Ravi Nori has uploaded a new change for review. Change subject: restapi: Implement public queries in API(#1009843) ......................................................................
restapi: Implement public queries in API(#1009843) Expose /api/domains to public, returning a list of domain names to users who are not logged in. Change-Id: I3994fce9e6e80de2d0ec9b253ad4ba47bb875f29 Bug-Url: https://bugzilla.redhat.com/1009843 Signed-off-by: Ravi Nori <[email protected]> --- M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/Backend.java M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/interfaces/BackendLocal.java M backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java M backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BackendDomainsResource.java M backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BackendResource.java 5 files changed, 48 insertions(+), 3 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/97/20197/1 diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/Backend.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/Backend.java index d23bb24..cdcd074 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/Backend.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/Backend.java @@ -460,6 +460,11 @@ return runQueryImpl(actionType, parameters, true); } + @Override + public VdcQueryReturnValue RunQuery(VdcQueryType actionType, VdcQueryParametersBase parameters, boolean isPerformUserCheck) { + return runQueryImpl(actionType, parameters, isPerformUserCheck); + } + protected VdcQueryReturnValue runQueryImpl(VdcQueryType actionType, VdcQueryParametersBase parameters, boolean isPerformUserCheck) { if (isPerformUserCheck) { diff --git a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/interfaces/BackendLocal.java b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/interfaces/BackendLocal.java index 4a69b0f..892fc92 100644 --- a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/interfaces/BackendLocal.java +++ b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/interfaces/BackendLocal.java @@ -16,6 +16,8 @@ VdcQueryReturnValue RunQuery(VdcQueryType actionType, VdcQueryParametersBase parameters); + VdcQueryReturnValue RunQuery(VdcQueryType actionType, VdcQueryParametersBase parameters, boolean isPerformUserCheck); + public VdcReturnValueBase EndAction(VdcActionType actionType, VdcActionParametersBase parameters); ErrorTranslator getErrorsTranslator(); diff --git a/backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java b/backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java index 119ef03..f73b2fc 100644 --- a/backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java +++ b/backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java @@ -16,6 +16,7 @@ package org.ovirt.engine.api.common.security.auth; +import java.util.ArrayList; import java.util.List; import javax.servlet.http.HttpSession; @@ -23,6 +24,7 @@ import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; +import javax.ws.rs.core.UriInfo; import javax.ws.rs.ext.Provider; import org.jboss.resteasy.annotations.interception.Precedence; @@ -49,6 +51,11 @@ "%1$s header content extraction has failed because of bad number format: %2$s"; private static final String SESSION_TTL_ILLEGAL_ERROR = "%1$s header cannot be zero or negative, endless session is not supported."; + private static final List<String> publicApiPaths = new ArrayList<>(); + + static { + publicApiPaths.add("/domains"); + } private String realm; private Scheme scheme; @@ -113,7 +120,7 @@ } // Authenticate the session - successful = executeBasicAuthentication(headers, httpSession, preferPersistentAuth); + successful = executeBasicAuthentication(headers, httpSession, preferPersistentAuth, getRequestPath(request)); if (successful && preferPersistentAuth) { if (httpSession == null) { @@ -145,6 +152,15 @@ } } return response; + } + + private String getRequestPath(HttpRequest request) { + UriInfo uriInfo = request.getUri(); + String path = null; + if (uriInfo != null) { + path = uriInfo.getPath().toString(); + } + return path; } /** @@ -180,7 +196,8 @@ * This method executes the basic authentication, and returns true whether it was successful and false otherwise. * It also sets the logged-in principal and the challenger object in the Current object */ - private boolean executeBasicAuthentication(HttpHeaders headers, HttpSession httpSession, boolean preferPersistentAuth) { + private boolean executeBasicAuthentication(HttpHeaders headers, HttpSession httpSession, boolean preferPersistentAuth, String path) { + System.out.println("executeBasicAuthentication"); boolean successful = false; List<String> auth = headers.getRequestHeader(HttpHeaders.AUTHORIZATION); if (auth != null && auth.size() != 0) { @@ -194,6 +211,9 @@ SessionUtils.setEngineSessionId(httpSession, engineSessionId); updateAuthenticationProperties(preferPersistentAuth, principal); } + } else + if (path != null && publicApiPaths.contains(path)) { + return true; } return successful; } diff --git a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BackendDomainsResource.java b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BackendDomainsResource.java index 9f74bbe..12d4a32 100644 --- a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BackendDomainsResource.java +++ b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BackendDomainsResource.java @@ -34,8 +34,9 @@ private Domains mapCollection(List<Directory> entities) { Domains collection = new Domains(); + boolean userLoggedIn = getSessionHelper().getSessionId() != null; for (Directory entity : entities) { - collection.getDomains().add(injectSearchLinks(addLinks(map(entity)),SUB_COLLECTIONS)); + collection.getDomains().add(userLoggedIn ? injectSearchLinks(addLinks(map(entity)),SUB_COLLECTIONS) : removeIds(map(entity))); } return collection; } @@ -65,6 +66,16 @@ new GetDomainListParameters()); } + private Domain removeIds(Domain domain) { + domain.setId(null); + return domain; + } + + @Override + public boolean getPerformUserCheck() { + return false; + } + public Domain lookupDirectoryById(String id, boolean addlinks) { for (Directory directoriesService : getCollection()) { if (directoriesService.getId().equals(id)) { diff --git a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BackendResource.java b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BackendResource.java index bc575b6..f315413 100644 --- a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BackendResource.java +++ b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/BackendResource.java @@ -76,9 +76,16 @@ protected VdcQueryReturnValue runQuery(VdcQueryType queryType, VdcQueryParametersBase queryParams) { queryParams.setFiltered(isFiltered()); + if (!getPerformUserCheck()) { + return backend.RunQuery(queryType, sessionize(queryParams), false); + } return backend.RunQuery(queryType, sessionize(queryParams)); } + public boolean getPerformUserCheck() { + return true; + } + protected <T> T getEntity(Class<T> clz, VdcQueryType query, VdcQueryParametersBase queryParams, String identifier) { return getEntity(clz, query, queryParams, identifier, false); } -- To view, visit http://gerrit.ovirt.org/20197 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I3994fce9e6e80de2d0ec9b253ad4ba47bb875f29 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Ravi Nori <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
