This is an automated email from the git hooks/post-receive script. New commit to branch feature/7494 in repository observe. See http://git.codelutin.com/observe.git commit e5c6cd2b76880273468e120a315a984844595890 Author: Tony CHEMIT <chemit@codelutin.com> Date: Mon Aug 31 01:19:55 2015 +0200 Amélioration du contexte de requete avec l'introduction d'un context de sécurité au niveau de la requete --- .../application/web/ObserveWebMotionFilter.java | 60 ++++------- .../web/controller/ObserveWebMotionController.java | 50 +++------ .../web/controller/v1/ConfigurationController.java | 7 +- .../controller/v1/DataSourceServiceController.java | 83 ++++++++------- .../v1/ReferentialServiceController.java | 7 ++ .../web/request/ObserveWebRequestContext.java | 112 +++++++++++++++++++++ .../request/ObserveWebRequestContextConnected.java | 63 ------------ .../ObserveWebRequestContextNotConnected.java | 72 ------------- .../request/ObserveWebRequestContextSupport.java | 68 ------------- ...equestContextWithNoDataSourceConfiguration.java | 47 --------- .../request/ObserveWebRequestSecurityContext.java | 62 ++++++++++++ 11 files changed, 260 insertions(+), 371 deletions(-) diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/ObserveWebMotionFilter.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/ObserveWebMotionFilter.java index ad8922b..fd319a3 100644 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/ObserveWebMotionFilter.java +++ b/observe-application-web/src/main/java/fr/ird/observe/application/web/ObserveWebMotionFilter.java @@ -1,10 +1,8 @@ package fr.ird.observe.application.web; import com.google.common.base.Optional; -import fr.ird.observe.application.web.request.ObserveWebRequestContextConnected; -import fr.ird.observe.application.web.request.ObserveWebRequestContextNotConnected; -import fr.ird.observe.application.web.request.ObserveWebRequestContextSupport; -import fr.ird.observe.application.web.request.ObserveWebRequestContextWithNoDataSourceConfiguration; +import fr.ird.observe.application.web.request.ObserveWebRequestContext; +import fr.ird.observe.application.web.request.ObserveWebRequestSecurityContext; import fr.ird.observe.application.web.security.BadObserveWebUserPasswordException; import fr.ird.observe.application.web.security.DataSourceConfigurationAlreadyRegistredException; import fr.ird.observe.application.web.security.InvalidAuthenticationTokenException; @@ -29,19 +27,30 @@ public class ObserveWebMotionFilter extends WebMotionFilter { HttpServletRequest request = context.getRequest(); - ObserveWebRequestContextSupport requestContext; + ObserveWebRequestSecurityContext securityContext = createSecurityContext(applicationContext, request); + ObserveWebRequestContext requestContext = new ObserveWebRequestContext(applicationContext, securityContext); + + ObserveWebRequestContext.setRequestContext(context, requestContext); + + doProcess(); + + } + + protected ObserveWebRequestSecurityContext createSecurityContext(ObserveWebApplicationContext applicationContext, HttpServletRequest request) throws InvalidAuthenticationTokenException, UnknownObserveWebUserForDatabaseException, BadObserveWebUserPasswordException, DataSourceConfigurationAlreadyRegistredException, UnknownObserveWebUserException { + + ObserveWebRequestSecurityContext securityContext = null; String authenticationToken = getRequestParameterValueOrNull(request, "authenticationToken"); if (authenticationToken == null) { authenticationToken = request.getHeader("authenticationToken"); } - if (StringUtils.isNotBlank(authenticationToken)) { // Recherche de la configuration à la source de donnée - requestContext = getObserveWebRequestContextConnected(applicationContext, authenticationToken); - + ObserveWebSecurityApplicationContext securityApplicationContext = applicationContext.getSecurityApplicationContext(); + ObserveDataSourceConfiguration dataSourceConfiguration = securityApplicationContext.getDataSourceConfiguration(authenticationToken); + securityContext = ObserveWebRequestSecurityContext.createAuthenticated(dataSourceConfiguration, authenticationToken); } else { // Cas où on l'utilisateur n'est pas connecté @@ -53,42 +62,15 @@ public class ObserveWebMotionFilter extends WebMotionFilter { if (!(userLogin == null && userPassword == null)) { // On recherche une configuration de source de données à partir de l'identité de l'utilisateur - - requestContext = getObserveWebRequestContextNotConnected(applicationContext, userLogin, userPassword, userDatabaseName); - - } else { - - // Ce cas peut arriver pour des requètes qui ne nécessitent pas de sources de données - // À noter que dans ce cas, on ne sera pas autorisé à créer des services de l'API - - requestContext = new ObserveWebRequestContextWithNoDataSourceConfiguration(applicationContext); + ObserveWebSecurityApplicationContext securityApplicationContext = applicationContext.getSecurityApplicationContext(); + ObserveDataSourceConfiguration dataSourceConfiguration = securityApplicationContext.getDataSourceConfiguration(userLogin, userPassword, Optional.fromNullable(userDatabaseName)); + securityContext = ObserveWebRequestSecurityContext.create(dataSourceConfiguration, userLogin, userPassword, userDatabaseName); } } - ObserveWebRequestContextSupport.setRequestContext(context, requestContext); - - doProcess(); - - } - - protected ObserveWebRequestContextNotConnected getObserveWebRequestContextNotConnected(ObserveWebApplicationContext applicationContext, String userLogin, String userPassword, String userDatabaseName) throws UnknownObserveWebUserException, BadObserveWebUserPasswordException, DataSourceConfigurationAlreadyRegistredException, UnknownObserveWebUserForDatabaseException { - - Optional<String> optionalDatabaseName = Optional.fromNullable(userDatabaseName); - - ObserveWebSecurityApplicationContext securityApplicationContext = applicationContext.getSecurityApplicationContext(); - ObserveDataSourceConfiguration dataSourceConfiguration = securityApplicationContext.getDataSourceConfiguration(userLogin, userPassword, optionalDatabaseName); - ObserveWebRequestContextNotConnected requestContext = new ObserveWebRequestContextNotConnected(applicationContext, dataSourceConfiguration, userLogin, optionalDatabaseName); - return requestContext; - } - - protected ObserveWebRequestContextConnected getObserveWebRequestContextConnected(ObserveWebApplicationContext applicationContext, String authenticationToken) throws InvalidAuthenticationTokenException { - - ObserveWebSecurityApplicationContext securityApplicationContext = applicationContext.getSecurityApplicationContext(); - ObserveDataSourceConfiguration dataSourceConfiguration = securityApplicationContext.getDataSourceConfiguration(authenticationToken); - ObserveWebRequestContextConnected requestContext = new ObserveWebRequestContextConnected(applicationContext, dataSourceConfiguration, authenticationToken); - return requestContext; + return securityContext; } diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/ObserveWebMotionController.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/ObserveWebMotionController.java index df6763e..7e004a6 100644 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/ObserveWebMotionController.java +++ b/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/ObserveWebMotionController.java @@ -2,10 +2,8 @@ package fr.ird.observe.application.web.controller; import fr.ird.observe.application.web.ObserveWebApplicationContext; import fr.ird.observe.application.web.configuration.ObserveWebApplicationConfiguration; -import fr.ird.observe.application.web.request.ObserveWebRequestContextConnected; -import fr.ird.observe.application.web.request.ObserveWebRequestContextNotConnected; -import fr.ird.observe.application.web.request.ObserveWebRequestContextSupport; -import fr.ird.observe.application.web.request.ObserveWebRequestContextWithNoDataSourceConfiguration; +import fr.ird.observe.application.web.request.ObserveWebRequestContext; +import fr.ird.observe.application.web.security.ObserveWebSecurityApplicationContext; import fr.ird.observe.services.ObserveService; import org.debux.webmotion.server.WebMotionController; @@ -14,45 +12,27 @@ import org.debux.webmotion.server.WebMotionController; */ public abstract class ObserveWebMotionController extends WebMotionController { - public ObserveWebApplicationContext getObserveWebApplicationContext() { - return ObserveWebApplicationContext.getApplicationContext(getContext()); + protected ObserveWebApplicationContext getApplicationContext() { + return getRequestContext().getApplicationContext(); } - public ObserveWebApplicationConfiguration getObserveWebApplicationConfiguration() { - return getObserveWebApplicationContext().getApplicationConfiguration(); + protected ObserveWebSecurityApplicationContext getSecurityApplicationContext() { + return getApplicationContext().getSecurityApplicationContext(); } - public <S extends ObserveService> S newService(Class<S> serviceType) { - ObserveWebRequestContextSupport requestContext = ObserveWebRequestContextSupport.getRequestContext(getContext()); - - if (!requestContext.isCanCreateService()) { - throw new IllegalStateException("The request context " + requestContext + " can not create service"); - } - S service = requestContext.newService(serviceType); - return service; + protected ObserveWebApplicationConfiguration getApplicationConfiguration() { + return getApplicationContext().getApplicationConfiguration(); } - public ObserveWebRequestContextNotConnected getObserveWebRequestContextNotConnected() { - ObserveWebRequestContextSupport requestContext = ObserveWebRequestContextSupport.getRequestContext(getContext()); - if (!(requestContext instanceof ObserveWebRequestContextNotConnected)) { - throw new IllegalStateException("Bad request context type"); - } - return (ObserveWebRequestContextNotConnected) requestContext; + protected ObserveWebRequestContext getRequestContext() { + return ObserveWebRequestContext.getRequestContext(getContext()); } - public ObserveWebRequestContextConnected getObserveWebRequestContextConnected() { - ObserveWebRequestContextSupport requestContext = ObserveWebRequestContextSupport.getRequestContext(getContext()); - if (!(requestContext instanceof ObserveWebRequestContextConnected)) { - throw new IllegalStateException("Bad request context type"); - } - return (ObserveWebRequestContextConnected) requestContext; - } + public <S extends ObserveService> S newService(Class<S> serviceType) { + ObserveWebRequestContext requestContext = getRequestContext(); - public ObserveWebRequestContextWithNoDataSourceConfiguration getObserveWebRequestContextWithNoDataSourceConfiguration() { - ObserveWebRequestContextSupport requestContext = ObserveWebRequestContextSupport.getRequestContext(getContext()); - if (!(requestContext instanceof ObserveWebRequestContextWithNoDataSourceConfiguration)) { - throw new IllegalStateException("Bad request context type"); - } - return (ObserveWebRequestContextWithNoDataSourceConfiguration) requestContext; + S service = requestContext.newService(serviceType); + return service; } + } diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ConfigurationController.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ConfigurationController.java index 579e2c5..5a2d4da 100644 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ConfigurationController.java +++ b/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ConfigurationController.java @@ -38,19 +38,18 @@ public class ConfigurationController extends ObserveWebMotionController { public Render configuration() { - String content = getObserveWebApplicationConfiguration().getConfigurationDescription(); + String content = getApplicationConfiguration().getConfigurationDescription(); return renderContent(content, "text/plain"); } public Render databases() throws IOException { - String content; try (StringWriter writer = new StringWriter()) { ObserveWebDatabasesHelper observeWebDatabasesHelper = new ObserveWebDatabasesHelper(); - ObserveWebDatabases databases = getObserveWebApplicationContext().getDatabases(); + ObserveWebDatabases databases = getApplicationContext().getDatabases(); observeWebDatabasesHelper.store(databases, writer); writer.flush(); @@ -67,7 +66,7 @@ public class ConfigurationController extends ObserveWebMotionController { try (StringWriter writer = new StringWriter()) { ObserveWebUsersHelper observeWebUsersHelper = new ObserveWebUsersHelper(); - ObserveWebUsers databases = getObserveWebApplicationContext().getUsers(); + ObserveWebUsers databases = getApplicationContext().getUsers(); observeWebUsersHelper.store(databases, writer); writer.flush(); diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/DataSourceServiceController.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/DataSourceServiceController.java index 05adeea..7de27ab 100644 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/DataSourceServiceController.java +++ b/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/DataSourceServiceController.java @@ -1,8 +1,7 @@ package fr.ird.observe.application.web.controller.v1; import com.google.common.base.Optional; -import fr.ird.observe.application.web.request.ObserveWebRequestContextConnected; -import fr.ird.observe.application.web.request.ObserveWebRequestContextNotConnected; +import fr.ird.observe.application.web.request.ObserveWebRequestContext; import fr.ird.observe.application.web.security.DataSourceConfigurationAlreadyRegistredException; import fr.ird.observe.services.configuration.ObserveDataSourceConfiguration; import fr.ird.observe.services.dto.DataSourceCreateConfigurationDto; @@ -11,9 +10,9 @@ import fr.ird.observe.services.dto.IncompatibleDataSourceCreateConfigurationExce import fr.ird.observe.services.service.DataSourceService; import fr.ird.observe.services.service.DatabaseConnexionNotAuthorizedException; import fr.ird.observe.services.service.DatabaseNotFoundException; -import fr.ird.observe.services.spi.NoDataAccess; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.debux.webmotion.server.WebMotionContextable; /** * Created on 30/08/15. @@ -29,80 +28,78 @@ public class DataSourceServiceController extends ObserveServiceControllerSupport super(DataSourceService.class); } - @NoDataAccess + @Override + public void setContextable(WebMotionContextable contextable) { + super.setContextable(contextable); + getRequestContext().checkSecurityContextIsPresent(); + } + + @Override public boolean exists() { return service.exists(); } - @NoDataAccess + @Override public boolean canConnect() { return service.canConnect(); } - @NoDataAccess + @Override public void create(DataSourceCreateConfigurationDto dataSourceCreateConfiguration) throws IncompatibleDataSourceCreateConfigurationException, DataSourceCreateWithNoReferentialImportException { + service.create(dataSourceCreateConfiguration); - ObserveWebRequestContextNotConnected requestContext = getObserveWebRequestContextNotConnected(); - ObserveDataSourceConfiguration dataSourceConfiguration = requestContext.getDataSourceConfiguration(); + registerDataSourceConfiguration(); - String userLogin = requestContext.getUserLogin(); - Optional<String> optionalDatabaseName = requestContext.getOptionalDatabaseName(); - String authenticationToken; - try { - authenticationToken = getObserveWebApplicationContext().getSecurityApplicationContext().registerDataSourceConfiguration(userLogin, optionalDatabaseName, dataSourceConfiguration); - } catch (DataSourceConfigurationAlreadyRegistredException e) { - throw new RuntimeException("DataSource already registred", e); - } - if (log.isInfoEnabled()) { - log.info("New authenticationToken: " + authenticationToken + " for " + dataSourceConfiguration); - } - - //TODO Voir comment retourner le jeton de sécurité - getContext().getResponse().addHeader("authenticationToken", authenticationToken); - } - @NoDataAccess + @Override public void open() throws DatabaseNotFoundException, DatabaseConnexionNotAuthorizedException { service.open(); - ObserveWebRequestContextNotConnected requestContext = getObserveWebRequestContextNotConnected(); - ObserveDataSourceConfiguration dataSourceConfiguration = requestContext.getDataSourceConfiguration(); - - String userLogin = requestContext.getUserLogin(); - Optional<String> optionalDatabaseName = requestContext.getOptionalDatabaseName(); - String authenticationToken; - try { - authenticationToken = getObserveWebApplicationContext().getSecurityApplicationContext().registerDataSourceConfiguration(userLogin, optionalDatabaseName, dataSourceConfiguration); - } catch (DataSourceConfigurationAlreadyRegistredException e) { - throw new RuntimeException("DataSource already registred", e); - } - if (log.isInfoEnabled()) { - log.info("New authenticationToken: " + authenticationToken + " for " + dataSourceConfiguration); - } - - //TODO Voir comment retourner le jeton de sécurité - getContext().getResponse().addHeader("authenticationToken", authenticationToken); + registerDataSourceConfiguration(); } + @Override public void close() { + ObserveWebRequestContext requestContext = getRequestContext(); + requestContext.checkIsAuthenticated(); + service.close(); - ObserveWebRequestContextConnected requestContext = getObserveWebRequestContextConnected(); String authenticationToken = requestContext.getAuthenticationToken(); - getObserveWebApplicationContext().getSecurityApplicationContext().invalidateAuthenticationToken(authenticationToken); + getSecurityApplicationContext().invalidateAuthenticationToken(authenticationToken); if (log.isInfoEnabled()) { log.info("Invalidate authenticationToken: " + authenticationToken); } } + @Override public void destroy() { service.destroy(); } + protected void registerDataSourceConfiguration() { + + ObserveWebRequestContext requestContext = getRequestContext(); + + ObserveDataSourceConfiguration dataSourceConfiguration = requestContext.getDataSourceConfiguration(); + + String userLogin = requestContext.getUserLogin(); + Optional<String> optionalDatabaseName = requestContext.getOptionalDatabaseName(); + String authenticationToken; + try { + authenticationToken = getSecurityApplicationContext().registerDataSourceConfiguration(userLogin, optionalDatabaseName, dataSourceConfiguration); + } catch (DataSourceConfigurationAlreadyRegistredException e) { + throw new RuntimeException("DataSource already registred", e); + } + + getContext().getResponse().addHeader("authenticationToken", authenticationToken); + + } + } diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ReferentialServiceController.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ReferentialServiceController.java index fc35ea0..502e370 100644 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ReferentialServiceController.java +++ b/observe-application-web/src/main/java/fr/ird/observe/application/web/controller/v1/ReferentialServiceController.java @@ -6,6 +6,7 @@ import fr.ird.observe.services.dto.referential.ReferentialDto; import fr.ird.observe.services.service.DataNotFoundException; import fr.ird.observe.services.service.ReferentialService; import fr.ird.observe.services.spi.Write; +import org.debux.webmotion.server.WebMotionContextable; import java.util.Collection; @@ -21,6 +22,12 @@ public class ReferentialServiceController extends ObserveServiceControllerSuppor } @Override + public void setContextable(WebMotionContextable contextable) { + super.setContextable(contextable); + getRequestContext().checkIsAuthenticated(); + } + + @Override public <R extends ReferentialDto> ReferenceSetDto<R> getReferentialReferenceSet(Class<R> type) { return service.getReferentialReferenceSet(type); } diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContext.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContext.java new file mode 100644 index 0000000..7fe7457 --- /dev/null +++ b/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContext.java @@ -0,0 +1,112 @@ +package fr.ird.observe.application.web.request; + +/* + * #%L + * Pollen :: Rest Api + * %% + * Copyright (C) 2009 - 2014 CodeLutin + * %% + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * #L% + */ + +import com.google.common.base.Optional; +import com.google.common.base.Preconditions; +import fr.ird.observe.application.web.ObserveWebApplicationContext; +import fr.ird.observe.services.ObserveService; +import fr.ird.observe.services.configuration.ObserveDataSourceConfiguration; +import org.debux.webmotion.server.call.HttpContext; + +/** + * Created on 4/25/14. + * + * @author Tony Chemit <chemit@codelutin.com> + * @since 2.0 + */ +public class ObserveWebRequestContext { + + protected static final String REQUEST_OBSERVE_WEB_REQUEST_CONTEXT = ObserveWebRequestContext.class.getName(); + + public static ObserveWebRequestContext getRequestContext(HttpContext httpContext) { + + ObserveWebRequestContext result = (ObserveWebRequestContext) + httpContext.getRequest().getAttribute(REQUEST_OBSERVE_WEB_REQUEST_CONTEXT); + return result; + } + + public static void setRequestContext(HttpContext httpContext, + ObserveWebRequestContext serviceContext) { + httpContext.getRequest().setAttribute(REQUEST_OBSERVE_WEB_REQUEST_CONTEXT, serviceContext); + } + + protected final ObserveWebApplicationContext applicationContext; + + protected final Optional<ObserveWebRequestSecurityContext> optionalSecurityContext; + + public ObserveWebRequestContext(ObserveWebApplicationContext applicationContext, + ObserveWebRequestSecurityContext optionalSecurityContext) { + this.applicationContext = applicationContext; + this.optionalSecurityContext = Optional.fromNullable(optionalSecurityContext); + } + + public ObserveWebApplicationContext getApplicationContext() { + return applicationContext; + } + + public <S extends ObserveService> S newService(Class<S> serviceType) { + + + checkIsAuthenticated(); + S service = applicationContext.newService(getSecurityContext().getDataSourceConfiguration(), serviceType); + return service; + + } + + public void checkIsAuthenticated() { + checkSecurityContextIsPresent(); + Preconditions.checkState(getSecurityContext().isAuthenticated()); + } + + public void checkSecurityContextIsPresent() { + Preconditions.checkState(optionalSecurityContext.isPresent()); + } + + public ObserveDataSourceConfiguration getDataSourceConfiguration() { + checkSecurityContextIsPresent(); + return optionalSecurityContext.get().getDataSourceConfiguration(); + } + + public String getUserLogin() { + checkSecurityContextIsPresent(); + ObserveWebRequestSecurityContext securityContext = getSecurityContext(); + Preconditions.checkState(securityContext.getOptionalUserLogin().isPresent()); + return securityContext.getOptionalUserLogin().get(); + } + + protected ObserveWebRequestSecurityContext getSecurityContext() { + return optionalSecurityContext.get(); + } + + public Optional<String> getOptionalDatabaseName() { + checkSecurityContextIsPresent(); + return optionalSecurityContext.get().getOptionalUserDatabaseName(); + } + + public String getAuthenticationToken() { + checkSecurityContextIsPresent(); + ObserveWebRequestSecurityContext securityContext = getSecurityContext(); + Preconditions.checkState(securityContext.getOptionalAuthenticationToken().isPresent()); + return securityContext.getOptionalAuthenticationToken().get(); + } +} diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContextConnected.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContextConnected.java deleted file mode 100644 index 1adb3de..0000000 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContextConnected.java +++ /dev/null @@ -1,63 +0,0 @@ -package fr.ird.observe.application.web.request; - -/* - * #%L - * Pollen :: Rest Api - * %% - * Copyright (C) 2009 - 2014 CodeLutin - * %% - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * #L% - */ - -import fr.ird.observe.application.web.ObserveWebApplicationContext; -import fr.ird.observe.services.ObserveService; -import fr.ird.observe.services.configuration.ObserveDataSourceConfiguration; - -/** - * Created on 4/25/14. - * - * @author Tony Chemit <chemit@codelutin.com> - * @since 2.0 - */ -public class ObserveWebRequestContextConnected extends ObserveWebRequestContextSupport { - - protected final ObserveDataSourceConfiguration dataSourceConfiguration; - - protected final String authenticationToken; - - public ObserveWebRequestContextConnected(ObserveWebApplicationContext webApplicationContext, - ObserveDataSourceConfiguration dataSourceConfiguration, - String authenticationToken) { - super(webApplicationContext, true); - this.dataSourceConfiguration = dataSourceConfiguration; - this.authenticationToken = authenticationToken; - } - - public String getAuthenticationToken() { - return authenticationToken; - } - - public ObserveDataSourceConfiguration getDataSourceConfiguration() { - return dataSourceConfiguration; - } - - public <S extends ObserveService> S newService(Class<S> serviceType) { - - S service = webApplicationContext.newService(dataSourceConfiguration, serviceType); - return service; - - } - -} diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContextNotConnected.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContextNotConnected.java deleted file mode 100644 index e34778f..0000000 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContextNotConnected.java +++ /dev/null @@ -1,72 +0,0 @@ -package fr.ird.observe.application.web.request; - -/* - * #%L - * Pollen :: Rest Api - * %% - * Copyright (C) 2009 - 2014 CodeLutin - * %% - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * #L% - */ - -import com.google.common.base.Optional; -import fr.ird.observe.application.web.ObserveWebApplicationContext; -import fr.ird.observe.services.ObserveService; -import fr.ird.observe.services.configuration.ObserveDataSourceConfiguration; - -/** - * Created on 4/25/14. - * - * @author Tony Chemit <chemit@codelutin.com> - * @since 2.0 - */ -public class ObserveWebRequestContextNotConnected extends ObserveWebRequestContextSupport { - - protected final String userLogin; - - protected final Optional<String> optionalDatabaseName; - - protected final ObserveDataSourceConfiguration dataSourceConfiguration; - - public ObserveWebRequestContextNotConnected(ObserveWebApplicationContext webApplicationContext, - ObserveDataSourceConfiguration dataSourceConfiguration, - String userLogin, - Optional<String> optionalDatabaseName) { - super(webApplicationContext, true); - this.dataSourceConfiguration = dataSourceConfiguration; - this.userLogin = userLogin; - this.optionalDatabaseName = optionalDatabaseName; - } - - public String getUserLogin() { - return userLogin; - } - - public Optional<String> getOptionalDatabaseName() { - return optionalDatabaseName; - } - - public ObserveDataSourceConfiguration getDataSourceConfiguration() { - return dataSourceConfiguration; - } - - public <S extends ObserveService> S newService(Class<S> serviceType) { - - S service = webApplicationContext.newService(dataSourceConfiguration, serviceType); - return service; - - } - -} diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContextSupport.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContextSupport.java deleted file mode 100644 index f402af9..0000000 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContextSupport.java +++ /dev/null @@ -1,68 +0,0 @@ -package fr.ird.observe.application.web.request; - -/* - * #%L - * Pollen :: Rest Api - * %% - * Copyright (C) 2009 - 2014 CodeLutin - * %% - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * #L% - */ - -import fr.ird.observe.application.web.ObserveWebApplicationContext; -import fr.ird.observe.services.ObserveService; -import org.debux.webmotion.server.call.HttpContext; - -/** - * Created on 4/25/14. - * - * @author Tony Chemit <chemit@codelutin.com> - * @since 2.0 - */ -public abstract class ObserveWebRequestContextSupport { - - protected static final String REQUEST_OBSERVE_WEB_REQUEST_CONTEXT = ObserveWebRequestContextSupport.class.getName(); - - public static ObserveWebRequestContextSupport getRequestContext(HttpContext httpContext) { - - ObserveWebRequestContextSupport result = (ObserveWebRequestContextSupport) - httpContext.getRequest().getAttribute(REQUEST_OBSERVE_WEB_REQUEST_CONTEXT); - return result; - } - - public static void setRequestContext(HttpContext httpContext, - ObserveWebRequestContextSupport serviceContext) { - httpContext.getRequest().setAttribute(REQUEST_OBSERVE_WEB_REQUEST_CONTEXT, serviceContext); - } - - protected final ObserveWebApplicationContext webApplicationContext; - protected final boolean canCreateService; - - public ObserveWebRequestContextSupport(ObserveWebApplicationContext webApplicationContext, boolean canCreateService) { - this.webApplicationContext = webApplicationContext; - this.canCreateService = canCreateService; - } - - public ObserveWebApplicationContext getWebApplicationContext() { - return webApplicationContext; - } - - public boolean isCanCreateService() { - return canCreateService; - } - - public abstract <S extends ObserveService> S newService(Class<S> serviceType); - -} diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContextWithNoDataSourceConfiguration.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContextWithNoDataSourceConfiguration.java deleted file mode 100644 index 6abfac1..0000000 --- a/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestContextWithNoDataSourceConfiguration.java +++ /dev/null @@ -1,47 +0,0 @@ -package fr.ird.observe.application.web.request; - -/* - * #%L - * Pollen :: Rest Api - * %% - * Copyright (C) 2009 - 2014 CodeLutin - * %% - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * #L% - */ - -import fr.ird.observe.application.web.ObserveWebApplicationContext; -import fr.ird.observe.services.ObserveService; -import org.apache.commons.lang3.NotImplementedException; - -/** - * Created on 4/25/14. - * - * @author Tony Chemit <chemit@codelutin.com> - * @since 2.0 - */ -public class ObserveWebRequestContextWithNoDataSourceConfiguration extends ObserveWebRequestContextSupport { - - public ObserveWebRequestContextWithNoDataSourceConfiguration(ObserveWebApplicationContext webApplicationContext) { - super(webApplicationContext, false); - - } - - public <S extends ObserveService> S newService(Class<S> serviceType) { - - throw new NotImplementedException("Not authorize to create observe services from this requestContext."); - - } - -} diff --git a/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestSecurityContext.java b/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestSecurityContext.java new file mode 100644 index 0000000..3e1348c --- /dev/null +++ b/observe-application-web/src/main/java/fr/ird/observe/application/web/request/ObserveWebRequestSecurityContext.java @@ -0,0 +1,62 @@ +package fr.ird.observe.application.web.request; + +import com.google.common.base.Optional; +import fr.ird.observe.services.configuration.ObserveDataSourceConfiguration; + +/** + * Created on 31/08/15. + * + * @author Tony Chemit - chemit@codelutin.com + */ +public class ObserveWebRequestSecurityContext { + + public static ObserveWebRequestSecurityContext create(ObserveDataSourceConfiguration dataSourceConfiguration, String userLogin,String userPassword, String userDatabaseName) { + return new ObserveWebRequestSecurityContext(dataSourceConfiguration, Optional.<String>absent(), Optional.fromNullable(userLogin), Optional.fromNullable(userPassword), Optional.fromNullable(userDatabaseName)); + } + + public static ObserveWebRequestSecurityContext createAuthenticated(ObserveDataSourceConfiguration dataSourceConfiguration, String authenticationToken) { + return new ObserveWebRequestSecurityContext(dataSourceConfiguration, Optional.of(authenticationToken), Optional.<String>absent(), Optional.<String>absent(), Optional.<String>absent()); + } + + protected final ObserveDataSourceConfiguration dataSourceConfiguration; + + protected final Optional<String> optionalAuthenticationToken; + + protected final Optional<String> optionalUserLogin; + + protected final Optional<String> optionalUserPassword; + + protected final Optional<String> optionalUserDatabaseName; + + public boolean isAuthenticated() { + return optionalAuthenticationToken.isPresent(); + } + + public ObserveDataSourceConfiguration getDataSourceConfiguration() { + return dataSourceConfiguration; + } + + public Optional<String> getOptionalAuthenticationToken() { + return optionalAuthenticationToken; + } + + public Optional<String> getOptionalUserLogin() { + return optionalUserLogin; + } + + public Optional<String> getOptionalUserPassword() { + return optionalUserPassword; + } + + public Optional<String> getOptionalUserDatabaseName() { + return optionalUserDatabaseName; + } + + protected ObserveWebRequestSecurityContext(ObserveDataSourceConfiguration dataSourceConfiguration, Optional<String> optionalAuthenticationToken, Optional<String> optionalUserLogin, Optional<String> optionalUserPassword, Optional<String> optionalUserDatabaseName) { + this.dataSourceConfiguration = dataSourceConfiguration; + this.optionalAuthenticationToken = optionalAuthenticationToken; + this.optionalUserLogin = optionalUserLogin; + this.optionalUserPassword = optionalUserPassword; + this.optionalUserDatabaseName = optionalUserDatabaseName; + } +} -- To stop receiving notification emails like this one, please contact codelutin.com SCM administrator <admin+scm@list.forge.codelutin.com>.