private static List<AAFPermission> filterNameSpacesAAFPermissions(String nameSpace,
List<AAFPermission> allPermissionsList) {
List<AAFPermission> list = new ArrayList<>();
- for (Iterator iterator = allPermissionsList.iterator(); iterator.hasNext();) {
+ for (Iterator<AAFPermission> iterator = allPermissionsList.iterator(); iterator.hasNext();) {
AAFPermission aafPermission = (AAFPermission) iterator.next();
if(aafPermission.getType().indexOf(nameSpace) == 0) {
list.add(aafPermission);
*/
public static boolean isAccessAllowed(ServletRequest request, String nameSpace) throws Exception {
- if (nameSpace.isEmpty()) {
+ if (request==null) {
+ throw new Exception("Request cannot be null");
+ }
+
+ if (nameSpace==null || nameSpace.isEmpty()) {
throw new Exception("NameSpace not Declared!");
}
//logger.info(EELFLoggerDelegate.applicationLogger,
// "AAFPermission of the requested MechId for all the namespaces: " + aafPermsList);
- String requestUri = null;
logger.debug(EELFLoggerDelegate.applicationLogger, "Requested nameSpace: " + nameSpace);
- HttpServletRequest httpRequest = null;
List<AAFPermission> aafPermsFinalList = filterNameSpacesAAFPermissions(nameSpace, aafPermsList);
- logger.debug(EELFLoggerDelegate.applicationLogger,
- "AuthUtil list of AAFPermission for the specific namespace ::::::::::::::::::::::::::::::::::::::::::::"
+ logger.debug(EELFLoggerDelegate.securityLogger,
+ "AuthUtil list of AAFPermission for the specific namespace :::"
+ aafPermsFinalList);
- if (null != request) {
- httpRequest = (HttpServletRequest) request;
- requestUri = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length() + 1);
- }
+ HttpServletRequest httpRequest = (HttpServletRequest) request;
+ String requestUri = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length() + 1);
- logger.debug(EELFLoggerDelegate.applicationLogger,
- "AuthUtil requestUri ::::::::::::::::::::::::::::::::::::::::::::" + requestUri);
+ logger.debug(EELFLoggerDelegate.securityLogger,
+ "AuthUtil requestUri :::" + requestUri);
for (Iterator iterator = aafPermsFinalList.iterator(); iterator.hasNext();) {
AAFPermission aafPermission = (AAFPermission) iterator.next();
}
}
- logger.debug(EELFLoggerDelegate.applicationLogger,
+ logger.debug(EELFLoggerDelegate.securityLogger,
"isAccessAllowed for the request uri: " + requestUri + "is :" + isauthorized);
return isauthorized;
}
String permKey = aafPermission.getKey();
- logger.info(EELFLoggerDelegate.applicationLogger, "isMatchPattern permKey: "
+ logger.debug(EELFLoggerDelegate.auditLogger, "isMatchPattern permKey: "
+ permKey + ", requestUri " + requestUri + " ," + method);
String[] keyArray = permKey.split("\\|");
String[] subPath = null;
//String type = null;
//type = keyArray[0];
- String instance = null;
- instance = keyArray[1];
- String action = null;
- action = keyArray[2];
+ String instance = keyArray[1];
+ String action = keyArray[2];
//if the instance & action both are * , then allow
if ("*".equalsIgnoreCase(instance) && "*".equalsIgnoreCase(action)) {