Skip to content

Commit

Permalink
Non-functional update: remove dead code and clean formatting
Browse files Browse the repository at this point in the history
  • Loading branch information
Andrew Woods committed Jun 21, 2014
1 parent 4071833 commit 13be72d
Show file tree
Hide file tree
Showing 8 changed files with 137 additions and 236 deletions.
92 changes: 38 additions & 54 deletions src/main/java/org/fcrepo/auth/xacml/FedoraEvaluationCtxBuilder.java
View file
Expand Up @@ -53,41 +53,6 @@ public class FedoraEvaluationCtxBuilder {
*/
private static final Logger LOGGER = LoggerFactory.getLogger(FedoraEvaluationCtxBuilder.class);

/**
* Create an evaluation context builder.
*/
public FedoraEvaluationCtxBuilder() {

}

/**
* Build the evaluation context.
*
* @return the evaluation context
*/
public final EvaluationCtx build() {
final RequestCtx rc =
new RequestCtx(subjectList, resourceList, actionList,
environmentList);
if (LOGGER.isDebugEnabled()) {
try (ByteArrayOutputStream baos = new ByteArrayOutputStream()) {
rc.encode(baos);
LOGGER.debug("RequestCtx dump:\n{}", baos.toString("utf-8"));
} catch (final IOException e) {
LOGGER.error("Cannot print request context", e);
}
}
final AttributeFinder af = new AttributeFinder();
af.setModules(attributeFinderModules);
try {
final BasicEvaluationCtx result = new BasicEvaluationCtx(rc, af);
// result.setResourceId(resourceId);
return result;
} catch (final ParsingException e) {
throw new Error(e);
}
}

/**
* The list of other subjects.
*/
Expand Down Expand Up @@ -118,14 +83,40 @@ public final EvaluationCtx build() {
*/
private final List<AttributeFinderModule> attributeFinderModules = new ArrayList<AttributeFinderModule>();

/**
* Build the evaluation context.
*
* @return the evaluation context
*/
public final EvaluationCtx build() {
final RequestCtx rc = new RequestCtx(subjectList, resourceList, actionList, environmentList);
if (LOGGER.isDebugEnabled()) {
try (ByteArrayOutputStream baos = new ByteArrayOutputStream()) {
rc.encode(baos);
LOGGER.debug("RequestCtx dump:\n{}", baos.toString("utf-8"));
} catch (final IOException e) {
LOGGER.info("Cannot print request context", e);
}
}

final AttributeFinder af = new AttributeFinder();
af.setModules(attributeFinderModules);
try {
final BasicEvaluationCtx result = new BasicEvaluationCtx(rc, af);
// result.setResourceId(resourceId);
return result;
} catch (final ParsingException e) {
throw new Error(e);
}
}

/**
* Add a finder module to context.
*
* @param module module to add
* @return the builder
*/
public final FedoraEvaluationCtxBuilder addFinderModule(
final AttributeFinderModule module) {
public final FedoraEvaluationCtxBuilder addFinderModule(final AttributeFinderModule module) {
this.attributeFinderModules.add(module);
return this;
}
Expand All @@ -137,13 +128,11 @@ public final FedoraEvaluationCtxBuilder addFinderModule(
* @param roles the effective roles for user, or null
* @return the builder
*/
public final FedoraEvaluationCtxBuilder addSubject(final String username,
final Set<String> roles) {
final List<Attribute> subjectAttrs = new ArrayList<Attribute>();
public final FedoraEvaluationCtxBuilder addSubject(final String username, final Set<String> roles) {
final List<Attribute> subjectAttrs = new ArrayList<>();
if (username != null) {
final StringAttribute v = new StringAttribute(username);
final Attribute sid =
new Attribute(ATTRIBUTEID_SUBJECT_ID, null, null, v);
final Attribute sid = new Attribute(ATTRIBUTEID_SUBJECT_ID, null, null, v);
subjectAttrs.add(sid);
}

Expand All @@ -156,7 +145,6 @@ public final FedoraEvaluationCtxBuilder addSubject(final String username,
}

this.subjectList.add(new Subject(subjectAttrs));

return this;
}

Expand All @@ -167,9 +155,7 @@ public final FedoraEvaluationCtxBuilder addSubject(final String username,
* @return the builder
*/
public final FedoraEvaluationCtxBuilder addResourceID(final String rawModeShapePath) {
final Attribute rid =
new Attribute(ATTRIBUTEID_RESOURCE_ID, null, null,
new StringAttribute(rawModeShapePath));
final Attribute rid = new Attribute(ATTRIBUTEID_RESOURCE_ID, null, null, new StringAttribute(rawModeShapePath));
resourceList.add(rid);
return this;
}
Expand All @@ -181,9 +167,7 @@ public final FedoraEvaluationCtxBuilder addResourceID(final String rawModeShapeP
* @return the builder
*/
public final FedoraEvaluationCtxBuilder addWorkspace(final String name) {
final Attribute wid =
new Attribute(ATTRIBUTEID_RESOURCE_WORKSPACE, null, null,
new StringAttribute(name));
final Attribute wid = new Attribute(ATTRIBUTEID_RESOURCE_WORKSPACE, null, null, new StringAttribute(name));
resourceList.add(wid);
return this;
}
Expand All @@ -197,9 +181,7 @@ public final FedoraEvaluationCtxBuilder addWorkspace(final String name) {
public final FedoraEvaluationCtxBuilder addActions(final String[] actions) {
if (actions != null) {
for (final String action : actions) {
final Attribute a =
new Attribute(ATTRIBUTEID_ACTION_ID, null, null,
new StringAttribute(action));
final Attribute a = new Attribute(ATTRIBUTEID_ACTION_ID, null, null, new StringAttribute(action));
actionList.add(a);
// if ("remove".equals(action)) {
// final Attribute scope =
Expand All @@ -216,8 +198,10 @@ public final FedoraEvaluationCtxBuilder addActions(final String[] actions) {
* @param remoteAddr
*/
public void addOriginalRequestIP(final String remoteAddr) {
final Attribute a =
new Attribute(ATTRIBUTEID_ENVIRONMENT_ORIGINAL_IP_ADDRESS, null, null, new StringAttribute(remoteAddr));
final Attribute a = new Attribute(ATTRIBUTEID_ENVIRONMENT_ORIGINAL_IP_ADDRESS,
null,
null,
new StringAttribute(remoteAddr));
actionList.add(a);
}

Expand Down
44 changes: 21 additions & 23 deletions src/main/java/org/fcrepo/auth/xacml/FedoraPolicyFinderModule.java
View file
Expand Up @@ -96,7 +96,7 @@ public final boolean isIdReferenceSupported() {
/**
* Retrieves the policy from the given policy node
*
* @param policyNode
* @param policyDatastream
* @return
*/
private AbstractPolicy getPolicy(final Datastream policyDatastream) {
Expand All @@ -106,7 +106,7 @@ private AbstractPolicy getPolicy(final Datastream policyDatastream) {
/**
* Creates a new policy or policy set object from the given policy node
*
* @param policyNode
* @param policyDatastream
* @return
*/
private AbstractPolicy loadPolicy(final Datastream policyDatastream) {
Expand All @@ -115,11 +115,10 @@ private AbstractPolicy loadPolicy(final Datastream policyDatastream) {
// create the factory
final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setIgnoringComments(true);

DocumentBuilder db = null;
factory.setNamespaceAware(true);
factory.setValidating(false);
db = factory.newDocumentBuilder();

final DocumentBuilder db = factory.newDocumentBuilder();

// Parse the policy content
final Document doc = db.parse(policyDatastream.getContent());
Expand Down Expand Up @@ -154,31 +153,31 @@ private AbstractPolicy loadPolicy(final Datastream policyDatastream) {
*/
@Override
public final PolicyFinderResult findPolicy(final EvaluationCtx context) {
final EvaluationResult ridEvalRes =
context.getResourceAttribute(URI.create("http://www.w3.org/2001/XMLSchema#string"),
URIConstants.ATTRIBUTEID_RESOURCE_ID, null);
final EvaluationResult ridEvalRes = context.getResourceAttribute(
URI.create("http://www.w3.org/2001/XMLSchema#string"), URIConstants.ATTRIBUTEID_RESOURCE_ID, null);
final AttributeValue resourceIdAttValue = ridEvalRes.getAttributeValue();
String path = resourceIdAttValue.getValue().toString();

if ("".equals(path.trim())) {
path = "/";
}

Node nodeWithPolicy;
try {
final Session internalSession = sessionFactory.getInternalSession();
final Node node = PolicyUtil.getFirstRealNode(path, internalSession);

// Walk up the hierarchy to find the first node with a policy
// assigned
nodeWithPolicy = node;
// Walk up the hierarchy to find the first node with a policy assigned
Node nodeWithPolicy = PolicyUtil.getFirstRealNode(path, internalSession);
while (nodeWithPolicy != null && !nodeWithPolicy.hasProperty(XACML_POLICY_PROPERTY)) {
nodeWithPolicy = nodeWithPolicy.getParent();
}

// This should never happen, as PolicyUtil.getFirstRealNode() at least returns the root node.
if (null == nodeWithPolicy) {
return new PolicyFinderResult();
}

final Property prop = nodeWithPolicy.getProperty(XACML_POLICY_PROPERTY);
final Datastream policyDatastream =
datastreamService.asDatastream(prop.getNode());
final Datastream policyDatastream = datastreamService.asDatastream(prop.getNode());

if (policyDatastream == null) {
return new PolicyFinderResult();
Expand Down Expand Up @@ -214,24 +213,24 @@ public final PolicyFinderResult findPolicy(final EvaluationCtx context) {
* org.jboss.security.xacml.sunxacml.PolicyMetaData)
*/
@Override
public final PolicyFinderResult findPolicy(final URI idReference, final int type,
final VersionConstraints constraints, final PolicyMetaData parentMetaData) {

public final PolicyFinderResult findPolicy(final URI idReference,
final int type,
final VersionConstraints constraints,
final PolicyMetaData parentMetaData) {
try {
final String id = idReference.toString();
if (!id.startsWith(POLICY_URI_PREFIX)) {
LOGGER.warn("Policy reference must begin with {}, but was {}", POLICY_URI_PREFIX, id);
return new PolicyFinderResult();
}
final String path = PolicyUtil.getPathForId(id);

final String path = PolicyUtil.getPathForId(id);
final Session internalSession = sessionFactory.getInternalSession();
final Datastream policyDatastream =
datastreamService.getDatastream(internalSession, path);

final Datastream policyDatastream = datastreamService.getDatastream(internalSession, path);
final AbstractPolicy policy = getPolicy(policyDatastream);

return new PolicyFinderResult(policy);

} catch (final RepositoryException e) {
LOGGER.warn("Failed to retrieve a policy for " + idReference.toString(), e);
return new PolicyFinderResult();
Expand All @@ -247,7 +246,6 @@ public final PolicyFinderResult findPolicy(final URI idReference, final int type
@Override
public void init(final PolicyFinder finder) {
this.finder = finder;

}

}
26 changes: 7 additions & 19 deletions src/main/java/org/fcrepo/auth/xacml/PDPFactory.java
View file
Expand Up @@ -36,24 +36,14 @@
@Component
public class PDPFactory {

private static final Logger LOGGER = LoggerFactory.getLogger(PDPFactory.class);

@Autowired
private FedoraPolicyFinderModule fedoraPolicyFinderModule;

@Autowired
private FedoraResourceFinderModule fedoraResourceFinderModule;

/**
* Creates the factory.
*/
public PDPFactory() {
}

/**
* Class logger.
*/
private static final Logger LOGGER = LoggerFactory
.getLogger(PDPFactory.class);

/**
* Make a PDP for the Fedora environment.
*
Expand All @@ -62,14 +52,12 @@ public PDPFactory() {
*/
public final PDP makePDP() {
final PolicyFinder policyFinder = new PolicyFinder();
policyFinder
.setModules(Collections.singleton(fedoraPolicyFinderModule));
policyFinder.setModules(Collections.singleton(fedoraPolicyFinderModule));

final ResourceFinder resourceFinder = new ResourceFinder();
resourceFinder.setModules(Collections
.singletonList(fedoraResourceFinderModule));
final PDPConfig pdpConfig =
new PDPConfig(new AttributeFinder(), policyFinder,
resourceFinder);
resourceFinder.setModules(Collections.singletonList(fedoraResourceFinderModule));

final PDPConfig pdpConfig = new PDPConfig(new AttributeFinder(), policyFinder, resourceFinder);
final PDP pdp = new PDP(pdpConfig);
LOGGER.info("XACML Policy Decision Point (PDP) initialized");
return pdp;
Expand Down
5 changes: 2 additions & 3 deletions src/main/java/org/fcrepo/auth/xacml/PolicyUtil.java
View file
Expand Up @@ -55,10 +55,9 @@ public static String getID(final InputStream policyStream) {
final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setIgnoringComments(true);

DocumentBuilder db = null;
factory.setNamespaceAware(true);
factory.setValidating(false);
db = factory.newDocumentBuilder();
final DocumentBuilder db = factory.newDocumentBuilder();

// Parse the policy content
final Document doc = db.parse(policyStream);
Expand Down Expand Up @@ -111,7 +110,7 @@ public static String getPathForId(final String id) {
*/
public static Node getFirstRealNode(final String modepath, final Session session) {
Node node = null;
for (String path = modepath; path.indexOf("/{") >= 0; path = path.substring(0, path.lastIndexOf("/{"))) {
for (String path = modepath; path.contains("/{"); path = path.substring(0, path.lastIndexOf("/{"))) {
try {
node = session.getNode(path);
break;
Expand Down

0 comments on commit 13be72d

Please sign in to comment.