DataAccessLimits buildLimits( Class<? extends ResourceInfo> resourceClass, Filter readFilter, Filter writeFilter) { CatalogMode mode = delegate.getMode(); // allow the secure catalog to avoid any kind of wrapping if there are no limits if ((readFilter == null || readFilter == Filter.INCLUDE) && (writeFilter == null || writeFilter == Filter.INCLUDE || WMSLayerInfo.class.isAssignableFrom(resourceClass) || WMTSLayerInfo.class.isAssignableFrom(resourceClass) || CoverageInfo.class.isAssignableFrom(resourceClass))) { return null; } // build the appropriate limit class if (FeatureTypeInfo.class.isAssignableFrom(resourceClass)) { return new VectorAccessLimits(mode, null, readFilter, null, writeFilter); } else if (CoverageInfo.class.isAssignableFrom(resourceClass)) { return new CoverageAccessLimits(mode, readFilter, null, null); } else if (WMSLayerInfo.class.isAssignableFrom(resourceClass)) { return new WMSAccessLimits(mode, readFilter, null, true); } else if (WMTSLayerInfo.class.isAssignableFrom(resourceClass)) { return new WMTSAccessLimits(mode, readFilter, null); } else { LOGGER.log( Level.INFO, "Warning, adapting to generic access limits for unrecognized resource type " + resourceClass); return new DataAccessLimits(mode, readFilter); } }
private DataAccessLimits hide(ResourceInfo info) { if (info instanceof FeatureTypeInfo) { return new VectorAccessLimits( CatalogMode.HIDE, null, Filter.EXCLUDE, null, Filter.EXCLUDE); } else if (info instanceof CoverageInfo) { return new CoverageAccessLimits(CatalogMode.HIDE, Filter.EXCLUDE, null, null); } else if (info instanceof WMSLayerInfo) { return new WMSAccessLimits(CatalogMode.HIDE, Filter.EXCLUDE, null, false); } else { // TODO: Log warning about unknown resource type return new DataAccessLimits(CatalogMode.HIDE, Filter.EXCLUDE); } }
DataAccessLimits buildLimits( Class<? extends ResourceInfo> resourceClass, Filter readFilter, Filter writeFilter) { CatalogMode mode = getMode(); // allow the secure catalog to avoid any kind of wrapping if there are no limits if ((readFilter == null || readFilter == Filter.INCLUDE) && (writeFilter == null || writeFilter == Filter.INCLUDE || WMSLayerInfo.class.isAssignableFrom(resourceClass) || WMTSLayerInfo.class.isAssignableFrom(resourceClass) || CoverageInfo.class.isAssignableFrom(resourceClass))) { return null; } // build the appropriate limit class if (FeatureTypeInfo.class.isAssignableFrom(resourceClass)) { return new VectorAccessLimits(mode, null, readFilter, null, writeFilter); } else if (CoverageInfo.class.isAssignableFrom(resourceClass)) { return new CoverageAccessLimits(mode, readFilter, null, null); } else if (WMSLayerInfo.class.isAssignableFrom(resourceClass)) { return new WMSAccessLimits(mode, readFilter, null, true); } else if (WMTSLayerInfo.class.isAssignableFrom(resourceClass)) { return new WMTSAccessLimits(mode, readFilter, null); } else { LOGGER.log( Level.INFO, "Warning, adapting to generic access limits for unrecognized resource type " + resourceClass); return new DataAccessLimits(mode, readFilter); } }
private WrapperPolicy buildPolicyForFeatureSource() { WrapperPolicy childPolicy; if (policy.getLimits() instanceof VectorAccessLimits) { childPolicy = policy; } else { final AccessLimits limits = policy.getLimits(); VectorAccessLimits vectorLimits = new VectorAccessLimits( limits.getMode(), null, Filter.INCLUDE, null, Filter.EXCLUDE); childPolicy = this.policy.derive(vectorLimits); } return childPolicy; }
protected VectorAccessLimits intersection(VectorAccessLimits a, VectorAccessLimits b) { if (a == null) return b; if (b == null) return a; CatalogMode mode = intersection(a.getMode(), b.getMode()); List<PropertyName> readAttributes = intersection(a.getReadAttributes(), b.getReadAttributes()); Filter readFilter = intersection(a.getReadFilter(), b.getReadFilter()); List<PropertyName> writeAttributes = intersection(a.getReadAttributes(), b.getReadAttributes()); Filter writeFilter = intersection(a.getWriteFilter(), b.getWriteFilter()); return new VectorAccessLimits( mode, readAttributes, readFilter, writeAttributes, writeFilter); }
public void testVectorAccessLimits() throws Exception { List<PropertyName> properties = new ArrayList<PropertyName>(); properties.add(ff.property("test")); VectorAccessLimits limits = new VectorAccessLimits(CatalogMode.MIXED, properties, filter, properties, filter); testObjectSerialization(limits); }
@Test public void testCountVisitorDelegation() throws SchemaException, IOException { FeatureVisitor visitor = new CountVisitor(); WrapperPolicy policy = WrapperPolicy.hide( new VectorAccessLimits(CatalogMode.HIDE, null, null, null, null)); assertOptimalVisit(visitor, policy); }
@Test public void testUpdateTwiceComplex() throws Exception { // build up the mock FeatureStore fs = createMock(FeatureStore.class); Name[] names = new Name[] {new NameImpl("foo")}; Object[] values = new Object[] {"abc"}; Filter filter = Filter.INCLUDE; fs.modifyFeatures(eq(names), eq(values), eq(filter)); expectLastCall().once(); replay(fs); VectorAccessLimits limits = new VectorAccessLimits( CatalogMode.HIDE, null, Filter.INCLUDE, null, Filter.INCLUDE); SecuredFeatureStore store = new SecuredFeatureStore(fs, WrapperPolicy.readWrite(limits)); store.modifyFeatures(names, values, filter); verify(fs); }
/** Add the users */ @Override protected void onSetUp(SystemTestData testData) throws Exception { super.onSetUp(testData); addUser("cite", "cite", null, Collections.singletonList("ROLE_DUMMY")); addUser("cite_mixed", "cite", null, Collections.singletonList("ROLE_DUMMY")); // populate the access manager TestResourceAccessManager tam = (TestResourceAccessManager) applicationContext.getBean("testResourceAccessManager"); Catalog catalog = getCatalog(); FeatureTypeInfo buildings = catalog.getFeatureTypeByName(getLayerId(SystemTestData.BUILDINGS)); // user in mixed mode tam.putLimits( "cite_mixed", buildings, new VectorAccessLimits( CatalogMode.MIXED, null, Filter.EXCLUDE, null, Filter.EXCLUDE)); }
@Test public void testUpdateTwiceSimple() throws Exception { // build up the mock SimpleFeatureStore fs = createMock(SimpleFeatureStore.class); String[] names = new String[] {"foo"}; Object[] values = new Object[] {"abc"}; Filter filter = Filter.INCLUDE; fs.modifyFeatures(eq(names), eq(values), eq(filter)); expectLastCall().once(); replay(fs); VectorAccessLimits limits = new VectorAccessLimits( CatalogMode.HIDE, null, Filter.INCLUDE, null, Filter.INCLUDE); SecuredSimpleFeatureStore store = new SecuredSimpleFeatureStore(fs, WrapperPolicy.readWrite(limits)); store.modifyFeatures(names, values, filter); verify(fs); } }
"cite_readfilter", buildings, new VectorAccessLimits(CatalogMode.HIDE, null, fid113, null, null)); "cite_readatts", buildings, new VectorAccessLimits(CatalogMode.HIDE, readAtts, fid113, null, null)); "cite_readattsnf", buildings, new VectorAccessLimits( CatalogMode.HIDE, readAtts, Filter.INCLUDE, null, Filter.INCLUDE)); "cite_insertfilter", buildings, new VectorAccessLimits(CatalogMode.HIDE, null, null, null, restrictedStreet)); "cite_writefilter", buildings, new VectorAccessLimits(CatalogMode.HIDE, null, null, null, fid113)); "cite_writeatts", buildings, new VectorAccessLimits(CatalogMode.HIDE, null, null, writeAtts, null)); "cite_mixed", buildings, new VectorAccessLimits( CatalogMode.MIXED, null, Filter.EXCLUDE, null, Filter.EXCLUDE));
@Test public void testMaxVisitorDelegation() throws SchemaException, IOException { MaxVisitor visitor = new MaxVisitor(CommonFactoryFinder.getFilterFactory2().property("value")); WrapperPolicy policy = WrapperPolicy.hide( new VectorAccessLimits(CatalogMode.HIDE, null, null, null, null)); assertOptimalVisit(visitor, policy); }
@Test public void testMaxOnHiddenField() throws SchemaException, IOException { MaxVisitor visitor = new MaxVisitor(CommonFactoryFinder.getFilterFactory2().property("value")); PropertyName geom = CommonFactoryFinder.getFilterFactory2().property("the_geom"); WrapperPolicy policy = WrapperPolicy.hide( new VectorAccessLimits( CatalogMode.HIDE, Arrays.asList(geom), null, null, null)); SecuredSimpleFeatureCollection secured = new SecuredSimpleFeatureCollection(collection, policy); secured.accepts(visitor, null); assertNull(lastVisitor); }
return new VectorAccessLimits( catalogMode, readAttributes, readFilter, writeAttributes, writeFilter); } else if (resource instanceof CoverageInfo) {
return new VectorAccessLimits( catalogMode, readAttributes, readFilter, writeAttributes, writeFilter); } else if (resource instanceof CoverageInfo) {
FeatureTypeInfo createMockFeatureType( String name, WorkspaceInfo ws, CatalogMode mode, Filter mockFilter, boolean read, boolean write) { DataStoreInfo mockStoreInfo = createMock(DataStoreInfo.class); FeatureTypeInfo mockFTInfo = createMock(FeatureTypeInfo.class); expect(mockFTInfo.getName()).andStubReturn(name); expect(mockFTInfo.getStore()).andStubReturn(mockStoreInfo); expect(mockStoreInfo.getWorkspace()).andStubReturn(ws); replay(mockStoreInfo); expect(manager.getAccessLimits(eq(anonymous), eq(mockFTInfo))) .andStubReturn(new VectorAccessLimits(mode, null, null, null, null)); expect(mockFilter.evaluate(mockFTInfo)) .andStubReturn(read || mode == CatalogMode.CHALLENGE); return mockFTInfo; }