mirror of
https://github.com/gyurix1968/guacamole-client.git
synced 2025-09-06 05:07:41 +00:00
GUAC-1100: Commit to String identifiers.
This commit is contained in:
Michael Jumper
@@ -44,12 +44,12 @@ public abstract class AbstractUser implements User {
|
||||
private String password;
|
||||
|
||||
@Override
|
||||
public String getUsername() {
|
||||
public String getIdentifier() {
|
||||
return username;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setUsername(String username) {
|
||||
public void setIdentifier(String username) {
|
||||
this.username = username;
|
||||
}
|
||||
|
||||
|
||||
@@ -36,7 +36,7 @@ import org.glyptodon.guacamole.protocol.GuacamoleConfiguration;
|
||||
*
|
||||
* @author Michael Jumper
|
||||
*/
|
||||
public interface Connection {
|
||||
public interface Connection extends Identifiable {
|
||||
|
||||
/**
|
||||
* Returns the name assigned to this Connection.
|
||||
@@ -51,24 +51,6 @@ public interface Connection {
|
||||
*/
|
||||
public void setName(String name);
|
||||
|
||||
/**
|
||||
* Returns the unique identifier assigned to this Connection. All
|
||||
* connections must have a deterministic, unique identifier which may not
|
||||
* be null.
|
||||
*
|
||||
* @return
|
||||
* The unique identifier assigned to this Connection, which may not be
|
||||
* null.
|
||||
*/
|
||||
public String getIdentifier();
|
||||
|
||||
/**
|
||||
* Sets the identifier assigned to this Connection.
|
||||
*
|
||||
* @param identifier The identifier to assign.
|
||||
*/
|
||||
public void setIdentifier(String identifier);
|
||||
|
||||
/**
|
||||
* Returns the unique identifier of the parent ConnectionGroup for
|
||||
* this Connection.
|
||||
|
||||
@@ -32,10 +32,29 @@ import org.glyptodon.guacamole.protocol.GuacamoleClientInformation;
|
||||
*
|
||||
* @author James Muehlner
|
||||
*/
|
||||
public interface ConnectionGroup {
|
||||
|
||||
public interface ConnectionGroup extends Identifiable {
|
||||
|
||||
/**
|
||||
* All legal types of connection group.
|
||||
*/
|
||||
public enum Type {
|
||||
ORGANIZATIONAL, BALANCING
|
||||
|
||||
/**
|
||||
* A connection group that purely organizes other connections or
|
||||
* connection groups, serving only as a container. An organizational
|
||||
* connection group is analogous to a directory or folder in a
|
||||
* filesystem.
|
||||
*/
|
||||
ORGANIZATIONAL,
|
||||
|
||||
/**
|
||||
* A connection group that acts as a load balancer. A balancing
|
||||
* connection group can be connected to in the same manner as a
|
||||
* connection, and will transparently route to the least-used
|
||||
* underlying connection.
|
||||
*/
|
||||
BALANCING
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
@@ -51,24 +70,6 @@ public interface ConnectionGroup {
|
||||
*/
|
||||
public void setName(String name);
|
||||
|
||||
/**
|
||||
* Returns the unique identifier assigned to this ConnectionGroup. All
|
||||
* connection groups must have a deterministic, unique identifier which may
|
||||
* not be null.
|
||||
*
|
||||
* @return
|
||||
* The unique identifier assigned to this ConnectionGroup, which may
|
||||
* not be null.
|
||||
*/
|
||||
public String getIdentifier();
|
||||
|
||||
/**
|
||||
* Sets the identifier assigned to this ConnectionGroup.
|
||||
*
|
||||
* @param identifier The identifier to assign.
|
||||
*/
|
||||
public void setIdentifier(String identifier);
|
||||
|
||||
/**
|
||||
* Returns the unique identifier of the parent ConnectionGroup for
|
||||
* this ConnectionGroup.
|
||||
@@ -111,7 +112,7 @@ public interface ConnectionGroup {
|
||||
* @throws GuacamoleException If an error occurs while creating the
|
||||
* Directory.
|
||||
*/
|
||||
Directory<String, Connection> getConnectionDirectory()
|
||||
Directory<Connection> getConnectionDirectory()
|
||||
throws GuacamoleException;
|
||||
|
||||
/**
|
||||
@@ -125,7 +126,7 @@ public interface ConnectionGroup {
|
||||
* @throws GuacamoleException If an error occurs while creating the
|
||||
* Directory.
|
||||
*/
|
||||
Directory<String, ConnectionGroup> getConnectionGroupDirectory()
|
||||
Directory<ConnectionGroup> getConnectionGroupDirectory()
|
||||
throws GuacamoleException;
|
||||
|
||||
/**
|
||||
|
||||
@@ -34,11 +34,10 @@ import org.glyptodon.guacamole.GuacamoleException;
|
||||
* function.
|
||||
*
|
||||
* @author Michael Jumper
|
||||
* @param <IdentifierType> The type of identifier used to identify objects
|
||||
* stored within this Directory.
|
||||
* @param <ObjectType> The type of objects stored within this Directory.
|
||||
* @param <ObjectType>
|
||||
* The type of objects stored within this Directory.
|
||||
*/
|
||||
public interface Directory<IdentifierType, ObjectType> {
|
||||
public interface Directory<ObjectType> {
|
||||
|
||||
/**
|
||||
* Returns the object having the given identifier. Note that changes to
|
||||
@@ -56,7 +55,7 @@ public interface Directory<IdentifierType, ObjectType> {
|
||||
* object, or if permission for retrieving the
|
||||
* object is denied.
|
||||
*/
|
||||
ObjectType get(IdentifierType identifier) throws GuacamoleException;
|
||||
ObjectType get(String identifier) throws GuacamoleException;
|
||||
|
||||
/**
|
||||
* Returns the objects having the given identifiers. Note that changes to
|
||||
@@ -78,7 +77,7 @@ public interface Directory<IdentifierType, ObjectType> {
|
||||
* If an error occurs while retrieving the objects, or if permission
|
||||
* to retrieve the requested objects is denied.
|
||||
*/
|
||||
Collection<ObjectType> getAll(Collection<IdentifierType> identifiers)
|
||||
Collection<ObjectType> getAll(Collection<String> identifiers)
|
||||
throws GuacamoleException;
|
||||
|
||||
/**
|
||||
@@ -89,7 +88,7 @@ public interface Directory<IdentifierType, ObjectType> {
|
||||
* @throws GuacamoleException If an error occurs while retrieving
|
||||
* the identifiers.
|
||||
*/
|
||||
Set<IdentifierType> getIdentifiers() throws GuacamoleException;
|
||||
Set<String> getIdentifiers() throws GuacamoleException;
|
||||
|
||||
/**
|
||||
* Adds the given object to the overall set.
|
||||
@@ -121,7 +120,7 @@ public interface Directory<IdentifierType, ObjectType> {
|
||||
* @throws GuacamoleException If an error occurs while removing the object,
|
||||
* or if removing object is not allowed.
|
||||
*/
|
||||
void remove(IdentifierType identifier) throws GuacamoleException;
|
||||
void remove(String identifier) throws GuacamoleException;
|
||||
|
||||
/**
|
||||
* Moves the object with the given identifier to the given directory.
|
||||
@@ -132,7 +131,7 @@ public interface Directory<IdentifierType, ObjectType> {
|
||||
* @throws GuacamoleException If an error occurs while moving the object,
|
||||
* or if moving object is not allowed.
|
||||
*/
|
||||
void move(IdentifierType identifier, Directory<IdentifierType, ObjectType> directory)
|
||||
void move(String identifier, Directory<ObjectType> directory)
|
||||
throws GuacamoleException;
|
||||
|
||||
}
|
||||
|
||||
@@ -0,0 +1,52 @@
|
||||
/*
|
||||
* Copyright (C) 2013 Glyptodon LLC
|
||||
*
|
||||
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*/
|
||||
|
||||
package org.glyptodon.guacamole.net.auth;
|
||||
|
||||
/**
|
||||
* An object which has a deterministic, unique identifier, which may not be
|
||||
* null.
|
||||
*
|
||||
* @author Michael Jumper
|
||||
*/
|
||||
public interface Identifiable {
|
||||
|
||||
/**
|
||||
* Returns the unique identifier assigned to this object. All identifiable
|
||||
* objects must have a deterministic, unique identifier which may not be
|
||||
* null.
|
||||
*
|
||||
* @return
|
||||
* The unique identifier assigned to this object, which may not be
|
||||
* null.
|
||||
*/
|
||||
public String getIdentifier();
|
||||
|
||||
/**
|
||||
* Sets the identifier assigned to this object.
|
||||
*
|
||||
* @param identifier
|
||||
* The identifier to assign.
|
||||
*/
|
||||
public void setIdentifier(String identifier);
|
||||
|
||||
}
|
||||
@@ -32,24 +32,7 @@ import org.glyptodon.guacamole.net.auth.permission.SystemPermissionSet;
|
||||
*
|
||||
* @author Michael Jumper
|
||||
*/
|
||||
public interface User {
|
||||
|
||||
/**
|
||||
* Returns the name of this user, which must be unique across all users.
|
||||
* All users must have a deterministic, unique username which may not be
|
||||
* null.
|
||||
*
|
||||
* @return
|
||||
* The unique username of this user, which may not be null.
|
||||
*/
|
||||
public String getUsername();
|
||||
|
||||
/**
|
||||
* Sets the name of this user, which must be unique across all users.
|
||||
*
|
||||
* @param username The name of this user.
|
||||
*/
|
||||
public void setUsername(String username);
|
||||
public interface User extends Identifiable {
|
||||
|
||||
/**
|
||||
* Returns this user's password. Note that the password returned may be
|
||||
@@ -92,7 +75,7 @@ public interface User {
|
||||
* If an error occurs while retrieving permissions, or if reading all
|
||||
* permissions is not allowed.
|
||||
*/
|
||||
ObjectPermissionSet<String> getConnectionPermissions()
|
||||
ObjectPermissionSet getConnectionPermissions()
|
||||
throws GuacamoleException;
|
||||
|
||||
/**
|
||||
@@ -106,7 +89,7 @@ public interface User {
|
||||
* If an error occurs while retrieving permissions, or if reading all
|
||||
* permissions is not allowed.
|
||||
*/
|
||||
ObjectPermissionSet<String> getConnectionGroupPermissions()
|
||||
ObjectPermissionSet getConnectionGroupPermissions()
|
||||
throws GuacamoleException;
|
||||
|
||||
/**
|
||||
@@ -119,6 +102,6 @@ public interface User {
|
||||
* If an error occurs while retrieving permissions, or if reading all
|
||||
* permissions is not allowed.
|
||||
*/
|
||||
ObjectPermissionSet<String> getUserPermissions() throws GuacamoleException;
|
||||
ObjectPermissionSet getUserPermissions() throws GuacamoleException;
|
||||
|
||||
}
|
||||
|
||||
@@ -52,7 +52,7 @@ public interface UserContext {
|
||||
* @throws GuacamoleException If an error occurs while creating the
|
||||
* Directory.
|
||||
*/
|
||||
Directory<String, User> getUserDirectory() throws GuacamoleException;
|
||||
Directory<User> getUserDirectory() throws GuacamoleException;
|
||||
|
||||
/**
|
||||
* Retrieves a connection group which can be used to view and manipulate
|
||||
|
||||
@@ -28,10 +28,8 @@ package org.glyptodon.guacamole.net.auth.permission;
|
||||
* whole.
|
||||
*
|
||||
* @author Michael Jumper
|
||||
* @param <IdentifierType>
|
||||
* The type of identifier used by the object this permission affects.
|
||||
*/
|
||||
public class ObjectPermission<IdentifierType> implements Permission<ObjectPermission.Type> {
|
||||
public class ObjectPermission implements Permission<ObjectPermission.Type> {
|
||||
|
||||
/**
|
||||
* Specific types of object-level permissions. Each permission type is
|
||||
@@ -65,7 +63,7 @@ public class ObjectPermission<IdentifierType> implements Permission<ObjectPermis
|
||||
* The identifier of the GuacamoleConfiguration associated with the
|
||||
* operation affected by this permission.
|
||||
*/
|
||||
private final IdentifierType identifier;
|
||||
private final String identifier;
|
||||
|
||||
/**
|
||||
* The type of operation affected by this permission.
|
||||
@@ -84,7 +82,7 @@ public class ObjectPermission<IdentifierType> implements Permission<ObjectPermis
|
||||
* The identifier of the object associated with the operation affected
|
||||
* by this permission.
|
||||
*/
|
||||
public ObjectPermission(Type type, IdentifierType identifier) {
|
||||
public ObjectPermission(Type type, String identifier) {
|
||||
|
||||
this.identifier = identifier;
|
||||
this.type = type;
|
||||
@@ -98,7 +96,7 @@ public class ObjectPermission<IdentifierType> implements Permission<ObjectPermis
|
||||
* @return The identifier of the specific object affected by this
|
||||
* permission.
|
||||
*/
|
||||
public IdentifierType getObjectIdentifier() {
|
||||
public String getObjectIdentifier() {
|
||||
return identifier;
|
||||
}
|
||||
|
||||
|
||||
@@ -32,12 +32,8 @@ import org.glyptodon.guacamole.GuacamoleException;
|
||||
* an associated unique identifier.
|
||||
*
|
||||
* @author Michael Jumper
|
||||
* @param <IdentifierType>
|
||||
* The type of identifier used to identify objects affected by permissions
|
||||
* stored in this ObjectPermissionSet.
|
||||
*/
|
||||
public interface ObjectPermissionSet<IdentifierType>
|
||||
extends PermissionSet<ObjectPermission<IdentifierType>> {
|
||||
public interface ObjectPermissionSet extends PermissionSet<ObjectPermission> {
|
||||
|
||||
/**
|
||||
* Tests whether the permission of the given type is granted for the
|
||||
@@ -58,7 +54,7 @@ public interface ObjectPermissionSet<IdentifierType>
|
||||
* cannot be checked due to lack of permissions to do so.
|
||||
*/
|
||||
boolean hasPermission(ObjectPermission.Type permission,
|
||||
IdentifierType identifier) throws GuacamoleException;
|
||||
String identifier) throws GuacamoleException;
|
||||
|
||||
/**
|
||||
* Adds the specified permission for the object having the given
|
||||
@@ -76,7 +72,7 @@ public interface ObjectPermissionSet<IdentifierType>
|
||||
* add permissions is denied.
|
||||
*/
|
||||
void addPermission(ObjectPermission.Type permission,
|
||||
IdentifierType identifier) throws GuacamoleException;
|
||||
String identifier) throws GuacamoleException;
|
||||
|
||||
/**
|
||||
* Removes the specified permission for the object having the given
|
||||
@@ -94,7 +90,7 @@ public interface ObjectPermissionSet<IdentifierType>
|
||||
* to remove permissions is denied.
|
||||
*/
|
||||
void removePermission(ObjectPermission.Type permission,
|
||||
IdentifierType identifier) throws GuacamoleException;
|
||||
String identifier) throws GuacamoleException;
|
||||
|
||||
/**
|
||||
* Tests whether this user has the specified permissions for the objects
|
||||
@@ -119,20 +115,20 @@ public interface ObjectPermissionSet<IdentifierType>
|
||||
* If an error occurs while checking permissions, or if permissions
|
||||
* cannot be checked due to lack of permissions to do so.
|
||||
*/
|
||||
Collection<IdentifierType> getAccessibleObjects(
|
||||
Collection<String> getAccessibleObjects(
|
||||
Collection<ObjectPermission.Type> permissions,
|
||||
Collection<IdentifierType> identifiers) throws GuacamoleException;
|
||||
Collection<String> identifiers) throws GuacamoleException;
|
||||
|
||||
@Override
|
||||
Set<ObjectPermission<IdentifierType>> getPermissions()
|
||||
Set<ObjectPermission> getPermissions()
|
||||
throws GuacamoleException;
|
||||
|
||||
@Override
|
||||
void addPermissions(Set<ObjectPermission<IdentifierType>> permissions)
|
||||
void addPermissions(Set<ObjectPermission> permissions)
|
||||
throws GuacamoleException;
|
||||
|
||||
@Override
|
||||
void removePermissions(Set<ObjectPermission<IdentifierType>> permissions)
|
||||
void removePermissions(Set<ObjectPermission> permissions)
|
||||
throws GuacamoleException;
|
||||
|
||||
}
|
||||
|
||||
@@ -35,7 +35,7 @@ import org.glyptodon.guacamole.protocol.GuacamoleConfiguration;
|
||||
*
|
||||
* @author Michael Jumper
|
||||
*/
|
||||
public class SimpleConnectionDirectory extends SimpleDirectory<String, Connection> {
|
||||
public class SimpleConnectionDirectory extends SimpleDirectory<Connection> {
|
||||
|
||||
/**
|
||||
* The Map of Connections to provide access to.
|
||||
|
||||
@@ -44,13 +44,13 @@ public class SimpleConnectionGroup extends AbstractConnectionGroup {
|
||||
* Underlying connection directory, containing all connections within this
|
||||
* group.
|
||||
*/
|
||||
private final Directory<String, Connection> connectionDirectory;
|
||||
private final Directory<Connection> connectionDirectory;
|
||||
|
||||
/**
|
||||
* Underlying connection group directory, containing all connections within
|
||||
* this group.
|
||||
*/
|
||||
private final Directory<String, ConnectionGroup> connectionGroupDirectory;
|
||||
private final Directory<ConnectionGroup> connectionGroupDirectory;
|
||||
|
||||
/**
|
||||
* Creates a new SimpleConnectionGroup having the given name and identifier
|
||||
@@ -64,8 +64,8 @@ public class SimpleConnectionGroup extends AbstractConnectionGroup {
|
||||
* when requested.
|
||||
*/
|
||||
public SimpleConnectionGroup(String name, String identifier,
|
||||
Directory<String, Connection> connectionDirectory,
|
||||
Directory<String, ConnectionGroup> connectionGroupDirectory) {
|
||||
Directory<Connection> connectionDirectory,
|
||||
Directory<ConnectionGroup> connectionGroupDirectory) {
|
||||
|
||||
// Set name
|
||||
setName(name);
|
||||
@@ -83,13 +83,13 @@ public class SimpleConnectionGroup extends AbstractConnectionGroup {
|
||||
}
|
||||
|
||||
@Override
|
||||
public Directory<String, Connection> getConnectionDirectory()
|
||||
public Directory<Connection> getConnectionDirectory()
|
||||
throws GuacamoleException {
|
||||
return connectionDirectory;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Directory<String, ConnectionGroup> getConnectionGroupDirectory()
|
||||
public Directory<ConnectionGroup> getConnectionGroupDirectory()
|
||||
throws GuacamoleException {
|
||||
return connectionGroupDirectory;
|
||||
}
|
||||
|
||||
@@ -35,7 +35,7 @@ import org.glyptodon.guacamole.net.auth.ConnectionGroup;
|
||||
* @author James Muehlner
|
||||
*/
|
||||
public class SimpleConnectionGroupDirectory
|
||||
extends SimpleDirectory<String, ConnectionGroup> {
|
||||
extends SimpleDirectory<ConnectionGroup> {
|
||||
|
||||
/**
|
||||
* The Map of ConnectionGroups to provide access to.
|
||||
|
||||
@@ -37,20 +37,15 @@ import org.glyptodon.guacamole.net.auth.Directory;
|
||||
* will affect the available contents of this SimpleDirectory.
|
||||
*
|
||||
* @author Michael Jumper
|
||||
* @param <IdentifierType>
|
||||
* The type of identifier used to identify objects stored within this
|
||||
* SimpleDirectory.
|
||||
*
|
||||
* @param <ObjectType>
|
||||
* The type of objects stored within this SimpleDirectory.
|
||||
*/
|
||||
public class SimpleDirectory<IdentifierType, ObjectType>
|
||||
implements Directory<IdentifierType, ObjectType> {
|
||||
public class SimpleDirectory<ObjectType> implements Directory<ObjectType> {
|
||||
|
||||
/**
|
||||
* The Map of objects to provide access to.
|
||||
*/
|
||||
private Map<IdentifierType, ObjectType> objects = Collections.EMPTY_MAP;
|
||||
private Map<String, ObjectType> objects = Collections.EMPTY_MAP;
|
||||
|
||||
/**
|
||||
* Creates a new empty SimpleDirectory which does not provide access to
|
||||
@@ -66,7 +61,7 @@ public class SimpleDirectory<IdentifierType, ObjectType>
|
||||
* @param objects
|
||||
* The Map of objects to provide access to.
|
||||
*/
|
||||
public SimpleDirectory(Map<IdentifierType, ObjectType> objects) {
|
||||
public SimpleDirectory(Map<String, ObjectType> objects) {
|
||||
this.objects = objects;
|
||||
}
|
||||
|
||||
@@ -78,7 +73,7 @@ public class SimpleDirectory<IdentifierType, ObjectType>
|
||||
* @param objects
|
||||
* The Map of objects to provide access to.
|
||||
*/
|
||||
protected void setObjects(Map<IdentifierType, ObjectType> objects) {
|
||||
protected void setObjects(Map<String, ObjectType> objects) {
|
||||
this.objects = objects;
|
||||
}
|
||||
|
||||
@@ -90,25 +85,25 @@ public class SimpleDirectory<IdentifierType, ObjectType>
|
||||
* @return
|
||||
* The Map of objects which currently backs this SimpleDirectory.
|
||||
*/
|
||||
protected Map<IdentifierType, ObjectType> getObjects() {
|
||||
protected Map<String, ObjectType> getObjects() {
|
||||
return objects;
|
||||
}
|
||||
|
||||
@Override
|
||||
public ObjectType get(IdentifierType identifier)
|
||||
public ObjectType get(String identifier)
|
||||
throws GuacamoleException {
|
||||
return objects.get(identifier);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<ObjectType> getAll(Collection<IdentifierType> identifiers)
|
||||
public Collection<ObjectType> getAll(Collection<String> identifiers)
|
||||
throws GuacamoleException {
|
||||
|
||||
// Create collection which has an appropriate initial size
|
||||
Collection<ObjectType> foundObjects = new ArrayList<ObjectType>(identifiers.size());
|
||||
|
||||
// Populate collection with matching objects
|
||||
for (IdentifierType identifier : identifiers) {
|
||||
for (String identifier : identifiers) {
|
||||
|
||||
// Add the object which has the current identifier, if any
|
||||
ObjectType object = objects.get(identifier);
|
||||
@@ -122,7 +117,7 @@ public class SimpleDirectory<IdentifierType, ObjectType>
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<IdentifierType> getIdentifiers() throws GuacamoleException {
|
||||
public Set<String> getIdentifiers() throws GuacamoleException {
|
||||
return objects.keySet();
|
||||
}
|
||||
|
||||
@@ -139,13 +134,12 @@ public class SimpleDirectory<IdentifierType, ObjectType>
|
||||
}
|
||||
|
||||
@Override
|
||||
public void remove(IdentifierType identifier) throws GuacamoleException {
|
||||
public void remove(String identifier) throws GuacamoleException {
|
||||
throw new GuacamoleSecurityException("Permission denied.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void move(IdentifierType identifier,
|
||||
Directory<IdentifierType, ObjectType> directory)
|
||||
public void move(String identifier, Directory<ObjectType> directory)
|
||||
throws GuacamoleException {
|
||||
throw new GuacamoleSecurityException("Permission denied.");
|
||||
}
|
||||
|
||||
@@ -36,17 +36,13 @@ import org.glyptodon.guacamole.net.auth.permission.ObjectPermissionSet;
|
||||
* of Permissions to determine which permissions are present.
|
||||
*
|
||||
* @author Michael Jumper
|
||||
* @param <IdentifierType>
|
||||
* The type of identifier used to identify objects affected by permissions
|
||||
* stored in this SimpleObjectPermissionSet.
|
||||
*/
|
||||
public class SimpleObjectPermissionSet<IdentifierType>
|
||||
implements ObjectPermissionSet<IdentifierType> {
|
||||
public class SimpleObjectPermissionSet implements ObjectPermissionSet {
|
||||
|
||||
/**
|
||||
* The set of all permissions currently granted.
|
||||
*/
|
||||
private Set<ObjectPermission<IdentifierType>> permissions = Collections.EMPTY_SET;
|
||||
private Set<ObjectPermission> permissions = Collections.EMPTY_SET;
|
||||
|
||||
/**
|
||||
* Creates a new empty SimpleObjectPermissionSet.
|
||||
@@ -62,7 +58,7 @@ public class SimpleObjectPermissionSet<IdentifierType>
|
||||
* The Set of permissions this SimpleObjectPermissionSet should
|
||||
* contain.
|
||||
*/
|
||||
public SimpleObjectPermissionSet(Set<ObjectPermission<IdentifierType>> permissions) {
|
||||
public SimpleObjectPermissionSet(Set<ObjectPermission> permissions) {
|
||||
this.permissions = permissions;
|
||||
}
|
||||
|
||||
@@ -74,21 +70,21 @@ public class SimpleObjectPermissionSet<IdentifierType>
|
||||
* The Set of permissions this SimpleObjectPermissionSet should
|
||||
* contain.
|
||||
*/
|
||||
protected void setPermissions(Set<ObjectPermission<IdentifierType>> permissions) {
|
||||
protected void setPermissions(Set<ObjectPermission> permissions) {
|
||||
this.permissions = permissions;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<ObjectPermission<IdentifierType>> getPermissions() {
|
||||
public Set<ObjectPermission> getPermissions() {
|
||||
return permissions;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean hasPermission(ObjectPermission.Type permission,
|
||||
IdentifierType identifier) throws GuacamoleException {
|
||||
String identifier) throws GuacamoleException {
|
||||
|
||||
ObjectPermission<IdentifierType> objectPermission =
|
||||
new ObjectPermission<IdentifierType>(permission, identifier);
|
||||
ObjectPermission objectPermission =
|
||||
new ObjectPermission(permission, identifier);
|
||||
|
||||
return permissions.contains(objectPermission);
|
||||
|
||||
@@ -96,29 +92,29 @@ public class SimpleObjectPermissionSet<IdentifierType>
|
||||
|
||||
@Override
|
||||
public void addPermission(ObjectPermission.Type permission,
|
||||
IdentifierType identifier) throws GuacamoleException {
|
||||
String identifier) throws GuacamoleException {
|
||||
throw new GuacamoleSecurityException("Permission denied.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void removePermission(ObjectPermission.Type permission,
|
||||
IdentifierType identifier) throws GuacamoleException {
|
||||
String identifier) throws GuacamoleException {
|
||||
throw new GuacamoleSecurityException("Permission denied.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<IdentifierType> getAccessibleObjects(
|
||||
public Collection<String> getAccessibleObjects(
|
||||
Collection<ObjectPermission.Type> permissionTypes,
|
||||
Collection<IdentifierType> identifiers) throws GuacamoleException {
|
||||
Collection<String> identifiers) throws GuacamoleException {
|
||||
|
||||
Collection<IdentifierType> accessibleObjects = new ArrayList<IdentifierType>(permissions.size());
|
||||
Collection<String> accessibleObjects = new ArrayList<String>(permissions.size());
|
||||
|
||||
// For each identifier/permission combination
|
||||
for (IdentifierType identifier : identifiers) {
|
||||
for (String identifier : identifiers) {
|
||||
for (ObjectPermission.Type permissionType : permissionTypes) {
|
||||
|
||||
// Add identifier if at least one requested permission is granted
|
||||
ObjectPermission<IdentifierType> permission = new ObjectPermission<IdentifierType>(permissionType, identifier);
|
||||
ObjectPermission permission = new ObjectPermission(permissionType, identifier);
|
||||
if (permissions.contains(permission)) {
|
||||
accessibleObjects.add(identifier);
|
||||
break;
|
||||
@@ -132,13 +128,13 @@ public class SimpleObjectPermissionSet<IdentifierType>
|
||||
}
|
||||
|
||||
@Override
|
||||
public void addPermissions(Set<ObjectPermission<IdentifierType>> permissions)
|
||||
public void addPermissions(Set<ObjectPermission> permissions)
|
||||
throws GuacamoleException {
|
||||
throw new GuacamoleSecurityException("Permission denied.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void removePermissions(Set<ObjectPermission<IdentifierType>> permissions)
|
||||
public void removePermissions(Set<ObjectPermission> permissions)
|
||||
throws GuacamoleException {
|
||||
throw new GuacamoleSecurityException("Permission denied.");
|
||||
}
|
||||
|
||||
@@ -28,9 +28,7 @@ import java.util.Map;
|
||||
import java.util.Set;
|
||||
import org.glyptodon.guacamole.GuacamoleException;
|
||||
import org.glyptodon.guacamole.net.auth.AbstractUser;
|
||||
import org.glyptodon.guacamole.net.auth.Connection;
|
||||
import org.glyptodon.guacamole.net.auth.ConnectionGroup;
|
||||
import org.glyptodon.guacamole.net.auth.User;
|
||||
import org.glyptodon.guacamole.net.auth.permission.ObjectPermission;
|
||||
import org.glyptodon.guacamole.net.auth.permission.ObjectPermissionSet;
|
||||
import org.glyptodon.guacamole.net.auth.permission.SystemPermissionSet;
|
||||
@@ -46,14 +44,14 @@ public class SimpleUser extends AbstractUser {
|
||||
/**
|
||||
* All connection permissions granted to this user.
|
||||
*/
|
||||
private final Set<ObjectPermission<String>> connectionPermissions =
|
||||
new HashSet<ObjectPermission<String>>();
|
||||
private final Set<ObjectPermission> connectionPermissions =
|
||||
new HashSet<ObjectPermission>();
|
||||
|
||||
/**
|
||||
* All connection group permissions granted to this user.
|
||||
*/
|
||||
private final Set<ObjectPermission<String>> connectionGroupPermissions =
|
||||
new HashSet<ObjectPermission<String>>();
|
||||
private final Set<ObjectPermission> connectionGroupPermissions =
|
||||
new HashSet<ObjectPermission>();
|
||||
|
||||
/**
|
||||
* Creates a completely uninitialized SimpleUser.
|
||||
@@ -73,7 +71,7 @@ public class SimpleUser extends AbstractUser {
|
||||
Collection<ConnectionGroup> groups) {
|
||||
|
||||
// Set username
|
||||
setUsername(username);
|
||||
setIdentifier(username);
|
||||
|
||||
// Add connection permissions
|
||||
for (String identifier : configs.keySet()) {
|
||||
@@ -112,21 +110,21 @@ public class SimpleUser extends AbstractUser {
|
||||
}
|
||||
|
||||
@Override
|
||||
public ObjectPermissionSet<String> getConnectionPermissions()
|
||||
public ObjectPermissionSet getConnectionPermissions()
|
||||
throws GuacamoleException {
|
||||
return new SimpleObjectPermissionSet<String>(connectionPermissions);
|
||||
return new SimpleObjectPermissionSet(connectionPermissions);
|
||||
}
|
||||
|
||||
@Override
|
||||
public ObjectPermissionSet<String> getConnectionGroupPermissions()
|
||||
public ObjectPermissionSet getConnectionGroupPermissions()
|
||||
throws GuacamoleException {
|
||||
return new SimpleObjectPermissionSet<String>(connectionGroupPermissions);
|
||||
return new SimpleObjectPermissionSet(connectionGroupPermissions);
|
||||
}
|
||||
|
||||
@Override
|
||||
public ObjectPermissionSet<String> getUserPermissions()
|
||||
public ObjectPermissionSet getUserPermissions()
|
||||
throws GuacamoleException {
|
||||
return new SimpleObjectPermissionSet<String>();
|
||||
return new SimpleObjectPermissionSet();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -51,7 +51,7 @@ public class SimpleUserContext implements UserContext {
|
||||
* The Directory with access only to the User associated with this
|
||||
* UserContext.
|
||||
*/
|
||||
private final Directory<String, User> userDirectory;
|
||||
private final Directory<User> userDirectory;
|
||||
|
||||
/**
|
||||
* The ConnectionGroup with access only to those Connections that the User
|
||||
@@ -102,7 +102,7 @@ public class SimpleUserContext implements UserContext {
|
||||
}
|
||||
|
||||
@Override
|
||||
public Directory<String, User> getUserDirectory()
|
||||
public Directory<User> getUserDirectory()
|
||||
throws GuacamoleException {
|
||||
return userDirectory;
|
||||
}
|
||||
|
||||
@@ -31,7 +31,7 @@ import org.glyptodon.guacamole.net.auth.User;
|
||||
*
|
||||
* @author Michael Jumper
|
||||
*/
|
||||
public class SimpleUserDirectory extends SimpleDirectory<String, User> {
|
||||
public class SimpleUserDirectory extends SimpleDirectory<User> {
|
||||
|
||||
/**
|
||||
* Creates a new SimpleUserDirectory which provides access to the single
|
||||
@@ -40,7 +40,7 @@ public class SimpleUserDirectory extends SimpleDirectory<String, User> {
|
||||
* @param user The user to provide access to.
|
||||
*/
|
||||
public SimpleUserDirectory(User user) {
|
||||
super(Collections.singletonMap(user.getUsername(), user));
|
||||
super(Collections.singletonMap(user.getIdentifier(), user));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -213,19 +213,19 @@ public class TunnelRequestService {
|
||||
UserContext context = session.getUserContext();
|
||||
|
||||
// Get connection directory
|
||||
Directory<String, Connection> directory =
|
||||
Directory<Connection> directory =
|
||||
context.getRootConnectionGroup().getConnectionDirectory();
|
||||
|
||||
// Get authorized connection
|
||||
Connection connection = directory.get(id);
|
||||
if (connection == null) {
|
||||
logger.info("Connection \"{}\" does not exist for user \"{}\".", id, context.self().getUsername());
|
||||
logger.info("Connection \"{}\" does not exist for user \"{}\".", id, context.self().getIdentifier());
|
||||
throw new GuacamoleSecurityException("Requested connection is not authorized.");
|
||||
}
|
||||
|
||||
// Connect socket
|
||||
socket = connection.connect(info);
|
||||
logger.info("User \"{}\" successfully connected to \"{}\".", context.self().getUsername(), id);
|
||||
logger.info("User \"{}\" successfully connected to \"{}\".", context.self().getIdentifier(), id);
|
||||
break;
|
||||
}
|
||||
|
||||
@@ -235,19 +235,19 @@ public class TunnelRequestService {
|
||||
UserContext context = session.getUserContext();
|
||||
|
||||
// Get connection group directory
|
||||
Directory<String, ConnectionGroup> directory =
|
||||
Directory<ConnectionGroup> directory =
|
||||
context.getRootConnectionGroup().getConnectionGroupDirectory();
|
||||
|
||||
// Get authorized connection group
|
||||
ConnectionGroup group = directory.get(id);
|
||||
if (group == null) {
|
||||
logger.info("Connection group \"{}\" does not exist for user \"{}\".", id, context.self().getUsername());
|
||||
logger.info("Connection group \"{}\" does not exist for user \"{}\".", id, context.self().getIdentifier());
|
||||
throw new GuacamoleSecurityException("Requested connection group is not authorized.");
|
||||
}
|
||||
|
||||
// Connect socket
|
||||
socket = group.connect(info);
|
||||
logger.info("User \"{}\" successfully connected to group \"{}\".", context.self().getUsername(), id);
|
||||
logger.info("User \"{}\" successfully connected to group \"{}\".", context.self().getIdentifier(), id);
|
||||
break;
|
||||
}
|
||||
|
||||
|
||||
@@ -59,7 +59,7 @@ public class ObjectRetrievalService {
|
||||
String identifier) throws GuacamoleException {
|
||||
|
||||
// Get user directory
|
||||
Directory<String, User> directory = userContext.getUserDirectory();
|
||||
Directory<User> directory = userContext.getUserDirectory();
|
||||
|
||||
// Pull specified user
|
||||
User user = directory.get(identifier);
|
||||
@@ -91,7 +91,7 @@ public class ObjectRetrievalService {
|
||||
|
||||
// Get root directory
|
||||
ConnectionGroup rootGroup = userContext.getRootConnectionGroup();
|
||||
Directory<String, Connection> directory = rootGroup.getConnectionDirectory();
|
||||
Directory<Connection> directory = rootGroup.getConnectionDirectory();
|
||||
|
||||
// Pull specified connection
|
||||
Connection connection = directory.get(identifier);
|
||||
@@ -132,7 +132,7 @@ public class ObjectRetrievalService {
|
||||
return rootGroup;
|
||||
|
||||
// Pull specified connection group otherwise
|
||||
Directory<String, ConnectionGroup> directory = rootGroup.getConnectionGroupDirectory();
|
||||
Directory<ConnectionGroup> directory = rootGroup.getConnectionGroupDirectory();
|
||||
ConnectionGroup connectionGroup = directory.get(identifier);
|
||||
|
||||
if (connectionGroup == null)
|
||||
|
||||
@@ -188,8 +188,8 @@ public class TokenRESTService {
|
||||
tokenSessionMap.put(authToken, new GuacamoleSession(credentials, userContext));
|
||||
}
|
||||
|
||||
logger.debug("Login was successful for user \"{}\".", userContext.self().getUsername());
|
||||
return new APIAuthToken(authToken, userContext.self().getUsername());
|
||||
logger.debug("Login was successful for user \"{}\".", userContext.self().getIdentifier());
|
||||
return new APIAuthToken(authToken, userContext.self().getIdentifier());
|
||||
|
||||
}
|
||||
|
||||
|
||||
@@ -139,7 +139,7 @@ public class ConnectionRESTService {
|
||||
|
||||
// Retrieve permission sets
|
||||
SystemPermissionSet systemPermissions = self.getSystemPermissions();
|
||||
ObjectPermissionSet<String> connectionPermissions = self.getConnectionPermissions();
|
||||
ObjectPermissionSet connectionPermissions = self.getConnectionPermissions();
|
||||
|
||||
// Deny access if adminstrative or update permission is missing
|
||||
if (!systemPermissions.hasPermission(SystemPermission.Type.ADMINISTER)
|
||||
@@ -211,7 +211,7 @@ public class ConnectionRESTService {
|
||||
|
||||
// Get the connection directory
|
||||
ConnectionGroup rootGroup = userContext.getRootConnectionGroup();
|
||||
Directory<String, Connection> connectionDirectory =
|
||||
Directory<Connection> connectionDirectory =
|
||||
rootGroup.getConnectionDirectory();
|
||||
|
||||
// Delete the specified connection
|
||||
@@ -252,7 +252,7 @@ public class ConnectionRESTService {
|
||||
ConnectionGroup parentConnectionGroup = retrievalService.retrieveConnectionGroup(userContext, parentID);
|
||||
|
||||
// Add the new connection
|
||||
Directory<String, Connection> connectionDirectory = parentConnectionGroup.getConnectionDirectory();
|
||||
Directory<Connection> connectionDirectory = parentConnectionGroup.getConnectionDirectory();
|
||||
connectionDirectory.add(new APIConnectionWrapper(connection));
|
||||
|
||||
// Return the new connection identifier
|
||||
@@ -292,7 +292,7 @@ public class ConnectionRESTService {
|
||||
|
||||
// Get the connection directory
|
||||
ConnectionGroup rootGroup = userContext.getRootConnectionGroup();
|
||||
Directory<String, Connection> connectionDirectory =
|
||||
Directory<Connection> connectionDirectory =
|
||||
rootGroup.getConnectionDirectory();
|
||||
|
||||
// Retrieve connection to update
|
||||
|
||||
@@ -92,12 +92,12 @@ public class APIConnectionGroupWrapper implements ConnectionGroup {
|
||||
}
|
||||
|
||||
@Override
|
||||
public Directory<String, Connection> getConnectionDirectory() throws GuacamoleException {
|
||||
public Directory<Connection> getConnectionDirectory() throws GuacamoleException {
|
||||
throw new UnsupportedOperationException("Operation not supported.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public Directory<String, ConnectionGroup> getConnectionGroupDirectory() throws GuacamoleException {
|
||||
public Directory<ConnectionGroup> getConnectionGroupDirectory() throws GuacamoleException {
|
||||
throw new UnsupportedOperationException("Operation not supported.");
|
||||
}
|
||||
|
||||
|
||||
@@ -104,7 +104,7 @@ public class ConnectionGroupRESTService {
|
||||
List<ObjectPermission.Type> permissions) throws GuacamoleException {
|
||||
|
||||
// Retrieve connection permissions
|
||||
ObjectPermissionSet<String> connectionPermissions = user.getConnectionPermissions();
|
||||
ObjectPermissionSet connectionPermissions = user.getConnectionPermissions();
|
||||
|
||||
// Determine whether user has at least one of the given permissions
|
||||
for (ObjectPermission.Type permission : permissions) {
|
||||
@@ -138,7 +138,7 @@ public class ConnectionGroupRESTService {
|
||||
List<ObjectPermission.Type> permissions) throws GuacamoleException {
|
||||
|
||||
// Retrieve connection group permissions
|
||||
ObjectPermissionSet<String> connectionGroupPermissions = user.getConnectionGroupPermissions();
|
||||
ObjectPermissionSet connectionGroupPermissions = user.getConnectionGroupPermissions();
|
||||
|
||||
// Determine whether user has at least one of the given permissions
|
||||
for (ObjectPermission.Type permission : permissions) {
|
||||
@@ -211,7 +211,7 @@ public class ConnectionGroupRESTService {
|
||||
|
||||
// Query all child connections
|
||||
Collection<APIConnection> apiConnections = new ArrayList<APIConnection>();
|
||||
Directory<String, Connection> connectionDirectory = connectionGroup.getConnectionDirectory();
|
||||
Directory<Connection> connectionDirectory = connectionGroup.getConnectionDirectory();
|
||||
|
||||
for (String childIdentifier : connectionDirectory.getIdentifiers()) {
|
||||
|
||||
@@ -231,7 +231,7 @@ public class ConnectionGroupRESTService {
|
||||
|
||||
// Query all child connection groups
|
||||
Collection<APIConnectionGroup> apiConnectionGroups = new ArrayList<APIConnectionGroup>();
|
||||
Directory<String, ConnectionGroup> groupDirectory = connectionGroup.getConnectionGroupDirectory();
|
||||
Directory<ConnectionGroup> groupDirectory = connectionGroup.getConnectionGroupDirectory();
|
||||
|
||||
for (String childIdentifier : groupDirectory.getIdentifiers()) {
|
||||
|
||||
@@ -356,7 +356,7 @@ public class ConnectionGroupRESTService {
|
||||
|
||||
// Get the connection group directory
|
||||
ConnectionGroup rootGroup = userContext.getRootConnectionGroup();
|
||||
Directory<String, ConnectionGroup> connectionGroupDirectory =
|
||||
Directory<ConnectionGroup> connectionGroupDirectory =
|
||||
rootGroup.getConnectionGroupDirectory();
|
||||
|
||||
// Delete the connection group
|
||||
@@ -399,7 +399,7 @@ public class ConnectionGroupRESTService {
|
||||
ConnectionGroup parentConnectionGroup = retrievalService.retrieveConnectionGroup(userContext, parentID);
|
||||
|
||||
// Add the new connection group
|
||||
Directory<String, ConnectionGroup> connectionGroupDirectory = parentConnectionGroup.getConnectionGroupDirectory();
|
||||
Directory<ConnectionGroup> connectionGroupDirectory = parentConnectionGroup.getConnectionGroupDirectory();
|
||||
connectionGroupDirectory.add(new APIConnectionGroupWrapper(connectionGroup));
|
||||
|
||||
// Return the new connection group identifier
|
||||
@@ -440,7 +440,7 @@ public class ConnectionGroupRESTService {
|
||||
|
||||
// Get the connection group directory
|
||||
ConnectionGroup rootGroup = userContext.getRootConnectionGroup();
|
||||
Directory<String, ConnectionGroup> connectionGroupDirectory =
|
||||
Directory<ConnectionGroup> connectionGroupDirectory =
|
||||
rootGroup.getConnectionGroupDirectory();
|
||||
|
||||
// Retrieve connection group to update
|
||||
|
||||
@@ -114,10 +114,10 @@ public class APIPermissionSet {
|
||||
* ObjectPermissionSet.
|
||||
*/
|
||||
private void addObjectPermissions(Map<String, Set<ObjectPermission.Type>> permissions,
|
||||
ObjectPermissionSet<String> permSet) throws GuacamoleException {
|
||||
ObjectPermissionSet permSet) throws GuacamoleException {
|
||||
|
||||
// Add all provided object permissions
|
||||
for (ObjectPermission<String> permission : permSet.getPermissions()) {
|
||||
for (ObjectPermission permission : permSet.getPermissions()) {
|
||||
|
||||
// Get associated set of permissions
|
||||
String identifier = permission.getObjectIdentifier();
|
||||
|
||||
@@ -55,7 +55,7 @@ public class APIUser {
|
||||
* @param user The User to construct the APIUser from.
|
||||
*/
|
||||
public APIUser(User user) {
|
||||
this.username = user.getUsername();
|
||||
this.username = user.getIdentifier();
|
||||
this.password = user.getPassword();
|
||||
}
|
||||
|
||||
|
||||
@@ -52,12 +52,12 @@ public class APIUserWrapper implements User {
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getUsername() {
|
||||
public String getIdentifier() {
|
||||
return apiUser.getUsername();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setUsername(String username) {
|
||||
public void setIdentifier(String username) {
|
||||
apiUser.setUsername(username);
|
||||
}
|
||||
|
||||
@@ -78,19 +78,19 @@ public class APIUserWrapper implements User {
|
||||
}
|
||||
|
||||
@Override
|
||||
public ObjectPermissionSet<String> getConnectionPermissions()
|
||||
public ObjectPermissionSet getConnectionPermissions()
|
||||
throws GuacamoleException {
|
||||
throw new GuacamoleUnsupportedException("APIUserWrapper does not provide permission access.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public ObjectPermissionSet<String> getConnectionGroupPermissions()
|
||||
public ObjectPermissionSet getConnectionGroupPermissions()
|
||||
throws GuacamoleException {
|
||||
throw new GuacamoleUnsupportedException("APIUserWrapper does not provide permission access.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public ObjectPermissionSet<String> getUserPermissions()
|
||||
public ObjectPermissionSet getUserPermissions()
|
||||
throws GuacamoleException {
|
||||
throw new GuacamoleUnsupportedException("APIUserWrapper does not provide permission access.");
|
||||
}
|
||||
|
||||
@@ -151,12 +151,12 @@ public class UserRESTService {
|
||||
boolean isAdmin = systemPermissions.hasPermission(SystemPermission.Type.ADMINISTER);
|
||||
|
||||
// Get the directory
|
||||
Directory<String, User> userDirectory = userContext.getUserDirectory();
|
||||
Directory<User> userDirectory = userContext.getUserDirectory();
|
||||
|
||||
// Filter users, if requested
|
||||
Collection<String> userIdentifiers = userDirectory.getIdentifiers();
|
||||
if (!isAdmin && permissions != null) {
|
||||
ObjectPermissionSet<String> userPermissions = self.getUserPermissions();
|
||||
ObjectPermissionSet userPermissions = self.getUserPermissions();
|
||||
userIdentifiers = userPermissions.getAccessibleObjects(permissions, userIdentifiers);
|
||||
}
|
||||
|
||||
@@ -217,7 +217,7 @@ public class UserRESTService {
|
||||
UserContext userContext = authenticationService.getUserContext(authToken);
|
||||
|
||||
// Get the directory
|
||||
Directory<String, User> userDirectory = userContext.getUserDirectory();
|
||||
Directory<User> userDirectory = userContext.getUserDirectory();
|
||||
|
||||
// Randomly set the password if it wasn't provided
|
||||
if (user.getPassword() == null)
|
||||
@@ -256,7 +256,7 @@ public class UserRESTService {
|
||||
UserContext userContext = authenticationService.getUserContext(authToken);
|
||||
|
||||
// Get the directory
|
||||
Directory<String, User> userDirectory = userContext.getUserDirectory();
|
||||
Directory<User> userDirectory = userContext.getUserDirectory();
|
||||
|
||||
// Validate data and path are sane
|
||||
if (!user.getUsername().equals(username))
|
||||
@@ -298,7 +298,7 @@ public class UserRESTService {
|
||||
UserContext userContext = authenticationService.getUserContext(authToken);
|
||||
|
||||
// Get the directory
|
||||
Directory<String, User> userDirectory = userContext.getUserDirectory();
|
||||
Directory<User> userDirectory = userContext.getUserDirectory();
|
||||
|
||||
// Get the user
|
||||
User existingUser = userDirectory.get(username);
|
||||
@@ -338,7 +338,7 @@ public class UserRESTService {
|
||||
User user;
|
||||
|
||||
// If username is own username, just use self - might not have query permissions
|
||||
if (userContext.self().getUsername().equals(username))
|
||||
if (userContext.self().getIdentifier().equals(username))
|
||||
user = userContext.self();
|
||||
|
||||
// If not self, query corresponding user from directory
|
||||
@@ -430,10 +430,10 @@ public class UserRESTService {
|
||||
throw new GuacamoleResourceNotFoundException("No such user: \"" + username + "\"");
|
||||
|
||||
// Permission patches for all types of permissions
|
||||
PermissionSetPatch<ObjectPermission<String>> connectionPermissionPatch = new PermissionSetPatch<ObjectPermission<String>>();
|
||||
PermissionSetPatch<ObjectPermission<String>> connectionGroupPermissionPatch = new PermissionSetPatch<ObjectPermission<String>>();
|
||||
PermissionSetPatch<ObjectPermission<String>> userPermissionPatch = new PermissionSetPatch<ObjectPermission<String>>();
|
||||
PermissionSetPatch<SystemPermission> systemPermissionPatch = new PermissionSetPatch<SystemPermission>();
|
||||
PermissionSetPatch<ObjectPermission> connectionPermissionPatch = new PermissionSetPatch<ObjectPermission>();
|
||||
PermissionSetPatch<ObjectPermission> connectionGroupPermissionPatch = new PermissionSetPatch<ObjectPermission>();
|
||||
PermissionSetPatch<ObjectPermission> userPermissionPatch = new PermissionSetPatch<ObjectPermission>();
|
||||
PermissionSetPatch<SystemPermission> systemPermissionPatch = new PermissionSetPatch<SystemPermission>();
|
||||
|
||||
// Apply all patch operations individually
|
||||
for (APIPatch<String> patch : patches) {
|
||||
@@ -448,7 +448,7 @@ public class UserRESTService {
|
||||
ObjectPermission.Type type = ObjectPermission.Type.valueOf(patch.getValue());
|
||||
|
||||
// Create and update corresponding permission
|
||||
ObjectPermission<String> permission = new ObjectPermission<String>(type, identifier);
|
||||
ObjectPermission permission = new ObjectPermission(type, identifier);
|
||||
updatePermissionSet(patch.getOp(), connectionPermissionPatch, permission);
|
||||
|
||||
}
|
||||
@@ -461,7 +461,7 @@ public class UserRESTService {
|
||||
ObjectPermission.Type type = ObjectPermission.Type.valueOf(patch.getValue());
|
||||
|
||||
// Create and update corresponding permission
|
||||
ObjectPermission<String> permission = new ObjectPermission<String>(type, identifier);
|
||||
ObjectPermission permission = new ObjectPermission(type, identifier);
|
||||
updatePermissionSet(patch.getOp(), connectionGroupPermissionPatch, permission);
|
||||
|
||||
}
|
||||
@@ -474,7 +474,7 @@ public class UserRESTService {
|
||||
ObjectPermission.Type type = ObjectPermission.Type.valueOf(patch.getValue());
|
||||
|
||||
// Create and update corresponding permission
|
||||
ObjectPermission<String> permission = new ObjectPermission<String>(type, identifier);
|
||||
ObjectPermission permission = new ObjectPermission(type, identifier);
|
||||
updatePermissionSet(patch.getOp(), userPermissionPatch, permission);
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user