safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 13:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove PermissionDirectory, migrate functionality to User.

Browse Source
This commit is contained in:
Michael Jumper
2013-01-30 22:43:24 -08:00
parent 53bb4e31b0
commit b244058a57
5 changed files with 50 additions and 281 deletions
Download Patch File Download Diff File Expand all files Collapse all files

105
guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/PermissionDirectory.java
View File

@@ -1,105 +0,0 @@
package net.sourceforge.guacamole.net.auth;
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is guacamole-ext.
*
* The Initial Developer of the Original Code is
* Michael Jumper.
* Portions created by the Initial Developer are Copyright (C) 2010
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
import java.util.Set;
import net.sourceforge.guacamole.GuacamoleException;
import net.sourceforge.guacamole.net.auth.permission.Permission;
/**
* Provides access to a collection of all permissions, and allows permission
* manipulation and removal.
*
* @author Michael Jumper
*/
public interface PermissionDirectory {
/**
* Lists all permissions given to the specified user.
*
* @param user The username of the user to list permissions of.
* @return A Set of all permissions granted to the specified user.
*
* @throws GuacamoleException If an error occurs while retrieving
* permissions, or if reading all permissions
* is not allowed.
*/
Set<Permission> getPermissions(String user) throws GuacamoleException;
/**
* Tests whether the specified user has the specified permission.
*
* @param user The username of the user to check permissions for.
* @param permission The permission to check.
* @return true if the permission is granted to the user specified, false
* otherwise.
*
* @throws GuacamoleException If an error occurs while checking permissions,
* or if permissions cannot be checked due to
* lack of permissions to do so.
*/
boolean hasPermission(String user, Permission permission)
throws GuacamoleException;
/**
* Adds the specified permission to the specified user.
*
* @param user The username of the user to add the permission to.
* @param permission The permission to add.
*
* @throws GuacamoleException If an error occurs while adding the
* permission. or if permission to add
* permissions is denied.
*/
void addPermission(String user, Permission permission)
throws GuacamoleException;
/**
* Removes the specified permission from the specified user.
*
* @param user The username of the user to remove the permission from.
* @param permission The permission to remove.
*
* @throws GuacamoleException If an error occurs while removing the
* permission. or if permission to remove
* permissions is denied.
*/
void removePermission(String user, Permission permission)
throws GuacamoleException;
}

50
guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/User.java
View File

@@ -1,6 +1,10 @@
package net.sourceforge.guacamole.net.auth; package net.sourceforge.guacamole.net.auth;
import java.util.Set;
import net.sourceforge.guacamole.GuacamoleException;
import net.sourceforge.guacamole.net.auth.permission.Permission;
/* ***** BEGIN LICENSE BLOCK ***** /* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
* *
@@ -76,4 +80,50 @@ public interface User {
*/ */
public void setPassword(String password); public void setPassword(String password);
/**
* Lists all permissions given to this user.
*
* @return A Set of all permissions granted to this user.
*
* @throws GuacamoleException If an error occurs while retrieving
* permissions, or if reading all permissions
* is not allowed.
*/
Set<Permission> getPermissions() throws GuacamoleException;
/**
* Tests whether this user has the specified permission.
*
* @param permission The permission to check.
* @return true if the permission is granted to this user, false otherwise.
*
* @throws GuacamoleException If an error occurs while checking permissions,
* or if permissions cannot be checked due to
* lack of permissions to do so.
*/
boolean hasPermission(Permission permission) throws GuacamoleException;
/**
* Adds the specified permission to this user.
*
* @param permission The permission to add.
*
* @throws GuacamoleException If an error occurs while adding the
* permission. or if permission to add
* permissions is denied.
*/
void addPermission(Permission permission) throws GuacamoleException;
/**
* Removes the specified permission from this specified user.
*
* @param permission The permission to remove.
*
* @throws GuacamoleException If an error occurs while removing the
* permission. or if permission to remove
* permissions is denied.
*/
void removePermission(Permission permission) throws GuacamoleException;
} }

13
guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/UserContext.java
View File

@@ -83,17 +83,4 @@ public interface UserContext {
GuacamoleConfigurationDirectory getGuacamoleConfigurationDirectory() GuacamoleConfigurationDirectory getGuacamoleConfigurationDirectory()
throws GuacamoleException; throws GuacamoleException;
/**
* Retrieves a PermissionDirectory which can be used to view and manipulate
* permissions, but only as allowed by the permissions given to the user of
* this UserContext.
*
* @return A PermissionDirectory whose operations are bound by the
* restrictions of this UserContext.
*
* @throws GuacamoleException If an error occurs while creating the
* PermissionDirectory.
*/
PermissionDirectory getPermissionDirectory() throws GuacamoleException;
} }

147
guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimplePermissionDirectory.java
View File

@@ -1,147 +0,0 @@
package net.sourceforge.guacamole.net.auth.simple;
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is guacamole-ext.
*
* The Initial Developer of the Original Code is
* Michael Jumper.
* Portions created by the Initial Developer are Copyright (C) 2010
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import net.sourceforge.guacamole.GuacamoleException;
import net.sourceforge.guacamole.GuacamoleSecurityException;
import net.sourceforge.guacamole.net.auth.PermissionDirectory;
import net.sourceforge.guacamole.net.auth.User;
import net.sourceforge.guacamole.net.auth.permission.GuacamoleConfigurationPermission;
import net.sourceforge.guacamole.net.auth.permission.ObjectPermission;
import net.sourceforge.guacamole.net.auth.permission.Permission;
import net.sourceforge.guacamole.protocol.GuacamoleConfiguration;
/**
* A simple read-only PermissionDirectory which manages the permissions for a
* single user.
*
* @author Michael Jumper
*/
public class SimplePermissionDirectory implements PermissionDirectory {
/**
* The username of the user that has access to all given configs.
*/
private String user;
/**
* The identifiers of all available configs.
*/
private Set<String> configIdentifiers;
/**
* Creates a new SimplePermissionDirectory which manages the permissions of
* the given user and the given Map of GuacamoleConfigurations, which must
* contain only those GuacamoleConfigurations the given user has access to.
*
* @param user The user to manage permissions for.
* @param configs All available configurations for the user given.
*/
public SimplePermissionDirectory(User user,
Map<String, GuacamoleConfiguration> configs) {
this.user = user.getUsername();
configIdentifiers = configs.keySet();
}
@Override
public Set<Permission> getPermissions(String user) throws GuacamoleException {
// No permssion to check permissions of other users
if (!this.user.equals(user))
throw new GuacamoleSecurityException("Permission denied.");
// If correct user, build list all permissions
Set<Permission> permissions = new HashSet<Permission>();
for (String identifier : configIdentifiers) {
// Add permission to set
permissions.add(
new GuacamoleConfigurationPermission(
ObjectPermission.Type.READ,
identifier
)
);
}
return permissions;
}
@Override
public boolean hasPermission(String user, Permission permission) throws GuacamoleException {
// No permssion to check permissions of other users
if (!this.user.equals(user))
throw new GuacamoleSecurityException("Permission denied.");
// If correct user, validate config permission
if (permission instanceof GuacamoleConfigurationPermission) {
// Get permission
GuacamoleConfigurationPermission guacConfigPerm =
(GuacamoleConfigurationPermission) permission;
// If type is READ, permission given if the config exists in the set
if (guacConfigPerm.getType() == ObjectPermission.Type.READ)
return configIdentifiers.contains(guacConfigPerm.getObjectIdentifier());
}
// No permission by default
return false;
}
@Override
public void addPermission(String user, Permission permission) throws GuacamoleException {
throw new GuacamoleSecurityException("Permission denied.");
}
@Override
public void removePermission(String user, Permission permission) throws GuacamoleException {
throw new GuacamoleSecurityException("Permission denied.");
}
}

16
guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java
View File

@@ -41,7 +41,6 @@ import java.util.Map;
import net.sourceforge.guacamole.GuacamoleException; import net.sourceforge.guacamole.GuacamoleException;
import net.sourceforge.guacamole.GuacamoleSecurityException; import net.sourceforge.guacamole.GuacamoleSecurityException;
import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationDirectory; import net.sourceforge.guacamole.net.auth.GuacamoleConfigurationDirectory;
import net.sourceforge.guacamole.net.auth.PermissionDirectory;
import net.sourceforge.guacamole.net.auth.User; import net.sourceforge.guacamole.net.auth.User;
import net.sourceforge.guacamole.net.auth.UserContext; import net.sourceforge.guacamole.net.auth.UserContext;
import net.sourceforge.guacamole.net.auth.UserDirectory; import net.sourceforge.guacamole.net.auth.UserDirectory;
@@ -69,12 +68,6 @@ public class SimpleUserContext implements UserContext {
*/ */
private final GuacamoleConfigurationDirectory configDirectory; private final GuacamoleConfigurationDirectory configDirectory;
/**
* The PermissionDirectory describing which permissions are available for
* the configurations provided.
*/
private final PermissionDirectory permissionDirectory;
/** /**
* Creates a new SimpleUserContext which provides access to only those * Creates a new SimpleUserContext which provides access to only those
* configurations within the given Map. The User given must be the user * configurations within the given Map. The User given must be the user
@@ -93,9 +86,6 @@ public class SimpleUserContext implements UserContext {
this.configDirectory = this.configDirectory =
new SimpleGuacamoleConfigurationDirectory(configs); new SimpleGuacamoleConfigurationDirectory(configs);
this.permissionDirectory =
new SimplePermissionDirectory(self, configs);
} }
@Override @Override
@@ -114,10 +104,4 @@ public class SimpleUserContext implements UserContext {
throw new GuacamoleSecurityException("Permission denied."); throw new GuacamoleSecurityException("Permission denied.");
} }
@Override
public PermissionDirectory getPermissionDirectory()
throws GuacamoleException {
return permissionDirectory;
}
} }