diff options
Diffstat (limited to 'shiro')
| -rw-r--r-- | shiro/pom.xml | 2 | ||||
| -rw-r--r-- | shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthorizationInfo.java | 54 | ||||
| -rw-r--r-- | shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java | 12 |
3 files changed, 49 insertions, 19 deletions
diff --git a/shiro/pom.xml b/shiro/pom.xml index 4810acb..fada340 100644 --- a/shiro/pom.xml +++ b/shiro/pom.xml @@ -22,7 +22,7 @@ <parent> <groupId>org.onap.aaf.cadi</groupId> <artifactId>parent</artifactId> - <version>2.1.17-SNAPSHOT</version> + <version>2.1.18-SNAPSHOT</version> <relativePath>..</relativePath> </parent> diff --git a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthorizationInfo.java b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthorizationInfo.java index ac62778..247683a 100644 --- a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthorizationInfo.java +++ b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthorizationInfo.java @@ -42,6 +42,7 @@ public class AAFAuthorizationInfo implements AuthorizationInfo { private Access access; private Principal bait; + private List<org.onap.aaf.cadi.Permission> pond; // Use these to save conversions private List<org.onap.aaf.cadi.Permission> cPerms; private List<Permission> oPerms; @@ -53,6 +54,16 @@ public class AAFAuthorizationInfo implements AuthorizationInfo { cPerms=null; oPerms=null; sPerms=null; + pond=null; + } + + public AAFAuthorizationInfo(Access access, Principal bait, List<org.onap.aaf.cadi.Permission> pond) { + this.access = access; + this.bait = bait; + this.pond = pond; + oPerms=null; + sPerms=null; + cPerms=null; } public Principal principal() { @@ -64,13 +75,20 @@ public class AAFAuthorizationInfo implements AuthorizationInfo { access.log(Level.DEBUG, "AAFAuthorizationInfo.getObjectPermissions"); synchronized(bait) { if(oPerms == null) { - oPerms = new ArrayList<>(); - if(cPerms==null) { - cPerms = new ArrayList<>(); - AAFRealm.singleton.authz.fishAll(bait, cPerms); - } - for(final org.onap.aaf.cadi.Permission p : cPerms) { - oPerms.add(new AAFShiroPermission(p)); + if (pond != null) { + oPerms = new ArrayList<Permission>(); + for(final org.onap.aaf.cadi.Permission p : pond) { + oPerms.add(new AAFShiroPermission(p)); + } + } else { + oPerms = new ArrayList<>(); + if (cPerms == null) { + cPerms = new ArrayList<>(); + AAFRealm.singleton.authz.fishAll(bait, cPerms); + } + for (final org.onap.aaf.cadi.Permission p : cPerms) { + oPerms.add(new AAFShiroPermission(p)); + } } } } @@ -89,13 +107,21 @@ public class AAFAuthorizationInfo implements AuthorizationInfo { access.log(Level.DEBUG,"AAFAuthorizationInfo.getStringPermissions"); synchronized(bait) { if(sPerms == null) { - sPerms = new ArrayList<>(); - if(cPerms==null) { - cPerms = new ArrayList<>(); - AAFRealm.singleton.authz.fishAll(bait,cPerms); - } - for(final org.onap.aaf.cadi.Permission p : cPerms) { - sPerms.add(p.getKey()); + if (pond != null) { + sPerms = new ArrayList<String>(); + for(org.onap.aaf.cadi.Permission p : pond) { + sPerms.add(p.getKey().replace("|", ":")); + access.printf(Level.INFO, "%s has %s", bait.getName(), p.getKey()); + } + } else { + sPerms = new ArrayList<>(); + if (cPerms == null) { + cPerms = new ArrayList<>(); + AAFRealm.singleton.authz.fishAll(bait, cPerms); + } + for (final org.onap.aaf.cadi.Permission p : cPerms) { + sPerms.add(p.getKey()); + } } } } diff --git a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java index d213b01..818ec9e 100644 --- a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java +++ b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java @@ -22,6 +22,7 @@ package org.onap.aaf.cadi.shiro; import java.io.IOException; import java.security.Principal; +import java.util.ArrayList; import java.util.Collections; import java.util.List; import java.util.Map; @@ -38,6 +39,7 @@ import org.apache.shiro.subject.PrincipalCollection; import org.onap.aaf.cadi.Access.Level; import org.onap.aaf.cadi.CadiException; import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.Permission; import org.onap.aaf.cadi.PropAccess; import org.onap.aaf.cadi.Symm; import org.onap.aaf.cadi.aaf.AAFPermission; @@ -252,7 +254,7 @@ public class AAFRealm extends AuthorizingRealm { } } catch (IOException e) { singleton.access.log(e); - } + } } String err; try { @@ -302,7 +304,9 @@ public class AAFRealm extends AuthorizingRealm { }; } } - return new AAFAuthorizationInfo(singleton.access,newBait); + List<Permission> pond = new ArrayList<>(); + singleton.authz.fishAll(newBait,pond); + return new AAFAuthorizationInfo(singleton.access,bait,pond); } @Override @@ -328,7 +332,7 @@ public class AAFRealm extends AuthorizingRealm { return null; } } - +/* @Override public boolean isPermitted(PrincipalCollection principals, String permission) { logger.debug("AAFRealm.isPermitted(principals,permission<String>)"); @@ -370,5 +374,5 @@ public class AAFRealm extends AuthorizingRealm { } return super.isPermitted(permissions, info); } - +*/ } |