Examples of AuthorizationResponse

Examples of com.google.enterprise.connector.spi.AuthorizationResponse

92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
      if (user == null) {
        LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
            "Person not found in connector user database: " + gsaName +
            " using " + ncs.getUsernameType() + " username type");
        for (String docId : docIds) {
          authorized.add(new AuthorizationResponse(false, docId));
        }
      } else {
        LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
            "Authorizing documents for user " + gsaName +
            " using " + ncs.getUsernameType() + " username type");
        ArrayList<String> userGroups = new ArrayList<String>(user.getGroups());
        LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
            "Groups for " + gsaName + " are: " + userGroups);

        NotesSession ns = null;
        try {
          ns = ncs.createNotesSession();
          NotesDatabase cdb =
              ns.getDatabase(ncs.getServer(), ncs.getDatabase());
          NotesView securityView = cdb.getView(NCCONST.VIEWSECURITY);
          for (String docId : docIds) {
            NotesViewNavigator secVN = null;
            NotesDocument dbdoc = null;
            try {
              // Extract the database and UNID from the URL
              String repId = getRepIdFromDocId(docId);
              String unid = getUNIDFromDocId(docId);
              LOGGER.logp(Level.FINER, CLASS_NAME, METHOD,
                  "Authorizing document: " + repId + " : " + unid);

              // Get the category from the security view for this
              // database. The first document in the category is
              // ALWAYS the database document.
              secVN = securityView.createViewNavFromCategory(repId);
              dbdoc = secVN.getFirstDocument().getDocument();
              boolean dballow =
                  checkDatabaseAccess(dbdoc, user);

              // Only check document level security if we are
              // allowed at the database level. Assume we have
              // access to the document unless proven
              // otherwise...
              boolean docallow = true;
              if (dballow) {
                Collection<String> readers =
                    ncs.getNotesDocumentManager()
                        .getDocumentReaders(unid, repId);
                if (readers.size() > 0) {
                  docallow = checkDocumentReaders(user, readers, repId);
                } else {
                  LOGGER.logp(Level.FINEST, CLASS_NAME, METHOD,
                      "No document level security for " + unid);
                }
              }
              boolean allow = docallow && dballow;
              LOGGER.logp(Level.FINER, CLASS_NAME, METHOD,
                  "Final auth decision is " + allow + " " + unid);
              authorized.add(new AuthorizationResponse(allow, docId));
            } catch (Throwable t) {
              LOGGER.logp(Level.WARNING, CLASS_NAME, METHOD,
                  "Failed to complete check for: " + docId, t);
              authorized.add(new AuthorizationResponse(
                      AuthorizationResponse.Status.INDETERMINATE, docId));
            } finally {
              Util.recycle(dbdoc);
              Util.recycle(secVN);
              // Log timing for each document.
              if (LOGGER.isLoggable(Level.FINER)) {
                elapsedTimeMillis = System.currentTimeMillis() - startTime;
                LOGGER.logp(Level.FINER, CLASS_NAME, METHOD,
                    "ElapsedAuthorizationResponseTime: " + elapsedTimeMillis
                    + " Documents authorized: " + authorized.size());
              }
            }
          }
        } finally {
          ncs.closeNotesSession(ns);
        }
      }
    } catch (Exception e) {
      LOGGER.log(Level.SEVERE, CLASS_NAME, e);
    }

    if (LOGGER.isLoggable(Level.FINER)) {
      for (int i = 0; i < authorized.size(); i++) {
        AuthorizationResponse ar = authorized.get(i);
        LOGGER.logp(Level.FINER, CLASS_NAME, METHOD,
            "AuthorizationResponse: " + ar.getDocid() + " : " + ar.isValid());
      }
    }
    // Get elapsed time in milliseconds
    elapsedTimeMillis = System.currentTimeMillis() - startTime;
    LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
View Full Code Here

Examples of com.google.enterprise.connector.spi.AuthorizationResponse

185
186
187
188
189
190
191
192
193
194
195
      }
      authorized = new ArrayList<AuthorizationResponse>(docids.size());
      for (String id : docids) {
        boolean isAuthorized = object_id.contains(id);
        logger.info("id " + id + " hasRight? " + isAuthorized);
        authorized.add(new AuthorizationResponse(isAuthorized, id));
      }
    } finally {
      collec.close();
      logger.finest("after collec.close");
    }
View Full Code Here

Examples of com.google.enterprise.connector.spi.AuthorizationResponse

114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
  }

  @Override
  public AuthorizationResponse authorizeDocid(String docId, IUser user,
      boolean checkMarkings) throws RepositoryException {
    AuthorizationResponse authorizationResponse = null;
    IVersionSeries versionSeries = null;
    try {
      logger.config("Getting version series for document DocID: "
          + docId);
      versionSeries = (IVersionSeries) objectStore.getObject(ClassNames.VERSION_SERIES, URLDecoder.decode(docId, "UTF-8"));
    } catch (UnsupportedEncodingException e) {
      logger.log(Level.WARNING, "Unable to Decode: Encoding is not supported for the document with DocID: "
          + docId);
      versionSeries = null;
    } catch (RepositoryException e) {
      logger.log(Level.WARNING, "Error : document Version Series Id "
          + docId + " may no longer exist. Message: "
          + e.getLocalizedMessage());
      versionSeries = null;
    }

    if (versionSeries != null) {
      logger.config("Authorizing DocID: " + docId + " for user: "
          + user.get_Name());
      // Check whether the search user is authorized to view document
      // contents or
      // not.
      IDocument releasedVersion = versionSeries.get_ReleasedVersion();
      Permissions permissions = new Permissions(
          releasedVersion.get_Permissions(), releasedVersion.get_Owner());
      if (permissions.authorize(user)) {
        logger.log(Level.INFO, "As per the ACLS User "
            + user.get_Name()
            + " is authorized for document DocID " + docId);
        authorizationResponse = new AuthorizationResponse(true,
            docId);

        if (checkMarkings) {
          logger.log(Level.INFO, "Authorizing DocID: " + docId
              + " for user: " + user.get_Name()
              + " for Marking sets ");

          // check whether current document has property values
          // set for properties associated with marking sets or
          // not //
          if (releasedVersion.get_ActiveMarkings() != null) {
            logger.log(Level.INFO, "Document has property associated with Markings set");

            // check whether USER is authorized to view the
            // document as per the Marking set security applied
            // over it.
            MarkingPermissions markingPermissions =
                new MarkingPermissions(releasedVersion.get_ActiveMarkings());
            if (markingPermissions.authorize(user)) {
              logger.log(Level.INFO, "As per the Marking Sets User "
                  + user.get_Name()
                  + " is authorized for document DocID "
                  + docId);
              authorizationResponse = new AuthorizationResponse(
                  true, docId);
            } else {
              logger.log(Level.INFO, "As per the Marking Sets User "
                  + user.get_Name()
                  + " is NOT authorized for document DocID "
                  + docId);
              authorizationResponse = new AuthorizationResponse(
                  false, docId);
            }

          } else {
            logger.log(Level.INFO, "Document does not have property associated with Marking Sets "
                + docId);
            logger.log(Level.INFO, "User "
                + user.get_Name()
                + " is authorized for document DocID "
                + docId);
            authorizationResponse = new AuthorizationResponse(
                true, docId);
          }
        } else {
          logger.log(Level.INFO, "Either Document class does not have property associated with Marking Sets or Connector is not configured to check Marking Sets ");
          logger.log(Level.INFO, "User " + user.get_Name()
              + " is authorized for document DocID " + docId);
          authorizationResponse = new AuthorizationResponse(true,
              docId);
        }
      } else {
        authorizationResponse = new AuthorizationResponse(false,
            docId);
        logger.log(Level.INFO, "As per the ACLS User "
            + user.get_Name()
            + " is NOT authorized for document DocID " + docId);
      }
    } else {
      authorizationResponse = new AuthorizationResponse(false, docId);
      logger.log(Level.INFO, "User " + user.get_Name()
          + " is NOT authorized for document DocID " + docId
          + "version series null");
    }
    return authorizationResponse;
View Full Code Here

Examples of org.apache.isis.runtimes.dflt.remoting.common.exchange.AuthorizationResponse

68
69
70
71
72
73
74
        return null;
    }

    @Override
    public AuthorizationResponse authorizeUsability(final AuthorizationRequestUsability request) {
        return new AuthorizationResponse(false);
    }
View Full Code Here

Examples of org.apache.isis.runtimes.dflt.remoting.common.exchange.AuthorizationResponse

73
74
75
76
77
78
79
        return new AuthorizationResponse(false);
    }

    @Override
    public AuthorizationResponse authorizeVisibility(final AuthorizationRequestVisibility request) {
        return new AuthorizationResponse(false);
    }
View Full Code Here

Examples of org.apache.isis.runtimes.dflt.remoting.common.exchange.AuthorizationResponse

314
315
316
317
318
319
320
    // server-side encoding
    // /////////////////////////////////////////////////////////

    @Override
    public AuthorizationResponse encodeAuthorizeResponse(final boolean authorized) {
        return new AuthorizationResponse(authorized);
    }
View Full Code Here

Examples of org.apache.isis.runtimes.dflt.remoting.common.exchange.AuthorizationResponse

72
73
74
75
76
77
78
79
80
81
82
    public boolean isUsable(final AuthenticationSession session, final ObjectAdapter target, final Identifier identifier) {
        final IdentityData targetData = encoderDecoder.encodeIdentityData(target);

        final String idString = identifier.toIdentityString(Identifier.CLASS_MEMBERNAME_PARAMETERS);
        if (!usabilityCache.containsKey(idString)) {
            final AuthorizationResponse response = serverFacade.authorizeUsability(new AuthorizationRequestUsability(session, targetData, idString));
            final Boolean authorized = isAuthorized(response);
            usabilityCache.put(idString, authorized);
        }
        return usabilityCache.get(idString);
    }
View Full Code Here

Examples of org.apache.isis.runtimes.dflt.remoting.common.exchange.AuthorizationResponse

86
87
88
89
90
91
92
93
94
95
96
        final IdentityData targetData = encoderDecoder.encodeIdentityData(target);

        final String idString = identifier.toIdentityString(Identifier.CLASS_MEMBERNAME_PARAMETERS);
        if (!visibilityCache.containsKey(idString)) {
            final AuthorizationRequestVisibility request = new AuthorizationRequestVisibility(session, targetData, idString);
            final AuthorizationResponse response = serverFacade.authorizeVisibility(request);
            final Boolean authorized = isAuthorized(response);
            visibilityCache.put(idString, authorized);
        }
        return visibilityCache.get(idString);
    }
View Full Code Here

Examples of org.apache.isis.runtimes.dflt.remoting.common.exchange.AuthorizationResponse

73
74
75
76
77
78
79
80
81
82
83
    public boolean isUsable(final AuthenticationSession session, final ObjectAdapter target, final Identifier identifier) {
        final IdentityData targetData = encoderDecoder.encodeIdentityData(target);

        final String idString = identifier.toIdentityString(Identifier.CLASS_MEMBERNAME_PARAMETERS);
        if (!usabilityCache.containsKey(idString)) {
            final AuthorizationResponse response =
                serverFacade.authorizeUsability(new AuthorizationRequestUsability(session, targetData, idString));
            final Boolean authorized = isAuthorized(response);
            usabilityCache.put(idString, authorized);
        }
        return usabilityCache.get(idString);
View Full Code Here

Examples of org.apache.isis.runtimes.dflt.remoting.common.exchange.AuthorizationResponse

90
91
92
93
94
95
96
97
98
99
100
        final String idString = identifier.toIdentityString(Identifier.CLASS_MEMBERNAME_PARAMETERS);
        if (!visibilityCache.containsKey(idString)) {
            final AuthorizationRequestVisibility request =
                new AuthorizationRequestVisibility(session, targetData, idString);
            final AuthorizationResponse response = serverFacade.authorizeVisibility(request);
            final Boolean authorized = isAuthorized(response);
            visibilityCache.put(idString, authorized);
        }
        return visibilityCache.get(idString);
    }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.