GUAC-1132: Handle active connections via permissions. Expose via dedicated object - do not rely on calling them tunnels.

guacamole-ext/src/main/java/org/glyptodon/guacamole/net/auth/AbstractActiveConnection.java

@@ -0,0 +1,120 @@
+/*
+ * Copyright (C) 2015 Glyptodon LLC
+ * 
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+package org.glyptodon.guacamole.net.auth;
+
+import java.util.Date;
+import org.glyptodon.guacamole.net.GuacamoleTunnel;
+
+public abstract class AbstractActiveConnection implements ActiveConnection {
+
+    /**
+     * The identifier of this active connection.
+     */
+    private String identifier;
+
+    /**
+     * The identifier of the associated connection.
+     */
+    private String connectionIdentifier;
+
+    /**
+     * The date and time this active connection began.
+     */
+    private Date startDate;
+
+    /**
+     * The remote host that initiated this connection.
+     */
+    private String remoteHost;
+
+    /**
+     * The username of the user that initiated this connection.
+     */
+    private String username;
+
+    /**
+     * The underlying GuacamoleTunnel.
+     */
+    private GuacamoleTunnel tunnel;
+
+    @Override
+    public String getIdentifier() {
+        return identifier;
+    }
+
+    @Override
+    public void setIdentifier(String identifier) {
+        this.identifier = identifier;
+    }
+ 
+    @Override
+    public String getConnectionIdentifier() {
+        return connectionIdentifier;
+    }
+
+    @Override
+    public void setConnectionIdentifier(String connnectionIdentifier) {
+        this.connectionIdentifier = connnectionIdentifier;
+    }
+
+    @Override
+    public Date getStartDate() {
+        return startDate;
+    }
+
+    @Override
+    public void setStartDate(Date startDate) {
+        this.startDate = startDate;
+    }
+
+    @Override
+    public String getRemoteHost() {
+        return remoteHost;
+    }
+
+    @Override
+    public void setRemoteHost(String remoteHost) {
+        this.remoteHost = remoteHost;
+    }
+
+    @Override
+    public String getUsername() {
+        return username;
+    }
+
+    @Override
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    @Override
+    public GuacamoleTunnel getTunnel() {
+        return tunnel;
+    }
+
+    @Override
+    public void setTunnel(GuacamoleTunnel tunnel) {
+        this.tunnel = tunnel;
+    }
+
+}

guacamole-ext/src/main/java/org/glyptodon/guacamole/net/auth/ActiveConnection.java

@@ -0,0 +1,122 @@
+/*
+ * Copyright (C) 2015 Glyptodon LLC
+ * 
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+package org.glyptodon.guacamole.net.auth;
+
+import java.util.Date;
+import org.glyptodon.guacamole.net.GuacamoleTunnel;
+
+/**
+ * A pairing of username and GuacamoleTunnel representing an active usage of a
+ * particular connection.
+ *
+ * @author Michael Jumper
+ */
+public interface ActiveConnection extends Identifiable {
+
+    /**
+     * Returns the identifier of the connection being actively used.
+     *
+     * @return
+     *     The identifier of the connection being actively used.
+     */
+    String getConnectionIdentifier();
+
+    /**
+     * Sets the identifier of the connection being actively used.
+     *
+     * @param connnectionIdentifier
+     *     The identifier of the connection being actively used.
+     */
+    void setConnectionIdentifier(String connnectionIdentifier);
+    
+    /**
+     * Returns the date and time the connection began.
+     *
+     * @return
+     *     The date and time the connection began.
+     */
+    Date getStartDate();
+
+    /**
+     * Sets the date and time the connection began.
+     *
+     * @param startDate 
+     *     The date and time the connection began.
+     */
+    void setStartDate(Date startDate);
+
+    /**
+     * Returns the hostname or IP address of the remote host that initiated the
+     * connection, if known. If the hostname or IP address is not known, null
+     * is returned.
+     *
+     * @return
+     *     The hostname or IP address of the remote host, or null if this
+     *     information is not available.
+     */
+    String getRemoteHost();
+
+    /**
+     * Sets the hostname or IP address of the remote host that initiated the
+     * connection.
+     * 
+     * @param remoteHost 
+     *     The hostname or IP address of the remote host, or null if this
+     *     information is not available.
+     */
+    void setRemoteHost(String remoteHost);
+
+    /**
+     * Returns the name of the user who is using this connection.
+     *
+     * @return
+     *     The name of the user who is using this connection.
+     */
+    String getUsername();
+
+    /**
+     * Sets the name of the user who is using this connection.
+     *
+     * @param username 
+     *     The name of the user who is using this connection.
+     */
+    void setUsername(String username);
+
+    /**
+     * Returns the connected GuacamoleTunnel being used. This may be null if
+     * access to the underlying tunnel is denied.
+     *
+     * @return
+     *     The connected GuacamoleTunnel, or null if permission is denied.
+     */
+    GuacamoleTunnel getTunnel();
+
+    /**
+     * Sets the connected GuacamoleTunnel being used.
+     *
+     * @param tunnel
+     *     The connected GuacamoleTunnel, or null if permission is denied.
+     */
+    void setTunnel(GuacamoleTunnel tunnel);
+    
+}

guacamole-ext/src/main/java/org/glyptodon/guacamole/net/auth/ConnectionRecord.java

@@ -23,7 +23,6 @@
 package org.glyptodon.guacamole.net.auth;
 
 import java.util.Date;
-import org.glyptodon.guacamole.net.GuacamoleTunnel;
 
 /**
  * A logging record describing when a user started and ended usage of a
@@ -33,16 +32,6 @@ import org.glyptodon.guacamole.net.GuacamoleTunnel;
  */
 public interface ConnectionRecord {
 
-    /**
-     * Returns the identifier of the connection associated with this connection
-     * record.
-     *
-     * @return
-     *     The identifier of the connection associated with this connection
-     *     record.
-     */
-    public String getIdentifier();
-    
     /**
      * Returns the date and time the connection began.
      *
@@ -87,15 +76,4 @@ public interface ConnectionRecord {
      */
     public boolean isActive();
 
-    /**
-     * Returns the connected GuacamoleTunnel of the connection associated with
-     * this record, if any. If the connection is not active, or access to
-     * the socket is denied, null is returned.
-     *
-     * @return
-     *     The connected GuacamoleTunnel, if any, or null if the connection is
-     *     not active or permission is denied.
-     */
-    public GuacamoleTunnel getTunnel();
-
 }

guacamole-ext/src/main/java/org/glyptodon/guacamole/net/auth/User.java

@@ -92,6 +92,21 @@ public interface User extends Identifiable {
     ObjectPermissionSet getConnectionGroupPermissions()
             throws GuacamoleException;
 
+    /**
+     * Returns all permissions given to this user regarding currently-active
+     * connections.
+     *
+     * @return
+     *     An ObjectPermissionSet of all active connection permissions granted
+     *     to this user.
+     *
+     * @throws GuacamoleException 
+     *     If an error occurs while retrieving permissions, or if reading all
+     *     permissions is not allowed.
+     */
+    ObjectPermissionSet getActiveConnectionPermissions()
+            throws GuacamoleException;
+
     /**
      * Returns all user permissions given to this user.
      *

guacamole-ext/src/main/java/org/glyptodon/guacamole/net/auth/UserContext.java

@@ -22,7 +22,6 @@
 
 package org.glyptodon.guacamole.net.auth;
 
-import java.util.Collection;
 import org.glyptodon.guacamole.GuacamoleException;
 
 /**
@@ -83,6 +82,21 @@ public interface UserContext {
     Directory<ConnectionGroup> getConnectionGroupDirectory()
             throws GuacamoleException;
 
+    /**
+     * Retrieves a Directory which can be used to view and manipulate
+     * active connections, but only as allowed by the permissions given to the
+     * user.
+     *
+     * @return
+     *     A Directory whose operations are bound by the permissions of the
+     *     user.
+     *
+     * @throws GuacamoleException
+     *     If an error occurs while creating the Directory.
+     */
+    Directory<ActiveConnection> getActiveConnectionDirectory()
+            throws GuacamoleException;
+
     /**
      * Retrieves a connection group which can be used to view and manipulate
      * connections, but only as allowed by the permissions given to the user of 
@@ -96,41 +110,4 @@ public interface UserContext {
      */
     ConnectionGroup getRootConnectionGroup() throws GuacamoleException;
 
-    /**
-     * Returns a collection of connection records associated with all active
-     * connections to which the current user has access. For an administrative
-     * user, this may include connections associated with other users.
-     *
-     * @return
-     *     A collection of all connection records associated with active
-     *     connections to which the current user has access.
-     *
-     * @throws GuacamoleException
-     *     If an error occurs while reading active connection records, or if
-     *     permission is denied.
-     */
-    Collection<ConnectionRecord> getActiveConnections()
-            throws GuacamoleException;
-
-    /**
-     * Returns the connection records associated with the active connections
-     * having the tunnels with the given UUIDs. An active connection will only
-     * be returned if the current user has access.
-     *
-     * @param tunnelUUIDs
-     *     The UUIDs of the tunnels whose associated connection records should
-     *     be returned.
-     *
-     * @return
-     *     A collection of all connection records associated with the active
-     *     connections having the tunnels with the given UUIDs, if any, or an
-     *     empty collection if no such connections exist.
-     *
-     * @throws GuacamoleException
-     *     If an error occurs while reading active connection records, or if
-     *     permission is denied.
-     */
-    Collection<ConnectionRecord> getActiveConnections(Collection<String> tunnelUUIDs)
-            throws GuacamoleException;
-
 }

guacamole-ext/src/main/java/org/glyptodon/guacamole/net/auth/simple/SimpleUser.java

@@ -130,4 +130,10 @@ public class SimpleUser extends AbstractUser {
         return new SimpleObjectPermissionSet();
     }
 
+    @Override
+    public ObjectPermissionSet getActiveConnectionPermissions()
+            throws GuacamoleException {
+        return new SimpleObjectPermissionSet();
+    }
+
 }

guacamole-ext/src/main/java/org/glyptodon/guacamole/net/auth/simple/SimpleUserContext.java

@@ -28,9 +28,9 @@ import java.util.Collections;
 import java.util.Map;
 import java.util.UUID;
 import org.glyptodon.guacamole.GuacamoleException;
+import org.glyptodon.guacamole.net.auth.ActiveConnection;
 import org.glyptodon.guacamole.net.auth.Connection;
 import org.glyptodon.guacamole.net.auth.ConnectionGroup;
-import org.glyptodon.guacamole.net.auth.ConnectionRecord;
 import org.glyptodon.guacamole.net.auth.Directory;
 import org.glyptodon.guacamole.net.auth.User;
 import org.glyptodon.guacamole.net.auth.UserContext;
@@ -169,15 +169,9 @@ public class SimpleUserContext implements UserContext {
     }
 
     @Override
-    public Collection<ConnectionRecord> getActiveConnections()
+    public Directory<ActiveConnection> getActiveConnectionDirectory()
             throws GuacamoleException {
-        return Collections.EMPTY_LIST;
-    }
-
-    @Override
-    public Collection<ConnectionRecord> getActiveConnections(Collection<String> tunnelUUID)
-            throws GuacamoleException {
-        return Collections.EMPTY_LIST;
+        return new SimpleDirectory<ActiveConnection>();
     }
 
 }