safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-08 06:01:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Ticket #362: Changed permission operations to be atomic.

Browse Source
This commit is contained in:
James Muehlner
2013-12-05 20:45:38 -08:00
parent 9aa29fe4b2
commit 64e56dc9ab
1 changed files with 41 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/permission/PermissionRESTService.java
View File

@@ -102,17 +102,17 @@ public class PermissionRESTService {
} }
/** /**
* Sets the permissions for a user with the given userID. * Adds a permissions for a user with the given userID.
* *
* @param authToken The authentication token that is used to authenticate * @param authToken The authentication token that is used to authenticate
* the user performing the operation. * the user performing the operation.
* @param userID The user ID to retrieve permissions for. * @param userID The user ID to add the permission for.
* @param permissions The permissions to set for the user with the given userID. * @param permission The permission to add for the user with the given userID.
*/ */
@POST @POST
@Path("/{userID}") @Path("/{userID}")
public void setPermissions(@QueryParam("token") String authToken, public void addPermission(@QueryParam("token") String authToken,
@PathParam("userID") String userID, List<APIPermission> permissions) { @PathParam("userID") String userID, APIPermission permission) {
UserContext userContext = authenticationService.getUserContextFromAuthToken(authToken); UserContext userContext = authenticationService.getUserContextFromAuthToken(authToken);
try { try {
@@ -122,34 +122,47 @@ public class PermissionRESTService {
if(user == null) if(user == null)
throw new HTTPException(Status.NOT_FOUND, "User not found with the provided userID."); throw new HTTPException(Status.NOT_FOUND, "User not found with the provided userID.");
// All the permissions the user should have after this operation // Add the new permission
Set<Permission> newPermissions = permissionService.convertAPIPermissionList(permissions); user.addPermission(permission.toPermission());
// Get the original permissions the user had
Set<Permission> originalPermissions = user.getPermissions();
// Find all permissions in the original set, but not the new one
Set<Permission> permissionsToRemove = new HashSet<Permission>(originalPermissions);
permissionsToRemove.removeAll(newPermissions);
// Remove all permissions that are no longer wanted
for(Permission permissionToRemove : permissionsToRemove) {
user.removePermission(permissionToRemove);
}
// Get only those permissions that need to be added
newPermissions.removeAll(originalPermissions);
// Add all new permissions
for(Permission newPermission : newPermissions) {
user.addPermission(newPermission);
}
} catch(GuacamoleSecurityException e) { } catch(GuacamoleSecurityException e) {
throw new HTTPException(Status.UNAUTHORIZED, e.getMessage() != null ? e.getMessage() : "Permission denied."); throw new HTTPException(Status.UNAUTHORIZED, e.getMessage() != null ? e.getMessage() : "Permission denied.");
} catch(GuacamoleClientException e) { } catch(GuacamoleClientException e) {
throw new HTTPException(Status.BAD_REQUEST, e.getMessage() != null ? e.getMessage() : "Invalid Request."); throw new HTTPException(Status.BAD_REQUEST, e.getMessage() != null ? e.getMessage() : "Invalid Request.");
} catch(GuacamoleException e) { } catch(GuacamoleException e) {
logger.error("Unexpected GuacamoleException caught setting permissions.", e); logger.error("Unexpected GuacamoleException caught adding permission.", e);
throw new HTTPException(Status.INTERNAL_SERVER_ERROR, e.getMessage() != null ? e.getMessage() : "Unexpected server error.");
}
}
/**
* Removes a permissions for a user with the given userID.
*
* @param authToken The authentication token that is used to authenticate
* the user performing the operation.
* @param userID The user ID to remove the permission for.
* @param permission The permission to remove for the user with the given userID.
*/
@POST
@Path("/{userID}/remove")
public void removePermission(@QueryParam("token") String authToken,
@PathParam("userID") String userID, APIPermission permission) {
UserContext userContext = authenticationService.getUserContextFromAuthToken(authToken);
try {
// Get the user
User user = userContext.getUserDirectory().get(userID);
if(user == null)
throw new HTTPException(Status.NOT_FOUND, "User not found with the provided userID.");
// Remove the permission
user.removePermission(permission.toPermission());
} catch(GuacamoleSecurityException e) {
throw new HTTPException(Status.UNAUTHORIZED, e.getMessage() != null ? e.getMessage() : "Permission denied.");
} catch(GuacamoleClientException e) {
throw new HTTPException(Status.BAD_REQUEST, e.getMessage() != null ? e.getMessage() : "Invalid Request.");
} catch(GuacamoleException e) {
logger.error("Unexpected GuacamoleException caught adding permission.", e);
throw new HTTPException(Status.INTERNAL_SERVER_ERROR, e.getMessage() != null ? e.getMessage() : "Unexpected server error."); throw new HTTPException(Status.INTERNAL_SERVER_ERROR, e.getMessage() != null ? e.getMessage() : "Unexpected server error.");
} }
} }