Package com.sun.enterprise.v3.admin

Source Code of com.sun.enterprise.v3.admin.JobAuthorizationAttributeProcessor

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2012-2013 Oracle and/or its affiliates. All rights reserved.
*
* The contents of this file are subject to the terms of either the GNU
* General Public License Version 2 only ("GPL") or the Common Development
* and Distribution License("CDDL") (collectively, the "License").  You
* may not use this file except in compliance with the License.  You can
* obtain a copy of the License at
* https://glassfish.dev.java.net/public/CDDL+GPL_1_1.html
* or packager/legal/LICENSE.txt.  See the License for the specific
* language governing permissions and limitations under the License.
*
* When distributing the software, include this License Header Notice in each
* file and include the License file at packager/legal/LICENSE.txt.
*
* GPL Classpath Exception:
* Oracle designates this particular file as subject to the "Classpath"
* exception as provided by Oracle in the GPL Version 2 section of the License
* file that accompanied this code.
*
* Modifications:
* If applicable, add the following below the License Header, with the fields
* enclosed by brackets [] replaced by your own identifying information:
* "Portions Copyright [year] [name of copyright owner]"
*
* Contributor(s):
* If you wish your version of this file to be governed by only the CDDL or
* only the GPL Version 2, indicate your decision by adding "[Contributor]
* elects to include this software in this distribution under the [CDDL or GPL
* Version 2] license."  If you don't indicate a single choice of license, a
* recipient has the option to distribute your version of this file under
* either the CDDL, the GPL Version 2 or to extend the choice of license to
* its licensees as provided above.  However, if you add GPL Version 2 code
* and therefore, elected the GPL Version 2 license, then the option applies
* only if the new code is made subject to such option by the copyright
* holder.
*/
package com.sun.enterprise.v3.admin;

import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.inject.Inject;
import javax.inject.Singleton;
import javax.security.auth.Subject;
import org.glassfish.api.admin.AdminCommand;
import org.glassfish.api.admin.AuthorizationPreprocessor;
import org.glassfish.api.admin.Job;
import org.glassfish.api.admin.JobManager;
import org.glassfish.api.admin.progress.JobInfo;
import org.glassfish.security.services.common.SubjectUtil;
import org.jvnet.hk2.annotations.Service;

/**
* Attaches a user attribute to job resources for authorization.
*
* @author Tim Quinn
* @author Bhakti Mehta
*/
@Service
@Singleton
public class JobAuthorizationAttributeProcessor implements AuthorizationPreprocessor {

    private final static String USER_ATTRIBUTE_NAME = "user";
   
    public final static String JOB_RESOURCE_NAME_PREFIX_NO_SLASH = "jobs/job";
    public final static String JOB_RESOURCE_NAME_PREFIX = JOB_RESOURCE_NAME_PREFIX_NO_SLASH + '/';
   
    public final static Pattern JOB_PATTERN = Pattern.compile("(?:" + JOB_RESOURCE_NAME_PREFIX_NO_SLASH + "(?:/(\\d*))?)");
   
    @Inject
    private JobManager jobManager;
   
    @Override
    public void describeAuthorization(Subject subject, String resourceName, String action, AdminCommand command, Map<String, Object> context, Map<String, String> subjectAttributes, Map<String, String> resourceAttributes, Map<String, String> actionAttributes) {
        final Matcher m = JOB_PATTERN.matcher(resourceName);
        if ( ! m.matches()) {
            return;
        }
        if (m.groupCount() == 0) {
            /*
             * The resource name pattern did not match for including a job ID,
             * so we will not be able to attach a user attribute to the resource.
             */
            return;
        }
        final String jobID = m.group(1);
        final Job job = jobManager.get(jobID);
        String userID = null;
       
        /*
         * This logic might run before any validation in the command has run,
         * in which case the job ID would be invalid and the job manager and/or
         * the completed jobs store might not know about the job.
         */
        if (job != null) {
            userID = SubjectUtil.getUsernamesFromSubject(job.getSubject()).get(0);
        } else {
            if (jobManager.getCompletedJobs() != null) {
                    final JobInfo jobInfo = (JobInfo) jobManager.getCompletedJobForId(jobID);
                    if (jobInfo != null) {
                        userID = jobInfo.user;
                    }
                }
        }
           
        if (userID != null) {
            resourceAttributes.put(USER_ATTRIBUTE_NAME, userID);
        }
    }
}
TOP

Related Classes of com.sun.enterprise.v3.admin.JobAuthorizationAttributeProcessor

  • com.sun.enterprise.admin.remote.RemoteRestAdminCommand
  • com.sun.enterprise.admin.util.RemoteInstanceCommandHelper
  • com.sun.enterprise.config.serverbeans.Application
  • com.sun.enterprise.config.serverbeans.Cluster
  • com.sun.enterprise.config.serverbeans.Config
  • com.sun.enterprise.config.serverbeans.Node
  • com.sun.enterprise.config.serverbeans.Nodes
  • com.sun.enterprise.config.serverbeans.Server
  • com.sun.enterprise.config.serverbeans.SshAuth
  • com.sun.enterprise.config.serverbeans.SshConnector
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.