1651: updated RequestValidator for parameter name change, add exceptions to...

1651: updated RequestValidator for parameter name change, add exceptions to membership queries in GMSClient

1651: updated RequestValidator for parameter name change, add exceptions to...
030a4b68 · Jeff Burke · fded74bb · 030a4b68 · 030a4b68 · 030a4b68
Commit 030a4b68 authored 10 years ago by Jeff Burke
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/RequestValidator.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/RequestValidator.java
@@ -84,19 +84,19 @@ public class RequestValidator
 {
    private static final Logger log = Logger.getLogger(RequestValidator.class);
    
-    private String id;
-    private IdentityType type;
+    private String userID;
+    private IdentityType idType;
    private Role role;
-    private String guri;
+    private String groupID;
    
    public RequestValidator() { }

    private void clear()
    {
-        this.id = null;
-        this.type = null;
+        this.userID = null;
+        this.idType = null;
        this.role = null;
-        this.guri = null;
+        this.groupID = null;
    }
    
    public void validate(List<Parameter> paramList)
@@ -108,27 +108,27 @@ public class RequestValidator
                    "Missing required parameters: ID and TYPE");
        }

-        //  ID
+        // ID
        String param = ParameterUtil.findParameterValue("ID", paramList);
        if (param == null || param.trim().isEmpty())
        {
            throw new IllegalArgumentException(
                    "ID parameter required but not found");
        }
-        this.id = param.trim();
-        log.debug("ID: " + id);
+        this.userID = param.trim();
+        log.debug("ID: " + userID);

-        //  TYPE
+        // TYPE
        param = ParameterUtil.findParameterValue("TYPE", paramList);
        if (param == null || param.trim().isEmpty())
        {
            throw new IllegalArgumentException(
                    "TYPE parameter required but not found");
        }
-        this.type = IdentityType.toValue(param);
-        log.debug("TYPE: " + type);
+        this.idType = IdentityType.toValue(param);
+        log.debug("TYPE: " + idType);
        
-        //  ROLE
+        // ROLE
        param = ParameterUtil.findParameterValue("ROLE", paramList);
        if (param == null || param.trim().isEmpty())
        {
@@ -138,32 +138,26 @@ public class RequestValidator
        this.role = Role.toValue(param);
        log.debug("ROLE: " + role);
        
-        //  GURI
-        param = ParameterUtil.findParameterValue("GURI", paramList);
+        // GROUPID
+        param = ParameterUtil.findParameterValue("GROUPID", paramList);
        if (param != null)
        {
            if (param.isEmpty())
                throw new IllegalArgumentException(
-                        "GURI parameter specified without a value");
-            this.guri = param.trim();
-        }
-        log.debug("GURI: " + guri);
-        
-        if (role != null && guri != null)
-        {
-            throw new IllegalArgumentException(
-                    "ROLE and GURI cannot be used in the same search");
+                        "GROUPID parameter specified without a value");
+            this.groupID = param.trim();
        }
+        log.debug("GROUPID: " + groupID);
    }

-    public String getId()
+    public String getUserID()
    {
-        return id;
+        return userID;
    }
    
-    public IdentityType getType()
+    public IdentityType getIDType()
    {
-        return type;
+        return idType;
    }

    public Role getRole()
@@ -171,9 +165,9 @@ public class RequestValidator
        return role;
    }
    
-    public String getGUri()
+    public String getGroupID()
    {
-        return guri;
+        return groupID;
    }

 }
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/ACSearchRunner.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/ACSearchRunner.java
@@ -77,6 +77,7 @@ import ca.nrc.cadc.ac.server.GroupPersistence;
 import ca.nrc.cadc.ac.server.PluginFactory;
 import ca.nrc.cadc.ac.server.RequestValidator;
 import ca.nrc.cadc.ac.server.UserPersistence;
+import ca.nrc.cadc.auth.AuthenticationUtil;
 import ca.nrc.cadc.auth.HttpPrincipal;
 import ca.nrc.cadc.auth.NumericPrincipal;
 import ca.nrc.cadc.auth.OpenIdPrincipal;
@@ -167,13 +168,14 @@ public class ACSearchRunner

            RequestValidator rv = new RequestValidator();
            rv.validate(job.getParameterList());
-
-            Principal userID = getUserPrincipal(rv.getId(), rv.getType());
+            
+            Principal userID = AuthenticationUtil.createPrincipal(rv.getUserID(), rv.getIDType().getValue());
+            //Principal userID = getUserPrincipal(rv.getId(), rv.getType());
            
            PluginFactory factory = new PluginFactory();
            GroupPersistence dao = factory.getGroupPersistence();
            Collection<Group> groups = 
-                dao.searchGroups(userID, rv.getRole(), rv.getGUri());
+                dao.searchGroups(userID, rv.getRole(), rv.getGroupID());
            syncOut.setResponseCode(HttpServletResponse.SC_OK);
            GroupsWriter.write(groups, syncOut.getOutputStream());
            
@@ -288,36 +290,36 @@ public class ACSearchRunner
        }
    }
    
-    private Principal getUserPrincipal(String userID, IdentityType type)
-    {
-        if (type == IdentityType.OPENID)
-        {
-            return new OpenIdPrincipal(userID);
-        }
-        if (type == IdentityType.UID)
-        {
-            try
-            {
-                Long numericId = Long.valueOf(userID);
-                return new NumericPrincipal(numericId);
-            }
-            catch (NumberFormatException e)
-            {
-                throw new IllegalArgumentException("Illegal UID userID " +
-                                                   userID + " because " +
-                                                   e.getMessage());
-            }
-        }
-        if (type == IdentityType.USERNAME)
-        {
-            return new HttpPrincipal(userID);
-        }
-        if (type == IdentityType.X500)
-        {
-            return new X500Principal(userID);
-        }
-        throw new IllegalArgumentException("Unknown user type " + 
-                                           type.getValue());
-    }
+//    private Principal getUserPrincipal(String userID, IdentityType type)
+//    {
+//        if (type == IdentityType.OPENID)
+//        {
+//            return new OpenIdPrincipal(userID);
+//        }
+//        if (type == IdentityType.UID)
+//        {
+//            try
+//            {
+//                Long numericId = Long.valueOf(userID);
+//                return new NumericPrincipal(numericId);
+//            }
+//            catch (NumberFormatException e)
+//            {
+//                throw new IllegalArgumentException("Illegal UID userID " +
+//                                                   userID + " because " +
+//                                                   e.getMessage());
+//            }
+//        }
+//        if (type == IdentityType.USERNAME)
+//        {
+//            return new HttpPrincipal(userID);
+//        }
+//        if (type == IdentityType.X500)
+//        {
+//            return new X500Principal(userID);
+//        }
+//        throw new IllegalArgumentException("Unknown user type " + 
+//                                           type.getValue());
+//    }
    
 }
--- a/projects/cadcAccessControl/src/ca/nrc/cadc/ac/client/GMSClient.java
+++ b/projects/cadcAccessControl/src/ca/nrc/cadc/ac/client/GMSClient.java
@@ -655,7 +655,7 @@ public class GMSClient
    }

    public List<Group> getMemberships(Principal userID, Role role)
-        throws IOException
+        throws UserNotFoundException, AccessControlException, IOException
    {
        if (userID == null || role == null)
        {
@@ -692,6 +692,10 @@ public class GMSClient
            {
                throw new AccessControlException(error.getMessage());
            }
+            if (transfer.getResponseCode() == 404)
+            {
+                throw new UserNotFoundException(error.getMessage());
+            }
            if (transfer.getResponseCode() == 400)
            {
                throw new IllegalArgumentException(error.getMessage());
@@ -713,13 +717,13 @@ public class GMSClient
    }
    
    public Group getMembership(Principal userID, String groupName)
-        throws IOException
+        throws UserNotFoundException, AccessControlException, IOException
    {
        return getMembership(userID, groupName, Role.MEMBER);
    }
    
    public Group getMembership(Principal userID, String groupName, Role role)
-        throws IOException
+        throws UserNotFoundException, AccessControlException, IOException
    {
        if (userID == null || groupName == null || role == null)
        {
@@ -757,6 +761,10 @@ public class GMSClient
            {
                throw new AccessControlException(error.getMessage());
            }
+            if (transfer.getResponseCode() == 404)
+            {
+                throw new UserNotFoundException(error.getMessage());
+            }
            if (transfer.getResponseCode() == 400)
            {
                throw new IllegalArgumentException(error.getMessage());
@@ -788,13 +796,13 @@ public class GMSClient
    }
    
    public boolean isMember(Principal userID, String groupName)
-        throws IOException
+        throws UserNotFoundException, AccessControlException, IOException
    {
        return isMember(userID, groupName, Role.MEMBER);
    }
    
    public boolean isMember(Principal userID, String groupName, Role role)
-        throws IOException
+        throws UserNotFoundException, AccessControlException, IOException
    {
        Group group = getMembership(userID, groupName, role);
        return group != null;