mirror of
https://github.com/gyurix1968/guacamole-client.git
synced 2025-09-06 13:17:41 +00:00
GUAC-1101: Move tracking of current user into RestrictedObject.
This commit is contained in:
Michael Jumper
@@ -34,7 +34,7 @@ import org.glyptodon.guacamole.net.auth.Identifiable;
|
||||
* The type of model object that corresponds to this object.
|
||||
*/
|
||||
public abstract class DirectoryObject<ModelType extends ObjectModel>
|
||||
extends RestrictedObject<ModelType> implements Identifiable {
|
||||
extends ModeledObject<ModelType> implements Identifiable {
|
||||
|
||||
@Override
|
||||
public String getIdentifier() {
|
||||
|
||||
@@ -0,0 +1,82 @@
|
||||
/*
|
||||
* Copyright (C) 2015 Glyptodon LLC
|
||||
*
|
||||
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*/
|
||||
|
||||
package org.glyptodon.guacamole.auth.jdbc.base;
|
||||
|
||||
import org.glyptodon.guacamole.auth.jdbc.user.AuthenticatedUser;
|
||||
|
||||
/**
|
||||
* Common base class for objects have an underlying model. For the purposes of
|
||||
* JDBC-driven authentication providers, all modeled objects are also
|
||||
* restricted.
|
||||
*
|
||||
* @author Michael Jumper
|
||||
* @param <ModelType>
|
||||
* The type of model object which corresponds to this object.
|
||||
*/
|
||||
public abstract class ModeledObject<ModelType> extends RestrictedObject {
|
||||
|
||||
/**
|
||||
* The internal model object containing the values which represent this
|
||||
* object in the database.
|
||||
*/
|
||||
private ModelType model;
|
||||
|
||||
/**
|
||||
* Initializes this object, associating it with the current authenticated
|
||||
* user and populating it with data from the given model object
|
||||
*
|
||||
* @param currentUser
|
||||
* The user that created or retrieved this object.
|
||||
*
|
||||
* @param model
|
||||
* The backing model object.
|
||||
*/
|
||||
public void init(AuthenticatedUser currentUser, ModelType model) {
|
||||
super.init(currentUser);
|
||||
setModel(model);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the backing model object. Changes to the model object will
|
||||
* affect this object, and changes to this object will affect the model
|
||||
* object.
|
||||
*
|
||||
* @return
|
||||
* The backing model object.
|
||||
*/
|
||||
public ModelType getModel() {
|
||||
return model;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the backing model object. This will effectively replace all data
|
||||
* contained within this object.
|
||||
*
|
||||
* @param model
|
||||
* The backing model object.
|
||||
*/
|
||||
public void setModel(ModelType model) {
|
||||
this.model = model;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -26,13 +26,11 @@ import org.glyptodon.guacamole.auth.jdbc.user.AuthenticatedUser;
|
||||
|
||||
/**
|
||||
* Common base class for objects that are associated with the users that
|
||||
* query them, and have an underlying model.
|
||||
* obtain them.
|
||||
*
|
||||
* @author Michael Jumper
|
||||
* @param <ModelType>
|
||||
* The type of model object which corresponds to this object.
|
||||
*/
|
||||
public abstract class RestrictedObject<ModelType> {
|
||||
public abstract class RestrictedObject {
|
||||
|
||||
/**
|
||||
* The user this object belongs to. Access is based on his/her permission
|
||||
@@ -40,25 +38,15 @@ public abstract class RestrictedObject<ModelType> {
|
||||
*/
|
||||
private AuthenticatedUser currentUser;
|
||||
|
||||
/**
|
||||
* The internal model object containing the values which represent this
|
||||
* object in the database.
|
||||
*/
|
||||
private ModelType model;
|
||||
|
||||
/**
|
||||
* Initializes this object, associating it with the current authenticated
|
||||
* user and populating it with data from the given model object
|
||||
*
|
||||
* @param currentUser
|
||||
* The user that created or retrieved this object.
|
||||
*
|
||||
* @param model
|
||||
* The backing model object.
|
||||
*/
|
||||
public void init(AuthenticatedUser currentUser, ModelType model) {
|
||||
public void init(AuthenticatedUser currentUser) {
|
||||
setCurrentUser(currentUser);
|
||||
setModel(model);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -85,27 +73,4 @@ public abstract class RestrictedObject<ModelType> {
|
||||
this.currentUser = currentUser;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the backing model object. Changes to the model object will
|
||||
* affect this object, and changes to this object will affect the model
|
||||
* object.
|
||||
*
|
||||
* @return
|
||||
* The backing model object.
|
||||
*/
|
||||
public ModelType getModel() {
|
||||
return model;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the backing model object. This will effectively replace all data
|
||||
* contained within this object.
|
||||
*
|
||||
* @param model
|
||||
* The backing model object.
|
||||
*/
|
||||
public void setModel(ModelType model) {
|
||||
this.model = model;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -27,8 +27,8 @@ import com.google.inject.Inject;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.Set;
|
||||
import org.glyptodon.guacamole.auth.jdbc.user.AuthenticatedUser;
|
||||
import org.glyptodon.guacamole.GuacamoleException;
|
||||
import org.glyptodon.guacamole.auth.jdbc.base.RestrictedObject;
|
||||
import org.glyptodon.guacamole.net.auth.Connection;
|
||||
import org.glyptodon.guacamole.net.auth.Directory;
|
||||
import org.mybatis.guice.transactional.Transactional;
|
||||
@@ -40,13 +40,8 @@ import org.mybatis.guice.transactional.Transactional;
|
||||
* @author James Muehlner
|
||||
* @author Michael Jumper
|
||||
*/
|
||||
public class ConnectionDirectory implements Directory<Connection> {
|
||||
|
||||
/**
|
||||
* The user this connection directory belongs to. Access is based on
|
||||
* his/her permission settings.
|
||||
*/
|
||||
private AuthenticatedUser currentUser;
|
||||
public class ConnectionDirectory extends RestrictedObject
|
||||
implements Directory<Connection> {
|
||||
|
||||
/**
|
||||
* Service for managing connection objects.
|
||||
@@ -54,52 +49,41 @@ public class ConnectionDirectory implements Directory<Connection> {
|
||||
@Inject
|
||||
private ConnectionService connectionService;
|
||||
|
||||
/**
|
||||
* Set the user for this directory.
|
||||
*
|
||||
* @param currentUser
|
||||
* The user whose permissions define the visibility of connections in
|
||||
* this directory.
|
||||
*/
|
||||
public void init(AuthenticatedUser currentUser) {
|
||||
this.currentUser = currentUser;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Connection get(String identifier) throws GuacamoleException {
|
||||
return connectionService.retrieveObject(currentUser, identifier);
|
||||
return connectionService.retrieveObject(getCurrentUser(), identifier);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public Collection<Connection> getAll(Collection<String> identifiers) throws GuacamoleException {
|
||||
Collection<ModeledConnection> objects = connectionService.retrieveObjects(currentUser, identifiers);
|
||||
Collection<ModeledConnection> objects = connectionService.retrieveObjects(getCurrentUser(), identifiers);
|
||||
return Collections.<Connection>unmodifiableCollection(objects);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public Set<String> getIdentifiers() throws GuacamoleException {
|
||||
return connectionService.getIdentifiers(currentUser);
|
||||
return connectionService.getIdentifiers(getCurrentUser());
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public void add(Connection object) throws GuacamoleException {
|
||||
connectionService.createObject(currentUser, object);
|
||||
connectionService.createObject(getCurrentUser(), object);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public void update(Connection object) throws GuacamoleException {
|
||||
ModeledConnection connection = (ModeledConnection) object;
|
||||
connectionService.updateObject(currentUser, connection);
|
||||
connectionService.updateObject(getCurrentUser(), connection);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public void remove(String identifier) throws GuacamoleException {
|
||||
connectionService.deleteObject(currentUser, identifier);
|
||||
connectionService.deleteObject(getCurrentUser(), identifier);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -27,8 +27,8 @@ import com.google.inject.Inject;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.Set;
|
||||
import org.glyptodon.guacamole.auth.jdbc.user.AuthenticatedUser;
|
||||
import org.glyptodon.guacamole.GuacamoleException;
|
||||
import org.glyptodon.guacamole.auth.jdbc.base.RestrictedObject;
|
||||
import org.glyptodon.guacamole.net.auth.ConnectionGroup;
|
||||
import org.glyptodon.guacamole.net.auth.Directory;
|
||||
import org.mybatis.guice.transactional.Transactional;
|
||||
@@ -40,13 +40,8 @@ import org.mybatis.guice.transactional.Transactional;
|
||||
* @author James Muehlner
|
||||
* @author Michael Jumper
|
||||
*/
|
||||
public class ConnectionGroupDirectory implements Directory<ConnectionGroup> {
|
||||
|
||||
/**
|
||||
* The user this connection group directory belongs to. Access is based on
|
||||
* his/her permission settings.
|
||||
*/
|
||||
private AuthenticatedUser currentUser;
|
||||
public class ConnectionGroupDirectory extends RestrictedObject
|
||||
implements Directory<ConnectionGroup> {
|
||||
|
||||
/**
|
||||
* Service for managing connection group objects.
|
||||
@@ -54,52 +49,41 @@ public class ConnectionGroupDirectory implements Directory<ConnectionGroup> {
|
||||
@Inject
|
||||
private ConnectionGroupService connectionGroupService;
|
||||
|
||||
/**
|
||||
* Set the user for this directory.
|
||||
*
|
||||
* @param currentUser
|
||||
* The user whose permissions define the visibility of connection
|
||||
* groups in this directory.
|
||||
*/
|
||||
public void init(AuthenticatedUser currentUser) {
|
||||
this.currentUser = currentUser;
|
||||
}
|
||||
|
||||
@Override
|
||||
public ConnectionGroup get(String identifier) throws GuacamoleException {
|
||||
return connectionGroupService.retrieveObject(currentUser, identifier);
|
||||
return connectionGroupService.retrieveObject(getCurrentUser(), identifier);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public Collection<ConnectionGroup> getAll(Collection<String> identifiers) throws GuacamoleException {
|
||||
Collection<ModeledConnectionGroup> objects = connectionGroupService.retrieveObjects(currentUser, identifiers);
|
||||
Collection<ModeledConnectionGroup> objects = connectionGroupService.retrieveObjects(getCurrentUser(), identifiers);
|
||||
return Collections.<ConnectionGroup>unmodifiableCollection(objects);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public Set<String> getIdentifiers() throws GuacamoleException {
|
||||
return connectionGroupService.getIdentifiers(currentUser);
|
||||
return connectionGroupService.getIdentifiers(getCurrentUser());
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public void add(ConnectionGroup object) throws GuacamoleException {
|
||||
connectionGroupService.createObject(currentUser, object);
|
||||
connectionGroupService.createObject(getCurrentUser(), object);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public void update(ConnectionGroup object) throws GuacamoleException {
|
||||
ModeledConnectionGroup connectionGroup = (ModeledConnectionGroup) object;
|
||||
connectionGroupService.updateObject(currentUser, connectionGroup);
|
||||
connectionGroupService.updateObject(getCurrentUser(), connectionGroup);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public void remove(String identifier) throws GuacamoleException {
|
||||
connectionGroupService.deleteObject(currentUser, identifier);
|
||||
connectionGroupService.deleteObject(getCurrentUser(), identifier);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -24,10 +24,10 @@ package org.glyptodon.guacamole.auth.jdbc.connectiongroup;
|
||||
|
||||
import com.google.inject.Inject;
|
||||
import java.util.Set;
|
||||
import org.glyptodon.guacamole.auth.jdbc.user.AuthenticatedUser;
|
||||
import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionService;
|
||||
import org.glyptodon.guacamole.GuacamoleException;
|
||||
import org.glyptodon.guacamole.GuacamoleSecurityException;
|
||||
import org.glyptodon.guacamole.auth.jdbc.base.RestrictedObject;
|
||||
import org.glyptodon.guacamole.net.GuacamoleSocket;
|
||||
import org.glyptodon.guacamole.net.auth.ConnectionGroup;
|
||||
import org.glyptodon.guacamole.protocol.GuacamoleClientInformation;
|
||||
@@ -38,7 +38,8 @@ import org.glyptodon.guacamole.protocol.GuacamoleClientInformation;
|
||||
*
|
||||
* @author Michael Jumper
|
||||
*/
|
||||
public class RootConnectionGroup implements ConnectionGroup {
|
||||
public class RootConnectionGroup extends RestrictedObject
|
||||
implements ConnectionGroup {
|
||||
|
||||
/**
|
||||
* The identifier used to represent the root connection group. There is no
|
||||
@@ -54,12 +55,6 @@ public class RootConnectionGroup implements ConnectionGroup {
|
||||
*/
|
||||
public static final String NAME = "ROOT";
|
||||
|
||||
/**
|
||||
* The user this group belongs to. Access is based on his/her permission
|
||||
* settings.
|
||||
*/
|
||||
private AuthenticatedUser currentUser;
|
||||
|
||||
/**
|
||||
* Service for managing connection objects.
|
||||
*/
|
||||
@@ -78,17 +73,6 @@ public class RootConnectionGroup implements ConnectionGroup {
|
||||
public RootConnectionGroup() {
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializes this root connection group, associating it with the current
|
||||
* authenticated user.
|
||||
*
|
||||
* @param currentUser
|
||||
* The user that created or retrieved this object.
|
||||
*/
|
||||
public void init(AuthenticatedUser currentUser) {
|
||||
this.currentUser = currentUser;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return NAME;
|
||||
@@ -121,13 +105,13 @@ public class RootConnectionGroup implements ConnectionGroup {
|
||||
|
||||
@Override
|
||||
public Set<String> getConnectionIdentifiers() throws GuacamoleException {
|
||||
return connectionService.getIdentifiersWithin(currentUser, null);
|
||||
return connectionService.getIdentifiersWithin(getCurrentUser(), null);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<String> getConnectionGroupIdentifiers()
|
||||
throws GuacamoleException {
|
||||
return connectionGroupService.getIdentifiersWithin(currentUser, null);
|
||||
return connectionGroupService.getIdentifiersWithin(getCurrentUser(), null);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -28,6 +28,7 @@ import java.util.Collections;
|
||||
import java.util.Set;
|
||||
import org.glyptodon.guacamole.auth.jdbc.user.AuthenticatedUser;
|
||||
import org.glyptodon.guacamole.GuacamoleException;
|
||||
import org.glyptodon.guacamole.auth.jdbc.base.RestrictedObject;
|
||||
import org.glyptodon.guacamole.net.auth.permission.ObjectPermission;
|
||||
|
||||
/**
|
||||
@@ -37,15 +38,9 @@ import org.glyptodon.guacamole.net.auth.permission.ObjectPermission;
|
||||
*
|
||||
* @author Michael Jumper
|
||||
*/
|
||||
public abstract class ObjectPermissionSet
|
||||
public abstract class ObjectPermissionSet extends RestrictedObject
|
||||
implements org.glyptodon.guacamole.net.auth.permission.ObjectPermissionSet {
|
||||
|
||||
/**
|
||||
* The user that queried this permission set. Access is based on his/her
|
||||
* permission settings.
|
||||
*/
|
||||
private AuthenticatedUser currentUser;
|
||||
|
||||
/**
|
||||
* The user associated with this permission set. Each of the permissions in
|
||||
* this permission set is granted to this user.
|
||||
@@ -72,7 +67,7 @@ public abstract class ObjectPermissionSet
|
||||
* The user to whom the permissions in this set are granted.
|
||||
*/
|
||||
public void init(AuthenticatedUser currentUser, ModeledUser user) {
|
||||
this.currentUser = currentUser;
|
||||
super.init(currentUser);
|
||||
this.user = user;
|
||||
}
|
||||
|
||||
@@ -88,13 +83,13 @@ public abstract class ObjectPermissionSet
|
||||
|
||||
@Override
|
||||
public Set<ObjectPermission> getPermissions() throws GuacamoleException {
|
||||
return getObjectPermissionService().retrievePermissions(currentUser, user);
|
||||
return getObjectPermissionService().retrievePermissions(getCurrentUser(), user);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean hasPermission(ObjectPermission.Type permission,
|
||||
String identifier) throws GuacamoleException {
|
||||
return getObjectPermissionService().retrievePermission(currentUser, user, permission, identifier) != null;
|
||||
return getObjectPermissionService().retrievePermission(getCurrentUser(), user, permission, identifier) != null;
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -118,13 +113,13 @@ public abstract class ObjectPermissionSet
|
||||
@Override
|
||||
public void addPermissions(Set<ObjectPermission> permissions)
|
||||
throws GuacamoleException {
|
||||
getObjectPermissionService().createPermissions(currentUser, user, permissions);
|
||||
getObjectPermissionService().createPermissions(getCurrentUser(), user, permissions);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void removePermissions(Set<ObjectPermission> permissions)
|
||||
throws GuacamoleException {
|
||||
getObjectPermissionService().deletePermissions(currentUser, user, permissions);
|
||||
getObjectPermissionService().deletePermissions(getCurrentUser(), user, permissions);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -28,6 +28,7 @@ import java.util.Collections;
|
||||
import java.util.Set;
|
||||
import org.glyptodon.guacamole.auth.jdbc.user.AuthenticatedUser;
|
||||
import org.glyptodon.guacamole.GuacamoleException;
|
||||
import org.glyptodon.guacamole.auth.jdbc.base.RestrictedObject;
|
||||
import org.glyptodon.guacamole.net.auth.permission.SystemPermission;
|
||||
|
||||
/**
|
||||
@@ -37,15 +38,9 @@ import org.glyptodon.guacamole.net.auth.permission.SystemPermission;
|
||||
*
|
||||
* @author Michael Jumper
|
||||
*/
|
||||
public class SystemPermissionSet
|
||||
public class SystemPermissionSet extends RestrictedObject
|
||||
implements org.glyptodon.guacamole.net.auth.permission.SystemPermissionSet {
|
||||
|
||||
/**
|
||||
* The user that queried this permission set. Access is based on his/her
|
||||
* permission settings.
|
||||
*/
|
||||
private AuthenticatedUser currentUser;
|
||||
|
||||
/**
|
||||
* The user associated with this permission set. Each of the permissions in
|
||||
* this permission set is granted to this user.
|
||||
@@ -78,19 +73,19 @@ public class SystemPermissionSet
|
||||
* The user to whom the permissions in this set are granted.
|
||||
*/
|
||||
public void init(AuthenticatedUser currentUser, ModeledUser user) {
|
||||
this.currentUser = currentUser;
|
||||
super.init(currentUser);
|
||||
this.user = user;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<SystemPermission> getPermissions() throws GuacamoleException {
|
||||
return systemPermissionService.retrievePermissions(currentUser, user);
|
||||
return systemPermissionService.retrievePermissions(getCurrentUser(), user);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean hasPermission(SystemPermission.Type permission)
|
||||
throws GuacamoleException {
|
||||
return systemPermissionService.retrievePermission(currentUser, user, permission) != null;
|
||||
return systemPermissionService.retrievePermission(getCurrentUser(), user, permission) != null;
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -108,13 +103,13 @@ public class SystemPermissionSet
|
||||
@Override
|
||||
public void addPermissions(Set<SystemPermission> permissions)
|
||||
throws GuacamoleException {
|
||||
systemPermissionService.createPermissions(currentUser, user, permissions);
|
||||
systemPermissionService.createPermissions(getCurrentUser(), user, permissions);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void removePermissions(Set<SystemPermission> permissions)
|
||||
throws GuacamoleException {
|
||||
systemPermissionService.deletePermissions(currentUser, user, permissions);
|
||||
systemPermissionService.deletePermissions(getCurrentUser(), user, permissions);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -29,6 +29,7 @@ import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionDirectory;
|
||||
import com.google.inject.Inject;
|
||||
import com.google.inject.Provider;
|
||||
import org.glyptodon.guacamole.GuacamoleException;
|
||||
import org.glyptodon.guacamole.auth.jdbc.base.RestrictedObject;
|
||||
import org.glyptodon.guacamole.net.auth.Connection;
|
||||
import org.glyptodon.guacamole.net.auth.ConnectionGroup;
|
||||
import org.glyptodon.guacamole.net.auth.Directory;
|
||||
@@ -41,14 +42,9 @@ import org.glyptodon.guacamole.net.auth.User;
|
||||
* @author James Muehlner
|
||||
* @author Michael Jumper
|
||||
*/
|
||||
public class UserContext
|
||||
public class UserContext extends RestrictedObject
|
||||
implements org.glyptodon.guacamole.net.auth.UserContext {
|
||||
|
||||
/**
|
||||
* The the user owning this context.
|
||||
*/
|
||||
private AuthenticatedUser currentUser;
|
||||
|
||||
/**
|
||||
* User directory restricted by the permissions of the user associated
|
||||
* with this context.
|
||||
@@ -76,15 +72,10 @@ public class UserContext
|
||||
@Inject
|
||||
private Provider<RootConnectionGroup> rootGroupProvider;
|
||||
|
||||
/**
|
||||
* Initializes the user and directories associated with this context.
|
||||
*
|
||||
* @param currentUser
|
||||
* The user owning this context.
|
||||
*/
|
||||
@Override
|
||||
public void init(AuthenticatedUser currentUser) {
|
||||
|
||||
this.currentUser = currentUser;
|
||||
super.init(currentUser);
|
||||
|
||||
// Init directories
|
||||
userDirectory.init(currentUser);
|
||||
@@ -95,7 +86,7 @@ public class UserContext
|
||||
|
||||
@Override
|
||||
public User self() {
|
||||
return currentUser.getUser();
|
||||
return getCurrentUser().getUser();
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -118,7 +109,7 @@ public class UserContext
|
||||
|
||||
// Build and return a root group for the current user
|
||||
RootConnectionGroup rootGroup = rootGroupProvider.get();
|
||||
rootGroup.init(currentUser);
|
||||
rootGroup.init(getCurrentUser());
|
||||
return rootGroup;
|
||||
|
||||
}
|
||||
|
||||
@@ -28,6 +28,7 @@ import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.Set;
|
||||
import org.glyptodon.guacamole.GuacamoleException;
|
||||
import org.glyptodon.guacamole.auth.jdbc.base.RestrictedObject;
|
||||
import org.glyptodon.guacamole.net.auth.Directory;
|
||||
import org.glyptodon.guacamole.net.auth.User;
|
||||
import org.mybatis.guice.transactional.Transactional;
|
||||
@@ -39,13 +40,8 @@ import org.mybatis.guice.transactional.Transactional;
|
||||
* @author James Muehlner
|
||||
* @author Michael Jumper
|
||||
*/
|
||||
public class UserDirectory implements Directory<User> {
|
||||
|
||||
/**
|
||||
* The user this user directory belongs to. Access is based on his/her
|
||||
* permission settings.
|
||||
*/
|
||||
private AuthenticatedUser currentUser;
|
||||
public class UserDirectory extends RestrictedObject
|
||||
implements Directory<User> {
|
||||
|
||||
/**
|
||||
* Service for managing user objects.
|
||||
@@ -53,52 +49,41 @@ public class UserDirectory implements Directory<User> {
|
||||
@Inject
|
||||
private UserService userService;
|
||||
|
||||
/**
|
||||
* Set the user for this directory.
|
||||
*
|
||||
* @param currentUser
|
||||
* The user whose permissions define the visibility of other users in
|
||||
* this directory.
|
||||
*/
|
||||
public void init(AuthenticatedUser currentUser) {
|
||||
this.currentUser = currentUser;
|
||||
}
|
||||
|
||||
@Override
|
||||
public User get(String identifier) throws GuacamoleException {
|
||||
return userService.retrieveObject(currentUser, identifier);
|
||||
return userService.retrieveObject(getCurrentUser(), identifier);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public Collection<User> getAll(Collection<String> identifiers) throws GuacamoleException {
|
||||
Collection<ModeledUser> objects = userService.retrieveObjects(currentUser, identifiers);
|
||||
Collection<ModeledUser> objects = userService.retrieveObjects(getCurrentUser(), identifiers);
|
||||
return Collections.<User>unmodifiableCollection(objects);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public Set<String> getIdentifiers() throws GuacamoleException {
|
||||
return userService.getIdentifiers(currentUser);
|
||||
return userService.getIdentifiers(getCurrentUser());
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public void add(User object) throws GuacamoleException {
|
||||
userService.createObject(currentUser, object);
|
||||
userService.createObject(getCurrentUser(), object);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public void update(User object) throws GuacamoleException {
|
||||
ModeledUser user = (ModeledUser) object;
|
||||
userService.updateObject(currentUser, user);
|
||||
userService.updateObject(getCurrentUser(), user);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public void remove(String identifier) throws GuacamoleException {
|
||||
userService.deleteObject(currentUser, identifier);
|
||||
userService.deleteObject(getCurrentUser(), identifier);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user