Skip to content
Snippets Groups Projects
Commit d915df49 authored by Robert Butora's avatar Robert Butora
Browse files

auth: func renames and removes unused func

parent 64c83edb
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
data-access/servlet/src/main/java/auth/authz/AuthPolicy.java
+ 38
162
View file @ d915df49
......@@ -40,24 +40,6 @@ public class AuthPolicy
private String[] userGroups;
private boolean userGroupsValid;
// private String dbConnUrl;
// private String dbUserName;
// private String dbPassword;
/*
public AuthPolicy(String userName, String[] userGroups)
{
this.userName = userName;
this.userGroups = userGroups;
this.userGroupsValid = true;
access = Access.PUBLIC_AND_AUTHORIZED_PRIVATE;
LOGGER.finer("User [Groups]: " + userName + " [ " + String.join(" ", userGroups) + " ]" );
}
*/
public AuthPolicy(Principal principal)
{
......@@ -97,69 +79,7 @@ public class AuthPolicy
}
public String getUserName()
{
return userName;
}
public boolean getUserGroupsValid()
{
return userGroupsValid;
}
public String[] getUserGroups()
{
return userGroups;
}
public String getUserGroupsSqlFormat()
{
if( (userGroups != null) && (userGroups.length > 0) )
{
return "\"" + String.join("\",\"" , userGroups) + "\"";
}
else
{
return null;
}
}
public String getUserGroupsAsString(String separator)
{
if( (userGroups != null) && (userGroups.length > 0) )
{
return String.join(separator, userGroups);
}
else
{
return null;
}
}
public String getAccessPolicy()
{
return access.name(); // returns enum as string
}
public void toXML(PrintWriter writer)
{
writer.println("<AccessPolicy>" + this.getAccessPolicy() + "</AccessPolicy>");
String ug = getUserGroupsAsString(" ");
if(userName != null) writer.println("<UserName>" + userName + "</UserName>");
if(ug != null) writer.println("<GroupNames>" + ug + "</GroupNames>");
}
// API
public String[] filterAuthorized(String[] pubdidArr)
public String[] removeNotAuthorized(String[] pubdidArr)
{
LOGGER.finer("trace");
......@@ -168,7 +88,6 @@ public class AuthPolicy
switch(access)
{
case PUBLIC_ONLY :
//filterNotPublic(pubdidList);
AuthPolicyDb adb;
synchronized(AuthPolicyDb.class)
{
......@@ -177,48 +96,34 @@ public class AuthPolicy
pubdidList = adb.selectPublicOnly(pubdidArr);
break;
case PUBLIC_AND_AUTHORIZED_PRIVATE :
filterNotAuthorized(pubdidList);
List<AuthPolicyDb.PubdidGroups> privateGroups = dbQueryPrivateUniqGroups(pubdidList);
List<String> notAuthorizedPubdids = selectNotAuthorized(privateGroups, userGroups);
removeNotAuthZd(pubdidList, notAuthorizedPubdids);
break;
default :
assert false : "Unrecoginzed access : " + access;
}
return pubdidList.toArray(new String[0]);
}
// remove PRIVATE from the list
/*
private void filterNotPublic(ArrayList<String> pubdids)
{
LOGGER.fine("trace");
assert pubdids != null;
LOGGER.finer("PublisherDID list original : " + String.join(" ", pubdids));
List<AuthPolicyDb.PubdidGroups> privateUniqPubdids = db_queryPrivateUniqPubdidGroups(pubdids);
List<String> notAuthorizedUniqPubdids = pubdidsNotPublic(privateUniqPubdids, userGroups);
LOGGER.finest("AuthZ removes: " + String.join(" ", notAuthorizedUniqPubdids));
removeNotAuthorized(pubdids, notAuthorizedUniqPubdids);
LOGGER.finest("PublisherDID list filtered : " + (pubdids.isEmpty() ? "" : String.join(" ", pubdids)));
}
private List<String> pubdidsNotPublic(List<AuthPolicyDb.PubdidGroups> pubdidList, String[] userGroups)
private List<String> selectNotAuthorized(List<AuthPolicyDb.PubdidGroups> pubdidList, String[] userGroups)
{
LOGGER.fine("trace");
ListIterator<AuthPolicyDb.PubdidGroups> it = pubdidList.listIterator();
List<String> pubdidsNotAuthorizedList = new LinkedList<String>();
ListIterator<AuthPolicyDb.PubdidGroups> it = pubdidList.listIterator();
while (it.hasNext())
{
AuthPolicyDb.PubdidGroups pubdidGroups = it.next();
if( true )// isIntersectionEmpty(pubdidGroups.groups, userGroups) )
LOGGER.finest(pubdidGroups.pubdid + " : " + String.join(" ",pubdidGroups.groups));
if( isIntersectionEmpty(pubdidGroups.groups, userGroups) )
{
pubdidsNotAuthorizedList.add(pubdidGroups.pubdid);
}
......@@ -226,53 +131,23 @@ public class AuthPolicy
return pubdidsNotAuthorizedList;
}
*/
// remove not-authorized from the list
private void filterNotAuthorized(List<String> pubdids)
{
LOGGER.fine("trace");
assert pubdids != null;
LOGGER.finer("PublisherDID list original : " + String.join(" ", pubdids));
List<AuthPolicyDb.PubdidGroups> privateUniqPubdids = db_queryPrivateUniqPubdidGroups(pubdids);
List<String> notAuthorizedUniqPubdids = pubdidsNotAuthorized(privateUniqPubdids, userGroups);
LOGGER.finest("AuthZ removes: " + String.join(" ", notAuthorizedUniqPubdids));
removeNotAuthorized(pubdids, notAuthorizedUniqPubdids);
LOGGER.finest("PublisherDID list filtered : " + (pubdids.isEmpty() ? "" : String.join(" ", pubdids)));
}
private List<String> pubdidsNotAuthorized(List<AuthPolicyDb.PubdidGroups> pubdidList, String[] userGroups)
private boolean isIntersectionEmpty(String[] stringsA, String[] stringsB)
{
LOGGER.fine("trace");
List<String> pubdidsNotAuthorizedList = new LinkedList<String>();
ListIterator<AuthPolicyDb.PubdidGroups> it = pubdidList.listIterator();
while (it.hasNext())
for(String strA : stringsA)
for(String strB : stringsB)
{
AuthPolicyDb.PubdidGroups pubdidGroups = it.next();
LOGGER.finest(pubdidGroups.pubdid + " : " + String.join(" ",pubdidGroups.groups));
if( isIntersectionEmpty(pubdidGroups.groups, userGroups) )
if(strA.equals(strB))
{
pubdidsNotAuthorizedList.add(pubdidGroups.pubdid);
return false;
}
}
return pubdidsNotAuthorizedList;
return true;
}
private void removeNotAuthorized(List<String> pubdids, List<String> notAuthorizedUniqPubdids)
private void removeNotAuthZd(List<String> pubdids, List<String> notAuthorizedUniqPubdids)
{
ListIterator<String> itr = pubdids.listIterator();
while (itr.hasNext())
......@@ -289,23 +164,7 @@ public class AuthPolicy
}
private boolean isIntersectionEmpty(String[] stringsA, String[] stringsB)
{
for(String strA : stringsA)
for(String strB : stringsB)
{
if(strA.equals(strB))
{
return false;
}
}
return true;
}
// DB-query
private List<AuthPolicyDb.PubdidGroups> db_queryPrivateUniqPubdidGroups(List<String> pubdids)
private List<AuthPolicyDb.PubdidGroups> dbQueryPrivateUniqGroups(List<String> pubdids)
{
AuthPolicyDb adb;
synchronized(AuthPolicyDb.class)
......@@ -329,6 +188,23 @@ public class AuthPolicy
}
// API (XmlSerialize to legacy results-xml)
public String getAccessPolicy() { return access.name(); }
public String getUserName() { return userName; }
public String[] getUserGroups() { return userGroups; }
public String getUserGroupsAsString(String separator)
{
if( (userGroups != null) && (userGroups.length > 0) )
{
return String.join(separator, userGroups);
}
else
{
return null;
}
}
}
data-access/servlet/src/main/java/auth/authz/webapi/AuthZFilter.java
+ 5
5
View file @ d915df49
......@@ -94,23 +94,23 @@ class AuthZ
throw new IllegalArgumentException("Authorization : UserPrincipal is not of expected type");
}
String[] pubdidArr = pubdidList.toArray(new String[pubdidList.size()]);
String[] authorized_pubdids;
authorized_pubdids = auth.filterAuthorized(pubdidArr);
String[] authorizedPubdids;
authorizedPubdids = auth.removeNotAuthorized(pubdidArr);
/* If multiplicity allowed (and in mcutout/merge):
* if one or more of pubdids not-authorized -> all request not authorized
* */
/* NOTE for now soda/vlkb_cutout does not allow multiplicity --> only one pubdid allowed */
if((authorized_pubdids==null) || (pubdidArr==null))
if((authorizedPubdids==null) || (pubdidArr==null))
{
LOGGER.warning("One of arrays null");
return true;
}
else
{
LOGGER.finest("authorized vs original length: "+authorized_pubdids.length + " / " + pubdidArr.length);
return (authorized_pubdids.length == pubdidArr.length);
LOGGER.finest("authorized vs original length: "+authorizedPubdids.length + " / " + pubdidArr.length);
return (authorizedPubdids.length == pubdidArr.length);
}
}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment