From 8a45ae67ed7371a9d28cbba6de188af3270562b6 Mon Sep 17 00:00:00 2001
From: rsanchez <rsanchez@curisit.net>
Date: Mon, 17 Apr 2017 17:11:04 +0000
Subject: [PATCH] #3529 feature - Securized access for readonly users
---
securis/src/main/java/net/curisit/securis/services/LicenseTypeResource.java | 14 ++++++++++++--
securis/src/main/java/net/curisit/securis/db/Application.java | 3 ++-
securis/src/main/java/net/curisit/securis/services/UserResource.java | 4 ++--
securis/src/main/java/net/curisit/securis/db/LicenseType.java | 1 +
securis/src/main/java/net/curisit/securis/services/OrganizationResource.java | 7 ++++++-
securis/src/main/java/net/curisit/securis/services/ApplicationResource.java | 15 +++++++++++++--
6 files changed, 36 insertions(+), 8 deletions(-)
diff --git a/securis/src/main/java/net/curisit/securis/db/Application.java b/securis/src/main/java/net/curisit/securis/db/Application.java
index 1dc20a5..dba0b7b 100644
--- a/securis/src/main/java/net/curisit/securis/db/Application.java
+++ b/securis/src/main/java/net/curisit/securis/db/Application.java
@@ -38,7 +38,8 @@
@JsonIgnoreProperties(ignoreUnknown = true)
@Entity
@Table(name = "application")
-@NamedQueries({ @NamedQuery(name = "list-applications", query = "SELECT a FROM Application a") })
+@NamedQueries({ @NamedQuery(name = "list-applications", query = "SELECT a FROM Application a"),
+ @NamedQuery(name = "list-applications-by_ids", query = "SELECT a FROM Application a where id in :list_ids") })
public class Application implements Serializable {
private static final Logger LOG = LogManager.getLogger(Application.class);
diff --git a/securis/src/main/java/net/curisit/securis/db/LicenseType.java b/securis/src/main/java/net/curisit/securis/db/LicenseType.java
index e335a25..bd180ef 100644
--- a/securis/src/main/java/net/curisit/securis/db/LicenseType.java
+++ b/securis/src/main/java/net/curisit/securis/db/LicenseType.java
@@ -38,6 +38,7 @@
@Entity
@Table(name = "license_type")
@NamedQueries({ @NamedQuery(name = "list-license_types", query = "SELECT lt FROM LicenseType lt"),
+ @NamedQuery(name = "list-license_types-by_apps-id", query = "SELECT lt FROM LicenseType lt where lt.application.id in :list_ids"),
@NamedQuery(name = "list-application-license_types", query = "SELECT lt FROM LicenseType lt where lt.application.id = :appId") })
public class LicenseType implements Serializable {
diff --git a/securis/src/main/java/net/curisit/securis/services/ApplicationResource.java b/securis/src/main/java/net/curisit/securis/services/ApplicationResource.java
index e62cdb4..15e473f 100644
--- a/securis/src/main/java/net/curisit/securis/services/ApplicationResource.java
+++ b/securis/src/main/java/net/curisit/securis/services/ApplicationResource.java
@@ -72,12 +72,23 @@
@Path("/")
@Produces({ MediaType.APPLICATION_JSON })
@Securable
- public Response index() {
+ public Response index(@Context BasicSecurityContext bsc) {
LOG.info("Getting applications list ");
// EntityManager em = emProvider.get();
em.clear();
- TypedQuery<Application> q = em.createNamedQuery("list-applications", Application.class);
+
+ TypedQuery<Application> q;
+ if (bsc.isUserInRole(BasicSecurityContext.ROL_ADMIN)) {
+ q = em.createNamedQuery("list-applications", Application.class);
+ } else {
+ if (bsc.getApplicationsIds() == null || bsc.getApplicationsIds().isEmpty()) {
+ return Response.ok().build();
+ }
+ q = em.createNamedQuery("list-applications-by_ids", Application.class);
+
+ q.setParameter("list_ids", bsc.getApplicationsIds());
+ }
List<Application> list = q.getResultList();
return Response.ok(list).build();
diff --git a/securis/src/main/java/net/curisit/securis/services/LicenseTypeResource.java b/securis/src/main/java/net/curisit/securis/services/LicenseTypeResource.java
index 3422cbb..21a819a 100644
--- a/securis/src/main/java/net/curisit/securis/services/LicenseTypeResource.java
+++ b/securis/src/main/java/net/curisit/securis/services/LicenseTypeResource.java
@@ -74,12 +74,22 @@
@Path("/")
@Produces({ MediaType.APPLICATION_JSON })
@Securable
- public Response index() {
+ public Response index(@Context BasicSecurityContext bsc) {
LOG.info("Getting license types list ");
// EntityManager em = emProvider.get();
em.clear();
- TypedQuery<LicenseType> q = em.createNamedQuery("list-license_types", LicenseType.class);
+ TypedQuery<LicenseType> q;
+ if (bsc.isUserInRole(BasicSecurityContext.ROL_ADMIN)) {
+ q = em.createNamedQuery("list-license_types", LicenseType.class);
+ } else {
+ if (bsc.getApplicationsIds() == null || bsc.getApplicationsIds().isEmpty()) {
+ return Response.ok().build();
+ }
+ q = em.createNamedQuery("list-license_types-by_apps-id", LicenseType.class);
+
+ q.setParameter("list_ids", bsc.getApplicationsIds());
+ }
List<LicenseType> list = q.getResultList();
return Response.ok(list).build();
diff --git a/securis/src/main/java/net/curisit/securis/services/OrganizationResource.java b/securis/src/main/java/net/curisit/securis/services/OrganizationResource.java
index 2a53496..346c726 100644
--- a/securis/src/main/java/net/curisit/securis/services/OrganizationResource.java
+++ b/securis/src/main/java/net/curisit/securis/services/OrganizationResource.java
@@ -77,7 +77,12 @@
LOG.info("GEtting all orgs for user: " + bsc.getUserPrincipal());
q = em.createNamedQuery("list-organizations", Organization.class);
} else {
- q = em.createNamedQuery("list-organizations", Organization.class);
+ if (bsc.getOrganizationsIds() == null || bsc.getOrganizationsIds().isEmpty()) {
+ return Response.ok().build();
+ } else {
+ q = em.createNamedQuery("list-organizations-by-ids", Organization.class);
+ q.setParameter("list_ids", bsc.getOrganizationsIds());
+ }
}
List<Organization> list = q.getResultList();
diff --git a/securis/src/main/java/net/curisit/securis/services/UserResource.java b/securis/src/main/java/net/curisit/securis/services/UserResource.java
index fbffffa..3ca37e0 100644
--- a/securis/src/main/java/net/curisit/securis/services/UserResource.java
+++ b/securis/src/main/java/net/curisit/securis/services/UserResource.java
@@ -76,7 +76,7 @@
@GET
@Path("/")
@Produces({ MediaType.APPLICATION_JSON })
- @Securable
+ @Securable(roles = Rol.ADMIN)
@RolesAllowed(BasicSecurityContext.ROL_ADMIN)
public Response index() {
LOG.info("Getting users list ");
@@ -97,7 +97,7 @@
@GET
@Path("/{uid}")
@Produces({ MediaType.APPLICATION_JSON })
- @Securable
+ @Securable(roles = Rol.ADMIN)
@RolesAllowed(BasicSecurityContext.ROL_ADMIN)
public Response get(@PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PĂ€RAM) String token) {
LOG.info("Getting user data for id: {}: ", uid);
--
Gitblit v1.3.2