1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
|
/*******************************************************************************
* Copyright (c) 2001, 2008 IBM Corporation and others.
*
* This program and the accompanying materials
* are made available under the terms of the Eclipse Public License 2.0
* which accompanies this distribution, and is available at
* https://www.eclipse.org/legal/epl-2.0/
*
* SPDX-License-Identifier: EPL-2.0
*
* Contributors:
* IBM Corporation - initial API and implementation
*******************************************************************************/
package org.eclipse.equinox.internal.useradmin;
import java.util.Vector;
/**
* This interface encapsulates an authorization context on which bundles
* can base authorization decisions where appropriate.
* <p>
* Bundles associate the privilege to access restricted resources or
* operations with roles. Before granting access to a restricted resource
* or operation, a bundle will check if the Authorization object passed
* to it possesses the required role, by calling its hasRole method.
* <p>
* Authorization contexts are instantiated by calling
* {@link UserAdmin#getAuthorization}
* <p>
* <font size="+1">Trusting Authorization objects.</font>
* <p>
* There are no restrictions regarding the creation of Authorization objects.
* Hence, a service must only accept Authorization objects from bundles that
* has been authorized to use the service using code based (or Java 2)
* permissions.
* <p>
* In some cases it is useful to use ServicePermissions to do the code based
* access control. A service basing user access control on Authorization
* objects passed to it, will then require that a calling bundle has the
* ServicePermission to get the service in question. This is the most
* convenient way. The framework will do the code based permission check
* when the calling bundle attempts to get the service from the service
* registry.
* <p>
* Example: A servlet using a service on a user's behalf. The bundle with the
* servlet must be given the ServicePermission to get the Service.
* <p>
* However, in some cases the code based permission checks need to be more
* fine-grained. A service might allow all bundles to get it, but
* require certain code based permissions for some of its methods.
* <p>
* Example: A servlet using a service on a user's behalf, where some
* service functionality is open to anyone, and some is restricted by code
* based permissions. When a restricted method is called
* (e.g., one handing over
* an Authorization object), the service explicitly checks that the calling
* bundle has permission to make the call.
*/
public class Authorization implements org.osgi.service.useradmin.Authorization {
protected UserAdmin useradmin;
protected Role user;
protected String name; //user to distinguish between the anonymous user and user.anyone
protected Authorization(User user, UserAdmin useradmin) {
this.useradmin = useradmin;
if (user != null) {
this.user = user;
name = user.getName();
} else {
//anonymous user
this.user = (Role) useradmin.getRole(Role.anyoneString);
name = null;
}
}
/**
* Gets the name of the {@link User} that this Authorization
* context was created for.
*
* @return The name of the {@link User} that this Authorization
* context was created for, or <code>null</code> if no user was specified
* when this Authorization context was created.
*/
@Override
public String getName() {
useradmin.checkAlive();
return (name);
}
/**
* Checks if the role with the specified name is implied by this
* Authorization context.
* <p>
* Bundles must define globally unique role names that are associated with
* the privilege of accessing restricted resources or operations.
* System administrators will grant users access to these resources, by
* creating a {@link Group} for each role and adding {@link User}s to it.
*
* @param name_ The name of the role to check for.
*
* @return <code>true</code> if this Authorization context implies the
* specified role, otherwise <code>false</code>.
*/
@Override
public boolean hasRole(String name_) {
useradmin.checkAlive();
synchronized (useradmin) {
Role checkRole = (org.eclipse.equinox.internal.useradmin.Role) useradmin.getRole(name_);
if (checkRole == null) {
return (false);
}
return checkRole.isImpliedBy(user, new Vector<>());
}
}
/**
* Gets the names of all roles encapsulated by this Authorization context.
*
* @return The names of all roles encapsulated by this Authorization
* context, or <code>null</code> if no roles are in the context.
*/
@Override
public String[] getRoles() {
useradmin.checkAlive();
// go through all of the roles and find out which ones are implied by this
// authorization context.
synchronized (useradmin) //we don't want anything changing while we get the list
{
int length = useradmin.roles.size();
Vector<String> result = new Vector<>(length);
for (int i = 0; i < length; i++) {
Role role = useradmin.roles.elementAt(i);
if (role.isImpliedBy(user, new Vector<>())) {
String roleName = role.getName();
//exclude user.anyone from the list
if (!roleName.equals(Role.anyoneString)) {
result.addElement(roleName);
}
}
}
int size = result.size();
if (size == 0) {
return (null);
}
String[] copyrole = new String[size];
result.copyInto(copyrole);
return copyrole;
}
}
}
|
