From 03633fb9025bc997a62654a221c5eb4ff585fce6 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sat, 28 Feb 2015 14:27:27 -0800 Subject: [PATCH] GUAC-1101: Move tracking of current user into RestrictedObject. --- .../auth/jdbc/base/DirectoryObject.java | 2 +- .../auth/jdbc/base/ModeledObject.java | 82 +++++++++++++++++++ .../auth/jdbc/base/RestrictedObject.java | 43 +--------- .../jdbc/connection/ConnectionDirectory.java | 34 ++------ .../ConnectionGroupDirectory.java | 34 ++------ .../connectiongroup/RootConnectionGroup.java | 26 ++---- .../jdbc/permission/ObjectPermissionSet.java | 19 ++--- .../jdbc/permission/SystemPermissionSet.java | 19 ++--- .../guacamole/auth/jdbc/user/UserContext.java | 23 ++---- .../auth/jdbc/user/UserDirectory.java | 33 ++------ 10 files changed, 140 insertions(+), 175 deletions(-) create mode 100644 extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/base/ModeledObject.java diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/base/DirectoryObject.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/base/DirectoryObject.java index 0f3e6d6a5..8568d8995 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/base/DirectoryObject.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/base/DirectoryObject.java @@ -34,7 +34,7 @@ import org.glyptodon.guacamole.net.auth.Identifiable; * The type of model object that corresponds to this object. */ public abstract class DirectoryObject - extends RestrictedObject implements Identifiable { + extends ModeledObject implements Identifiable { @Override public String getIdentifier() { diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/base/ModeledObject.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/base/ModeledObject.java new file mode 100644 index 000000000..276b0909e --- /dev/null +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/base/ModeledObject.java @@ -0,0 +1,82 @@ +/* + * Copyright (C) 2015 Glyptodon LLC + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +package org.glyptodon.guacamole.auth.jdbc.base; + +import org.glyptodon.guacamole.auth.jdbc.user.AuthenticatedUser; + +/** + * Common base class for objects have an underlying model. For the purposes of + * JDBC-driven authentication providers, all modeled objects are also + * restricted. + * + * @author Michael Jumper + * @param + * The type of model object which corresponds to this object. + */ +public abstract class ModeledObject extends RestrictedObject { + + /** + * The internal model object containing the values which represent this + * object in the database. + */ + private ModelType model; + + /** + * Initializes this object, associating it with the current authenticated + * user and populating it with data from the given model object + * + * @param currentUser + * The user that created or retrieved this object. + * + * @param model + * The backing model object. + */ + public void init(AuthenticatedUser currentUser, ModelType model) { + super.init(currentUser); + setModel(model); + } + + /** + * Returns the backing model object. Changes to the model object will + * affect this object, and changes to this object will affect the model + * object. + * + * @return + * The backing model object. + */ + public ModelType getModel() { + return model; + } + + /** + * Sets the backing model object. This will effectively replace all data + * contained within this object. + * + * @param model + * The backing model object. + */ + public void setModel(ModelType model) { + this.model = model; + } + +} diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/base/RestrictedObject.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/base/RestrictedObject.java index 0c506b6a0..d8828c43c 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/base/RestrictedObject.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/base/RestrictedObject.java @@ -26,13 +26,11 @@ import org.glyptodon.guacamole.auth.jdbc.user.AuthenticatedUser; /** * Common base class for objects that are associated with the users that - * query them, and have an underlying model. + * obtain them. * * @author Michael Jumper - * @param - * The type of model object which corresponds to this object. */ -public abstract class RestrictedObject { +public abstract class RestrictedObject { /** * The user this object belongs to. Access is based on his/her permission @@ -40,25 +38,15 @@ public abstract class RestrictedObject { */ private AuthenticatedUser currentUser; - /** - * The internal model object containing the values which represent this - * object in the database. - */ - private ModelType model; - /** * Initializes this object, associating it with the current authenticated * user and populating it with data from the given model object * * @param currentUser * The user that created or retrieved this object. - * - * @param model - * The backing model object. */ - public void init(AuthenticatedUser currentUser, ModelType model) { + public void init(AuthenticatedUser currentUser) { setCurrentUser(currentUser); - setModel(model); } /** @@ -85,27 +73,4 @@ public abstract class RestrictedObject { this.currentUser = currentUser; } - /** - * Returns the backing model object. Changes to the model object will - * affect this object, and changes to this object will affect the model - * object. - * - * @return - * The backing model object. - */ - public ModelType getModel() { - return model; - } - - /** - * Sets the backing model object. This will effectively replace all data - * contained within this object. - * - * @param model - * The backing model object. - */ - public void setModel(ModelType model) { - this.model = model; - } - -} \ No newline at end of file +} diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/connection/ConnectionDirectory.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/connection/ConnectionDirectory.java index f0d167c95..2afc98b28 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/connection/ConnectionDirectory.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/connection/ConnectionDirectory.java @@ -27,8 +27,8 @@ import com.google.inject.Inject; import java.util.Collection; import java.util.Collections; import java.util.Set; -import org.glyptodon.guacamole.auth.jdbc.user.AuthenticatedUser; import org.glyptodon.guacamole.GuacamoleException; +import org.glyptodon.guacamole.auth.jdbc.base.RestrictedObject; import org.glyptodon.guacamole.net.auth.Connection; import org.glyptodon.guacamole.net.auth.Directory; import org.mybatis.guice.transactional.Transactional; @@ -40,66 +40,50 @@ import org.mybatis.guice.transactional.Transactional; * @author James Muehlner * @author Michael Jumper */ -public class ConnectionDirectory implements Directory { +public class ConnectionDirectory extends RestrictedObject + implements Directory { - /** - * The user this connection directory belongs to. Access is based on - * his/her permission settings. - */ - private AuthenticatedUser currentUser; - /** * Service for managing connection objects. */ @Inject private ConnectionService connectionService; - /** - * Set the user for this directory. - * - * @param currentUser - * The user whose permissions define the visibility of connections in - * this directory. - */ - public void init(AuthenticatedUser currentUser) { - this.currentUser = currentUser; - } - @Override public Connection get(String identifier) throws GuacamoleException { - return connectionService.retrieveObject(currentUser, identifier); + return connectionService.retrieveObject(getCurrentUser(), identifier); } @Override @Transactional public Collection getAll(Collection identifiers) throws GuacamoleException { - Collection objects = connectionService.retrieveObjects(currentUser, identifiers); + Collection objects = connectionService.retrieveObjects(getCurrentUser(), identifiers); return Collections.unmodifiableCollection(objects); } @Override @Transactional public Set getIdentifiers() throws GuacamoleException { - return connectionService.getIdentifiers(currentUser); + return connectionService.getIdentifiers(getCurrentUser()); } @Override @Transactional public void add(Connection object) throws GuacamoleException { - connectionService.createObject(currentUser, object); + connectionService.createObject(getCurrentUser(), object); } @Override @Transactional public void update(Connection object) throws GuacamoleException { ModeledConnection connection = (ModeledConnection) object; - connectionService.updateObject(currentUser, connection); + connectionService.updateObject(getCurrentUser(), connection); } @Override @Transactional public void remove(String identifier) throws GuacamoleException { - connectionService.deleteObject(currentUser, identifier); + connectionService.deleteObject(getCurrentUser(), identifier); } } diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/connectiongroup/ConnectionGroupDirectory.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/connectiongroup/ConnectionGroupDirectory.java index e4ff0bbe9..6f76dd7c6 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/connectiongroup/ConnectionGroupDirectory.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/connectiongroup/ConnectionGroupDirectory.java @@ -27,8 +27,8 @@ import com.google.inject.Inject; import java.util.Collection; import java.util.Collections; import java.util.Set; -import org.glyptodon.guacamole.auth.jdbc.user.AuthenticatedUser; import org.glyptodon.guacamole.GuacamoleException; +import org.glyptodon.guacamole.auth.jdbc.base.RestrictedObject; import org.glyptodon.guacamole.net.auth.ConnectionGroup; import org.glyptodon.guacamole.net.auth.Directory; import org.mybatis.guice.transactional.Transactional; @@ -40,66 +40,50 @@ import org.mybatis.guice.transactional.Transactional; * @author James Muehlner * @author Michael Jumper */ -public class ConnectionGroupDirectory implements Directory { +public class ConnectionGroupDirectory extends RestrictedObject + implements Directory { - /** - * The user this connection group directory belongs to. Access is based on - * his/her permission settings. - */ - private AuthenticatedUser currentUser; - /** * Service for managing connection group objects. */ @Inject private ConnectionGroupService connectionGroupService; - /** - * Set the user for this directory. - * - * @param currentUser - * The user whose permissions define the visibility of connection - * groups in this directory. - */ - public void init(AuthenticatedUser currentUser) { - this.currentUser = currentUser; - } - @Override public ConnectionGroup get(String identifier) throws GuacamoleException { - return connectionGroupService.retrieveObject(currentUser, identifier); + return connectionGroupService.retrieveObject(getCurrentUser(), identifier); } @Override @Transactional public Collection getAll(Collection identifiers) throws GuacamoleException { - Collection objects = connectionGroupService.retrieveObjects(currentUser, identifiers); + Collection objects = connectionGroupService.retrieveObjects(getCurrentUser(), identifiers); return Collections.unmodifiableCollection(objects); } @Override @Transactional public Set getIdentifiers() throws GuacamoleException { - return connectionGroupService.getIdentifiers(currentUser); + return connectionGroupService.getIdentifiers(getCurrentUser()); } @Override @Transactional public void add(ConnectionGroup object) throws GuacamoleException { - connectionGroupService.createObject(currentUser, object); + connectionGroupService.createObject(getCurrentUser(), object); } @Override @Transactional public void update(ConnectionGroup object) throws GuacamoleException { ModeledConnectionGroup connectionGroup = (ModeledConnectionGroup) object; - connectionGroupService.updateObject(currentUser, connectionGroup); + connectionGroupService.updateObject(getCurrentUser(), connectionGroup); } @Override @Transactional public void remove(String identifier) throws GuacamoleException { - connectionGroupService.deleteObject(currentUser, identifier); + connectionGroupService.deleteObject(getCurrentUser(), identifier); } } diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/connectiongroup/RootConnectionGroup.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/connectiongroup/RootConnectionGroup.java index be0ed819e..93b61275b 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/connectiongroup/RootConnectionGroup.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/connectiongroup/RootConnectionGroup.java @@ -24,10 +24,10 @@ package org.glyptodon.guacamole.auth.jdbc.connectiongroup; import com.google.inject.Inject; import java.util.Set; -import org.glyptodon.guacamole.auth.jdbc.user.AuthenticatedUser; import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionService; import org.glyptodon.guacamole.GuacamoleException; import org.glyptodon.guacamole.GuacamoleSecurityException; +import org.glyptodon.guacamole.auth.jdbc.base.RestrictedObject; import org.glyptodon.guacamole.net.GuacamoleSocket; import org.glyptodon.guacamole.net.auth.ConnectionGroup; import org.glyptodon.guacamole.protocol.GuacamoleClientInformation; @@ -38,7 +38,8 @@ import org.glyptodon.guacamole.protocol.GuacamoleClientInformation; * * @author Michael Jumper */ -public class RootConnectionGroup implements ConnectionGroup { +public class RootConnectionGroup extends RestrictedObject + implements ConnectionGroup { /** * The identifier used to represent the root connection group. There is no @@ -54,12 +55,6 @@ public class RootConnectionGroup implements ConnectionGroup { */ public static final String NAME = "ROOT"; - /** - * The user this group belongs to. Access is based on his/her permission - * settings. - */ - private AuthenticatedUser currentUser; - /** * Service for managing connection objects. */ @@ -78,17 +73,6 @@ public class RootConnectionGroup implements ConnectionGroup { public RootConnectionGroup() { } - /** - * Initializes this root connection group, associating it with the current - * authenticated user. - * - * @param currentUser - * The user that created or retrieved this object. - */ - public void init(AuthenticatedUser currentUser) { - this.currentUser = currentUser; - } - @Override public String getName() { return NAME; @@ -121,13 +105,13 @@ public class RootConnectionGroup implements ConnectionGroup { @Override public Set getConnectionIdentifiers() throws GuacamoleException { - return connectionService.getIdentifiersWithin(currentUser, null); + return connectionService.getIdentifiersWithin(getCurrentUser(), null); } @Override public Set getConnectionGroupIdentifiers() throws GuacamoleException { - return connectionGroupService.getIdentifiersWithin(currentUser, null); + return connectionGroupService.getIdentifiersWithin(getCurrentUser(), null); } @Override diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/permission/ObjectPermissionSet.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/permission/ObjectPermissionSet.java index fc1a1ae2f..d5d52c246 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/permission/ObjectPermissionSet.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/permission/ObjectPermissionSet.java @@ -28,6 +28,7 @@ import java.util.Collections; import java.util.Set; import org.glyptodon.guacamole.auth.jdbc.user.AuthenticatedUser; import org.glyptodon.guacamole.GuacamoleException; +import org.glyptodon.guacamole.auth.jdbc.base.RestrictedObject; import org.glyptodon.guacamole.net.auth.permission.ObjectPermission; /** @@ -37,15 +38,9 @@ import org.glyptodon.guacamole.net.auth.permission.ObjectPermission; * * @author Michael Jumper */ -public abstract class ObjectPermissionSet +public abstract class ObjectPermissionSet extends RestrictedObject implements org.glyptodon.guacamole.net.auth.permission.ObjectPermissionSet { - /** - * The user that queried this permission set. Access is based on his/her - * permission settings. - */ - private AuthenticatedUser currentUser; - /** * The user associated with this permission set. Each of the permissions in * this permission set is granted to this user. @@ -72,7 +67,7 @@ public abstract class ObjectPermissionSet * The user to whom the permissions in this set are granted. */ public void init(AuthenticatedUser currentUser, ModeledUser user) { - this.currentUser = currentUser; + super.init(currentUser); this.user = user; } @@ -88,13 +83,13 @@ public abstract class ObjectPermissionSet @Override public Set getPermissions() throws GuacamoleException { - return getObjectPermissionService().retrievePermissions(currentUser, user); + return getObjectPermissionService().retrievePermissions(getCurrentUser(), user); } @Override public boolean hasPermission(ObjectPermission.Type permission, String identifier) throws GuacamoleException { - return getObjectPermissionService().retrievePermission(currentUser, user, permission, identifier) != null; + return getObjectPermissionService().retrievePermission(getCurrentUser(), user, permission, identifier) != null; } @Override @@ -118,13 +113,13 @@ public abstract class ObjectPermissionSet @Override public void addPermissions(Set permissions) throws GuacamoleException { - getObjectPermissionService().createPermissions(currentUser, user, permissions); + getObjectPermissionService().createPermissions(getCurrentUser(), user, permissions); } @Override public void removePermissions(Set permissions) throws GuacamoleException { - getObjectPermissionService().deletePermissions(currentUser, user, permissions); + getObjectPermissionService().deletePermissions(getCurrentUser(), user, permissions); } } diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/permission/SystemPermissionSet.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/permission/SystemPermissionSet.java index 55fa50077..485eaecfe 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/permission/SystemPermissionSet.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/permission/SystemPermissionSet.java @@ -28,6 +28,7 @@ import java.util.Collections; import java.util.Set; import org.glyptodon.guacamole.auth.jdbc.user.AuthenticatedUser; import org.glyptodon.guacamole.GuacamoleException; +import org.glyptodon.guacamole.auth.jdbc.base.RestrictedObject; import org.glyptodon.guacamole.net.auth.permission.SystemPermission; /** @@ -37,15 +38,9 @@ import org.glyptodon.guacamole.net.auth.permission.SystemPermission; * * @author Michael Jumper */ -public class SystemPermissionSet +public class SystemPermissionSet extends RestrictedObject implements org.glyptodon.guacamole.net.auth.permission.SystemPermissionSet { - /** - * The user that queried this permission set. Access is based on his/her - * permission settings. - */ - private AuthenticatedUser currentUser; - /** * The user associated with this permission set. Each of the permissions in * this permission set is granted to this user. @@ -78,19 +73,19 @@ public class SystemPermissionSet * The user to whom the permissions in this set are granted. */ public void init(AuthenticatedUser currentUser, ModeledUser user) { - this.currentUser = currentUser; + super.init(currentUser); this.user = user; } @Override public Set getPermissions() throws GuacamoleException { - return systemPermissionService.retrievePermissions(currentUser, user); + return systemPermissionService.retrievePermissions(getCurrentUser(), user); } @Override public boolean hasPermission(SystemPermission.Type permission) throws GuacamoleException { - return systemPermissionService.retrievePermission(currentUser, user, permission) != null; + return systemPermissionService.retrievePermission(getCurrentUser(), user, permission) != null; } @Override @@ -108,13 +103,13 @@ public class SystemPermissionSet @Override public void addPermissions(Set permissions) throws GuacamoleException { - systemPermissionService.createPermissions(currentUser, user, permissions); + systemPermissionService.createPermissions(getCurrentUser(), user, permissions); } @Override public void removePermissions(Set permissions) throws GuacamoleException { - systemPermissionService.deletePermissions(currentUser, user, permissions); + systemPermissionService.deletePermissions(getCurrentUser(), user, permissions); } } diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/user/UserContext.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/user/UserContext.java index 84e14a157..fac5b9af9 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/user/UserContext.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/user/UserContext.java @@ -29,6 +29,7 @@ import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionDirectory; import com.google.inject.Inject; import com.google.inject.Provider; import org.glyptodon.guacamole.GuacamoleException; +import org.glyptodon.guacamole.auth.jdbc.base.RestrictedObject; import org.glyptodon.guacamole.net.auth.Connection; import org.glyptodon.guacamole.net.auth.ConnectionGroup; import org.glyptodon.guacamole.net.auth.Directory; @@ -41,14 +42,9 @@ import org.glyptodon.guacamole.net.auth.User; * @author James Muehlner * @author Michael Jumper */ -public class UserContext +public class UserContext extends RestrictedObject implements org.glyptodon.guacamole.net.auth.UserContext { - /** - * The the user owning this context. - */ - private AuthenticatedUser currentUser; - /** * User directory restricted by the permissions of the user associated * with this context. @@ -76,16 +72,11 @@ public class UserContext @Inject private Provider rootGroupProvider; - /** - * Initializes the user and directories associated with this context. - * - * @param currentUser - * The user owning this context. - */ + @Override public void init(AuthenticatedUser currentUser) { - this.currentUser = currentUser; - + super.init(currentUser); + // Init directories userDirectory.init(currentUser); connectionDirectory.init(currentUser); @@ -95,7 +86,7 @@ public class UserContext @Override public User self() { - return currentUser.getUser(); + return getCurrentUser().getUser(); } @Override @@ -118,7 +109,7 @@ public class UserContext // Build and return a root group for the current user RootConnectionGroup rootGroup = rootGroupProvider.get(); - rootGroup.init(currentUser); + rootGroup.init(getCurrentUser()); return rootGroup; } diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/user/UserDirectory.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/user/UserDirectory.java index 0693a9737..826957b89 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/user/UserDirectory.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/user/UserDirectory.java @@ -28,6 +28,7 @@ import java.util.Collection; import java.util.Collections; import java.util.Set; import org.glyptodon.guacamole.GuacamoleException; +import org.glyptodon.guacamole.auth.jdbc.base.RestrictedObject; import org.glyptodon.guacamole.net.auth.Directory; import org.glyptodon.guacamole.net.auth.User; import org.mybatis.guice.transactional.Transactional; @@ -39,66 +40,50 @@ import org.mybatis.guice.transactional.Transactional; * @author James Muehlner * @author Michael Jumper */ -public class UserDirectory implements Directory { +public class UserDirectory extends RestrictedObject + implements Directory { - /** - * The user this user directory belongs to. Access is based on his/her - * permission settings. - */ - private AuthenticatedUser currentUser; - /** * Service for managing user objects. */ @Inject private UserService userService; - /** - * Set the user for this directory. - * - * @param currentUser - * The user whose permissions define the visibility of other users in - * this directory. - */ - public void init(AuthenticatedUser currentUser) { - this.currentUser = currentUser; - } - @Override public User get(String identifier) throws GuacamoleException { - return userService.retrieveObject(currentUser, identifier); + return userService.retrieveObject(getCurrentUser(), identifier); } @Override @Transactional public Collection getAll(Collection identifiers) throws GuacamoleException { - Collection objects = userService.retrieveObjects(currentUser, identifiers); + Collection objects = userService.retrieveObjects(getCurrentUser(), identifiers); return Collections.unmodifiableCollection(objects); } @Override @Transactional public Set getIdentifiers() throws GuacamoleException { - return userService.getIdentifiers(currentUser); + return userService.getIdentifiers(getCurrentUser()); } @Override @Transactional public void add(User object) throws GuacamoleException { - userService.createObject(currentUser, object); + userService.createObject(getCurrentUser(), object); } @Override @Transactional public void update(User object) throws GuacamoleException { ModeledUser user = (ModeledUser) object; - userService.updateObject(currentUser, user); + userService.updateObject(getCurrentUser(), user); } @Override @Transactional public void remove(String identifier) throws GuacamoleException { - userService.deleteObject(currentUser, identifier); + userService.deleteObject(getCurrentUser(), identifier); } }