Added comments, moved EntityHandlerIface, and cleaned up old codes.
Change-Id: I1a182b6ecd3dfeea4af08f3accd72fbce9af0f9c
diff --git a/core/src/main/java/de/ids_mannheim/korap/config/BeanConfiguration.java b/core/src/main/java/de/ids_mannheim/korap/config/BeanConfiguration.java
index 1dfe134..5e8aa36 100644
--- a/core/src/main/java/de/ids_mannheim/korap/config/BeanConfiguration.java
+++ b/core/src/main/java/de/ids_mannheim/korap/config/BeanConfiguration.java
@@ -10,9 +10,7 @@
import de.ids_mannheim.korap.interfaces.EncryptionIface;
import de.ids_mannheim.korap.interfaces.ValidatorIface;
import de.ids_mannheim.korap.interfaces.db.AuditingIface;
-import de.ids_mannheim.korap.interfaces.db.EntityHandlerIface;
import de.ids_mannheim.korap.interfaces.db.PersistenceClient;
-import de.ids_mannheim.korap.interfaces.db.PolicyHandlerIface;
import de.ids_mannheim.korap.interfaces.db.ResourceOperationIface;
import de.ids_mannheim.korap.interfaces.db.UserDataDbIface;
import de.ids_mannheim.korap.interfaces.defaults.ApacheValidator;
@@ -37,7 +35,6 @@
public static final String KUSTVAKT_AUTHENTICATION_MANAGER = "kustvakt_authenticationmanager";
public static final String KUSTVAKT_USERDB = "kustvakt_userdb";
- public static final String KUSTVAKT_POLICIES = "kustvakt_policies";
private static BeanHolderHelper beans;
@@ -174,15 +171,9 @@
// }
- public EntityHandlerIface getUserDBHandler () {
- return getBean(KUSTVAKT_USERDB);
- }
-
-
- public PolicyHandlerIface getPolicyDbProvider () {
- return getBean(KUSTVAKT_POLICIES);
- }
-
+// public EntityHandlerIface getUserDBHandler () {
+// return getBean(KUSTVAKT_USERDB);
+// }
public ValidatorIface getValidator() {
try {
diff --git a/core/src/main/java/de/ids_mannheim/korap/config/ContextHolder.java b/core/src/main/java/de/ids_mannheim/korap/config/ContextHolder.java
index b32bb3b..0703cb5 100644
--- a/core/src/main/java/de/ids_mannheim/korap/config/ContextHolder.java
+++ b/core/src/main/java/de/ids_mannheim/korap/config/ContextHolder.java
@@ -1,16 +1,19 @@
package de.ids_mannheim.korap.config;
-import de.ids_mannheim.korap.interfaces.EncryptionIface;
-import de.ids_mannheim.korap.interfaces.ValidatorIface;
-import de.ids_mannheim.korap.interfaces.db.*;
-import de.ids_mannheim.korap.interfaces.defaults.ApacheValidator;
-import de.ids_mannheim.korap.web.CoreResponseHandler;
+import java.io.IOException;
+import java.util.Collection;
import org.springframework.beans.factory.NoSuchBeanDefinitionException;
import org.springframework.context.ApplicationContext;
-import java.io.IOException;
-import java.util.Collection;
+import de.ids_mannheim.korap.interfaces.EncryptionIface;
+import de.ids_mannheim.korap.interfaces.ValidatorIface;
+import de.ids_mannheim.korap.interfaces.db.AuditingIface;
+import de.ids_mannheim.korap.interfaces.db.PersistenceClient;
+import de.ids_mannheim.korap.interfaces.db.ResourceOperationIface;
+import de.ids_mannheim.korap.interfaces.db.UserDataDbIface;
+import de.ids_mannheim.korap.interfaces.defaults.ApacheValidator;
+import de.ids_mannheim.korap.web.CoreResponseHandler;
/**
* @author hanl
@@ -102,16 +105,10 @@
// }
- public EntityHandlerIface getUserDBHandler () {
- return getBean(KUSTVAKT_USERDB);
- }
+// public EntityHandlerIface getUserDBHandler () {
+// return getBean(KUSTVAKT_USERDB);
+// }
- public PolicyHandlerIface getPolicyDbProvider () {
- Object b = getBean(KUSTVAKT_POLICIES);
- return (PolicyHandlerIface) b;
- }
-
-
// public Collection<AuthenticationIface> getAuthProviders () {
// return getBean(KUSTVAKT_AUTHPROVIDERS);
// }
diff --git a/core/src/main/java/de/ids_mannheim/korap/config/KustvaktConfiguration.java b/core/src/main/java/de/ids_mannheim/korap/config/KustvaktConfiguration.java
index 563e493..7198bdc 100644
--- a/core/src/main/java/de/ids_mannheim/korap/config/KustvaktConfiguration.java
+++ b/core/src/main/java/de/ids_mannheim/korap/config/KustvaktConfiguration.java
@@ -76,8 +76,6 @@
private String default_token;
private String default_dep;
private String default_const;
- @Deprecated
- private String policyConfig;
private ArrayList<String> foundries;
private ArrayList<String> layers;
diff --git a/core/src/main/java/de/ids_mannheim/korap/interfaces/db/EntityHandlerIface.java b/core/src/main/java/de/ids_mannheim/korap/interfaces/db/EntityHandlerIface.java
deleted file mode 100644
index 456b385..0000000
--- a/core/src/main/java/de/ids_mannheim/korap/interfaces/db/EntityHandlerIface.java
+++ /dev/null
@@ -1,36 +0,0 @@
-package de.ids_mannheim.korap.interfaces.db;
-
-import de.ids_mannheim.korap.exceptions.EmptyResultException;
-import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.user.User;
-
-/**
- * User: hanl
- * Date: 8/19/13
- * Time: 11:04 AM
- */
-public interface EntityHandlerIface {
-
- User getAccount (String username) throws EmptyResultException,
- KustvaktException;
-
-
- int updateAccount (User user) throws KustvaktException;
-
-
- int createAccount (User user) throws KustvaktException;
-
-
- int deleteAccount (Integer userid) throws KustvaktException;
-
-
- int truncate () throws KustvaktException;
-
-
- int resetPassphrase (String username, String uriToken, String passphrase)
- throws KustvaktException;
-
-
- int activateAccount (String username, String uriToken)
- throws KustvaktException;
-}
diff --git a/core/src/main/java/de/ids_mannheim/korap/interfaces/db/PolicyHandlerIface.java b/core/src/main/java/de/ids_mannheim/korap/interfaces/db/PolicyHandlerIface.java
deleted file mode 100644
index fe20a25..0000000
--- a/core/src/main/java/de/ids_mannheim/korap/interfaces/db/PolicyHandlerIface.java
+++ /dev/null
@@ -1,203 +0,0 @@
-package de.ids_mannheim.korap.interfaces.db;
-
-import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.resources.Foundry;
-import de.ids_mannheim.korap.resources.KustvaktResource;
-import de.ids_mannheim.korap.security.Parameter;
-import de.ids_mannheim.korap.security.PolicyCondition;
-import de.ids_mannheim.korap.security.SecurityPolicy;
-import de.ids_mannheim.korap.user.User;
-
-import java.util.List;
-
-/**
- * User: hanl
- * Date: 10/31/13
- * Time: 3:01 PM
- */
-public interface PolicyHandlerIface {
-
- /**
- * @param policy
- * @param user
- * @throws KustvaktException
- */
- int createPolicy (SecurityPolicy policy, User user)
- throws KustvaktException;
-
-
- /**
- * @param target
- * @param user
- * @param perm
- * @return
- */
- List<SecurityPolicy>[] getPolicies (Integer target, User user, Byte perm);
-
-
- List<SecurityPolicy> getPolicies (PolicyCondition condition,
- Class<? extends KustvaktResource> clazz, Byte perm);
-
- List<SecurityPolicy> getPoliciesByPersistentId (PolicyCondition policyCondition,
- Class<? extends KustvaktResource> clazz, byte perm, String id);
-
- /**
- * @param policy
- * @return
- * @throws KustvaktException
- */
- void mapConstraints (SecurityPolicy policy) throws KustvaktException;
-
-
- /**
- * @param target
- * @param user
- * @param perm
- * @return
- */
- List<SecurityPolicy>[] getPolicies (String target, User user, Byte perm);
-
-
- /**
- * @param path
- * @param user
- * @param perm
- * @return
- */
- // todo: refactor
- List<SecurityPolicy>[] findPolicies (String path, User user, Byte perm);
-
-
- /**
- * @param path
- * @param user
- * @param b
- * @param clazz
- * @return
- * @throws KustvaktException
- */
- List<KustvaktResource.Container> getDescending (String path, User user,
- Byte b, Class<? extends KustvaktResource> clazz)
- throws KustvaktException;
-
-
- /**
- * @param path
- * @param user
- * @param b
- * @param clazz
- * @return
- * @throws KustvaktException
- */
- List<KustvaktResource.Container> getAscending (String path, User user,
- Byte b, Class<? extends KustvaktResource> clazz)
- throws KustvaktException;
-
-
- /**
- * @param id
- * @param user
- */
- int deleteResourcePolicies (String id, User user) throws KustvaktException;
-
-
- /**
- * @param policy
- * @param user
- * @return
- * @throws KustvaktException
- */
- int deletePolicy (SecurityPolicy policy, User user)
- throws KustvaktException;
-
-
- /**
- * @param policy
- * @param user
- * @return
- * @throws KustvaktException
- */
- int updatePolicy (SecurityPolicy policy, User user)
- throws KustvaktException;
-
-
- /**
- * checks if a similar policy already exists
- *
- * @param policy
- * @return
- * @throws KustvaktException
- */
- int checkPolicy (SecurityPolicy policy, User user) throws KustvaktException;
-
-
- /**
- * @param user
- * @param name
- * @param owner
- * @return
- * @throws KustvaktException
- */
- int matchCondition (User user, String name, boolean owner)
- throws KustvaktException;
-
-
- /**
- * @param username
- * @param condition
- * @param admin
- * @return
- * @throws KustvaktException
- */
- int addToCondition (String username, PolicyCondition condition,
- boolean admin) throws KustvaktException;
-
-
- /**
- * @param usernames
- * @param condition
- * @param status
- * @throws KustvaktException
- */
-
- //todo: add a handler user id, to skip the matching step in the corpusmanagement segment!
- int[] addToCondition (List<String> usernames, PolicyCondition condition,
- boolean status) throws KustvaktException;
-
-
- /**
- * @param usernames
- * @param condition
- * @throws KustvaktException
- */
- void removeFromCondition (List<String> usernames, PolicyCondition condition)
- throws KustvaktException;
-
-
- /**
- * @param param
- * @throws KustvaktException
- */
- int createParamBinding (Parameter param) throws KustvaktException;
-
-
- /**
- * @param condition
- * @return
- * @throws KustvaktException
- */
- List<String> getUsersFromCondition (PolicyCondition condition)
- throws KustvaktException;
-
-
- /**
- * @param policy
- * @throws KustvaktException
- */
- int removeParamBinding (SecurityPolicy policy) throws KustvaktException;
-
-
- int size ();
-
-
-}
diff --git a/core/src/main/java/de/ids_mannheim/korap/security/Parameter.java b/core/src/main/java/de/ids_mannheim/korap/security/Parameter.java
deleted file mode 100644
index c27f0cf..0000000
--- a/core/src/main/java/de/ids_mannheim/korap/security/Parameter.java
+++ /dev/null
@@ -1,47 +0,0 @@
-package de.ids_mannheim.korap.security;
-
-import de.ids_mannheim.korap.resources.KustvaktResource;
-import de.ids_mannheim.korap.user.User;
-import lombok.Getter;
-
-/**
- * @author hanl@ids-mannheim.de
- * @date 09/11/14
- */
-@Getter
-public class Parameter extends KustvaktResource {
-
- private String value;
- private SecurityPolicy policy;
- // todo: what is this supposed to do?
- private boolean equal;
-
-
- public Parameter (String identifier, String value, boolean equal, User user) {
- super();
- super.setName(identifier.toLowerCase());
- this.value = value;
- this.equal = equal;
- }
-
-
- @Override
- public void merge (KustvaktResource resource) {}
-
-
- @Override
- public void checkNull () {}
-
-
- public String getValue () {
- if (policy == null)
- return null;
- return value;
- }
-
-
- public void setPolicy (SecurityPolicy policy) {
- this.policy = policy;
- }
-
-}
diff --git a/core/src/main/java/de/ids_mannheim/korap/security/PermissionsBuffer.java b/core/src/main/java/de/ids_mannheim/korap/security/PermissionsBuffer.java
deleted file mode 100644
index dc98264..0000000
--- a/core/src/main/java/de/ids_mannheim/korap/security/PermissionsBuffer.java
+++ /dev/null
@@ -1,176 +0,0 @@
-package de.ids_mannheim.korap.security;
-
-import de.ids_mannheim.korap.resources.Permissions;
-
-import java.nio.ByteBuffer;
-import java.util.HashSet;
-import java.util.Set;
-
-/**
- * User: hanl
- * Date: 11/5/13
- * Time: 1:05 PM
- */
-public class PermissionsBuffer {
-
- private byte[] bytes;
-
-
- public PermissionsBuffer () {
- this((short) 0);
- }
-
-
- public PermissionsBuffer (short perm) {
- setByte(perm);
- }
-
-
- private void setByte (short perm) {
- ByteBuffer b = ByteBuffer.allocate(2);
- b.putShort(perm);
- bytes = b.array();
- }
-
-
- public PermissionsBuffer (byte ... bytes) {
- this.bytes = bytes;
- }
-
-
- public boolean containsPermission (Permissions.Permission p) {
- return containsPByte(p.toByte());
- }
-
-
- public boolean containsPByte (byte perm) {
- return (bytes[1] & perm) == perm;
- }
-
-
- public int addPermission (int b) {
- short r = (short) (bytes[1] & b);
- if ((bytes[1] & b) != b)
- bytes[1] += b;
- else
- return -1;
- return 0;
- }
-
-
- public void retain (int compare) {
- short f = (short) (bytes[1] & compare);
- ByteBuffer b = ByteBuffer.allocate(2);
- b.putShort(f);
- bytes = b.array();
- }
-
-
- public void addPermissions (Permissions.Permission ... perm) {
- if (perm.length > 0) {
- for (Permissions.Permission p : perm)
- addPermission(p.toByte());
- }
- }
-
-
- public void removePermission (Permissions.Permission perm) {
- this.removePermission(perm.toByte());
- }
-
-
- public int removePermission (int b) {
- if ((bytes[1] & b) != 0)
- bytes[1] -= b;
- else
- return -1;
- return 0;
- }
-
-
- @Deprecated
- public int addOverride (int b) {
- if ((bytes[0] & b) == 0)
- bytes[0] += b;
- else
- return -1;
- return 0;
- }
-
-
- public int removeOverride (int b) {
- if ((bytes[0] & b) != 0)
- bytes[0] -= b;
- else
- return -1;
- return 0;
- }
-
-
- @Deprecated
- public boolean isOverridable (int b) {
- return (bytes[0] & b) != 0;
- }
-
-
- public boolean leftShift (byte perm) {
- // return pbyte & (perm << 1);
- System.out.println("pbyte is: " + bytes[1]);
- System.out.println("bitswise operation, left shift " + (perm << 1));
- return false;
- }
-
-
- @Override
- public boolean equals (Object perm) {
- if (perm instanceof Byte)
- return (bytes[1] & (byte) perm) == bytes[1];
- else if (perm instanceof PermissionsBuffer) {
- PermissionsBuffer b = (PermissionsBuffer) perm;
- return (bytes[1] & b.bytes[1]) == bytes[1];
- }
- return false;
- }
-
-
- public short getBytes () {
- ByteBuffer b = ByteBuffer.wrap(bytes);
- return b.getShort();
- }
-
-
- public byte[] getByteArray () {
- return bytes;
- }
-
-
- public Byte getPbyte () {
- return this.bytes[1];
- }
-
-
- public Set<Permissions.Permission> getPermissions () {
- Set<Permissions.Permission> pe = new HashSet<>();
- for (Permissions.Permission p : Permissions.Permission.values()) {
- if (containsPByte(p.toByte()))
- pe.add(p);
- }
- return pe;
- }
-
-
- public byte getOverride () {
- return this.bytes[0];
- }
-
-
- public String toBinary () {
- StringBuilder sb = new StringBuilder(bytes.length * Byte.SIZE);
- for (int i = 0; i < Byte.SIZE * bytes.length; i++) {
- sb.append((bytes[i / Byte.SIZE] << i % Byte.SIZE & 0x80) == 0 ? '0'
- : '1');
- }
- return sb.toString();
- }
-
-}
diff --git a/core/src/main/java/de/ids_mannheim/korap/security/PolicyCondition.java b/core/src/main/java/de/ids_mannheim/korap/security/PolicyCondition.java
deleted file mode 100644
index a7adbf8..0000000
--- a/core/src/main/java/de/ids_mannheim/korap/security/PolicyCondition.java
+++ /dev/null
@@ -1,113 +0,0 @@
-package de.ids_mannheim.korap.security;
-
-import de.ids_mannheim.korap.config.Attributes;
-import lombok.Getter;
-
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * User: hanl
- * Date: 10/29/13
- * Time: 4:30 PM
- */
-@Getter
-public class PolicyCondition implements Comparable<PolicyCondition> {
-
- private static Map<String, Object> stats = new HashMap<>();
-
- static {
- stats.put(Attributes.SYM_USE, -1);
- stats.put(Attributes.COMMERCIAL, false);
- //fixme: doesnt query only and export infer the same thing?
- stats.put(Attributes.QUERY_ONLY, false);
- stats.put(Attributes.EXPORT, false);
- stats.put(Attributes.LICENCE, null);
- stats.put(Attributes.RANGE, null);
- //fixme: range is valuable in this context, but time span should remain in the policy context!
- stats.put(Attributes.TIME_SPANS, null);
- }
-
- //todo: loadSubTypes these from database or configuration --> use id reference, rather than variable declaration
-
- //todo: old regex for format gr(2323): "(^[^\\(]+)\\((.*)\\)"
- // private static final Pattern p = Pattern.compile("\\((.*)\\)");
- private final String specifier;
- private String description;
- private static final String EX_PRE = "ex:";
- private Map<String, Object> flags;
-
-
- public PolicyCondition (String target) {
- // pattern to map extensionally created groups
- this.specifier = target;
- this.flags = new HashMap<>(stats);
- }
-
-
- public PolicyCondition () {
- this(EX_PRE + createGroupName());
- }
-
-
- @Deprecated
- //todo: do this in crypto bean!
- private static String createGroupName () {
- // return Base64.encodeBase64String(SecureRGenerator
- // .getNextSecureRandom(64));
- return "<new group name>";
- }
-
-
- public void setDescription (String description) {
- this.description = description;
- }
-
-
- public void setFlag (String key, Object value) {
- Object f = this.flags.get(key);
- if (f != null && f.getClass().equals(value.getClass()))
- this.flags.put(key, value);
- }
-
-
- public String getSpecifier () {
- return this.specifier;
- }
-
-
- public boolean isExtensional () {
- return getSpecifier().startsWith(EX_PRE);
- }
-
-
- @Override
- public String toString () {
- return "(" + this.specifier + ")";
- }
-
-
- @Override
- public int compareTo (PolicyCondition o) {
- return this.getSpecifier().compareTo(o.getSpecifier());
- }
-
-
- @Override
- public boolean equals (Object o) {
- if (this == o)
- return true;
- if (o == null || getClass() != o.getClass())
- return false;
-
- PolicyCondition that = (PolicyCondition) o;
- return specifier.equals(that.specifier);
- }
-
-
- @Override
- public int hashCode () {
- return specifier.hashCode();
- }
-
-}
diff --git a/core/src/main/java/de/ids_mannheim/korap/security/PolicyContext.java b/core/src/main/java/de/ids_mannheim/korap/security/PolicyContext.java
deleted file mode 100644
index 00e3067..0000000
--- a/core/src/main/java/de/ids_mannheim/korap/security/PolicyContext.java
+++ /dev/null
@@ -1,79 +0,0 @@
-package de.ids_mannheim.korap.security;
-
-import de.ids_mannheim.korap.utils.IPNetMask;
-import de.ids_mannheim.korap.utils.TimeUtils;
-import lombok.Getter;
-
-import java.net.UnknownHostException;
-
-/**
- * @author hanl
- * @date 09/01/2014
- */
-@Getter
-public class PolicyContext {
-
- // refers to a specific ip location
- private String ipmask = "";
- // this context is not like an environmental property (e.g. morning hours/ evening hours), but specifies absolute time
- // parameters (e.g. from 10.04.2014 9:00 till 14..04.2014 active for testing).
- // if the containing parameter do not meet, the policy will be deactivated. if no parameter where specified, the policy
- // remains active
- // specifies a start time for the policy to be activated
- private long start = 0L;
- // specifies a time up to which the policy stays active
- private long end = 0L;
-
-
- public PolicyContext () {
- start = TimeUtils.getNow().getMillis();
- }
-
-
- public PolicyContext setIPMask (String ip) {
- this.ipmask = ip;
- return this;
- }
-
-
- public PolicyContext setExpirationTime (long limit) {
- this.end = limit;
- return this;
- }
-
-
- public PolicyContext setEnableTime (long start) {
- this.start = start;
- return this;
- }
-
-
- protected boolean isActive (String ipaddress) {
- if (ipaddress == null)
- return false;
- if (noMask())
- return true;
- IPNetMask mask;
- try {
- mask = IPNetMask.getIPMask(this.ipmask);
- boolean f = mask.matches(ipaddress);
- return f;
- }
- catch (UnknownHostException e) {
- e.printStackTrace();
- return false;
- }
- }
-
-
- protected boolean noMask () {
- return ipmask == null || ipmask.isEmpty();
- }
-
-
- @Override
- public String toString () {
- return "PolicyContext{" + ", ipmask='" + ipmask + '\'' + ", start="
- + start + ", end=" + end + '}';
- }
-}
diff --git a/core/src/main/java/de/ids_mannheim/korap/security/SecurityPolicy.java b/core/src/main/java/de/ids_mannheim/korap/security/SecurityPolicy.java
deleted file mode 100644
index 51d73d8..0000000
--- a/core/src/main/java/de/ids_mannheim/korap/security/SecurityPolicy.java
+++ /dev/null
@@ -1,316 +0,0 @@
-package de.ids_mannheim.korap.security;
-
-import de.ids_mannheim.korap.resources.KustvaktResource;
-import de.ids_mannheim.korap.resources.Permissions;
-import de.ids_mannheim.korap.user.User;
-import lombok.Getter;
-
-import java.util.*;
-
-/**
- * User: hanl
- * Date: 10/8/13
- * Time: 5:26 PM
- */
-
-// default is deny, but deny policies are allowed, when specifying a subset that would otherwise be allowed!
-// must be implemented as a resolution mechanism, that automatically creates this kind of policy strategy (allow > deny)
-
-public class SecurityPolicy {
-
- private int id = 0;
- // a settingattribute id for instance,
- // which specifies the attribute to be protected by this policy
- private String target;
- // todo: change to set!
- private List<PolicyCondition> conditions;
- private Set<Integer> removedidx;
- private Set<Integer> addedidx;
- private PermissionsBuffer permissions;
- private PolicyContext ctx;
- private Integer creator;
-
-
- public SecurityPolicy () {
- this.setID(-1);
- this.ctx = new PolicyContext();
- this.conditions = new ArrayList<>();
- this.removedidx = new HashSet<>();
- this.addedidx = new HashSet<>();
- this.permissions = new PermissionsBuffer();
- }
-
-
- public SecurityPolicy (Integer id) {
- this();
- this.setID(id);
- }
-
-
- public SecurityPolicy setID (Integer id) {
- this.id = id;
- return this;
- }
-
-
- public Integer getID () {
- return this.id;
- }
-
-
- public Integer getCreator () {
- return this.creator;
- }
-
-
- public PolicyContext getContext () {
- return this.ctx;
- }
-
-
- public SecurityPolicy setTarget (KustvaktResource resource) {
- this.target = resource.getPersistentID();
- return this;
- }
-
-
- public SecurityPolicy setTarget (String target) {
- this.target = target;
- return this;
- }
-
-
- public String getTarget () {
- return this.target;
- }
-
-
- public SecurityPolicy setPOSIX (String posix) {
- this.permissions = new PermissionsBuffer(Short.valueOf(posix));
- return this;
- }
-
-
- public SecurityPolicy setCreator (Integer creator) {
- this.creator = creator;
- return this;
- }
-
-
- // todo ???????
- @Deprecated
- private SecurityPolicy setOverride (Permissions.Permission ... perms) {
- for (Permissions.Permission p : perms)
- this.permissions.addOverride(p.toByte());
- return this;
- }
-
-
- public SecurityPolicy setContext (PolicyContext ctx) {
- this.ctx = ctx;
- return this;
- }
-
-
- private boolean hasContext () {
- return !ctx.noMask();
- }
-
-
- //todo:
- public boolean isActive (User user) {
- System.out.println("THE POLICY " + this.toString());
- System.out.println("DOES THIS HAVE CONTEXT? " + this.hasContext());
- // String host = (String) user.getField(Attributes.HOST);
- // System.out.println("HOST IS " + host);
- // System.out.println("is active? " + ctx.isActive(host));
- // if (this.hasContext())
- // return ctx.isActive(host);
- return !this.hasContext();
- }
-
-
- public List<String> getConditionList () {
- List<String> c = new LinkedList<>();
- Collections.sort(conditions);
- for (PolicyCondition p : conditions)
- c.add(p.getSpecifier());
- return c;
- }
-
-
- public String getConditionString () {
- if (conditions.isEmpty())
- return "";
-
- Collections.sort(conditions);
- StringBuffer b = new StringBuffer();
- for (PolicyCondition c : conditions) {
- b.append(c);
- b.append(";");
- }
- b.deleteCharAt(b.lastIndexOf(";"));
- return b.toString();
- }
-
-
- public List<PolicyCondition> getConditions () {
- return this.conditions;
- }
-
-
- public SecurityPolicy setConditions (PolicyCondition ... constraints) {
- this.conditions.clear();
- this.removedidx.clear();
- this.addedidx.clear();
- for (int idx = 0; idx < constraints.length; idx++) {
- this.conditions.add(idx, constraints[idx]);
- this.addedidx.add(idx);
- }
- return this;
- }
-
-
- public SecurityPolicy removeCondition (PolicyCondition constraint) {
- int idx = this.conditions.indexOf(constraint);
- if (this.addedidx.contains(idx))
- this.addedidx.remove(idx);
- else
- this.removedidx.add(idx);
- return this;
- }
-
-
- public SecurityPolicy addCondition (PolicyCondition constraint) {
- this.conditions.add(constraint);
- return this;
- }
-
-
- public SecurityPolicy addNewCondition (PolicyCondition constraint) {
- if (this.conditions.add(constraint))
- this.addedidx.add(this.conditions.indexOf(constraint));
- return this;
- }
-
-
- public boolean contains (PolicyCondition constraint) {
- return conditions.contains(constraint);
- }
-
-
- public Collection<Integer> getRemoved () {
- return this.removedidx;
- }
-
-
- public Collection<Integer> getAdded () {
- return this.addedidx;
- }
-
-
- public void clear () {
- // clear remove, add, conditions list!
- for (Integer remove : this.removedidx)
- this.conditions.remove(remove);
- this.removedidx.clear();
- this.addedidx.clear();
- }
-
-
- public boolean hasPermission (Permissions.Permission perm) {
- return permissions != null && permissions.containsPermission(perm);
- }
-
-
- /**
- * function to add a permission byte to the collection.
- *
- * @param perms
- * @return
- */
- public SecurityPolicy addPermission (Permissions.Permission ... perms) {
- permissions.addPermissions(perms);
- return this;
- }
-
-
- public boolean equalsPermission (Permissions.Permission ... perms) {
- PermissionsBuffer b = new PermissionsBuffer();
- b.addPermissions(perms);
- return permissions != null
- && permissions.getPbyte().equals(b.getPbyte());
- }
-
-
- public void removePermission (Permissions.Permission perm) {
- if (permissions != null)
- permissions.removePermission(perm);
- }
-
-
- public Byte getPermissionByte () {
- return permissions.getPbyte();
- }
-
-
- @Override
- public String toString () {
- final StringBuffer sb = new StringBuffer("SecurityPolicy{");
- sb.append("id=").append(id);
- sb.append(", target='").append(target).append('\'');
- sb.append(", conditions=").append(conditions);
- sb.append(", permissions=").append(getPermissions());
- sb.append('}');
- return sb.toString();
- }
-
-
- public Set<Permissions.Permission> getPermissions () {
- return permissions.getPermissions();
- }
-
-
- @Override
- public boolean equals (Object o) {
- if (this == o)
- return true;
- if (o == null || getClass() != o.getClass())
- return false;
-
- SecurityPolicy policy = (SecurityPolicy) o;
-
- if (id != policy.id)
- return false;
- if (target != policy.target)
- return false;
-
- return true;
- }
-
-
- @Override
- public int hashCode () {
- int result = id;
- result = 31 * result + target.hashCode();
- return result;
- }
-
- @Getter
- public static class OwnerPolicy extends SecurityPolicy {
- private final Integer owner;
-
-
- public OwnerPolicy (String target, Integer owner) {
- this.owner = owner;
- super.setTarget(target);
- }
-
-
- @Override
- public String toString () {
- return "OwnerPolicy(" + super.getTarget() + "," + owner + ")";
- }
-
- }
-}
diff --git a/core/src/main/java/de/ids_mannheim/korap/utils/UserPropertyReader.java b/core/src/main/java/de/ids_mannheim/korap/utils/UserPropertyReader.java
deleted file mode 100644
index d98de46..0000000
--- a/core/src/main/java/de/ids_mannheim/korap/utils/UserPropertyReader.java
+++ /dev/null
@@ -1,143 +0,0 @@
-package de.ids_mannheim.korap.utils;
-
-import de.ids_mannheim.korap.config.BeansFactory;
-import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.exceptions.StatusCodes;
-import de.ids_mannheim.korap.interfaces.EncryptionIface;
-import de.ids_mannheim.korap.interfaces.ValidatorIface;
-import de.ids_mannheim.korap.interfaces.db.EntityHandlerIface;
-import de.ids_mannheim.korap.interfaces.db.UserDataDbIface;
-import de.ids_mannheim.korap.user.*;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.IOException;
-import java.io.UnsupportedEncodingException;
-import java.security.NoSuchAlgorithmException;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Properties;
-
-/**
- * @author hanl
- * @date 30/09/2014
- *
- * EM: where is this used?
- */
-public class UserPropertyReader extends PropertyReader {
-
- private static Logger jlog = LoggerFactory
- .getLogger(UserPropertyReader.class);
-
-
- private Map<String, Properties> props;
- private String path;
- private EntityHandlerIface iface;
- private EncryptionIface crypto;
- private ValidatorIface validator;
-
-
- public UserPropertyReader (String path) {
- this.path = path;
- this.iface = BeansFactory.getKustvaktContext().getUserDBHandler();
- this.crypto = BeansFactory.getKustvaktContext().getEncryption();
- this.validator = BeansFactory.getKustvaktContext().getValidator();
- }
-
-
- @Override
- public void load () {
- try {
- props = super.read(this.path);
- for (Map.Entry<String, Properties> e : props.entrySet()) {
- try {
- createUser(e.getKey(), e.getValue());
- }
- catch (KustvaktException ex) {
- jlog.error("KorAP-Exception: {} for user {}",
- ex.getStatusCode(), e.getKey());
- }
- }
- iface.createAccount(User.UserFactory.getDemoUser());
- }
- catch (IOException e) {
- jlog.error("Could not read from path {}", path);
- }
- catch (KustvaktException e) {
- jlog.error("KorAP-Exception: {}", e.getStatusCode());
- }
- }
-
-
- private User createUser (String username, Properties p)
- throws KustvaktException {
- KorAPUser user;
-// if (username.equals(User.ADMINISTRATOR_NAME)) {
-// user = User.UserFactory.getAdmin();
-//
-// String pass = p.getProperty(username + ".password", null);
-// if (pass == null)
-// throw new KustvaktException(StatusCodes.ILLEGAL_ARGUMENT);
-//
-// try {
-// pass = crypto.secureHash(pass);
-// }
-// catch (NoSuchAlgorithmException | UnsupportedEncodingException e) {
-// throw new KustvaktException(StatusCodes.REQUEST_INVALID);
-// }
-// user.setPassword(pass);
-// iface.createAccount(user);
-// }
-// else {
- user = User.UserFactory.getUser(username);
- Map<String, Object> vals = new HashMap<>();
- for (Map.Entry e : p.entrySet()) {
- String key = e.getKey().toString().split("\\.", 2)[1];
- vals.put(key, e.getValue().toString());
- }
- String pass = p.getProperty(username + ".password", null);
- if (pass == null)
- throw new KustvaktException(StatusCodes.ILLEGAL_ARGUMENT);
-
- try {
- pass = crypto.secureHash(pass);
- }
- catch (NoSuchAlgorithmException | UnsupportedEncodingException e) {
- throw new KustvaktException(StatusCodes.REQUEST_INVALID);
- }
-
- user.setPassword(pass);
- user.setAccountLocked(Boolean.valueOf(p.getProperty(username
- + ".lock", "false")));
- user.setAccountCreation(TimeUtils.getNow().getMillis());
-
- //todo: make sure uri is set to 0, so sql queries work with the null value
- // user.setURIExpiration(0L);
- iface.createAccount(user);
- UserDetails det = new UserDetails();
- det.setUserId(user.getId());
- det.read(vals, true);
- det.validate(this.validator);
-
- Userdata set = new UserSettings();
- set.setUserId(user.getId());
- set.read(vals, true);
- set.validate(this.validator);
-
- UserDataDbIface dao = BeansFactory.getTypeFactory()
- .getTypeInterfaceBean(
- BeansFactory.getKustvaktContext()
- .getUserDataProviders(), UserDetails.class);
- dao.store(det);
-
- dao = BeansFactory.getTypeFactory().getTypeInterfaceBean(
- BeansFactory.getKustvaktContext().getUserDataProviders(),
- UserSettings.class);
- dao.store(set);
-// }
-
- jlog.info("successfully created account for user {}",
- user.getUsername());
- return user;
- }
-}