1651: updated RequestValidator for parameter name change, add exceptions to... (030a4b68) · Commits · OATS-CADC / ac

projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/RequestValidator.java

+24 −30

Original line number	Diff line number	Diff line
		@@ -84,19 +84,19 @@ public class RequestValidator
		{
		private static final Logger log = Logger.getLogger(RequestValidator.class);

		private String id;
		private IdentityType type;
		private String userID;
		private IdentityType idType;
		private Role role;
		private String guri;
		private String groupID;

		public RequestValidator() { }

		private void clear()
		{
		this.id = null;
		this.type = null;
		this.userID = null;
		this.idType = null;
		this.role = null;
		this.guri = null;
		this.groupID = null;
		}

		public void validate(List<Parameter> paramList)
		@@ -115,8 +115,8 @@ public class RequestValidator
		throw new IllegalArgumentException(
		"ID parameter required but not found");
		}
		this.id = param.trim();
		log.debug("ID: " + id);
		this.userID = param.trim();
		log.debug("ID: " + userID);

		// TYPE
		param = ParameterUtil.findParameterValue("TYPE", paramList);
		@@ -125,8 +125,8 @@ public class RequestValidator
		throw new IllegalArgumentException(
		"TYPE parameter required but not found");
		}
		this.type = IdentityType.toValue(param);
		log.debug("TYPE: " + type);
		this.idType = IdentityType.toValue(param);
		log.debug("TYPE: " + idType);

		// ROLE
		param = ParameterUtil.findParameterValue("ROLE", paramList);
		@@ -138,32 +138,26 @@ public class RequestValidator
		this.role = Role.toValue(param);
		log.debug("ROLE: " + role);

		// GURI
		param = ParameterUtil.findParameterValue("GURI", paramList);
		// GROUPID
		param = ParameterUtil.findParameterValue("GROUPID", paramList);
		if (param != null)
		{
		if (param.isEmpty())
		throw new IllegalArgumentException(
		"GURI parameter specified without a value");
		this.guri = param.trim();
		}
		log.debug("GURI: " + guri);

		if (role != null && guri != null)
		{
		throw new IllegalArgumentException(
		"ROLE and GURI cannot be used in the same search");
		"GROUPID parameter specified without a value");
		this.groupID = param.trim();
		}
		log.debug("GROUPID: " + groupID);
		}

		public String getId()
		public String getUserID()
		{
		return id;
		return userID;
		}

		public IdentityType getType()
		public IdentityType getIDType()
		{
		return type;
		return idType;
		}

		public Role getRole()
		@@ -171,9 +165,9 @@ public class RequestValidator
		return role;
		}

		public String getGUri()
		public String getGroupID()
		{
		return guri;
		return groupID;
		}

		}

projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/ACSearchRunner.java

+36 −34

Original line number	Diff line number	Diff line
		@@ -77,6 +77,7 @@ import ca.nrc.cadc.ac.server.GroupPersistence;
		import ca.nrc.cadc.ac.server.PluginFactory;
		import ca.nrc.cadc.ac.server.RequestValidator;
		import ca.nrc.cadc.ac.server.UserPersistence;
		import ca.nrc.cadc.auth.AuthenticationUtil;
		import ca.nrc.cadc.auth.HttpPrincipal;
		import ca.nrc.cadc.auth.NumericPrincipal;
		import ca.nrc.cadc.auth.OpenIdPrincipal;
		@@ -168,12 +169,13 @@ public class ACSearchRunner
		RequestValidator rv = new RequestValidator();
		rv.validate(job.getParameterList());

		Principal userID = getUserPrincipal(rv.getId(), rv.getType());
		Principal userID = AuthenticationUtil.createPrincipal(rv.getUserID(), rv.getIDType().getValue());
		//Principal userID = getUserPrincipal(rv.getId(), rv.getType());

		PluginFactory factory = new PluginFactory();
		GroupPersistence dao = factory.getGroupPersistence();
		Collection<Group> groups =
		dao.searchGroups(userID, rv.getRole(), rv.getGUri());
		dao.searchGroups(userID, rv.getRole(), rv.getGroupID());
		syncOut.setResponseCode(HttpServletResponse.SC_OK);
		GroupsWriter.write(groups, syncOut.getOutputStream());

		@@ -288,36 +290,36 @@ public class ACSearchRunner
		}
		}

		private Principal getUserPrincipal(String userID, IdentityType type)
		{
		if (type == IdentityType.OPENID)
		{
		return new OpenIdPrincipal(userID);
		}
		if (type == IdentityType.UID)
		{
		try
		{
		Long numericId = Long.valueOf(userID);
		return new NumericPrincipal(numericId);
		}
		catch (NumberFormatException e)
		{
		throw new IllegalArgumentException("Illegal UID userID " +
		userID + " because " +
		e.getMessage());
		}
		}
		if (type == IdentityType.USERNAME)
		{
		return new HttpPrincipal(userID);
		}
		if (type == IdentityType.X500)
		{
		return new X500Principal(userID);
		}
		throw new IllegalArgumentException("Unknown user type " +
		type.getValue());
		}
		// private Principal getUserPrincipal(String userID, IdentityType type)
		// {
		// if (type == IdentityType.OPENID)
		// {
		// return new OpenIdPrincipal(userID);
		// }
		// if (type == IdentityType.UID)
		// {
		// try
		// {
		// Long numericId = Long.valueOf(userID);
		// return new NumericPrincipal(numericId);
		// }
		// catch (NumberFormatException e)
		// {
		// throw new IllegalArgumentException("Illegal UID userID " +
		// userID + " because " +
		// e.getMessage());
		// }
		// }
		// if (type == IdentityType.USERNAME)
		// {
		// return new HttpPrincipal(userID);
		// }
		// if (type == IdentityType.X500)
		// {
		// return new X500Principal(userID);
		// }
		// throw new IllegalArgumentException("Unknown user type " +
		// type.getValue());
		// }

		}

projects/cadcAccessControl/src/ca/nrc/cadc/ac/client/GMSClient.java

+13 −5

Original line number	Diff line number	Diff line
		@@ -655,7 +655,7 @@ public class GMSClient
		}

		public List<Group> getMemberships(Principal userID, Role role)
		throws IOException
		throws UserNotFoundException, AccessControlException, IOException
		{
		if (userID == null \|\| role == null)
		{
		@@ -692,6 +692,10 @@ public class GMSClient
		{
		throw new AccessControlException(error.getMessage());
		}
		if (transfer.getResponseCode() == 404)
		{
		throw new UserNotFoundException(error.getMessage());
		}
		if (transfer.getResponseCode() == 400)
		{
		throw new IllegalArgumentException(error.getMessage());
		@@ -713,13 +717,13 @@ public class GMSClient
		}

		public Group getMembership(Principal userID, String groupName)
		throws IOException
		throws UserNotFoundException, AccessControlException, IOException
		{
		return getMembership(userID, groupName, Role.MEMBER);
		}

		public Group getMembership(Principal userID, String groupName, Role role)
		throws IOException
		throws UserNotFoundException, AccessControlException, IOException
		{
		if (userID == null \|\| groupName == null \|\| role == null)
		{
		@@ -757,6 +761,10 @@ public class GMSClient
		{
		throw new AccessControlException(error.getMessage());
		}
		if (transfer.getResponseCode() == 404)
		{
		throw new UserNotFoundException(error.getMessage());
		}
		if (transfer.getResponseCode() == 400)
		{
		throw new IllegalArgumentException(error.getMessage());
		@@ -788,13 +796,13 @@ public class GMSClient
		}

		public boolean isMember(Principal userID, String groupName)
		throws IOException
		throws UserNotFoundException, AccessControlException, IOException
		{
		return isMember(userID, groupName, Role.MEMBER);
		}

		public boolean isMember(Principal userID, String groupName, Role role)
		throws IOException
		throws UserNotFoundException, AccessControlException, IOException
		{
		Group group = getMembership(userID, groupName, role);
		return group != null;