Loading cadc-access-control-server/build.gradle +2 −2 Original line number Original line Diff line number Diff line Loading @@ -13,7 +13,7 @@ repositories { sourceCompatibility = 1.7 sourceCompatibility = 1.7 group = 'org.opencadc' group = 'org.opencadc' version = '1.1.0' version = '1.1.1' dependencies { dependencies { compile 'log4j:log4j:1.2.+' compile 'log4j:log4j:1.2.+' Loading @@ -22,7 +22,7 @@ dependencies { compile 'xerces:xercesImpl:2.+' compile 'xerces:xercesImpl:2.+' compile 'com.unboundid:unboundid-ldapsdk:2.3.+' compile 'com.unboundid:unboundid-ldapsdk:2.3.+' compile 'org.opencadc:cadc-access-control:1.1.+' compile 'org.opencadc:cadc-access-control:[1.1.1,)' compile 'org.opencadc:cadc-util:1.+' compile 'org.opencadc:cadc-util:1.+' compile 'org.opencadc:cadc-log:1.+' compile 'org.opencadc:cadc-log:1.+' compile 'org.opencadc:cadc-registry:1.+' compile 'org.opencadc:cadc-registry:1.+' Loading cadc-access-control/build.gradle +3 −2 Original line number Original line Diff line number Diff line Loading @@ -15,9 +15,9 @@ sourceCompatibility = 1.7 group = 'org.opencadc' group = 'org.opencadc' version = '1.1.0' version = '1.1.3' mainClassName = 'ca.nrc.cadc.ac.client.GMSClientMain' mainClassName = 'ca.nrc.cadc.ac.client.Main' dependencies { dependencies { compile 'log4j:log4j:1.2.+' compile 'log4j:log4j:1.2.+' Loading @@ -25,6 +25,7 @@ dependencies { compile 'org.json:json:20160212' compile 'org.json:json:20160212' compile 'org.opencadc:cadc-util:1.+' compile 'org.opencadc:cadc-util:1.+' compile 'org.opencadc:cadc-cdp:[1.0,)' compile 'org.opencadc:cadc-registry:1.+' compile 'org.opencadc:cadc-registry:1.+' testCompile 'junit:junit:4.+' testCompile 'junit:junit:4.+' Loading cadc-access-control/src/main/java/ca/nrc/cadc/ac/GroupURI.java +14 −28 Original line number Original line Diff line number Diff line Loading @@ -83,7 +83,6 @@ public class GroupURI private static Logger log = Logger.getLogger(GroupURI.class); private static Logger log = Logger.getLogger(GroupURI.class); private URI uri; private URI uri; private String name; /** /** * Attempts to create a URI using the specified uri. * Attempts to create a URI using the specified uri. Loading @@ -99,8 +98,6 @@ public class GroupURI throw new IllegalArgumentException("Null URI"); throw new IllegalArgumentException("Null URI"); } } this.uri = uri; // Ensure the scheme is correct // Ensure the scheme is correct if (uri.getScheme() == null) if (uri.getScheme() == null) { { Loading @@ -117,13 +114,9 @@ public class GroupURI throw new IllegalArgumentException("Missing authority and/or path."); throw new IllegalArgumentException("Missing authority and/or path."); } } log.debug("URI: " + uri); log.debug(" scheme: " + uri.getScheme()); log.debug(" authority: " + uri.getAuthority()); log.debug(" path: " + uri.getPath()); String fragment = uri.getFragment(); String fragment = uri.getFragment(); String query = uri.getQuery(); String query = uri.getQuery(); String name = null; if (query == null) if (query == null) { { if (fragment != null) if (fragment != null) Loading @@ -144,6 +137,9 @@ public class GroupURI } } name = query; name = query; } } this.uri = URI.create( uri.getScheme() + "://" + uri.getAuthority() + uri.getPath() + "?" + name); } } /** /** Loading @@ -156,16 +152,16 @@ public class GroupURI } } @Override @Override public boolean equals(Object rhs) public boolean equals(Object other) { { if (rhs == null) if (other == null) return false; return false; if (this == rhs) if (this == other) return true; return true; if (rhs instanceof GroupURI) if (other instanceof GroupURI) { { GroupURI vu = (GroupURI) rhs; GroupURI otherURI = (GroupURI) other; return uri.toString().equals(vu.uri.toString()); return uri.equals(otherURI.getURI()); } } return false; return false; } } Loading @@ -180,16 +176,6 @@ public class GroupURI return uri; return uri; } } /** * Returns the decoded authority component of the URI. * * @return authority of the URI, or null if the authority is undefined. */ public String getAuthority() { return uri.getAuthority(); } /** /** * Returns the decoded fragment component of the URI. * Returns the decoded fragment component of the URI. * * Loading @@ -197,18 +183,18 @@ public class GroupURI */ */ public String getName() public String getName() { { return name; return uri.getQuery(); } } public URI getServiceID() public URI getServiceID() { { String serviceID = uri.getScheme() + String serviceIDString = uri.getScheme() + "://" + "://" + uri.getAuthority() + uri.getAuthority() + uri.getPath(); uri.getPath(); try try { { return new URI(serviceID); return new URI(serviceIDString); } } catch (URISyntaxException e) catch (URISyntaxException e) { { Loading @@ -220,7 +206,7 @@ public class GroupURI @Override @Override public String toString() public String toString() { { return getServiceID() + "?" + name; return uri.toString(); } } } } cadc-access-control/src/main/java/ca/nrc/cadc/ac/client/GMSClient.java +75 −69 Original line number Original line Diff line number Diff line Loading @@ -94,7 +94,6 @@ import org.apache.log4j.Logger; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.GroupAlreadyExistsException; import ca.nrc.cadc.ac.GroupAlreadyExistsException; import ca.nrc.cadc.ac.GroupNotFoundException; import ca.nrc.cadc.ac.GroupNotFoundException; import ca.nrc.cadc.ac.GroupURI; import ca.nrc.cadc.ac.Role; import ca.nrc.cadc.ac.Role; import ca.nrc.cadc.ac.UserNotFoundException; import ca.nrc.cadc.ac.UserNotFoundException; import ca.nrc.cadc.ac.WriterException; import ca.nrc.cadc.ac.WriterException; Loading Loading @@ -129,11 +128,20 @@ public class GMSClient implements TransferListener private SSLSocketFactory sslSocketFactory; private SSLSocketFactory sslSocketFactory; private SSLSocketFactory mySocketFactory; private SSLSocketFactory mySocketFactory; private URI serviceID; /** /** * Constructor. * Constructor. * * @param serviceID The service ID. */ */ public GMSClient() public GMSClient(URI serviceID) { { if (serviceID == null) throw new IllegalArgumentException("invalid serviceID: " + serviceID); if (serviceID.getFragment() != null) throw new IllegalArgumentException("invalid serviceID (fragment not allowed): " + serviceID); this.serviceID = serviceID; } } public void transferEvent(TransferEvent te) public void transferEvent(TransferEvent te) Loading Loading @@ -173,9 +181,8 @@ public class GMSClient implements TransferListener throws GroupAlreadyExistsException, AccessControlException, throws GroupAlreadyExistsException, AccessControlException, UserNotFoundException, WriterException, IOException UserNotFoundException, WriterException, IOException { { URL createGroupURL = getRegistryClient() URL createGroupURL = getRegistryClient() .getServiceURL(group.getID().getServiceID(), Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); log.debug("createGroupURL request to " + createGroupURL.toString()); log.debug("createGroupURL request to " + createGroupURL.toString()); // reset the state of the cache // reset the state of the cache Loading Loading @@ -237,19 +244,18 @@ public class GMSClient implements TransferListener /** /** * Get the group object. * Get the group object. * * * @param groupID Identifies the group to get. * @param groupName Identifies the group to get. * @return The group. * @return The group. * @throws GroupNotFoundException If the group was not found. * @throws GroupNotFoundException If the group was not found. * @throws AccessControlException If unauthorized to perform this operation. * @throws AccessControlException If unauthorized to perform this operation. * @throws java.io.IOException * @throws java.io.IOException */ */ public Group getGroup(GroupURI groupID) public Group getGroup(String groupName) throws GroupNotFoundException, AccessControlException, IOException throws GroupNotFoundException, AccessControlException, IOException { { URL groupsURL = getRegistryClient() URL groupsURL = getRegistryClient() .getServiceURL(groupID.getServiceID(), Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); URL getGroupURL = new URL(groupsURL.toExternalForm() + "/" + groupID.getName()); URL getGroupURL = new URL(groupsURL.toExternalForm() + "/" + groupName); log.debug("getGroup request to " + getGroupURL.toString()); log.debug("getGroup request to " + getGroupURL.toString()); ByteArrayOutputStream out = new ByteArrayOutputStream(); ByteArrayOutputStream out = new ByteArrayOutputStream(); Loading Loading @@ -300,11 +306,11 @@ public class GMSClient implements TransferListener * @throws AccessControlException If unauthorized to perform this operation. * @throws AccessControlException If unauthorized to perform this operation. * @throws java.io.IOException * @throws java.io.IOException */ */ public List<String> getGroupNames(URI serviceID) public List<String> getGroupNames() throws AccessControlException, IOException throws AccessControlException, IOException { { URL getGroupNamesURL = getRegistryClient() URL getGroupNamesURL = getRegistryClient() .getServiceURL(serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); log.debug("getGroupNames request to " + getGroupNamesURL.toString()); log.debug("getGroupNames request to " + getGroupNamesURL.toString()); Loading Loading @@ -382,7 +388,7 @@ public class GMSClient implements TransferListener AccessControlException, WriterException, IOException AccessControlException, WriterException, IOException { { URL groupsURL = getRegistryClient() URL groupsURL = getRegistryClient() .getServiceURL(group.getID().getServiceID(), Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); URL updateGroupURL = new URL(groupsURL.toExternalForm() + "/" + group.getID().getName()); URL updateGroupURL = new URL(groupsURL.toExternalForm() + "/" + group.getID().getName()); log.debug("updateGroup request to " + updateGroupURL.toString()); log.debug("updateGroup request to " + updateGroupURL.toString()); Loading Loading @@ -442,17 +448,17 @@ public class GMSClient implements TransferListener /** /** * Delete the group. * Delete the group. * * * @param groupID Identifies the group to delete. * @param groupName Identifies the group to delete. * @throws GroupNotFoundException If the group was not found. * @throws GroupNotFoundException If the group was not found. * @throws AccessControlException If unauthorized to perform this operation. * @throws AccessControlException If unauthorized to perform this operation. * @throws java.io.IOException * @throws java.io.IOException */ */ public void deleteGroup(GroupURI groupID) public void deleteGroup(String groupName) throws GroupNotFoundException, AccessControlException, IOException throws GroupNotFoundException, AccessControlException, IOException { { URL groupsURL = getRegistryClient() URL groupsURL = getRegistryClient() .getServiceURL(groupID.getServiceID(), Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); URL deleteGroupURL = new URL(groupsURL.toExternalForm() + "/" + groupID.getName()); URL deleteGroupURL = new URL(groupsURL.toExternalForm() + "/" + groupName); log.debug("deleteGroup request to " + deleteGroupURL.toString()); log.debug("deleteGroup request to " + deleteGroupURL.toString()); // reset the state of the cache // reset the state of the cache Loading Loading @@ -506,21 +512,21 @@ public class GMSClient implements TransferListener /** /** * Add a group as a member of another group. * Add a group as a member of another group. * * * @param targetGroup The group in which to add the group member. * @param targetGroupName The group in which to add the group member. * @param groupMemberName The group member to add. * @param groupMemberName The group member to add. * @throws IllegalArgumentException If cyclical membership is detected. * @throws IllegalArgumentException If cyclical membership is detected. * @throws GroupNotFoundException If the group was not found. * @throws GroupNotFoundException If the group was not found. * @throws AccessControlException If unauthorized to perform this operation. * @throws AccessControlException If unauthorized to perform this operation. * @throws java.io.IOException * @throws java.io.IOException */ */ public void addGroupMember(GroupURI targetGroup, String groupMemberName) public void addGroupMember(String targetGroupName, String groupMemberName) throws IllegalArgumentException, GroupNotFoundException, throws IllegalArgumentException, GroupNotFoundException, AccessControlException, IOException AccessControlException, IOException { { String path = "/" + targetGroup.getName() + "/groupMembers/" + groupMemberName; String path = "/" + targetGroupName + "/groupMembers/" + groupMemberName; URL groupsURL = getRegistryClient() URL groupsURL = getRegistryClient() .getServiceURL(targetGroup.getServiceID(), Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); URL addGroupMemberURL = new URL(groupsURL.toExternalForm() + path); URL addGroupMemberURL = new URL(groupsURL.toExternalForm() + path); log.debug("addGroupMember request to " + addGroupMemberURL.toString()); log.debug("addGroupMember request to " + addGroupMemberURL.toString()); Loading Loading @@ -560,28 +566,28 @@ public class GMSClient implements TransferListener /** /** * Add a user as a member of a group. * Add a user as a member of a group. * * * @param targetGroup The group in which to add the group member. * @param targetGroupName The group in which to add the group member. * @param userID The user to add. * @param userID The user to add. * @throws GroupNotFoundException If the group was not found. * @throws GroupNotFoundException If the group was not found. * @throws UserNotFoundException If the member was not found. * @throws UserNotFoundException If the member was not found. * @throws java.io.IOException * @throws java.io.IOException * @throws AccessControlException If unauthorized to perform this operation. * @throws AccessControlException If unauthorized to perform this operation. */ */ public void addUserMember(GroupURI targetGroup, Principal userID) public void addUserMember(String targetGroupName, Principal userID) throws GroupNotFoundException, UserNotFoundException, AccessControlException, IOException throws GroupNotFoundException, UserNotFoundException, AccessControlException, IOException { { if (targetGroup == null) if (targetGroupName == null) throw new IllegalArgumentException("targetGroup required"); throw new IllegalArgumentException("targetGroupName required"); if (userID == null) if (userID == null) throw new IllegalArgumentException("userID required"); throw new IllegalArgumentException("userID required"); log.debug("addUserMember: " + targetGroup + " + " + userID.getName()); log.debug("addUserMember: " + targetGroupName + " + " + userID.getName()); String userIDType = AuthenticationUtil.getPrincipalType(userID); String userIDType = AuthenticationUtil.getPrincipalType(userID); String path = "/" + targetGroup.getName() + "/userMembers/" + NetUtil.encode(userID.getName()) + "?idType=" + userIDType; String path = "/" + targetGroupName + "/userMembers/" + NetUtil.encode(userID.getName()) + "?idType=" + userIDType; URL groupsURL = getRegistryClient() URL groupsURL = getRegistryClient() .getServiceURL(targetGroup.getServiceID(), Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); URL addUserMemberURL = new URL(groupsURL.toExternalForm() + path); URL addUserMemberURL = new URL(groupsURL.toExternalForm() + path); log.debug("addUserMember request to " + addUserMemberURL.toString()); log.debug("addUserMember request to " + addUserMemberURL.toString()); Loading Loading @@ -625,20 +631,20 @@ public class GMSClient implements TransferListener /** /** * Remove a group as a member of another group. * Remove a group as a member of another group. * * * @param targetGroup The group from which to remove the group member. * @param targetGroupName The group from which to remove the group member. * @param groupMemberName The group member to remove. * @param groupMemberName The group member to remove. * @throws GroupNotFoundException If the group was not found. * @throws GroupNotFoundException If the group was not found. * @throws java.io.IOException * @throws java.io.IOException * @throws AccessControlException If unauthorized to perform this operation. * @throws AccessControlException If unauthorized to perform this operation. */ */ public void removeGroupMember(GroupURI targetGroup, public void removeGroupMember(String targetGroupName, String groupMemberName) String groupMemberName) throws GroupNotFoundException, AccessControlException, IOException throws GroupNotFoundException, AccessControlException, IOException { { String path = "/" + targetGroup.getName() + "/groupMembers/" + groupMemberName; String path = "/" + targetGroupName + "/groupMembers/" + groupMemberName; URL groupsURL = getRegistryClient() URL groupsURL = getRegistryClient() .getServiceURL(targetGroup.getServiceID(), Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); URL removeGroupMemberURL = new URL(groupsURL.toExternalForm() + path); URL removeGroupMemberURL = new URL(groupsURL.toExternalForm() + path); log.debug("removeGroupMember request to " + log.debug("removeGroupMember request to " + removeGroupMemberURL.toString()); removeGroupMemberURL.toString()); Loading Loading @@ -692,22 +698,22 @@ public class GMSClient implements TransferListener /** /** * Remove a user as a member of a group. * Remove a user as a member of a group. * * * @param targetGroup The group from which to remove the group member. * @param targetGroupName The group from which to remove the group member. * @param userID The user to remove. * @param userID The user to remove. * @throws GroupNotFoundException If the group was not found. * @throws GroupNotFoundException If the group was not found. * @throws UserNotFoundException If the member was not found. * @throws UserNotFoundException If the member was not found. * @throws java.io.IOException * @throws java.io.IOException * @throws AccessControlException If unauthorized to perform this operation. * @throws AccessControlException If unauthorized to perform this operation. */ */ public void removeUserMember(GroupURI targetGroup, Principal userID) public void removeUserMember(String targetGroupName, Principal userID) throws GroupNotFoundException, UserNotFoundException, AccessControlException, IOException throws GroupNotFoundException, UserNotFoundException, AccessControlException, IOException { { String userIDType = AuthenticationUtil.getPrincipalType(userID); String userIDType = AuthenticationUtil.getPrincipalType(userID); log.debug("removeUserMember: " + targetGroup + " - " + userID.getName() + " type: " + userIDType); log.debug("removeUserMember: " + targetGroupName + " - " + userID.getName() + " type: " + userIDType); String path = "/" + targetGroup.getName() + "/userMembers/" + NetUtil.encode(userID.getName()) + "?idType=" + userIDType; String path = "/" + targetGroupName + "/userMembers/" + NetUtil.encode(userID.getName()) + "?idType=" + userIDType; URL groupsURL = getRegistryClient() URL groupsURL = getRegistryClient() .getServiceURL(targetGroup.getServiceID(), Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); URL removeUserMemberURL = new URL(groupsURL.toExternalForm() + path); URL removeUserMemberURL = new URL(groupsURL.toExternalForm() + path); log.debug("removeUserMember: " + removeUserMemberURL.toString()); log.debug("removeUserMember: " + removeUserMemberURL.toString()); Loading Loading @@ -783,14 +789,14 @@ public class GMSClient implements TransferListener * @throws ca.nrc.cadc.ac.UserNotFoundException * @throws ca.nrc.cadc.ac.UserNotFoundException * @throws java.io.IOException * @throws java.io.IOException */ */ public List<Group> getMemberships(URI serviceID, Role role) public List<Group> getMemberships(Role role) throws UserNotFoundException, AccessControlException, IOException throws UserNotFoundException, AccessControlException, IOException { { return getMemberships(serviceID, null, role); return getMemberships(null, role); } } private List<Group> getMemberships(URI serviceID, Principal ignore, Role role) private List<Group> getMemberships(Principal ignore, Role role) throws UserNotFoundException, AccessControlException, IOException throws UserNotFoundException, AccessControlException, IOException { { if (role == null) if (role == null) Loading @@ -801,7 +807,7 @@ public class GMSClient implements TransferListener Principal userID = getCurrentUserID(); Principal userID = getCurrentUserID(); if (userID != null) if (userID != null) { { List<Group> cachedGroups = getCachedGroups(serviceID, userID, role, true); List<Group> cachedGroups = getCachedGroups(userID, role, true); if (cachedGroups != null) if (cachedGroups != null) { { return cachedGroups; return cachedGroups; Loading @@ -819,7 +825,7 @@ public class GMSClient implements TransferListener searchGroupPath.append("&ROLE=").append(NetUtil.encode(roleString)); searchGroupPath.append("&ROLE=").append(NetUtil.encode(roleString)); URL searchURL = getRegistryClient() URL searchURL = getRegistryClient() .getServiceURL(serviceID, Standards.GMS_SEARCH_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_SEARCH_01, AuthMethod.CERT); URL getMembershipsURL = new URL(searchURL.toExternalForm() + searchGroupPath.toString()); URL getMembershipsURL = new URL(searchURL.toExternalForm() + searchGroupPath.toString()); log.debug("getMemberships request to " + getMembershipsURL.toString()); log.debug("getMemberships request to " + getMembershipsURL.toString()); Loading Loading @@ -857,7 +863,7 @@ public class GMSClient implements TransferListener log.debug("getMemberships returned: " + groupsXML); log.debug("getMemberships returned: " + groupsXML); GroupListReader groupListReader = new GroupListReader(); GroupListReader groupListReader = new GroupListReader(); List<Group> groups = groupListReader.read(groupsXML); List<Group> groups = groupListReader.read(groupsXML); setCachedGroups(serviceID, userID, groups, role); setCachedGroups(userID, groups, role); return groups; return groups; } } catch (Exception bug) catch (Exception bug) Loading @@ -874,17 +880,17 @@ public class GMSClient implements TransferListener * * * This call is identical to getMemberShip(userID, groupName, Role.MEMBER) * This call is identical to getMemberShip(userID, groupName, Role.MEMBER) * * * @param groupID Identifies the group. * @param groupName Identifies the group. * @return The group or null of the user is not a member. * @return The group or null of the user is not a member. * @throws UserNotFoundException If the user does not exist. * @throws UserNotFoundException If the user does not exist. * @throws AccessControlException If not allowed to peform the search. * @throws AccessControlException If not allowed to peform the search. * @throws IllegalArgumentException If a parameter is null. * @throws IllegalArgumentException If a parameter is null. * @throws IOException If an unknown error occured. * @throws IOException If an unknown error occured. */ */ public Group getMembership(GroupURI groupID) public Group getMembership(String groupName) throws UserNotFoundException, AccessControlException, IOException throws UserNotFoundException, AccessControlException, IOException { { return getMembership(groupID, Role.MEMBER); return getMembership(groupName, Role.MEMBER); } } /** /** Loading @@ -892,7 +898,7 @@ public class GMSClient implements TransferListener * identified by userID, is a member (of type role) of that group. * identified by userID, is a member (of type role) of that group. * Return null otherwise. * Return null otherwise. * * * @param groupID Identifies the group. * @param groupName Identifies the group. * @param role The membership role to search. * @param role The membership role to search. * @return The group or null of the user is not a member. * @return The group or null of the user is not a member. * @throws UserNotFoundException If the user does not exist. * @throws UserNotFoundException If the user does not exist. Loading @@ -900,10 +906,10 @@ public class GMSClient implements TransferListener * @throws IllegalArgumentException If a parameter is null. * @throws IllegalArgumentException If a parameter is null. * @throws IOException If an unknown error occured. * @throws IOException If an unknown error occured. */ */ public Group getMembership(GroupURI groupID, Role role) public Group getMembership(String groupName, Role role) throws UserNotFoundException, AccessControlException, IOException throws UserNotFoundException, AccessControlException, IOException { { if (groupID == null || role == null) if (groupName == null || role == null) { { throw new IllegalArgumentException("groupName and role are required."); throw new IllegalArgumentException("groupName and role are required."); } } Loading @@ -911,7 +917,7 @@ public class GMSClient implements TransferListener Principal userID = getCurrentUserID(); Principal userID = getCurrentUserID(); if (userID != null) if (userID != null) { { Group cachedGroup = getCachedGroup(userID, groupID, role); Group cachedGroup = getCachedGroup(userID, groupName, role); if (cachedGroup != null) if (cachedGroup != null) { { return cachedGroup; return cachedGroup; Loading @@ -927,10 +933,10 @@ public class GMSClient implements TransferListener //searchGroupURL.append("ID=").append(NetUtil.encode(id)); //searchGroupURL.append("ID=").append(NetUtil.encode(id)); //searchGroupURL.append("&IDTYPE=").append(NetUtil.encode(idType)); //searchGroupURL.append("&IDTYPE=").append(NetUtil.encode(idType)); searchGroupPath.append("&ROLE=").append(NetUtil.encode(roleString)); searchGroupPath.append("&ROLE=").append(NetUtil.encode(roleString)); searchGroupPath.append("&GROUPID=").append(NetUtil.encode(groupID.getName())); searchGroupPath.append("&GROUPID=").append(NetUtil.encode(groupName)); URL searchURL = getRegistryClient() URL searchURL = getRegistryClient() .getServiceURL(groupID.getServiceID(), Standards.GMS_SEARCH_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_SEARCH_01, AuthMethod.CERT); URL getMembershipURL = new URL(searchURL.toExternalForm() + searchGroupPath.toString()); URL getMembershipURL = new URL(searchURL.toExternalForm() + searchGroupPath.toString()); log.debug("getMembership request to " + getMembershipURL.toString()); log.debug("getMembership request to " + getMembershipURL.toString()); Loading Loading @@ -979,7 +985,7 @@ public class GMSClient implements TransferListener return ret; return ret; } } throw new IllegalStateException( throw new IllegalStateException( "Duplicate membership for " + userID + " in group " + groupID); "Duplicate membership for " + userID + " in group " + groupName); } } catch (Exception bug) catch (Exception bug) { { Loading @@ -991,37 +997,37 @@ public class GMSClient implements TransferListener /** /** * Check group membership of the current Subject. * Check group membership of the current Subject. * * * @param groupID * @param groupName * @return true if the current Subject is a member of the group, false otherwise * @return true if the current Subject is a member of the group, false otherwise * @throws UserNotFoundException * @throws UserNotFoundException * @throws AccessControlException * @throws AccessControlException * @throws IOException * @throws IOException */ */ public boolean isMember(GroupURI groupID) public boolean isMember(String groupName) throws UserNotFoundException, AccessControlException, IOException throws UserNotFoundException, AccessControlException, IOException { { return isMember(groupID, Role.MEMBER); return isMember(groupName, Role.MEMBER); } } /** /** * * * @param groupID * @param groupName * @param role * @param role * @return true if the current Subject is a member of the group with the specified role, false otherwise * @return true if the current Subject is a member of the group with the specified role, false otherwise * @throws UserNotFoundException * @throws UserNotFoundException * @throws AccessControlException * @throws AccessControlException * @throws IOException * @throws IOException */ */ public boolean isMember(GroupURI groupID, Role role) public boolean isMember(String groupName, Role role) throws UserNotFoundException, AccessControlException, IOException throws UserNotFoundException, AccessControlException, IOException { { return isMember(getCurrentUserID(), groupID, role); return isMember(getCurrentUserID(), groupName, role); } } private boolean isMember(Principal userID, GroupURI groupID, Role role) private boolean isMember(Principal userID, String groupName, Role role) throws UserNotFoundException, AccessControlException, IOException throws UserNotFoundException, AccessControlException, IOException { { Group group = getMembership(groupID, role); Group group = getMembership(groupName, role); return group != null; return group != null; } } Loading Loading @@ -1077,7 +1083,7 @@ public class GMSClient implements TransferListener } } } } protected GroupMemberships getGroupCache(URI serviceID, Principal userID) protected GroupMemberships getGroupCache(Principal userID) { { AccessControlContext acContext = AccessController.getContext(); AccessControlContext acContext = AccessController.getContext(); Subject subject = Subject.getSubject(acContext); Subject subject = Subject.getSubject(acContext); Loading Loading @@ -1107,21 +1113,21 @@ public class GMSClient implements TransferListener return null; // no cache return null; // no cache } } protected Group getCachedGroup(Principal userID, GroupURI groupID, Role role) protected Group getCachedGroup(Principal userID, String groupID, Role role) { { List<Group> groups = getCachedGroups(groupID.getServiceID(), userID, role, false); List<Group> groups = getCachedGroups(userID, role, false); if (groups == null) if (groups == null) return null; // no cache return null; // no cache for (Group g : groups) for (Group g : groups) { { if (g.getID().equals(groupID)) if (g.getID().getName().equals(groupID)) return g; return g; } } return null; return null; } } protected List<Group> getCachedGroups(URI serviceID, Principal userID, Role role, boolean complete) protected List<Group> getCachedGroups(Principal userID, Role role, boolean complete) { { GroupMemberships mems = getGroupCache(serviceID, userID); GroupMemberships mems = getGroupCache(userID); if (mems == null) if (mems == null) return null; // no cache return null; // no cache Loading @@ -1135,16 +1141,16 @@ public class GMSClient implements TransferListener protected void addCachedGroup(Principal userID, Group group, Role role) protected void addCachedGroup(Principal userID, Group group, Role role) { { GroupMemberships mems = getGroupCache(group.getID().getServiceID(), userID); GroupMemberships mems = getGroupCache(userID); if (mems == null) if (mems == null) return; // no cache return; // no cache mems.add(group, role); mems.add(group, role); } } protected void setCachedGroups(URI serviceID, Principal userID, List<Group> groups, Role role) protected void setCachedGroups(Principal userID, List<Group> groups, Role role) { { GroupMemberships mems = getGroupCache(serviceID, userID); GroupMemberships mems = getGroupCache(userID); if (mems == null) if (mems == null) return; // no cache return; // no cache Loading Loading
cadc-access-control-server/build.gradle +2 −2 Original line number Original line Diff line number Diff line Loading @@ -13,7 +13,7 @@ repositories { sourceCompatibility = 1.7 sourceCompatibility = 1.7 group = 'org.opencadc' group = 'org.opencadc' version = '1.1.0' version = '1.1.1' dependencies { dependencies { compile 'log4j:log4j:1.2.+' compile 'log4j:log4j:1.2.+' Loading @@ -22,7 +22,7 @@ dependencies { compile 'xerces:xercesImpl:2.+' compile 'xerces:xercesImpl:2.+' compile 'com.unboundid:unboundid-ldapsdk:2.3.+' compile 'com.unboundid:unboundid-ldapsdk:2.3.+' compile 'org.opencadc:cadc-access-control:1.1.+' compile 'org.opencadc:cadc-access-control:[1.1.1,)' compile 'org.opencadc:cadc-util:1.+' compile 'org.opencadc:cadc-util:1.+' compile 'org.opencadc:cadc-log:1.+' compile 'org.opencadc:cadc-log:1.+' compile 'org.opencadc:cadc-registry:1.+' compile 'org.opencadc:cadc-registry:1.+' Loading
cadc-access-control/build.gradle +3 −2 Original line number Original line Diff line number Diff line Loading @@ -15,9 +15,9 @@ sourceCompatibility = 1.7 group = 'org.opencadc' group = 'org.opencadc' version = '1.1.0' version = '1.1.3' mainClassName = 'ca.nrc.cadc.ac.client.GMSClientMain' mainClassName = 'ca.nrc.cadc.ac.client.Main' dependencies { dependencies { compile 'log4j:log4j:1.2.+' compile 'log4j:log4j:1.2.+' Loading @@ -25,6 +25,7 @@ dependencies { compile 'org.json:json:20160212' compile 'org.json:json:20160212' compile 'org.opencadc:cadc-util:1.+' compile 'org.opencadc:cadc-util:1.+' compile 'org.opencadc:cadc-cdp:[1.0,)' compile 'org.opencadc:cadc-registry:1.+' compile 'org.opencadc:cadc-registry:1.+' testCompile 'junit:junit:4.+' testCompile 'junit:junit:4.+' Loading
cadc-access-control/src/main/java/ca/nrc/cadc/ac/GroupURI.java +14 −28 Original line number Original line Diff line number Diff line Loading @@ -83,7 +83,6 @@ public class GroupURI private static Logger log = Logger.getLogger(GroupURI.class); private static Logger log = Logger.getLogger(GroupURI.class); private URI uri; private URI uri; private String name; /** /** * Attempts to create a URI using the specified uri. * Attempts to create a URI using the specified uri. Loading @@ -99,8 +98,6 @@ public class GroupURI throw new IllegalArgumentException("Null URI"); throw new IllegalArgumentException("Null URI"); } } this.uri = uri; // Ensure the scheme is correct // Ensure the scheme is correct if (uri.getScheme() == null) if (uri.getScheme() == null) { { Loading @@ -117,13 +114,9 @@ public class GroupURI throw new IllegalArgumentException("Missing authority and/or path."); throw new IllegalArgumentException("Missing authority and/or path."); } } log.debug("URI: " + uri); log.debug(" scheme: " + uri.getScheme()); log.debug(" authority: " + uri.getAuthority()); log.debug(" path: " + uri.getPath()); String fragment = uri.getFragment(); String fragment = uri.getFragment(); String query = uri.getQuery(); String query = uri.getQuery(); String name = null; if (query == null) if (query == null) { { if (fragment != null) if (fragment != null) Loading @@ -144,6 +137,9 @@ public class GroupURI } } name = query; name = query; } } this.uri = URI.create( uri.getScheme() + "://" + uri.getAuthority() + uri.getPath() + "?" + name); } } /** /** Loading @@ -156,16 +152,16 @@ public class GroupURI } } @Override @Override public boolean equals(Object rhs) public boolean equals(Object other) { { if (rhs == null) if (other == null) return false; return false; if (this == rhs) if (this == other) return true; return true; if (rhs instanceof GroupURI) if (other instanceof GroupURI) { { GroupURI vu = (GroupURI) rhs; GroupURI otherURI = (GroupURI) other; return uri.toString().equals(vu.uri.toString()); return uri.equals(otherURI.getURI()); } } return false; return false; } } Loading @@ -180,16 +176,6 @@ public class GroupURI return uri; return uri; } } /** * Returns the decoded authority component of the URI. * * @return authority of the URI, or null if the authority is undefined. */ public String getAuthority() { return uri.getAuthority(); } /** /** * Returns the decoded fragment component of the URI. * Returns the decoded fragment component of the URI. * * Loading @@ -197,18 +183,18 @@ public class GroupURI */ */ public String getName() public String getName() { { return name; return uri.getQuery(); } } public URI getServiceID() public URI getServiceID() { { String serviceID = uri.getScheme() + String serviceIDString = uri.getScheme() + "://" + "://" + uri.getAuthority() + uri.getAuthority() + uri.getPath(); uri.getPath(); try try { { return new URI(serviceID); return new URI(serviceIDString); } } catch (URISyntaxException e) catch (URISyntaxException e) { { Loading @@ -220,7 +206,7 @@ public class GroupURI @Override @Override public String toString() public String toString() { { return getServiceID() + "?" + name; return uri.toString(); } } } }
cadc-access-control/src/main/java/ca/nrc/cadc/ac/client/GMSClient.java +75 −69 Original line number Original line Diff line number Diff line Loading @@ -94,7 +94,6 @@ import org.apache.log4j.Logger; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.GroupAlreadyExistsException; import ca.nrc.cadc.ac.GroupAlreadyExistsException; import ca.nrc.cadc.ac.GroupNotFoundException; import ca.nrc.cadc.ac.GroupNotFoundException; import ca.nrc.cadc.ac.GroupURI; import ca.nrc.cadc.ac.Role; import ca.nrc.cadc.ac.Role; import ca.nrc.cadc.ac.UserNotFoundException; import ca.nrc.cadc.ac.UserNotFoundException; import ca.nrc.cadc.ac.WriterException; import ca.nrc.cadc.ac.WriterException; Loading Loading @@ -129,11 +128,20 @@ public class GMSClient implements TransferListener private SSLSocketFactory sslSocketFactory; private SSLSocketFactory sslSocketFactory; private SSLSocketFactory mySocketFactory; private SSLSocketFactory mySocketFactory; private URI serviceID; /** /** * Constructor. * Constructor. * * @param serviceID The service ID. */ */ public GMSClient() public GMSClient(URI serviceID) { { if (serviceID == null) throw new IllegalArgumentException("invalid serviceID: " + serviceID); if (serviceID.getFragment() != null) throw new IllegalArgumentException("invalid serviceID (fragment not allowed): " + serviceID); this.serviceID = serviceID; } } public void transferEvent(TransferEvent te) public void transferEvent(TransferEvent te) Loading Loading @@ -173,9 +181,8 @@ public class GMSClient implements TransferListener throws GroupAlreadyExistsException, AccessControlException, throws GroupAlreadyExistsException, AccessControlException, UserNotFoundException, WriterException, IOException UserNotFoundException, WriterException, IOException { { URL createGroupURL = getRegistryClient() URL createGroupURL = getRegistryClient() .getServiceURL(group.getID().getServiceID(), Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); log.debug("createGroupURL request to " + createGroupURL.toString()); log.debug("createGroupURL request to " + createGroupURL.toString()); // reset the state of the cache // reset the state of the cache Loading Loading @@ -237,19 +244,18 @@ public class GMSClient implements TransferListener /** /** * Get the group object. * Get the group object. * * * @param groupID Identifies the group to get. * @param groupName Identifies the group to get. * @return The group. * @return The group. * @throws GroupNotFoundException If the group was not found. * @throws GroupNotFoundException If the group was not found. * @throws AccessControlException If unauthorized to perform this operation. * @throws AccessControlException If unauthorized to perform this operation. * @throws java.io.IOException * @throws java.io.IOException */ */ public Group getGroup(GroupURI groupID) public Group getGroup(String groupName) throws GroupNotFoundException, AccessControlException, IOException throws GroupNotFoundException, AccessControlException, IOException { { URL groupsURL = getRegistryClient() URL groupsURL = getRegistryClient() .getServiceURL(groupID.getServiceID(), Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); URL getGroupURL = new URL(groupsURL.toExternalForm() + "/" + groupID.getName()); URL getGroupURL = new URL(groupsURL.toExternalForm() + "/" + groupName); log.debug("getGroup request to " + getGroupURL.toString()); log.debug("getGroup request to " + getGroupURL.toString()); ByteArrayOutputStream out = new ByteArrayOutputStream(); ByteArrayOutputStream out = new ByteArrayOutputStream(); Loading Loading @@ -300,11 +306,11 @@ public class GMSClient implements TransferListener * @throws AccessControlException If unauthorized to perform this operation. * @throws AccessControlException If unauthorized to perform this operation. * @throws java.io.IOException * @throws java.io.IOException */ */ public List<String> getGroupNames(URI serviceID) public List<String> getGroupNames() throws AccessControlException, IOException throws AccessControlException, IOException { { URL getGroupNamesURL = getRegistryClient() URL getGroupNamesURL = getRegistryClient() .getServiceURL(serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); log.debug("getGroupNames request to " + getGroupNamesURL.toString()); log.debug("getGroupNames request to " + getGroupNamesURL.toString()); Loading Loading @@ -382,7 +388,7 @@ public class GMSClient implements TransferListener AccessControlException, WriterException, IOException AccessControlException, WriterException, IOException { { URL groupsURL = getRegistryClient() URL groupsURL = getRegistryClient() .getServiceURL(group.getID().getServiceID(), Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); URL updateGroupURL = new URL(groupsURL.toExternalForm() + "/" + group.getID().getName()); URL updateGroupURL = new URL(groupsURL.toExternalForm() + "/" + group.getID().getName()); log.debug("updateGroup request to " + updateGroupURL.toString()); log.debug("updateGroup request to " + updateGroupURL.toString()); Loading Loading @@ -442,17 +448,17 @@ public class GMSClient implements TransferListener /** /** * Delete the group. * Delete the group. * * * @param groupID Identifies the group to delete. * @param groupName Identifies the group to delete. * @throws GroupNotFoundException If the group was not found. * @throws GroupNotFoundException If the group was not found. * @throws AccessControlException If unauthorized to perform this operation. * @throws AccessControlException If unauthorized to perform this operation. * @throws java.io.IOException * @throws java.io.IOException */ */ public void deleteGroup(GroupURI groupID) public void deleteGroup(String groupName) throws GroupNotFoundException, AccessControlException, IOException throws GroupNotFoundException, AccessControlException, IOException { { URL groupsURL = getRegistryClient() URL groupsURL = getRegistryClient() .getServiceURL(groupID.getServiceID(), Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); URL deleteGroupURL = new URL(groupsURL.toExternalForm() + "/" + groupID.getName()); URL deleteGroupURL = new URL(groupsURL.toExternalForm() + "/" + groupName); log.debug("deleteGroup request to " + deleteGroupURL.toString()); log.debug("deleteGroup request to " + deleteGroupURL.toString()); // reset the state of the cache // reset the state of the cache Loading Loading @@ -506,21 +512,21 @@ public class GMSClient implements TransferListener /** /** * Add a group as a member of another group. * Add a group as a member of another group. * * * @param targetGroup The group in which to add the group member. * @param targetGroupName The group in which to add the group member. * @param groupMemberName The group member to add. * @param groupMemberName The group member to add. * @throws IllegalArgumentException If cyclical membership is detected. * @throws IllegalArgumentException If cyclical membership is detected. * @throws GroupNotFoundException If the group was not found. * @throws GroupNotFoundException If the group was not found. * @throws AccessControlException If unauthorized to perform this operation. * @throws AccessControlException If unauthorized to perform this operation. * @throws java.io.IOException * @throws java.io.IOException */ */ public void addGroupMember(GroupURI targetGroup, String groupMemberName) public void addGroupMember(String targetGroupName, String groupMemberName) throws IllegalArgumentException, GroupNotFoundException, throws IllegalArgumentException, GroupNotFoundException, AccessControlException, IOException AccessControlException, IOException { { String path = "/" + targetGroup.getName() + "/groupMembers/" + groupMemberName; String path = "/" + targetGroupName + "/groupMembers/" + groupMemberName; URL groupsURL = getRegistryClient() URL groupsURL = getRegistryClient() .getServiceURL(targetGroup.getServiceID(), Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); URL addGroupMemberURL = new URL(groupsURL.toExternalForm() + path); URL addGroupMemberURL = new URL(groupsURL.toExternalForm() + path); log.debug("addGroupMember request to " + addGroupMemberURL.toString()); log.debug("addGroupMember request to " + addGroupMemberURL.toString()); Loading Loading @@ -560,28 +566,28 @@ public class GMSClient implements TransferListener /** /** * Add a user as a member of a group. * Add a user as a member of a group. * * * @param targetGroup The group in which to add the group member. * @param targetGroupName The group in which to add the group member. * @param userID The user to add. * @param userID The user to add. * @throws GroupNotFoundException If the group was not found. * @throws GroupNotFoundException If the group was not found. * @throws UserNotFoundException If the member was not found. * @throws UserNotFoundException If the member was not found. * @throws java.io.IOException * @throws java.io.IOException * @throws AccessControlException If unauthorized to perform this operation. * @throws AccessControlException If unauthorized to perform this operation. */ */ public void addUserMember(GroupURI targetGroup, Principal userID) public void addUserMember(String targetGroupName, Principal userID) throws GroupNotFoundException, UserNotFoundException, AccessControlException, IOException throws GroupNotFoundException, UserNotFoundException, AccessControlException, IOException { { if (targetGroup == null) if (targetGroupName == null) throw new IllegalArgumentException("targetGroup required"); throw new IllegalArgumentException("targetGroupName required"); if (userID == null) if (userID == null) throw new IllegalArgumentException("userID required"); throw new IllegalArgumentException("userID required"); log.debug("addUserMember: " + targetGroup + " + " + userID.getName()); log.debug("addUserMember: " + targetGroupName + " + " + userID.getName()); String userIDType = AuthenticationUtil.getPrincipalType(userID); String userIDType = AuthenticationUtil.getPrincipalType(userID); String path = "/" + targetGroup.getName() + "/userMembers/" + NetUtil.encode(userID.getName()) + "?idType=" + userIDType; String path = "/" + targetGroupName + "/userMembers/" + NetUtil.encode(userID.getName()) + "?idType=" + userIDType; URL groupsURL = getRegistryClient() URL groupsURL = getRegistryClient() .getServiceURL(targetGroup.getServiceID(), Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); URL addUserMemberURL = new URL(groupsURL.toExternalForm() + path); URL addUserMemberURL = new URL(groupsURL.toExternalForm() + path); log.debug("addUserMember request to " + addUserMemberURL.toString()); log.debug("addUserMember request to " + addUserMemberURL.toString()); Loading Loading @@ -625,20 +631,20 @@ public class GMSClient implements TransferListener /** /** * Remove a group as a member of another group. * Remove a group as a member of another group. * * * @param targetGroup The group from which to remove the group member. * @param targetGroupName The group from which to remove the group member. * @param groupMemberName The group member to remove. * @param groupMemberName The group member to remove. * @throws GroupNotFoundException If the group was not found. * @throws GroupNotFoundException If the group was not found. * @throws java.io.IOException * @throws java.io.IOException * @throws AccessControlException If unauthorized to perform this operation. * @throws AccessControlException If unauthorized to perform this operation. */ */ public void removeGroupMember(GroupURI targetGroup, public void removeGroupMember(String targetGroupName, String groupMemberName) String groupMemberName) throws GroupNotFoundException, AccessControlException, IOException throws GroupNotFoundException, AccessControlException, IOException { { String path = "/" + targetGroup.getName() + "/groupMembers/" + groupMemberName; String path = "/" + targetGroupName + "/groupMembers/" + groupMemberName; URL groupsURL = getRegistryClient() URL groupsURL = getRegistryClient() .getServiceURL(targetGroup.getServiceID(), Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); URL removeGroupMemberURL = new URL(groupsURL.toExternalForm() + path); URL removeGroupMemberURL = new URL(groupsURL.toExternalForm() + path); log.debug("removeGroupMember request to " + log.debug("removeGroupMember request to " + removeGroupMemberURL.toString()); removeGroupMemberURL.toString()); Loading Loading @@ -692,22 +698,22 @@ public class GMSClient implements TransferListener /** /** * Remove a user as a member of a group. * Remove a user as a member of a group. * * * @param targetGroup The group from which to remove the group member. * @param targetGroupName The group from which to remove the group member. * @param userID The user to remove. * @param userID The user to remove. * @throws GroupNotFoundException If the group was not found. * @throws GroupNotFoundException If the group was not found. * @throws UserNotFoundException If the member was not found. * @throws UserNotFoundException If the member was not found. * @throws java.io.IOException * @throws java.io.IOException * @throws AccessControlException If unauthorized to perform this operation. * @throws AccessControlException If unauthorized to perform this operation. */ */ public void removeUserMember(GroupURI targetGroup, Principal userID) public void removeUserMember(String targetGroupName, Principal userID) throws GroupNotFoundException, UserNotFoundException, AccessControlException, IOException throws GroupNotFoundException, UserNotFoundException, AccessControlException, IOException { { String userIDType = AuthenticationUtil.getPrincipalType(userID); String userIDType = AuthenticationUtil.getPrincipalType(userID); log.debug("removeUserMember: " + targetGroup + " - " + userID.getName() + " type: " + userIDType); log.debug("removeUserMember: " + targetGroupName + " - " + userID.getName() + " type: " + userIDType); String path = "/" + targetGroup.getName() + "/userMembers/" + NetUtil.encode(userID.getName()) + "?idType=" + userIDType; String path = "/" + targetGroupName + "/userMembers/" + NetUtil.encode(userID.getName()) + "?idType=" + userIDType; URL groupsURL = getRegistryClient() URL groupsURL = getRegistryClient() .getServiceURL(targetGroup.getServiceID(), Standards.GMS_GROUPS_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_GROUPS_01, AuthMethod.CERT); URL removeUserMemberURL = new URL(groupsURL.toExternalForm() + path); URL removeUserMemberURL = new URL(groupsURL.toExternalForm() + path); log.debug("removeUserMember: " + removeUserMemberURL.toString()); log.debug("removeUserMember: " + removeUserMemberURL.toString()); Loading Loading @@ -783,14 +789,14 @@ public class GMSClient implements TransferListener * @throws ca.nrc.cadc.ac.UserNotFoundException * @throws ca.nrc.cadc.ac.UserNotFoundException * @throws java.io.IOException * @throws java.io.IOException */ */ public List<Group> getMemberships(URI serviceID, Role role) public List<Group> getMemberships(Role role) throws UserNotFoundException, AccessControlException, IOException throws UserNotFoundException, AccessControlException, IOException { { return getMemberships(serviceID, null, role); return getMemberships(null, role); } } private List<Group> getMemberships(URI serviceID, Principal ignore, Role role) private List<Group> getMemberships(Principal ignore, Role role) throws UserNotFoundException, AccessControlException, IOException throws UserNotFoundException, AccessControlException, IOException { { if (role == null) if (role == null) Loading @@ -801,7 +807,7 @@ public class GMSClient implements TransferListener Principal userID = getCurrentUserID(); Principal userID = getCurrentUserID(); if (userID != null) if (userID != null) { { List<Group> cachedGroups = getCachedGroups(serviceID, userID, role, true); List<Group> cachedGroups = getCachedGroups(userID, role, true); if (cachedGroups != null) if (cachedGroups != null) { { return cachedGroups; return cachedGroups; Loading @@ -819,7 +825,7 @@ public class GMSClient implements TransferListener searchGroupPath.append("&ROLE=").append(NetUtil.encode(roleString)); searchGroupPath.append("&ROLE=").append(NetUtil.encode(roleString)); URL searchURL = getRegistryClient() URL searchURL = getRegistryClient() .getServiceURL(serviceID, Standards.GMS_SEARCH_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_SEARCH_01, AuthMethod.CERT); URL getMembershipsURL = new URL(searchURL.toExternalForm() + searchGroupPath.toString()); URL getMembershipsURL = new URL(searchURL.toExternalForm() + searchGroupPath.toString()); log.debug("getMemberships request to " + getMembershipsURL.toString()); log.debug("getMemberships request to " + getMembershipsURL.toString()); Loading Loading @@ -857,7 +863,7 @@ public class GMSClient implements TransferListener log.debug("getMemberships returned: " + groupsXML); log.debug("getMemberships returned: " + groupsXML); GroupListReader groupListReader = new GroupListReader(); GroupListReader groupListReader = new GroupListReader(); List<Group> groups = groupListReader.read(groupsXML); List<Group> groups = groupListReader.read(groupsXML); setCachedGroups(serviceID, userID, groups, role); setCachedGroups(userID, groups, role); return groups; return groups; } } catch (Exception bug) catch (Exception bug) Loading @@ -874,17 +880,17 @@ public class GMSClient implements TransferListener * * * This call is identical to getMemberShip(userID, groupName, Role.MEMBER) * This call is identical to getMemberShip(userID, groupName, Role.MEMBER) * * * @param groupID Identifies the group. * @param groupName Identifies the group. * @return The group or null of the user is not a member. * @return The group or null of the user is not a member. * @throws UserNotFoundException If the user does not exist. * @throws UserNotFoundException If the user does not exist. * @throws AccessControlException If not allowed to peform the search. * @throws AccessControlException If not allowed to peform the search. * @throws IllegalArgumentException If a parameter is null. * @throws IllegalArgumentException If a parameter is null. * @throws IOException If an unknown error occured. * @throws IOException If an unknown error occured. */ */ public Group getMembership(GroupURI groupID) public Group getMembership(String groupName) throws UserNotFoundException, AccessControlException, IOException throws UserNotFoundException, AccessControlException, IOException { { return getMembership(groupID, Role.MEMBER); return getMembership(groupName, Role.MEMBER); } } /** /** Loading @@ -892,7 +898,7 @@ public class GMSClient implements TransferListener * identified by userID, is a member (of type role) of that group. * identified by userID, is a member (of type role) of that group. * Return null otherwise. * Return null otherwise. * * * @param groupID Identifies the group. * @param groupName Identifies the group. * @param role The membership role to search. * @param role The membership role to search. * @return The group or null of the user is not a member. * @return The group or null of the user is not a member. * @throws UserNotFoundException If the user does not exist. * @throws UserNotFoundException If the user does not exist. Loading @@ -900,10 +906,10 @@ public class GMSClient implements TransferListener * @throws IllegalArgumentException If a parameter is null. * @throws IllegalArgumentException If a parameter is null. * @throws IOException If an unknown error occured. * @throws IOException If an unknown error occured. */ */ public Group getMembership(GroupURI groupID, Role role) public Group getMembership(String groupName, Role role) throws UserNotFoundException, AccessControlException, IOException throws UserNotFoundException, AccessControlException, IOException { { if (groupID == null || role == null) if (groupName == null || role == null) { { throw new IllegalArgumentException("groupName and role are required."); throw new IllegalArgumentException("groupName and role are required."); } } Loading @@ -911,7 +917,7 @@ public class GMSClient implements TransferListener Principal userID = getCurrentUserID(); Principal userID = getCurrentUserID(); if (userID != null) if (userID != null) { { Group cachedGroup = getCachedGroup(userID, groupID, role); Group cachedGroup = getCachedGroup(userID, groupName, role); if (cachedGroup != null) if (cachedGroup != null) { { return cachedGroup; return cachedGroup; Loading @@ -927,10 +933,10 @@ public class GMSClient implements TransferListener //searchGroupURL.append("ID=").append(NetUtil.encode(id)); //searchGroupURL.append("ID=").append(NetUtil.encode(id)); //searchGroupURL.append("&IDTYPE=").append(NetUtil.encode(idType)); //searchGroupURL.append("&IDTYPE=").append(NetUtil.encode(idType)); searchGroupPath.append("&ROLE=").append(NetUtil.encode(roleString)); searchGroupPath.append("&ROLE=").append(NetUtil.encode(roleString)); searchGroupPath.append("&GROUPID=").append(NetUtil.encode(groupID.getName())); searchGroupPath.append("&GROUPID=").append(NetUtil.encode(groupName)); URL searchURL = getRegistryClient() URL searchURL = getRegistryClient() .getServiceURL(groupID.getServiceID(), Standards.GMS_SEARCH_01, AuthMethod.CERT); .getServiceURL(this.serviceID, Standards.GMS_SEARCH_01, AuthMethod.CERT); URL getMembershipURL = new URL(searchURL.toExternalForm() + searchGroupPath.toString()); URL getMembershipURL = new URL(searchURL.toExternalForm() + searchGroupPath.toString()); log.debug("getMembership request to " + getMembershipURL.toString()); log.debug("getMembership request to " + getMembershipURL.toString()); Loading Loading @@ -979,7 +985,7 @@ public class GMSClient implements TransferListener return ret; return ret; } } throw new IllegalStateException( throw new IllegalStateException( "Duplicate membership for " + userID + " in group " + groupID); "Duplicate membership for " + userID + " in group " + groupName); } } catch (Exception bug) catch (Exception bug) { { Loading @@ -991,37 +997,37 @@ public class GMSClient implements TransferListener /** /** * Check group membership of the current Subject. * Check group membership of the current Subject. * * * @param groupID * @param groupName * @return true if the current Subject is a member of the group, false otherwise * @return true if the current Subject is a member of the group, false otherwise * @throws UserNotFoundException * @throws UserNotFoundException * @throws AccessControlException * @throws AccessControlException * @throws IOException * @throws IOException */ */ public boolean isMember(GroupURI groupID) public boolean isMember(String groupName) throws UserNotFoundException, AccessControlException, IOException throws UserNotFoundException, AccessControlException, IOException { { return isMember(groupID, Role.MEMBER); return isMember(groupName, Role.MEMBER); } } /** /** * * * @param groupID * @param groupName * @param role * @param role * @return true if the current Subject is a member of the group with the specified role, false otherwise * @return true if the current Subject is a member of the group with the specified role, false otherwise * @throws UserNotFoundException * @throws UserNotFoundException * @throws AccessControlException * @throws AccessControlException * @throws IOException * @throws IOException */ */ public boolean isMember(GroupURI groupID, Role role) public boolean isMember(String groupName, Role role) throws UserNotFoundException, AccessControlException, IOException throws UserNotFoundException, AccessControlException, IOException { { return isMember(getCurrentUserID(), groupID, role); return isMember(getCurrentUserID(), groupName, role); } } private boolean isMember(Principal userID, GroupURI groupID, Role role) private boolean isMember(Principal userID, String groupName, Role role) throws UserNotFoundException, AccessControlException, IOException throws UserNotFoundException, AccessControlException, IOException { { Group group = getMembership(groupID, role); Group group = getMembership(groupName, role); return group != null; return group != null; } } Loading Loading @@ -1077,7 +1083,7 @@ public class GMSClient implements TransferListener } } } } protected GroupMemberships getGroupCache(URI serviceID, Principal userID) protected GroupMemberships getGroupCache(Principal userID) { { AccessControlContext acContext = AccessController.getContext(); AccessControlContext acContext = AccessController.getContext(); Subject subject = Subject.getSubject(acContext); Subject subject = Subject.getSubject(acContext); Loading Loading @@ -1107,21 +1113,21 @@ public class GMSClient implements TransferListener return null; // no cache return null; // no cache } } protected Group getCachedGroup(Principal userID, GroupURI groupID, Role role) protected Group getCachedGroup(Principal userID, String groupID, Role role) { { List<Group> groups = getCachedGroups(groupID.getServiceID(), userID, role, false); List<Group> groups = getCachedGroups(userID, role, false); if (groups == null) if (groups == null) return null; // no cache return null; // no cache for (Group g : groups) for (Group g : groups) { { if (g.getID().equals(groupID)) if (g.getID().getName().equals(groupID)) return g; return g; } } return null; return null; } } protected List<Group> getCachedGroups(URI serviceID, Principal userID, Role role, boolean complete) protected List<Group> getCachedGroups(Principal userID, Role role, boolean complete) { { GroupMemberships mems = getGroupCache(serviceID, userID); GroupMemberships mems = getGroupCache(userID); if (mems == null) if (mems == null) return null; // no cache return null; // no cache Loading @@ -1135,16 +1141,16 @@ public class GMSClient implements TransferListener protected void addCachedGroup(Principal userID, Group group, Role role) protected void addCachedGroup(Principal userID, Group group, Role role) { { GroupMemberships mems = getGroupCache(group.getID().getServiceID(), userID); GroupMemberships mems = getGroupCache(userID); if (mems == null) if (mems == null) return; // no cache return; // no cache mems.add(group, role); mems.add(group, role); } } protected void setCachedGroups(URI serviceID, Principal userID, List<Group> groups, Role role) protected void setCachedGroups(Principal userID, List<Group> groups, Role role) { { GroupMemberships mems = getGroupCache(serviceID, userID); GroupMemberships mems = getGroupCache(userID); if (mems == null) if (mems == null) return; // no cache return; // no cache Loading
