This is an automated email from the ASF dual-hosted git repository. alexoree pushed a commit to branch feature/JUDDI-558 in repository https://gitbox.apache.org/repos/asf/juddi.git
commit 2601a2ed44c9a47b3e0a0919f707e59fac717807 Author: Alex O'Ree <[email protected]> AuthorDate: Sat Jun 15 16:23:40 2019 -0400 FGSMS-558 initial commit, no where near done --- .../juddi/api/impl/AuthenticatedService.java | 4 +- .../org/apache/juddi/api/impl/UDDIInquiryImpl.java | 166 ++++++++++++++++----- .../apache/juddi/model/UddiEntityPublisher.java | 11 +- .../juddi/security/AccessControlException.java | 33 ++++ .../juddi/security/AccessControlFactory.java | 74 +++++++++ .../org/apache/juddi/security/AccessLevel.java | 46 ++++++ .../juddi/security/AllowAllAccessControlImpl.java | 84 +++++++++++ .../org/apache/juddi/security/IAccessControl.java | 57 +++++++ 8 files changed, 435 insertions(+), 40 deletions(-) diff --git a/juddi-core/src/main/java/org/apache/juddi/api/impl/AuthenticatedService.java b/juddi-core/src/main/java/org/apache/juddi/api/impl/AuthenticatedService.java index de25edc..4c9a1e6 100644 --- a/juddi-core/src/main/java/org/apache/juddi/api/impl/AuthenticatedService.java +++ b/juddi-core/src/main/java/org/apache/juddi/api/impl/AuthenticatedService.java @@ -17,8 +17,6 @@ package org.apache.juddi.api.impl; import java.util.Date; -import java.util.logging.Level; -import java.util.logging.Logger; import javax.annotation.Resource; import javax.persistence.EntityManager; @@ -61,7 +59,7 @@ public abstract class AuthenticatedService { public static final String UTF8 = "UTF-8"; public static final int AUTHTOKEN_ACTIVE = 1; public static final int AUTHTOKEN_RETIRED = 0; - static final Log logger = LogFactory.getLog(AuthenticatedService.class); + protected static final Log logger = LogFactory.getLog(AuthenticatedService.class); /** * the node id of this server instance, as loaded from the config file */ diff --git a/juddi-core/src/main/java/org/apache/juddi/api/impl/UDDIInquiryImpl.java b/juddi-core/src/main/java/org/apache/juddi/api/impl/UDDIInquiryImpl.java index 701f5f8..925773a 100644 --- a/juddi-core/src/main/java/org/apache/juddi/api/impl/UDDIInquiryImpl.java +++ b/juddi-core/src/main/java/org/apache/juddi/api/impl/UDDIInquiryImpl.java @@ -20,8 +20,6 @@ package org.apache.juddi.api.impl; import java.io.File; import java.io.FileOutputStream; import java.util.List; -import java.util.logging.Level; -import java.util.logging.Logger; import javax.jws.WebService; import javax.persistence.EntityManager; import javax.persistence.EntityTransaction; @@ -35,6 +33,10 @@ import org.apache.juddi.config.AppConfig; import org.apache.juddi.config.PersistenceManager; import org.apache.juddi.config.Property; import org.apache.juddi.mapping.MappingModelToApi; +import org.apache.juddi.model.BindingTemplate; +import org.apache.juddi.model.UddiEntityPublisher; +import org.apache.juddi.security.AccessControlFactory; +import org.apache.juddi.security.AccessLevel; import org.apache.juddi.v3.error.ErrorMessage; import org.apache.juddi.v3.error.InvalidKeyPassedException; import org.apache.juddi.validation.ValidateInquiry; @@ -71,7 +73,7 @@ import org.uddi.v3_service.UDDIInquiryPortType; public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiryPortType { - private static Log log = LogFactory.getLog(UDDIInquiryImpl.class); + private static final Log log = LogFactory.getLog(UDDIInquiryImpl.class); private static boolean isLogRequestPayloads() { boolean result = false; @@ -124,6 +126,7 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry } + @Override public BindingDetail findBinding(FindBinding body) throws DispositionReportFaultMessage { long startTime = System.currentTimeMillis(); @@ -139,9 +142,9 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry EntityTransaction tx = em.getTransaction(); try { tx.begin(); - + UddiEntityPublisher entityPublisher=null; if (isAuthenticated()) - this.getEntityPublisher(em, body.getAuthInfo()); + entityPublisher = this.getEntityPublisher(em, body.getAuthInfo()); LogFindBindingRequest(body); if (body.getServiceKey() != null && body.getServiceKey().length() > 0) { @@ -167,7 +170,15 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry tx.rollback(); long procTime = System.currentTimeMillis() - startTime; serviceCounter.update(InquiryQuery.FIND_BINDING, QueryStatus.SUCCESS, procTime); - + if (isAuthenticated() && entityPublisher!=null) + { + List<org.uddi.api_v3.BindingTemplate> FilterBindingTemplates = + AccessControlFactory.getAccessControlInstance().filterBindingTemplates( + this.ctx, + entityPublisher.getAuthorizedName(), result.getBindingTemplate()); + result.getBindingTemplate().clear(); + result.getBindingTemplate().addAll(FilterBindingTemplates); + } return result; } finally { if (tx.isActive()) { @@ -178,6 +189,7 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry } + @Override public BusinessList findBusiness(FindBusiness body) throws DispositionReportFaultMessage { long startTime = System.currentTimeMillis(); @@ -201,9 +213,10 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry ex.printStackTrace(); } tx.begin(); - + UddiEntityPublisher entityPublisher=null; if (isAuthenticated()) - this.getEntityPublisher(em, body.getAuthInfo()); + entityPublisher = this.getEntityPublisher(em, body.getAuthInfo()); + LogFindBusinessRequest(body); org.apache.juddi.query.util.FindQualifiers findQualifiers = new org.apache.juddi.query.util.FindQualifiers(); findQualifiers.mapApiFindQualifiers(body.getFindQualifiers()); @@ -215,7 +228,17 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry tx.rollback(); long procTime = System.currentTimeMillis() - startTime; serviceCounter.update(InquiryQuery.FIND_BUSINESS, QueryStatus.SUCCESS, procTime); - + if (isAuthenticated() && entityPublisher!=null) + { + //TODO may need some NPE checks + List<org.uddi.api_v3.BusinessInfo> FilterBindingTemplates = + AccessControlFactory.getAccessControlInstance().filterBusinessInfo( + this.ctx, + entityPublisher.getAuthorizedName(), + result.getBusinessInfos().getBusinessInfo()); + result.getBusinessInfos().getBusinessInfo().clear(); + result.getBusinessInfos().getBusinessInfo().addAll(FilterBindingTemplates); + } return result; } finally { if (tx.isActive()) { @@ -241,9 +264,10 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry EntityTransaction tx = em.getTransaction(); try { tx.begin(); - +UddiEntityPublisher entityPublisher=null; if (isAuthenticated()) - this.getEntityPublisher(em, body.getAuthInfo()); + entityPublisher = this.getEntityPublisher(em, body.getAuthInfo()); + LogFindRelatedBusinessRequest(body); // TODO: findQualifiers aren't really used for this call, except maybe for sorting. Sorting must be done in Java due to the retrieval method used. Right now @@ -256,7 +280,16 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry tx.rollback(); long procTime = System.currentTimeMillis() - startTime; serviceCounter.update(InquiryQuery.FIND_RELATEDBUSINESSES, QueryStatus.SUCCESS, procTime); - + if (isAuthenticated() && entityPublisher!=null) + { + List<org.uddi.api_v3.RelatedBusinessInfo> FilterBindingTemplates = + AccessControlFactory.getAccessControlInstance().filtedRelatedBusinessInfos( + this.ctx, + entityPublisher.getAuthorizedName(), + result.getRelatedBusinessInfos().getRelatedBusinessInfo()); + result.getRelatedBusinessInfos().getRelatedBusinessInfo().clear(); + result.getRelatedBusinessInfos().getRelatedBusinessInfo().addAll(FilterBindingTemplates); + } return result; } finally { if (tx.isActive()) { @@ -282,16 +315,17 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry EntityTransaction tx = em.getTransaction(); try { tx.begin(); - + UddiEntityPublisher entityPublisher=null; if (isAuthenticated()) - this.getEntityPublisher(em, body.getAuthInfo()); + entityPublisher = this.getEntityPublisher(em, body.getAuthInfo()); + LogFindServiceRequest(body); org.apache.juddi.query.util.FindQualifiers findQualifiers = new org.apache.juddi.query.util.FindQualifiers(); findQualifiers.mapApiFindQualifiers(body.getFindQualifiers()); List<?> keysFound = InquiryHelper.findService(body, findQualifiers, em); - if (keysFound.size() == 0) { + if (keysFound.isEmpty()) { if (body.getBusinessKey() != null) { // Check that we were passed a valid businessKey per // 5.1.12.4 of the UDDI v3 spec @@ -311,7 +345,15 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry tx.rollback(); long procTime = System.currentTimeMillis() - startTime; serviceCounter.update(InquiryQuery.FIND_SERVICE, QueryStatus.SUCCESS, procTime); - + if (isAuthenticated() && entityPublisher!=null) + { + List<org.uddi.api_v3.ServiceInfo> FilterBindingTemplates = + AccessControlFactory.getAccessControlInstance().filterServiceInfo( + this.ctx, + entityPublisher.getAuthorizedName(), result.getServiceInfos().getServiceInfo()); + result.getServiceInfos().getServiceInfo().clear(); + result.getServiceInfos().getServiceInfo().addAll(FilterBindingTemplates); + } return result; } finally { if (tx.isActive()) { @@ -322,6 +364,7 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry } + @Override public TModelList findTModel(FindTModel body) throws DispositionReportFaultMessage { long startTime = System.currentTimeMillis(); @@ -337,9 +380,10 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry EntityTransaction tx = em.getTransaction(); try { tx.begin(); - + UddiEntityPublisher entityPublisher=null; if (isAuthenticated()) - this.getEntityPublisher(em, body.getAuthInfo()); + entityPublisher = this.getEntityPublisher(em, body.getAuthInfo()); + LogFindTModelRequest(body); org.apache.juddi.query.util.FindQualifiers findQualifiers = new org.apache.juddi.query.util.FindQualifiers(); findQualifiers.mapApiFindQualifiers(body.getFindQualifiers()); @@ -351,7 +395,15 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry tx.rollback(); long procTime = System.currentTimeMillis() - startTime; serviceCounter.update(InquiryQuery.FIND_TMODEL, QueryStatus.SUCCESS, procTime); - +if (isAuthenticated() && entityPublisher!=null) + { + List<org.uddi.api_v3.TModelInfo> FilterBindingTemplates = + AccessControlFactory.getAccessControlInstance().filterTModelInfo( + this.ctx,entityPublisher.getAuthorizedName(), + result.getTModelInfos().getTModelInfo()); + result.getTModelInfos().getTModelInfo().clear(); + result.getTModelInfos().getTModelInfo().addAll(FilterBindingTemplates); + } return result; } finally { if (tx.isActive()) { @@ -377,9 +429,10 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry EntityTransaction tx = em.getTransaction(); try { tx.begin(); - + UddiEntityPublisher entityPublisher=null; if (isAuthenticated()) - this.getEntityPublisher(em, body.getAuthInfo()); + entityPublisher = this.getEntityPublisher(em, body.getAuthInfo()); + BindingDetail result = new BindingDetail(); @@ -402,7 +455,15 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry tx.commit(); long procTime = System.currentTimeMillis() - startTime; serviceCounter.update(InquiryQuery.GET_BINDINGDETAIL, QueryStatus.SUCCESS, procTime); - + if (isAuthenticated() && entityPublisher!=null) + { + List<org.uddi.api_v3.BindingTemplate> FilterBindingTemplates = + AccessControlFactory.getAccessControlInstance().filterBindingTemplates( + this.ctx, + entityPublisher.getAuthorizedName(), result.getBindingTemplate()); + result.getBindingTemplate().clear(); + result.getBindingTemplate().addAll(FilterBindingTemplates); + } return result; } finally { if (tx.isActive()) { @@ -413,6 +474,7 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry } + @Override public BusinessDetail getBusinessDetail(GetBusinessDetail body) throws DispositionReportFaultMessage { long startTime = System.currentTimeMillis(); @@ -428,9 +490,10 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry EntityTransaction tx = em.getTransaction(); try { tx.begin(); - + UddiEntityPublisher entityPublisher=null; if (isAuthenticated()) - this.getEntityPublisher(em, body.getAuthInfo()); + entityPublisher = this.getEntityPublisher(em, body.getAuthInfo()); + BusinessDetail result = new BusinessDetail(); @@ -453,7 +516,14 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry tx.commit(); long procTime = System.currentTimeMillis() - startTime; serviceCounter.update(InquiryQuery.GET_BUSINESSDETAIL, QueryStatus.SUCCESS, procTime); - + if (isAuthenticated() && entityPublisher!=null) + { + List<org.uddi.api_v3.BusinessEntity> FilterBindingTemplates = + AccessControlFactory.getAccessControlInstance().filterBusinesses( + this.ctx,entityPublisher.getAuthorizedName(), result.getBusinessEntity()); + result.getBusinessEntity().clear(); + result.getBusinessEntity().addAll(FilterBindingTemplates); + } return result; } finally { if (tx.isActive()) { @@ -464,6 +534,7 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry } + @Override public OperationalInfos getOperationalInfo(GetOperationalInfo body) throws DispositionReportFaultMessage { long startTime = System.currentTimeMillis(); @@ -479,9 +550,10 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry EntityTransaction tx = em.getTransaction(); try { tx.begin(); - + UddiEntityPublisher entityPublisher=null; if (isAuthenticated()) - this.getEntityPublisher(em, body.getAuthInfo()); + entityPublisher = this.getEntityPublisher(em, body.getAuthInfo()); + OperationalInfos result = new OperationalInfos(); @@ -504,7 +576,14 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry tx.commit(); long procTime = System.currentTimeMillis() - startTime; serviceCounter.update(InquiryQuery.GET_OPERATIONALINFO, QueryStatus.SUCCESS, procTime); - + if (isAuthenticated() && entityPublisher!=null) + { + List<org.uddi.api_v3.OperationalInfo> FilterBindingTemplates = + AccessControlFactory.getAccessControlInstance().filterOperationalInfo( + this.ctx,entityPublisher.getAuthorizedName(), result.getOperationalInfo()); + result.getOperationalInfo().clear(); + result.getOperationalInfo().addAll(FilterBindingTemplates); + } return result; } finally { if (tx.isActive()) { @@ -515,6 +594,7 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry } + @Override public ServiceDetail getServiceDetail(GetServiceDetail body) throws DispositionReportFaultMessage { long startTime = System.currentTimeMillis(); @@ -531,9 +611,9 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry try { tx.begin(); + UddiEntityPublisher entityPublisher=null; if (isAuthenticated()) - this.getEntityPublisher(em, body.getAuthInfo()); - + entityPublisher = this.getEntityPublisher(em, body.getAuthInfo()); ServiceDetail result = new ServiceDetail(); List<String> serviceKeyList = body.getServiceKey(); @@ -555,7 +635,15 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry tx.commit(); long procTime = System.currentTimeMillis() - startTime; serviceCounter.update(InquiryQuery.GET_SERVICEDETAIL, QueryStatus.SUCCESS, procTime); - + if (isAuthenticated() && entityPublisher!=null) + { + List<org.uddi.api_v3.BusinessService> FilterBindingTemplates = + AccessControlFactory.getAccessControlInstance().filterServices( + this.ctx, + entityPublisher.getAuthorizedName(), result.getBusinessService()); + result.getBusinessService().clear(); + result.getBusinessService().addAll(FilterBindingTemplates); + } return result; } finally { @@ -567,6 +655,7 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry } + @Override public TModelDetail getTModelDetail(GetTModelDetail body) throws DispositionReportFaultMessage { long startTime = System.currentTimeMillis(); @@ -583,9 +672,10 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry try { tx.begin(); + + UddiEntityPublisher entityPublisher=null; if (isAuthenticated()) - this.getEntityPublisher(em, body.getAuthInfo()); - + entityPublisher = this.getEntityPublisher(em, body.getAuthInfo()); TModelDetail result = new TModelDetail(); List<String> tmodelKeyList = body.getTModelKey(); @@ -607,7 +697,15 @@ public class UDDIInquiryImpl extends AuthenticatedService implements UDDIInquiry tx.commit(); long procTime = System.currentTimeMillis() - startTime; serviceCounter.update(InquiryQuery.GET_TMODELDETAIL, QueryStatus.SUCCESS, procTime); - + if (isAuthenticated() && entityPublisher!=null) + { + List<org.uddi.api_v3.TModel> FilterBindingTemplates = + AccessControlFactory.getAccessControlInstance().filterTModels( + this.ctx, + entityPublisher.getAuthorizedName(), result.getTModel()); + result.getTModel().clear(); + result.getTModel().addAll(FilterBindingTemplates); + } return result; } finally { if (tx.isActive()) { diff --git a/juddi-core/src/main/java/org/apache/juddi/model/UddiEntityPublisher.java b/juddi-core/src/main/java/org/apache/juddi/model/UddiEntityPublisher.java index 20c9aed..1aaa2f7 100644 --- a/juddi-core/src/main/java/org/apache/juddi/model/UddiEntityPublisher.java +++ b/juddi-core/src/main/java/org/apache/juddi/model/UddiEntityPublisher.java @@ -131,10 +131,15 @@ public class UddiEntityPublisher { return false; } - /* - * This method will check if the given key generator key is available for this publisher. The idea is to make sure that the key generator + + /** + * This method will check if the given key generator key is available for this publisher. The idea is to make sure that the key generator * and all its sub-partitions are not already taken by another publisher. - */ + * @param em + * @param keygenKey + * @return + * @throws DispositionReportFaultMessage + */ public boolean isKeyGeneratorAvailable(EntityManager em, String keygenKey) throws DispositionReportFaultMessage { // First make sure the key is a valid UDDIv3 key per the specification's rules diff --git a/juddi-core/src/main/java/org/apache/juddi/security/AccessControlException.java b/juddi-core/src/main/java/org/apache/juddi/security/AccessControlException.java new file mode 100644 index 0000000..f57b11d --- /dev/null +++ b/juddi-core/src/main/java/org/apache/juddi/security/AccessControlException.java @@ -0,0 +1,33 @@ +/* + * Copyright 2019 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.juddi.security; + +import org.apache.juddi.v3.error.ErrorMessage; +import org.apache.juddi.v3.error.RegistryException; +import org.apache.juddi.v3.error.UDDIErrorHelper; + +/** + * @since 3.4 + * @author Alex O'Ree + */ +public class AccessControlException extends RegistryException { + + private static final long serialVersionUID = -3459892224164959205L; + + public AccessControlException(ErrorMessage message) { + super(message, UDDIErrorHelper.buildDispositionReport(UDDIErrorHelper.E_REQUEST_DENIED)); + } +} diff --git a/juddi-core/src/main/java/org/apache/juddi/security/AccessControlFactory.java b/juddi-core/src/main/java/org/apache/juddi/security/AccessControlFactory.java new file mode 100644 index 0000000..a14940a --- /dev/null +++ b/juddi-core/src/main/java/org/apache/juddi/security/AccessControlFactory.java @@ -0,0 +1,74 @@ +/* + * Copyright 2019 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.juddi.security; + + +import java.util.logging.Level; +import java.util.logging.Logger; +import org.apache.commons.configuration.ConfigurationException; +import org.apache.juddi.config.AppConfig; +import org.apache.juddi.config.Property; + +/** + * Provides an accessor to the access control mechanism + * @since 3.4 + * @author Alex O'Ree + */ +public class AccessControlFactory { + + private static final Logger log = Logger.getLogger(AccessControlFactory.class.getName()); + private static IAccessControl instance = null; + + /** + * Gets an instance of IAccessControl using the following procedure, in order<br> + * <ol> + * <li>Using the judiv3.properties configuration file setting Property.JUDDI_FINE_GRAIN_ACCESS_CONTROL_PROVIDER</li> + * <li>If the previous fails to load or is not defined, DefaultCorseAccessControlImpl</li> + * </ol> + * @return should never return null or throw exceptions + * @see DefaultCorseAccessControlImpl + * @see Property + */ + public static IAccessControl getAccessControlInstance() { + if (instance != null) { + return instance; + } + String clazz = null; + try { + clazz = AppConfig.getConfiguration().getString(Property.JUDDI_ACCESS_CONTROL_PROVIDER, AllowAllAccessControlImpl.class.getCanonicalName()); + Class c = Class.forName(clazz); + IAccessControl ret = (IAccessControl) c.newInstance(); + log.log(Level.INFO, "Successfully loaded FineGrainedAccessControl provider {0}", clazz); + instance = ret; + return ret; + } catch (IllegalAccessException x) { + log.log(Level.WARNING, "error loading control provider " + clazz, x); + } catch (InstantiationException x) { + log.log(Level.WARNING, "error loading control provider " + clazz, x); + } catch (ExceptionInInitializerError x) { + log.log(Level.WARNING, "error loading control provider " + clazz, x); + } catch (SecurityException x) { + log.log(Level.WARNING, "error loading control provider " + clazz, x); + } catch (ClassNotFoundException x) { + log.log(Level.WARNING, "error loading control provider " + clazz, x); + } catch (ConfigurationException x) { + log.log(Level.WARNING, "error loading control provider " + clazz, x); + } catch (Exception x) { + log.log(Level.WARNING, "error loading control provider " + clazz, x); + } + return new AllowAllAccessControlImpl(); + } +} \ No newline at end of file diff --git a/juddi-core/src/main/java/org/apache/juddi/security/AccessLevel.java b/juddi-core/src/main/java/org/apache/juddi/security/AccessLevel.java new file mode 100644 index 0000000..7f72645 --- /dev/null +++ b/juddi-core/src/main/java/org/apache/juddi/security/AccessLevel.java @@ -0,0 +1,46 @@ +/* + * Copyright 2019 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.juddi.security; + + +/** + * @since 3.4 + * @author Alex O'Ree + */ +public enum AccessLevel { + /** + * No access at all + */ + NONE, + /** + * Read only access, cannot make changes + */ + READ, + /** + * Can view, read, make changes, and delete a specific entity + */ + WRITE, + /** + * Can view, read, make changes, delete a specific entity, can initiate a custody transfer, and delegate permissions + * to another user + */ + OWN, + /** + * can create new entities + */ + CREATE + +} \ No newline at end of file diff --git a/juddi-core/src/main/java/org/apache/juddi/security/AllowAllAccessControlImpl.java b/juddi-core/src/main/java/org/apache/juddi/security/AllowAllAccessControlImpl.java new file mode 100644 index 0000000..72eb84e --- /dev/null +++ b/juddi-core/src/main/java/org/apache/juddi/security/AllowAllAccessControlImpl.java @@ -0,0 +1,84 @@ +/* + * Copyright 2019 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.juddi.security; + +import java.util.List; +import javax.xml.ws.WebServiceContext; +import org.uddi.api_v3.BindingTemplate; +import org.uddi.api_v3.BusinessEntity; +import org.uddi.api_v3.BusinessInfo; +import org.uddi.api_v3.BusinessService; +import org.uddi.api_v3.OperationalInfo; +import org.uddi.api_v3.RelatedBusinessInfo; +import org.uddi.api_v3.ServiceInfo; +import org.uddi.api_v3.TModel; +import org.uddi.api_v3.TModelInfo; + +/** + * Default implementation, performs no additional filtering of data + * @since 3.4 + * @author Alex O'Ree + */ +public class AllowAllAccessControlImpl implements IAccessControl { + + + + @Override + public List<BusinessService> filterServices(WebServiceContext arg0, String arg1, List<BusinessService> arg2) { + return arg2; + } + + @Override + public List<BusinessEntity> filterBusinesses(WebServiceContext arg0, String arg1, List<BusinessEntity> arg2) { + return arg2; + } + + @Override + public List<BusinessInfo> filterBusinessInfo(WebServiceContext arg0, String arg1, List<BusinessInfo> arg2) { + return arg2; + } + + @Override + public List<TModel> filterTModels(WebServiceContext arg0, String arg1, List<TModel> arg2) { + return arg2; + } + + @Override + public List<BindingTemplate> filterBindingTemplates(WebServiceContext arg0, String arg1, List<BindingTemplate> arg2) { + return arg2; + } + + @Override + public List<RelatedBusinessInfo> filtedRelatedBusinessInfos(WebServiceContext arg0, String arg1, List<RelatedBusinessInfo> arg2) { + return arg2; + } + + @Override + public List<ServiceInfo> filterServiceInfo(WebServiceContext arg0, String arg1, List<ServiceInfo> arg2) { + return arg2; + } + + @Override + public List<TModelInfo> filterTModelInfo(WebServiceContext arg0, String arg1, List<TModelInfo> arg2) { + return arg2; + } + + @Override + public List<OperationalInfo> filterOperationalInfo(WebServiceContext arg0, String arg1, List<OperationalInfo> arg2) { + return arg2; + } + +} diff --git a/juddi-core/src/main/java/org/apache/juddi/security/IAccessControl.java b/juddi-core/src/main/java/org/apache/juddi/security/IAccessControl.java new file mode 100644 index 0000000..1c889a8 --- /dev/null +++ b/juddi-core/src/main/java/org/apache/juddi/security/IAccessControl.java @@ -0,0 +1,57 @@ +/* + * Copyright 2019 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.juddi.security; + +import java.util.List; +import javax.xml.ws.WebServiceContext; +import org.uddi.api_v3.BindingTemplate; +import org.uddi.api_v3.BusinessEntity; +import org.uddi.api_v3.BusinessInfo; +import org.uddi.api_v3.BusinessService; +import org.uddi.api_v3.OperationalInfo; +import org.uddi.api_v3.RelatedBusinessInfo; +import org.uddi.api_v3.ServiceInfo; +import org.uddi.api_v3.TModel; +import org.uddi.api_v3.TModelInfo; + +/** + * Provides an interface for a pluggable Fine Grained Access Control mechanism + * for jUDDI + * + * @author Alex O'Ree + * @since 3.4 + * @see AccessLevel + */ +public interface IAccessControl { + + public List<BusinessService> filterServices(WebServiceContext ctx, String username, List<BusinessService> services); + + public List<BusinessEntity> filterBusinesses(WebServiceContext ctx, String username, List<BusinessEntity> business); + + public List<BusinessInfo> filterBusinessInfo(WebServiceContext ctx, String username, List<BusinessInfo> business); + + public List<TModel> filterTModels(WebServiceContext ctx, String username, List<TModel> tmodels); + + public List<BindingTemplate> filterBindingTemplates(WebServiceContext ctx, String username, List<BindingTemplate> bindings); + + public List<RelatedBusinessInfo> filtedRelatedBusinessInfos(WebServiceContext ctx, String username, List<RelatedBusinessInfo> bindings); + + public List<ServiceInfo> filterServiceInfo(WebServiceContext ctx, String authorizedName, List<ServiceInfo> serviceInfo); + + public List<TModelInfo> filterTModelInfo(WebServiceContext ctx, String authorizedName, List<TModelInfo> tModelInfo); + + public List<OperationalInfo> filterOperationalInfo(WebServiceContext ctx, String authorizedName, List<OperationalInfo> operationalInfo); +} --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
