auth: func renames and removes unused func

d915df49 · Robert Butora · 64c83edb · d915df49 · d915df49
Commit d915df49 authored 6 months ago by Robert Butora
--- a/data-access/servlet/src/main/java/auth/authz/AuthPolicy.java
+++ b/data-access/servlet/src/main/java/auth/authz/AuthPolicy.java
@@ -40,24 +40,6 @@ public class AuthPolicy
   private String[] userGroups;
   private boolean userGroupsValid;
-//   private String dbConnUrl;
-//   private String dbUserName;
-//   private String dbPassword;
-/*
-   public AuthPolicy(String userName, String[] userGroups)
-   {
-      this.userName   = userName;
-      this.userGroups = userGroups;
-      this.userGroupsValid = true;
-      access = Access.PUBLIC_AND_AUTHORIZED_PRIVATE;
-      LOGGER.finer("User [Groups]: " + userName + " [ " + String.join(" ", userGroups) + " ]" );
-   }
-*/
   public AuthPolicy(Principal principal)
   {
@@ -97,69 +79,7 @@ public class AuthPolicy
   }
+   public String[] removeNotAuthorized(String[] pubdidArr)
-   public String getUserName()
-   {
-      return userName;
-   }
-   public boolean getUserGroupsValid()
-   {
-      return userGroupsValid;
-   }
-   public String[] getUserGroups()
-   {
-      return userGroups;
-   }
-   public String getUserGroupsSqlFormat()
-   {
-      if( (userGroups != null) && (userGroups.length > 0) )
-      {
-         return "\"" + String.join("\",\"" , userGroups) + "\"";
-      }
-      else
-      {
-         return null;
-      }
-   }
-   public String getUserGroupsAsString(String separator)
-   {
-      if( (userGroups != null) && (userGroups.length > 0) )
-      {
-         return String.join(separator, userGroups);
-      }
-      else
-      {
-         return null;
-      }
-   }
-   public String getAccessPolicy()
-   {
-      return access.name(); // returns enum as string
-   }
-   public void toXML(PrintWriter writer)
-   {
-      writer.println("<AccessPolicy>" + this.getAccessPolicy() + "</AccessPolicy>");
-      String ug = getUserGroupsAsString(" ");
-      if(userName   != null) writer.println("<UserName>" + userName + "</UserName>");
-      if(ug         != null) writer.println("<GroupNames>" + ug + "</GroupNames>");
-   }
-   // API
-   public String[] filterAuthorized(String[] pubdidArr)
   {
      LOGGER.finer("trace");
@@ -168,7 +88,6 @@ public class AuthPolicy
      switch(access)
      {
         case PUBLIC_ONLY :
-            //filterNotPublic(pubdidList);
            AuthPolicyDb adb;
            synchronized(AuthPolicyDb.class)
            {
@@ -177,48 +96,34 @@ public class AuthPolicy
            pubdidList = adb.selectPublicOnly(pubdidArr);
            break;
         case PUBLIC_AND_AUTHORIZED_PRIVATE :
-            filterNotAuthorized(pubdidList);
+            List<AuthPolicyDb.PubdidGroups> privateGroups = dbQueryPrivateUniqGroups(pubdidList);
+            List<String> notAuthorizedPubdids             = selectNotAuthorized(privateGroups, userGroups);
+            removeNotAuthZd(pubdidList, notAuthorizedPubdids);
            break;
         default :
            assert false : "Unrecoginzed  access : " + access;
      }
      return pubdidList.toArray(new String[0]); 
   }
-   // remove PRIVATE from the list
+   private List<String> selectNotAuthorized(List<AuthPolicyDb.PubdidGroups> pubdidList, String[] userGroups)
-   /*
-      private void filterNotPublic(ArrayList<String> pubdids)
-      {
-      LOGGER.fine("trace");
-      assert pubdids != null;
-      LOGGER.finer("PublisherDID list original : " + String.join(" ", pubdids));
-      List<AuthPolicyDb.PubdidGroups> privateUniqPubdids = db_queryPrivateUniqPubdidGroups(pubdids);
-      List<String> notAuthorizedUniqPubdids = pubdidsNotPublic(privateUniqPubdids, userGroups);
-      LOGGER.finest("AuthZ removes: " + String.join(" ", notAuthorizedUniqPubdids));
-      removeNotAuthorized(pubdids, notAuthorizedUniqPubdids);
-      LOGGER.finest("PublisherDID list filtered : " + (pubdids.isEmpty() ? "" : String.join(" ", pubdids)));
-      }
-      private List<String> pubdidsNotPublic(List<AuthPolicyDb.PubdidGroups> pubdidList, String[] userGroups)
   {
      LOGGER.fine("trace");
-      ListIterator<AuthPolicyDb.PubdidGroups> it = pubdidList.listIterator();
      List<String> pubdidsNotAuthorizedList = new LinkedList<String>();
+      ListIterator<AuthPolicyDb.PubdidGroups> it = pubdidList.listIterator();
      while (it.hasNext())
      {
         AuthPolicyDb.PubdidGroups pubdidGroups = it.next();
-      if( true )// isIntersectionEmpty(pubdidGroups.groups, userGroups) )
+         LOGGER.finest(pubdidGroups.pubdid + " : " + String.join(" ",pubdidGroups.groups));
+         if( isIntersectionEmpty(pubdidGroups.groups, userGroups) )
         {
            pubdidsNotAuthorizedList.add(pubdidGroups.pubdid);
         }
@@ -226,53 +131,23 @@ public class AuthPolicy
      return pubdidsNotAuthorizedList;
   }
-      */
-   // remove not-authorized from the list
-   private void filterNotAuthorized(List<String> pubdids)
-   {
-      LOGGER.fine("trace");
-      assert pubdids != null;
-      LOGGER.finer("PublisherDID list original : " + String.join(" ", pubdids));
-      List<AuthPolicyDb.PubdidGroups> privateUniqPubdids = db_queryPrivateUniqPubdidGroups(pubdids);
-      List<String> notAuthorizedUniqPubdids = pubdidsNotAuthorized(privateUniqPubdids, userGroups);
-      LOGGER.finest("AuthZ removes: " + String.join(" ", notAuthorizedUniqPubdids));
-      removeNotAuthorized(pubdids, notAuthorizedUniqPubdids);
-      LOGGER.finest("PublisherDID list filtered : " + (pubdids.isEmpty() ? "" : String.join(" ", pubdids)));
-   }
-   private List<String> pubdidsNotAuthorized(List<AuthPolicyDb.PubdidGroups> pubdidList, String[] userGroups)
+   private boolean isIntersectionEmpty(String[] stringsA, String[] stringsB)
   {
-      LOGGER.fine("trace");
+      for(String strA : stringsA)
+         for(String strB : stringsB)
-      List<String> pubdidsNotAuthorizedList = new LinkedList<String>();
-      ListIterator<AuthPolicyDb.PubdidGroups> it = pubdidList.listIterator();
-      while (it.hasNext())
         {
-         AuthPolicyDb.PubdidGroups pubdidGroups = it.next();
+            if(strA.equals(strB))
-         LOGGER.finest(pubdidGroups.pubdid + " : " + String.join(" ",pubdidGroups.groups));
-         if( isIntersectionEmpty(pubdidGroups.groups, userGroups) )
            {
-            pubdidsNotAuthorizedList.add(pubdidGroups.pubdid);
+               return false;
            }
         }
+      return true;
-      return pubdidsNotAuthorizedList;
   }
+   private void removeNotAuthZd(List<String> pubdids, List<String> notAuthorizedUniqPubdids)
-   private void removeNotAuthorized(List<String> pubdids, List<String> notAuthorizedUniqPubdids)
   {
      ListIterator<String> itr = pubdids.listIterator();
      while (itr.hasNext())
@@ -289,23 +164,7 @@ public class AuthPolicy
   }
-   private boolean isIntersectionEmpty(String[] stringsA, String[] stringsB)
+   private List<AuthPolicyDb.PubdidGroups> dbQueryPrivateUniqGroups(List<String> pubdids)
-   {
-      for(String strA : stringsA)
-         for(String strB : stringsB)
-         {
-            if(strA.equals(strB))
-            {
-               return false;
-            }
-         }
-      return true;
-   }
-   // DB-query
-   private List<AuthPolicyDb.PubdidGroups> db_queryPrivateUniqPubdidGroups(List<String> pubdids)
   {
      AuthPolicyDb adb;
      synchronized(AuthPolicyDb.class)
@@ -329,6 +188,23 @@ public class AuthPolicy
   }
+   // API (XmlSerialize to legacy results-xml)
+   public String   getAccessPolicy() { return access.name(); }
+   public String   getUserName()     { return userName; }
+   public String[] getUserGroups()   { return userGroups; }
+   public String getUserGroupsAsString(String separator)
+   {
+      if( (userGroups != null) && (userGroups.length > 0) )
+      {
+         return String.join(separator, userGroups);
+      }
+      else
+      {
+         return null;
+      }
+   }
 }
--- a/data-access/servlet/src/main/java/auth/authz/webapi/AuthZFilter.java
+++ b/data-access/servlet/src/main/java/auth/authz/webapi/AuthZFilter.java
@@ -94,23 +94,23 @@ class AuthZ
         throw new IllegalArgumentException("Authorization : UserPrincipal is not of expected type");
      }
      String[] pubdidArr = pubdidList.toArray(new String[pubdidList.size()]);
-      String[] authorized_pubdids;
+      String[] authorizedPubdids;
-      authorized_pubdids = auth.filterAuthorized(pubdidArr);
+      authorizedPubdids = auth.removeNotAuthorized(pubdidArr);
      /* If multiplicity allowed (and in mcutout/merge):
       * if one or more of pubdids not-authorized -> all request not authorized
       * */
      /* NOTE for now soda/vlkb_cutout does not allow multiplicity --> only one pubdid allowed */
-      if((authorized_pubdids==null) || (pubdidArr==null))
+      if((authorizedPubdids==null) || (pubdidArr==null))
      {
         LOGGER.warning("One of arrays null");
         return true;
      }
      else
      {
-         LOGGER.finest("authorized vs original length: "+authorized_pubdids.length + " / " + pubdidArr.length);
+         LOGGER.finest("authorized vs original length: "+authorizedPubdids.length + " / " + pubdidArr.length);
-         return (authorized_pubdids.length == pubdidArr.length);
+         return (authorizedPubdids.length == pubdidArr.length);
      }
   }