@Override public String toString() { return getName(); }
public OSecurityRole allow(final ORule.ResourceGeneric resourceGeneric, final String resourceSpecific, final int iOperation) { if (roles.isEmpty()) throw new OSecurityAccessException(getName(), "User '" + getName() + "' has no role defined"); final OSecurityRole role = checkIfAllowed(resourceGeneric, resourceSpecific, iOperation); if (role == null) throw new OSecurityAccessException(getName(), "User '" + getName() + "' does not have permission to execute the operation '" + ORole.permissionToString(iOperation) + "' against the resource: " + resourceGeneric + "." + resourceSpecific); return role; }
public OSecurityRole checkIfAllowed(final ORule.ResourceGeneric resourceGeneric, final String resourceSpecific, final int iOperation) { for (OImmutableRole r : roles) { if (r == null) OLogManager.instance().warn(this, "User '%s' has a null role, ignoring it. Consider fixing this user's roles before continuing", getName()); else if (r.allow(resourceGeneric, resourceSpecific, iOperation)) return r; } return null; }
public boolean isRuleDefined(final ORule.ResourceGeneric resourceGeneric, String resourceSpecific) { for (OImmutableRole r : roles) if (r == null) OLogManager.instance().warn(this, "User '%s' has a null role, ignoring it. Consider fixing this user's roles before continuing", getName()); else if (r.hasRule(resourceGeneric, resourceSpecific)) return true; return false; }
public void internalOpen(final String iUserName, final String iUserPassword, boolean checkPassword) { try { OSecurity security = metadata.getSecurity(); if (user == null || user.getVersion() != security.getVersion() || !user.getName().equalsIgnoreCase(iUserName)) { final OUser usr; if (checkPassword) { usr = security.authenticate(iUserName, iUserPassword); } else { usr = security.getUser(iUserName); } if (usr != null) user = new OImmutableUser(security.getVersion(), usr); else user = null; checkSecurity(ORule.ResourceGeneric.DATABASE, ORole.PERMISSION_READ); } } catch (OException e) { ODatabaseRecordThreadLocal.instance().remove(); throw e; } catch (Exception e) { ODatabaseRecordThreadLocal.instance().remove(); throw OException.wrapException(new ODatabaseException("Cannot open database url=" + getURL()), e); } }
public void reloadUser() { if (user != null) { activateOnCurrentThread(); if (user.checkIfAllowed(ORule.ResourceGeneric.CLASS, OUser.CLASS_NAME, ORole.PERMISSION_READ) != null) { OMetadata metadata = getMetadata(); if (metadata != null) { final OSecurity security = metadata.getSecurity(); OUser secGetUser = security.getUser(user.getName()); if (secGetUser != null) user = new OImmutableUser(security.getVersion(), secGetUser); else user = new OImmutableUser(-1, new OUser()); } else user = new OImmutableUser(-1, new OUser()); } } }