moved ASIE custom authorization to AbstractWebScript
This commit is contained in:
@@ -1,8 +1,6 @@
|
|||||||
package com.inteligr8.alfresco.asie.rest;
|
package com.inteligr8.alfresco.asie.rest;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.util.HashSet;
|
|
||||||
import java.util.Set;
|
|
||||||
|
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
@@ -42,9 +40,6 @@ public abstract class AbstractAsieWebScript extends AbstractWebScript implements
|
|||||||
@Value("${solr.sharedSecret}")
|
@Value("${solr.sharedSecret}")
|
||||||
private String solrSharedSecret;
|
private String solrSharedSecret;
|
||||||
|
|
||||||
@Value("${inteligr8.asie.allowedAuthorities}")
|
|
||||||
private String authorizedAuthoritiesStr;
|
|
||||||
|
|
||||||
@Value("${inteligr8.asie.basePath}")
|
@Value("${inteligr8.asie.basePath}")
|
||||||
private String solrBaseUrl;
|
private String solrBaseUrl;
|
||||||
|
|
||||||
@@ -52,29 +47,11 @@ public abstract class AbstractAsieWebScript extends AbstractWebScript implements
|
|||||||
@Qualifier(Constants.QUALIFIER_ASIE)
|
@Qualifier(Constants.QUALIFIER_ASIE)
|
||||||
private ObjectMapper objectMapper;
|
private ObjectMapper objectMapper;
|
||||||
|
|
||||||
private Set<String> authorizedAuthorities;
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void afterPropertiesSet() throws Exception {
|
public void afterPropertiesSet() throws Exception {
|
||||||
this.authorizedAuthorities = new HashSet<>();
|
|
||||||
String[] authorities = this.authorizedAuthoritiesStr.split(",");
|
|
||||||
for (String authority : authorities) {
|
|
||||||
authority = StringUtils.trimToNull(authority);
|
|
||||||
if (authority != null)
|
|
||||||
this.authorizedAuthorities.add(authority);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (this.authorizedAuthorities.isEmpty())
|
|
||||||
this.logger.warn("All authenticated users will be authorized to access ASIE web scripts");
|
|
||||||
|
|
||||||
this.solrSharedSecret = StringUtils.trimToNull(this.solrSharedSecret);
|
this.solrSharedSecret = StringUtils.trimToNull(this.solrSharedSecret);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
protected Set<String> getAuthorities() {
|
|
||||||
return this.authorizedAuthorities;
|
|
||||||
}
|
|
||||||
|
|
||||||
protected ObjectMapper getObjectMapper() {
|
protected ObjectMapper getObjectMapper() {
|
||||||
return this.objectMapper;
|
return this.objectMapper;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -4,11 +4,16 @@ import java.io.IOException;
|
|||||||
import java.lang.reflect.Constructor;
|
import java.lang.reflect.Constructor;
|
||||||
import java.lang.reflect.InvocationTargetException;
|
import java.lang.reflect.InvocationTargetException;
|
||||||
import java.lang.reflect.Method;
|
import java.lang.reflect.Method;
|
||||||
|
import java.util.HashSet;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
|
import org.slf4j.Logger;
|
||||||
|
import org.slf4j.LoggerFactory;
|
||||||
import org.springframework.extensions.webscripts.Description.RequiredAuthentication;
|
import org.springframework.extensions.webscripts.Description.RequiredAuthentication;
|
||||||
|
import org.springframework.beans.factory.InitializingBean;
|
||||||
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
import org.springframework.extensions.webscripts.WebScriptException;
|
import org.springframework.extensions.webscripts.WebScriptException;
|
||||||
import org.springframework.extensions.webscripts.WebScriptRequest;
|
import org.springframework.extensions.webscripts.WebScriptRequest;
|
||||||
import org.springframework.extensions.webscripts.WebScriptResponse;
|
import org.springframework.extensions.webscripts.WebScriptResponse;
|
||||||
@@ -16,9 +21,32 @@ import org.springframework.http.HttpStatus;
|
|||||||
|
|
||||||
import net.sf.acegisecurity.GrantedAuthority;
|
import net.sf.acegisecurity.GrantedAuthority;
|
||||||
|
|
||||||
public abstract class AbstractWebScript extends org.springframework.extensions.webscripts.AbstractWebScript {
|
public abstract class AbstractWebScript extends org.springframework.extensions.webscripts.AbstractWebScript implements InitializingBean {
|
||||||
|
|
||||||
protected abstract Set<String> getAuthorities();
|
private final Logger logger = LoggerFactory.getLogger(this.getClass());
|
||||||
|
|
||||||
|
@Value("${inteligr8.asie.allowedAuthorities}")
|
||||||
|
private String authorizedAuthoritiesStr;
|
||||||
|
|
||||||
|
private Set<String> authorizedAuthorities;
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void afterPropertiesSet() throws Exception {
|
||||||
|
this.authorizedAuthorities = new HashSet<>();
|
||||||
|
String[] authorities = this.authorizedAuthoritiesStr.split(",");
|
||||||
|
for (String authority : authorities) {
|
||||||
|
authority = StringUtils.trimToNull(authority);
|
||||||
|
if (authority != null)
|
||||||
|
this.authorizedAuthorities.add(authority);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (this.authorizedAuthorities.isEmpty())
|
||||||
|
this.logger.warn("All authenticated users will be authorized to access web scripts");
|
||||||
|
}
|
||||||
|
|
||||||
|
protected Set<String> getAuthorities() {
|
||||||
|
return this.authorizedAuthorities;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public final void execute(WebScriptRequest request, WebScriptResponse response) throws IOException {
|
public final void execute(WebScriptRequest request, WebScriptResponse response) throws IOException {
|
||||||
|
|||||||
@@ -3,7 +3,6 @@ package com.inteligr8.alfresco.asie.rest;
|
|||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.extensions.webscripts.AbstractWebScript;
|
|
||||||
import org.springframework.extensions.webscripts.WebScriptRequest;
|
import org.springframework.extensions.webscripts.WebScriptRequest;
|
||||||
import org.springframework.extensions.webscripts.WebScriptResponse;
|
import org.springframework.extensions.webscripts.WebScriptResponse;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
@@ -21,12 +20,12 @@ public class ClearRegistryWebScript extends AbstractWebScript {
|
|||||||
@Autowired
|
@Autowired
|
||||||
private ShardStateService sss;
|
private ShardStateService sss;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void execute(WebScriptRequest req, WebScriptResponse res) throws IOException {
|
public void executeAuthorized(WebScriptRequest request, WebScriptResponse response) throws IOException {
|
||||||
this.sss.clear();
|
this.sss.clear();
|
||||||
this.sbs.forget();
|
this.sbs.forget();
|
||||||
|
|
||||||
res.setStatus(HttpStatus.OK.value());
|
response.setStatus(HttpStatus.OK.value());
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user