/** * Creates a principal-like sid from the authentication information. * * @param authentication the authentication information that can provide principal and * thus the sid's id will be dependant on the value inside * @return a sid with the ID taken from the authentication information */ protected Sid createCurrentUser(Authentication authentication) { return new PrincipalSid(authentication); }
@Override public boolean equals(Object object) { if ((object == null) || !(object instanceof PrincipalSid)) { return false; } // Delegate to getPrincipal() to perform actual comparison (both should be // identical) return ((PrincipalSid) object).getPrincipal().equals(this.getPrincipal()); }
@Test public void testPrincipalSidHashCode() throws Exception { Authentication authentication = new TestingAuthenticationToken("johndoe", "password"); Sid principalSid = new PrincipalSid(authentication); assertThat(principalSid.hashCode()).isEqualTo("johndoe".hashCode()); assertThat(principalSid.hashCode()).isEqualTo( new PrincipalSid("johndoe").hashCode()); assertThat(principalSid.hashCode()).isNotEqualTo( new PrincipalSid("scott").hashCode()); assertThat(principalSid.hashCode()).isNotEqualTo(new PrincipalSid( new TestingAuthenticationToken("scott", "password")).hashCode()); }
@Test public void testGetters() throws Exception { Authentication authentication = new TestingAuthenticationToken("johndoe", "password"); PrincipalSid principalSid = new PrincipalSid(authentication); GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST"); GrantedAuthoritySid gaSid = new GrantedAuthoritySid(ga); assertThat("johndoe".equals(principalSid.getPrincipal())).isTrue(); assertThat("scott".equals(principalSid.getPrincipal())).isFalse(); assertThat("ROLE_TEST".equals(gaSid.getGrantedAuthority())).isTrue(); assertThat("ROLE_TEST2".equals(gaSid.getGrantedAuthority())).isFalse(); } }
@Override public int hashCode() { int result = super.hashCode(); result = 31 * result + (tenantId != null ? tenantId.hashCode() : 0); return result; }
@Override public boolean equals(final Object o) { if (this == o) return true; if (!(o instanceof TenantPrincipalSid)) return false; if (!super.equals(o)) return false; final TenantPrincipalSid that = (TenantPrincipalSid) o; if (tenantId != null ? !tenantId.equals(that.tenantId) : that.tenantId != null) return false; return true; }
private String getPrincipalSidTenant(List<Sid> sids) throws IllegalStateException { //first we need detect current principal tenant for using it with // GrantedAuthority which does not contains tenantId PrincipalSid principalSid = null; for(int sidIndex = 0; sidIndex < sids.size(); ++sidIndex) { final Sid sid = sids.get(sidIndex); if(sid instanceof PrincipalSid) { if(principalSid != null && !principalSid.equals(sid)) { throw new IllegalStateException("We found more than one PrincipalSid: " + principalSid + " and " + sid); } principalSid = (PrincipalSid)sid; } } if(principalSid == null) { throw new IllegalStateException("We can not find PrincipalSid"); } String tenant = getTenantFromSid(principalSid); if(tenant == MultiTenancySupport.NO_TENANT) { throw new IllegalStateException("No 'tenant' found in PrincipalSid"); } return tenant; }
private Sid getCurrentSid() { return new PrincipalSid(SecurityContextHolder.getContext().getAuthentication()); }
@Override public int hashCode() { return this.getPrincipal().hashCode(); }
public Sid getSidObj() { if (sidObj == null) { sidObj = isPrincipal ? new PrincipalSid(sid) : new GrantedAuthoritySid(sid); } return sidObj; } }
private Set<String> getUsersInPrj(List<Sid> allSids) throws IOException { Set<String> allUsers = new TreeSet<>(); for (Sid sid : allSids) { if (sid instanceof PrincipalSid) { allUsers.add(((PrincipalSid) sid).getPrincipal()); } } return allUsers; }
@Override public Sid getSid() { if (sid == null) { if (sidOfPrincipal != null) sid = new PrincipalSid(sidOfPrincipal); else if (sidOfAuthority != null) sid = new GrantedAuthoritySid(sidOfAuthority); else throw new IllegalStateException(); } return sid; }
private static String getName(Sid sid) { if (sid instanceof PrincipalSid) { return ((PrincipalSid) sid).getPrincipal(); } else { return ((GrantedAuthoritySid) sid).getGrantedAuthority(); } }
public Sid getSid(String sid, boolean isPrincepal) { if (isPrincepal) { return new PrincipalSid(sid); } else { return new GrantedAuthoritySid(sid); } }
public SidInfo(Sid sid) { if (sid instanceof PrincipalSid) { this.sid = ((PrincipalSid) sid).getPrincipal(); this.isPrincipal = true; } else if (sid instanceof GrantedAuthoritySid) { this.sid = ((GrantedAuthoritySid) sid).getGrantedAuthority(); this.isPrincipal = false; } else throw new IllegalStateException(); }
public List<Sid> getSids(Authentication authentication) { Collection<? extends GrantedAuthority> authorities = roleHierarchy .getReachableGrantedAuthorities(authentication.getAuthorities()); List<Sid> sids = new ArrayList<>(authorities.size() + 1); sids.add(new PrincipalSid(authentication)); for (GrantedAuthority authority : authorities) { sids.add(new GrantedAuthoritySid(authority)); } return sids; } }
/** * Retrieves the primary key from acl_sid, creating a new row if needed and the * allowCreate property is true. * * @param sid to find or create * @param allowCreate true if creation is permitted if not found * * @return the primary key or null if not found * * @throws IllegalArgumentException if the <tt>Sid</tt> is not a recognized * implementation. */ protected Long createOrRetrieveSidPrimaryKey(Sid sid, boolean allowCreate) { Assert.notNull(sid, "Sid required"); String sidName; boolean sidIsPrincipal = true; if (sid instanceof PrincipalSid) { sidName = ((PrincipalSid) sid).getPrincipal(); } else if (sid instanceof GrantedAuthoritySid) { sidName = ((GrantedAuthoritySid) sid).getGrantedAuthority(); sidIsPrincipal = false; } else { throw new IllegalArgumentException("Unsupported implementation of Sid"); } return createOrRetrieveSidPrimaryKey(sidName, sidIsPrincipal, allowCreate); }
/** * Creates a particular implementation of {@link Sid} depending on the arguments. * * @param sid the name of the sid representing its unique identifier. In typical ACL * database schema it's located in table {@code acl_sid} table, {@code sid} column. * @param isPrincipal whether it's a user or granted authority like role * @return the instance of Sid with the {@code sidName} as an identifier */ protected Sid createSid(boolean isPrincipal, String sid) { if (isPrincipal) { return new PrincipalSid(sid); } else { return new GrantedAuthoritySid(sid); } }
public List<String> getAllAclSids(Acl acl, String type) { if (null == acl) { return Collections.emptyList(); } List<String> result = new ArrayList<>(); for (AccessControlEntry ace : acl.getEntries()) { String name = null; if (type.equalsIgnoreCase(MetadataConstants.TYPE_USER) && ace.getSid() instanceof PrincipalSid) { name = ((PrincipalSid) ace.getSid()).getPrincipal(); } if (type.equalsIgnoreCase(MetadataConstants.TYPE_GROUP) && ace.getSid() instanceof GrantedAuthoritySid) { name = ((GrantedAuthoritySid) ace.getSid()).getGrantedAuthority(); } if (!StringUtils.isBlank(name)) { result.add(name); } } return result; }
public MutableAcl createAcl(ObjectIdentity objectIdentity) throws AlreadyExistsException { Assert.notNull(objectIdentity, "Object Identity required"); // Check this object identity hasn't already been persisted if (retrieveObjectIdentityPrimaryKey(objectIdentity) != null) { throw new AlreadyExistsException("Object identity '" + objectIdentity + "' already exists"); } // Need to retrieve the current principal, in order to know who "owns" this ACL // (can be changed later on) Authentication auth = SecurityContextHolder.getContext().getAuthentication(); PrincipalSid sid = new PrincipalSid(auth); // Create the acl_object_identity row createObjectIdentity(objectIdentity, sid); // Retrieve the ACL via superclass (ensures cache registration, proper retrieval // etc) Acl acl = readAclById(objectIdentity); Assert.isInstanceOf(MutableAcl.class, acl, "MutableAcl should be been returned"); return (MutableAcl) acl; }