HttpBasicAuthorizationPlugin.java revision 9050453ee182fd065e53c6abbab735081eb05294
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger * CDDL HEADER START
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger * The contents of this file are subject to the terms of the
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger * Common Development and Distribution License (the "License").
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger * You may not use this file except in compliance with the License.
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger * See LICENSE.txt included in this distribution for the specific
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger * language governing permissions and limitations under the License.
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger * When distributing Covered Code, include this CDDL HEADER in each
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger * file and include the License file at LICENSE.txt.
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger * If applicable, add the following below this CDDL HEADER, with the
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger * fields enclosed by brackets "[]" replaced with your own identifying
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger * information: Portions Copyright [yyyy] [name of copyright owner]
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger * CDDL HEADER END
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulingerimport javax.servlet.http.HttpServletRequest;
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulingerimport org.opensolaris.opengrok.authorization.IAuthorizationPlugin;
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulingerimport org.opensolaris.opengrok.configuration.Group;
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulingerimport org.opensolaris.opengrok.configuration.Project;
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger * This class is a full example of a working plugin from HTTP Basic tutorial on
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger * https://github.com/OpenGrok/OpenGrok/wiki/OpenGrok-Authorization#configuration
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger * @author Krystof Tulinger
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulingerpublic class HttpBasicAuthorizationPlugin implements IAuthorizationPlugin {
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger private static final Map<String, Set<String>> userProjects = new TreeMap<>();
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger private static final Map<String, Set<String>> userGroups = new TreeMap<>();
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger // all have access to "test-project-11" and some to other "test-project-5" or "test-project-8"
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger userProjects.put("007", new TreeSet<>(Arrays.asList(new String[]{"test-project-11", "test-project-5"})));
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger userProjects.put("008", new TreeSet<>(Arrays.asList(new String[]{"test-project-11", "test-project-8"})));
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger userProjects.put("009", new TreeSet<>(Arrays.asList(new String[]{"test-project-11"})));
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger userProjects.put("00A", new TreeSet<>(Arrays.asList(new String[]{"test-project-11"})));
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger userProjects.put("00B", new TreeSet<>(Arrays.asList(new String[]{"test-project-11"})));
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger userGroups.put("007", new TreeSet<>(Arrays.asList(new String[]{})));
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger userGroups.put("008", new TreeSet<>(Arrays.asList(new String[]{})));
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger userGroups.put("009", new TreeSet<>(Arrays.asList(new String[]{})));
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger userGroups.put("00A", new TreeSet<>(Arrays.asList(new String[]{})));
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger userGroups.put("00B", new TreeSet<>(Arrays.asList(new String[]{})));
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger public void load() {
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger public void unload() {
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger private void init(HttpServletRequest request) {
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger for (String group : Arrays.asList(new String[]{"admins", "users", "plugins", "ghost"})) {
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger discoverGroup(group, request, descendants);
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger userGroups.get(request.getUserPrincipal().getName()).addAll(descendants);
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger private void discoverGroup(String group, HttpServletRequest request, Set<String> descendants) {
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger if ((g = Group.getByName(group)) != null) {
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger // group discovery
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger userProjects.get(request.getUserPrincipal().getName()).add(p.getDescription());
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger userProjects.get(request.getUserPrincipal().getName()).add(p.getDescription());
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger userProjects.get(request.getUserPrincipal().getName()).add(p.getDescription());
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger userProjects.get(request.getUserPrincipal().getName()).add(p.getDescription());
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger while (g != null) {
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger public boolean isAllowed(HttpServletRequest request, Project project) {
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger return false;
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger return userProjects.get(request.getUserPrincipal().getName()).contains(project.getDescription());
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger public boolean isAllowed(HttpServletRequest request, Group group) {
9050453ee182fd065e53c6abbab735081eb05294Kryštof Tulinger return false;