NIHVIVO-2211 Clean up the logic in ServletPolicyList and the classes that call it.
This commit is contained in:
jeb228
parent
b162de36d2
commit
1c9b125800
9 changed files with 113 additions and 113 deletions
|
|
@ -14,6 +14,7 @@ import javax.servlet.http.HttpServletResponse;
|
|||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.RequestIdentifiers;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyList;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
|
|
@ -59,12 +60,12 @@ public class AuthTestController extends VitroHttpServlet {
|
|||
|
||||
private void checkAuths(ServletOutputStream out, IdentifierBundle ids, ServletContext servletContext)
|
||||
throws IOException{
|
||||
ServletPolicyList policy = ServletPolicyList.getPolicies(servletContext);
|
||||
PolicyList policy = ServletPolicyList.getPolicies(servletContext);
|
||||
out.println("<h1>Authorization tests:</h1>");
|
||||
|
||||
if( policy == null ) { out.println("No Policy objects found in ServletContext. ");
|
||||
|
||||
}
|
||||
if (policy.isEmpty()) {
|
||||
out.println("No Policy objects found in ServletContext. ");
|
||||
}
|
||||
out.println("<table>");
|
||||
for(RequestedAction action: actions){
|
||||
out.println("<tr><td>"+action.getClass().getName()+"</td>");
|
||||
|
|
|
|||
|
|
@ -51,11 +51,6 @@ public class AuthorizationHelper {
|
|||
PolicyIface policy = RequestPolicyList.getPolicies(vreq);
|
||||
if (isEmptyPolicy(policy)) {
|
||||
policy = ServletPolicyList.getPolicies(servletContext);
|
||||
if (isEmptyPolicy(policy)) {
|
||||
log.error("No policy found in request at "
|
||||
+ RequestPolicyList.POLICY_LIST);
|
||||
policy = new PolicyList();
|
||||
}
|
||||
}
|
||||
|
||||
return policy;
|
||||
|
|
|
|||
|
|
@ -375,9 +375,7 @@ public class JenaNetidPolicy extends DefaultInconclusivePolicy implements Visiti
|
|||
log.error("could not get jenaOntModel from JenaBaseDao, JenaNetidPolicy will not work");
|
||||
}
|
||||
|
||||
JenaNetidPolicy jnip = new JenaNetidPolicy(model);
|
||||
ServletPolicyList spl = ServletPolicyList.getPolicies(sce.getServletContext());
|
||||
spl.add(jnip);
|
||||
ServletPolicyList.addPolicy(sce.getServletContext(), new JenaNetidPolicy(model));
|
||||
|
||||
ActiveIdentifierBundleFactories.addFactory(sce, new SelfEditingIdentifierFactory());
|
||||
}catch(Exception e){
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@
|
|||
package edu.cornell.mannlib.vitro.webapp.auth.policy;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
|
@ -21,10 +22,8 @@ import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAct
|
|||
* and return the first AUTHORIZED or UNAUTHROIZED decision. INCONCLUSIVE
|
||||
* or null decisions will be ignored and the next policy on the list will
|
||||
* be queried.
|
||||
*
|
||||
*
|
||||
* @author bdc34
|
||||
*
|
||||
*/
|
||||
public class PolicyList extends ArrayList<PolicyIface> implements PolicyIface{
|
||||
private static final Log log = LogFactory.getLog(PolicyList.class.getName());
|
||||
|
|
@ -33,7 +32,12 @@ public class PolicyList extends ArrayList<PolicyIface> implements PolicyIface{
|
|||
super();
|
||||
}
|
||||
|
||||
public PolicyDecision isAuthorized(IdentifierBundle whoToAuth, RequestedAction whatToAuth) {
|
||||
public PolicyList(Collection<PolicyIface> policies) {
|
||||
super(policies);
|
||||
}
|
||||
|
||||
@Override
|
||||
public PolicyDecision isAuthorized(IdentifierBundle whoToAuth, RequestedAction whatToAuth) {
|
||||
PolicyDecision pd = null;
|
||||
for(PolicyIface policy : this){
|
||||
try{
|
||||
|
|
@ -43,12 +47,11 @@ public class PolicyList extends ArrayList<PolicyIface> implements PolicyIface{
|
|||
break;
|
||||
if( pd.getAuthorized() == Authorization.UNAUTHORIZED )
|
||||
break;
|
||||
// if( pd.getAuthorized() == Authorization.INCONCLUSIVE )
|
||||
// continue;
|
||||
// if( pd.getAuthorized() == Authorization.INCONCLUSIVE )
|
||||
// continue;
|
||||
} else{
|
||||
log.debug("policy " + policy.toString() + " returned a null PolicyDecision");
|
||||
}
|
||||
|
||||
}catch(Throwable th){
|
||||
log.error("ignoring exception in policy " + policy.toString(), th );
|
||||
}
|
||||
|
|
|
|||
|
|
@ -11,94 +11,105 @@ import org.apache.commons.logging.LogFactory;
|
|||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
|
||||
|
||||
|
||||
/**
|
||||
* This is a PolicyList that can do isAuthorized and stashes a singleton
|
||||
* in the ServletContext.
|
||||
*
|
||||
* The intent of this class is to allow a single point for policies
|
||||
* in a ServletContext. example:
|
||||
* <code>
|
||||
* Authorization canIDoIt = ServletPolicyList.getPolicies( getServletContext() ).isAuthorized( IdBundle, action );
|
||||
* </code>
|
||||
*
|
||||
* @author bdc34
|
||||
*
|
||||
* This maintains a PolicyList in the ServletContext. As a rule, however, this
|
||||
* is only used as the basis for the RequestPolicyList. Client code that wants
|
||||
* to access the current list of policies should look there.
|
||||
*/
|
||||
public class ServletPolicyList extends PolicyList {
|
||||
protected static String POLICY_LIST = "policy_list";
|
||||
private static final Log log = LogFactory.getLog(ServletPolicyList.class.getName());
|
||||
public class ServletPolicyList {
|
||||
private static final String ATTRIBUTE_POLICY_LIST = ServletPolicyList.class.getName();
|
||||
private static final Log log = LogFactory.getLog(ServletPolicyList.class);
|
||||
|
||||
/**
|
||||
* This is for general public use to get a list of policies for the ServletContext.
|
||||
* @param sc
|
||||
* @return
|
||||
*/
|
||||
@SuppressWarnings("unchecked")
|
||||
public static ServletPolicyList getPolicies(ServletContext sc){
|
||||
ServletPolicyList list = null;
|
||||
try{
|
||||
list = (ServletPolicyList)sc.getAttribute(POLICY_LIST);
|
||||
}catch(ClassCastException cce){
|
||||
log.error(POLICY_LIST +" server context attribute was not of type List<PolicyIface>");
|
||||
}
|
||||
if( list == null ){
|
||||
list = new ServletPolicyList();
|
||||
sc.setAttribute(POLICY_LIST, list);
|
||||
}
|
||||
return list;
|
||||
}
|
||||
/**
|
||||
* Get a copy of the current list of policies. This method may return an
|
||||
* empty list, but it never returns null.
|
||||
*/
|
||||
public static PolicyList getPolicies(ServletContext sc) {
|
||||
return new PolicyList(getPolicyList(sc));
|
||||
}
|
||||
|
||||
/**
|
||||
* Add the policy to the end of the list.
|
||||
*/
|
||||
public static void addPolicy(ServletContext sc, PolicyIface policy) {
|
||||
if (policy == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
PolicyList policies = getPolicyList(sc);
|
||||
if (!policies.contains(policy)) {
|
||||
policies.add(policy);
|
||||
log.info("Added policy: " + policy.getClass().getSimpleName());
|
||||
log.debug("Added policy: " + policy.toString());
|
||||
} else {
|
||||
log.warn("Ignored attempt to add redundant policy.");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Add the policy to the front of the list. It may be moved further down the
|
||||
* list by other policies that are later added using this method.
|
||||
*/
|
||||
public static void addPolicyAtFront(ServletContext sc, PolicyIface policy) {
|
||||
if (policy == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
PolicyList policies = getPolicyList(sc);
|
||||
if (!policies.contains(policy)) {
|
||||
policies.add(0, policy);
|
||||
log.info("Added policy at front: " + policy.getClass().getSimpleName());
|
||||
log.debug("Added policy at front: " + policy.toString());
|
||||
} else {
|
||||
log.warn("Ignored attempt to add redundant policy.");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Replace the first instance of this class of policy in the list. If no
|
||||
* instance is found, add the policy to the end of the list.
|
||||
*/
|
||||
public static void replacePolicy(ServletContext sc, PolicyIface policy) {
|
||||
if (policy == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
Class<?> clzz = policy.getClass();
|
||||
PolicyList policies = getPolicyList(sc);
|
||||
ListIterator<PolicyIface> it = policies.listIterator();
|
||||
while (it.hasNext()) {
|
||||
if (clzz.isAssignableFrom(it.next().getClass())) {
|
||||
it.set(policy);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
addPolicy(sc, policy);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the current PolicyList from the context, or create one if there is
|
||||
* none. This method may return an empty list, but it never returns null.
|
||||
*/
|
||||
private static PolicyList getPolicyList(ServletContext ctx) {
|
||||
if (ctx == null) {
|
||||
throw new NullPointerException("ctx may not be null.");
|
||||
}
|
||||
|
||||
Object obj = ctx.getAttribute(ATTRIBUTE_POLICY_LIST);
|
||||
if (obj == null) {
|
||||
obj = new PolicyList();
|
||||
ctx.setAttribute(ATTRIBUTE_POLICY_LIST, obj);
|
||||
}
|
||||
|
||||
if (!(obj instanceof PolicyList)) {
|
||||
throw new IllegalStateException("Expected to find an instance of "
|
||||
+ PolicyList.class.getName()
|
||||
+ " in the context, but found an instance of "
|
||||
+ obj.getClass().getName() + " instead.");
|
||||
}
|
||||
|
||||
return (PolicyList) obj;
|
||||
}
|
||||
|
||||
public static void addPolicy(ServletContext sc, PolicyIface policy){
|
||||
ServletPolicyList policies = getPolicies(sc);
|
||||
if( !policies.contains(policy) ){
|
||||
policies.add(policy);
|
||||
log.info("Added policy: " + policy.toString());
|
||||
}else{
|
||||
log.info("Ignored attempt to add redundent policy.");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* This adds the policy to the front of the list but it may be moved further down
|
||||
* the list by other policies that are later added using this method.
|
||||
*/
|
||||
public static void addPolicyAtFront(ServletContext sc, PolicyIface policy){
|
||||
ServletPolicyList policies = getPolicies(sc);
|
||||
if( !policies.contains(policy) ){
|
||||
policies.add(0,policy);
|
||||
log.info("Added policy at front of ServletPolicyList: " + policy.toString());
|
||||
}else{
|
||||
log.info("Ignored attempt to add redundent policy.");
|
||||
}
|
||||
}
|
||||
|
||||
/** import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.VisitingPolicyIface;
|
||||
* Replace first instance of policy found in policy list. If no instance
|
||||
* is found in list add at end of the list.
|
||||
*
|
||||
* @param sc
|
||||
* @param policy
|
||||
*/
|
||||
public static void replacePolicy(ServletContext sc, PolicyIface policy){
|
||||
if( sc == null )
|
||||
throw new IllegalArgumentException( "replacePolicy() needs a non-null ServletContext");
|
||||
if( policy == null )
|
||||
return;
|
||||
Class clzz = policy.getClass();
|
||||
|
||||
ServletPolicyList spl = ServletPolicyList.getPolicies(sc);
|
||||
ListIterator<PolicyIface> it = spl.listIterator();
|
||||
boolean replaced = false;
|
||||
while(it.hasNext()){
|
||||
PolicyIface p = (PolicyIface)it.next();
|
||||
if( clzz.isAssignableFrom(p.getClass()) ){
|
||||
it.set( policy );
|
||||
replaced = true;
|
||||
}
|
||||
}
|
||||
if( ! replaced ){
|
||||
ServletPolicyList.addPolicy(sc, policy);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -93,10 +93,6 @@ public class PropertyEditLinks extends TagSupport{
|
|||
PolicyIface policy = RequestPolicyList.getPolicies(pageContext.getRequest());
|
||||
if( policy == null || ( policy instanceof PolicyList && ((PolicyList)policy).size() == 0 )){
|
||||
policy = ServletPolicyList.getPolicies( pageContext.getServletContext() );
|
||||
if( policy == null || ( policy instanceof PolicyList && ((PolicyList)policy).size() == 0 )){
|
||||
log.error("No policy found in request at " + RequestPolicyList.POLICY_LIST);
|
||||
return SKIP_BODY;
|
||||
}
|
||||
}
|
||||
|
||||
IdentifierBundle ids = RequestIdentifiers.getIdBundleForRequest(pageContext.getRequest());
|
||||
|
|
|
|||
|
|
@ -38,9 +38,6 @@ public class EditingPolicyHelper {
|
|||
policy = RequestPolicyList.getPolicies(vreq);
|
||||
if( policy == null || ( policy instanceof PolicyList && ((PolicyList)policy).size() == 0 )){
|
||||
policy = ServletPolicyList.getPolicies( servletContext );
|
||||
if( policy == null || ( policy instanceof PolicyList && ((PolicyList)policy).size() == 0 )){
|
||||
log.error("No policy found in request at " + RequestPolicyList.POLICY_LIST);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue