List of usage examples for org.springframework.security.acls.model ObjectIdentity getIdentifier
Serializable getIdentifier();
From source file:com.cedac.security.acls.mongo.MongoAclService.java
protected final DBObject queryByObjectIdentity(ObjectIdentity oid) { return new BasicDBObject(qualifiedObjectIdClassFieldName, oid.getType()) .append(qualifiedObjectIdIdentityFieldName, oid.getIdentifier().toString()); }
From source file:com.cedac.security.acls.mongo.MongoAclService.java
protected final DBObject queryByParentIdentity(ObjectIdentity oid) { return new BasicDBObject(qualifiedParentObjectClassFieldName, oid.getType()) .append(qualifiedParentObjectIdentityFieldName, oid.getIdentifier().toString()); }
From source file:com.kylinolap.rest.service.AclService.java
@Override public Map<ObjectIdentity, Acl> readAclsById(List<ObjectIdentity> oids, List<Sid> sids) throws NotFoundException { Map<ObjectIdentity, Acl> aclMaps = new HashMap<ObjectIdentity, Acl>(); HTableInterface htable = null;// w w w. ja v a2 s.c o m Result result = null; try { htable = HBaseConnection.get(hbaseUrl).getTable(aclTableName); for (ObjectIdentity oid : oids) { result = htable.get(new Get(Bytes.toBytes(String.valueOf(oid.getIdentifier())))); if (null != result && !result.isEmpty()) { SidInfo owner = sidSerializer.deserialize(result.getValue(Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_OWNER_COLUMN))); Sid ownerSid = (null == owner) ? null : (owner.isPrincipal() ? new PrincipalSid(owner.getSid()) : new GrantedAuthoritySid(owner.getSid())); boolean entriesInheriting = Bytes.toBoolean(result.getValue(Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_ENTRY_INHERIT_COLUMN))); Acl parentAcl = null; DomainObjectInfo parentInfo = domainObjSerializer.deserialize(result.getValue( Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_PARENT_COLUMN))); if (null != parentInfo) { ObjectIdentity parentObj = new ObjectIdentityImpl(parentInfo.getType(), parentInfo.getId()); parentAcl = readAclById(parentObj, null); } AclImpl acl = new AclImpl(oid, oid.getIdentifier(), aclAuthorizationStrategy, permissionGrantingStrategy, parentAcl, null, entriesInheriting, ownerSid); genAces(sids, result, acl); aclMaps.put(oid, acl); } else { throw new NotFoundException("Unable to find ACL information for object identity '" + oid + "'"); } } } catch (IOException e) { logger.error(e.getLocalizedMessage(), e); } finally { IOUtils.closeQuietly(htable); } return aclMaps; }
From source file:com.kylinolap.rest.service.AclService.java
@Override public void deleteAcl(ObjectIdentity objectIdentity, boolean deleteChildren) throws ChildrenExistException { HTableInterface htable = null;/*from ww w . j av a2 s . c o m*/ try { htable = HBaseConnection.get(hbaseUrl).getTable(aclTableName); Delete delete = new Delete(Bytes.toBytes(String.valueOf(objectIdentity.getIdentifier()))); List<ObjectIdentity> children = findChildren(objectIdentity); if (!deleteChildren && children.size() > 0) { throw new ChildrenExistException("Children exists for " + objectIdentity); } for (ObjectIdentity oid : children) { deleteAcl(oid, deleteChildren); } htable.delete(delete); htable.flushCommits(); logger.debug("ACL of " + objectIdentity + " deleted successfully."); } catch (IOException e) { logger.error(e.getLocalizedMessage(), e); } finally { IOUtils.closeQuietly(htable); } }
From source file:org.bremersee.common.security.acls.jdbc.BasicLookupStrategy.java
/** * Looks up a batch of <code>ObjectIdentity</code>s directly from the database. * <p>/*www . j a v a 2s.c om*/ * The caller is responsible for optimization issues, such as selecting the identities * to lookup, ensuring the cache doesn't contain them already, and adding the returned * elements to the cache etc. * <p> * This subclass is required to return fully valid <code>Acl</code>s, including * properly-configured parent ACLs. * */ private Map<ObjectIdentity, Acl> lookupObjectIdentities(final Collection<ObjectIdentity> objectIdentities, List<Sid> sids) { Assert.notEmpty(objectIdentities, "Must provide identities to lookup"); final Map<Serializable, Acl> acls = new HashMap<>(); // contains // Acls // with // StubAclParents // Make the "acls" map contain all requested objectIdentities // (including markers to each parent in the hierarchy) String sql = computeRepeatingSql(lookupObjectIdentitiesWhereClause, objectIdentities.size()); Set<Long> parentsToLookup = jdbcTemplate.query(sql, new PreparedStatementSetter() { // NOSONAR @Override public void setValues(PreparedStatement ps) throws SQLException { int i = 0; for (ObjectIdentity oid : objectIdentities) { // Determine prepared statement values for this iteration String type = oid.getType(); // No need to check for nulls, as guaranteed non-null by // ObjectIdentity.getIdentifier() interface contract String identifier = oid.getIdentifier().toString(); // Changed by Christian Bremer (cbr) //long id = (Long.valueOf(identifier)).longValue(); // NOSONAR // Inject values //ps.setString((2 * i) + 1, id); // NOSONAR ps.setString((2 * i) + 1, identifier); ps.setString((2 * i) + 2, type); i++; } } }, new ProcessResultSet(acls, sids)); // Lookup the parents, now that our JdbcTemplate has released the database // connection (SEC-547) if (!parentsToLookup.isEmpty()) { lookupPrimaryKeys(acls, parentsToLookup, sids); } // Finally, convert our "acls" containing StubAclParents into true Acls Map<ObjectIdentity, Acl> resultMap = new HashMap<>(); for (Acl inputAcl : acls.values()) { Assert.isInstanceOf(AclImpl.class, inputAcl, "Map should have contained an AclImpl"); Assert.isInstanceOf(Long.class, ((AclImpl) inputAcl).getId(), "Acl.getId() must be Long"); Acl result = convert(acls, (Long) ((AclImpl) inputAcl).getId()); resultMap.put(result.getObjectIdentity(), result); } return resultMap; }
From source file:com.kylinolap.rest.service.AclService.java
@Override public MutableAcl createAcl(ObjectIdentity objectIdentity) throws AlreadyExistsException { Acl acl = null;// w w w . j av a2s . c om try { acl = readAclById(objectIdentity); } catch (NotFoundException e) { } if (null != acl) { throw new AlreadyExistsException("ACL of " + objectIdentity + " exists!"); } Authentication auth = SecurityContextHolder.getContext().getAuthentication(); PrincipalSid sid = new PrincipalSid(auth); HTableInterface htable = null; try { htable = HBaseConnection.get(hbaseUrl).getTable(aclTableName); Put put = new Put(Bytes.toBytes(String.valueOf(objectIdentity.getIdentifier()))); put.add(Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_TYPE_COLUMN), Bytes.toBytes(objectIdentity.getType())); put.add(Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_OWNER_COLUMN), sidSerializer.serialize(new SidInfo(sid))); put.add(Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_ENTRY_INHERIT_COLUMN), Bytes.toBytes(true)); htable.put(put); htable.flushCommits(); logger.debug("ACL of " + objectIdentity + " created successfully."); } catch (IOException e) { logger.error(e.getLocalizedMessage(), e); } finally { IOUtils.closeQuietly(htable); } return (MutableAcl) readAclById(objectIdentity); }
From source file:com.cedac.security.acls.mongo.MongoMutableAclService.java
@Override public MutableAcl createAcl(ObjectIdentity objectIdentity) throws AlreadyExistsException { Assert.notNull(objectIdentity, "Object Identity required"); LOG.trace(ACL, "Checking that object identity {} hasn't already been persisted", objectIdentity); DBObject result = getAclCollection().findOne(queryByObjectIdentity(objectIdentity)); if (result != null) { LOG.warn(ACL, "An ACL entry for object identity {} already exists.", objectIdentity); throw new AlreadyExistsException("Object identity '" + objectIdentity + "' already exists"); }/*from ww w. j a v a 2 s.c o m*/ LOG.trace(ACL, "Retrieving current principal in order to know who owns this ACL."); Authentication auth = SecurityContextHolder.getContext().getAuthentication(); PrincipalSid sid = new PrincipalSid(auth); LOG.debug(ACL, "Creating ACL entry."); DBObject ownerSid = new BasicDBObject(principalFieldName, true).append(sidFieldName, sid.getPrincipal()); DBObject objectId = new BasicDBObject(classFieldName, objectIdentity.getType()).append(identityFieldName, objectIdentity.getIdentifier()); DBObject acl = new BasicDBObject(ownerFieldName, ownerSid).append(objectIdFieldName, objectId) .append(entriesInheritingFieldName, true); getAclCollection().insert(acl, writeConcern); LOG.trace(ACL, "Retrieving back ACL using superclass."); return (MutableAcl) readAclById(objectIdentity); }
From source file:org.apache.kylin.rest.service.AclService.java
@Override public Map<ObjectIdentity, Acl> readAclsById(List<ObjectIdentity> oids, List<Sid> sids) throws NotFoundException { Map<ObjectIdentity, Acl> aclMaps = new HashMap<ObjectIdentity, Acl>(); HTableInterface htable = null;/*from w w w . j av a2 s . co m*/ Result result = null; try { htable = aclHBaseStorage.getTable(aclTableName); for (ObjectIdentity oid : oids) { result = htable.get(new Get(Bytes.toBytes(String.valueOf(oid.getIdentifier())))); if (null != result && !result.isEmpty()) { SidInfo owner = sidSerializer .deserialize(result.getValue(Bytes.toBytes(AclHBaseStorage.ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_OWNER_COLUMN))); Sid ownerSid = (null == owner) ? null : (owner.isPrincipal() ? new PrincipalSid(owner.getSid()) : new GrantedAuthoritySid(owner.getSid())); boolean entriesInheriting = Bytes .toBoolean(result.getValue(Bytes.toBytes(AclHBaseStorage.ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_ENTRY_INHERIT_COLUMN))); Acl parentAcl = null; DomainObjectInfo parentInfo = domainObjSerializer .deserialize(result.getValue(Bytes.toBytes(AclHBaseStorage.ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_PARENT_COLUMN))); if (null != parentInfo) { ObjectIdentity parentObj = new ObjectIdentityImpl(parentInfo.getType(), parentInfo.getId()); parentAcl = readAclById(parentObj, null); } AclImpl acl = new AclImpl(oid, oid.getIdentifier(), aclAuthorizationStrategy, permissionGrantingStrategy, parentAcl, null, entriesInheriting, ownerSid); genAces(sids, result, acl); aclMaps.put(oid, acl); } else { throw new NotFoundException("Unable to find ACL information for object identity '" + oid + "'"); } } } catch (IOException e) { throw new RuntimeException(e.getMessage(), e); } finally { IOUtils.closeQuietly(htable); } return aclMaps; }
From source file:org.apache.kylin.rest.service.AclService.java
@Override public MutableAcl createAcl(ObjectIdentity objectIdentity) throws AlreadyExistsException { Acl acl = null;/*from w w w .j a v a 2s.com*/ try { acl = readAclById(objectIdentity); } catch (NotFoundException e) { //do nothing? } if (null != acl) { throw new AlreadyExistsException("ACL of " + objectIdentity + " exists!"); } Authentication auth = SecurityContextHolder.getContext().getAuthentication(); PrincipalSid sid = new PrincipalSid(auth); HTableInterface htable = null; try { htable = aclHBaseStorage.getTable(aclTableName); Put put = new Put(Bytes.toBytes(String.valueOf(objectIdentity.getIdentifier()))); put.add(Bytes.toBytes(AclHBaseStorage.ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_TYPE_COLUMN), Bytes.toBytes(objectIdentity.getType())); put.add(Bytes.toBytes(AclHBaseStorage.ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_OWNER_COLUMN), sidSerializer.serialize(new SidInfo(sid))); put.add(Bytes.toBytes(AclHBaseStorage.ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_ENTRY_INHERIT_COLUMN), Bytes.toBytes(true)); htable.put(put); htable.flushCommits(); logger.debug("ACL of " + objectIdentity + " created successfully."); } catch (IOException e) { throw new RuntimeException(e.getMessage(), e); } finally { IOUtils.closeQuietly(htable); } return (MutableAcl) readAclById(objectIdentity); }
From source file:org.apache.kylin.rest.service.AclService.java
@Override public void deleteAcl(ObjectIdentity objectIdentity, boolean deleteChildren) throws ChildrenExistException { HTableInterface htable = null;/*from ww w .j a v a 2 s .co m*/ try { htable = aclHBaseStorage.getTable(aclTableName); Delete delete = new Delete(Bytes.toBytes(String.valueOf(objectIdentity.getIdentifier()))); List<ObjectIdentity> children = findChildren(objectIdentity); if (!deleteChildren && children.size() > 0) { throw new ChildrenExistException("Children exists for " + objectIdentity); } for (ObjectIdentity oid : children) { deleteAcl(oid, deleteChildren); } htable.delete(delete); htable.flushCommits(); logger.debug("ACL of " + objectIdentity + " deleted successfully."); } catch (IOException e) { throw new RuntimeException(e.getMessage(), e); } finally { IOUtils.closeQuietly(htable); } }