• Home
• org.mycore
• mycore-base
• 2020.08
• source code
• MCRJobQueuePermission.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.mycore.services.queuedjob.MCRJobQueuePermission Maven / Gradle / Ivy

/*
 * This file is part of ***  M y C o R e  ***
 * See http://www.mycore.de/ for details.
 *
 * MyCoRe is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * MyCoRe is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with MyCoRe.  If not, see .
 */
package org.mycore.services.queuedjob;

import static org.mycore.access.MCRAccessManager.PERMISSION_READ;
import static org.mycore.access.MCRAccessManager.PERMISSION_WRITE;

import javax.ws.rs.WebApplicationException;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;

import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.mycore.access.MCRAccessManager;
import org.mycore.frontend.jersey.filter.access.MCRResourceAccessChecker;

/**
 * @author Ren\u00E9 Adler (eagle)
 *
 */
public class MCRJobQueuePermission implements MCRResourceAccessChecker {

    public static final String PERMISSION_LIST = "list-jobqueues";

    private static Logger LOGGER = LogManager.getLogger(MCRJobQueuePermission.class);

    /* (non-Javadoc)
     * @see org.mycore.frontend.jersey.filter.access.MCRResourceAccessChecker#isPermitted(com.sun.jersey.spi.container.ContainerRequest)
     */
    @Override
    public boolean isPermitted(ContainerRequestContext request) {
        String queueName = request.getUriInfo().getPathSegments().size() > 1
            ? request.getUriInfo().getPathSegments().get(1).getPath()
            : null;
        try {
            if (queueName == null || queueName.isEmpty()) {
                return MCRAccessManager.checkPermission(PERMISSION_LIST);
            }

            String permissionType = request.getMethod().matches("(?i)(POST|PUT|DELETE)") ? PERMISSION_WRITE
                : PERMISSION_READ;
            if (!MCRAccessManager.checkPermission(queueName, permissionType)) {
                LOGGER.info("Permission \"{}\" denied for queue \"{}\".", permissionType, queueName);
                return false;
            }

            return true;
        } catch (Exception exc) {
            throw new WebApplicationException(exc,
                Response.status(Status.INTERNAL_SERVER_ERROR)
                    .entity("Unable to check permission for request " + request.getUriInfo().getRequestUri()
                        + " containing entity value " + queueName)
                    .build());
        }
    }

}