Repository: airavata Updated Branches: refs/heads/develop 83b1321dd -> 0d5b05277
changing strings to Constants Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/0d5b0527 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/0d5b0527 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/0d5b0527 Branch: refs/heads/develop Commit: 0d5b052772827bd265676ed02100852b7c129811 Parents: 83b1321 Author: scnakandala <[email protected]> Authored: Thu Jul 7 03:15:49 2016 -0400 Committer: scnakandala <[email protected]> Committed: Thu Jul 7 03:15:49 2016 -0400 ---------------------------------------------------------------------- .../server/handler/AiravataServerHandler.java | 49 +++++++++++--------- 1 file changed, 28 insertions(+), 21 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/airavata/blob/0d5b0527/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java ---------------------------------------------------------------------- diff --git a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java index 55c6392..e43ff4a 100644 --- a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java +++ b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java @@ -629,10 +629,11 @@ public class AiravataServerHandler implements Airavata.Iface { } Project existingProject = (Project) experimentCatalog.get(ExperimentCatalogModelType.PROJECT, projectId); - if(!authzToken.getClaimsMap().get("userName").equals(existingProject.getOwner()) - || !authzToken.getClaimsMap().get("gatewayId").equals(existingProject.getGatewayId())){ + if(!authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME).equals(existingProject.getOwner()) + || !authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID).equals(existingProject.getGatewayId())){ try { - if(!hasPermission(authzToken.getClaimsMap().get("userName")+"@"+authzToken.getClaimsMap().get("gatewayId"), + if(!hasPermission(authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME) + +"@"+authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID), existingProject.getProjectID(), ResourceType.PROJECT, ResourcePermissionType.WRITE)){ throw new AuthorizationException("User does not have permission to access this resource"); } @@ -668,10 +669,11 @@ public class AiravataServerHandler implements Airavata.Iface { } Project existingProject = (Project) experimentCatalog.get(ExperimentCatalogModelType.PROJECT, projectId); - if(!authzToken.getClaimsMap().get("userName").equals(existingProject.getOwner()) - || !authzToken.getClaimsMap().get("gatewayId").equals(existingProject.getGatewayId())){ + if(!authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME).equals(existingProject.getOwner()) + || !authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID).equals(existingProject.getGatewayId())){ try { - if(!hasPermission(authzToken.getClaimsMap().get("userName")+"@"+authzToken.getClaimsMap().get("gatewayId"), + if(!hasPermission(authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME) + +"@"+authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID), existingProject.getProjectID(), ResourceType.PROJECT, ResourcePermissionType.WRITE)){ throw new AuthorizationException("User does not have permission to access this resource"); } @@ -719,12 +721,13 @@ public class AiravataServerHandler implements Airavata.Iface { logger.debug("Airavata retrieved project with project Id : " + projectId ); Project project = (Project) experimentCatalog.get(ExperimentCatalogModelType.PROJECT, projectId); - if(authzToken.getClaimsMap().get("userName").equals(project.getOwner()) - && authzToken.getClaimsMap().get("gatewayId").equals(project.getGatewayId())){ + if(authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME).equals(project.getOwner()) + && authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID).equals(project.getGatewayId())){ return project; }else{ try { - if(hasPermission(authzToken.getClaimsMap().get("userName")+"@"+authzToken.getClaimsMap().get("gatewayId"), + if(hasPermission(authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME) + +"@"+authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID), project.getProjectID(), ResourceType.PROJECT, ResourcePermissionType.READ)){ return project; }else { @@ -1055,10 +1058,11 @@ public class AiravataServerHandler implements Airavata.Iface { } Project project = (Project) experimentCatalog.get(ExperimentCatalogModelType.PROJECT, projectId); - if(!authzToken.getClaimsMap().get("userName").equals(project.getOwner()) - || !authzToken.getClaimsMap().get("gatewayId").equals(project.getGatewayId())){ + if(!authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME).equals(project.getOwner()) + || !authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID).equals(project.getGatewayId())){ try { - if(!hasPermission(authzToken.getClaimsMap().get("userName")+"@"+authzToken.getClaimsMap().get("gatewayId"), + if(!hasPermission(authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME) + +"@"+authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID), project.getProjectID(), ResourceType.PROJECT, ResourcePermissionType.READ)){ throw new AuthorizationException("User does not have permission to access this resource"); } @@ -1244,10 +1248,11 @@ public class AiravataServerHandler implements Airavata.Iface { } ExperimentModel experimentModel = (ExperimentModel) experimentCatalog.get(ExperimentCatalogModelType.EXPERIMENT, experimentId); - if(!authzToken.getClaimsMap().get("userName").equals(experimentModel.getUserName()) - || !authzToken.getClaimsMap().get("gatewayId").equals(experimentModel.getGatewayId())){ + if(!authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME).equals(experimentModel.getUserName()) + || !authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID).equals(experimentModel.getGatewayId())){ try { - if(! hasPermission(authzToken.getClaimsMap().get("userName")+"@"+authzToken.getClaimsMap().get("gatewayId"), + if(! hasPermission(authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME) + +"@"+authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID), experimentModel.getExperimentId(), ResourceType.EXPERIMENT, ResourcePermissionType.WRITE)){ throw new AuthorizationException("User does not have permission to access this resource"); } @@ -1299,12 +1304,13 @@ public class AiravataServerHandler implements Airavata.Iface { public ExperimentModel getExperiment(AuthzToken authzToken, String airavataExperimentId) throws InvalidRequestException, ExperimentNotFoundException, AiravataClientException, AiravataSystemException, AuthorizationException, TException { ExperimentModel experimentModel = getExperimentInternal(airavataExperimentId); - if(authzToken.getClaimsMap().get("userName").equals(experimentModel.getUserName()) - && authzToken.getClaimsMap().get("gatewayId").equals(experimentModel.getGatewayId())){ + if(authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME).equals(experimentModel.getUserName()) + && authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID).equals(experimentModel.getGatewayId())){ return experimentModel; }else{ try { - if(hasPermission(authzToken.getClaimsMap().get("userName")+"@"+authzToken.getClaimsMap().get("gatewayId"), + if(hasPermission(authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME) + +"@"+authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID), experimentModel.getExperimentId(), ResourceType.EXPERIMENT, ResourcePermissionType.READ)){ return experimentModel; }else { @@ -1441,10 +1447,11 @@ public class AiravataServerHandler implements Airavata.Iface { } ExperimentModel experimentModel = (ExperimentModel) experimentCatalog.get(ExperimentCatalogModelType.EXPERIMENT, airavataExperimentId); - if(!authzToken.getClaimsMap().get("userName").equals(experimentModel.getUserName()) - || !authzToken.getClaimsMap().get("gatewayId").equals(experimentModel.getGatewayId())){ + if(!authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME).equals(experimentModel.getUserName()) + || !authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID).equals(experimentModel.getGatewayId())){ try { - if(! hasPermission(authzToken.getClaimsMap().get("userName")+"@"+authzToken.getClaimsMap().get("gatewayId"), + if(! hasPermission(authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME) + +"@"+authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID), experimentModel.getExperimentId(), ResourceType.EXPERIMENT, ResourcePermissionType.WRITE)){ throw new AuthorizationException("User does not have permission to access this resource"); }
