Revision 6865
Added by Chris Jones almost 13 years ago
| src/edu/ucsb/nceas/metacat/dataone/D1NodeService.java | ||
|---|---|---|
| 43 | 43 |
|
| 44 | 44 |
import org.apache.commons.io.IOUtils; |
| 45 | 45 |
import org.apache.log4j.Logger; |
| 46 |
import org.dataone.client.CNode; |
|
| 47 |
import org.dataone.client.D1Client; |
|
| 46 | 48 |
import org.dataone.client.ObjectFormatCache; |
| 47 | 49 |
import org.dataone.service.util.Constants; |
| 48 | 50 |
import org.dataone.service.exceptions.IdentifierNotUnique; |
| ... | ... | |
| 63 | 65 |
import org.dataone.service.types.v1.Group; |
| 64 | 66 |
import org.dataone.service.types.v1.Log; |
| 65 | 67 |
import org.dataone.service.types.v1.LogEntry; |
| 68 |
import org.dataone.service.types.v1.Node; |
|
| 66 | 69 |
import org.dataone.service.types.v1.NodeReference; |
| 70 |
import org.dataone.service.types.v1.NodeType; |
|
| 67 | 71 |
import org.dataone.service.types.v1.ObjectFormat; |
| 68 | 72 |
import org.dataone.service.types.v1.Permission; |
| 69 | 73 |
import org.dataone.service.types.v1.Person; |
| ... | ... | |
| 593 | 597 |
} |
| 594 | 598 |
|
| 595 | 599 |
/** |
| 600 |
* Test if the user identified by the provided token has administrative authorization |
|
| 601 |
* for the operation on the specified object. |
|
| 602 |
* |
|
| 603 |
* @param session - the Session object containing the credentials for the Subject |
|
| 604 |
* @param pid - The identifer of the resource for which access is being checked |
|
| 605 |
* @param operation - The type of operation which is being requested for the given pid |
|
| 606 |
* |
|
| 607 |
* @return true if the operation is allowed |
|
| 608 |
* |
|
| 609 |
* @throws ServiceFailure |
|
| 610 |
* @throws InvalidToken |
|
| 611 |
* @throws NotFound |
|
| 612 |
* @throws NotAuthorized |
|
| 613 |
* @throws NotImplemented |
|
| 614 |
*/ |
|
| 615 |
protected boolean isAdminAuthorized(Session session, Identifier pid, |
|
| 616 |
Permission permission) |
|
| 617 |
throws ServiceFailure, InvalidToken, NotFound, NotAuthorized, |
|
| 618 |
NotImplemented {
|
|
| 619 |
|
|
| 620 |
boolean allowed = false; |
|
| 621 |
// are we allowed to do this? only CNs and target MNs are allowed |
|
| 622 |
CNode cn = D1Client.getCN(); |
|
| 623 |
List<Node> nodes = cn.listNodes().getNodeList(); |
|
| 624 |
|
|
| 625 |
if ( nodes == null ) {
|
|
| 626 |
throw new ServiceFailure("4852", "Couldn't get node list.");
|
|
| 627 |
|
|
| 628 |
} |
|
| 629 |
|
|
| 630 |
// find the node in the node list |
|
| 631 |
for ( Node node : nodes ) {
|
|
| 632 |
|
|
| 633 |
NodeReference nodeReference = node.getIdentifier(); |
|
| 634 |
logMetacat.debug("In isAdminAuthorized(), Node reference is: " + nodeReference.getValue());
|
|
| 635 |
|
|
| 636 |
Subject subject = session.getSubject(); |
|
| 637 |
|
|
| 638 |
if (node.getType() == NodeType.CN) {
|
|
| 639 |
List<Subject> nodeSubjects = node.getSubjectList(); |
|
| 640 |
|
|
| 641 |
// check if the session subject is in the node subject list |
|
| 642 |
for (Subject nodeSubject : nodeSubjects) {
|
|
| 643 |
if ( nodeSubject.equals(subject) ) {
|
|
| 644 |
allowed = true; // subject of session == target node subject |
|
| 645 |
break; |
|
| 646 |
|
|
| 647 |
} else {
|
|
| 648 |
throw new NotAuthorized("4851", permission +
|
|
| 649 |
" not allowed on " + pid.getValue()); |
|
| 650 |
} |
|
| 651 |
} |
|
| 652 |
} |
|
| 653 |
} |
|
| 654 |
|
|
| 655 |
|
|
| 656 |
return allowed; |
|
| 657 |
} |
|
| 658 |
|
|
| 659 |
/** |
|
| 596 | 660 |
* Test if the user identified by the provided token has authorization |
| 597 |
* for operation on the specified object. |
|
| 661 |
* for the operation on the specified object.
|
|
| 598 | 662 |
* |
| 599 | 663 |
* @param session - the Session object containing the credentials for the Subject |
| 600 | 664 |
* @param pid - The identifer of the resource for which access is being checked |
Also available in: Unified diff
Add isAdminAuthorized() to D1NodeService to check if the operation is being requested from a CN. Consult the NodeList from the CN and test the NodeType of the given node and the X509 certificate Subject. Perhaps we should expand this to also check for service-level access in the future.