public class SearchDbServiceAuthCore {
- private static Logger logger = LoggerFactory.getInstance()
- .getLogger(SearchDbServiceAuthCore.class.getName());
+ private static Logger logger = LoggerFactory.getInstance().getLogger(SearchDbServiceAuthCore.class.getName());
- private static String GlobalAuthFileName = SearchDbConstants.SDB_AUTH_CONFIG_FILENAME;
+ private static String GlobalAuthFileName = SearchDbConstants.SDB_AUTH_CONFIG_FILENAME;
- private static enum HTTP_METHODS {
- POST, GET, PUT, DELETE
- }
-
- ;
-
- // Don't instantiate
- private SearchDbServiceAuthCore() {
- }
+ private enum HTTP_METHODS {
+ POST,
+ GET,
+ PUT,
+ DELETE
+ }
- private static boolean usersInitialized = false;
- private static HashMap<String, SearchDbAuthUser> users;
- private static boolean timerSet = false;
- private static Timer timer = null;
+ // Don't instantiate
+ private SearchDbServiceAuthCore() {}
- public synchronized static void init() {
+ private static boolean usersInitialized = false;
+ private static HashMap<String, SearchDbAuthUser> users;
+ private static boolean timerSet = false;
+ private static Timer timer = null;
+ public synchronized static void init() {
- SearchDbServiceAuthCore.getConfigFile();
- SearchDbServiceAuthCore.reloadUsers();
- }
+ SearchDbServiceAuthCore.getConfigFile();
+ SearchDbServiceAuthCore.reloadUsers();
- public static void cleanup() {
- timer.cancel();
- }
+ }
- public static String getConfigFile() {
- if (GlobalAuthFileName == null) {
- String nc = GlobalAuthFileName;
- if (nc == null) {
- nc = "/home/aaiadmin/etc/aaipolicy.json";
- }
- GlobalAuthFileName = nc;
+ public static void cleanup() {
+ timer.cancel();
}
- return GlobalAuthFileName;
- }
-
- public synchronized static void reloadUsers() {
- users = new HashMap<String, SearchDbAuthUser>();
- ObjectMapper mapper = new ObjectMapper(); // can reuse, share globally
- JSONParser parser = new JSONParser();
- try {
- Object obj = parser.parse(new FileReader(GlobalAuthFileName));
- JsonNode rootNode = mapper.readTree(new File(GlobalAuthFileName));
- JsonNode rolesNode = rootNode.path("roles");
-
- for (JsonNode roleNode : rolesNode) {
- String roleName = roleNode.path("name").asText();
-
- TabularAuthRole authRole = new TabularAuthRole();
- JsonNode usersNode = roleNode.path("users");
- JsonNode functionsNode = roleNode.path("functions");
- for (JsonNode functionNode : functionsNode) {
- String function = functionNode.path("name").asText();
- JsonNode methodsNode = functionNode.path("methods");
- boolean hasMethods = false;
- for (JsonNode methodNode : methodsNode) {
- String methodName = methodNode.path("name").asText();
- hasMethods = true;
- String thisFunction = methodName + ":" + function;
-
- authRole.addAllowedFunction(thisFunction);
- }
-
- if (hasMethods == false) {
- // iterate the list from HTTP_METHODS
- for (HTTP_METHODS meth : HTTP_METHODS.values()) {
- String thisFunction = meth.toString() + ":" + function;
-
- authRole.addAllowedFunction(thisFunction);
- }
- }
+ public static String getConfigFile() {
+ if (GlobalAuthFileName == null) {
+ String nc = GlobalAuthFileName;
+ if (nc == null) {
+ nc = "/home/aaiadmin/etc/aaipolicy.json";
+ }
+ GlobalAuthFileName = nc;
}
- for (JsonNode userNode : usersNode) {
- // make the user lower case
- String username = userNode.path("username").asText().toLowerCase();
- SearchDbAuthUser authUser = null;
- if (users.containsKey(username)) {
- authUser = users.get(username);
- } else {
- authUser = new SearchDbAuthUser();
- }
-
-
- authUser.setUser(username);
- authUser.addRole(roleName, authRole);
- users.put(username, authUser);
- }
- }
- } catch (FileNotFoundException fnfe) {
- logger.debug("Failed to load the policy file ");
+ return GlobalAuthFileName;
+ }
- } catch (ParseException e) {
- logger.debug("Failed to Parse the policy file ");
+ public synchronized static void reloadUsers() {
+ users = new HashMap<>();
+ ObjectMapper mapper = new ObjectMapper(); // can reuse, share globally
+ JSONParser parser = new JSONParser();
+ try {
+ parser.parse(new FileReader(GlobalAuthFileName));
+ JsonNode rootNode = mapper.readTree(new File(GlobalAuthFileName));
+ JsonNode rolesNode = rootNode.path("roles");
+
+ for (JsonNode roleNode : rolesNode) {
+ String roleName = roleNode.path("name").asText();
+
+ TabularAuthRole authRole = new TabularAuthRole();
+ JsonNode usersNode = roleNode.path("users");
+ JsonNode functionsNode = roleNode.path("functions");
+ for (JsonNode functionNode : functionsNode) {
+ String function = functionNode.path("name").asText();
+ JsonNode methodsNode = functionNode.path("methods");
+ boolean hasMethods = false;
+ for (JsonNode methodNode : methodsNode) {
+ String methodName = methodNode.path("name").asText();
+ hasMethods = true;
+ String thisFunction = methodName + ":" + function;
+
+ authRole.addAllowedFunction(thisFunction);
+ }
+
+ if (hasMethods == false) {
+ // iterate the list from HTTP_METHODS
+ for (HTTP_METHODS meth : HTTP_METHODS.values()) {
+ String thisFunction = meth.toString() + ":" + function;
+
+ authRole.addAllowedFunction(thisFunction);
+ }
+ }
+
+ }
+ for (JsonNode userNode : usersNode) {
+ // make the user lower case
+ String username = userNode.path("username").asText().toLowerCase();
+ SearchDbAuthUser authUser = null;
+ if (users.containsKey(username)) {
+ authUser = users.get(username);
+ } else {
+ authUser = new SearchDbAuthUser();
+ }
+
+
+ authUser.setUser(username);
+ authUser.addRole(roleName, authRole);
+ users.put(username, authUser);
+ }
+ }
+ } catch (FileNotFoundException fnfe) {
+ logger.debug("Failed to load the policy file ");
- } catch (JsonProcessingException e) {
- logger.debug("JSON processing error while parsing policy file: " + e.getMessage());
+ } catch (ParseException e) {
+ logger.debug("Failed to Parse the policy file ");
- } catch (IOException e) {
- logger.debug("IO Exception while parsing policy file: " + e.getMessage());
- }
+ } catch (JsonProcessingException e) {
+ logger.debug("JSON processing error while parsing policy file: " + e.getMessage());
- usersInitialized = true;
+ } catch (IOException e) {
+ logger.debug("IO Exception while parsing policy file: " + e.getMessage());
+ }
- }
+ usersInitialized = true;
- public static class SearchDbAuthUser {
- public SearchDbAuthUser() {
- this.roles = new HashMap<String, TabularAuthRole>();
}
- private String username;
- private HashMap<String, TabularAuthRole> roles;
+ public static class SearchDbAuthUser {
+ public SearchDbAuthUser() {
+ this.roles = new HashMap<>();
+ }
- public String getUser() {
- return this.username;
- }
+ private String username;
+ private HashMap<String, TabularAuthRole> roles;
- public HashMap<String, TabularAuthRole> getRoles() {
- return this.roles;
- }
+ public String getUser() {
+ return this.username;
+ }
- public void addRole(String roleName, TabularAuthRole authRole) {
- this.roles.put(roleName, authRole);
- }
+ public HashMap<String, TabularAuthRole> getRoles() {
+ return this.roles;
+ }
- public boolean checkAllowed(String checkFunc) {
- for (Map.Entry<String, TabularAuthRole> roleEntry : this.roles.entrySet()) {
- TabularAuthRole role = roleEntry.getValue();
- if (role.hasAllowedFunction(checkFunc)) {
- // break out as soon as we find it
- return true;
+ public void addRole(String roleName, TabularAuthRole authRole) {
+ this.roles.put(roleName, authRole);
}
- }
- // we would have got positive confirmation had it been there
- return false;
- }
- public void setUser(String myuser) {
- this.username = myuser;
- }
+ public boolean checkAllowed(String checkFunc) {
+ for (Map.Entry<String, TabularAuthRole> roleEntry : this.roles.entrySet()) {
+ TabularAuthRole role = roleEntry.getValue();
+ if (role.hasAllowedFunction(checkFunc)) {
+ // break out as soon as we find it
+ return true;
+ }
+ }
+ // we would have got positive confirmation had it been there
+ return false;
+ }
- }
+ public void setUser(String myuser) {
+ this.username = myuser;
+ }
- public static class TabularAuthRole {
- public TabularAuthRole() {
- this.allowedFunctions = new ArrayList<String>();
}
- private List<String> allowedFunctions;
+ public static class TabularAuthRole {
+ public TabularAuthRole() {
+ this.allowedFunctions = new ArrayList<>();
+ }
- public void addAllowedFunction(String func) {
- this.allowedFunctions.add(func);
- }
+ private List<String> allowedFunctions;
- public void delAllowedFunction(String delFunc) {
- if (this.allowedFunctions.contains(delFunc)) {
- this.allowedFunctions.remove(delFunc);
- }
- }
+ public void addAllowedFunction(String func) {
+ this.allowedFunctions.add(func);
+ }
+
+ public void delAllowedFunction(String delFunc) {
+ if (this.allowedFunctions.contains(delFunc)) {
+ this.allowedFunctions.remove(delFunc);
+ }
+ }
- public boolean hasAllowedFunction(String afunc) {
- if (this.allowedFunctions.contains(afunc)) {
- return true;
- } else {
- return false;
- }
+ public boolean hasAllowedFunction(String afunc) {
+ if (this.allowedFunctions.contains(afunc)) {
+ return true;
+ } else {
+ return false;
+ }
+ }
}
- }
- public static HashMap<String, SearchDbAuthUser> getUsers(String key) {
- if (!usersInitialized || (users == null)) {
- reloadUsers();
+ public static HashMap<String, SearchDbAuthUser> getUsers(String key) {
+ if (!usersInitialized || (users == null)) {
+ reloadUsers();
+ }
+ return users;
}
- return users;
- }
- public static boolean authorize(String username, String authFunction) {
+ public static boolean authorize(String username, String authFunction) {
- if (!usersInitialized || (users == null)) {
- init();
- }
- if (users.containsKey(username)) {
- if (users.get(username).checkAllowed(authFunction) == true) {
+ if (!usersInitialized || (users == null)) {
+ init();
+ }
+ if (users.containsKey(username)) {
+ if (users.get(username).checkAllowed(authFunction) == true) {
- return true;
- } else {
+ return true;
+ } else {
- return false;
- }
- } else {
+ return false;
+ }
+ } else {
- return false;
+ return false;
+ }
}
- }
}
Code Review / aai / search-data-service.git / blobdiff