Repository: incubator-geode Updated Branches: refs/heads/develop 280d2d8f7 -> 29e494803
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/29e49480/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/RestSecurityService.java ---------------------------------------------------------------------- diff --git a/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/RestSecurityService.java b/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/RestSecurityService.java new file mode 100644 index 0000000..3d09f09 --- /dev/null +++ b/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/RestSecurityService.java @@ -0,0 +1,56 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.geode.rest.internal.web.security; + +import org.springframework.stereotype.Component; + +import org.apache.geode.internal.security.SecurityService; +import org.apache.geode.security.GemFireSecurityException; + +@Component("securityService") +public class RestSecurityService { + private SecurityService securityService = SecurityService.getSecurityService(); + + public boolean authorize(String resource, String operation) { + return authorize(resource, operation, null, null); + } + + public boolean authorize(String resource, String operation, String region) { + return authorize(resource, operation, region, null); + } + + public boolean authorize(String resource, String operation, String region, String key) { + try{ + securityService.authorize(resource, operation, region, key); + return true; + } + catch (GemFireSecurityException ex){ + return false; + } + } + + public boolean authorizeKeys(String operation, String region, String[] keys) { + boolean authorized = false; + for(String key:keys){ + authorized = authorize("DATA", operation, region, key); + if(!authorized) + return false; + } + return true; + } +}