safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-10-28 07:33:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Ticket #269: Clean up permission create/remove prototypes, add missing JavaDoc, fix whitespace at end of line.

Browse Source
This commit is contained in:
Michael Jumper
2013-02-26 02:44:33 -08:00
parent 97c1bc6a28
commit 6af023f7d3
5 changed files with 78 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/ConnectionDirectory.java
View File

@@ -87,7 +87,7 @@ public class ConnectionDirectory implements Directory<String, Connection>{
/** /**
* Set the user for this directory. * Set the user for this directory.
* *
* @param user_id The ID of the user owning this connection directory. * @param user_id The ID of the user owning this connection directory.
*/ */
public void init(int user_id) { public void init(int user_id) {

32
extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/MySQLUser.java
View File

@@ -58,7 +58,7 @@ public class MySQLUser extends AbstractUser {
* The ID of this user in the database, if any. * The ID of this user in the database, if any.
*/ */
private Integer userID; private Integer userID;
/** /**
* Service for encrypting passwords. * Service for encrypting passwords.
*/ */
@@ -81,26 +81,26 @@ public class MySQLUser extends AbstractUser {
* The set of current permissions a user has. * The set of current permissions a user has.
*/ */
private Set<Permission> permissions = new HashSet<Permission>(); private Set<Permission> permissions = new HashSet<Permission>();
/** /**
* Any newly added permissions that have yet to be committed. * Any newly added permissions that have yet to be committed.
*/ */
private Set<Permission> newPermissions = new HashSet<Permission>(); private Set<Permission> newPermissions = new HashSet<Permission>();
/** /**
* Any newly deleted permissions that have yet to be deleted. * Any newly deleted permissions that have yet to be deleted.
*/ */
private Set<Permission> removedPermissions = new HashSet<Permission>(); private Set<Permission> removedPermissions = new HashSet<Permission>();
/** /**
* Creates a new, empty MySQLUser. * Creates a new, empty MySQLUser.
*/ */
public MySQLUser() { public MySQLUser() {
} }
/** /**
* Initializes a new MySQLUser having the given username. * Initializes a new MySQLUser having the given username.
* *
* @param name The name to assign to this MySQLUser. * @param name The name to assign to this MySQLUser.
*/ */
public void init(String name) { public void init(String name) {
@@ -110,7 +110,7 @@ public class MySQLUser extends AbstractUser {
/** /**
* Initializes a new MySQLUser, copying all data from the given user * Initializes a new MySQLUser, copying all data from the given user
* object. * object.
* *
* @param user The user object to copy. * @param user The user object to copy.
* @throws GuacamoleException If an error occurs while reading the user * @throws GuacamoleException If an error occurs while reading the user
* data in the given object. * data in the given object.
@@ -124,7 +124,7 @@ public class MySQLUser extends AbstractUser {
/** /**
* Initializes a new MySQLUser initialized from the given data from the * Initializes a new MySQLUser initialized from the given data from the
* database. * database.
* *
* @param user The user object, as retrieved from the database. * @param user The user object, as retrieved from the database.
*/ */
public void init(UserWithBLOBs user) { public void init(UserWithBLOBs user) {
@@ -134,7 +134,7 @@ public class MySQLUser extends AbstractUser {
permissions.addAll( permissions.addAll(
permissionCheckUtility.getAllPermissions(user.getUser_id())); permissionCheckUtility.getAllPermissions(user.getUser_id()));
} }
/** /**
* Get the current set of permissions this user has. * Get the current set of permissions this user has.
* @return the current set of permissions. * @return the current set of permissions.
@@ -142,7 +142,7 @@ public class MySQLUser extends AbstractUser {
public Set<Permission> getCurrentPermissions() { public Set<Permission> getCurrentPermissions() {
return permissions; return permissions;
} }
/** /**
* Get any new permissions that have yet to be inserted. * Get any new permissions that have yet to be inserted.
* @return the new set of permissions. * @return the new set of permissions.
@@ -150,7 +150,7 @@ public class MySQLUser extends AbstractUser {
public Set<Permission> getNewPermissions() { public Set<Permission> getNewPermissions() {
return newPermissions; return newPermissions;
} }
/** /**
* Get any permissions that have not yet been deleted. * Get any permissions that have not yet been deleted.
* @return the permissions that need to be deleted. * @return the permissions that need to be deleted.
@@ -158,7 +158,7 @@ public class MySQLUser extends AbstractUser {
public Set<Permission> getRemovedPermissions() { public Set<Permission> getRemovedPermissions() {
return removedPermissions; return removedPermissions;
} }
/** /**
* Reset the new and removed permission sets after they are * Reset the new and removed permission sets after they are
* no longer needed. * no longer needed.
@@ -170,7 +170,7 @@ public class MySQLUser extends AbstractUser {
/** /**
* Returns the ID of this user in the database, if it exists. * Returns the ID of this user in the database, if it exists.
* *
* @return The ID of this user in the database, or null if this user * @return The ID of this user in the database, or null if this user
* was not retrieved from the database. * was not retrieved from the database.
*/ */
@@ -180,7 +180,7 @@ public class MySQLUser extends AbstractUser {
/** /**
* Sets the ID of this user to the given value. * Sets the ID of this user to the given value.
* *
* @param userID The ID to assign to this user. * @param userID The ID to assign to this user.
*/ */
public void setUserID(Integer userID) { public void setUserID(Integer userID) {
@@ -216,7 +216,7 @@ public class MySQLUser extends AbstractUser {
* into the database. Beware that this object does not have associated * into the database. Beware that this object does not have associated
* permissions. The permissions of this MySQLUser must be dealt with * permissions. The permissions of this MySQLUser must be dealt with
* separately. * separately.
* *
* @return A new UserWithBLOBs containing all associated data of this * @return A new UserWithBLOBs containing all associated data of this
* MySQLUser. * MySQLUser.
*/ */
@@ -236,7 +236,7 @@ public class MySQLUser extends AbstractUser {
} }
return user; return user;
} }
} }

2
extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/MySQLUserContext.java
View File

@@ -76,7 +76,7 @@ public class MySQLUserContext implements UserContext {
*/ */
@Inject @Inject
private ProviderService providerService; private ProviderService providerService;
/** /**
* Initializes the user and directories associated with this context. * Initializes the user and directories associated with this context.
* *

105
extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/UserDirectory.java
View File

@@ -131,7 +131,7 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
*/ */
@Inject @Inject
private ProviderService providerUtility; private ProviderService providerUtility;
/** /**
* Service for encrypting passwords. * Service for encrypting passwords.
*/ */
@@ -197,7 +197,7 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
user.setPassword_hash( user.setPassword_hash(
passwordUtility.createPasswordHash(object.getPassword(), salt)); passwordUtility.createPasswordHash(object.getPassword(), salt));
} }
userDAO.insert(user); userDAO.insert(user);
// Create permissions of new user in database // Create permissions of new user in database
@@ -227,11 +227,10 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
} }
/** /**
* Update all the permissions for a given user to be only those specified in the user object. * Add the given permissions to the given user.
* Delete any permissions not in the list, and create any in the list that do not exist
* in the database.
* *
* @param user The user whose permissions should be updated. * @param user_id The ID of the user whose permissions should be updated.
* @param permissions The permissions to add.
* @throws GuacamoleException If an error occurs while updating the * @throws GuacamoleException If an error occurs while updating the
* permissions of the given user. * permissions of the given user.
*/ */
@@ -255,15 +254,25 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
} }
// Create the new permissions // Create the new permissions
createUserPermissions(newUserPermissions, user_id); createUserPermissions(user_id, newUserPermissions);
createConnectionPermissions(newConnectionPermissions, user_id); createConnectionPermissions(user_id, newConnectionPermissions);
createSystemPermissions(newSystemPermissions, user_id); createSystemPermissions(user_id, newSystemPermissions);
} }
private void removePermissions(int user_id, Set<Permission> permissions) throws GuacamoleException {
/**
* Remove the given permissions from the given user.
*
* @param user_id The ID of the user whose permissions should be updated.
* @param permissions The permissions to remove.
* @throws GuacamoleException If an error occurs while updating the
* permissions of the given user.
*/
private void removePermissions(int user_id, Set<Permission> permissions)
throws GuacamoleException {
// Partition given permissions by permission type // Partition given permissions by permission type
List<UserPermission> removedUserPermissions = new ArrayList<UserPermission>(); List<UserPermission> removedUserPermissions = new ArrayList<UserPermission>();
List<ConnectionPermission> removedConnectionPermissions = new ArrayList<ConnectionPermission>(); List<ConnectionPermission> removedConnectionPermissions = new ArrayList<ConnectionPermission>();
@@ -280,27 +289,27 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
else if (permission instanceof SystemPermission) else if (permission instanceof SystemPermission)
removedSystemPermissions.add((SystemPermission) permission); removedSystemPermissions.add((SystemPermission) permission);
} }
// Delete the removed permissions. // Delete the removed permissions.
deleteUserPermissions(removedUserPermissions, user_id); deleteUserPermissions(user_id, removedUserPermissions);
deleteConnectionPermissions(removedConnectionPermissions, user_id); deleteConnectionPermissions(user_id, removedConnectionPermissions);
deleteSystemPermissions(removedSystemPermissions, user_id); deleteSystemPermissions(user_id, removedSystemPermissions);
} }
/** /**
* Create any new permissions having to do with users for a given user. * Create the given user permissions for the given user.
* *
* @param user_id The ID of the user to change the permissions of.
* @param permissions The new permissions the given user should have when * @param permissions The new permissions the given user should have when
* this operation completes. * this operation completes.
* @param user_id The ID of the user to change the permissions of.
* @throws GuacamoleException If permission to alter the access permissions * @throws GuacamoleException If permission to alter the access permissions
* of affected objects is denied. * of affected objects is denied.
*/ */
private void createUserPermissions(Collection<UserPermission> permissions, private void createUserPermissions(int user_id,
int user_id) Collection<UserPermission> permissions)
throws GuacamoleException { throws GuacamoleException {
if(permissions.isEmpty()) if(permissions.isEmpty())
return; return;
@@ -323,7 +332,7 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
for (User dbUser : dbUsers) { for (User dbUser : dbUsers) {
dbUserMap.put(dbUser.getUsername(), dbUser); dbUserMap.put(dbUser.getUsername(), dbUser);
} }
for (UserPermission permission : permissions) { for (UserPermission permission : permissions) {
// Get user // Get user
@@ -353,16 +362,16 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
/** /**
* Delete permissions having to do with users for a given user. * Delete permissions having to do with users for a given user.
* *
* @param user_id The ID of the user to change the permissions of.
* @param permissions The permissions the given user should no longer have * @param permissions The permissions the given user should no longer have
* when this operation completes. * when this operation completes.
* @param user_id The ID of the user to change the permissions of.
* @throws GuacamoleException If permission to alter the access permissions * @throws GuacamoleException If permission to alter the access permissions
* of affected objects is denied. * of affected objects is denied.
*/ */
private void deleteUserPermissions(Collection<UserPermission> permissions, private void deleteUserPermissions(int user_id,
int user_id) Collection<UserPermission> permissions)
throws GuacamoleException { throws GuacamoleException {
if(permissions.isEmpty()) if(permissions.isEmpty())
return; return;
@@ -387,7 +396,7 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
dbUserMap.put(dbUser.getUsername(), dbUser); dbUserMap.put(dbUser.getUsername(), dbUser);
userIDs.add(dbUser.getUser_id()); userIDs.add(dbUser.getUser_id());
} }
// Verify we have permission to delete each user permission. // Verify we have permission to delete each user permission.
for (UserPermission permission : permissions) { for (UserPermission permission : permissions) {
@@ -406,7 +415,7 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
+ " does not have permission to administrate user " + " does not have permission to administrate user "
+ dbAffectedUser.getUser_id()); + dbAffectedUser.getUser_id());
} }
if(!userIDs.isEmpty()) { if(!userIDs.isEmpty()) {
UserPermissionExample userPermissionExample = new UserPermissionExample(); UserPermissionExample userPermissionExample = new UserPermissionExample();
userPermissionExample.createCriteria().andUser_idEqualTo(user_id) userPermissionExample.createCriteria().andUser_idEqualTo(user_id)
@@ -419,16 +428,16 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
* Create any new permissions having to do with connections for a given * Create any new permissions having to do with connections for a given
* user. * user.
* *
* @param user_id The ID of the user to assign or remove permissions from.
* @param permissions The new permissions the user should have after this * @param permissions The new permissions the user should have after this
* operation completes. * operation completes.
* @param user_id The ID of the user to assign or remove permissions from.
* @throws GuacamoleException If permission to alter the access permissions * @throws GuacamoleException If permission to alter the access permissions
* of affected objects is deniedD * of affected objects is deniedD
*/ */
private void createConnectionPermissions( private void createConnectionPermissions(int user_id,
Collection<ConnectionPermission> permissions, int user_id) Collection<ConnectionPermission> permissions)
throws GuacamoleException { throws GuacamoleException {
if(permissions.isEmpty()) if(permissions.isEmpty())
return; return;
@@ -483,16 +492,16 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
/** /**
* Delete permissions having to do with connections for a given user. * Delete permissions having to do with connections for a given user.
* *
* @param user_id The ID of the user to change the permissions of.
* @param permissions The permissions the given user should no longer have * @param permissions The permissions the given user should no longer have
* when this operation completes. * when this operation completes.
* @param user_id The ID of the user to change the permissions of.
* @throws GuacamoleException If permission to alter the access permissions * @throws GuacamoleException If permission to alter the access permissions
* of affected objects is denied. * of affected objects is denied.
*/ */
private void deleteConnectionPermissions(Collection<ConnectionPermission> permissions, private void deleteConnectionPermissions(int user_id,
int user_id) Collection<ConnectionPermission> permissions)
throws GuacamoleException { throws GuacamoleException {
if(permissions.isEmpty()) if(permissions.isEmpty())
return; return;
@@ -517,7 +526,7 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
dbConnectionMap.put(dbConnection.getConnection_name(), dbConnection); dbConnectionMap.put(dbConnection.getConnection_name(), dbConnection);
connectionIDs.add(dbConnection.getConnection_id()); connectionIDs.add(dbConnection.getConnection_id());
} }
// Verify we have permission to delete each connection permission. // Verify we have permission to delete each connection permission.
for (ConnectionPermission permission : permissions) { for (ConnectionPermission permission : permissions) {
@@ -536,7 +545,7 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
+ " does not have permission to administrate connection " + " does not have permission to administrate connection "
+ dbConnection.getConnection_id()); + dbConnection.getConnection_id());
} }
if(!connectionIDs.isEmpty()) { if(!connectionIDs.isEmpty()) {
ConnectionPermissionExample connectionPermissionExample = new ConnectionPermissionExample(); ConnectionPermissionExample connectionPermissionExample = new ConnectionPermissionExample();
connectionPermissionExample.createCriteria().andUser_idEqualTo(user_id) connectionPermissionExample.createCriteria().andUser_idEqualTo(user_id)
@@ -549,16 +558,16 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
* Create any new system permissions for a given user. All permissions in * Create any new system permissions for a given user. All permissions in
* the given list will be inserted. * the given list will be inserted.
* *
* @param user_id The ID of the user whose permissions should be updated.
* @param permissions The new system permissions that the given user should * @param permissions The new system permissions that the given user should
* have when this operation completes. * have when this operation completes.
* @param user_id The ID of the user whose permissions should be updated.
*/ */
private void createSystemPermissions(Collection<SystemPermission> permissions, private void createSystemPermissions(int user_id,
int user_id) { Collection<SystemPermission> permissions) {
if(permissions.isEmpty()) if(permissions.isEmpty())
return; return;
// Build list of requested system permissions // Build list of requested system permissions
List<String> systemPermissionTypes = new ArrayList<String>(); List<String> systemPermissionTypes = new ArrayList<String>();
for (SystemPermission permission : permissions) { for (SystemPermission permission : permissions) {
@@ -609,18 +618,18 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
} }
} }
/** /**
* Delete system permissions for a given user. All permissions in * Delete system permissions for a given user. All permissions in
* the given list will be removed from the user. * the given list will be removed from the user.
* *
* @param user_id The ID of the user whose permissions should be updated.
* @param permissions The permissions the given user should no longer have * @param permissions The permissions the given user should no longer have
* when this operation completes. * when this operation completes.
* @param user_id The ID of the user whose permissions should be updated.
*/ */
private void deleteSystemPermissions(Collection<SystemPermission> permissions, private void deleteSystemPermissions(int user_id,
int user_id) { Collection<SystemPermission> permissions) {
if(permissions.isEmpty()) if(permissions.isEmpty())
return; return;
@@ -680,7 +689,7 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
// permissions. // permissions.
if (!(object instanceof MySQLUser)) if (!(object instanceof MySQLUser))
throw new GuacamoleException("User not from database."); throw new GuacamoleException("User not from database.");
// Validate permission to update this user is granted // Validate permission to update this user is granted
permissionCheckUtility.verifyUserUpdateAccess(this.user_id, permissionCheckUtility.verifyUserUpdateAccess(this.user_id,
object.getUsername()); object.getUsername());

6
extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/service/PermissionCheckService.java
View File

@@ -384,7 +384,7 @@ public class PermissionCheckService {
// If no affected users at all, return empty set // If no affected users at all, return empty set
if (affectedUserIDs.isEmpty()) if (affectedUserIDs.isEmpty())
return Collections.EMPTY_SET; return Collections.EMPTY_SET;
// Query corresponding user data for each retrieved ID // Query corresponding user data for each retrieved ID
UserExample example = new UserExample(); UserExample example = new UserExample();
example.createCriteria().andUser_idIn(Lists.newArrayList(affectedUserIDs)); example.createCriteria().andUser_idIn(Lists.newArrayList(affectedUserIDs));
@@ -720,7 +720,7 @@ public class PermissionCheckService {
// Otherwise, no connections available // Otherwise, no connections available
return Collections.EMPTY_SET; return Collections.EMPTY_SET;
} }
/** /**
@@ -860,7 +860,7 @@ public class PermissionCheckService {
List<ConnectionPermissionKey> connectionPermissions = List<ConnectionPermissionKey> connectionPermissions =
connectionPermissionDAO.selectByExample(connectionPermissionExample); connectionPermissionDAO.selectByExample(connectionPermissionExample);
// If connection permissions present, add permissions // If connection permissions present, add permissions
if (!connectionPermissions.isEmpty()) { if (!connectionPermissions.isEmpty()) {
// Get list of affected connection IDs // Get list of affected connection IDs