diff options
Diffstat (limited to 'openecomp-be/lib/openecomp-item-permissions-lib')
2 files changed, 60 insertions, 37 deletions
diff --git a/openecomp-be/lib/openecomp-item-permissions-lib/openecomp-item-permissions-core/pom.xml b/openecomp-be/lib/openecomp-item-permissions-lib/openecomp-item-permissions-core/pom.xml index a420b23f6e..60c8cd08f9 100644 --- a/openecomp-be/lib/openecomp-item-permissions-lib/openecomp-item-permissions-core/pom.xml +++ b/openecomp-be/lib/openecomp-item-permissions-lib/openecomp-item-permissions-core/pom.xml @@ -17,31 +17,30 @@ <dependencies> <dependency> + <groupId>javax.servlet</groupId> + <artifactId>servlet-api</artifactId> + <version>${servlet-api.version}</version> + </dependency> + <dependency> <groupId>org.openecomp.sdc.core</groupId> <artifactId>openecomp-session-lib</artifactId> <version>${project.version}</version> </dependency> - - <dependency> <groupId>org.openecomp.sdc</groupId> <artifactId>openecomp-item-permissions-api</artifactId> <version>${project.version}</version> </dependency> - - <dependency> - <groupId>org.openecomp.sdc.core</groupId> - <artifactId>openecomp-facade-core</artifactId> + <groupId>org.openecomp.sdc.core</groupId> + <artifactId>openecomp-facade-core</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.openecomp.sdc.core</groupId> + <artifactId>openecomp-nosqldb-core</artifactId> <version>${project.version}</version> - </dependency> - - - <dependency> - <groupId>org.openecomp.sdc.core</groupId> - <artifactId>openecomp-nosqldb-core</artifactId> - <version>${project.version}</version> - </dependency> + </dependency> <dependency> <groupId>org.openecomp.sdc</groupId> <artifactId>openecomp-sdc-notification-api</artifactId> @@ -50,12 +49,12 @@ <dependency> <groupId>org.mockito</groupId> <artifactId>mockito-all</artifactId> - <version>RELEASE</version> + <version>${mockito.all.version}</version> </dependency> <dependency> <groupId>org.testng</groupId> <artifactId>testng</artifactId> - <version>RELEASE</version> + <version>${testng.version}</version> </dependency> </dependencies> diff --git a/openecomp-be/lib/openecomp-item-permissions-lib/openecomp-item-permissions-core/src/main/java/org/openecomp/sdc/itempermissions/servlet/PermissionsFilter.java b/openecomp-be/lib/openecomp-item-permissions-lib/openecomp-item-permissions-core/src/main/java/org/openecomp/sdc/itempermissions/servlet/PermissionsFilter.java index 21acc07733..4a8f44657e 100644 --- a/openecomp-be/lib/openecomp-item-permissions-lib/openecomp-item-permissions-core/src/main/java/org/openecomp/sdc/itempermissions/servlet/PermissionsFilter.java +++ b/openecomp-be/lib/openecomp-item-permissions-lib/openecomp-item-permissions-core/src/main/java/org/openecomp/sdc/itempermissions/servlet/PermissionsFilter.java @@ -1,3 +1,19 @@ +/* + * Copyright © 2016-2017 European Support Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + package org.openecomp.sdc.itempermissions.servlet; import org.openecomp.sdc.itempermissions.PermissionsServices; @@ -19,43 +35,51 @@ import java.io.IOException; public class PermissionsFilter implements Filter { private final PermissionsServices permissionsServices; - public static final String IRRELEVANT_REQUEST = "Irrelevant_Request"; - public static final String EDIT_ITEM = "Edit_Item"; + private static final String IRRELEVANT_REQUEST = "Irrelevant_Request"; + private static final String EDIT_ITEM = "Edit_Item"; public PermissionsFilter() { this.permissionsServices = PermissionsServicesFactory.getInstance().createInterface(); } @Override - public void init(FilterConfig filterConfig) throws ServletException { - + public void init(FilterConfig filterConfig) { + // required by servlet API } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { - if (servletRequest instanceof HttpServletRequest) { - if (((HttpServletRequest) servletRequest).getMethod().equals("POST") - || ((HttpServletRequest) servletRequest).getMethod().equals("PUT")) { - - String userId = ((HttpServletRequest) servletRequest).getHeader("USER_ID"); - String itemId = parseItemIdFromPath(((HttpServletRequest) servletRequest).getPathInfo()); - if ( ! itemId.equals(IRRELEVANT_REQUEST)) { - if ( ! permissionsServices.isAllowed(itemId,userId,EDIT_ITEM)) { - ((HttpServletResponse) servletResponse).setStatus(HttpServletResponse.SC_FORBIDDEN); - servletResponse.getWriter().print("Permissions Error. The user does not have " + - "permission to perform" + - " this action."); - return; - } - } - } + if ((servletRequest instanceof HttpServletRequest) && + isIrrelevant((HttpServletRequest) servletRequest, servletResponse)) { + return; } filterChain.doFilter(servletRequest, servletResponse); } + private boolean isIrrelevant(HttpServletRequest servletRequest, ServletResponse servletResponse) throws IOException { + + + String method = servletRequest.getMethod(); + if (method.equals("POST") || method.equals("PUT")) { + + String userId = servletRequest.getHeader("USER_ID"); + String itemId = parseItemIdFromPath(servletRequest.getPathInfo()); + + if (!itemId.equals(IRRELEVANT_REQUEST) && !permissionsServices.isAllowed(itemId,userId,EDIT_ITEM)) { + ((HttpServletResponse) servletResponse).setStatus(HttpServletResponse.SC_FORBIDDEN); + servletResponse.getWriter().print("Permissions Error. The user does not have " + + "permission to perform" + + " this action."); + return true; + } + } + + return false; + } + private String parseItemIdFromPath(String pathInfo) { String[] tokens = pathInfo.split("/"); if (tokens.length < 4) { @@ -67,6 +91,6 @@ public class PermissionsFilter implements Filter { @Override public void destroy() { - + // required by serlvet API } } |