@Override public ACL join(ACL acl) { if(acl instanceof RolesACL) { Set<String> newRoles = new HashSet<String>(roles); newRoles.addAll(((RolesACL) acl).getRoles()); return new RolesACL(newRoles); } else if(acl instanceof AdminACL) { Set<String> newRoles = new HashSet<String>(roles); newRoles.add(((AdminACL) acl).getAdminRole()); return new RolesACL(newRoles); } else { return this; } }
private void addFilter(Filter newFilter) { filters.put(newFilter.getName(), newFilter); ACL acl = newFilter.getACL(); if(acl instanceof RolesACL) { roles.addAll(((RolesACL) acl).getRoles()); } log(Level.DEBUG, "Filter %s added with ACL %s", newFilter.getName(), newFilter.getACL()); }
/** * Add a roles ACL to the object being build, but only if security was set * in the properties. If the xpath match no roles, the object will have no * ACL set, so it will use it's own default ACL. * * @param object The object to add a role to * @param n The DOM tree where the xpath will look into * @param roleElements the role element */ protected void doACL(WithACL object, JrdsDocument n, JrdsElement roleElements) { if(pm.security) { List<String> roles = new ArrayList<String>(); for(JrdsElement e: roleElements.getChildElementsByName("role")) { roles.add(e.getTextContent()); } if(roles.size() > 0) { object.addACL(new RolesACL(new HashSet<String>(roles))); object.addACL(pm.adminACL); } else { object.addACL(pm.defaultACL); } } }
@Test public void testSecurity() throws IOException { PropertiesManager pm = new PropertiesManager(); pm.setProperty("configdir", testFolder.getRoot().getCanonicalPath()); pm.setProperty("rrddir", testFolder.getRoot().getCanonicalPath()); pm.setProperty("tmpdir", testFolder.getRoot().getCanonicalPath()); pm.setProperty("security", "true"); pm.setProperty("adminrole", "role1"); pm.setProperty("defaultroles", " role2 ,role3"); pm.update(); Assert.assertEquals("Bad default ACL class", RolesACL.class, pm.defaultACL.getClass()); RolesACL rolesacl = (RolesACL) pm.defaultACL; Assert.assertTrue("Admin role1 not found", rolesacl.getRoles().contains("role1")); Assert.assertTrue("default role role2 not found", rolesacl.getRoles().contains("role2")); Assert.assertTrue("default role role3 not found", rolesacl.getRoles().contains("role3")); Assert.assertEquals("Bad adminACL", AdminACL.class, pm.adminACL.getClass()); AdminACL adminacl = (AdminACL) pm.adminACL; Assert.assertEquals("Bad admin role", "role1", adminacl.getAdminRole()); }
defaultRoles.add(aRole.trim()); defaultACL = new RolesACL(defaultRoles); defaultACL = defaultACL.join(adminACL);