safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-07 05:31:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Migrate XML servlets to latest revision of auth API.

Browse Source
This commit is contained in:
Michael Jumper
2013-01-30 23:27:12 -08:00
parent eff951fdda
commit a19b1af6f7
3 changed files with 55 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
guacamole/src/main/java/net/sourceforge/guacamole/net/basic/ConfigurationList.java
View File

@@ -30,7 +30,7 @@ import javax.xml.stream.XMLStreamWriter;
import net.sourceforge.guacamole.GuacamoleException;
import net.sourceforge.guacamole.GuacamoleSecurityException;
import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationDirectory;
import net.sourceforge.guacamole.net.auth.PermissionDirectory;
import net.sourceforge.guacamole.net.auth.User;
import net.sourceforge.guacamole.net.auth.UserContext;
import net.sourceforge.guacamole.net.auth.permission.GuacamoleConfigurationDirectoryPermission;
import net.sourceforge.guacamole.net.auth.permission.GuacamoleConfigurationPermission;
@@ -52,15 +52,13 @@ public class ConfigurationList extends AuthenticatingHttpServlet {
* system operation. Security exceptions are handled appropriately - only
* non-security exceptions pass through.
*
* @param permissions The PermissionsDirectory to check.
* @param user The user whose permissions should be verified.
* @param type The type of operation to check for permission for.
* @return true if permission is granted, false otherwise.
*
* @throws GuacamoleException If an error occurs while checking permissions.
*/
private boolean hasConfigPermission(PermissionDirectory permissions,
String user, SystemPermission.Type type)
private boolean hasConfigPermission(User user, SystemPermission.Type type)
throws GuacamoleException {
// Build permission
@@ -69,7 +67,7 @@ public class ConfigurationList extends AuthenticatingHttpServlet {
try {
// Return result of permission check, if possible
return permissions.hasPermission(user, permission);
return user.hasPermission(permission);
}
catch (GuacamoleSecurityException e) {
// If cannot check due to security restrictions, no permission
@@ -83,7 +81,6 @@ public class ConfigurationList extends AuthenticatingHttpServlet {
* object operation. Security exceptions are handled appropriately - only
* non-security exceptions pass through.
*
* @param permissions The PermissionsDirectory to check.
* @param user The user whose permissions should be verified.
* @param type The type of operation to check for permission for.
* @param identifier The identifier of the configuration the operation
@@ -92,8 +89,8 @@ public class ConfigurationList extends AuthenticatingHttpServlet {
*
* @throws GuacamoleException If an error occurs while checking permissions.
*/
private boolean hasConfigPermission(PermissionDirectory permissions,
String user, ObjectPermission.Type type, String identifier)
private boolean hasConfigPermission(User user, ObjectPermission.Type type,
String identifier)
throws GuacamoleException {
// Build permission
@@ -104,7 +101,7 @@ public class ConfigurationList extends AuthenticatingHttpServlet {
try {
// Return result of permission check, if possible
return permissions.hasPermission(user, permission);
return user.hasPermission(permission);
}
catch (GuacamoleSecurityException e) {
// If cannot check due to security restrictions, no permission
@@ -141,24 +138,11 @@ public class ConfigurationList extends AuthenticatingHttpServlet {
throw new ServletException("Unable to retrieve configurations.", e);
}
// Try to get permission directory
PermissionDirectory permissions = null;
try {
permissions = context.getPermissionDirectory();
}
catch (GuacamoleSecurityException e) {
// Soft fail - can't check permissions ... assume have READ and
// nothing else
}
catch (GuacamoleException e) {
throw new ServletException("Unable to retrieve permissions.", e);
}
// Write actual XML
try {
// Get username
String username = context.self().getUsername();
// Get self
User self = context.self();
XMLOutputFactory outputFactory = XMLOutputFactory.newInstance();
XMLStreamWriter xml = outputFactory.createXMLStreamWriter(response.getWriter());
@@ -168,8 +152,7 @@ public class ConfigurationList extends AuthenticatingHttpServlet {
xml.writeStartElement("configs");
// Save config create permission attribute
if (permissions != null && hasConfigPermission(permissions, username,
SystemPermission.Type.CREATE))
if (hasConfigPermission(self, SystemPermission.Type.CREATE))
xml.writeAttribute("create", "yes");
// For each entry, write corresponding config element
@@ -183,28 +166,23 @@ public class ConfigurationList extends AuthenticatingHttpServlet {
xml.writeAttribute("id", entry.getKey());
xml.writeAttribute("protocol", config.getProtocol());
// Check permissions and set attributes appropriately
if (permissions != null) {
// Save update permission attribute
if (hasConfigPermission(permissions, username,
ObjectPermission.Type.UPDATE, entry.getKey()))
if (hasConfigPermission(self, ObjectPermission.Type.UPDATE,
entry.getKey()))
xml.writeAttribute("update", "yes");
// Save admin permission attribute
if (hasConfigPermission(permissions, username,
ObjectPermission.Type.ADMINISTER, entry.getKey()))
if (hasConfigPermission(self, ObjectPermission.Type.ADMINISTER,
entry.getKey()))
xml.writeAttribute("admin", "yes");
// Save delete permission attribute
if (hasConfigPermission(permissions, username,
ObjectPermission.Type.DELETE, entry.getKey()))
if (hasConfigPermission(self, ObjectPermission.Type.DELETE,
entry.getKey()))
xml.writeAttribute("delete", "yes");
}
}
// End document
xml.writeEndElement();
xml.writeEndDocument();

14
guacamole/src/main/java/net/sourceforge/guacamole/net/basic/PermissionList.java
View File

@@ -27,8 +27,9 @@ import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;
import net.sourceforge.guacamole.GuacamoleException;
import net.sourceforge.guacamole.GuacamoleSecurityException;
import net.sourceforge.guacamole.net.auth.PermissionDirectory;
import net.sourceforge.guacamole.net.auth.User;
import net.sourceforge.guacamole.net.auth.UserContext;
import net.sourceforge.guacamole.net.auth.UserDirectory;
import net.sourceforge.guacamole.net.auth.permission.GuacamoleConfigurationDirectoryPermission;
import net.sourceforge.guacamole.net.auth.permission.GuacamoleConfigurationPermission;
import net.sourceforge.guacamole.net.auth.permission.ObjectPermission;
@@ -102,14 +103,17 @@ public class PermissionList extends AuthenticatingHttpServlet {
// Write actual XML
try {
// Get permission directory
PermissionDirectory permissions = context.getPermissionDirectory();
// Get username
String username = request.getParameter("user");
if (username == null)
throw new ServletException("No user specified.");
// Get user directory
UserDirectory users = context.getUserDirectory();
// Get specific user
User user = users.getUser(username);
// Write XML content type
response.setHeader("Content-Type", "text/xml");
@@ -122,7 +126,7 @@ public class PermissionList extends AuthenticatingHttpServlet {
xml.writeAttribute("user", username);
// For each entry, write corresponding user element
for (Permission permission : permissions.getPermissions(username)) {
for (Permission permission : user.getPermissions()) {
// Config directory permission
if (permission instanceof GuacamoleConfigurationDirectoryPermission) {

51
guacamole/src/main/java/net/sourceforge/guacamole/net/basic/UserList.java
View File

@@ -28,7 +28,6 @@ import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;
import net.sourceforge.guacamole.GuacamoleException;
import net.sourceforge.guacamole.GuacamoleSecurityException;
import net.sourceforge.guacamole.net.auth.PermissionDirectory;
import net.sourceforge.guacamole.net.auth.User;
import net.sourceforge.guacamole.net.auth.UserContext;
import net.sourceforge.guacamole.net.auth.UserDirectory;
@@ -50,15 +49,13 @@ public class UserList extends AuthenticatingHttpServlet {
* system operation. Security exceptions are handled appropriately - only
* non-security exceptions pass through.
*
* @param permissions The PermissionsDirectory to check.
* @param user The user whose permissions should be verified.
* @param type The type of operation to check for permission for.
* @return true if permission is granted, false otherwise.
*
* @throws GuacamoleException If an error occurs while checking permissions.
*/
private boolean hasUserPermission(PermissionDirectory permissions,
String user, SystemPermission.Type type)
private boolean hasUserPermission(User user, SystemPermission.Type type)
throws GuacamoleException {
// Build permission
@@ -66,7 +63,7 @@ public class UserList extends AuthenticatingHttpServlet {
try {
// Return result of permission check, if possible
return permissions.hasPermission(user, permission);
return user.hasPermission(permission);
}
catch (GuacamoleSecurityException e) {
// If cannot check due to security restrictions, no permission
@@ -80,7 +77,6 @@ public class UserList extends AuthenticatingHttpServlet {
* object operation. Security exceptions are handled appropriately - only
* non-security exceptions pass through.
*
* @param permissions The PermissionsDirectory to check.
* @param user The user whose permissions should be verified.
* @param type The type of operation to check for permission for.
* @param identifier The identifier of the user the operation would be
@@ -89,8 +85,8 @@ public class UserList extends AuthenticatingHttpServlet {
*
* @throws GuacamoleException If an error occurs while checking permissions.
*/
private boolean hasUserPermission(PermissionDirectory permissions,
String user, ObjectPermission.Type type, String identifier)
private boolean hasUserPermission(User user, ObjectPermission.Type type,
String identifier)
throws GuacamoleException {
// Build permission
@@ -98,7 +94,7 @@ public class UserList extends AuthenticatingHttpServlet {
try {
// Return result of permission check, if possible
return permissions.hasPermission(user, permission);
return user.hasPermission(permission);
}
catch (GuacamoleSecurityException e) {
// If cannot check due to security restrictions, no permission
@@ -119,19 +115,6 @@ public class UserList extends AuthenticatingHttpServlet {
// Write XML content type
response.setHeader("Content-Type", "text/xml");
// Try to get permission directory
PermissionDirectory permissions = null;
try {
permissions = context.getPermissionDirectory();
}
catch (GuacamoleSecurityException e) {
// Soft fail - can't check permissions ... assume have READ and
// nothing else
}
catch (GuacamoleException e) {
throw new ServletException("Unable to retrieve permissions.", e);
}
// Write actual XML
try {
@@ -141,8 +124,8 @@ public class UserList extends AuthenticatingHttpServlet {
// Get users
Set<User> users = directory.getUsers();
// Get username
String username = context.self().getUsername();
// Get self
User self = context.self();
XMLOutputFactory outputFactory = XMLOutputFactory.newInstance();
XMLStreamWriter xml = outputFactory.createXMLStreamWriter(response.getWriter());
@@ -152,8 +135,7 @@ public class UserList extends AuthenticatingHttpServlet {
xml.writeStartElement("users");
// Save user create permission attribute
if (permissions != null && hasUserPermission(permissions, username,
SystemPermission.Type.CREATE))
if (hasUserPermission(self, SystemPermission.Type.CREATE))
xml.writeAttribute("create", "yes");
// For each entry, write corresponding user element
@@ -163,28 +145,23 @@ public class UserList extends AuthenticatingHttpServlet {
xml.writeEmptyElement("user");
xml.writeAttribute("name", user.getUsername());
// Check permissions and set attributes appropriately
if (permissions != null) {
// Save update permission attribute
if (hasUserPermission(permissions, username,
ObjectPermission.Type.UPDATE, user.getUsername()))
if (hasUserPermission(self, ObjectPermission.Type.UPDATE,
user.getUsername()))
xml.writeAttribute("update", "yes");
// Save admin permission attribute
if (hasUserPermission(permissions, username,
ObjectPermission.Type.ADMINISTER, user.getUsername()))
if (hasUserPermission(self, ObjectPermission.Type.ADMINISTER,
user.getUsername()))
xml.writeAttribute("admin", "yes");
// Save delete permission attribute
if (hasUserPermission(permissions, username,
ObjectPermission.Type.DELETE, user.getUsername()))
if (hasUserPermission(self, ObjectPermission.Type.DELETE,
user.getUsername()))
xml.writeAttribute("delete", "yes");
}
}
// End document
xml.writeEndElement();
xml.writeEndDocument();