From 929c7de2c9a50d8b7727f5fc107bdc2b355c3f8f Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sat, 3 Nov 2018 10:09:14 -0700 Subject: [PATCH] GUACAMOLE-220: Add user group permissions to SimpleUser. --- .../guacamole/net/auth/simple/SimpleUser.java | 66 +++++++++++++++---- 1 file changed, 52 insertions(+), 14 deletions(-) diff --git a/guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleUser.java b/guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleUser.java index 61fce20f4..302150e5a 100644 --- a/guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleUser.java +++ b/guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleUser.java @@ -41,22 +41,24 @@ import org.apache.guacamole.net.auth.permission.SystemPermissionSet; public class SimpleUser extends AbstractUser { /** - * All connection permissions granted to this user. + * All user permissions granted to this user. */ - private final Set userPermissions = - new HashSet(); + private final Set userPermissions = new HashSet<>(); + + /** + * All user group permissions granted to this user. + */ + private final Set userGroupPermissions = new HashSet<>(); /** * All connection permissions granted to this user. */ - private final Set connectionPermissions = - new HashSet(); + private final Set connectionPermissions = new HashSet<>(); /** * All connection group permissions granted to this user. */ - private final Set connectionGroupPermissions = - new HashSet(); + private final Set connectionGroupPermissions = new HashSet<>(); /** * Creates a completely uninitialized SimpleUser. @@ -73,7 +75,7 @@ public class SimpleUser extends AbstractUser { public SimpleUser(String username) { // Set username - setIdentifier(username); + super.setIdentifier(username); } @@ -92,18 +94,17 @@ public class SimpleUser extends AbstractUser { Collection identifiers) { // Add a READ permission to the set for each identifier given - for (String identifier : identifiers) { - permissions.add(new ObjectPermission ( + identifiers.forEach(identifier -> + permissions.add(new ObjectPermission( ObjectPermission.Type.READ, - identifier + identifier) )); - } } - + /** * Creates a new SimpleUser having the given username and READ access to - * the connections and groups having the given identifiers. + * the connections and connection groups having the given identifiers. * * @param username * The username to assign to this SimpleUser. @@ -127,6 +128,43 @@ public class SimpleUser extends AbstractUser { } + /** + * Creates a new SimpleUser having the given username and READ access to + * the users, user groups, connections, and connection groups having the + * given identifiers. + * + * @param username + * The username to assign to this SimpleUser. + * + * @param userIdentifiers + * The identifiers of all users this user has READ access to. + * + * @param userGroupIdentifiers + * The identifiers of all user groups this user has READ access to. + * + * @param connectionIdentifiers + * The identifiers of all connections this user has READ access to. + * + * @param connectionGroupIdentifiers + * The identifiers of all connection groups this user has READ access + * to. + */ + public SimpleUser(String username, + Collection userIdentifiers, + Collection userGroupIdentifiers, + Collection connectionIdentifiers, + Collection connectionGroupIdentifiers) { + + this(username); + + // Add permissions + addReadPermissions(userPermissions, userIdentifiers); + addReadPermissions(userGroupPermissions, userGroupIdentifiers); + addReadPermissions(connectionPermissions, connectionIdentifiers); + addReadPermissions(connectionGroupPermissions, connectionGroupIdentifiers); + + } + /** * Creates a new SimpleUser having the given username and READ access to * the users, connections, and groups having the given identifiers.