From 23bb023686889974c89597e45eace2513e4d9e51 Mon Sep 17 00:00:00 2001 From: milanperera Date: Thu, 3 Sep 2015 12:07:55 +0530 Subject: [PATCH 1/8] Partial Commit for Permission Authorizer module --- .../pom.xml | 4 ++ .../authenticator/framework/Constants.java | 22 +++++++ .../WebappAuthenticatorFrameworkValve.java | 6 +- .../authorizer/PermissionAuthorizerUtil.java | 59 +++++++++++++++++++ ...AuthenticatorFrameworkBundleActivator.java | 11 ++++ .../src/main/resources/p2.inf | 3 +- 6 files changed, 102 insertions(+), 3 deletions(-) create mode 100644 components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizerUtil.java diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml index ebf27bf99f..21b0e5e96f 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml @@ -103,6 +103,10 @@ org.wso2.carbon org.wso2.carbon.core.services + + org.wso2.carbon + org.wso2.carbon.registry.api + diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java index a046c5280b..dc467e1c24 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java @@ -21,6 +21,7 @@ public final class Constants { public static final String AUTHORIZATION_HEADER_PREFIX_BEARER = "Bearer"; public static final String NO_MATCHING_AUTH_SCHEME = "noMatchedAuthScheme"; + public static final String PERMISSION_PATH = "/_system/governance/permission/admin/device-mgt/"; public static final class HTTPHeaders { private HTTPHeaders() { @@ -40,4 +41,25 @@ public final class Constants { public static final String CONTENT_TYPE_APPLICATION_XML = "application/xml"; } + public static final class HttpVerb { + private HttpVerb() { + throw new AssertionError(); + } + + public static final String GET = "GET"; + public static final String POST = "POST"; + public static final String DELETE = "DELETE"; + public static final String PUT = "PUT"; + } + + public static final class PermissionMethod { + private PermissionMethod() { + throw new AssertionError(); + } + + public static final String READ = "read"; + public static final String WRITE = "write"; + public static final String DELETE = "delete"; + public static final String ACTION = "action"; + } } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java index d27116b8fe..a26ffa5a55 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java @@ -26,6 +26,9 @@ import org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve; import org.wso2.carbon.tomcat.ext.valves.CompositeValve; import javax.servlet.http.HttpServletResponse; +import java.util.ArrayList; +import java.util.List; +import java.util.Properties; public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve { @@ -34,8 +37,7 @@ public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve { @Override public void invoke(Request request, Response response, CompositeValve compositeValve) { - String authScheme = - request.getContext().findParameter(WebappAuthenticatorFrameworkValve.AUTHENTICATION_SCHEME); + String authScheme = request.getAuthType(); if (authScheme == null || "".equals(authScheme)) { this.getNext().invoke(request, response, compositeValve); return; diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizerUtil.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizerUtil.java new file mode 100644 index 0000000000..416f96db49 --- /dev/null +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizerUtil.java @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.webapp.authenticator.framework.authorizer; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.context.CarbonContext; +import org.wso2.carbon.context.RegistryType; +import org.wso2.carbon.registry.api.Collection; +import org.wso2.carbon.registry.api.Registry; +import org.wso2.carbon.registry.api.RegistryException; +import org.wso2.carbon.webapp.authenticator.framework.authorizer.config.Permission; + +public class PermissionAuthorizerUtil { + + private static Registry registry = CarbonContext.getThreadLocalCarbonContext(). + getRegistry(RegistryType.SYSTEM_GOVERNANCE); + + private static final String PROPERTY_NAME = "name"; + private static final String PATH_PERMISSION = "/permission"; + private static final Log log = LogFactory.getLog(PermissionAuthorizerUtil.class); + + public static void addPermission(Permission permission) { + + if (registry == null) { + throw new IllegalArgumentException("Registry instance retrieved is null"); + } + + if (permission == null) { + throw new IllegalArgumentException("Permission argument is null"); + } + try { + Collection collection = registry.newCollection(); + collection.setProperty(PROPERTY_NAME, permission.getName()); + registry.put(PATH_PERMISSION + permission.getPath(), collection); + + } catch (RegistryException e) { + String errorMsg = "Error occured while adding permission '" + permission.getName() + + "' to registry. "; + log.error(errorMsg + e.getMessage()); + } + } +} diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkBundleActivator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkBundleActivator.java index cb3ab4ac83..47bee21e7b 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkBundleActivator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkBundleActivator.java @@ -28,6 +28,10 @@ import org.wso2.carbon.webapp.authenticator.framework.DataHolder; import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticator; import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticatorFrameworkValve; import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticatorRepository; +import org.wso2.carbon.webapp.authenticator.framework.authorizer.PermissionAuthorizerUtil; +import org.wso2.carbon.webapp.authenticator.framework.authorizer.PermissionAuthorizerValve; +import org.wso2.carbon.webapp.authenticator.framework.authorizer.config.Permission; +import org.wso2.carbon.webapp.authenticator.framework.authorizer.config.PermissionAuthorizerConfig; import org.wso2.carbon.webapp.authenticator.framework.config.AuthenticatorConfig; import org.wso2.carbon.webapp.authenticator.framework.config.WebappAuthenticatorConfig; @@ -54,8 +58,15 @@ public class WebappAuthenticatorFrameworkBundleActivator implements BundleActiva } DataHolder.setWebappAuthenticatorRepository(repository); + // Adding permissions to registry +// PermissionAuthorizerConfig.init(); +// for (Permission permission : PermissionAuthorizerConfig.getInstance().getPermissions()) { +// PermissionAuthorizerUtil.addPermission(permission); +// } + List valves = new ArrayList(); valves.add(new WebappAuthenticatorFrameworkValve()); + valves.add(new PermissionAuthorizerValve()); TomcatValveContainer.addValves(valves); if (log.isDebugEnabled()) { diff --git a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/p2.inf b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/p2.inf index 91ac161b4e..49291ae9be 100644 --- a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/p2.inf +++ b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/p2.inf @@ -1,2 +1,3 @@ instructions.configure = \ -org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.webapp.authenticator.framework.server_${feature.version}/conf/webapp-authenticator-config.xml,target:${installFolder}/../../conf/etc/webapp-authenticator-config.xml,overwrite:true);\ \ No newline at end of file +org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.webapp.authenticator.framework.server_${feature.version}/conf/webapp-authenticator-config.xml,target:${installFolder}/../../conf/etc/webapp-authenticator-config.xml,overwrite:true);\ +org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.webapp.authenticator.framework.server_${feature.version}/conf/permissions-config.xml,target:${installFolder}/../../conf/etc/permissions-config.xml,overwrite:true);\ \ No newline at end of file From 37854a2cef2c042948663c230b9318c82045724e Mon Sep 17 00:00:00 2001 From: milanperera Date: Mon, 14 Sep 2015 15:51:23 +0530 Subject: [PATCH 2/8] Partial Commit --- .../core/config/permission/Permission.java | 24 +++++++++++- .../permission/PermissionConfiguration.java | 38 ------------------- .../WebappAuthenticatorFrameworkValve.java | 6 --- 3 files changed, 22 insertions(+), 46 deletions(-) delete mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionConfiguration.java diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/Permission.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/Permission.java index 76810771b8..a6e7287fad 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/Permission.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/Permission.java @@ -24,8 +24,10 @@ import javax.xml.bind.annotation.XmlRootElement; @XmlRootElement(name = "Permission") public class Permission{ - private String name; - private String path; + private String name; // permission name + private String path; // permission string + private String url; // url of the resource + private String method; // http method public String getName() { return name; @@ -44,4 +46,22 @@ public class Permission{ public void setPath(String path) { this.path = path; } + + public String getUrl() { + return url; + } + + @XmlElement(name = "url", required = true) + public void setUrl(String url) { + this.url = url; + } + + public String getMethod() { + return method; + } + + @XmlElement(name = "method", required = true) + public void setMethod(String method) { + this.method = method; + } } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionConfiguration.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionConfiguration.java deleted file mode 100644 index c2c9d08e3b..0000000000 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionConfiguration.java +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. - * - * WSO2 Inc. licenses this file to you under the Apache License, - * Version 2.0 (the "License"); you may not use this file except - * in compliance with the License. - * you may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.wso2.carbon.device.mgt.core.config.permission; - -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlRootElement; -import java.util.List; - -@XmlRootElement(name = "PermissionConfiguration") -public class PermissionConfiguration { - - private List permissions; - - public List getPermissions() { - return permissions; - } - - @XmlElement(name = "Permission", required = true) - public void setPermissions(List permissions) { - this.permissions = permissions; - } -} diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java index 8496319969..1701c7d30c 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java @@ -27,14 +27,8 @@ import org.wso2.carbon.tomcat.ext.valves.CompositeValve; import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator; import javax.servlet.http.HttpServletResponse; -<<<<<<< HEAD -import java.util.ArrayList; -import java.util.List; -import java.util.Properties; -======= import java.util.Arrays; import java.util.List; ->>>>>>> e1a74e049dbebd513910e9ed69226f488d73c314 public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve { From ed937467cd86fda713c4be4d0855986336afb18c Mon Sep 17 00:00:00 2001 From: milanperera Date: Thu, 1 Oct 2015 17:35:08 +0530 Subject: [PATCH 3/8] Refactored permission authorizer module --- .../core/config/permission/Permission.java | 43 +++--- .../permission/PermissionConfiguration.java | 21 +-- .../config/permission/PermissionManager.java | 123 ++++++------------ ...missionHolder.java => PermissionNode.java} | 22 ++-- .../config/permission/PermissionUtils.java | 2 +- ...java => PermissionAuthorizationValve.java} | 6 +- .../authorizer/PermissionAuthorizer.java | 6 +- ...uthenticatorFrameworkServiceComponent.java | 5 +- 8 files changed, 99 insertions(+), 129 deletions(-) rename components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/{PermissionHolder.java => PermissionNode.java} (74%) rename components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/{PermissionAuthorizerValve.java => PermissionAuthorizationValve.java} (96%) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/Permission.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/Permission.java index a6e7287fad..271817cfd3 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/Permission.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/Permission.java @@ -21,37 +21,40 @@ package org.wso2.carbon.device.mgt.core.config.permission; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlRootElement; -@XmlRootElement(name = "Permission") -public class Permission{ +/** + * This class represents the information related to permission. + */ +@XmlRootElement (name = "Permission") +public class Permission { - private String name; // permission name - private String path; // permission string + private String name; // permission name + private String path; // permission string private String url; // url of the resource private String method; // http method - public String getName() { - return name; - } + public String getName() { + return name; + } - @XmlElement(name = "name", required = true) - public void setName(String name) { - this.name = name; - } + @XmlElement (name = "name", required = true) + public void setName(String name) { + this.name = name; + } - public String getPath() { - return path; - } + public String getPath() { + return path; + } - @XmlElement(name = "path", required = true) - public void setPath(String path) { - this.path = path; - } + @XmlElement (name = "path", required = true) + public void setPath(String path) { + this.path = path; + } public String getUrl() { return url; } - @XmlElement(name = "url", required = true) + @XmlElement (name = "url", required = true) public void setUrl(String url) { this.url = url; } @@ -60,7 +63,7 @@ public class Permission{ return method; } - @XmlElement(name = "method", required = true) + @XmlElement (name = "method", required = true) public void setMethod(String method) { this.method = method; } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionConfiguration.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionConfiguration.java index c2c9d08e3b..e5da6c5133 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionConfiguration.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionConfiguration.java @@ -22,17 +22,20 @@ import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlRootElement; import java.util.List; -@XmlRootElement(name = "PermissionConfiguration") +/** + * This class represents the information related to permission configuration. + */ +@XmlRootElement (name = "PermissionConfiguration") public class PermissionConfiguration { - private List permissions; + private List permissions; - public List getPermissions() { - return permissions; - } + public List getPermissions() { + return permissions; + } - @XmlElement(name = "Permission", required = true) - public void setPermissions(List permissions) { - this.permissions = permissions; - } + @XmlElement (name = "Permission", required = true) + public void setPermissions(List permissions) { + this.permissions = permissions; + } } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionManager.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionManager.java index cac4226dfc..d739256f22 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionManager.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionManager.java @@ -32,96 +32,59 @@ import java.util.StringTokenizer; */ public class PermissionManager { - private static PermissionManager permissionManager; - private static PermissionHolder rootNode; + private static PermissionManager permissionManager; + private static PermissionTree permissionTree; // holds the permissions at runtime. - private PermissionManager(){}; - - public static PermissionManager getInstance() { - if (permissionManager == null) { - synchronized (PermissionManager.class) { - if (permissionManager == null) { - permissionManager = new PermissionManager(); - rootNode = new PermissionHolder("/"); // initializing the root node. - } - } - } - return permissionManager; - } + private PermissionManager() { + } - public boolean addPermission(Permission permission) throws DeviceManagementException { - StringTokenizer st = new StringTokenizer(permission.getUrl(), "/"); - PermissionHolder tempRoot = rootNode; - PermissionHolder tempChild; - while(st.hasMoreTokens()) { - tempChild = new PermissionHolder(st.nextToken()); - tempRoot = addPermissionNode(tempRoot, tempChild); + public static PermissionManager getInstance() { + if (permissionManager == null) { + synchronized (PermissionManager.class) { + if (permissionManager == null) { + permissionManager = new PermissionManager(); + permissionTree = new PermissionTree(); + } + } } - tempRoot.addPermission(permission.getMethod(), permission); //setting permission to the vertex - try { - return PermissionUtils.putPermission(permission); - } catch (DeviceManagementException e) { - throw new DeviceManagementException("Error occurred while adding the permission : " + - permission.getName(), e); - } - } - - public boolean addPermissions(List permissions) throws DeviceManagementException{ - for(Permission permission:permissions){ - this.addPermission(permission); - } - return true; - } + return permissionManager; + } - public void initializePermissions(InputStream permissionStream) throws DeviceManagementException { - try { - if(permissionStream != null){ - /* Un-marshaling Device Management configuration */ - JAXBContext cdmContext = JAXBContext.newInstance(PermissionConfiguration.class); - Unmarshaller unmarshaller = cdmContext.createUnmarshaller(); - PermissionConfiguration permissionConfiguration = (PermissionConfiguration) - unmarshaller.unmarshal(permissionStream); - if((permissionConfiguration != null) && (permissionConfiguration.getPermissions() != null)){ - this.addPermissions(permissionConfiguration.getPermissions()); - } - } - } catch (JAXBException e) { - throw new DeviceManagementException("Error occurred while initializing Data Source config", e); - } - } + public boolean addPermission(Permission permission) throws DeviceManagementException { + permissionTree.addPermission(permission); // adding a permission to the tree + try { + return PermissionUtils.putPermission(permission); + } catch (DeviceManagementException e) { + throw new DeviceManagementException("Error occurred while adding the permission : " + + permission.getName(), e); + } + } - private PermissionHolder addPermissionNode(PermissionHolder parent, PermissionHolder child) { - PermissionHolder existChild = parent.getChild(child.getPathName()); - if (existChild == null) { - parent.addChild(child); - return child; + public boolean addPermissions(List permissions) throws DeviceManagementException { + for (Permission permission : permissions) { + this.addPermission(permission); } - return existChild; + return true; } - public Permission getPermission(String url, String httpMethod) { - StringTokenizer st = new StringTokenizer(url, "/"); - PermissionHolder tempRoot = rootNode; - PermissionHolder previousRoot; - while (st.hasMoreTokens()) { - String currentToken = st.nextToken(); - previousRoot = tempRoot; - tempRoot = tempRoot.getChild(currentToken); - if (tempRoot == null) { - tempRoot = previousRoot; - int leftTokens = st.countTokens(); - for (int i = 0; i <= leftTokens; i++) { - if (tempRoot == null) { - return null; - } - tempRoot = tempRoot.getChild("*"); + public void initializePermissions(InputStream permissionStream) throws DeviceManagementException { + try { + if (permissionStream != null) { + /* Un-marshaling Device Management configuration */ + JAXBContext cdmContext = JAXBContext.newInstance(PermissionConfiguration.class); + Unmarshaller unmarshaller = cdmContext.createUnmarshaller(); + PermissionConfiguration permissionConfiguration = (PermissionConfiguration) + unmarshaller.unmarshal(permissionStream); + if (permissionConfiguration != null && permissionConfiguration.getPermissions() != null) { + this.addPermissions(permissionConfiguration.getPermissions()); } - break; } + } catch (JAXBException e) { + throw new DeviceManagementException("Error occurred while initializing Data Source config", e); } - if (tempRoot == null) { - return null; - } - return tempRoot.getPermission(httpMethod); + } + + public Permission getPermission(String url, String httpMethod) { + return permissionTree.getPermission(url, httpMethod); } } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionHolder.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionNode.java similarity index 74% rename from components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionHolder.java rename to components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionNode.java index b83b97c0ed..0c248cfe6e 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionHolder.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionNode.java @@ -25,15 +25,15 @@ import java.util.List; import java.util.Map; /** - * This class represents the node of a permission graph. + * This class represents the node of a permission tree. */ -public class PermissionHolder { +public class PermissionNode { - String pathName; - Map permissions = new HashMap(); - List children = new ArrayList(); + private String pathName; + private Map permissions = new HashMap(); + private List children = new ArrayList(); - public PermissionHolder(String pathName) { + public PermissionNode(String pathName) { this.pathName = pathName; } @@ -45,13 +45,13 @@ public class PermissionHolder { this.pathName = pathName; } - public List getChildren() { + public List getChildren() { return children; } - public PermissionHolder getChild(String pathName) { - PermissionHolder child = null; - for (PermissionHolder node : children) { + public PermissionNode getChild(String pathName) { + PermissionNode child = null; + for (PermissionNode node : children) { if (node.getPathName().equals(pathName)) { return node; } @@ -59,7 +59,7 @@ public class PermissionHolder { return child; } - public void addChild(PermissionHolder node) { + public void addChild(PermissionNode node) { children.add(node); } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionUtils.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionUtils.java index 7e1f45a833..78911ab1b1 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionUtils.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionUtils.java @@ -84,7 +84,7 @@ public class PermissionUtils { return status; } - public static boolean checkPermissionExistance(Permission permission) + public static boolean checkPermissionExistence(Permission permission) throws DeviceManagementException, org.wso2.carbon.registry.core.exceptions.RegistryException { return PermissionUtils.getGovernanceRegistry().resourceExists(permission.getPath()); diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizerValve.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizationValve.java similarity index 96% rename from components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizerValve.java rename to components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizationValve.java index b02eac2f9b..27042131a5 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizerValve.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizationValve.java @@ -29,9 +29,9 @@ import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthen import javax.servlet.http.HttpServletResponse; -public class PermissionAuthorizerValve extends CarbonTomcatValve { +public class PermissionAuthorizationValve extends CarbonTomcatValve { - private static final Log log = LogFactory.getLog(PermissionAuthorizerValve.class); + private static final Log log = LogFactory.getLog(PermissionAuthorizationValve.class); private static final String AUTHORIZATION_ENABLED = "authorization-enabled"; @@ -44,7 +44,7 @@ public class PermissionAuthorizerValve extends CarbonTomcatValve { this.processResponse(request, response, compositeValve, WebappAuthenticator.Status.CONTINUE); return; } - // check whether the permission checking function is enabled + // check whether the permission checking function is enabled in web.xml boolean isEnabled = new Boolean(permissionStatus); if (!isEnabled) { this.processResponse(request, response, compositeValve, WebappAuthenticator.Status.CONTINUE); diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizer.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizer.java index 33baf447d3..530f5ea5ec 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizer.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizer.java @@ -39,12 +39,11 @@ public class PermissionAuthorizer { public WebappAuthenticator.Status authorize(Request request, Response response) { - // contextOperation is used to get defined operation type from the web.xml String requestUri = request.getRequestURI(); String requestMethod = request.getMethod(); if (requestUri == null || requestUri.isEmpty() || - requestMethod == null || requestMethod.isEmpty()) { + requestMethod == null || requestMethod.isEmpty()) { return WebappAuthenticator.Status.CONTINUE; } @@ -61,7 +60,10 @@ public class PermissionAuthorizer { String permissionString = requestPermission.getPath(); // This is added temporarily until authentication works. + // TODO remove below line. String username = "admin"; + // TODO uncomment this once the authentication works. + //String username = CarbonContext.getThreadLocalCarbonContext().getUsername(); boolean isUserAuthorized; try { diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java index 5dc7ce49ea..a2894fab53 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java @@ -23,7 +23,6 @@ import org.apache.commons.logging.LogFactory; import org.osgi.service.component.ComponentContext; import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementService; import org.wso2.carbon.device.mgt.core.scep.SCEPManager; -import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService; import org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve; import org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer; import org.wso2.carbon.user.core.service.RealmService; @@ -31,7 +30,7 @@ import org.wso2.carbon.webapp.authenticator.framework.DataHolder; import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticationHandler; import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator; import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticatorRepository; -import org.wso2.carbon.webapp.authenticator.framework.authorizer.PermissionAuthorizerValve; +import org.wso2.carbon.webapp.authenticator.framework.authorizer.PermissionAuthorizationValve; import org.wso2.carbon.webapp.authenticator.framework.config.AuthenticatorConfig; import org.wso2.carbon.webapp.authenticator.framework.config.WebappAuthenticatorConfig; @@ -87,7 +86,7 @@ public class WebappAuthenticatorFrameworkServiceComponent { List valves = new ArrayList(); valves.add(new WebappAuthenticationHandler()); - valves.add(new PermissionAuthorizerValve()); + valves.add(new PermissionAuthorizationValve()); TomcatValveContainer.addValves(valves); if (log.isDebugEnabled()) { From 02ad7fb8e10ade7f6ed0126e8505fb7fab35534c Mon Sep 17 00:00:00 2001 From: milanperera Date: Fri, 2 Oct 2015 16:40:13 +0530 Subject: [PATCH 4/8] Refactored authorization module --- .../device/mgt/core/config/permission/PermissionNode.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionNode.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionNode.java index 0c248cfe6e..b3dc92b95f 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionNode.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionNode.java @@ -26,6 +26,8 @@ import java.util.Map; /** * This class represents the node of a permission tree. + * It holds the current path name, list of permissions associated with URL + * and the set of children. */ public class PermissionNode { From a84edd7a99d58fdb512084c98910c98f37c393f7 Mon Sep 17 00:00:00 2001 From: milanperera Date: Fri, 2 Oct 2015 16:40:52 +0530 Subject: [PATCH 5/8] Added seperate permission tree class --- .../config/permission/PermissionTree.java | 112 ++++++++++++++++++ 1 file changed, 112 insertions(+) create mode 100644 components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionTree.java diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionTree.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionTree.java new file mode 100644 index 0000000000..4017ae059b --- /dev/null +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionTree.java @@ -0,0 +1,112 @@ +/* + * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.device.mgt.core.config.permission; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import java.util.StringTokenizer; + +/** + * This class represents a tree data structure which will be used for adding and retrieving permissions. + */ +public class PermissionTree { + + private PermissionNode rootNode; + private static final String DYNAMIC_PATH_NOTATION = "*"; + private static final Log log = LogFactory.getLog(PermissionTree.class); + + public PermissionTree() { + rootNode = new PermissionNode("/"); // initializing the root node. + } + + /** + * This method is used to add permissions to the tree. Once it receives the permission + * it will traverse through the given request path with respect to the permission and place + * the permission in the appropriate place in the tree. + * + * @param permission Permission object. + */ + public void addPermission(Permission permission) { + StringTokenizer st = new StringTokenizer(permission.getUrl(), "/"); + PermissionNode tempRoot = rootNode; + PermissionNode tempChild; + while (st.hasMoreTokens()) { + tempChild = new PermissionNode(st.nextToken()); + tempRoot = addPermissionNode(tempRoot, tempChild); + } + tempRoot.addPermission(permission.getMethod(), permission); //setting permission to the vertex + if (log.isDebugEnabled()) { + log.debug("Added permission '" + permission.getName() + "'"); + } + } + + /** + * This method is used to add vertex to the graph. The method will check for the given child + * whether exists within the list of children of the given parent. + * + * @param parent Parent PermissionNode. + * @param child Child PermissionNode. + * @return returns the newly created child or the existing child. + */ + private PermissionNode addPermissionNode(PermissionNode parent, PermissionNode child) { + PermissionNode existChild = parent.getChild(child.getPathName()); + if (existChild == null) { + parent.addChild(child); + return child; + } + return existChild; + } + + /** + * This method is used to retrieve the permission for a given url and http method. + * Breath First Search (BFS) is used to traverse the tree. + * + * @param url Request URL. + * @param httpMethod HTTP method of the request. + * @return returns the permission with related to the request path or null if there is + * no any permission that is stored with respected to the given request path. + */ + public Permission getPermission(String url, String httpMethod) { + StringTokenizer st = new StringTokenizer(url, "/"); + PermissionNode tempRoot = rootNode; + while (st.hasMoreTokens()) { + String currentToken = st.nextToken(); + + // returns the child node which matches with the 'currentToken' path. + tempRoot = tempRoot.getChild(currentToken); + + // if tempRoot is null, that means 'currentToken' is not matched with the child's path. + // It means that it is at a point where the request must have dynamic path variables. + // Therefor it looks for '*' in the request path. ('*' denotes dynamic path variable). + if (tempRoot == null) { + tempRoot = tempRoot.getChild(DYNAMIC_PATH_NOTATION); + // if tempRoot is null, that means there is no any permission which matches with the + // given path + if (tempRoot == null) { + if (log.isDebugEnabled()) { + log.debug("Permission for request path '" + url + "' does not exist"); + } + return null; + } + } + } + return tempRoot.getPermission(httpMethod); + } +} From a0187b905bfba7c533979c1a385ddced72af14dc Mon Sep 17 00:00:00 2001 From: milanperera Date: Fri, 2 Oct 2015 16:57:42 +0530 Subject: [PATCH 6/8] Removed unneccessary imports and code segments --- .../mgt/core/config/permission/PermissionManager.java | 1 - .../WebappAuthenticatorFrameworkServiceComponent.java | 6 ------ 2 files changed, 7 deletions(-) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionManager.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionManager.java index d739256f22..34e8105bd5 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionManager.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionManager.java @@ -25,7 +25,6 @@ import javax.xml.bind.JAXBException; import javax.xml.bind.Unmarshaller; import java.io.InputStream; import java.util.List; -import java.util.StringTokenizer; /** * This class will add, update custom permissions defined in permission.xml in webapps. diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java index a2894fab53..8efb262b1a 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkServiceComponent.java @@ -78,12 +78,6 @@ public class WebappAuthenticatorFrameworkServiceComponent { } DataHolder.getInstance().setWebappAuthenticatorRepository(repository); - // Adding permissions to registry -// PermissionAuthorizerConfig.init(); -// for (Permission permission : PermissionAuthorizerConfig.getInstance().getPermissions()) { -// PermissionAuthorizerUtil.addPermission(permission); -// } - List valves = new ArrayList(); valves.add(new WebappAuthenticationHandler()); valves.add(new PermissionAuthorizationValve()); From e408d500379c5ec629cbae4a8a2375aadc2f9d11 Mon Sep 17 00:00:00 2001 From: milanperera Date: Fri, 2 Oct 2015 17:07:57 +0530 Subject: [PATCH 7/8] Refactored permission module --- .../device/mgt/core/config/permission/PermissionTree.java | 7 ++++--- .../framework/authorizer/PermissionAuthorizer.java | 4 +++- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionTree.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionTree.java index 4017ae059b..d74ae1505c 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionTree.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/permission/PermissionTree.java @@ -30,10 +30,11 @@ public class PermissionTree { private PermissionNode rootNode; private static final String DYNAMIC_PATH_NOTATION = "*"; + private static final String ROOT = "/"; private static final Log log = LogFactory.getLog(PermissionTree.class); public PermissionTree() { - rootNode = new PermissionNode("/"); // initializing the root node. + rootNode = new PermissionNode(ROOT); // initializing the root node. } /** @@ -44,7 +45,7 @@ public class PermissionTree { * @param permission Permission object. */ public void addPermission(Permission permission) { - StringTokenizer st = new StringTokenizer(permission.getUrl(), "/"); + StringTokenizer st = new StringTokenizer(permission.getUrl(), ROOT); PermissionNode tempRoot = rootNode; PermissionNode tempChild; while (st.hasMoreTokens()) { @@ -84,7 +85,7 @@ public class PermissionTree { * no any permission that is stored with respected to the given request path. */ public Permission getPermission(String url, String httpMethod) { - StringTokenizer st = new StringTokenizer(url, "/"); + StringTokenizer st = new StringTokenizer(url, ROOT); PermissionNode tempRoot = rootNode; while (st.hasMoreTokens()) { String currentToken = st.nextToken(); diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizer.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizer.java index 530f5ea5ec..469b085e20 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizer.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizer.java @@ -26,6 +26,7 @@ import org.wso2.carbon.context.CarbonContext; import org.wso2.carbon.device.mgt.core.config.permission.Permission; import org.wso2.carbon.device.mgt.core.config.permission.PermissionManager; import org.wso2.carbon.user.api.UserStoreException; +import org.wso2.carbon.webapp.authenticator.framework.Constants; import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator; import java.util.StringTokenizer; @@ -68,7 +69,8 @@ public class PermissionAuthorizer { boolean isUserAuthorized; try { isUserAuthorized = CarbonContext.getThreadLocalCarbonContext().getUserRealm(). - getAuthorizationManager().isUserAuthorized(username, permissionString, "read"); + getAuthorizationManager().isUserAuthorized(username, permissionString, + Constants.PermissionMethod.READ); } catch (UserStoreException e) { log.error("Error occurred while retrieving user store. " + e.getMessage()); return WebappAuthenticator.Status.FAILURE; From 17112c36162c99db9ead57a70f7bac51b4cda9f9 Mon Sep 17 00:00:00 2001 From: milanperera Date: Fri, 2 Oct 2015 17:12:14 +0530 Subject: [PATCH 8/8] Removed unused constants --- .../webapp/authenticator/framework/Constants.java | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java index dc467e1c24..9d85c6bb46 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java @@ -21,7 +21,6 @@ public final class Constants { public static final String AUTHORIZATION_HEADER_PREFIX_BEARER = "Bearer"; public static final String NO_MATCHING_AUTH_SCHEME = "noMatchedAuthScheme"; - public static final String PERMISSION_PATH = "/_system/governance/permission/admin/device-mgt/"; public static final class HTTPHeaders { private HTTPHeaders() { @@ -41,17 +40,6 @@ public final class Constants { public static final String CONTENT_TYPE_APPLICATION_XML = "application/xml"; } - public static final class HttpVerb { - private HttpVerb() { - throw new AssertionError(); - } - - public static final String GET = "GET"; - public static final String POST = "POST"; - public static final String DELETE = "DELETE"; - public static final String PUT = "PUT"; - } - public static final class PermissionMethod { private PermissionMethod() { throw new AssertionError();