mirror of
https://github.com/gyurix1968/guacamole-client.git
synced 2025-09-06 13:17:41 +00:00
GUAC-1132: Associate tunnels with records, not sockets. Provide tunnel for connect().
This commit is contained in:
Michael Jumper
@@ -40,7 +40,7 @@ import org.glyptodon.guacamole.GuacamoleSecurityException;
|
||||
import org.glyptodon.guacamole.auth.jdbc.base.GroupedDirectoryObjectService;
|
||||
import org.glyptodon.guacamole.auth.jdbc.permission.ConnectionPermissionMapper;
|
||||
import org.glyptodon.guacamole.auth.jdbc.permission.ObjectPermissionMapper;
|
||||
import org.glyptodon.guacamole.net.GuacamoleSocket;
|
||||
import org.glyptodon.guacamole.net.GuacamoleTunnel;
|
||||
import org.glyptodon.guacamole.net.auth.Connection;
|
||||
import org.glyptodon.guacamole.net.auth.ConnectionRecord;
|
||||
import org.glyptodon.guacamole.net.auth.permission.ObjectPermission;
|
||||
@@ -403,19 +403,19 @@ public class ConnectionService extends GroupedDirectoryObjectService<ModeledConn
|
||||
* Information associated with the connecting client.
|
||||
*
|
||||
* @return
|
||||
* A connected GuacamoleSocket associated with a newly-established
|
||||
* A connected GuacamoleTunnel associated with a newly-established
|
||||
* connection.
|
||||
*
|
||||
* @throws GuacamoleException
|
||||
* If permission to connect to this connection is denied.
|
||||
*/
|
||||
public GuacamoleSocket connect(AuthenticatedUser user,
|
||||
public GuacamoleTunnel connect(AuthenticatedUser user,
|
||||
ModeledConnection connection, GuacamoleClientInformation info)
|
||||
throws GuacamoleException {
|
||||
|
||||
// Connect only if READ permission is granted
|
||||
if (hasObjectPermission(user, connection.getIdentifier(), ObjectPermission.Type.READ))
|
||||
return socketService.getGuacamoleSocket(user, connection, info);
|
||||
return socketService.getGuacamoleTunnel(user, connection, info);
|
||||
|
||||
// The user does not have permission to connect
|
||||
throw new GuacamoleSecurityException("Permission denied.");
|
||||
|
||||
@@ -28,7 +28,7 @@ import java.util.List;
|
||||
import org.glyptodon.guacamole.auth.jdbc.socket.GuacamoleSocketService;
|
||||
import org.glyptodon.guacamole.GuacamoleException;
|
||||
import org.glyptodon.guacamole.auth.jdbc.base.GroupedDirectoryObject;
|
||||
import org.glyptodon.guacamole.net.GuacamoleSocket;
|
||||
import org.glyptodon.guacamole.net.GuacamoleTunnel;
|
||||
import org.glyptodon.guacamole.net.auth.Connection;
|
||||
import org.glyptodon.guacamole.net.auth.ConnectionRecord;
|
||||
import org.glyptodon.guacamole.protocol.GuacamoleClientInformation;
|
||||
@@ -114,7 +114,7 @@ public class ModeledConnection extends GroupedDirectoryObject<ConnectionModel>
|
||||
}
|
||||
|
||||
@Override
|
||||
public GuacamoleSocket connect(GuacamoleClientInformation info) throws GuacamoleException {
|
||||
public GuacamoleTunnel connect(GuacamoleClientInformation info) throws GuacamoleException {
|
||||
return connectionService.connect(getCurrentUser(), this, info);
|
||||
}
|
||||
|
||||
|
||||
@@ -24,7 +24,7 @@ package org.glyptodon.guacamole.auth.jdbc.connection;
|
||||
|
||||
|
||||
import java.util.Date;
|
||||
import org.glyptodon.guacamole.net.GuacamoleSocket;
|
||||
import org.glyptodon.guacamole.net.GuacamoleTunnel;
|
||||
import org.glyptodon.guacamole.net.auth.ConnectionRecord;
|
||||
|
||||
/**
|
||||
@@ -84,7 +84,7 @@ public class ModeledConnectionRecord implements ConnectionRecord {
|
||||
}
|
||||
|
||||
@Override
|
||||
public GuacamoleSocket getSocket() {
|
||||
public GuacamoleTunnel getTunnel() {
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@@ -35,7 +35,7 @@ import org.glyptodon.guacamole.GuacamoleUnsupportedException;
|
||||
import org.glyptodon.guacamole.auth.jdbc.base.GroupedDirectoryObjectService;
|
||||
import org.glyptodon.guacamole.auth.jdbc.permission.ConnectionGroupPermissionMapper;
|
||||
import org.glyptodon.guacamole.auth.jdbc.permission.ObjectPermissionMapper;
|
||||
import org.glyptodon.guacamole.net.GuacamoleSocket;
|
||||
import org.glyptodon.guacamole.net.GuacamoleTunnel;
|
||||
import org.glyptodon.guacamole.net.auth.ConnectionGroup;
|
||||
import org.glyptodon.guacamole.net.auth.permission.ObjectPermission;
|
||||
import org.glyptodon.guacamole.net.auth.permission.ObjectPermissionSet;
|
||||
@@ -235,19 +235,19 @@ public class ConnectionGroupService extends GroupedDirectoryObjectService<Modele
|
||||
* Information associated with the connecting client.
|
||||
*
|
||||
* @return
|
||||
* A connected GuacamoleSocket associated with a newly-established
|
||||
* A connected GuacamoleTunnel associated with a newly-established
|
||||
* connection.
|
||||
*
|
||||
* @throws GuacamoleException
|
||||
* If permission to connect to this connection is denied.
|
||||
*/
|
||||
public GuacamoleSocket connect(AuthenticatedUser user,
|
||||
public GuacamoleTunnel connect(AuthenticatedUser user,
|
||||
ModeledConnectionGroup connectionGroup, GuacamoleClientInformation info)
|
||||
throws GuacamoleException {
|
||||
|
||||
// Connect only if READ permission is granted
|
||||
if (hasObjectPermission(user, connectionGroup.getIdentifier(), ObjectPermission.Type.READ))
|
||||
return socketService.getGuacamoleSocket(user, connectionGroup, info);
|
||||
return socketService.getGuacamoleTunnel(user, connectionGroup, info);
|
||||
|
||||
// The user does not have permission to connect
|
||||
throw new GuacamoleSecurityException("Permission denied.");
|
||||
|
||||
@@ -28,7 +28,7 @@ import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionService;
|
||||
import org.glyptodon.guacamole.auth.jdbc.socket.GuacamoleSocketService;
|
||||
import org.glyptodon.guacamole.GuacamoleException;
|
||||
import org.glyptodon.guacamole.auth.jdbc.base.GroupedDirectoryObject;
|
||||
import org.glyptodon.guacamole.net.GuacamoleSocket;
|
||||
import org.glyptodon.guacamole.net.GuacamoleTunnel;
|
||||
import org.glyptodon.guacamole.net.auth.ConnectionGroup;
|
||||
import org.glyptodon.guacamole.protocol.GuacamoleClientInformation;
|
||||
|
||||
@@ -76,7 +76,7 @@ public class ModeledConnectionGroup extends GroupedDirectoryObject<ConnectionGro
|
||||
}
|
||||
|
||||
@Override
|
||||
public GuacamoleSocket connect(GuacamoleClientInformation info)
|
||||
public GuacamoleTunnel connect(GuacamoleClientInformation info)
|
||||
throws GuacamoleException {
|
||||
return connectionGroupService.connect(getCurrentUser(), this, info);
|
||||
}
|
||||
|
||||
@@ -28,7 +28,7 @@ import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionService;
|
||||
import org.glyptodon.guacamole.GuacamoleException;
|
||||
import org.glyptodon.guacamole.GuacamoleSecurityException;
|
||||
import org.glyptodon.guacamole.auth.jdbc.base.RestrictedObject;
|
||||
import org.glyptodon.guacamole.net.GuacamoleSocket;
|
||||
import org.glyptodon.guacamole.net.GuacamoleTunnel;
|
||||
import org.glyptodon.guacamole.net.auth.ConnectionGroup;
|
||||
import org.glyptodon.guacamole.protocol.GuacamoleClientInformation;
|
||||
|
||||
@@ -125,7 +125,7 @@ public class RootConnectionGroup extends RestrictedObject
|
||||
}
|
||||
|
||||
@Override
|
||||
public GuacamoleSocket connect(GuacamoleClientInformation info)
|
||||
public GuacamoleTunnel connect(GuacamoleClientInformation info)
|
||||
throws GuacamoleException {
|
||||
throw new GuacamoleSecurityException("Permission denied.");
|
||||
}
|
||||
|
||||
@@ -46,6 +46,8 @@ import org.glyptodon.guacamole.GuacamoleSecurityException;
|
||||
import org.glyptodon.guacamole.auth.jdbc.connection.ConnectionMapper;
|
||||
import org.glyptodon.guacamole.environment.Environment;
|
||||
import org.glyptodon.guacamole.net.GuacamoleSocket;
|
||||
import org.glyptodon.guacamole.net.GuacamoleTunnel;
|
||||
import org.glyptodon.guacamole.net.SynchronizedGuacamoleTunnel;
|
||||
import org.glyptodon.guacamole.net.auth.Connection;
|
||||
import org.glyptodon.guacamole.net.auth.ConnectionGroup;
|
||||
import org.glyptodon.guacamole.net.auth.ConnectionRecord;
|
||||
@@ -344,7 +346,7 @@ public abstract class AbstractGuacamoleSocketService implements GuacamoleSocketS
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a socket for the given user which connects to the given
|
||||
* Creates a tunnel for the given user which connects to the given
|
||||
* connection, which MUST already be acquired via acquire(). The given
|
||||
* client information will be passed to guacd when the connection is
|
||||
* established.
|
||||
@@ -360,14 +362,14 @@ public abstract class AbstractGuacamoleSocketService implements GuacamoleSocketS
|
||||
* connection.
|
||||
*
|
||||
* @return
|
||||
* A new GuacamoleSocket which is configured and connected to the given
|
||||
* A new GuacamoleTunnel which is configured and connected to the given
|
||||
* connection.
|
||||
*
|
||||
* @throws GuacamoleException
|
||||
* If an error occurs while the connection is being established, or
|
||||
* while connection configuration information is being retrieved.
|
||||
*/
|
||||
private GuacamoleSocket assignGuacamoleSocket(ActiveConnectionRecord activeConnection,
|
||||
private GuacamoleTunnel assignGuacamoleTunnel(ActiveConnectionRecord activeConnection,
|
||||
GuacamoleClientInformation info)
|
||||
throws GuacamoleException {
|
||||
|
||||
@@ -388,9 +390,10 @@ public abstract class AbstractGuacamoleSocketService implements GuacamoleSocketS
|
||||
info
|
||||
);
|
||||
|
||||
// Assign and return new socket
|
||||
activeConnection.setSocket(socket);
|
||||
return socket;
|
||||
// Assign and return new tunnel
|
||||
GuacamoleTunnel tunnel = new SynchronizedGuacamoleTunnel(socket);
|
||||
activeConnection.setTunnel(tunnel);
|
||||
return tunnel;
|
||||
|
||||
}
|
||||
|
||||
@@ -459,13 +462,13 @@ public abstract class AbstractGuacamoleSocketService implements GuacamoleSocketS
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public GuacamoleSocket getGuacamoleSocket(final AuthenticatedUser user,
|
||||
public GuacamoleTunnel getGuacamoleTunnel(final AuthenticatedUser user,
|
||||
final ModeledConnection connection, GuacamoleClientInformation info)
|
||||
throws GuacamoleException {
|
||||
|
||||
// Acquire and connect to single connection
|
||||
acquire(user, Collections.singletonList(connection));
|
||||
return assignGuacamoleSocket(new ActiveConnectionRecord(user, connection), info);
|
||||
return assignGuacamoleTunnel(new ActiveConnectionRecord(user, connection), info);
|
||||
|
||||
}
|
||||
|
||||
@@ -476,7 +479,7 @@ public abstract class AbstractGuacamoleSocketService implements GuacamoleSocketS
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public GuacamoleSocket getGuacamoleSocket(AuthenticatedUser user,
|
||||
public GuacamoleTunnel getGuacamoleTunnel(AuthenticatedUser user,
|
||||
ModeledConnectionGroup connectionGroup,
|
||||
GuacamoleClientInformation info) throws GuacamoleException {
|
||||
|
||||
@@ -490,7 +493,7 @@ public abstract class AbstractGuacamoleSocketService implements GuacamoleSocketS
|
||||
|
||||
// Acquire and connect to any child
|
||||
ModeledConnection connection = acquire(user, connections);
|
||||
return assignGuacamoleSocket(new ActiveConnectionRecord(user, connectionGroup, connection), info);
|
||||
return assignGuacamoleTunnel(new ActiveConnectionRecord(user, connectionGroup, connection), info);
|
||||
|
||||
}
|
||||
|
||||
|
||||
@@ -26,7 +26,7 @@ import java.util.Date;
|
||||
import org.glyptodon.guacamole.auth.jdbc.connection.ModeledConnection;
|
||||
import org.glyptodon.guacamole.auth.jdbc.connectiongroup.ModeledConnectionGroup;
|
||||
import org.glyptodon.guacamole.auth.jdbc.user.AuthenticatedUser;
|
||||
import org.glyptodon.guacamole.net.GuacamoleSocket;
|
||||
import org.glyptodon.guacamole.net.GuacamoleTunnel;
|
||||
import org.glyptodon.guacamole.net.auth.ConnectionRecord;
|
||||
|
||||
|
||||
@@ -63,10 +63,10 @@ public class ActiveConnectionRecord implements ConnectionRecord {
|
||||
private final Date startDate = new Date();
|
||||
|
||||
/**
|
||||
* The GuacamoleSocket used by the connection associated with this
|
||||
* The GuacamoleTunnel used by the connection associated with this
|
||||
* connection record.
|
||||
*/
|
||||
private GuacamoleSocket socket;
|
||||
private GuacamoleTunnel tunnel;
|
||||
|
||||
/**
|
||||
* Creates a new connection record associated with the given user,
|
||||
@@ -194,18 +194,18 @@ public class ActiveConnectionRecord implements ConnectionRecord {
|
||||
}
|
||||
|
||||
@Override
|
||||
public GuacamoleSocket getSocket() {
|
||||
return socket;
|
||||
public GuacamoleTunnel getTunnel() {
|
||||
return tunnel;
|
||||
}
|
||||
|
||||
/**
|
||||
* Associates the given GuacamoleSocket with this connection record.
|
||||
* Associates the given GuacamoleTunnel with this connection record.
|
||||
*
|
||||
* @param socket
|
||||
* The GuacamoleSocket to associate with this connection record.
|
||||
* @param tunnel
|
||||
* The GuacamoleTunnel to associate with this connection record.
|
||||
*/
|
||||
public void setSocket(GuacamoleSocket socket) {
|
||||
this.socket = socket;
|
||||
public void setTunnel(GuacamoleTunnel tunnel) {
|
||||
this.tunnel = tunnel;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -27,7 +27,7 @@ import org.glyptodon.guacamole.auth.jdbc.user.AuthenticatedUser;
|
||||
import org.glyptodon.guacamole.auth.jdbc.connection.ModeledConnection;
|
||||
import org.glyptodon.guacamole.auth.jdbc.connectiongroup.ModeledConnectionGroup;
|
||||
import org.glyptodon.guacamole.GuacamoleException;
|
||||
import org.glyptodon.guacamole.net.GuacamoleSocket;
|
||||
import org.glyptodon.guacamole.net.GuacamoleTunnel;
|
||||
import org.glyptodon.guacamole.net.auth.Connection;
|
||||
import org.glyptodon.guacamole.net.auth.ConnectionGroup;
|
||||
import org.glyptodon.guacamole.net.auth.ConnectionRecord;
|
||||
@@ -78,14 +78,14 @@ public interface GuacamoleSocketService {
|
||||
* connection.
|
||||
*
|
||||
* @return
|
||||
* A new GuacamoleSocket which is configured and connected to the given
|
||||
* A new GuacamoleTunnel which is configured and connected to the given
|
||||
* connection.
|
||||
*
|
||||
* @throws GuacamoleException
|
||||
* If the connection cannot be established due to concurrent usage
|
||||
* rules.
|
||||
*/
|
||||
GuacamoleSocket getGuacamoleSocket(AuthenticatedUser user,
|
||||
GuacamoleTunnel getGuacamoleTunnel(AuthenticatedUser user,
|
||||
ModeledConnection connection, GuacamoleClientInformation info)
|
||||
throws GuacamoleException;
|
||||
|
||||
@@ -122,14 +122,14 @@ public interface GuacamoleSocketService {
|
||||
* connection group.
|
||||
*
|
||||
* @return
|
||||
* A new GuacamoleSocket which is configured and connected to the given
|
||||
* A new GuacamoleTunnel which is configured and connected to the given
|
||||
* connection group.
|
||||
*
|
||||
* @throws GuacamoleException
|
||||
* If the connection cannot be established due to concurrent usage
|
||||
* rules, or if the connection group is not balancing.
|
||||
*/
|
||||
GuacamoleSocket getGuacamoleSocket(AuthenticatedUser user,
|
||||
GuacamoleTunnel getGuacamoleTunnel(AuthenticatedUser user,
|
||||
ModeledConnectionGroup connectionGroup,
|
||||
GuacamoleClientInformation info)
|
||||
throws GuacamoleException;
|
||||
|
||||
@@ -125,8 +125,16 @@ public class UserContext extends RestrictedObject
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<ConnectionRecord> getActiveConnections() throws GuacamoleException {
|
||||
public Collection<ConnectionRecord> getActiveConnections()
|
||||
throws GuacamoleException {
|
||||
return socketService.getActiveConnections(getCurrentUser());
|
||||
}
|
||||
|
||||
@Override
|
||||
public ConnectionRecord getActiveConnection(String tunnelUUID)
|
||||
throws GuacamoleException {
|
||||
// STUB
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user