moved ASIE custom authorization to AbstractWebScript
This commit is contained in:
@@ -1,8 +1,6 @@
|
||||
package com.inteligr8.alfresco.asie.rest;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.slf4j.Logger;
|
||||
@@ -42,9 +40,6 @@ public abstract class AbstractAsieWebScript extends AbstractWebScript implements
|
||||
@Value("${solr.sharedSecret}")
|
||||
private String solrSharedSecret;
|
||||
|
||||
@Value("${inteligr8.asie.allowedAuthorities}")
|
||||
private String authorizedAuthoritiesStr;
|
||||
|
||||
@Value("${inteligr8.asie.basePath}")
|
||||
private String solrBaseUrl;
|
||||
|
||||
@@ -52,28 +47,10 @@ public abstract class AbstractAsieWebScript extends AbstractWebScript implements
|
||||
@Qualifier(Constants.QUALIFIER_ASIE)
|
||||
private ObjectMapper objectMapper;
|
||||
|
||||
private Set<String> authorizedAuthorities;
|
||||
|
||||
@Override
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
this.authorizedAuthorities = new HashSet<>();
|
||||
String[] authorities = this.authorizedAuthoritiesStr.split(",");
|
||||
for (String authority : authorities) {
|
||||
authority = StringUtils.trimToNull(authority);
|
||||
if (authority != null)
|
||||
this.authorizedAuthorities.add(authority);
|
||||
}
|
||||
|
||||
if (this.authorizedAuthorities.isEmpty())
|
||||
this.logger.warn("All authenticated users will be authorized to access ASIE web scripts");
|
||||
|
||||
this.solrSharedSecret = StringUtils.trimToNull(this.solrSharedSecret);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected Set<String> getAuthorities() {
|
||||
return this.authorizedAuthorities;
|
||||
}
|
||||
|
||||
protected ObjectMapper getObjectMapper() {
|
||||
return this.objectMapper;
|
||||
|
||||
@@ -4,11 +4,16 @@ import java.io.IOException;
|
||||
import java.lang.reflect.Constructor;
|
||||
import java.lang.reflect.InvocationTargetException;
|
||||
import java.lang.reflect.Method;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.extensions.webscripts.Description.RequiredAuthentication;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.extensions.webscripts.WebScriptException;
|
||||
import org.springframework.extensions.webscripts.WebScriptRequest;
|
||||
import org.springframework.extensions.webscripts.WebScriptResponse;
|
||||
@@ -16,9 +21,32 @@ import org.springframework.http.HttpStatus;
|
||||
|
||||
import net.sf.acegisecurity.GrantedAuthority;
|
||||
|
||||
public abstract class AbstractWebScript extends org.springframework.extensions.webscripts.AbstractWebScript {
|
||||
public abstract class AbstractWebScript extends org.springframework.extensions.webscripts.AbstractWebScript implements InitializingBean {
|
||||
|
||||
protected abstract Set<String> getAuthorities();
|
||||
private final Logger logger = LoggerFactory.getLogger(this.getClass());
|
||||
|
||||
@Value("${inteligr8.asie.allowedAuthorities}")
|
||||
private String authorizedAuthoritiesStr;
|
||||
|
||||
private Set<String> authorizedAuthorities;
|
||||
|
||||
@Override
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
this.authorizedAuthorities = new HashSet<>();
|
||||
String[] authorities = this.authorizedAuthoritiesStr.split(",");
|
||||
for (String authority : authorities) {
|
||||
authority = StringUtils.trimToNull(authority);
|
||||
if (authority != null)
|
||||
this.authorizedAuthorities.add(authority);
|
||||
}
|
||||
|
||||
if (this.authorizedAuthorities.isEmpty())
|
||||
this.logger.warn("All authenticated users will be authorized to access web scripts");
|
||||
}
|
||||
|
||||
protected Set<String> getAuthorities() {
|
||||
return this.authorizedAuthorities;
|
||||
}
|
||||
|
||||
@Override
|
||||
public final void execute(WebScriptRequest request, WebScriptResponse response) throws IOException {
|
||||
|
||||
@@ -3,7 +3,6 @@ package com.inteligr8.alfresco.asie.rest;
|
||||
import java.io.IOException;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.extensions.webscripts.AbstractWebScript;
|
||||
import org.springframework.extensions.webscripts.WebScriptRequest;
|
||||
import org.springframework.extensions.webscripts.WebScriptResponse;
|
||||
import org.springframework.http.HttpStatus;
|
||||
@@ -20,13 +19,13 @@ public class ClearRegistryWebScript extends AbstractWebScript {
|
||||
|
||||
@Autowired
|
||||
private ShardStateService sss;
|
||||
|
||||
@Override
|
||||
public void execute(WebScriptRequest req, WebScriptResponse res) throws IOException {
|
||||
|
||||
@Override
|
||||
public void executeAuthorized(WebScriptRequest request, WebScriptResponse response) throws IOException {
|
||||
this.sss.clear();
|
||||
this.sbs.forget();
|
||||
|
||||
res.setStatus(HttpStatus.OK.value());
|
||||
response.setStatus(HttpStatus.OK.value());
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user