geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kl...@apache.org
Subject [02/20] incubator-geode git commit: GEODE-1570: improve rest security framework
Date Thu, 13 Oct 2016 17:14:39 GMT
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/29e49480/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/RestSecurityService.java
----------------------------------------------------------------------
diff --git a/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/RestSecurityService.java
b/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/RestSecurityService.java
new file mode 100644
index 0000000..3d09f09
--- /dev/null
+++ b/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/RestSecurityService.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.geode.rest.internal.web.security;
+
+import org.springframework.stereotype.Component;
+
+import org.apache.geode.internal.security.SecurityService;
+import org.apache.geode.security.GemFireSecurityException;
+
+@Component("securityService")
+public class RestSecurityService {
+  private SecurityService securityService = SecurityService.getSecurityService();
+
+  public boolean authorize(String resource, String operation) {
+    return authorize(resource, operation, null, null);
+  }
+
+  public boolean authorize(String resource, String operation, String region) {
+    return authorize(resource, operation, region, null);
+  }
+
+  public boolean authorize(String resource, String operation, String region, String key)
{
+    try{
+      securityService.authorize(resource, operation, region, key);
+      return true;
+    }
+    catch (GemFireSecurityException ex){
+      return false;
+    }
+  }
+
+  public boolean authorizeKeys(String operation, String region, String[] keys) {
+    boolean authorized = false;
+    for(String key:keys){
+      authorized = authorize("DATA", operation, region, key);
+      if(!authorized)
+        return false;
+    }
+    return true;
+  }
+}


Mime
View raw message