@Override public XSPReply logout() { CONTEXT.remove(); return XSPReplySuccess.instance(); }
@Override public XSPReply delete(String identifier) { synchronized (connectorsById) { Registration registration = connectorsById.remove(identifier); if (registration == null) return new XSPReplyFailure("No connector for the specified identifier"); registration.refAsDomainConnector.unregister(); registration.refAsServedService.unregister(); return XSPReplySuccess.instance(); } }
@Override public XSPReply authenticate(PlatformUser user) { PlatformUser previous = CONTEXT.get(); if (previous == null) { // not authenticated yet CONTEXT.set(user); return XSPReplySuccess.instance(); } XSPReply reply = checkAction(ACTION_CHANGE_ID); if (!reply.isSuccess()) return reply; CONTEXT.set(user); return XSPReplySuccess.instance(); }
@Override public XSPReply checkAction(SecurityService securityService, SecuredAction action) { PlatformUser user = securityService.getCurrentUser(); if (user == null) return XSPReplyUnauthenticated.instance(); return XSPReplySuccess.instance(); }
@Override public XSPReply checkAction(SecurityService securityService, SecuredAction action, Object data) { PlatformUser user = securityService.getCurrentUser(); if (user == null) return XSPReplyUnauthenticated.instance(); return XSPReplySuccess.instance(); }
@Override public XSPReply delete(String identifier) { StringWriter writer = new StringWriter(); writer.write("DELETE WHERE { GRAPH <"); writer.write(IOUtils.escapeAbsoluteURIW3C(KernelSchema.GRAPH_ARTIFACTS)); writer.write("> { <"); writer.write(IOUtils.escapeAbsoluteURIW3C(identifier)); writer.write("> ?p ?o } }; DROP SILENT GRAPH <"); writer.write(IOUtils.escapeAbsoluteURIW3C(identifier)); writer.write(">"); Result result = sparql(writer.toString()); if (result.isSuccess()) return XSPReplySuccess.instance(); return new XSPReplyFailure(((ResultFailure) result).getMessage()); }
/** * Launches the platform for a new platform instance * * @param instance The instance being provisioned * @return The protocol reply */ private XSPReply provisionLaunchPlatform(RemoteCollaborationManaged instance) { File instanceDirectory = new File(storageInstances, instance.getIdentifier()); File adminScript = new File(instanceDirectory, "admin.sh"); ProcessBuilder processBuilder = new ProcessBuilder("sh", adminScript.getAbsolutePath(), "start"); processBuilder.directory(instanceDirectory); try { Process process = processBuilder.start(); process.waitFor(); } catch (IOException | InterruptedException exception) { Logging.get().error(exception); return new XSPReplyException(exception); } return XSPReplySuccess.instance(); } }
@Override public XSPReply restart() { SecurityService securityService = Register.getComponent(SecurityService.class); if (securityService == null) return XSPReplyServiceUnavailable.instance(); XSPReply reply = securityService.checkAction(ACTION_RESTART); if (!reply.isSuccess()) return reply; Thread thread = new Thread(new Runnable() { @Override public void run() { System.exit(PLATFORM_EXIT_RESTART); } }, KernelPlatformManagementService.class.getCanonicalName() + ".ThreadRestart"); thread.start(); return XSPReplySuccess.instance(); }
@Override public XSPReply shutdown() { SecurityService securityService = Register.getComponent(SecurityService.class); if (securityService == null) return XSPReplyServiceUnavailable.instance(); XSPReply reply = securityService.checkAction(ACTION_SHUTDOWN); if (!reply.isSuccess()) return reply; Thread thread = new Thread(new Runnable() { @Override public void run() { System.exit(PLATFORM_EXIT_NORMAL); } }, KernelPlatformManagementService.class.getCanonicalName() + ".ThreadShutdown"); thread.start(); return XSPReplySuccess.instance(); }
/** * Serializes the manifest for this collaboration * * @return The protocol reply */ private XSPReply serializeManifest() { try (Writer writer = IOUtils.getWriter(fileManifest)) { writer.write(manifest.serializedJSON()); writer.flush(); return XSPReplySuccess.instance(); } catch (IOException exception) { Logging.get().error(exception); return new XSPReplyException(exception); } }
/** * Write the current configuration to the storage * * @return The protocol reply */ private XSPReply writeBack() { try (Writer writer = IOUtils.getWriter(storage)) { writer.write(serializedJSON()); writer.flush(); } catch (IOException exception) { Logging.get().error(exception); return new XSPReplyException(exception); } return XSPReplySuccess.instance(); }
@Override public XSPReply store(Artifact artifact) { Collection<Quad> metadata = artifact.getMetadata(); if (metadata == null || metadata.isEmpty()) return new XSPReplyFailure("Invalid artifact (empty metadata)"); Collection<Quad> content = artifact.getContent(); if (content == null) return new XSPReplyFailure("Failed to fetch the artifact's content"); StringWriter writer = new StringWriter(); writer.write("INSERT DATA { GRAPH <"); writer.write(IOUtils.escapeAbsoluteURIW3C(KernelSchema.GRAPH_ARTIFACTS)); writer.write("> { "); NTripleSerializer serializer = new NTripleSerializer(writer); serializer.serialize(Logger.DEFAULT, metadata.iterator()); writer.write(" } }; INSERT DATA { GRAPH <"); writer.write(IOUtils.escapeAbsoluteURIW3C(artifact.getIdentifier())); writer.write("> {"); serializer.serialize(Logger.DEFAULT, content.iterator()); writer.write(" } }"); Result result = sparql(writer.toString()); if (result.isSuccess()) return XSPReplySuccess.instance(); return new XSPReplyFailure(((ResultFailure) result).getMessage()); }
/** * Writes the platform instance descriptor * * @param instance The platform instance * @return The protocol reply */ private XSPReply provisionWriteDescriptor(RemoteCollaborationManaged instance) { File fileDescriptor = new File(storageInstances, instance.getIdentifier() + ".json"); try (Writer writer = IOUtils.getWriter(fileDescriptor)) { writer.write(instance.getDescriptor().serializedJSON()); writer.flush(); } catch (IOException exception) { Logging.get().error(exception); return new XSPReplyException(exception); } return XSPReplySuccess.instance(); }
@Override public XSPReply renameUser(String identifier, String name) { // check authorization SecurityService securityService = Register.getComponent(SecurityService.class); if (securityService == null) return XSPReplyServiceUnavailable.instance(); PlatformUser userObject = getUser(identifier); if (userObject == null) return new XSPReplyApiError(ERROR_INVALID_USER, identifier); XSPReply reply = securityService.getPolicy().checkAction(securityService, SecurityService.ACTION_RENAME_USER, userObject); if (!reply.isSuccess()) return reply; synchronized (cacheUsers) { Map<String, Node> parameters = new HashMap<>(); parameters.put("entity", nodes.getIRINode(USERS + identifier)); parameters.put("newName", nodes.getLiteralNode(name, Vocabulary.xsdString, null)); reply = database.executeStoredProcedure(procedures.get("procedure-rename-entity"), new BaseStoredProcedureContext(Collections.<String>emptyList(), Collections.<String>emptyList(), parameters)); if (!reply.isSuccess()) return reply; cacheUsers.remove(identifier); return XSPReplySuccess.instance(); } }
@Override public XSPReply renameRole(String identifier, String name) { // check authorization SecurityService securityService = Register.getComponent(SecurityService.class); if (securityService == null) return XSPReplyServiceUnavailable.instance(); PlatformRole roleObject = getRole(identifier); if (roleObject == null) return new XSPReplyApiError(ERROR_INVALID_ROLE, identifier); XSPReply reply = securityService.getPolicy().checkAction(securityService, SecurityService.ACTION_RENAME_ROLE, roleObject); if (!reply.isSuccess()) return reply; synchronized (cacheRoles) { // rename the entity Map<String, Node> parameters = new HashMap<>(); parameters.put("entity", nodes.getIRINode(ROLES + identifier)); parameters.put("newName", nodes.getLiteralNode(name, Vocabulary.xsdString, null)); reply = database.executeStoredProcedure(procedures.get("procedure-rename-entity"), new BaseStoredProcedureContext(Collections.<String>emptyList(), Collections.<String>emptyList(), parameters)); if (!reply.isSuccess()) return reply; cacheRoles.remove(identifier); return XSPReplySuccess.instance(); } }
@Override public XSPReply renameGroup(String identifier, String name) { // check authorization SecurityService securityService = Register.getComponent(SecurityService.class); if (securityService == null) return XSPReplyServiceUnavailable.instance(); PlatformGroup groupObject = getGroup(identifier); if (groupObject == null) return new XSPReplyApiError(ERROR_INVALID_GROUP, identifier); XSPReply reply = securityService.getPolicy().checkAction(securityService, SecurityService.ACTION_RENAME_GROUP, groupObject); if (!reply.isSuccess()) return reply; synchronized (cacheGroups) { // rename the entity Map<String, Node> parameters = new HashMap<>(); parameters.put("entity", nodes.getIRINode(GROUPS + identifier)); parameters.put("newName", nodes.getLiteralNode(name, Vocabulary.xsdString, null)); reply = database.executeStoredProcedure(procedures.get("procedure-rename-entity"), new BaseStoredProcedureContext(Collections.<String>emptyList(), Collections.<String>emptyList(), parameters)); if (!reply.isSuccess()) return reply; cacheGroups.remove(identifier); return XSPReplySuccess.instance(); } }
@Override public XSPReply checkAction(SecurityService securityService, SecuredAction action) { PlatformUser user = securityService.getCurrentUser(); if (user == null) // no user => un-authenticated return XSPReplyUnauthenticated.instance(); if (securityService.getRealm().checkHasRole(user.getIdentifier(), PlatformRoleAdmin.INSTANCE.getIdentifier())) // user is platform admin => authorized return XSPReplySuccess.instance(); // check the custom action policies SecuredActionPolicy policy = resolveConfig().getPolicyFor(action); if (policy != null && policy.isAuthorized(securityService, user, action)) return XSPReplySuccess.instance(); return XSPReplyUnauthorized.instance(); }
@Override public XSPReply checkAction(SecurityService securityService, SecuredAction action, Object data) { PlatformUser user = securityService.getCurrentUser(); if (user == null) // no user => un-authenticated return XSPReplyUnauthenticated.instance(); if (securityService.getRealm().checkHasRole(user.getIdentifier(), PlatformRoleAdmin.INSTANCE.getIdentifier())) // user is platform admin => authorized return XSPReplySuccess.instance(); // check the custom action policies SecuredActionPolicy policy = resolveConfig().getPolicyFor(action); if (policy != null && policy.isAuthorized(securityService, user, action, data)) return XSPReplySuccess.instance(); return XSPReplyUnauthorized.instance(); }
return XSPReplySuccess.instance();
@Override public XSPReply delete(String identifier) { SecurityService securityService = Register.getComponent(SecurityService.class); if (securityService == null) return XSPReplyServiceUnavailable.instance(); XSPReply reply = securityService.checkAction(ACTION_DELETE); if (!reply.isSuccess()) return reply; synchronized (connectorsById) { Registration registration = connectorsById.remove(identifier); if (registration == null) return XSPReplyNotFound.instance(); for (int i = 0; i != registration.references.length; i++) registration.references[i].unregister(); EventService eventService = Register.getComponent(EventService.class); if (eventService != null) eventService.onEvent(new ConnectorDeletedEvent(this, registration.service)); return XSPReplySuccess.instance(); } }