logic required to build a security policy map.
*/
public class OperationsSecuritySupport {
void buildPolicyMap(HashMap<String, Set<String>> policyMap,
Set<Map.Entry<String, Set<String>>> policy) {
if (policy != null) {
for (Map.Entry<String, Set<String>> entry : policy) {
if (policyMap.containsKey(entry.getKey())) {
policyMap.get(entry.getKey())
.addAll(entry.getValue());
} else {
policyMap.put(entry.getKey(), new HashSet<>(entry.getValue()));
}
}
}
}
/**
* Returns the subject from the operation or if the operation contains no subject returns the
* subject for the current thread context. If neither the operation or the thread context contain
* a subject, {@code null} will be returned.
* @param operation the operation to pull the subject out of
* @return The operation subject or null
*/
Subject getSubject(Operation operation) {
Object subjectFromOperation = operation.getPropertyValue(SecurityConstants.SECURITY_SUBJECT);
if(subjectFromOperation instanceof Subject) {
return (Subject) subjectFromOperation;
}
try {
Object subjectFromContext = SecurityUtils.getSubject();
if (subjectFromContext instanceof Subject) {
return (Subject) subjectFromContext;
}
} catch(Exception e){
//Error thrown if no subject/security manager found for thread context
//Ignore
}
return null;
}
}