/** * Pass a reference to the raw, unsecured catalog. The reference is used to evaluate the * relationship between layers and the groups containing them * * @param dao * @param rawCatalog */ public DefaultResourceAccessManager(DataAccessRuleDAO dao, Catalog rawCatalog) { this.dao = dao; this.rawCatalog = rawCatalog; this.root = buildAuthorizationTree(dao); this.groupsCache = new LayerGroupContainmentCache(rawCatalog); }
private void buildLayerGroupCaches() { groupCache.clear(); resourceContainmentCache.clear(); List<LayerGroupInfo> groups = catalog.getLayerGroups(); // first populate the basic structure for (LayerGroupInfo lg : groups) { addGroupInfo(lg); } // now populate the containment structure for (LayerGroupInfo lg : groups) { registerContainedGroups(lg); } }
public LayerGroupContainmentCache(Catalog catalog) { this.catalog = catalog; catalog.addListener(new CatalogChangeListener()); buildLayerGroupCaches(); }
private Set<String> containerNamesForGroup(LayerGroupInfo lg) { Collection<LayerGroupSummary> summaries = cc.getContainerGroupsFor(lg); return summaries.stream().map(gs -> gs.prefixedName()).collect(Collectors.toSet()); }
/** * Recursively collects the group and all its containers in the <data>groups</data> collection * * @param lg * @param groups */ private void collectContainers(LayerGroupSummary lg, Set<LayerGroupSummary> groups) { if (!groups.contains(lg)) { if (lg.getMode() != LayerGroupInfo.Mode.SINGLE) { groups.add(lg); } for (LayerGroupSummary container : lg.containerGroups) { collectContainers(container, groups); } } }
private Set<String> containerNamesForResource(QName name) { Collection<LayerGroupSummary> summaries = cc.getContainerGroupsFor(getResource(name)); return summaries.stream().map(gs -> gs.prefixedName()).collect(Collectors.toSet()); }
/** * Returns all groups containing directly or indirectly containing the resource * * @param resource * @return */ public Collection<LayerGroupSummary> getContainerGroupsFor(ResourceInfo resource) { String id = resource.getId(); Set<LayerGroupSummary> groups = resourceContainmentCache.get(id); if (groups == null) { return Collections.emptyList(); } Set<LayerGroupSummary> result = new HashSet<>(); for (LayerGroupSummary lg : groups) { collectContainers(lg, result); } return result; }
groupsCache.getContainerGroupsFor(layerGroup); if (directContainers.isEmpty()) { allowAccess = true;
@Before public void setupLayerGrups() throws Exception { LayerInfo lakes = catalog.getLayerByName(getLayerId(MockData.LAKES)); LayerInfo forests = catalog.getLayerByName(getLayerId(MockData.FORESTS)); LayerInfo roads = catalog.getLayerByName(getLayerId(MockData.ROAD_SEGMENTS)); WorkspaceInfo ws = catalog.getDefaultWorkspace(); this.nature = addLayerGroup(NATURE_GROUP, Mode.SINGLE, ws, lakes, forests); this.container = addLayerGroup(CONTAINER_GROUP, Mode.CONTAINER, null, nature, roads); cc = new LayerGroupContainmentCache(catalog); }
/** * Returns all groups containing directly or indirectly the specified group, and relevant for * security (e.g., anything but {@link LayerGroupInfo.Mode#SINGLE} ones * * @param lg * @return */ public Collection<LayerGroupSummary> getContainerGroupsFor(LayerGroupInfo lg) { String id = lg.getId(); if (id == null) { return Collections.emptyList(); } LayerGroupSummary summary = groupCache.get(id); if (summary == null) { return Collections.emptyList(); } Set<LayerGroupSummary> result = new HashSet<>(); for (LayerGroupSummary container : summary.getContainerGroups()) { collectContainers(container, result); } return result; }
Collection<LayerGroupSummary> containers = groupsCache.getContainerGroupsFor(resource); if (containers.isEmpty()) { return rulesAllowAccess;
@Test public void testInitialSetup() throws Exception { // nature Collection<LayerGroupSummary> natureContainers = cc.getContainerGroupsFor(nature); assertEquals(1, natureContainers.size()); assertThat(natureContainers, contains(new LayerGroupSummary(container))); LayerGroupSummary summary = natureContainers.iterator().next(); assertNull(summary.getWorkspace()); assertEquals(CONTAINER_GROUP, summary.getName()); assertThat(summary.getContainerGroups(), empty()); // container has no contaning groups assertThat(cc.getContainerGroupsFor(container), empty()); // now check the groups containing the layers (nature being SINGLE, not a container) assertThat(containerNamesForResource(MockData.LAKES), equalTo(set(CONTAINER_GROUP))); assertThat(containerNamesForResource(MockData.FORESTS), equalTo(set(CONTAINER_GROUP))); assertThat( containerNamesForResource(MockData.ROAD_SEGMENTS), equalTo(set(CONTAINER_GROUP))); }