safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 05:07:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Ticket #269: Changed database permission enums from WRITE to UPDATE.

Browse Source
This commit is contained in:
James Muehlner
2013-02-13 12:13:30 -08:00
parent 6aaf271914
commit 3209f11d1f
3 changed files with 61 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
extensions/guacamole-auth-mysql/schema/guacamole-auth-mysql-schema.sql
View File

@@ -42,7 +42,7 @@ CREATE TABLE `guacamole_connection_parameter` (
CREATE TABLE `guacamole_connection_permission` (
`user_id` int(11) NOT NULL,
`connection_id` int(11) NOT NULL,
`permission` enum('READ','WRITE','DELETE','ADMINISTER') NOT NULL,
`permission` enum('READ','UPDATE','DELETE','ADMINISTER') NOT NULL,
PRIMARY KEY (`user_id`,`connection_id`,`permission`),
CONSTRAINT `guacamole_connection_permission_ibfk_1` FOREIGN KEY (`user_id`) REFERENCES `guacamole_connection` (`connection_id`),
CONSTRAINT `guacamole_connection_permission_ibfk_2` FOREIGN KEY (`user_id`) REFERENCES `guacamole_user` (`user_id`)
@@ -66,7 +66,7 @@ CREATE TABLE `guacamole_system_permission` (
CREATE TABLE `guacamole_user_permission` (
`user_id` int(11) NOT NULL,
`affected_user_id` int(11) NOT NULL,
`permission` enum('READ','WRITE','DELETE','ADMINISTER') NOT NULL,
`permission` enum('READ','UPDATE','DELETE','ADMINISTER') NOT NULL,
PRIMARY KEY (`user_id`,`affected_user_id`,`permission`),
CONSTRAINT `guacamole_user_permission_ibfk_1` FOREIGN KEY (`affected_user_id`) REFERENCES `guacamole_user` (`user_id`),
CONSTRAINT `guacamole_user_permission_ibfk_2` FOREIGN KEY (`user_id`) REFERENCES `guacamole_user` (`user_id`)

50
extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/MySQLConstants.java
View File

@@ -35,37 +35,35 @@
* ***** END LICENSE BLOCK ***** */
package net.sourceforge.guacamole.net.auth.mysql;
import net.sourceforge.guacamole.net.auth.permission.ConnectionDirectoryPermission;
import net.sourceforge.guacamole.net.auth.permission.ConnectionPermission;
import net.sourceforge.guacamole.net.auth.permission.UserDirectoryPermission;
import net.sourceforge.guacamole.net.auth.permission.UserPermission;
/**
* Constants relevant to the guacamole-auth-mysql project.
* A set of constants that useful for the MySQL-based authentication provider.
* @author James Muehlner
*/
public interface MySQLConstants {
public final class MySQLConstants {
//*********** Permission Strings ***********
// operations
public static final String CREATE = "CREATE";
public static final String READ = "READ";
public static final String WRITE = "WRITE";
public static final String DELETE = "DELETE";
public static final String ADMINISTER = "ADMINISTER";
/**
* This class should not be instantiated.
*/
private MySQLConstants() {}
// used to separate operations from objects
public static final String SEPARATOR = "_";
// Permission constants
public static final String USER_READ = UserPermission.Type.READ.name();
public static final String USER_UPDATE = UserPermission.Type.UPDATE.name();
public static final String USER_DELETE = UserPermission.Type.DELETE.name();
public static final String USER_ADMINISTER = UserPermission.Type.ADMINISTER.name();
public static final String USER_CREATE = UserDirectoryPermission.Type.CREATE.name();
//object types
public static final String USER = "USER";
public static final String CONNECTION = "CONNECTION";
public static final String CONNECTION_READ = ConnectionPermission.Type.READ.name();
public static final String CONNECTION_UPDATE = ConnectionPermission.Type.UPDATE.name();
public static final String CONNECTION_DELETE = ConnectionPermission.Type.DELETE.name();
public static final String CONNECTION_ADMINISTER = ConnectionPermission.Type.ADMINISTER.name();
public static final String CONNECTION_CREATE = ConnectionDirectoryPermission.Type.CREATE.name();
//combinations
public static final String CREATE_USER = CREATE + SEPARATOR + USER;
public static final String READ_USER = READ + SEPARATOR + USER;
public static final String WRITE_USER = WRITE + SEPARATOR + USER;
public static final String DELETE_USER = DELETE + SEPARATOR + USER;
public static final String ADMINISTER_USER = ADMINISTER + SEPARATOR + USER;
public static final String CREATE_CONNECTION = CREATE + SEPARATOR + CONNECTION;
public static final String READ_CONNECTION = READ + SEPARATOR + CONNECTION;
public static final String WRITE_CONNECTION = WRITE + SEPARATOR + CONNECTION;
public static final String DELETE_CONNECTION = DELETE + SEPARATOR + CONNECTION;
public static final String ADMINISTER_CONNECTION = ADMINISTER + SEPARATOR + CONNECTION;
public static final String SYSTEM_USER_CREATE = "USER_CREATE";
public static final String SYSTEM_CONNECTION_CREATE = "CONNECTION_CREATE";
}

70
extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/utility/PermissionCheckUtility.java
View File

@@ -97,35 +97,35 @@ public class PermissionCheckUtility {
Provider<MySQLConnection> mySQLConnectionProvider;
public boolean checkUserReadAccess(int userID, int affectedUserID) {
return checkUserAccess(userID, affectedUserID, MySQLConstants.READ_USER);
return checkUserAccess(userID, affectedUserID, MySQLConstants.USER_READ);
}
public boolean checkUserWriteAccess(int userID, int affectedUserID) {
return checkUserAccess(userID, affectedUserID, MySQLConstants.WRITE_USER);
public boolean checkUserUpdateAccess(int userID, int affectedUserID) {
return checkUserAccess(userID, affectedUserID, MySQLConstants.USER_UPDATE);
}
public boolean checkUserDeleteAccess(int userID, int affectedUserID) {
return checkUserAccess(userID, affectedUserID, MySQLConstants.DELETE_USER);
return checkUserAccess(userID, affectedUserID, MySQLConstants.USER_DELETE);
}
public boolean checkUserAdministerAccess(int userID, int affectedUserID) {
return checkUserAccess(userID, affectedUserID, MySQLConstants.ADMINISTER_USER);
return checkUserAccess(userID, affectedUserID, MySQLConstants.USER_ADMINISTER);
}
public boolean checkUserReadAccess(int userID, String affectedUsername) {
return checkUserAccess(userID, affectedUsername, MySQLConstants.READ_USER);
return checkUserAccess(userID, affectedUsername, MySQLConstants.USER_READ);
}
public boolean checkUserWriteAccess(int userID, String affectedUsername) {
return checkUserAccess(userID, affectedUsername, MySQLConstants.WRITE_USER);
public boolean checkUserUpdateAccess(int userID, String affectedUsername) {
return checkUserAccess(userID, affectedUsername, MySQLConstants.USER_UPDATE);
}
public boolean checkUserDeleteAccess(int userID, String affectedUsername) {
return checkUserAccess(userID, affectedUsername, MySQLConstants.DELETE_USER);
return checkUserAccess(userID, affectedUsername, MySQLConstants.USER_DELETE);
}
public boolean checkUserAdministerAccess(int userID, String affectedUsername) {
return checkUserAccess(userID, affectedUsername, MySQLConstants.ADMINISTER_USER);
return checkUserAccess(userID, affectedUsername, MySQLConstants.USER_ADMINISTER);
}
/**
@@ -163,7 +163,7 @@ public class PermissionCheckUtility {
* @return the list of all users this user has administer access to
*/
public List<MySQLUser> getAdministerableUsers(int userID) {
return getUsers(userID, MySQLConstants.ADMINISTER_USER);
return getUsers(userID, MySQLConstants.USER_ADMINISTER);
}
/**
@@ -172,7 +172,7 @@ public class PermissionCheckUtility {
* @return the list of all users this user has delete access to
*/
public List<MySQLUser> getDeletableUsers(int userID) {
return getUsers(userID, MySQLConstants.DELETE_USER);
return getUsers(userID, MySQLConstants.USER_DELETE);
}
/**
@@ -180,8 +180,8 @@ public class PermissionCheckUtility {
* @param userID
* @return the list of all users this user has write access to
*/
public List<MySQLUser> getWriteableleUsers(int userID) {
return getUsers(userID, MySQLConstants.WRITE_USER);
public List<MySQLUser> getUpdateableUsers(int userID) {
return getUsers(userID, MySQLConstants.USER_UPDATE);
}
/**
@@ -190,7 +190,7 @@ public class PermissionCheckUtility {
* @return the list of all users this user read has access to
*/
public List<MySQLUser> getReadableUsers(int userID) {
return getUsers(userID, MySQLConstants.READ_USER);
return getUsers(userID, MySQLConstants.USER_READ);
}
/**
@@ -234,35 +234,35 @@ public class PermissionCheckUtility {
}
public boolean checkConnectionReadAccess(int userID, int affectedConnectionID) {
return checkConnectionAccess(userID, affectedConnectionID, MySQLConstants.READ_CONNECTION);
return checkConnectionAccess(userID, affectedConnectionID, MySQLConstants.CONNECTION_READ);
}
public boolean checkConnectionWriteAccess(int userID, int affectedConnectionID) {
return checkConnectionAccess(userID, affectedConnectionID, MySQLConstants.WRITE_CONNECTION);
public boolean checkConnectionUpdateAccess(int userID, int affectedConnectionID) {
return checkConnectionAccess(userID, affectedConnectionID, MySQLConstants.CONNECTION_UPDATE);
}
public boolean checkConnectionDeleteAccess(int userID, int affectedConnectionID) {
return checkConnectionAccess(userID, affectedConnectionID, MySQLConstants.DELETE_CONNECTION);
return checkConnectionAccess(userID, affectedConnectionID, MySQLConstants.CONNECTION_DELETE);
}
public boolean checkConnectionAdministerAccess(int userID, int affectedConnectionID) {
return checkConnectionAccess(userID, affectedConnectionID, MySQLConstants.ADMINISTER_CONNECTION);
return checkConnectionAccess(userID, affectedConnectionID, MySQLConstants.CONNECTION_ADMINISTER);
}
public boolean checkConnectionReadAccess(int userID, String affectedConnectionname) {
return checkConnectionAccess(userID, affectedConnectionname, MySQLConstants.READ_CONNECTION);
return checkConnectionAccess(userID, affectedConnectionname, MySQLConstants.CONNECTION_READ);
}
public boolean checkConnectionWriteAccess(int userID, String affectedConnectionname) {
return checkConnectionAccess(userID, affectedConnectionname, MySQLConstants.WRITE_CONNECTION);
public boolean checkConnectionUpdateAccess(int userID, String affectedConnectionname) {
return checkConnectionAccess(userID, affectedConnectionname, MySQLConstants.CONNECTION_UPDATE);
}
public boolean checkConnectionDeleteAccess(int userID, String affectedConnectionname) {
return checkConnectionAccess(userID, affectedConnectionname, MySQLConstants.DELETE_CONNECTION);
return checkConnectionAccess(userID, affectedConnectionname, MySQLConstants.CONNECTION_DELETE);
}
public boolean checkConnectionAdministerAccess(int userID, String affectedConnectionname) {
return checkConnectionAccess(userID, affectedConnectionname, MySQLConstants.ADMINISTER_CONNECTION);
return checkConnectionAccess(userID, affectedConnectionname, MySQLConstants.CONNECTION_ADMINISTER);
}
/**
@@ -300,7 +300,7 @@ public class PermissionCheckUtility {
* @return the list of all connections this connection has administer access to
*/
public List<MySQLConnection> getAdministerableConnections(int userID) {
return getConnections(userID, MySQLConstants.ADMINISTER_CONNECTION);
return getConnections(userID, MySQLConstants.CONNECTION_ADMINISTER);
}
/**
@@ -309,7 +309,7 @@ public class PermissionCheckUtility {
* @return the list of all connections this connection has delete access to
*/
public List<MySQLConnection> getDeletableConnections(int userID) {
return getConnections(userID, MySQLConstants.DELETE_CONNECTION);
return getConnections(userID, MySQLConstants.CONNECTION_DELETE);
}
/**
@@ -317,8 +317,8 @@ public class PermissionCheckUtility {
* @param connectionID
* @return the list of all connections this connection has write access to
*/
public List<MySQLConnection> getWriteableleConnections(int userID) {
return getConnections(userID, MySQLConstants.WRITE_CONNECTION);
public List<MySQLConnection> getUpdateableConnections(int userID) {
return getConnections(userID, MySQLConstants.CONNECTION_UPDATE);
}
/**
@@ -327,7 +327,7 @@ public class PermissionCheckUtility {
* @return the list of all connections this connection read has access to
*/
public List<MySQLConnection> getReadableConnections(int userID) {
return getConnections(userID, MySQLConstants.READ_CONNECTION);
return getConnections(userID, MySQLConstants.CONNECTION_READ);
}
/**
@@ -376,7 +376,7 @@ public class PermissionCheckUtility {
* @return
*/
public boolean checkCreateUserPermission(int userID) {
return checkSystemPermission(userID, MySQLConstants.CREATE_USER);
return checkSystemPermission(userID, MySQLConstants.SYSTEM_USER_CREATE);
}
/**
@@ -385,7 +385,7 @@ public class PermissionCheckUtility {
* @return
*/
public boolean checkCreateConnectionPermission(int userID) {
return checkSystemPermission(userID, MySQLConstants.CREATE_CONNECTION);
return checkSystemPermission(userID, MySQLConstants.SYSTEM_CONNECTION_CREATE);
}
/**
@@ -434,7 +434,7 @@ public class PermissionCheckUtility {
/**
* Get all permissions a given user has.
* @param userID
* @return
* @return all permissions a user has.
*/
public Set<Permission> getAllPermissions(int userID) {
Set<Permission> allPermissions = new HashSet<Permission>();
@@ -497,9 +497,9 @@ public class PermissionCheckUtility {
List<SystemPermissionKey> systemPermissions = systemPermissionDAO.selectByExample(systemPermissionExample);
for(SystemPermissionKey systemPermission : systemPermissions) {
SystemPermission newPermission = null;
if(systemPermission.getPermission().equals(MySQLConstants.CREATE_USER))
if(systemPermission.getPermission().equals(MySQLConstants.SYSTEM_USER_CREATE))
newPermission = new UserDirectoryPermission(UserDirectoryPermission.Type.CREATE);
else if(systemPermission.getPermission().equals(MySQLConstants.CREATE_CONNECTION))
else if(systemPermission.getPermission().equals(MySQLConstants.SYSTEM_CONNECTION_CREATE))
newPermission = new ConnectionDirectoryPermission(ConnectionDirectoryPermission.Type.CREATE);
if(newPermission != null)