This is an automated email from the git hooks/post-receive script. New commit to branch develop in repository observe. See http://git.codelutin.com/observe.git commit d1322f4932a331744276bf89d7746a91bc76b0b0 Author: Sylvain Bavencoff <bavencoff@codelutin.com> Date: Tue Sep 15 10:10:22 2015 +0200 gestion des permissions dans la couche serveur REST et client (refs #7523) --- .../web/controller/v1/ConfigurationController.java | 14 ++++++------ .../controller/v1/DataSourceServiceController.java | 12 +++++++---- .../v1/ObserveServiceControllerSupport.java | 5 +++-- .../controller/v1/ObserveWebErrorController.java | 7 +++++- .../web/request/ObserveWebRequestContext.java | 13 +++++++++++ .../ObserveWebSecurityApplicationContext.java | 15 +++++++------ ...ObserveWebSecurityAuthenticationTokenCache.java | 25 ++++++++++++---------- .../services/ObserveServiceInitializer.java | 17 +++++++++++++++ ...bserveDataSourceConfigurationAndConnection.java | 24 +++++++++++++++++++++ 9 files changed, 100 insertions(+), 32 deletions(-) diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ConfigurationController.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ConfigurationController.java index c22ba94..73bfdca 100644 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ConfigurationController.java +++ b/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ConfigurationController.java @@ -29,7 +29,7 @@ import fr.ird.observe.application.web.configuration.user.ObserveWebUsers; import fr.ird.observe.application.web.configuration.user.ObserveWebUsersHelper; import fr.ird.observe.application.web.controller.ObserveWebMotionController; import fr.ird.observe.application.web.security.ObserveWebSecurityApplicationContext; -import fr.ird.observe.services.configuration.ObserveDataSourceConfiguration; +import fr.ird.observe.services.configuration.ObserveDataSourceConfigurationAndConnection; import org.apache.commons.io.IOUtils; import org.debux.webmotion.server.WebMotionContextable; import org.debux.webmotion.server.render.Render; @@ -115,11 +115,11 @@ public class ConfigurationController extends ObserveWebMotionController { ObserveWebSecurityApplicationContext securityApplicationContext = getSecurityApplicationContext(); StringBuilder builder = new StringBuilder(); - ImmutableMap<String, ObserveDataSourceConfiguration> cache = securityApplicationContext.getAuthenticationTokensCache(); + ImmutableMap<String, ObserveDataSourceConfigurationAndConnection> cache = securityApplicationContext.getConfigurationByAuthenticationToken(); builder.append("Number of authentication tokens: ").append(cache.size()); - for (Map.Entry<String, ObserveDataSourceConfiguration> entry : cache.entrySet()) { - builder.append("\n").append(entry.getKey()).append(" - ").append(entry.getValue()); + for (Map.Entry<String, ObserveDataSourceConfigurationAndConnection> entry : cache.entrySet()) { + builder.append("\n").append(entry.getKey()).append(" - ").append(entry.getValue().getConfiguration()); } return renderContent(builder.toString(), "text/plain"); @@ -130,11 +130,11 @@ public class ConfigurationController extends ObserveWebMotionController { ObserveWebSecurityApplicationContext securityApplicationContext = getSecurityApplicationContext(); StringBuilder builder = new StringBuilder(); - ImmutableMap<String, ObserveDataSourceConfiguration> authenticationTokensCache = securityApplicationContext.getAuthenticationTokensCache(); + ImmutableMap<String, ObserveDataSourceConfigurationAndConnection> authenticationTokensCache = securityApplicationContext.getConfigurationByAuthenticationToken(); builder.append("Number of authentication tokens to reset: ").append(authenticationTokensCache.size()); - for (Map.Entry<String, ObserveDataSourceConfiguration> entry : authenticationTokensCache.entrySet()) { - builder.append("\n").append(entry.getKey()).append(" - ").append(entry.getValue()); + for (Map.Entry<String, ObserveDataSourceConfigurationAndConnection> entry : authenticationTokensCache.entrySet()) { + builder.append("\n").append(entry.getKey()).append(" - ").append(entry.getValue().getConfiguration()); } for (String authenticationToken : authenticationTokensCache.keySet()) { diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/DataSourceServiceController.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/DataSourceServiceController.java index 3e14395..ab5cf7e 100644 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/DataSourceServiceController.java +++ b/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/DataSourceServiceController.java @@ -27,6 +27,7 @@ import com.google.common.base.Preconditions; import fr.ird.observe.application.web.request.ObserveWebRequestContext; import fr.ird.observe.application.web.security.ObserveWebSecurityApplicationContext; import fr.ird.observe.services.configuration.ObserveDataSourceConfiguration; +import fr.ird.observe.services.configuration.ObserveDataSourceConfigurationAndConnection; import fr.ird.observe.services.configuration.ObserveDataSourceConfigurationRest; import fr.ird.observe.services.configuration.ObserveDataSourceConnection; import fr.ird.observe.services.configuration.ObserveDataSourceConnectionRest; @@ -68,7 +69,7 @@ public class DataSourceServiceController extends ObserveServiceControllerSupport ObserveDataSourceConnection observeDataSourceConnection = getAnonymousService(dataSourceConfigurationTopia).create(dataSourceConfigurationTopia, dataSourceCreateConfiguration); - String authenticationToken = registerDataSourceConfiguration(dataSourceConfigurationTopia); + String authenticationToken = registerDataSourceConfiguration(dataSourceConfigurationTopia, observeDataSourceConnection); ObserveDataSourceConnectionRest dataSourceConnection = createDataSourceConnection(observeDataSourceConnection, authenticationToken); return dataSourceConnection; @@ -81,7 +82,7 @@ public class DataSourceServiceController extends ObserveServiceControllerSupport ObserveDataSourceConnection observeDataSourceConnection = getAnonymousService(dataSourceConfigurationTopia).open(dataSourceConfigurationTopia); - String authenticationToken = registerDataSourceConfiguration(dataSourceConfigurationTopia); + String authenticationToken = registerDataSourceConfiguration(dataSourceConfigurationTopia, observeDataSourceConnection); ObserveDataSourceConnectionRest dataSourceConnection = createDataSourceConnection(observeDataSourceConnection, authenticationToken); return dataSourceConnection; @@ -123,9 +124,12 @@ public class DataSourceServiceController extends ObserveServiceControllerSupport } - protected String registerDataSourceConfiguration(ObserveDataSourceConfiguration dataSourceConfiguration) { + protected String registerDataSourceConfiguration(ObserveDataSourceConfiguration dataSourceConfiguration, ObserveDataSourceConnection dataSourceConnection) { - String authenticationToken = getSecurityApplicationContext().registerDataSourceConfiguration(dataSourceConfiguration); + ObserveDataSourceConfigurationAndConnection configurationAndConnection = + new ObserveDataSourceConfigurationAndConnection(dataSourceConfiguration, dataSourceConnection); + + String authenticationToken = getSecurityApplicationContext().registerDataSourceConfiguration(configurationAndConnection); return authenticationToken; } diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ObserveServiceControllerSupport.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ObserveServiceControllerSupport.java index ad24a92..54b880c 100644 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ObserveServiceControllerSupport.java +++ b/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ObserveServiceControllerSupport.java @@ -28,6 +28,7 @@ import fr.ird.observe.application.web.request.ObserveWebRequestContext; import fr.ird.observe.application.web.security.ObserveWebSecurityApplicationContext; import fr.ird.observe.services.ObserveService; import fr.ird.observe.services.configuration.ObserveDataSourceConfiguration; +import fr.ird.observe.services.configuration.ObserveDataSourceConfigurationAndConnection; import fr.ird.observe.services.spi.NoDataAccess; import java.lang.reflect.Method; @@ -59,9 +60,9 @@ public abstract class ObserveServiceControllerSupport<S extends ObserveService> // On recherche la source de données associée ObserveWebSecurityApplicationContext securityApplicationContext = getSecurityApplicationContext(); - ObserveDataSourceConfiguration dataSourceConfiguration = securityApplicationContext.getDataSourceConfiguration(authenticationToken); + ObserveDataSourceConfigurationAndConnection configurationAndConnection = securityApplicationContext.getDataSourceConfigurationAndConnection(authenticationToken); - S service = requestContext.newService(serviceType, dataSourceConfiguration); + S service = requestContext.newService(serviceType, configurationAndConnection); return service; } diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ObserveWebErrorController.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ObserveWebErrorController.java index d869656..1de298b 100644 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ObserveWebErrorController.java +++ b/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ObserveWebErrorController.java @@ -23,6 +23,7 @@ package fr.ird.observe.application.web.controller.v1; */ import fr.ird.observe.application.web.security.ObserveWebSecurityExceptionSupport; +import fr.ird.observe.services.dto.UnauthorizedException; import org.debux.webmotion.server.WebMotionController; import org.debux.webmotion.server.WebMotionException; import org.debux.webmotion.server.call.HttpContext; @@ -96,10 +97,14 @@ public class ObserveWebErrorController extends WebMotionController { } } - if (exception instanceof ObserveWebSecurityExceptionSupport) { + if (exception instanceof UnauthorizedException) { statusCode = 403; } + if (exception instanceof ObserveWebSecurityExceptionSupport) { + statusCode = 401; + } + exception.setStackTrace(stackTraceElements.toArray(new StackTraceElement[stackTraceElements.size()])); exception.initCause(null); diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContext.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContext.java index 972ea66..3b3f221 100644 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContext.java +++ b/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContext.java @@ -30,6 +30,7 @@ import fr.ird.observe.application.web.security.InvalidAdminKeyApiException; import fr.ird.observe.services.ObserveService; import fr.ird.observe.services.ObserveServiceInitializer; import fr.ird.observe.services.configuration.ObserveDataSourceConfiguration; +import fr.ird.observe.services.configuration.ObserveDataSourceConfigurationAndConnection; import fr.ird.observe.services.dto.constants.ReferentialLocale; import org.debux.webmotion.server.call.HttpContext; @@ -94,6 +95,18 @@ public class ObserveWebRequestContext { } + public <S extends ObserveService> S newService(Class<S> serviceType, ObserveDataSourceConfigurationAndConnection configurationAndConnection) { + + ObserveServiceInitializer observeServiceInitializer = ObserveServiceInitializer.create( + applicationLocale, + referentialLocale, + applicationContext.getApplicationConfiguration().getTemporaryDirectory(), + configurationAndConnection); + S service = applicationContext.newService(observeServiceInitializer, serviceType); + return service; + + } + public void checkAdminApiKeyIsPresent() { if (!optionalAdminApiKey.isPresent()) { throw new AdminApiKeyNotFoundException(); diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/security/ObserveWebSecurityApplicationContext.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/security/ObserveWebSecurityApplicationContext.java index 5bd8804..a6e799e 100644 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/security/ObserveWebSecurityApplicationContext.java +++ b/observe-application-web/src/main/java/fr/ird/observe/application/web/security/ObserveWebSecurityApplicationContext.java @@ -34,6 +34,7 @@ import fr.ird.observe.application.web.configuration.user.ObserveWebUserPermissio import fr.ird.observe.application.web.configuration.user.ObserveWebUsers; import fr.ird.observe.services.ObserveDataSourceConfigurationMainFactory; import fr.ird.observe.services.configuration.ObserveDataSourceConfiguration; +import fr.ird.observe.services.configuration.ObserveDataSourceConfigurationAndConnection; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -182,10 +183,10 @@ public class ObserveWebSecurityApplicationContext implements Closeable { } - public String registerDataSourceConfiguration(ObserveDataSourceConfiguration dataSourceConfiguration) { + public String registerDataSourceConfiguration(ObserveDataSourceConfigurationAndConnection configurationAndConnection) { // Register data source configuration in cache - String authenticationToken = authenticateCache.registerDataSourceConfiguration(dataSourceConfiguration); + String authenticationToken = authenticateCache.registerDataSourceConfiguration(configurationAndConnection); return authenticationToken; } @@ -221,12 +222,12 @@ public class ObserveWebSecurityApplicationContext implements Closeable { * @return la configuration de la data source associée au jeton * @throws InvalidAuthenticationTokenException si le jeton n'est pas connu */ - public ObserveDataSourceConfiguration getDataSourceConfiguration(String authenticationToken) { - ObserveDataSourceConfiguration dataSourceConfiguration = authenticateCache.getDataSourceConfigurationIfPresent(authenticationToken); - if (dataSourceConfiguration == null) { + public ObserveDataSourceConfigurationAndConnection getDataSourceConfigurationAndConnection(String authenticationToken) { + ObserveDataSourceConfigurationAndConnection configurationAndConnection = authenticateCache.getDataSourceConfigurationAndConnectionIfPresent(authenticationToken); + if (configurationAndConnection == null) { throw new InvalidAuthenticationTokenException(authenticationToken); } - return dataSourceConfiguration; + return configurationAndConnection; } @@ -234,7 +235,7 @@ public class ObserveWebSecurityApplicationContext implements Closeable { authenticateCache.removeAuthenticationToken(authenticationToken); } - public ImmutableMap<String, ObserveDataSourceConfiguration> getAuthenticationTokensCache() { + public ImmutableMap<String, ObserveDataSourceConfigurationAndConnection> getConfigurationByAuthenticationToken() { return ImmutableMap.copyOf(authenticateCache.getAuthenticationTokenCache().asMap()); } diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/security/ObserveWebSecurityAuthenticationTokenCache.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/security/ObserveWebSecurityAuthenticationTokenCache.java index e5e2687..a38f9d2 100644 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/security/ObserveWebSecurityAuthenticationTokenCache.java +++ b/observe-application-web/src/main/java/fr/ird/observe/application/web/security/ObserveWebSecurityAuthenticationTokenCache.java @@ -26,7 +26,7 @@ import com.google.common.cache.Cache; import com.google.common.cache.CacheBuilder; import com.google.common.cache.RemovalListener; import com.google.common.cache.RemovalNotification; -import fr.ird.observe.services.configuration.ObserveDataSourceConfiguration; +import fr.ird.observe.services.configuration.ObserveDataSourceConfigurationAndConnection; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -49,17 +49,17 @@ public class ObserveWebSecurityAuthenticationTokenCache implements Closeable { /** * Le cache des jetons de sécurité liés aux configurations de sources de données. */ - protected final Cache<String, ObserveDataSourceConfiguration> authenticationTokenCache; + protected final Cache<String, ObserveDataSourceConfigurationAndConnection> authenticationTokenCache; public ObserveWebSecurityAuthenticationTokenCache() { this.authenticationTokenCache = CacheBuilder.newBuilder() .maximumSize(10000) .expireAfterWrite(20, TimeUnit.MINUTES) .expireAfterAccess(20, TimeUnit.MINUTES) - .removalListener(new RemovalListener<String, ObserveDataSourceConfiguration>() { + .removalListener(new RemovalListener<String, ObserveDataSourceConfigurationAndConnection>() { @Override - public void onRemoval(RemovalNotification<String, ObserveDataSourceConfiguration> notification) { + public void onRemoval(RemovalNotification<String, ObserveDataSourceConfigurationAndConnection> notification) { if (log.isInfoEnabled()) { log.info(String.format("Remove authentication token: %s - %s", notification.getKey(), notification.getValue())); } @@ -68,17 +68,20 @@ public class ObserveWebSecurityAuthenticationTokenCache implements Closeable { .build(); } - public ObserveDataSourceConfiguration getDataSourceConfigurationIfPresent(String authenticationToken) { - ObserveDataSourceConfiguration dataSourceConfiguration = authenticationTokenCache.getIfPresent(authenticationToken); - return dataSourceConfiguration; + public ObserveDataSourceConfigurationAndConnection getDataSourceConfigurationAndConnectionIfPresent(String authenticationToken) { + + ObserveDataSourceConfigurationAndConnection configurationAndConnection = authenticationTokenCache.getIfPresent(authenticationToken); + + return configurationAndConnection; } - public String registerDataSourceConfiguration(ObserveDataSourceConfiguration dataSourceConfiguration) { + + public String registerDataSourceConfiguration(ObserveDataSourceConfigurationAndConnection configurationAndConnection) { String authenticationToken = UUID.randomUUID().toString(); if (log.isInfoEnabled()) { - log.info(String.format("Add authenticationToken: %s for data source configuration: %s", authenticationToken, dataSourceConfiguration)); + log.info(String.format("Add authenticationToken: %s for data source configuration: %s", authenticationToken, configurationAndConnection.getConfiguration())); } - authenticationTokenCache.put(authenticationToken, dataSourceConfiguration); + authenticationTokenCache.put(authenticationToken, configurationAndConnection); return authenticationToken; } @@ -96,7 +99,7 @@ public class ObserveWebSecurityAuthenticationTokenCache implements Closeable { authenticationTokenCache.invalidateAll(); } - public Cache<String, ObserveDataSourceConfiguration> getAuthenticationTokenCache() { + public Cache<String, ObserveDataSourceConfigurationAndConnection> getAuthenticationTokenCache() { return authenticationTokenCache; } diff --git a/observe-services-api/src/main/java/fr/ird/observe/services/ObserveServiceInitializer.java b/observe-services-api/src/main/java/fr/ird/observe/services/ObserveServiceInitializer.java index 686383f..52b318b 100644 --- a/observe-services-api/src/main/java/fr/ird/observe/services/ObserveServiceInitializer.java +++ b/observe-services-api/src/main/java/fr/ird/observe/services/ObserveServiceInitializer.java @@ -24,6 +24,7 @@ package fr.ird.observe.services; import com.google.common.base.Optional; import fr.ird.observe.services.configuration.ObserveDataSourceConfiguration; +import fr.ird.observe.services.configuration.ObserveDataSourceConfigurationAndConnection; import fr.ird.observe.services.configuration.ObserveDataSourceConnection; import fr.ird.observe.services.dto.constants.ReferentialLocale; @@ -71,6 +72,22 @@ public class ObserveServiceInitializer { } + public static ObserveServiceInitializer create(Locale applicationLocale, + ReferentialLocale referentialLocale, + File temporaryDirectoryRoot, + ObserveDataSourceConfigurationAndConnection configurationAndConnection) { + + ObserveServiceInitializer observeServiceInitializer = new ObserveServiceInitializer(); + observeServiceInitializer.setApplicationLocale(applicationLocale); + observeServiceInitializer.setReferentialLocale(referentialLocale); + observeServiceInitializer.setTemporaryDirectoryRoot(temporaryDirectoryRoot); + observeServiceInitializer.setDataSourceConfiguration(null); + observeServiceInitializer.setDataSourceConnection(configurationAndConnection.getConnection()); + observeServiceInitializer.setDataSourceConfiguration(configurationAndConnection.getConfiguration()); + return observeServiceInitializer; + + } + public static ObserveServiceInitializer create(ObserveServiceInitializer otherObserveServiceInitializer) { ObserveServiceInitializer observeServiceInitializer; diff --git a/observe-services-configuration-api/src/main/java/fr/ird/observe/services/configuration/ObserveDataSourceConfigurationAndConnection.java b/observe-services-configuration-api/src/main/java/fr/ird/observe/services/configuration/ObserveDataSourceConfigurationAndConnection.java new file mode 100644 index 0000000..15bd1ac --- /dev/null +++ b/observe-services-configuration-api/src/main/java/fr/ird/observe/services/configuration/ObserveDataSourceConfigurationAndConnection.java @@ -0,0 +1,24 @@ +package fr.ird.observe.services.configuration; + +/** + * @author Sylvain Bavencoff - bavencoff@codelutin.com + */ +public class ObserveDataSourceConfigurationAndConnection { + + protected final ObserveDataSourceConfiguration configuration; + + protected final ObserveDataSourceConnection connection; + + public ObserveDataSourceConfigurationAndConnection(ObserveDataSourceConfiguration configuration, ObserveDataSourceConnection connection) { + this.configuration = configuration; + this.connection = connection; + } + + public ObserveDataSourceConfiguration getConfiguration() { + return configuration; + } + + public ObserveDataSourceConnection getConnection() { + return connection; + } +} -- To stop receiving notification emails like this one, please contact codelutin.com SCM administrator <admin+scm@list.forge.codelutin.com>.