Package com.google.enterprise.connector.spi

Examples of com.google.enterprise.connector.spi.AuthorizationResponse

92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
      if (user == null) {
        LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
            "Person not found in connector user database: " + gsaName +
            " using " + ncs.getUsernameType() + " username type");
        for (String docId : docIds) {
          authorized.add(new AuthorizationResponse(false, docId));
        }
      } else {
        LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
            "Authorizing documents for user " + gsaName +
            " using " + ncs.getUsernameType() + " username type");
        ArrayList<String> userGroups = new ArrayList<String>(user.getGroups());
        LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
            "Groups for " + gsaName + " are: " + userGroups);

        NotesSession ns = null;
        try {
          ns = ncs.createNotesSession();
          NotesDatabase cdb =
              ns.getDatabase(ncs.getServer(), ncs.getDatabase());
          NotesView securityView = cdb.getView(NCCONST.VIEWSECURITY);
          for (String docId : docIds) {
            NotesViewNavigator secVN = null;
            NotesDocument dbdoc = null;
            try {
              // Extract the database and UNID from the URL
              String repId = getRepIdFromDocId(docId);
              String unid = getUNIDFromDocId(docId);
              LOGGER.logp(Level.FINER, CLASS_NAME, METHOD,
                  "Authorizing document: " + repId + " : " + unid);

              // Get the category from the security view for this
              // database. The first document in the category is
              // ALWAYS the database document.
              secVN = securityView.createViewNavFromCategory(repId);
              dbdoc = secVN.getFirstDocument().getDocument();
              boolean dballow =
                  checkDatabaseAccess(dbdoc, user);

              // Only check document level security if we are
              // allowed at the database level. Assume we have
              // access to the document unless proven
              // otherwise...
              boolean docallow = true;
              if (dballow) {
                Collection<String> readers =
                    ncs.getNotesDocumentManager()
                        .getDocumentReaders(unid, repId);
                if (readers.size() > 0) {
                  docallow = checkDocumentReaders(user, readers, repId);
                } else {
                  LOGGER.logp(Level.FINEST, CLASS_NAME, METHOD,
                      "No document level security for " + unid);
                }
              }
              boolean allow = docallow && dballow;
              LOGGER.logp(Level.FINER, CLASS_NAME, METHOD,
                  "Final auth decision is " + allow + " " + unid);
              authorized.add(new AuthorizationResponse(allow, docId));
            } catch (Throwable t) {
              LOGGER.logp(Level.WARNING, CLASS_NAME, METHOD,
                  "Failed to complete check for: " + docId, t);
              authorized.add(new AuthorizationResponse(
                      AuthorizationResponse.Status.INDETERMINATE, docId));
            } finally {
              Util.recycle(dbdoc);
              Util.recycle(secVN);
              // Log timing for each document.
              if (LOGGER.isLoggable(Level.FINER)) {
                elapsedTimeMillis = System.currentTimeMillis() - startTime;
                LOGGER.logp(Level.FINER, CLASS_NAME, METHOD,
                    "ElapsedAuthorizationResponseTime: " + elapsedTimeMillis
                    + " Documents authorized: " + authorized.size());
              }
            }
          }
        } finally {
          ncs.closeNotesSession(ns);
        }
      }
    } catch (Exception e) {
      LOGGER.log(Level.SEVERE, CLASS_NAME, e);
    }

    if (LOGGER.isLoggable(Level.FINER)) {
      for (int i = 0; i < authorized.size(); i++) {
        AuthorizationResponse ar = authorized.get(i);
        LOGGER.logp(Level.FINER, CLASS_NAME, METHOD,
            "AuthorizationResponse: " + ar.getDocid() + " : " + ar.isValid());
      }
    }
    // Get elapsed time in milliseconds
    elapsedTimeMillis = System.currentTimeMillis() - startTime;
    LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
View Full Code Here
185
186
187
188
189
190
191
192
193
194
195
      }
      authorized = new ArrayList<AuthorizationResponse>(docids.size());
      for (String id : docids) {
        boolean isAuthorized = object_id.contains(id);
        logger.info("id " + id + " hasRight? " + isAuthorized);
        authorized.add(new AuthorizationResponse(isAuthorized, id));
      }
    } finally {
      collec.close();
      logger.finest("after collec.close");
    }
View Full Code Here
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
  }

  @Override
  public AuthorizationResponse authorizeDocid(String docId, IUser user,
      boolean checkMarkings) throws RepositoryException {
    AuthorizationResponse authorizationResponse = null;
    IVersionSeries versionSeries = null;
    try {
      logger.config("Getting version series for document DocID: "
          + docId);
      versionSeries = (IVersionSeries) objectStore.getObject(ClassNames.VERSION_SERIES, URLDecoder.decode(docId, "UTF-8"));
    } catch (UnsupportedEncodingException e) {
      logger.log(Level.WARNING, "Unable to Decode: Encoding is not supported for the document with DocID: "
          + docId);
      versionSeries = null;
    } catch (RepositoryException e) {
      logger.log(Level.WARNING, "Error : document Version Series Id "
          + docId + " may no longer exist. Message: "
          + e.getLocalizedMessage());
      versionSeries = null;
    }

    if (versionSeries != null) {
      logger.config("Authorizing DocID: " + docId + " for user: "
          + user.get_Name());
      // Check whether the search user is authorized to view document
      // contents or
      // not.
      IDocument releasedVersion = versionSeries.get_ReleasedVersion();
      Permissions permissions = new Permissions(
          releasedVersion.get_Permissions(), releasedVersion.get_Owner());
      if (permissions.authorize(user)) {
        logger.log(Level.INFO, "As per the ACLS User "
            + user.get_Name()
            + " is authorized for document DocID " + docId);
        authorizationResponse = new AuthorizationResponse(true,
            docId);

        if (checkMarkings) {
          logger.log(Level.INFO, "Authorizing DocID: " + docId
              + " for user: " + user.get_Name()
              + " for Marking sets ");

          // check whether current document has property values
          // set for properties associated with marking sets or
          // not //
          if (releasedVersion.get_ActiveMarkings() != null) {
            logger.log(Level.INFO, "Document has property associated with Markings set");

            // check whether USER is authorized to view the
            // document as per the Marking set security applied
            // over it.
            MarkingPermissions markingPermissions =
                new MarkingPermissions(releasedVersion.get_ActiveMarkings());
            if (markingPermissions.authorize(user)) {
              logger.log(Level.INFO, "As per the Marking Sets User "
                  + user.get_Name()
                  + " is authorized for document DocID "
                  + docId);
              authorizationResponse = new AuthorizationResponse(
                  true, docId);
            } else {
              logger.log(Level.INFO, "As per the Marking Sets User "
                  + user.get_Name()
                  + " is NOT authorized for document DocID "
                  + docId);
              authorizationResponse = new AuthorizationResponse(
                  false, docId);
            }

          } else {
            logger.log(Level.INFO, "Document does not have property associated with Marking Sets "
                + docId);
            logger.log(Level.INFO, "User "
                + user.get_Name()
                + " is authorized for document DocID "
                + docId);
            authorizationResponse = new AuthorizationResponse(
                true, docId);
          }
        } else {
          logger.log(Level.INFO, "Either Document class does not have property associated with Marking Sets or Connector is not configured to check Marking Sets ");
          logger.log(Level.INFO, "User " + user.get_Name()
              + " is authorized for document DocID " + docId);
          authorizationResponse = new AuthorizationResponse(true,
              docId);
        }
      } else {
        authorizationResponse = new AuthorizationResponse(false,
            docId);
        logger.log(Level.INFO, "As per the ACLS User "
            + user.get_Name()
            + " is NOT authorized for document DocID " + docId);
      }
    } else {
      authorizationResponse = new AuthorizationResponse(false, docId);
      logger.log(Level.INFO, "User " + user.get_Name()
          + " is NOT authorized for document DocID " + docId
          + "version series null");
    }
    return authorizationResponse;
View Full Code Here
161
162
163
164
165
166
167
168
169
170
171
          try {
            responses.put(docId, getResponse(docId));
          } catch (RepositoryException e) {
            logger.log(Level.WARNING, "Failed to authorize docid " + docId
                + " for user " + user.get_Name(), e);
            responses.put(docId, new AuthorizationResponse(false, docId));
          }
        }
      } finally {
        handler.popSubject();
      }
View Full Code Here
80
81
82
83
84
85
86
    @Override
    public AuthorizationResponse authorizeDocid(String docid, IUser user,
        boolean checkMarkings) throws RepositoryException {
      threads.add(Thread.currentThread().getName());
      return new AuthorizationResponse(true, docid);
    }
View Full Code Here
122
123
124
125
126
127
128
129
130
131
132
  private void mCheckForUser(String username, Collection<IdAuth> baseline,
      Collection<AuthorizationResponse> actual) throws RepositoryException {
    for (IdAuth authz : baseline) {
      String docid = authz.id;

      AuthorizationResponse found = null;
      for (AuthorizationResponse a : actual) {
        if (docid.equals(a.getDocid())) {
          assertNull("DocId " + docid + " appears in the " +
              "authorized list more than once.", found);
          found = a;
View Full Code Here
163
164
165
166
167
168
169
170
171
172
173
      addAuthorizedDocids(docids, username, authorized);
    authorized.trimToSize();

    if (LOGGER.isLoggable(Level.FINEST)) {
      for (String docid : docids) {
        AuthorizationResponse ar = new AuthorizationResponse(true, docid);
        LOGGER.finest("AUTHORIZED " + docid + ": " + authorized.contains(ar));
      }
    } else if (LOGGER.isLoggable(Level.FINE))
      LOGGER.fine("AUTHORIZED: " + authorized.size() + " documents.");
View Full Code Here
295
296
297
298
299
300
301
  }

  /** A factory interface for <code>AuthorizationResponse</code> objects. */
  private static class AuthzCreator implements Creator<AuthorizationResponse> {
    @Override public AuthorizationResponse fromString(String value) {
      return new AuthorizationResponse(true, value);
    }
View Full Code Here
666
667
668
669
670
671
672
    if (status) {
      LOGGER.log(Level.FINE, logMessage);
    } else {
      LOGGER.log(Level.WARNING, logMessage);
    }
    return response.add(new AuthorizationResponse(status, DocId));
  }
View Full Code Here
87
88
89
90
91
92
93
94
95
96
97
    List<String> authorizedIds = new ArrayList<String>();
    List<String> notAutorizedIds = new ArrayList<String>();
    for (String docId : docIds) {
      if (canRead(docId, identity)) {
        authorizedIds.add(docId);
        authorized.add(new AuthorizationResponse(true, docId));
      } else {
        notAutorizedIds.add(docId);
      }
    }
    if (LOG.isLoggable(Level.INFO)) {
View Full Code Here
TOP

Related Classes of com.google.enterprise.connector.spi.AuthorizationResponse

  • com.google.enterprise.connector.db.DBConnectorAuthorizationManager
  • com.google.enterprise.connector.dctm.DctmAuthorizationManager
  • com.google.enterprise.connector.filenet4.FileAuthorizationHandler
  • com.google.enterprise.connector.filenet4.FileAuthorizationManager$AuthorizationTask
  • com.google.enterprise.connector.filenet4.FileAuthorizationManagerTest$MockAuthorizationHandler
  • com.google.enterprise.connector.filesystem.FileAuthorizationManager
  • com.google.enterprise.connector.instantiator.SimpleTestConnector$SimpleAuthorizationManager
  • com.google.enterprise.connector.jcr.JcrAuthorizationManager
  • com.google.enterprise.connector.manager.MockManager
  • com.google.enterprise.connector.manager.ProductionManagerTest$AuthorizeAllAuthorizationManager
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.