diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/PermissionDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/PermissionDirectory.java deleted file mode 100644 index 26d51acec..000000000 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/PermissionDirectory.java +++ /dev/null @@ -1,105 +0,0 @@ -package net.sourceforge.guacamole.net.auth; - -/* ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is guacamole-ext. - * - * The Initial Developer of the Original Code is - * Michael Jumper. - * Portions created by the Initial Developer are Copyright (C) 2010 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -import java.util.Set; -import net.sourceforge.guacamole.GuacamoleException; -import net.sourceforge.guacamole.net.auth.permission.Permission; - - -/** - * Provides access to a collection of all permissions, and allows permission - * manipulation and removal. - * - * @author Michael Jumper - */ -public interface PermissionDirectory { - - /** - * Lists all permissions given to the specified user. - * - * @param user The username of the user to list permissions of. - * @return A Set of all permissions granted to the specified user. - * - * @throws GuacamoleException If an error occurs while retrieving - * permissions, or if reading all permissions - * is not allowed. - */ - Set getPermissions(String user) throws GuacamoleException; - - /** - * Tests whether the specified user has the specified permission. - * - * @param user The username of the user to check permissions for. - * @param permission The permission to check. - * @return true if the permission is granted to the user specified, false - * otherwise. - * - * @throws GuacamoleException If an error occurs while checking permissions, - * or if permissions cannot be checked due to - * lack of permissions to do so. - */ - boolean hasPermission(String user, Permission permission) - throws GuacamoleException; - - /** - * Adds the specified permission to the specified user. - * - * @param user The username of the user to add the permission to. - * @param permission The permission to add. - * - * @throws GuacamoleException If an error occurs while adding the - * permission. or if permission to add - * permissions is denied. - */ - void addPermission(String user, Permission permission) - throws GuacamoleException; - - /** - * Removes the specified permission from the specified user. - * - * @param user The username of the user to remove the permission from. - * @param permission The permission to remove. - * - * @throws GuacamoleException If an error occurs while removing the - * permission. or if permission to remove - * permissions is denied. - */ - void removePermission(String user, Permission permission) - throws GuacamoleException; - -} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java index a91b9cc18..b2f573c65 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java @@ -1,6 +1,10 @@ package net.sourceforge.guacamole.net.auth; +import java.util.Set; +import net.sourceforge.guacamole.GuacamoleException; +import net.sourceforge.guacamole.net.auth.permission.Permission; + /* ***** BEGIN LICENSE BLOCK ***** * Version: MPL 1.1/GPL 2.0/LGPL 2.1 * @@ -76,4 +80,50 @@ public interface User { */ public void setPassword(String password); + /** + * Lists all permissions given to this user. + * + * @return A Set of all permissions granted to this user. + * + * @throws GuacamoleException If an error occurs while retrieving + * permissions, or if reading all permissions + * is not allowed. + */ + Set getPermissions() throws GuacamoleException; + + /** + * Tests whether this user has the specified permission. + * + * @param permission The permission to check. + * @return true if the permission is granted to this user, false otherwise. + * + * @throws GuacamoleException If an error occurs while checking permissions, + * or if permissions cannot be checked due to + * lack of permissions to do so. + */ + boolean hasPermission(Permission permission) throws GuacamoleException; + + /** + * Adds the specified permission to this user. + * + * @param permission The permission to add. + * + * @throws GuacamoleException If an error occurs while adding the + * permission. or if permission to add + * permissions is denied. + */ + void addPermission(Permission permission) throws GuacamoleException; + + /** + * Removes the specified permission from this specified user. + * + * @param permission The permission to remove. + * + * @throws GuacamoleException If an error occurs while removing the + * permission. or if permission to remove + * permissions is denied. + */ + void removePermission(Permission permission) throws GuacamoleException; + + } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java index ce7cc6016..479d12f36 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java @@ -83,17 +83,4 @@ public interface UserContext { GuacamoleConfigurationDirectory getGuacamoleConfigurationDirectory() throws GuacamoleException; - /** - * Retrieves a PermissionDirectory which can be used to view and manipulate - * permissions, but only as allowed by the permissions given to the user of - * this UserContext. - * - * @return A PermissionDirectory whose operations are bound by the - * restrictions of this UserContext. - * - * @throws GuacamoleException If an error occurs while creating the - * PermissionDirectory. - */ - PermissionDirectory getPermissionDirectory() throws GuacamoleException; - } diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimplePermissionDirectory.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimplePermissionDirectory.java deleted file mode 100644 index 2498cd902..000000000 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimplePermissionDirectory.java +++ /dev/null @@ -1,147 +0,0 @@ - -package net.sourceforge.guacamole.net.auth.simple; - -/* ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is guacamole-ext. - * - * The Initial Developer of the Original Code is - * Michael Jumper. - * Portions created by the Initial Developer are Copyright (C) 2010 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -import java.util.HashSet; -import java.util.Map; -import java.util.Set; -import net.sourceforge.guacamole.GuacamoleException; -import net.sourceforge.guacamole.GuacamoleSecurityException; -import net.sourceforge.guacamole.net.auth.PermissionDirectory; -import net.sourceforge.guacamole.net.auth.User; -import net.sourceforge.guacamole.net.auth.permission.GuacamoleConfigurationPermission; -import net.sourceforge.guacamole.net.auth.permission.ObjectPermission; -import net.sourceforge.guacamole.net.auth.permission.Permission; -import net.sourceforge.guacamole.protocol.GuacamoleConfiguration; - - -/** - * A simple read-only PermissionDirectory which manages the permissions for a - * single user. - * - * @author Michael Jumper - */ -public class SimplePermissionDirectory implements PermissionDirectory { - - /** - * The username of the user that has access to all given configs. - */ - private String user; - - /** - * The identifiers of all available configs. - */ - private Set configIdentifiers; - - /** - * Creates a new SimplePermissionDirectory which manages the permissions of - * the given user and the given Map of GuacamoleConfigurations, which must - * contain only those GuacamoleConfigurations the given user has access to. - * - * @param user The user to manage permissions for. - * @param configs All available configurations for the user given. - */ - public SimplePermissionDirectory(User user, - Map configs) { - - this.user = user.getUsername(); - configIdentifiers = configs.keySet(); - - } - - @Override - public Set getPermissions(String user) throws GuacamoleException { - - // No permssion to check permissions of other users - if (!this.user.equals(user)) - throw new GuacamoleSecurityException("Permission denied."); - - // If correct user, build list all permissions - Set permissions = new HashSet(); - for (String identifier : configIdentifiers) { - - // Add permission to set - permissions.add( - new GuacamoleConfigurationPermission( - ObjectPermission.Type.READ, - identifier - ) - ); - - } - - return permissions; - - } - - @Override - public boolean hasPermission(String user, Permission permission) throws GuacamoleException { - - // No permssion to check permissions of other users - if (!this.user.equals(user)) - throw new GuacamoleSecurityException("Permission denied."); - - // If correct user, validate config permission - if (permission instanceof GuacamoleConfigurationPermission) { - - // Get permission - GuacamoleConfigurationPermission guacConfigPerm = - (GuacamoleConfigurationPermission) permission; - - // If type is READ, permission given if the config exists in the set - if (guacConfigPerm.getType() == ObjectPermission.Type.READ) - return configIdentifiers.contains(guacConfigPerm.getObjectIdentifier()); - - } - - // No permission by default - return false; - - } - - @Override - public void addPermission(String user, Permission permission) throws GuacamoleException { - throw new GuacamoleSecurityException("Permission denied."); - } - - @Override - public void removePermission(String user, Permission permission) throws GuacamoleException { - throw new GuacamoleSecurityException("Permission denied."); - } - -} diff --git a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java index 4943b8947..a7697ea19 100644 --- a/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java +++ b/guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java @@ -41,7 +41,6 @@ import java.util.Map; import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.GuacamoleSecurityException; import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationDirectory; -import net.sourceforge.guacamole.net.auth.PermissionDirectory; import net.sourceforge.guacamole.net.auth.User; import net.sourceforge.guacamole.net.auth.UserContext; import net.sourceforge.guacamole.net.auth.UserDirectory; @@ -69,12 +68,6 @@ public class SimpleUserContext implements UserContext { */ private final GuacamoleConfigurationDirectory configDirectory; - /** - * The PermissionDirectory describing which permissions are available for - * the configurations provided. - */ - private final PermissionDirectory permissionDirectory; - /** * Creates a new SimpleUserContext which provides access to only those * configurations within the given Map. The User given must be the user @@ -93,9 +86,6 @@ public class SimpleUserContext implements UserContext { this.configDirectory = new SimpleGuacamoleConfigurationDirectory(configs); - this.permissionDirectory = - new SimplePermissionDirectory(self, configs); - } @Override @@ -114,10 +104,4 @@ public class SimpleUserContext implements UserContext { throw new GuacamoleSecurityException("Permission denied."); } - @Override - public PermissionDirectory getPermissionDirectory() - throws GuacamoleException { - return permissionDirectory; - } - }