UserPermissionsGetter.java example

Explorer

codeine-master
- src
- test
  - codeine
    - AggregateNotificationTest.java
    - CollectionTypeGetterTest.java
    - command_peer
      - ExponentialProgressiveRateClaculatorTest.java
      - LinearProgressiveRateClaculatorTest.java
    - db
      - mysql
        NearestHostSelectorTest.java
    - executer
      - SerialTasksTest.java
    - model
      - CollectorOnNodeStateTest.java
    - nodes
      - NodesSelectorTest.java
    - permissions
    - plugins
      - DiscardOldCommandSelectorTest.java
    - servlet
      - manage_statistics
        StringsCommandPairTest.java
    - servlets
      - VersionFilterTest.java
      - api_servlets
        angular
        OptionalParameterTest.java
    - utils
  - integration_tests
    - tests
      - BasicTest.java
    - tests_framework

package codeine.permissions;

import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;

import org.apache.log4j.Logger;

import codeine.jsons.auth.AuthenticationMethod;
import codeine.jsons.auth.CodeineUser;
import codeine.jsons.global.GlobalConfigurationJsonStore;
import codeine.model.Constants;
import codeine.utils.StringUtils;
import codeine.utils.exceptions.UnAuthorizedException;

public class UserPermissionsGetter {

	private static final Logger log = Logger.getLogger(UserPermissionsGetter.class);
	public static final String IGNORE_SECURITY = "ignoreSecurity";
	private final UserPermissions ADMIN_GUEST = new UserPermissions(CodeineUser.createGuestUser(), true);

	private UserPermissionsBuilder userPermissionsBuilder;
	private GlobalConfigurationJsonStore globalConfigurationJson;
	private UsernameResolverFromRequest usernameResolverFromRequest;

	@Inject
	public UserPermissionsGetter(UserPermissionsBuilder userPermissionsBuilder,
			GlobalConfigurationJsonStore globalConfigurationJson,
			UsernameResolverFromRequest usernameResolverFromRequest) {
		super();
		this.userPermissionsBuilder = userPermissionsBuilder;
		this.globalConfigurationJson = globalConfigurationJson;
		this.usernameResolverFromRequest = usernameResolverFromRequest;
	}

	private boolean ignoreSecurity() {
		return Boolean.getBoolean(IGNORE_SECURITY)
				|| globalConfigurationJson.get().authentication_method() == AuthenticationMethod.Disabled
				|| !Constants.SECURITY_ENABLED;
	}

	public IUserWithPermissions user(HttpServletRequest request) {
		if (ignoreSecurity()) {
			return ADMIN_GUEST;
		}
		CodeineUser user = usernameResolverFromRequest.getUser(request);
		IUserWithPermissions userPermissions = userPermissionsBuilder.getUserPermissions(user);
		CodeineUser viewas = usernameResolverFromRequest.getViewAsUser(request);
		if (!StringUtils.isEmpty(viewas.username())) {
			if (!userPermissions.isAdministrator()) {
				throw new UnAuthorizedException("user " + user.username() + " is not admin!");
			}
			log.debug("Using VIEW_AS Mode - " + viewas);
			return userPermissionsBuilder.getUserPermissions(viewas);
		} else {
			return userPermissions;
		}
	}

	

}