Migrate XML servlets to latest revision of auth API.

2025-10-31 00:53:21 +00:00 · 2013-01-30 23:27:12 -08:00
parent eff951fdda
commit a19b1af6f7
3 changed files with 55 additions and 96 deletions
--- a/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/ConfigurationList.java
+++ b/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/ConfigurationList.java
@@ -30,7 +30,7 @@ import javax.xml.stream.XMLStreamWriter;
 import net.sourceforge.guacamole.GuacamoleException;
 import net.sourceforge.guacamole.GuacamoleSecurityException;
 import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationDirectory;
-import net.sourceforge.guacamole.net.auth.PermissionDirectory;
+import net.sourceforge.guacamole.net.auth.User;
 import net.sourceforge.guacamole.net.auth.UserContext;
 import net.sourceforge.guacamole.net.auth.permission.GuacamoleConfigurationDirectoryPermission;
 import net.sourceforge.guacamole.net.auth.permission.GuacamoleConfigurationPermission;
@@ -52,15 +52,13 @@ public class ConfigurationList extends AuthenticatingHttpServlet {
     * system operation. Security exceptions are handled appropriately - only
     * non-security exceptions pass through.
     * 
-     * @param permissions The PermissionsDirectory to check.
     * @param user The user whose permissions should be verified.
     * @param type The type of operation to check for permission for.
     * @return true if permission is granted, false otherwise.
     * 
     * @throws GuacamoleException If an error occurs while checking permissions.
     */
-    private boolean hasConfigPermission(PermissionDirectory permissions,
-            String user, SystemPermission.Type type)
+    private boolean hasConfigPermission(User user, SystemPermission.Type type)
    throws GuacamoleException {

        // Build permission
@@ -69,7 +67,7 @@ public class ConfigurationList extends AuthenticatingHttpServlet {

        try {
            // Return result of permission check, if possible
-            return permissions.hasPermission(user, permission);
+            return user.hasPermission(permission);
        }
        catch (GuacamoleSecurityException e) {
            // If cannot check due to security restrictions, no permission
@@ -83,7 +81,6 @@ public class ConfigurationList extends AuthenticatingHttpServlet {
     * object operation. Security exceptions are handled appropriately - only
     * non-security exceptions pass through.
     * 
-     * @param permissions The PermissionsDirectory to check.
     * @param user The user whose permissions should be verified.
     * @param type The type of operation to check for permission for.
     * @param identifier The identifier of the configuration the operation
@@ -92,8 +89,8 @@ public class ConfigurationList extends AuthenticatingHttpServlet {
     * 
     * @throws GuacamoleException If an error occurs while checking permissions.
     */
-    private boolean hasConfigPermission(PermissionDirectory permissions,
-            String user, ObjectPermission.Type type, String identifier)
+    private boolean hasConfigPermission(User user, ObjectPermission.Type type,
+            String identifier)
    throws GuacamoleException {

        // Build permission
@@ -104,7 +101,7 @@ public class ConfigurationList extends AuthenticatingHttpServlet {

        try {
            // Return result of permission check, if possible
-            return permissions.hasPermission(user, permission);
+            return user.hasPermission(permission);
        }
        catch (GuacamoleSecurityException e) {
            // If cannot check due to security restrictions, no permission
@@ -140,25 +137,12 @@ public class ConfigurationList extends AuthenticatingHttpServlet {
        catch (GuacamoleException e) {
            throw new ServletException("Unable to retrieve configurations.", e);
        }
-        
-        // Try to get permission directory
-        PermissionDirectory permissions = null;
-        try {
-            permissions = context.getPermissionDirectory();
-        }
-        catch (GuacamoleSecurityException e) {
-            // Soft fail - can't check permissions ... assume have READ and
-            // nothing else
-        }
-        catch (GuacamoleException e) {
-            throw new ServletException("Unable to retrieve permissions.", e);
-        }
-
+       
        // Write actual XML
        try {

-            // Get username
-            String username = context.self().getUsername();
+            // Get self 
+            User self = context.self();
            
            XMLOutputFactory outputFactory = XMLOutputFactory.newInstance();
            XMLStreamWriter xml = outputFactory.createXMLStreamWriter(response.getWriter());
@@ -168,8 +152,7 @@ public class ConfigurationList extends AuthenticatingHttpServlet {
            xml.writeStartElement("configs");
            
            // Save config create permission attribute
-            if (permissions != null && hasConfigPermission(permissions, username,
-                    SystemPermission.Type.CREATE))
+            if (hasConfigPermission(self, SystemPermission.Type.CREATE))
                xml.writeAttribute("create", "yes");
            
            // For each entry, write corresponding config element
@@ -183,25 +166,20 @@ public class ConfigurationList extends AuthenticatingHttpServlet {
                xml.writeAttribute("id", entry.getKey());
                xml.writeAttribute("protocol", config.getProtocol());

-                // Check permissions and set attributes appropriately
-                if (permissions != null) {
-
-                    // Save update permission attribute
-                    if (hasConfigPermission(permissions, username,
-                            ObjectPermission.Type.UPDATE, entry.getKey()))
-                        xml.writeAttribute("update", "yes");
-                    
-                    // Save admin permission attribute
-                    if (hasConfigPermission(permissions, username,
-                            ObjectPermission.Type.ADMINISTER, entry.getKey()))
-                        xml.writeAttribute("admin", "yes");
-                    
-                    // Save delete permission attribute
-                    if (hasConfigPermission(permissions, username,
-                            ObjectPermission.Type.DELETE, entry.getKey()))
-                        xml.writeAttribute("delete", "yes");
-                    
-                }
+                // Save update permission attribute
+                if (hasConfigPermission(self, ObjectPermission.Type.UPDATE,
+                        entry.getKey()))
+                    xml.writeAttribute("update", "yes");
+                
+                // Save admin permission attribute
+                if (hasConfigPermission(self, ObjectPermission.Type.ADMINISTER,
+                        entry.getKey()))
+                    xml.writeAttribute("admin", "yes");
+                
+                // Save delete permission attribute
+                if (hasConfigPermission(self, ObjectPermission.Type.DELETE,
+                        entry.getKey()))
+                    xml.writeAttribute("delete", "yes");
                
            }

--- a/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/PermissionList.java
+++ b/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/PermissionList.java
@@ -27,8 +27,9 @@ import javax.xml.stream.XMLStreamException;
 import javax.xml.stream.XMLStreamWriter;
 import net.sourceforge.guacamole.GuacamoleException;
 import net.sourceforge.guacamole.GuacamoleSecurityException;
-import net.sourceforge.guacamole.net.auth.PermissionDirectory;
+import net.sourceforge.guacamole.net.auth.User;
 import net.sourceforge.guacamole.net.auth.UserContext;
+import net.sourceforge.guacamole.net.auth.UserDirectory;
 import net.sourceforge.guacamole.net.auth.permission.GuacamoleConfigurationDirectoryPermission;
 import net.sourceforge.guacamole.net.auth.permission.GuacamoleConfigurationPermission;
 import net.sourceforge.guacamole.net.auth.permission.ObjectPermission;
@@ -102,14 +103,17 @@ public class PermissionList extends AuthenticatingHttpServlet {
        // Write actual XML
        try {

-            // Get permission directory
-            PermissionDirectory permissions = context.getPermissionDirectory();
-
            // Get username
            String username = request.getParameter("user");
            if (username == null)
                throw new ServletException("No user specified.");

+            // Get user directory
+            UserDirectory users = context.getUserDirectory();
+            
+            // Get specific user
+            User user = users.getUser(username);
+            
            // Write XML content type
            response.setHeader("Content-Type", "text/xml");
            
@@ -122,7 +126,7 @@ public class PermissionList extends AuthenticatingHttpServlet {
            xml.writeAttribute("user", username);
            
            // For each entry, write corresponding user element
-            for (Permission permission : permissions.getPermissions(username)) {
+            for (Permission permission : user.getPermissions()) {

                // Config directory permission
                if (permission instanceof GuacamoleConfigurationDirectoryPermission) {
--- a/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/UserList.java
+++ b/guacamole/src/main/java/net/sourceforge/guacamole/net/basic/UserList.java
@@ -28,7 +28,6 @@ import javax.xml.stream.XMLStreamException;
 import javax.xml.stream.XMLStreamWriter;
 import net.sourceforge.guacamole.GuacamoleException;
 import net.sourceforge.guacamole.GuacamoleSecurityException;
-import net.sourceforge.guacamole.net.auth.PermissionDirectory;
 import net.sourceforge.guacamole.net.auth.User;
 import net.sourceforge.guacamole.net.auth.UserContext;
 import net.sourceforge.guacamole.net.auth.UserDirectory;
@@ -50,15 +49,13 @@ public class UserList extends AuthenticatingHttpServlet {
     * system operation. Security exceptions are handled appropriately - only
     * non-security exceptions pass through.
     * 
-     * @param permissions The PermissionsDirectory to check.
     * @param user The user whose permissions should be verified.
     * @param type The type of operation to check for permission for.
     * @return true if permission is granted, false otherwise.
     * 
     * @throws GuacamoleException If an error occurs while checking permissions.
     */
-    private boolean hasUserPermission(PermissionDirectory permissions,
-            String user, SystemPermission.Type type)
+    private boolean hasUserPermission(User user, SystemPermission.Type type)
    throws GuacamoleException {

        // Build permission
@@ -66,7 +63,7 @@ public class UserList extends AuthenticatingHttpServlet {

        try {
            // Return result of permission check, if possible
-            return permissions.hasPermission(user, permission);
+            return user.hasPermission(permission);
        }
        catch (GuacamoleSecurityException e) {
            // If cannot check due to security restrictions, no permission
@@ -80,7 +77,6 @@ public class UserList extends AuthenticatingHttpServlet {
     * object operation. Security exceptions are handled appropriately - only
     * non-security exceptions pass through.
     * 
-     * @param permissions The PermissionsDirectory to check.
     * @param user The user whose permissions should be verified.
     * @param type The type of operation to check for permission for.
     * @param identifier The identifier of the user the operation would be
@@ -89,8 +85,8 @@ public class UserList extends AuthenticatingHttpServlet {
     * 
     * @throws GuacamoleException If an error occurs while checking permissions.
     */
-    private boolean hasUserPermission(PermissionDirectory permissions,
-            String user, ObjectPermission.Type type, String identifier)
+    private boolean hasUserPermission(User user, ObjectPermission.Type type,
+            String identifier)
    throws GuacamoleException {

        // Build permission
@@ -98,7 +94,7 @@ public class UserList extends AuthenticatingHttpServlet {

        try {
            // Return result of permission check, if possible
-            return permissions.hasPermission(user, permission);
+            return user.hasPermission(permission);
        }
        catch (GuacamoleSecurityException e) {
            // If cannot check due to security restrictions, no permission
@@ -119,19 +115,6 @@ public class UserList extends AuthenticatingHttpServlet {
        // Write XML content type
        response.setHeader("Content-Type", "text/xml");

-        // Try to get permission directory
-        PermissionDirectory permissions = null;
-        try {
-            permissions = context.getPermissionDirectory();
-        }
-        catch (GuacamoleSecurityException e) {
-            // Soft fail - can't check permissions ... assume have READ and
-            // nothing else
-        }
-        catch (GuacamoleException e) {
-            throw new ServletException("Unable to retrieve permissions.", e);
-        }
-
        // Write actual XML
        try {

@@ -141,8 +124,8 @@ public class UserList extends AuthenticatingHttpServlet {
            // Get users
            Set<User> users = directory.getUsers();

-            // Get username
-            String username = context.self().getUsername();
+            // Get self
+            User self = context.self();

            XMLOutputFactory outputFactory = XMLOutputFactory.newInstance();
            XMLStreamWriter xml = outputFactory.createXMLStreamWriter(response.getWriter());
@@ -152,8 +135,7 @@ public class UserList extends AuthenticatingHttpServlet {
            xml.writeStartElement("users");
            
            // Save user create permission attribute
-            if (permissions != null && hasUserPermission(permissions, username,
-                    SystemPermission.Type.CREATE))
+            if (hasUserPermission(self, SystemPermission.Type.CREATE))
                xml.writeAttribute("create", "yes");
            
            // For each entry, write corresponding user element
@@ -163,25 +145,20 @@ public class UserList extends AuthenticatingHttpServlet {
                xml.writeEmptyElement("user");
                xml.writeAttribute("name", user.getUsername());

-                // Check permissions and set attributes appropriately
-                if (permissions != null) {
-
-                    // Save update permission attribute
-                    if (hasUserPermission(permissions, username,
-                            ObjectPermission.Type.UPDATE, user.getUsername()))
-                        xml.writeAttribute("update", "yes");
-                    
-                    // Save admin permission attribute
-                    if (hasUserPermission(permissions, username,
-                            ObjectPermission.Type.ADMINISTER, user.getUsername()))
-                        xml.writeAttribute("admin", "yes");
-                    
-                    // Save delete permission attribute
-                    if (hasUserPermission(permissions, username,
-                            ObjectPermission.Type.DELETE, user.getUsername()))
-                        xml.writeAttribute("delete", "yes");
-                    
-                }
+                // Save update permission attribute
+                if (hasUserPermission(self, ObjectPermission.Type.UPDATE,
+                        user.getUsername()))
+                    xml.writeAttribute("update", "yes");
+                
+                // Save admin permission attribute
+                if (hasUserPermission(self, ObjectPermission.Type.ADMINISTER,
+                        user.getUsername()))
+                    xml.writeAttribute("admin", "yes");
+                
+                // Save delete permission attribute
+                if (hasUserPermission(self, ObjectPermission.Type.DELETE,
+                        user.getUsername()))
+                    xml.writeAttribute("delete", "yes");
                
            }