safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-10-30 00:23:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into GUAC-1193

Browse Source
This commit is contained in:
Michael Jumper
2015-10-15 13:24:14 -07:00
parent fdbc68bb92 38e62bd28e
commit cef124e212
22 changed files with 1162 additions and 551 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/extension/ExtensionModule.java
View File

@@ -100,7 +100,7 @@ public class ExtensionModule extends ServletModule {
/**
* Service for adding and retrieving language resources.
*/
private final LanguageResourceService languageResourceService = new LanguageResourceService();
private final LanguageResourceService languageResourceService;
/**
* Returns the classloader that should be used as the parent classloader
@@ -139,6 +139,7 @@ public class ExtensionModule extends ServletModule {
*/
public ExtensionModule(Environment environment) {
this.environment = environment;
this.languageResourceService = new LanguageResourceService(environment);
}
/**

70
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/extension/LanguageResourceService.java
View File

@@ -36,6 +36,9 @@ import org.codehaus.jackson.JsonNode;
import org.codehaus.jackson.map.ObjectMapper;
import org.codehaus.jackson.node.JsonNodeFactory;
import org.codehaus.jackson.node.ObjectNode;
import org.glyptodon.guacamole.GuacamoleException;
import org.glyptodon.guacamole.environment.Environment;
import org.glyptodon.guacamole.net.basic.properties.BasicGuacamoleProperties;
import org.glyptodon.guacamole.net.basic.resource.ByteArrayResource;
import org.glyptodon.guacamole.net.basic.resource.Resource;
import org.glyptodon.guacamole.net.basic.resource.WebApplicationResource;
@@ -76,6 +79,13 @@ public class LanguageResourceService {
*/
private static final Pattern LANGUAGE_KEY_PATTERN = Pattern.compile(".*/([a-z]+(_[A-Z]+)?)\\.json");
/**
* The set of all language keys which are explicitly listed as allowed
* within guacamole.properties, or null if all defined languages should be
* allowed.
*/
private final Set<String> allowedLanguages;
/**
* Map of all language resources by language key. Language keys are
* language and country code pairs, separated by an underscore, like
@@ -86,6 +96,35 @@ public class LanguageResourceService {
*/
private final Map<String, Resource> resources = new HashMap<String, Resource>();
/**
* Creates a new service for tracking and parsing available translations
* which reads its configuration from the given environment.
*
* @param environment
* The environment from which the configuration properties of this
* service should be read.
*/
public LanguageResourceService(Environment environment) {
Set<String> parsedAllowedLanguages;
// Parse list of available languages from properties
try {
parsedAllowedLanguages = environment.getProperty(BasicGuacamoleProperties.ALLOWED_LANGUAGES);
logger.debug("Available languages will be restricted to: {}", parsedAllowedLanguages);
}
// Warn of failure to parse
catch (GuacamoleException e) {
parsedAllowedLanguages = null;
logger.error("Unable to parse list of allowed languages: {}", e.getMessage());
logger.debug("Error parsing list of allowed languages.", e);
}
this.allowedLanguages = parsedAllowedLanguages;
}
/**
* Derives a language key from the filename within the given path, if
* possible. If the filename is not a valid language key, null is returned.
@@ -184,6 +223,31 @@ public class LanguageResourceService {
}
/**
* Returns whether a language having the given key should be allowed to be
* loaded. If language availability restrictions are imposed through
* guacamole.properties, this may return false in some cases. By default,
* this function will always return true. Note that just because a language
* key is allowed to be loaded does not imply that the language key is
* valid.
*
* @param languageKey
* The language key of the language to test.
*
* @return
* true if the given language key should be allowed to be loaded, false
* otherwise.
*/
private boolean isLanguageAllowed(String languageKey) {
// If no list is provided, all languages are implicitly available
if (allowedLanguages == null)
return true;
return allowedLanguages.contains(languageKey);
}
/**
* Adds or overlays the given language resource, which need not exist in
* the ServletContext. If a language resource is already defined for the
@@ -202,6 +266,12 @@ public class LanguageResourceService {
*/
public void addLanguageResource(String key, Resource resource) {
// Skip loading of language if not allowed
if (!isLanguageAllowed(key)) {
logger.debug("OMITTING language: \"{}\"", key);
return;
}
// Merge language resources if already defined
Resource existing = resources.get(key);
if (existing != null) {

14
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/properties/BasicGuacamoleProperties.java
View File

@@ -24,6 +24,7 @@ package org.glyptodon.guacamole.net.basic.properties;
import org.glyptodon.guacamole.properties.FileGuacamoleProperty;
import org.glyptodon.guacamole.properties.IntegerGuacamoleProperty;
import org.glyptodon.guacamole.properties.StringGuacamoleProperty;
/**
* Properties used by the default Guacamole web application.
@@ -73,4 +74,17 @@ public class BasicGuacamoleProperties {
};
/**
* Comma-separated list of all allowed languages, where each language is
* represented by a language key, such as "en" or "en_US". If specified,
* only languages within this list will be listed as available by the REST
* service.
*/
public static final StringSetProperty ALLOWED_LANGUAGES = new StringSetProperty() {
@Override
public String getName() { return "allowed-languages"; }
};
}

66
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/properties/StringSetProperty.java Normal file
View File

@@ -0,0 +1,66 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.glyptodon.guacamole.net.basic.properties;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;
import org.glyptodon.guacamole.GuacamoleException;
import org.glyptodon.guacamole.properties.GuacamoleProperty;
/**
* A GuacamoleProperty whose value is a Set of unique Strings. The string value
* parsed to produce this set is a comma-delimited list. Duplicate values are
* ignored, as is any whitespace following delimiters. To maintain
* compatibility with the behavior of Java properties in general, only
* whitespace at the beginning of each value is ignored; trailing whitespace
* becomes part of the value.
*
* @author Michael Jumper
*/
public abstract class StringSetProperty implements GuacamoleProperty<Set<String>> {
/**
* A pattern which matches against the delimiters between values. This is
* currently simply a comma and any following whitespace. Parts of the
* input string which match this pattern will not be included in the parsed
* result.
*/
private static final Pattern DELIMITER_PATTERN = Pattern.compile(",\\s*");
@Override
public Set<String> parseValue(String values) throws GuacamoleException {
// If no property provided, return null.
if (values == null)
return null;
// Split string into a set of individual values
List<String> valueList = Arrays.asList(DELIMITER_PATTERN.split(values));
return new HashSet<String>(valueList);
}
}

38
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/AuthProviderRESTExposure.java
View File

@@ -1,38 +0,0 @@
/*
* Copyright (C) 2014 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.glyptodon.guacamole.net.basic.rest;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* Marks that a method exposes functionality from the Guacamole AuthenticationProvider
* using a REST interface.
*
* @author James Muehlner
*/
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.METHOD})
public @interface AuthProviderRESTExposure {}

15
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/AuthProviderRESTExceptionWrapper.java → guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/RESTExceptionWrapper.java
View File

@@ -1,5 +1,5 @@
/*
* Copyright (C) 2014 Glyptodon LLC
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -34,13 +34,16 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* A method interceptor to wrap some custom exception handling around methods
* that expose AuthenticationProvider functionality through the REST interface.
* Translates various types of GuacamoleExceptions into appropriate HTTP responses.
*
* A method interceptor which wraps custom exception handling around methods
* which can throw GuacamoleExceptions and which are exposed through the REST
* interface. The various types of GuacamoleExceptions are automatically
* translated into appropriate HTTP responses, including JSON describing the
* error that occurred.
*
* @author James Muehlner
* @author Michael Jumper
*/
public class AuthProviderRESTExceptionWrapper implements MethodInterceptor {
public class RESTExceptionWrapper implements MethodInterceptor {
@Override
public Object invoke(MethodInvocation invocation) throws Throwable {

109
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/RESTMethodMatcher.java Normal file
View File

@@ -0,0 +1,109 @@
/*
* Copyright (C) 2015 Glyptodon LLC
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.glyptodon.guacamole.net.basic.rest;
import com.google.inject.matcher.AbstractMatcher;
import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import javax.ws.rs.HttpMethod;
import org.glyptodon.guacamole.GuacamoleException;
/**
* A Guice Matcher which matches only methods which throw GuacamoleException
* (or a subclass thereof) and are explicitly annotated as with an HTTP method
* annotation like <code>@GET</code> or <code>@POST</code>. Any method which
* throws GuacamoleException and is annotated with an annotation that is
* annotated with <code>@HttpMethod</code> will match.
*
* @author Michael Jumper
*/
public class RESTMethodMatcher extends AbstractMatcher<Method> {
/**
* Returns whether the given method throws the specified exception type,
* including any subclasses of that type.
*
* @param method
* The method to test.
*
* @param exceptionType
* The exception type to test for.
*
* @return
* true if the given method throws an exception of the specified type,
* false otherwise.
*/
private boolean methodThrowsException(Method method,
Class<? extends Exception> exceptionType) {
// Check whether the method throws an exception of the specified type
for (Class<?> thrownType : method.getExceptionTypes()) {
if (exceptionType.isAssignableFrom(thrownType))
return true;
}
// No such exception is declared to be thrown
return false;
}
/**
* Returns whether the given method is annotated as a REST method. A REST
* method is annotated with an annotation which is annotated with
* <code>@HttpMethod</code>.
*
* @param method
* The method to test.
*
* @return
* true if the given method is annotated as a REST method, false
* otherwise.
*/
private boolean isRESTMethod(Method method) {
// Check whether the required REST annotations are present
for (Annotation annotation : method.getAnnotations()) {
// A method is a REST method if it is annotated with @HttpMethod
Class<? extends Annotation> annotationType = annotation.annotationType();
if (annotationType.isAnnotationPresent(HttpMethod.class))
return true;
}
// The method is not an HTTP method
return false;
}
@Override
public boolean matches(Method method) {
// Guacamole REST methods are REST methods which throw
// GuacamoleExceptions
return isRESTMethod(method)
&& methodThrowsException(method, GuacamoleException.class);
}
}

6
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/RESTServletModule.java
View File

@@ -46,11 +46,11 @@ public class RESTServletModule extends ServletModule {
@Override
protected void configureServlets() {
// Bind @AuthProviderRESTExposure annotation
// Automatically translate GuacamoleExceptions for REST methods
bindInterceptor(
Matchers.any(),
Matchers.annotatedWith(AuthProviderRESTExposure.class),
new AuthProviderRESTExceptionWrapper()
new RESTMethodMatcher(),
new RESTExceptionWrapper()
);
// Bind convenience services used by the REST API

3
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/activeconnection/ActiveConnectionRESTService.java
View File

@@ -47,7 +47,6 @@ import org.glyptodon.guacamole.net.auth.permission.SystemPermission;
import org.glyptodon.guacamole.net.auth.permission.SystemPermissionSet;
import org.glyptodon.guacamole.net.basic.GuacamoleSession;
import org.glyptodon.guacamole.net.basic.rest.APIPatch;
import org.glyptodon.guacamole.net.basic.rest.AuthProviderRESTExposure;
import org.glyptodon.guacamole.net.basic.rest.ObjectRetrievalService;
import org.glyptodon.guacamole.net.basic.rest.PATCH;
import org.glyptodon.guacamole.net.basic.rest.auth.AuthenticationService;
@@ -107,7 +106,6 @@ public class ActiveConnectionRESTService {
* If an error is encountered while retrieving active connections.
*/
@GET
@AuthProviderRESTExposure
public Map<String, APIActiveConnection> getActiveConnections(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@QueryParam("permission") List<ObjectPermission.Type> permissions)
@@ -166,7 +164,6 @@ public class ActiveConnectionRESTService {
* If an error occurs while deleting the active connections.
*/
@PATCH
@AuthProviderRESTExposure
public void patchTunnels(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
List<APIPatch<String>> patches) throws GuacamoleException {

17
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/auth/TokenRESTService.java
View File

@@ -39,6 +39,7 @@ import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
import javax.xml.bind.DatatypeConverter;
import org.glyptodon.guacamole.GuacamoleException;
import org.glyptodon.guacamole.GuacamoleResourceNotFoundException;
import org.glyptodon.guacamole.GuacamoleSecurityException;
import org.glyptodon.guacamole.environment.Environment;
import org.glyptodon.guacamole.net.auth.AuthenticatedUser;
@@ -49,10 +50,7 @@ import org.glyptodon.guacamole.net.auth.credentials.CredentialsInfo;
import org.glyptodon.guacamole.net.auth.credentials.GuacamoleCredentialsException;
import org.glyptodon.guacamole.net.auth.credentials.GuacamoleInvalidCredentialsException;
import org.glyptodon.guacamole.net.basic.GuacamoleSession;
import org.glyptodon.guacamole.net.basic.rest.APIError;
import org.glyptodon.guacamole.net.basic.rest.APIRequest;
import org.glyptodon.guacamole.net.basic.rest.AuthProviderRESTExposure;
import org.glyptodon.guacamole.net.basic.rest.APIException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -464,7 +462,6 @@ public class TokenRESTService {
* If an error prevents successful authentication.
*/
@POST
@AuthProviderRESTExposure
public APIAuthenticationResult createToken(@FormParam("username") String username,
@FormParam("password") String password,
@FormParam("token") String token,
@@ -523,16 +520,20 @@ public class TokenRESTService {
* Invalidates a specific auth token, effectively logging out the associated
* user.
*
* @param authToken The token being invalidated.
* @param authToken
* The token being invalidated.
*
* @throws GuacamoleException
* If the specified token does not exist.
*/
@DELETE
@Path("/{token}")
@AuthProviderRESTExposure
public void invalidateToken(@PathParam("token") String authToken) {
public void invalidateToken(@PathParam("token") String authToken)
throws GuacamoleException {
GuacamoleSession session = tokenSessionMap.remove(authToken);
if (session == null)
throw new APIException(APIError.Type.NOT_FOUND, "No such token.");
throw new GuacamoleResourceNotFoundException("No such token.");
session.invalidate();

7
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/connection/ConnectionRESTService.java
View File

@@ -49,7 +49,6 @@ import org.glyptodon.guacamole.net.auth.permission.ObjectPermissionSet;
import org.glyptodon.guacamole.net.auth.permission.SystemPermission;
import org.glyptodon.guacamole.net.auth.permission.SystemPermissionSet;
import org.glyptodon.guacamole.net.basic.GuacamoleSession;
import org.glyptodon.guacamole.net.basic.rest.AuthProviderRESTExposure;
import org.glyptodon.guacamole.net.basic.rest.ObjectRetrievalService;
import org.glyptodon.guacamole.net.basic.rest.auth.AuthenticationService;
import org.glyptodon.guacamole.net.basic.rest.history.APIConnectionRecord;
@@ -106,7 +105,6 @@ public class ConnectionRESTService {
*/
@GET
@Path("/{connectionID}")
@AuthProviderRESTExposure
public APIConnection getConnection(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@PathParam("connectionID") String connectionID)
@@ -142,7 +140,6 @@ public class ConnectionRESTService {
*/
@GET
@Path("/{connectionID}/parameters")
@AuthProviderRESTExposure
public Map<String, String> getConnectionParameters(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@PathParam("connectionID") String connectionID)
@@ -196,7 +193,6 @@ public class ConnectionRESTService {
*/
@GET
@Path("/{connectionID}/history")
@AuthProviderRESTExposure
public List<APIConnectionRecord> getConnectionHistory(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@PathParam("connectionID") String connectionID)
@@ -236,7 +232,6 @@ public class ConnectionRESTService {
*/
@DELETE
@Path("/{connectionID}")
@AuthProviderRESTExposure
public void deleteConnection(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@PathParam("connectionID") String connectionID)
@@ -276,7 +271,6 @@ public class ConnectionRESTService {
*/
@POST
@Produces(MediaType.TEXT_PLAIN)
@AuthProviderRESTExposure
public String createConnection(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
APIConnection connection) throws GuacamoleException {
@@ -321,7 +315,6 @@ public class ConnectionRESTService {
*/
@PUT
@Path("/{connectionID}")
@AuthProviderRESTExposure
public void updateConnection(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@PathParam("connectionID") String connectionID,

6
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/connectiongroup/ConnectionGroupRESTService.java
View File

@@ -41,7 +41,6 @@ import org.glyptodon.guacamole.net.auth.Directory;
import org.glyptodon.guacamole.net.auth.UserContext;
import org.glyptodon.guacamole.net.auth.permission.ObjectPermission;
import org.glyptodon.guacamole.net.basic.GuacamoleSession;
import org.glyptodon.guacamole.net.basic.rest.AuthProviderRESTExposure;
import org.glyptodon.guacamole.net.basic.rest.ObjectRetrievalService;
import org.glyptodon.guacamole.net.basic.rest.auth.AuthenticationService;
import org.slf4j.Logger;
@@ -96,7 +95,6 @@ public class ConnectionGroupRESTService {
*/
@GET
@Path("/{connectionGroupID}")
@AuthProviderRESTExposure
public APIConnectionGroup getConnectionGroup(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@PathParam("connectionGroupID") String connectionGroupID)
@@ -138,7 +136,6 @@ public class ConnectionGroupRESTService {
*/
@GET
@Path("/{connectionGroupID}/tree")
@AuthProviderRESTExposure
public APIConnectionGroup getConnectionGroupTree(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@PathParam("connectionGroupID") String connectionGroupID,
@@ -176,7 +173,6 @@ public class ConnectionGroupRESTService {
*/
@DELETE
@Path("/{connectionGroupID}")
@AuthProviderRESTExposure
public void deleteConnectionGroup(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@PathParam("connectionGroupID") String connectionGroupID)
@@ -218,7 +214,6 @@ public class ConnectionGroupRESTService {
*/
@POST
@Produces(MediaType.TEXT_PLAIN)
@AuthProviderRESTExposure
public String createConnectionGroup(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
APIConnectionGroup connectionGroup) throws GuacamoleException {
@@ -263,7 +258,6 @@ public class ConnectionGroupRESTService {
*/
@PUT
@Path("/{connectionGroupID}")
@AuthProviderRESTExposure
public void updateConnectionGroup(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@PathParam("connectionGroupID") String connectionGroupID,

5
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/schema/SchemaRESTService.java
View File

@@ -38,7 +38,6 @@ import org.glyptodon.guacamole.environment.LocalEnvironment;
import org.glyptodon.guacamole.form.Form;
import org.glyptodon.guacamole.net.auth.UserContext;
import org.glyptodon.guacamole.net.basic.GuacamoleSession;
import org.glyptodon.guacamole.net.basic.rest.AuthProviderRESTExposure;
import org.glyptodon.guacamole.net.basic.rest.ObjectRetrievalService;
import org.glyptodon.guacamole.net.basic.rest.auth.AuthenticationService;
import org.glyptodon.guacamole.protocols.ProtocolInfo;
@@ -86,7 +85,6 @@ public class SchemaRESTService {
*/
@GET
@Path("/users/attributes")
@AuthProviderRESTExposure
public Collection<Form> getUserAttributes(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier)
throws GuacamoleException {
@@ -118,7 +116,6 @@ public class SchemaRESTService {
*/
@GET
@Path("/connections/attributes")
@AuthProviderRESTExposure
public Collection<Form> getConnectionAttributes(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier)
throws GuacamoleException {
@@ -151,7 +148,6 @@ public class SchemaRESTService {
*/
@GET
@Path("/connectionGroups/attributes")
@AuthProviderRESTExposure
public Collection<Form> getConnectionGroupAttributes(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier)
throws GuacamoleException {
@@ -186,7 +182,6 @@ public class SchemaRESTService {
*/
@GET
@Path("/protocols")
@AuthProviderRESTExposure
public Map<String, ProtocolInfo> getProtocols(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier)
throws GuacamoleException {

43
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/user/UserRESTService.java
View File

@@ -39,8 +39,10 @@ import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import org.glyptodon.guacamole.GuacamoleClientException;
import org.glyptodon.guacamole.GuacamoleException;
import org.glyptodon.guacamole.GuacamoleResourceNotFoundException;
import org.glyptodon.guacamole.GuacamoleSecurityException;
import org.glyptodon.guacamole.net.auth.AuthenticationProvider;
import org.glyptodon.guacamole.net.auth.Credentials;
import org.glyptodon.guacamole.net.auth.Directory;
@@ -53,12 +55,9 @@ import org.glyptodon.guacamole.net.auth.permission.Permission;
import org.glyptodon.guacamole.net.auth.permission.SystemPermission;
import org.glyptodon.guacamole.net.auth.permission.SystemPermissionSet;
import org.glyptodon.guacamole.net.basic.GuacamoleSession;
import org.glyptodon.guacamole.net.basic.rest.APIError;
import org.glyptodon.guacamole.net.basic.rest.APIPatch;
import static org.glyptodon.guacamole.net.basic.rest.APIPatch.Operation.add;
import static org.glyptodon.guacamole.net.basic.rest.APIPatch.Operation.remove;
import org.glyptodon.guacamole.net.basic.rest.AuthProviderRESTExposure;
import org.glyptodon.guacamole.net.basic.rest.APIException;
import org.glyptodon.guacamole.net.basic.rest.ObjectRetrievalService;
import org.glyptodon.guacamole.net.basic.rest.PATCH;
import org.glyptodon.guacamole.net.basic.rest.auth.AuthenticationService;
@@ -150,7 +149,6 @@ public class UserRESTService {
* If an error is encountered while retrieving users.
*/
@GET
@AuthProviderRESTExposure
public List<APIUser> getUsers(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@QueryParam("permission") List<ObjectPermission.Type> permissions)
@@ -205,7 +203,6 @@ public class UserRESTService {
*/
@GET
@Path("/{username}")
@AuthProviderRESTExposure
public APIUser getUser(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@PathParam("username") String username)
@@ -241,7 +238,6 @@ public class UserRESTService {
*/
@POST
@Produces(MediaType.TEXT_PLAIN)
@AuthProviderRESTExposure
public String createUser(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier, APIUser user)
throws GuacamoleException {
@@ -285,7 +281,6 @@ public class UserRESTService {
*/
@PUT
@Path("/{username}")
@AuthProviderRESTExposure
public void updateUser(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@PathParam("username") String username, APIUser user)
@@ -299,14 +294,11 @@ public class UserRESTService {
// Validate data and path are sane
if (!user.getUsername().equals(username))
throw new APIException(APIError.Type.BAD_REQUEST,
"Username in path does not match username provided JSON data.");
throw new GuacamoleClientException("Username in path does not match username provided JSON data.");
// A user may not use this endpoint to modify himself
if (userContext.self().getIdentifier().equals(user.getUsername())) {
throw new APIException(APIError.Type.PERMISSION_DENIED,
"Permission denied.");
}
if (userContext.self().getIdentifier().equals(user.getUsername()))
throw new GuacamoleSecurityException("Permission denied.");
// Get the user
User existingUser = retrievalService.retrieveUser(userContext, username);
@@ -349,7 +341,6 @@ public class UserRESTService {
*/
@PUT
@Path("/{username}/password")
@AuthProviderRESTExposure
public void updatePassword(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@PathParam("username") String username,
@@ -369,18 +360,15 @@ public class UserRESTService {
// Verify that the old password was correct
try {
AuthenticationProvider authProvider = userContext.getAuthenticationProvider();
if (authProvider.authenticateUser(credentials) == null) {
throw new APIException(APIError.Type.PERMISSION_DENIED,
"Permission denied.");
}
if (authProvider.authenticateUser(credentials) == null)
throw new GuacamoleSecurityException("Permission denied.");
}
// Pass through any credentials exceptions as simple permission denied
catch (GuacamoleCredentialsException e) {
throw new APIException(APIError.Type.PERMISSION_DENIED,
"Permission denied.");
throw new GuacamoleSecurityException("Permission denied.");
}
// Get the user directory
Directory<User> userDirectory = userContext.getUserDirectory();
@@ -414,7 +402,6 @@ public class UserRESTService {
*/
@DELETE
@Path("/{username}")
@AuthProviderRESTExposure
public void deleteUser(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@PathParam("username") String username)
@@ -458,7 +445,6 @@ public class UserRESTService {
*/
@GET
@Path("/{username}/permissions")
@AuthProviderRESTExposure
public APIPermissionSet getPermissions(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@PathParam("username") String username)
@@ -499,11 +485,14 @@ public class UserRESTService {
*
* @param permission
* The permission being added or removed from the set.
*
* @throws GuacamoleException
* If the requested patch operation is not supported.
*/
private <PermissionType extends Permission> void updatePermissionSet(
APIPatch.Operation operation,
PermissionSetPatch<PermissionType> permissionSetPatch,
PermissionType permission) {
PermissionType permission) throws GuacamoleException {
// Add or remove permission based on operation
switch (operation) {
@@ -520,8 +509,7 @@ public class UserRESTService {
// Unsupported patch operation
default:
throw new APIException(APIError.Type.BAD_REQUEST,
"Unsupported patch operation: \"" + operation + "\"");
throw new GuacamoleClientException("Unsupported patch operation: \"" + operation + "\"");
}
@@ -553,7 +541,6 @@ public class UserRESTService {
*/
@PATCH
@Path("/{username}/permissions")
@AuthProviderRESTExposure
public void patchPermissions(@QueryParam("token") String authToken,
@PathParam("dataSource") String authProviderIdentifier,
@PathParam("username") String username,
@@ -645,7 +632,7 @@ public class UserRESTService {
// Otherwise, the path is not supported
else
throw new APIException(APIError.Type.BAD_REQUEST, "Unsupported patch path: \"" + path + "\"");
throw new GuacamoleClientException("Unsupported patch path: \"" + path + "\"");
} // end for each patch operation