step.core.deployment.AbstractStepServices Maven / Gradle / Ivy
/*******************************************************************************
* Copyright (C) 2020, exense GmbH
*
* This file is part of STEP
*
* STEP is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* STEP is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with STEP. If not, see {
public static final String SESSION = "session";
protected Configuration configuration;
private ObjectHookRegistry objectHookRegistry;
@Inject
GlobalContext serverContext;
public AbstractStepServices() {
super();
}
@PostConstruct
public void init() throws Exception {
configuration = serverContext.getConfiguration();
objectHookRegistry = serverContext.get(ObjectHookRegistry.class);
}
protected GlobalContext getContext() {
return serverContext;
}
protected ExecutionScheduler getScheduler() {
return serverContext.getScheduler();
}
protected ExecutionContext getExecutionRunnable(String executionID) {
return getScheduler().getCurrentExecutions().stream().filter(e->e.getExecutionId().equals(executionID))
.findFirst().orElse(null);
}
protected ObjectEnricher getObjectEnricher() {
return objectHookRegistry.getObjectEnricher(getSession());
}
protected ObjectFilter getObjectFilter() {
return objectHookRegistry.getObjectFilter(getSession());
}
protected ObjectPredicate getObjectPredicate(){
return objectHookRegistry.getObjectPredicate(getSession());
}
protected AuthorizationManager> getAuthorizationManager(){
return getContext().require(AuthorizationManager.class);
}
protected void checkRights(String right) {
Session session = getSession();
try {
if (!getAuthorizationManager().checkRightInContext(session, right)) {
User user = session.getUser();
throw new AuthorizationException("User " + (user == null ? "" : user.getUsername()) + " has no permission on '" + right + "'");
}
} catch (NotMemberOfProjectException ex){
// if user is not a member of the project, we want to return 'access denied' error
throw new AuthorizationException(ex.getMessage());
}
}
protected void checkRightsOnBehalfOf(String right, String userOnBehalfOf) {
Session session = getSession();
try {
if (!getAuthorizationManager().checkRightInContext(session, right, userOnBehalfOf)) {
User user = session.getUser();
throw new AuthorizationException("User " + (user == null ? "" : user.getUsername()) + " has no permission on '" + right + "' (on behalf of " + userOnBehalfOf + ")");
}
} catch (NotMemberOfProjectException ex){
// if 'userOnBehalf' is not a member of the project, we want to return 'access denied' error
throw new AuthorizationException(ex.getMessage());
}
}
/**
* The ObjectHookInterceptor.aroundReadFrom can only be used for POST request passing an entity as request BODY
* This method can be used as helper for all other cases where checking if the entity is acceptable in given context (i.e. DELETE request...(
* @param entity the entity to be asserted
*/
protected void assertEntityIsAcceptableInContext(AbstractIdentifiableObject entity) {
if(entity instanceof EnricheableObject) {
EnricheableObject enricheableObject = (EnricheableObject) entity;
Session session = getSession();
if (!objectHookRegistry.isObjectAcceptableInContext(session, enricheableObject)) {
throw new ControllerServiceException(HttpStatus.SC_FORBIDDEN, "Authorization error", "You're not allowed to edit this object from within this context");
}
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy