entaxy/entaxy-public
14
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

initial public commit

Browse Source
This commit is contained in:
Сергей Крючков
2021-09-06 17:46:59 +03:00
commit b744b08829
824 changed files with 91593 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

112
system/core/security/permission-impl/src/main/java/ru/entaxy/esb/system/core/permission/interceptor/ServiceInterceptor.java Normal file
View File

@ -0,0 +1,112 @@
/*-
* ~~~~~~licensing~~~~~~
* permission-impl
* ==========
* Copyright (C) 2020 - 2021 EmDev LLC
* ==========
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.esb.system.core.permission.interceptor;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.transport.http.Headers;
import org.osgi.framework.FrameworkUtil;
import ru.entaxy.esb.system.auth.basic.jpa.api.BasicAuthService;
import ru.entaxy.esb.system.auth.basic.jpa.api.entity.BasicAuthAccount;
import ru.entaxy.esb.system.common.osgi.OSGIUtils;
import ru.entaxy.esb.system.core.permission.common.PermissionConstants;
import ru.entaxy.esb.system.core.permission.jpa.PermissionService;
import javax.ws.rs.ForbiddenException;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Optional;
public class ServiceInterceptor extends AbstractPhaseInterceptor<Message> {
private static final Log LOG = LogFactory.getLog(ServiceInterceptor.class);
private static final String APACHE_CXF_MESSAGE_MESSAGE_PATH_INFO = "org.apache.cxf.message.Message.PATH_INFO";
private static final String HEADER_USER_LOGIN = "X-ForwardedUser";
private static final String CXF = "/cxf/";
private PermissionService permissionService;
private BasicAuthService basicAuthService;
public ServiceInterceptor() {
super(Phase.RECEIVE);
}
@Override
public void handleMessage(Message message) throws Fault {
Map<String, List<String>> headers = Headers.getSetProtocolHeaders(message);
String serviceName = message.get(APACHE_CXF_MESSAGE_MESSAGE_PATH_INFO).toString();
if (serviceName.contains(CXF)) {
serviceName = serviceName.replace(CXF, "");
} else {
int firstSlashIndex = serviceName.indexOf("/") + 1;
serviceName = serviceName.substring(firstSlashIndex, serviceName.indexOf("/", firstSlashIndex));
}
Optional<String> login = Optional.ofNullable(headers.get(HEADER_USER_LOGIN))
.orElse(Collections.emptyList())
.stream().findFirst();
Optional<BasicAuthAccount> basicAuthAccount = Optional.empty();
if (login.isPresent()) {
basicAuthAccount = getBasicAuthService().get(login.get());
}
LOG.trace(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>ServiceInterceptor" +
" <<< serviceName " + serviceName +
" <<< login " + login);
if (!login.isPresent() || !basicAuthAccount.isPresent() ||
!getPermissionService().existByAllParameters(basicAuthAccount.get().getId(), PermissionConstants.TYPE_ACCOUNT,
serviceName, PermissionConstants.TYPE_SERVICE, null)) {
throw new ForbiddenException();
}
}
public void setPermissionService(PermissionService permissionService) {
this.permissionService = permissionService;
}
public PermissionService getPermissionService() {
if (permissionService == null) {
permissionService = (PermissionService) OSGIUtils.getServiceReference(
FrameworkUtil.getBundle(ServiceInterceptor.class).getBundleContext(),
PermissionService.class.getName());
}
return permissionService;
}
public void setBasicAuthService(BasicAuthService basicAuthService) {
this.basicAuthService = basicAuthService;
}
public BasicAuthService getBasicAuthService() {
if (basicAuthService == null) {
basicAuthService = (BasicAuthService) OSGIUtils.getServiceReference(
FrameworkUtil.getBundle(ServiceInterceptor.class).getBundleContext(),
BasicAuthService.class.getName());
}
return basicAuthService;
}
}

430
system/core/security/permission-impl/src/main/java/ru/entaxy/esb/system/core/permission/jpa/impl/PermissionServiceImpl.java Normal file
View File

@ -0,0 +1,430 @@
/*-
* ~~~~~~licensing~~~~~~
* permission-impl
* ==========
* Copyright (C) 2020 - 2021 EmDev LLC
* ==========
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.esb.system.core.permission.jpa.impl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.hibernate.Session;
import org.hibernate.SessionFactory;
import org.hibernate.query.Query;
import org.hibernate.type.StringType;
import ru.entaxy.esb.system.core.permission.jpa.PermissionService;
import ru.entaxy.esb.system.core.permission.jpa.entity.Permission;
import javax.persistence.criteria.CriteriaBuilder;
import javax.persistence.criteria.CriteriaQuery;
import javax.persistence.criteria.Root;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
import static ru.entaxy.esb.system.core.permission.common.PermissionConstants.ACTION_DEFAULT;
public class PermissionServiceImpl implements PermissionService {
private static final Log LOG = LogFactory.getLog(PermissionServiceImpl.class);
private SessionFactory sessionFactory;
public void setSessionFactory(SessionFactory sessionFactory) {
this.sessionFactory = sessionFactory;
}
public Session getSession() {
return sessionFactory.openSession();
}
@Override
public List<Permission> list() {
List<Permission> list;
try (Session s = getSession()) {
s.getTransaction().begin();
CriteriaQuery<Permission> cq = s.getCriteriaBuilder().createQuery(Permission.class);
cq.from(Permission.class);
list = s.createQuery(cq).getResultList();
s.getTransaction().commit();
s.close();
}
return list;
}
@Override
public Permission get(long id) {
Permission permission;
try (Session s = getSession()) {
s.getTransaction().begin();
Query<Permission> query = getQuery(s, id);
permission = query.getSingleResult();
s.getTransaction().commit();
s.close();
}
return permission;
}
@Override
public List<Permission> getAllById(long id, String type) {
List<Permission> permissionList;
try (Session s = getSession()) {
s.getTransaction().begin();
permissionList = getAllById(s, id, type);
s.getTransaction().commit();
s.close();
}
return permissionList;
}
@Override
public List<Permission> getAllById(Session s, long id, String type) {
CriteriaBuilder builder = s.getCriteriaBuilder();
CriteriaQuery<Permission> criteriaQuery = builder.createQuery(Permission.class);
Root<Permission> root = criteriaQuery.from(Permission.class);
criteriaQuery.where(
builder.or(
builder.and(
builder.equal(root.get("objectId"), id),
builder.equal(root.get("objectType"), type)),
builder.and(
builder.equal(root.get("subjectId"), String.valueOf(id)),
builder.equal(root.get("objectType"), type))));
return s.createQuery(criteriaQuery).getResultList();
}
@Override
public Optional<Permission> fetch(long id) {
Optional<Permission> permission;
try (Session s = getSession()) {
s.getTransaction().begin();
Query<Permission> query = getQuery(s, id);
permission = query.uniqueResultOptional();
s.getTransaction().commit();
s.close();
}
return permission;
}
private Query<Permission> getQuery(Session session, long id) {
CriteriaBuilder builder = session.getCriteriaBuilder();
CriteriaQuery<Permission> criteriaQuery = builder.createQuery(Permission.class);
Root<Permission> root = criteriaQuery.from(Permission.class);
criteriaQuery.where(builder.equal(root.get("id"), id));
return session.createQuery(criteriaQuery);
}
@Override
public List<Permission> get(long objectId, String objectType, String action) {
List<Permission> permissionList;
try (Session s = getSession()) {
s.getTransaction().begin();
permissionList = get(s, objectId, objectType, action);
s.getTransaction().commit();
s.close();
}
return permissionList;
}
@Override
public List<Permission> get(Session s, long objectId, String objectType, String action) {
CriteriaBuilder builder = s.getCriteriaBuilder();
CriteriaQuery<Permission> criteriaQuery = builder.createQuery(Permission.class);
Root<Permission> root = criteriaQuery.from(Permission.class);
criteriaQuery.where(builder.equal(root.get("objectId"), objectId),
builder.equal(root.get("objectType"), objectType),
builder.equal(root.get("action"), action));
return s.createQuery(criteriaQuery).getResultList();
}
@Override
public Permission getByAllParameters(long objectId, String objectType, String subjectId,
String subjectType, String action) {
Permission permission;
try (Session s = getSession()) {
s.getTransaction().begin();
permission = getByAllParameters(s, objectId, objectType, subjectId, subjectType, action);
s.getTransaction().commit();
s.close();
}
return permission;
}
@Override
public Permission getByAllParameters(Session session, long objectId, String objectType, String subjectId,
String subjectType, String action) {
Query<Permission> query = getByAllParametersQuery(session, objectId, objectType, subjectId, subjectType, action);
return query.getSingleResult();
}
@Override
public Optional<Permission> fetchByAllParameters(long objectId, String objectType, String subjectId,
String subjectType, String action) {
Optional<Permission> permission;
try (Session s = getSession()) {
s.getTransaction().begin();
Query<Permission> query = getByAllParametersQuery(s, objectId, objectType, subjectId, subjectType, action);
permission = query.uniqueResultOptional();
s.getTransaction().commit();
s.close();
}
return permission;
}
private Query<Permission> getByAllParametersQuery(Session s, long objectId, String objectType, String subjectId,
String subjectType, String action) {
CriteriaBuilder builder = s.getCriteriaBuilder();
CriteriaQuery<Permission> criteriaQuery = builder.createQuery(Permission.class);
Root<Permission> root = criteriaQuery.from(Permission.class);
criteriaQuery.select(root).where(
builder.equal(root.get("objectId"), objectId),
builder.equal(root.get("objectType"), objectType),
builder.equal(root.get("subjectId"), subjectId),
builder.equal(root.get("subjectType"), subjectType),
builder.equal(root.get("action"), orElseGet(action))
);
return s.createQuery(criteriaQuery);
}
@Override
public boolean existByAllParameters(long objectId, String objectType, String subjectId,
String subjectType, String action) {
if (objectId < 1) {
return true;
}
boolean exists = false;
try (Session s = getSession()) {
s.getTransaction().begin();
exists = (s
.createQuery("select 1 from Permission where exists ("
+ "select 1 from Permission p where "
+ " p.objectId = ?0 "
+ " AND p.objectType = ?1 "
+ " AND p.subjectId = ?2 "
+ " AND p.subjectType = ?3 "
+ " AND p.action = ?4"
+ ")")
.setParameter(0, objectId)
.setParameter(1, objectType, StringType.INSTANCE)
.setParameter(2, subjectId, StringType.INSTANCE)
.setParameter(3, subjectType, StringType.INSTANCE)
.setParameter(4, orElseGet(action), StringType.INSTANCE)
.uniqueResult() != null);
s.getTransaction().commit();
s.close();
}
return exists;
}
@Override
public Permission add(Permission permission) {
return save(permission, false);
}
@Override
public Permission add(long objectId, String objectType, String subjectId, String subjectType, String action) {
Permission permission = new Permission();
fillModel(permission, objectId, objectType, subjectId, subjectType, action);
return add(permission);
}
@Override
public Permission addIfNotExist(long objectId, String objectType, String subjectId, String subjectType, String action) {
Optional<Permission> permission = fetchByAllParameters(objectId, objectType, subjectId, subjectType, action);
return permission.orElseGet(() -> add(objectId, objectType, subjectId, subjectType, action));
}
private void fillModel(Permission permission, long objectId, String objectType, String subjectId,
String subjectType, String action) {
permission.setObjectId(objectId);
permission.setObjectType(objectType);
permission.setSubjectId(subjectId);
permission.setSubjectType(subjectType);
permission.setAction(orElseGet(action));
}
@Override
public List<Permission> addAll(long objectId, String objectType, List<List<String>> subjects) {
List<Permission> permissions = new ArrayList<>();
if (subjects != null && !subjects.isEmpty()) {
for (List<String> subject : subjects) {
try {
//TODO:make it in tttttransaction
permissions.add(
addIfNotExist(
objectId,
objectType,
subject.get(0),
subject.get(1),
subject.get(2)));
} catch (Exception e) {
LOG.error("Bulk addition of permission error " + e.getMessage());
LOG.trace(e);
}
}
}
return permissions;
}
@Override
public List<Permission> addAll(List<Permission> permissionsToCreate) {
List<Permission> permissions = new ArrayList<>();
if (permissionsToCreate != null && !permissionsToCreate.isEmpty()) {
for (Permission permission : permissionsToCreate) {
try {
permissions.add(
addIfNotExist(
permission.getObjectId(),
permission.getObjectType(),
permission.getSubjectId(),
permission.getSubjectType(),
permission.getAction()));
} catch (Exception e) {
LOG.error("Bulk addition of permission error " + e.getMessage());
LOG.trace(e);
}
}
}
return permissions;
}
@Override
public Permission update(Permission permission) {
Optional<Permission> permissionOldOpt = fetch(permission.getId());
return save(permission, permissionOldOpt.isPresent());
}
@Override
public Permission update(long permissionId, long objectId, String objectType, String subjectId, String subjectType, String action) {
Permission permission = get(permissionId);
fillModel(permission, objectId, objectType, subjectId, subjectType, action);
return save(permission, true);
}
public Permission save(Permission permission, boolean isExist) {
try (Session s = getSession()) {
s.getTransaction().begin();
if (isExist) {
s.update(permission);
} else {
s.persist(permission);
}
s.getTransaction().commit();
s.close();
}
return permission;
}
@Override
public void remove(long id) {
try (Session s = getSession()) {
s.getTransaction().begin();
Permission permission = get(id);
s.delete(Permission.class.getName(), permission);
s.getTransaction().commit();
s.close();
}
}
@Override
public void remove(long objectId, String objectType, String subjectId, String subjectType, String action) {
try (Session s = getSession()) {
s.getTransaction().begin();
Permission permission = getByAllParameters(s, objectId, objectType, subjectId, subjectType, action);
s.delete(Permission.class.getName(), permission);
s.getTransaction().commit();
s.close();
}
}
@Override
public void remove(long objectId, String objectType) {
// TODO Auto-generated method stub
}
@Override
public void remove(long objectId, String objectType, String action) {
try (Session s = getSession()) {
s.getTransaction().begin();
List<Permission> permission = get(s, objectId, objectType, action);
permission.forEach(s::delete);
s.getTransaction().commit();
s.close();
}
}
@Override
public void remove(String subjectId, String subjectType) {
// TODO Auto-generated method stub
}
@Override
public void remove(String subjectId, String subjectType, String action) {
// TODO Auto-generated method stub
}
@Override
public void removeAll(long objectId, String objectType) {
try (Session s = getSession()) {
s.getTransaction().begin();
removeAll(s, objectId, objectType);
s.getTransaction().commit();
s.close();
}
}
private String orElseGet(String action) {
return action == null || action.isEmpty() ? ACTION_DEFAULT : action;
}
@Override
public void removeAll(Session s, long objectId, String objectType) {
List<Permission> permissionList = getAllById(s, objectId, objectType);
for (Permission permission : permissionList) {
s.delete(Permission.class.getName(), permission);
}
}
}

50
system/core/security/permission-impl/src/main/resources/OSGI-INF/blueprint/blueprint.xml Normal file
View File

@ -0,0 +1,50 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~~~~~~licensing~~~~~~
permission-impl
==========
Copyright (C) 2020 - 2021 EmDev LLC
==========
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
~~~~~~/licensing~~~~~~
-->
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:jpa="http://aries.apache.org/xmlns/jpa/v2.0.0"
xmlns:tx="http://aries.apache.org/xmlns/transactions/v1.2.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 https://osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd">
<jpa:enable/>
<tx:enable-annotations/>
<reference id="sessionFactory"
interface="org.hibernate.SessionFactory"
timeout="30000"/>
<service ref="permissionService"
interface="ru.entaxy.esb.system.core.permission.jpa.PermissionService"/>
<bean id="permissionService"
class="ru.entaxy.esb.system.core.permission.jpa.impl.PermissionServiceImpl">
<property name="sessionFactory" ref="sessionFactory"/>
</bean>
<bean id="serviceInterceptor" class="ru.entaxy.esb.system.core.permission.interceptor.ServiceInterceptor"/>
<service ref="serviceInterceptor" interface="org.apache.cxf.phase.PhaseInterceptor">
<service-properties>
<entry key="type" value="service"/>
</service-properties>
</service>
</blueprint>

40
system/core/security/permission-impl/src/main/resources/hibernate.cfg.xml Normal file
View File

@ -0,0 +1,40 @@
<?xml version='1.0' encoding='utf-8'?>
<!--
~~~~~~licensing~~~~~~
permission-impl
==========
Copyright (C) 2020 - 2021 EmDev LLC
==========
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
~~~~~~/licensing~~~~~~
-->
<!DOCTYPE hibernate-configuration PUBLIC
"-//Hibernate/Hibernate Configuration DTD//EN"
"http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd">
<hibernate-configuration>
<session-factory>
<property name="connection.datasource">osgi:service/entaxy.esb.storage</property>
<property name="hibernate.hbm2ddl.auto">validate</property>
<property name="hibernate.enable_lazy_load_no_trans">true</property>
<property name="show_sql">${hibernate.show_sql}</property>
<property name="format_sql">${hibernate.format_sql}</property>
<mapping class="ru.entaxy.esb.system.core.permission.jpa.entity.Permission"/>
</session-factory>
</hibernate-configuration>