Author: challngr
Date: Wed Mar 13 10:55:21 2013
New Revision: 1455882
URL: http://svn.apache.org/r1455882
Log:
UIMA-2737
User validation - user must also own services he/she manipulates.
Modified:
uima/sandbox/uima-ducc/trunk/uima-ducc-sm/src/main/java/org/apache/uima/ducc/sm/IServiceManager.java
uima/sandbox/uima-ducc/trunk/uima-ducc-sm/src/main/java/org/apache/uima/ducc/sm/ServiceHandler.java
uima/sandbox/uima-ducc/trunk/uima-ducc-sm/src/main/java/org/apache/uima/ducc/sm/ServiceManagerComponent.java
Modified:
uima/sandbox/uima-ducc/trunk/uima-ducc-sm/src/main/java/org/apache/uima/ducc/sm/IServiceManager.java
URL:
http://svn.apache.org/viewvc/uima/sandbox/uima-ducc/trunk/uima-ducc-sm/src/main/java/org/apache/uima/ducc/sm/IServiceManager.java?rev=1455882&r1=1455881&r2=1455882&view=diff
==============================================================================
---
uima/sandbox/uima-ducc/trunk/uima-ducc-sm/src/main/java/org/apache/uima/ducc/sm/IServiceManager.java
(original)
+++
uima/sandbox/uima-ducc/trunk/uima-ducc-sm/src/main/java/org/apache/uima/ducc/sm/IServiceManager.java
Wed Mar 13 10:55:21 2013
@@ -56,4 +56,6 @@ public interface IServiceManager
public void publish(ServiceMap map);
public DuccId newId() throws Exception;
+
+ public boolean isAdministrator(String user);
}
Modified:
uima/sandbox/uima-ducc/trunk/uima-ducc-sm/src/main/java/org/apache/uima/ducc/sm/ServiceHandler.java
URL:
http://svn.apache.org/viewvc/uima/sandbox/uima-ducc/trunk/uima-ducc-sm/src/main/java/org/apache/uima/ducc/sm/ServiceHandler.java?rev=1455882&r1=1455881&r2=1455882&view=diff
==============================================================================
---
uima/sandbox/uima-ducc/trunk/uima-ducc-sm/src/main/java/org/apache/uima/ducc/sm/ServiceHandler.java
(original)
+++
uima/sandbox/uima-ducc/trunk/uima-ducc-sm/src/main/java/org/apache/uima/ducc/sm/ServiceHandler.java
Wed Mar 13 10:55:21 2013
@@ -734,11 +734,17 @@ public class ServiceHandler
String epname = ev.getEndpoint();
String serviceIdString = extractId(friendly, epname);
ServiceSet sset = serviceStateHandler.getServiceForApi(friendly,
epname);
-
if ( sset == null ) {
return new ServiceReplyEvent(false, "Service " + serviceIdString +
" does not exist.", null, null);
}
+ String userin = ev.getUser();
+ String userout = sset.getUser();
+
+ if ( !userin.equals(userout) &&
!serviceManager.isAdministrator(userin) ) {
+ return new ServiceReplyEvent(false, "Service " + serviceIdString +
" Start declined: not owner.", serviceIdString, null);
+ }
+
if ( sset.isRegistered() ) {
int running = sset.countImplementors();
int instances = ev.getInstances();
@@ -819,11 +825,17 @@ public class ServiceHandler
String epname = ev.getEndpoint();
String serviceIdString = extractId(friendly, epname);
ServiceSet sset = serviceStateHandler.getServiceForApi(friendly,
epname);
-
if ( sset == null ) {
return new ServiceReplyEvent(false, "Service " + serviceIdString +
" does not exist.", null, null);
}
+ String userin = ev.getUser();
+ String userout = sset.getUser();
+
+ if ( !userin.equals(userout) &&
!serviceManager.isAdministrator(userin) ) {
+ return new ServiceReplyEvent(false, "Service " + serviceIdString +
" Start declined: not owner.", serviceIdString, null);
+ }
+
if ( sset.isRegistered() ) {
if ( (sset.countImplementors() == 0) && ( sset.isUimaAs()) ) {
return new ServiceReplyEvent(false, "Service " +
serviceIdString + " is already stopped.", sset.getKey(), sset.getId());
@@ -953,11 +965,17 @@ public class ServiceHandler
String epname = ev.getEndpoint();
String serviceIdString = extractId(friendly, epname);
ServiceSet sset = serviceStateHandler.getServiceForApi(friendly,
epname);
-
if ( sset == null ) {
return new ServiceReplyEvent(false, "Unrecognized service ID[" +
friendly + "] Endpoint[" + epname + "]", "?", null);
}
+ String userin = ev.getUser();
+ String userout = sset.getUser();
+
+ if ( !userin.equals(userout) &&
!serviceManager.isAdministrator(userin) ) {
+ return new ServiceReplyEvent(false, "Service " + serviceIdString +
" Start declined: not owner.", serviceIdString, null);
+ }
+
if ( sset.isRegistered() ) {
pendingRequests.add(new ApiHandler(ev, this));
// ApiHandler apih = new ApiHandler(ev, this);
@@ -1006,11 +1024,17 @@ public class ServiceHandler
String epname = ev.getEndpoint();
String serviceIdString = extractId(friendly, epname);
ServiceSet sset = serviceStateHandler.getServiceForApi(friendly,
epname);
-
if ( sset == null ) {
return new ServiceReplyEvent(false, "Service " + serviceIdString +
" does not exist.", serviceIdString, null);
}
+ String userin = ev.getUser();
+ String userout = sset.getUser();
+
+ if ( !userin.equals(userout) &&
!serviceManager.isAdministrator(userin) ) {
+ return new ServiceReplyEvent(false, "Service " + serviceIdString +
" Unregister declined: not owner.", serviceIdString, null);
+ }
+
if ( sset.isRegistered() ) {
sset.deregister(); // just sets a flag so we know how to
handle it when it starts to die
pendingRequests.add(new ApiHandler(ev, this));
Modified:
uima/sandbox/uima-ducc/trunk/uima-ducc-sm/src/main/java/org/apache/uima/ducc/sm/ServiceManagerComponent.java
URL:
http://svn.apache.org/viewvc/uima/sandbox/uima-ducc/trunk/uima-ducc-sm/src/main/java/org/apache/uima/ducc/sm/ServiceManagerComponent.java?rev=1455882&r1=1455881&r2=1455882&view=diff
==============================================================================
---
uima/sandbox/uima-ducc/trunk/uima-ducc-sm/src/main/java/org/apache/uima/ducc/sm/ServiceManagerComponent.java
(original)
+++
uima/sandbox/uima-ducc/trunk/uima-ducc-sm/src/main/java/org/apache/uima/ducc/sm/ServiceManagerComponent.java
Wed Mar 13 10:55:21 2013
@@ -23,6 +23,7 @@ import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.util.HashMap;
import java.util.Map;
+import java.util.Properties;
import java.util.UUID;
import org.apache.camel.CamelContext;
@@ -106,6 +107,8 @@ public class ServiceManagerComponent
private boolean initialized = false;
private boolean testmode = false;
+ Map<String, String> administrators = new HashMap<String, String>();
+
public ServiceManagerComponent(CamelContext context)
{
super("ServiceManager", context);
@@ -225,7 +228,33 @@ public class ServiceManagerComponent
initialized = true;
}
}
-
+
+ void readAdministrators()
+ {
+ String methodName = "readAdministrators";
+ File adminfile = new File(System.getProperty("DUCC_HOME") +
"/resources/ducc.administrators");
+ if ( ! adminfile.exists() ) {
+ logger.info(methodName, null, "No ducc administrators found.");
+ return;
+ }
+
+ Properties props = null;
+ try {
+ FileInputStream fis = new FileInputStream(adminfile);
+ props = new Properties();
+ props.load(fis);
+ } catch (Exception e) {
+ logger.warn(methodName, null, "Cannot read administroators file:",
e.toString());
+ return;
+ }
+
+ for ( Object k : props.keySet() ) {
+ String adm = ((String) k).trim();
+ administrators.put(adm, adm);
+ logger.info(methodName, null, "DUCC Administrator registered:",
adm);
+ }
+ }
+
@Override
public void start(DuccService service, String[] args) throws Exception
{
@@ -267,6 +296,8 @@ public class ServiceManagerComponent
logger.info(methodName, null, " DUCC Version : ",
Version.version());
logger.info(methodName, null,
"------------------------------------------------------------------------------------");
+ readAdministrators();
+
// Here is a good place to do any pre-start stuff
// Start the main processing loop
@@ -293,6 +324,11 @@ public class ServiceManagerComponent
logger.info(methodName, null, "Service Manger returns.");
}
+ public boolean isAdministrator(String user)
+ {
+ return administrators.containsKey(user);
+ }
+
/**
* At boot only ... pass in the set of all known active services to each
service so it can update
* internal state with current published state.
