org.sfs.validate.ValidateActionAdminOrSystem.java Source code

Java tutorial

  1. HOME
  2. Java
  3. org.sfs.validate.ValidateActionAdminOrSystem.java

Introduction

Here is the source code for org.sfs.validate.ValidateActionAdminOrSystem.java

Source

/*
 * Copyright 2016 The Simple File Server Authors
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.sfs.validate;

import io.vertx.core.MultiMap;
import io.vertx.core.json.JsonObject;
import org.sfs.Server;
import org.sfs.SfsRequest;
import org.sfs.auth.AuthProviderService;
import org.sfs.util.HttpRequestValidationException;
import rx.Observable;
import rx.functions.Func1;

import java.util.Arrays;

import static com.google.common.io.BaseEncoding.base64;
import static java.net.HttpURLConnection.HTTP_FORBIDDEN;
import static org.sfs.util.SfsHttpHeaders.X_SFS_REMOTE_NODE_TOKEN;

public class ValidateActionAdminOrSystem implements Func1<Void, Observable<Void>> {

    private final SfsRequest sfsRequest;

    public ValidateActionAdminOrSystem(SfsRequest sfsRequest) {
        this.sfsRequest = sfsRequest;
    }

    @Override
    public Observable<Void> call(Void aVoid) {
        Server verticle = sfsRequest.vertxContext().verticle();
        AuthProviderService authProvider = verticle.authProviderService();
        return authProvider.canAdmin(sfsRequest).map(canDo -> {
            if (!canDo) {
                MultiMap headers = sfsRequest.headers();
                if (headers.contains(X_SFS_REMOTE_NODE_TOKEN)) {
                    byte[] actualToken = null;
                    try {
                        actualToken = base64().decode(headers.get(X_SFS_REMOTE_NODE_TOKEN));
                    } catch (Throwable ignore) {
                    }
                    byte[] expectedToken = verticle.getRemoteNodeSecret();
                    if (Arrays.equals(expectedToken, actualToken)) {
                        // autenticated
                        return null;
                    }
                }
                JsonObject jsonObject = new JsonObject().put("message", "Admin and System Action Forbidden");
                throw new HttpRequestValidationException(HTTP_FORBIDDEN, jsonObject);
            }
            return null;
        });
    }

}