Author: taylor
Date: Wed May 6 15:32:23 2015
New Revision: 1678029
URL: http://svn.apache.org/r1678029
Log:
JS2-1320: improve/cleanup statistics statistics api, introduce base class for
security checks
Added:
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/AbstractRestService.java
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/ProfilerManagementService.java
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/StatisticsManagementService.java
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java
Added:
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/AbstractRestService.java
URL:
http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/AbstractRestService.java?rev=1678029&view=auto
==============================================================================
---
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/AbstractRestService.java
(added)
+++
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/AbstractRestService.java
Wed May 6 15:32:23 2015
@@ -0,0 +1,46 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.services.rest;
+
+import org.apache.jetspeed.exception.JetspeedException;
+import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
+import org.apache.jetspeed.request.RequestContext;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.ws.rs.WebApplicationException;
+
+/**
+ * Created by dtaylor on 5/2/15.
+ */
+public class AbstractRestService {
+
+ private PortletActionSecurityBehavior securityBehavior;
+
+ protected AbstractRestService(PortletActionSecurityBehavior
securityBehavior) {
+ this.securityBehavior = securityBehavior;
+ }
+
+ protected void checkPrivilege(HttpServletRequest servletRequest, String
action)
+ {
+ RequestContext requestContext = (RequestContext)
servletRequest.getAttribute(RequestContext.REQUEST_PORTALENV);
+ if (securityBehavior != null &&
!securityBehavior.checkAccess(requestContext, action))
+ {
+ throw new WebApplicationException(new
JetspeedException("Insufficient privilege to access this REST service."));
+ }
+ }
+
+}
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/ProfilerManagementService.java
URL:
http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/ProfilerManagementService.java?rev=1678029&r1=1678028&r2=1678029&view=diff
==============================================================================
---
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/ProfilerManagementService.java
(original)
+++
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/ProfilerManagementService.java
Wed May 6 15:32:23 2015
@@ -18,12 +18,10 @@ package org.apache.jetspeed.services.res
import org.apache.commons.lang.StringUtils;
import org.apache.jetspeed.JetspeedActions;
-import org.apache.jetspeed.exception.JetspeedException;
import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
import org.apache.jetspeed.profiler.Profiler;
import org.apache.jetspeed.profiler.rules.ProfilingRule;
import org.apache.jetspeed.profiler.rules.RuleCriterion;
-import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.services.beans.ProfileCriterionBean;
import org.apache.jetspeed.services.beans.ProfileDataTableBean;
import org.apache.jetspeed.services.beans.ProfileEditBean;
@@ -58,19 +56,18 @@ import java.util.Map;
* @version $Id$
*/
@Path("/profiler/")
-public class ProfilerManagementService
+public class ProfilerManagementService extends AbstractRestService
{
private static Logger log =
LoggerFactory.getLogger(ProfilerManagementService.class);
private Profiler profiler;
- private PortletActionSecurityBehavior securityBehavior;
public ProfilerManagementService(Profiler profiler,
PortletActionSecurityBehavior
securityBehavior)
{
+ super(securityBehavior);
this.profiler = profiler;
- this.securityBehavior = securityBehavior;
}
/**
@@ -95,6 +92,8 @@ public class ProfilerManagementService
public ProfileEditBean lookupProfile(@Context HttpServletRequest
servletRequest,
@Context UriInfo uriInfo,
@PathParam("id") String
profileId) {
+ checkPrivilege(servletRequest, JetspeedActions.VIEW);
+
if (StringUtils.isBlank(profileId)) {
throw new WebApplicationException(new
IllegalArgumentException("Profile id not specified"));
}
@@ -114,7 +113,10 @@ public class ProfilerManagementService
@Consumes({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
@Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
@Path("/update")
- public UpdateResultBean addOrUpdateProfile(String json) {
+ public UpdateResultBean addOrUpdateProfile(String json, @Context
HttpServletRequest servletRequest) {
+
+ checkPrivilege(servletRequest, JetspeedActions.VIEW);
+
ObjectMapper writeMapper = new ObjectMapper();
ProfileEditBean dtoProfile = null;
try {
@@ -197,11 +199,13 @@ public class ProfilerManagementService
@DELETE
@Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
- public UpdateResultBean deleteProfiles(List<String> profileIds) {
+ public UpdateResultBean deleteProfiles(List<String> profileIds, @Context
HttpServletRequest servletRequest) {
if (log.isDebugEnabled()) {
log.debug(String.format("processing DELETE on /profiler for %s",
profileIds));
}
+ checkPrivilege(servletRequest, JetspeedActions.VIEW);
+
if (profileIds == null || profileIds.size() == 0) {
throw new WebApplicationException(new
IllegalArgumentException("Profile ids to delete not specified"));
}
@@ -222,12 +226,4 @@ public class ProfilerManagementService
}
}
- protected void checkPrivilege(HttpServletRequest servletRequest, String
action)
- {
- RequestContext requestContext = (RequestContext)
servletRequest.getAttribute(RequestContext.REQUEST_PORTALENV);
- if (securityBehavior != null &&
!securityBehavior.checkAccess(requestContext, action))
- {
- throw new WebApplicationException(new
JetspeedException("Insufficient privilege to access this REST service."));
- }
- }
}
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/StatisticsManagementService.java
URL:
http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/StatisticsManagementService.java?rev=1678029&r1=1678028&r2=1678029&view=diff
==============================================================================
---
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/StatisticsManagementService.java
(original)
+++
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/StatisticsManagementService.java
Wed May 6 15:32:23 2015
@@ -19,9 +19,7 @@ package org.apache.jetspeed.services.res
import org.apache.jetspeed.JetspeedActions;
import org.apache.jetspeed.cache.CacheMonitorState;
import org.apache.jetspeed.cache.JetspeedCacheMonitor;
-import org.apache.jetspeed.exception.JetspeedException;
import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
-import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.statistics.AggregateStatistics;
import org.apache.jetspeed.statistics.InvalidCriteriaException;
import org.apache.jetspeed.statistics.PortalStatistics;
@@ -45,19 +43,18 @@ import java.util.Map;
* @version $Id: $
*/
@Path("/statistics/")
-public class StatisticsManagementService {
+public class StatisticsManagementService extends AbstractRestService {
private static Logger log =
LoggerFactory.getLogger(StatisticsManagementService.class);
private PortalStatistics statistics;
- private PortletActionSecurityBehavior securityBehavior;
private JetspeedCacheMonitor cacheMonitor;
public StatisticsManagementService(PortalStatistics statistics,
PortletActionSecurityBehavior
securityBehavior,
JetspeedCacheMonitor cache) {
+ super(securityBehavior);
this.statistics = statistics;
- this.securityBehavior = securityBehavior;
this.cacheMonitor = cache;
}
@@ -79,7 +76,6 @@ public class StatisticsManagementService
Map<String,Long> memory = new HashMap<>();
memory.put("total", runtime.totalMemory());
memory.put("free", runtime.freeMemory());
- //memory.put("max", runtime.maxMemory());
Map<String,Map<String,Long>> result = new HashMap<>();
result.put("memory", memory);
@@ -108,23 +104,19 @@ public class StatisticsManagementService
List statList = pageStats.getStatlist();
int size = statList.size();
- for (int i=0; i<size; i++){
+ for (int i = 0; i < Math.max(5, size); i++){
HashMap<String,String> stats = (HashMap)statList.get(i);
String pageName = stats.get("groupColumn");
String pageCount = stats.get("count");
- pages.put(pageName.replaceAll("/(.+)/", "/"),
Long.valueOf(pageCount));
+ if (pageName != null) {
+ pages.put(pageName, Long.valueOf(pageCount));
+ }
}
}
catch (InvalidCriteriaException e) {
throw new WebApplicationException(new
IllegalArgumentException("Statistics query criteria invalid"));
}
-// pages.put("/default-page", (long)300);
-// pages.put("/four-rows", (long)120);
-// pages.put("/login", (long)90);
-// pages.put("/register", (long)62);
-// pages.put("/dashboard", (long)17);
-
Map<String,Map<String,Long>> result = new HashMap<>();
result.put("pages", pages);
@@ -262,11 +254,5 @@ public class StatisticsManagementService
return result;
}
- protected void checkPrivilege(HttpServletRequest servletRequest, String
action) {
- RequestContext requestContext = (RequestContext)
servletRequest.getAttribute(RequestContext.REQUEST_PORTALENV);
- if (securityBehavior != null &&
!securityBehavior.checkAccess(requestContext, action)) {
- throw new WebApplicationException(new
JetspeedException("Insufficient privilege to access this REST service."));
- }
- }
}
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java
URL:
http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java?rev=1678029&r1=1678028&r2=1678029&view=diff
==============================================================================
---
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java
(original)
+++
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java
Wed May 6 15:32:23 2015
@@ -19,7 +19,6 @@ package org.apache.jetspeed.services.res
import org.apache.jetspeed.Jetspeed;
import org.apache.jetspeed.JetspeedActions;
import org.apache.jetspeed.administration.PortalConfigurationConstants;
-import org.apache.jetspeed.exception.JetspeedException;
import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
import org.apache.jetspeed.om.folder.Folder;
import org.apache.jetspeed.page.PageManager;
@@ -28,7 +27,6 @@ import org.apache.jetspeed.profiler.Prof
import org.apache.jetspeed.profiler.Profiler;
import org.apache.jetspeed.profiler.rules.PrincipalRule;
import org.apache.jetspeed.profiler.rules.ProfilingRule;
-import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.Group;
import org.apache.jetspeed.security.GroupManager;
import org.apache.jetspeed.security.JetspeedPrincipalQueryContext;
@@ -72,7 +70,7 @@ import java.util.Map;
* @version $Id$
*/
@Path("/usermanager/")
-public class UserManagerService
+public class UserManagerService extends AbstractRestService
{
private static Logger log =
LoggerFactory.getLogger(UserManagerService.class);
@@ -87,12 +85,12 @@ public class UserManagerService
public UserManagerService(UserManager userManager, RoleManager
roleManager, GroupManager groupManager, Profiler profiler, PageManager
pageManager,
PortletActionSecurityBehavior securityBehavior)
{
+ super(securityBehavior);
this.userManager = userManager;
this.roleManager = roleManager;
this.groupManager = groupManager;
this.profiler = profiler;
this.pageManager = pageManager;
- this.securityBehavior = securityBehavior;
}
/**
@@ -549,7 +547,6 @@ public class UserManagerService
Iterator<Node> folders = templateFolder.getFolders().iterator();
while (folders.hasNext()) {
Folder folder = (Folder)folders.next();
- // LEFT OFF HERE - need display and page name
String name = (folder.getShortTitle() == null ?
(folder.getTitle() == null ? folder.getName() : folder.getTitle()) :
folder.getShortTitle());
templates.add(name);
}
@@ -560,13 +557,4 @@ public class UserManagerService
return templates;
}
- protected void checkPrivilege(HttpServletRequest servletRequest, String
action)
- {
- RequestContext requestContext = (RequestContext)
servletRequest.getAttribute(RequestContext.REQUEST_PORTALENV);
-
- if (securityBehavior != null &&
!securityBehavior.checkAccess(requestContext, action))
- {
- throw new WebApplicationException(new
JetspeedException("Insufficient privilege to access this REST service."));
- }
- }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscr...@portals.apache.org
For additional commands, e-mail: jetspeed-dev-h...@portals.apache.org
