summaryrefslogtreecommitdiffstats
path: root/dozentenmodulserver/src/main/java
diff options
context:
space:
mode:
authorSimon Rettberg2015-06-18 19:20:56 +0200
committerSimon Rettberg2015-06-18 19:20:56 +0200
commite9c43071935c25db93e3465b1c83b4be3a9421d1 (patch)
treef126ac46e6fff41a217ea1c1b2eff6d300087c25 /dozentenmodulserver/src/main/java
parent[server] Implement getOperatingSystems and getVirtualizers (diff)
downloadtutor-module-e9c43071935c25db93e3465b1c83b4be3a9421d1.tar.gz
tutor-module-e9c43071935c25db93e3465b1c83b4be3a9421d1.tar.xz
tutor-module-e9c43071935c25db93e3465b1c83b4be3a9421d1.zip
[server] Implemented getUsers call, more permission checking methods
Diffstat (limited to 'dozentenmodulserver/src/main/java')
-rw-r--r--dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImage.java92
-rw-r--r--dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbUser.java49
-rw-r--r--dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java95
-rw-r--r--dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/UserPermissions.java52
-rw-r--r--dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java35
5 files changed, 252 insertions, 71 deletions
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImage.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImage.java
index bbb5dad9..37baf447 100644
--- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImage.java
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbImage.java
@@ -21,6 +21,29 @@ public class DbImage {
private static final Logger LOGGER = Logger.getLogger(DbImage.class);
+ public static ImageSummaryRead getImageSummary(UserInfo user, String imageBaseId) throws SQLException,
+ TNotFoundException {
+ try (MysqlConnection connection = Database.getConnection()) {
+ return getImageSummary(connection, user, imageBaseId);
+ } catch (SQLException e) {
+ LOGGER.error("Query failed in DbImage.getImageSummary()", e);
+ throw e;
+ }
+ }
+
+ public static ImageSummaryRead getImageSummaryFromVersionId(UserInfo user, String imageVersionId)
+ throws TNotFoundException, SQLException {
+ try (MysqlConnection connection = Database.getConnection()) {
+ final String imageBaseId = getBaseIdForVersionId(connection, imageVersionId);
+ if (imageBaseId == null)
+ throw new TNotFoundException();
+ return getImageSummary(connection, user, imageBaseId);
+ } catch (SQLException e) {
+ LOGGER.error("Query failed in DbImage.getImageSummaryFromVersionId()", e);
+ throw e;
+ }
+ }
+
/**
* Get list of all images visible to the given user, optionally filtered by
* the given list of tags.
@@ -51,17 +74,7 @@ public class DbImage {
ResultSet rs = stmt.executeQuery();
List<ImageSummaryRead> list = new ArrayList<>();
while (rs.next()) {
- ImagePermissions defaultPermissions = DbImagePermissions.fromResultSetDefault(rs);
- ImageSummaryRead entry = new ImageSummaryRead(rs.getString("imagebaseid"),
- rs.getString("currentversionid"), rs.getString("latestversionid"),
- rs.getString("displayname"), rs.getInt("osid"), rs.getString("virtid"),
- rs.getLong("createtime"), rs.getLong("updatetime"), rs.getLong("expiretime"),
- rs.getString("ownerid"), rs.getString("uploaderid"),
- toShareMode(rs.getString("sharemode")), rs.getLong("filesize"),
- rs.getByte("isrestricted") != 0, rs.getByte("isvalid") != 0,
- rs.getByte("isprocessed") != 0, rs.getByte("istemplate") != 0, defaultPermissions);
- entry.userPermissions = DbImagePermissions.fromResultSetUser(rs);
- list.add(entry);
+ list.add(resultSetToSummary(rs));
}
return list;
} catch (SQLException e) {
@@ -103,7 +116,51 @@ public class DbImage {
}
}
- public static List<ImageVersionDetails> getImageVersions(MysqlConnection connection, String imageBaseId)
+ /**
+ * Private helper to create an {@link ImageSummaryRead} instance from a
+ * {@link ResultSet}
+ *
+ * @param rs
+ * @return
+ * @throws SQLException
+ */
+ private static ImageSummaryRead resultSetToSummary(ResultSet rs) throws SQLException {
+ ImagePermissions defaultPermissions = DbImagePermissions.fromResultSetDefault(rs);
+ ImageSummaryRead entry = new ImageSummaryRead(rs.getString("imagebaseid"),
+ rs.getString("currentversionid"), rs.getString("latestversionid"),
+ rs.getString("displayname"), rs.getInt("osid"), rs.getString("virtid"),
+ rs.getLong("createtime"), rs.getLong("updatetime"), rs.getLong("expiretime"),
+ rs.getString("ownerid"), rs.getString("uploaderid"), toShareMode(rs.getString("sharemode")),
+ rs.getLong("filesize"), rs.getByte("isrestricted") != 0, rs.getByte("isvalid") != 0,
+ rs.getByte("isprocessed") != 0, rs.getByte("istemplate") != 0, defaultPermissions);
+ entry.userPermissions = DbImagePermissions.fromResultSetUser(rs);
+ return entry;
+ }
+
+ private static ImageSummaryRead getImageSummary(MysqlConnection connection, UserInfo user,
+ String imageBaseId) throws SQLException, TNotFoundException {
+ MysqlStatement stmt = connection.prepareStatement("SELECT"
+ + " i.imagebaseid, i.currentversionid, i.latestversionid, i.displayname,"
+ + " i.osid, i.virtid, i.createtime, i.updatetime, i.ownerid,"
+ + " i.sharemode, i.istemplate, i.canlinkdefault, i.candownloaddefault,"
+ + " i.caneditdefault, i.canadmindefault,"
+ + " cur.expiretime, cur.filesize, cur.isenabled, cur.isrestricted, cur.isvalid,"
+ + " lat.uploaderid, lat.isprocessed,"
+ + " perm.canlink, perm.candownload, perm.canedit, perm.canadmin"
+ + " FROM imagebase i"
+ + " LEFT JOIN imageversion cur ON (cur.imageversionid = i.currentversionid)"
+ + " LEFT JOIN imageversion lat ON (lat.imageversionid = i.latestversionid)"
+ + " LEFT JOIN imagepermission perm ON (i.imagebaseid = perm.imagebaseid AND perm.userid = :userid)"
+ + " WHERE i.imagebaseid = :imagebaseid");
+ stmt.setString("userid", user.userId);
+ stmt.setString("imagebaseid", imageBaseId);
+ ResultSet rs = stmt.executeQuery();
+ if (!rs.next())
+ throw new TNotFoundException();
+ return resultSetToSummary(rs);
+ }
+
+ private static List<ImageVersionDetails> getImageVersions(MysqlConnection connection, String imageBaseId)
throws SQLException {
List<ImageVersionDetails> versionList = new ArrayList<>();
MysqlStatement stmt = connection.prepareStatement("SELECT"
@@ -124,6 +181,17 @@ public class DbImage {
return versionList;
}
+ private static String getBaseIdForVersionId(MysqlConnection connection, String imageVersionId)
+ throws SQLException {
+ MysqlStatement stmt = connection.prepareStatement("SELECT imagebaseid FROM imageversion"
+ + " WHERE imageversionid = :imageversionid LIMIT 1");
+ stmt.setString("imageversionid", imageVersionId);
+ ResultSet rs = stmt.executeQuery();
+ if (!rs.next())
+ return null;
+ return rs.getString("imagebaseid");
+ }
+
private static ShareMode toShareMode(String string) {
return ShareMode.valueOf(string);
}
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbUser.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbUser.java
new file mode 100644
index 00000000..6106fab5
--- /dev/null
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/database/mappers/DbUser.java
@@ -0,0 +1,49 @@
+package org.openslx.bwlp.sat.database.mappers;
+
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+import org.openslx.bwlp.sat.database.Database;
+import org.openslx.bwlp.sat.database.MysqlConnection;
+import org.openslx.bwlp.sat.database.MysqlStatement;
+import org.openslx.bwlp.thrift.iface.UserInfo;
+
+public class DbUser {
+
+ private static final Logger LOGGER = Logger.getLogger(DbUser.class);
+
+ private static final int PER_PAGE = 200;
+
+ /**
+ * Get all users, starting at page <code>page</code>.
+ * This function will return a maximum of {@link #PER_PAGE}(200) results, so
+ * you might need to call this method several times.
+ *
+ * @param page Page to return. The first page is page 0.
+ * @return List of {@link UserInfo}
+ * @throws SQLException
+ */
+ public static List<UserInfo> getAll(int page) throws SQLException {
+ if (page < 0)
+ return new ArrayList<>(1);
+ final int offset = page * 200;
+ try (MysqlConnection connection = Database.getConnection()) {
+ MysqlStatement stmt = connection.prepareStatement("SELECT userid, firstname, lastname, email, organizationid"
+ + " FROM user ORDER BY userid ASC LIMIT " + offset + ", " + PER_PAGE);
+ ResultSet rs = stmt.executeQuery();
+ List<UserInfo> list = new ArrayList<>();
+ while (rs.next()) {
+ list.add(new UserInfo(rs.getString("userid"), rs.getString("firstname"),
+ rs.getString("lastname"), rs.getString("email"), rs.getString("organizationid")));
+ }
+ return list;
+ } catch (SQLException e) {
+ LOGGER.error("Query failed in DbUser.getAll()", e);
+ throw e;
+ }
+ }
+
+}
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java
new file mode 100644
index 00000000..1a22d074
--- /dev/null
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java
@@ -0,0 +1,95 @@
+package org.openslx.bwlp.sat.permissions;
+
+import java.sql.SQLException;
+
+import org.openslx.bwlp.sat.database.mappers.DbImage;
+import org.openslx.bwlp.thrift.iface.AuthorizationError;
+import org.openslx.bwlp.thrift.iface.ImagePermissions;
+import org.openslx.bwlp.thrift.iface.ImageSummaryRead;
+import org.openslx.bwlp.thrift.iface.TAuthorizationException;
+import org.openslx.bwlp.thrift.iface.TInternalServerError;
+import org.openslx.bwlp.thrift.iface.TNotFoundException;
+import org.openslx.bwlp.thrift.iface.UserInfo;
+
+public class User {
+
+ public enum Permission {
+ LINK,
+ DOWNLOAD,
+ EDIT,
+ ADMIN
+ }
+
+ private static boolean canActionImage(UserInfo ui, Permission checkPerm,
+ ImagePermissions... imagePermissions) {
+ for (ImagePermissions perm : imagePermissions) {
+ if (perm == null)
+ continue;
+ if (checkPerm == Permission.LINK)
+ return perm.link;
+ if (checkPerm == Permission.DOWNLOAD)
+ return perm.download;
+ if (checkPerm == Permission.EDIT)
+ return perm.edit;
+ if (checkPerm == Permission.ADMIN)
+ return perm.admin;
+ }
+ return isSuperUser(ui);
+ }
+
+ public static boolean isSuperUser(UserInfo ui) {
+ // TODO: for superuser override
+ return false;
+ }
+
+ /**
+ * Check if the given user has the given permission for the image identified
+ * by the given image base id.
+ *
+ * @param user
+ * @param imageBaseId
+ * @param permission
+ * @throws TAuthorizationException
+ * @throws TInternalServerError
+ * @throws TNotFoundException
+ */
+ public static void hasImageBasePermissionOrFail(UserInfo user, String imageBaseId, Permission permission)
+ throws TAuthorizationException, TInternalServerError, TNotFoundException {
+ ImageSummaryRead localImage;
+ try {
+ localImage = DbImage.getImageSummary(user, imageBaseId);
+ } catch (SQLException e) {
+ throw new TInternalServerError();
+ }
+ if (!canActionImage(user, permission, localImage.userPermissions, localImage.defaultPermissions)) {
+ throw new TAuthorizationException(AuthorizationError.NO_PERMISSION, "Required permission: "
+ + permission.toString());
+ }
+ }
+
+ /**
+ * Check if the given user has the given permission for the image identified
+ * by the given image version id.
+ *
+ * @param user
+ * @param imageVersionId
+ * @param permission
+ * @throws TAuthorizationException
+ * @throws TInternalServerError
+ * @throws TNotFoundException
+ */
+ public static void hasImageVersionPermissionOrFail(UserInfo user, String imageVersionId,
+ Permission permission) throws TAuthorizationException, TInternalServerError, TNotFoundException {
+ ImageSummaryRead localImage;
+ try {
+ localImage = DbImage.getImageSummaryFromVersionId(user, imageVersionId);
+ } catch (SQLException e) {
+ throw new TInternalServerError();
+ }
+ if (!canActionImage(user, permission, localImage.userPermissions, localImage.defaultPermissions)) {
+ throw new TAuthorizationException(AuthorizationError.NO_PERMISSION, "Required permission: "
+ + permission.toString());
+ }
+ }
+
+}
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/UserPermissions.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/UserPermissions.java
deleted file mode 100644
index d741aa4b..00000000
--- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/UserPermissions.java
+++ /dev/null
@@ -1,52 +0,0 @@
-package org.openslx.bwlp.sat.permissions;
-
-import org.openslx.bwlp.thrift.iface.ImagePermissions;
-import org.openslx.bwlp.thrift.iface.UserInfo;
-
-public class UserPermissions {
-
- private enum Permission {
- LINK,
- DOWNLOAD,
- EDIT,
- ADMIN
- }
-
- public static boolean canLinkImage(UserInfo ui, ImagePermissions... imagePermissions) {
- return canActionImage(Permission.LINK, imagePermissions) || isSuperUser(ui);
- }
-
- public static boolean canDownloadImage(UserInfo ui, ImagePermissions... imagePermissions) {
- return canActionImage(Permission.DOWNLOAD, imagePermissions) || isSuperUser(ui);
- }
-
- public static boolean canEditImage(UserInfo ui, ImagePermissions... imagePermissions) {
- return canActionImage(Permission.EDIT, imagePermissions) || isSuperUser(ui);
- }
-
- public static boolean canAdminImage(UserInfo ui, ImagePermissions... imagePermissions) {
- return canActionImage(Permission.ADMIN, imagePermissions) || isSuperUser(ui);
- }
-
- private static boolean canActionImage(Permission checkPerm, ImagePermissions... imagePermissions) {
- for (ImagePermissions perm : imagePermissions) {
- if (perm == null)
- continue;
- if (checkPerm == Permission.LINK && perm.link)
- return true;
- if (checkPerm == Permission.DOWNLOAD && perm.download)
- return true;
- if (checkPerm == Permission.EDIT && perm.edit)
- return true;
- if (checkPerm == Permission.ADMIN && perm.admin)
- return true;
- }
- return false;
- }
-
- public static boolean isSuperUser(UserInfo ui) {
- // TODO: for superuser override
- return false;
- }
-
-}
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java
index 2fe18160..40155972 100644
--- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java
@@ -8,8 +8,11 @@ import java.util.Map;
import org.apache.log4j.Logger;
import org.apache.thrift.TException;
import org.openslx.bwlp.sat.database.mappers.DbImage;
+import org.openslx.bwlp.sat.database.mappers.DbUser;
import org.openslx.bwlp.sat.fileserv.ActiveUpload;
import org.openslx.bwlp.sat.fileserv.FileServer;
+import org.openslx.bwlp.sat.permissions.User;
+import org.openslx.bwlp.sat.permissions.User.Permission;
import org.openslx.bwlp.sat.thrift.cache.OperatingSystemList;
import org.openslx.bwlp.sat.thrift.cache.OrganizationList;
import org.openslx.bwlp.sat.thrift.cache.VirtualizerList;
@@ -38,7 +41,7 @@ import org.openslx.sat.thrift.version.Version;
public class ServerHandler implements SatelliteServer.Iface {
- private static final Logger log = Logger.getLogger(ServerHandler.class);
+ private static final Logger LOGGER = Logger.getLogger(ServerHandler.class);
private static final FileServer fileServer = FileServer.instance();
@@ -132,35 +135,44 @@ public class ServerHandler implements SatelliteServer.Iface {
@Override
public boolean updateImageBase(String userToken, String imageBaseId, ImageBaseWrite image)
throws TAuthorizationException, TException {
- // TODO Auto-generated method stub
+ UserInfo user = SessionManager.getOrFail(userToken);
+ User.hasImageBasePermissionOrFail(user, imageBaseId, Permission.EDIT);
+ // TODO: Permissions cleared; Now update image base data
return false;
}
@Override
public boolean updateImageVersion(String userToken, String imageVersionId, ImageVersionWrite image)
throws TAuthorizationException, TException {
- // TODO Auto-generated method stub
+ UserInfo user = SessionManager.getOrFail(userToken);
+ User.hasImageVersionPermissionOrFail(user, imageVersionId, Permission.EDIT);
+ // TODO: Permissions cleared; Now update image version data
return false;
}
@Override
public boolean deleteImageVersion(String userToken, String imageVersionId)
throws TAuthorizationException, TNotFoundException, TException {
- // TODO Auto-generated method stub
+ UserInfo user = SessionManager.getOrFail(userToken);
+ User.hasImageVersionPermissionOrFail(user, imageVersionId, Permission.ADMIN);
+ // TODO: Permissions cleared; Now mark image for deletion (set expire time in the past...)
return false;
}
@Override
- public boolean writeImagePermissions(String userToken, String imageId,
+ public boolean writeImagePermissions(String userToken, String imageBaseId,
Map<String, ImagePermissions> permissions) throws TAuthorizationException, TNotFoundException,
TException {
- // TODO Auto-generated method stub
+ UserInfo user = SessionManager.getOrFail(userToken);
+ User.hasImageBasePermissionOrFail(user, imageBaseId, Permission.ADMIN);
+ // TODO: Permissions cleared; Now update image base data
return false;
}
@Override
public Map<String, ImagePermissions> getImagePermissions(String userToken, String imageBaseId)
throws TAuthorizationException, TNotFoundException, TException {
+ UserInfo user = SessionManager.getOrFail(userToken);
// TODO Auto-generated method stub
return null;
}
@@ -221,4 +233,13 @@ public class ServerHandler implements SatelliteServer.Iface {
return null;
}
-}// end class
+ @Override
+ public List<UserInfo> getUserList(String userToken, int page) throws TAuthorizationException, TException {
+ try {
+ return DbUser.getAll(page);
+ } catch (SQLException e) {
+ throw new TInternalServerError();
+ }
+ }
+
+}
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2026-03-01 08:48:15 +0100