Project

General

Profile

« Previous | Next » 

Revision 6865

Add isAdminAuthorized() to D1NodeService to check if the operation is being requested from a CN. Consult the NodeList from the CN and test the NodeType of the given node and the X509 certificate Subject. Perhaps we should expand this to also check for service-level access in the future.

View differences:

src/edu/ucsb/nceas/metacat/dataone/D1NodeService.java
43 43

  
44 44
import org.apache.commons.io.IOUtils;
45 45
import org.apache.log4j.Logger;
46
import org.dataone.client.CNode;
47
import org.dataone.client.D1Client;
46 48
import org.dataone.client.ObjectFormatCache;
47 49
import org.dataone.service.util.Constants;
48 50
import org.dataone.service.exceptions.IdentifierNotUnique;
......
63 65
import org.dataone.service.types.v1.Group;
64 66
import org.dataone.service.types.v1.Log;
65 67
import org.dataone.service.types.v1.LogEntry;
68
import org.dataone.service.types.v1.Node;
66 69
import org.dataone.service.types.v1.NodeReference;
70
import org.dataone.service.types.v1.NodeType;
67 71
import org.dataone.service.types.v1.ObjectFormat;
68 72
import org.dataone.service.types.v1.Permission;
69 73
import org.dataone.service.types.v1.Person;
......
593 597
  }
594 598
     
595 599
  /**
600
   * Test if the user identified by the provided token has administrative authorization 
601
   * for the operation on the specified object.
602
   * 
603
   * @param session - the Session object containing the credentials for the Subject
604
   * @param pid - The identifer of the resource for which access is being checked
605
   * @param operation - The type of operation which is being requested for the given pid
606
   * 
607
   * @return true if the operation is allowed
608
   * 
609
   * @throws ServiceFailure
610
   * @throws InvalidToken
611
   * @throws NotFound
612
   * @throws NotAuthorized
613
   * @throws NotImplemented
614
   */
615
  protected boolean isAdminAuthorized(Session session, Identifier pid,
616
      Permission permission) 
617
      throws ServiceFailure, InvalidToken, NotFound, NotAuthorized,
618
      NotImplemented {
619

  
620
      boolean allowed = false;
621
      // are we allowed to do this? only CNs and target MNs are allowed
622
      CNode cn = D1Client.getCN();
623
      List<Node> nodes = cn.listNodes().getNodeList();
624
      
625
      if ( nodes == null ) {
626
          throw new ServiceFailure("4852", "Couldn't get node list.");
627
  
628
      }
629
      
630
      // find the node in the node list
631
      for ( Node node : nodes ) {
632
          
633
          NodeReference nodeReference = node.getIdentifier();
634
          logMetacat.debug("In isAdminAuthorized(), Node reference is: " + nodeReference.getValue());
635
          
636
          Subject subject = session.getSubject();
637
          
638
          if (node.getType() == NodeType.CN) {
639
              List<Subject> nodeSubjects = node.getSubjectList();
640
              
641
              // check if the session subject is in the node subject list
642
              for (Subject nodeSubject : nodeSubjects) {
643
                  if ( nodeSubject.equals(subject) ) {
644
                      allowed = true; // subject of session == target node subject
645
                      break;
646
                      
647
                  } else {
648
                      throw new NotAuthorized("4851", permission + 
649
                          " not allowed on " + pid.getValue());
650
                  }
651
              }                 
652
          }
653
      }
654

  
655
      
656
      return allowed;
657
  }
658
  
659
  /**
596 660
   * Test if the user identified by the provided token has authorization 
597
   * for operation on the specified object.
661
   * for the operation on the specified object.
598 662
   * 
599 663
   * @param session - the Session object containing the credentials for the Subject
600 664
   * @param pid - The identifer of the resource for which access is being checked

Also available in: Unified diff