protected void checkRole(GeoServerRole role) { if (helper.roleMap.containsKey(role.getAuthority()) == false) throw new IllegalArgumentException("Role: " + role.getAuthority() + " does not exist"); }
public GeoServerRole createRoleObject(String role) throws IOException { return new GeoServerRole(role); }
/** * internal helper method * * @param buff * @param role */ protected void writeRole(StringBuffer buff, GeoServerRole role) { buff.append(role.getAuthority()); Properties props = role.getProperties(); if (props == null || props.isEmpty()) return; buff.append(getRoleParameterStartString()); boolean firstTime = true; for (Entry<Object, Object> entry : props.entrySet()) { if (firstTime == true) firstTime = false; else buff.append(getRoleParameterDelimiterString()); buff.append(entry.getKey()).append(getRoleParameterAssignmentString()); buff.append(entry.getValue() == null ? "" : entry.getValue()); } buff.append(getRoleParameterEndString()); }
public boolean equals(Object obj) { if (obj == null) return false; if (obj instanceof String && getUserName() == null) { return equalsWithoutUserName(obj); } if (obj instanceof GrantedAuthority && getUserName() == null) { if (obj instanceof GeoServerRole == false) return equalsWithoutUserName(obj); } if (obj instanceof GeoServerRole) { return compareTo((GeoServerRole) obj) == 0; } return false; }
public int compareTo(GeoServerRole o) { if (o == null) return 1; if (getAuthority().equals(o.getAuthority())) { if (getUserName() == null && o.getUserName() == null) return 0; if (getUserName() == null) return -1; if (o.getUserName() == null) return 1; return getUserName().compareTo(o.getUserName()); } return getAuthority().compareTo(o.getAuthority()); }
/** * Checks if the roles is mapped to a system role, see * * <p>{@link SecurityRoleServiceConfig#getAdminRoleName()} {@link * SecurityRoleServiceConfig#getGroupAdminRoleName()} * * @param role * @throws IOException */ public void checkRoleIsMapped(GeoServerRole role) throws IOException { GeoServerRole mappedRole = service.getAdminRole(); if (mappedRole != null && mappedRole.equals(role)) throw createSecurityException(ADMIN_ROLE_NOT_REMOVABLE_$1, role.getAuthority()); mappedRole = service.getGroupAdminRole(); if (mappedRole != null && mappedRole.equals(role)) throw createSecurityException(GROUP_ADMIN_ROLE_NOT_REMOVABLE_$1, role.getAuthority()); }
protected GeoServerRoleStore createRoleStore( String name, GeoServerSecurityManager secMgr, String... roleNames) throws IOException { GeoServerRoleStore roleStore = createNiceMock(GeoServerRoleStore.class); expect(roleStore.getSecurityManager()).andReturn(secMgr).anyTimes(); expect(roleStore.getName()).andReturn(name).anyTimes(); for (String roleName : roleNames) { expect(roleStore.getRoleByName(roleName)) .andReturn(new GeoServerRole(roleName)) .anyTimes(); } for (GeoServerRole role : GeoServerRole.SystemRoles) { String roleName = role.getAuthority(); expect(roleStore.createRoleObject(roleName)) .andReturn(new GeoServerRole(roleName)) .anyTimes(); } expect(secMgr.loadRoleService(name)).andReturn(roleStore).anyTimes(); return roleStore; }
role=new GeoServerRole(""); if (role.getUserName() != null) { descriptionModel = new StringResourceModel("personalizedRole", getPage(), null, new Object[]{role.getUserName()}); form.add(new TextField("name", new Model(role.getAuthority())).setRequired(true).setEnabled(hasRoleStore)); form.add(new DropDownChoice("parent", new ParentRoleModel(role), new ParentRolesModel(role)) .setNullValid(true).setEnabled(hasRoleStore));
@Test public void testConverter() { GeoServerRole r1 = new GeoServerRole("r1"); r1.getProperties().setProperty("r1_p1", "r1_v1"); r1.getProperties().setProperty("r1_p2", "r1_v2"); GeoServerRole r2 = new GeoServerRole("r2"); r2.getProperties().setProperty("r2_p1", "r2_v1"); GeoServerRole r3 = new GeoServerRole("r3"); assertEquals("r1", r.getAuthority()); assertEquals(2, r.getProperties().size()); assertEquals("r1_v1", r.getProperties().get("r1_p1")); assertEquals("r1_v2", r.getProperties().get("r1_p2")); assertEquals("testuser", r.getUserName()); for (GrantedAuthority auth : resColl) { r = (GeoServerRole) auth; assertNull(r.getUserName()); if ("r3".equals(r.getAuthority())) continue; if ("r2".equals(r.getAuthority())) { assertEquals(1, r.getProperties().size()); assertEquals("r2_v1", r.getProperties().get("r2_p1")); continue; if ("r1".equals(r.getAuthority())) { assertEquals(2, r.getProperties().size()); assertEquals("r1_v1", r.getProperties().get("r1_p1")); assertEquals("r1_v2", r.getProperties().get("r1_p2")); continue;
@Override protected void onFormSubmit(GeoServerRole role) throws IOException { GeoServerRoleStore store = null; try { //copy into a new one so we can set the name properly GeoServerRole newRole = new GeoServerRole(get("form:name").getDefaultModelObjectAsString()); newRole.setUserName(role.getUserName()); newRole.getProperties().putAll(role.getProperties()); role = newRole; store = new RoleStoreValidationWrapper(getRoleStore(roleServiceName)); store.addRole(role); String parentRoleName = get("form:parent").getDefaultModelObjectAsString(); if (parentRoleName != null) { GeoServerRole parentRole = store.getRoleByName(parentRoleName); store.setParentRole(role, parentRole); } store.store(); } catch (IOException ex) { try {store.load(); } catch (IOException ex2) {}; throw ex; } }
role.getProperties().put("propertyA", ""); role.getProperties().put("propertyX", "X"); roleStore.addRole(role); roleStore.associateRoleToUser(role, username); role.getProperties().put("propertyB", ""); role.getProperties().put("propertyY", "Y"); roleStore.addRole(role); roleStore.associateRoleToUser(role, username); if ("persrole1".equals(role.getAuthority())) { assertEquals("A", role.getProperties().get("propertyA")); assertEquals("X", role.getProperties().get("propertyX")); GeoServerRole anonymousRole = roleStore.getRoleByName(role.getAuthority()); assertFalse(role.isAnonymous()); assertTrue(anonymousRole.isAnonymous()); assertFalse(role == anonymousRole); assertFalse(role.equals(anonymousRole)); assertTrue(theUser.getUsername().equals(role.getUserName())); assertNull(anonymousRole.getUserName()); } else if ("persrole2".equals(role.getAuthority())) { assertEquals("B", role.getProperties().get("propertyB")); assertEquals("Y", role.getProperties().get("propertyY")); } else { Assert.fail("Unknown role " + role.getAuthority() + "for user " + username);
/** * Takes the role set for a user and personalizes the roles (matching user properties and role * parameters) * * @param user * @param roles * @throws IOException */ public SortedSet<GeoServerRole> personalizeRoles( GeoServerUser user, Collection<GeoServerRole> roles) throws IOException { SortedSet<GeoServerRole> set = new TreeSet<GeoServerRole>(); for (GeoServerRole role : roles) { Properties personalizedProps = getRoleService() .personalizeRoleParams( role.getAuthority(), role.getProperties(), user.getUsername(), user.getProperties()); if (personalizedProps == null) { set.add(role); } else { // create personalized role GeoServerRole pRole = getRoleService().createRoleObject(role.getAuthority()); pRole.setUserName(user.getUsername()); for (Object key : personalizedProps.keySet()) pRole.getProperties().put(key, personalizedProps.get(key)); set.add(pRole); } } return set; } }
@Override public GeoServerRole convertRoleFromString(String roleString, String userName) { if (roleString == null) return null; roleString = roleString.trim(); if (roleString.isEmpty()) return null; checkDelimiters(); List<String> working = splitString(roleString.trim(), getRoleParameterStartString()); GeoServerRole result = new GeoServerRole(working.get(0)); if (working.size() == 1) { return result; } // we have role parameters result.setUserName(userName); if (working.get(1).endsWith(getRoleParameterEndString()) == false) throw createExcpetion(roleString + " does not end with " + getRoleParameterEndString()); int index = working.get(1).lastIndexOf(getRoleParameterEndString()); String roleParamString = working.get(1).substring(0, index).trim(); working = splitString(roleParamString, getRoleParameterDelimiterString()); for (String kvp : working) { List<String> tmp = splitString(kvp.trim(), getRoleParameterAssignmentString()); if (tmp.size() != 2) throw createExcpetion(roleString + " Invalid role string: " + roleString); result.getProperties().put(tmp.get(0).trim(), tmp.get(1).trim()); } return result; }
@Override protected void onFormSubmit(GeoServerRole role) throws IOException { GeoServerRoleStore store = null; try { store = new RoleStoreValidationWrapper(getRoleStore(roleServiceName)); //copy into a new one so we can set the name properly GeoServerRole newRole= store.createRoleObject(get("form:name").getDefaultModelObjectAsString()); newRole.setUserName(role.getUserName()); newRole.getProperties().putAll(role.getProperties()); role = newRole; store.addRole(role); String parentRoleName = get("form:parent").getDefaultModelObjectAsString(); if (parentRoleName != null) { GeoServerRole parentRole = store.getRoleByName(parentRoleName); store.setParentRole(role, parentRole); } store.store(); } catch (IOException ex) { try {store.load(); } catch (IOException ex2) {}; throw ex; } }
role.getProperties().clear(); // set properties for (Object key : roleProps.keySet()) { role.getProperties().put(key, roleProps.get(key));
public boolean isAnonymous() { return getUserName() == null; }
public NewRolePage(String roleServiceName) { super(roleServiceName, new GeoServerRole(GeoServerRole.NULL_ROLE.getAuthority())); if (hasRoleStore(roleServiceName)==false) { throw new RuntimeException("Workflow error, new role not possible for read only service"); } }
boolean hasRoleStore = hasRoleStore(roleServiceName); if (role == null) role = new GeoServerRole(""); if (role.getUserName() != null) { descriptionModel = new StringResourceModel("personalizedRole", getPage()) .setParameters(role.getUserName()); } else { descriptionModel = new StringResourceModel("anonymousRole", getPage()); new TextField("name", new Model(role.getAuthority())) .setRequired(true) .setEnabled(hasRoleStore));
public int hashCode() { int hash = getAuthority().hashCode(); if (getUserName() != null) hash += getUserName().hashCode(); return hash; }
newRole.setUserName(role.getUserName()); newRole.getProperties().putAll(role.getProperties()); role = newRole; store.addRole(role);