From 4d9b0e8bdf122324cec9f3dd387c02d14c30877e Mon Sep 17 00:00:00 2001 From: =?utf8?q?Felix=20D=C3=B6rre?= Date: Mon, 2 Nov 2015 10:26:13 +0100 Subject: [PATCH] Clean: use "authorizationContexts" --- src/org/cacert/gigi/Gigi.java | 12 ++++++------ src/org/cacert/gigi/PermissionCheckable.java | 5 ++--- src/org/cacert/gigi/output/Menu.java | 8 ++++---- src/org/cacert/gigi/output/PageMenuItem.java | 6 +++--- src/org/cacert/gigi/output/SimpleMenuItem.java | 4 ++-- src/org/cacert/gigi/pages/LoginPage.java | 4 ++-- src/org/cacert/gigi/pages/LogoutPage.java | 6 +++--- src/org/cacert/gigi/pages/Page.java | 5 +++-- src/org/cacert/gigi/pages/admin/TTPAdminPage.java | 5 +++-- .../gigi/pages/admin/support/FindDomainPage.java | 9 +++------ .../gigi/pages/admin/support/FindUserPage.java | 8 +++----- .../pages/admin/support/SupportUserDetailsPage.java | 8 +++----- src/org/cacert/gigi/pages/main/RegisterPage.java | 6 +++--- src/org/cacert/gigi/pages/orga/CreateOrgPage.java | 6 +++--- src/org/cacert/gigi/pages/orga/ViewOrgPage.java | 5 +++-- src/org/cacert/gigi/pages/wot/AssurePage.java | 5 +++-- src/org/cacert/gigi/util/AuthorizationContext.java | 9 ++++++++- 17 files changed, 57 insertions(+), 54 deletions(-) diff --git a/src/org/cacert/gigi/Gigi.java b/src/org/cacert/gigi/Gigi.java index 63ce7fe8..c5ee8cd3 100644 --- a/src/org/cacert/gigi/Gigi.java +++ b/src/org/cacert/gigi/Gigi.java @@ -110,8 +110,8 @@ public class Gigi extends HttpServlet { getMenu("CAcert.org").addItem(new SimpleMenuItem("https://" + ServerConstants.getSecureHostNamePort() + "/login", "Certificate Login") { @Override - public boolean isPermitted(User u) { - return u == null; + public boolean isPermitted(AuthorizationContext ac) { + return ac == null; } }); putPage("/", new MainPage("CAcert - Home"), null); @@ -326,8 +326,7 @@ public class Gigi extends HttpServlet { return; } AuthorizationContext currentAuthContext = LoginPage.getAuthorizationContext(req); - User currentPageUser = LoginPage.getUser(req); - if ( !p.isPermitted(currentPageUser)) { + if ( !p.isPermitted(currentAuthContext)) { if (hs.getAttribute("loggedin") == null) { String request = req.getPathInfo(); request = request.split("\\?")[0]; @@ -369,14 +368,15 @@ public class Gigi extends HttpServlet { }; Language lang = Page.getLanguage(req); - vars.put(Menu.USER_VALUE, currentPageUser); + vars.put(Menu.AUTH_VALUE, currentAuthContext); vars.put("menu", rootMenu); vars.put("title", lang.getTranslation(p.getTitle())); vars.put("static", getStaticTemplateVar(isSecure)); vars.put("year", Calendar.getInstance().get(Calendar.YEAR)); vars.put("content", content); - if (currentPageUser != null) { + if (currentAuthContext != null) { CertificateOwner target = currentAuthContext.getTarget(); + User currentPageUser = LoginPage.getUser(req); if (target != currentPageUser) { vars.put("loggedInAs", ((Organisation) target).getName() + " (" + currentPageUser.getName().toString() + ")"); } else { diff --git a/src/org/cacert/gigi/PermissionCheckable.java b/src/org/cacert/gigi/PermissionCheckable.java index 7dee6fd7..4b868f2a 100644 --- a/src/org/cacert/gigi/PermissionCheckable.java +++ b/src/org/cacert/gigi/PermissionCheckable.java @@ -1,10 +1,9 @@ package org.cacert.gigi; -import org.cacert.gigi.dbObjects.User; - +import org.cacert.gigi.util.AuthorizationContext; public interface PermissionCheckable { - public boolean isPermitted(User u); + public boolean isPermitted(AuthorizationContext u); } diff --git a/src/org/cacert/gigi/output/Menu.java b/src/org/cacert/gigi/output/Menu.java index 9d275ffc..6c376175 100644 --- a/src/org/cacert/gigi/output/Menu.java +++ b/src/org/cacert/gigi/output/Menu.java @@ -4,12 +4,12 @@ import java.io.PrintWriter; import java.util.LinkedList; import java.util.Map; -import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.localisation.Language; +import org.cacert.gigi.util.AuthorizationContext; public class Menu implements IMenuItem { - public static final String USER_VALUE = "user"; + public static final String AUTH_VALUE = "ac"; private String menuName; @@ -24,7 +24,7 @@ public class Menu implements IMenuItem { @Override public void output(PrintWriter out, Language l, Map vars) { boolean visible = false; - User u = (User) vars.get(USER_VALUE); + AuthorizationContext u = (AuthorizationContext) vars.get(AUTH_VALUE); for (IMenuItem mi : content) { if (mi.isPermitted(u)) { if ( !visible) { @@ -71,7 +71,7 @@ public class Menu implements IMenuItem { } @Override - public boolean isPermitted(User u) { + public boolean isPermitted(AuthorizationContext ac) { return true; } } diff --git a/src/org/cacert/gigi/output/PageMenuItem.java b/src/org/cacert/gigi/output/PageMenuItem.java index 8b7d41e6..852ea4b0 100644 --- a/src/org/cacert/gigi/output/PageMenuItem.java +++ b/src/org/cacert/gigi/output/PageMenuItem.java @@ -1,7 +1,7 @@ package org.cacert.gigi.output; -import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.pages.Page; +import org.cacert.gigi.util.AuthorizationContext; import org.cacert.gigi.util.ServerConstants; public class PageMenuItem extends SimpleMenuItem { @@ -14,7 +14,7 @@ public class PageMenuItem extends SimpleMenuItem { } @Override - public boolean isPermitted(User u) { - return p.isPermitted(u); + public boolean isPermitted(AuthorizationContext ac) { + return p.isPermitted(ac); } } diff --git a/src/org/cacert/gigi/output/SimpleMenuItem.java b/src/org/cacert/gigi/output/SimpleMenuItem.java index cccd3b11..961a288f 100644 --- a/src/org/cacert/gigi/output/SimpleMenuItem.java +++ b/src/org/cacert/gigi/output/SimpleMenuItem.java @@ -3,8 +3,8 @@ package org.cacert.gigi.output; import java.io.PrintWriter; import java.util.Map; -import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.localisation.Language; +import org.cacert.gigi.util.AuthorizationContext; public class SimpleMenuItem implements IMenuItem { @@ -27,7 +27,7 @@ public class SimpleMenuItem implements IMenuItem { } @Override - public boolean isPermitted(User u) { + public boolean isPermitted(AuthorizationContext ac) { return true; } diff --git a/src/org/cacert/gigi/pages/LoginPage.java b/src/org/cacert/gigi/pages/LoginPage.java index d25eacfb..3188b137 100644 --- a/src/org/cacert/gigi/pages/LoginPage.java +++ b/src/org/cacert/gigi/pages/LoginPage.java @@ -182,7 +182,7 @@ public class LoginPage extends Page { } @Override - public boolean isPermitted(User u) { - return u == null; + public boolean isPermitted(AuthorizationContext ac) { + return ac == null; } } diff --git a/src/org/cacert/gigi/pages/LogoutPage.java b/src/org/cacert/gigi/pages/LogoutPage.java index 3d82be78..1a854837 100644 --- a/src/org/cacert/gigi/pages/LogoutPage.java +++ b/src/org/cacert/gigi/pages/LogoutPage.java @@ -7,7 +7,7 @@ import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.cacert.gigi.Gigi; -import org.cacert.gigi.dbObjects.User; +import org.cacert.gigi.util.AuthorizationContext; public class LogoutPage extends Page { @@ -31,8 +31,8 @@ public class LogoutPage extends Page { } @Override - public boolean isPermitted(User u) { - return u != null; + public boolean isPermitted(AuthorizationContext ac) { + return ac != null; } } diff --git a/src/org/cacert/gigi/pages/Page.java b/src/org/cacert/gigi/pages/Page.java index f2bdbd7f..8d64d94f 100644 --- a/src/org/cacert/gigi/pages/Page.java +++ b/src/org/cacert/gigi/pages/Page.java @@ -14,6 +14,7 @@ import org.cacert.gigi.PermissionCheckable; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.template.Template; +import org.cacert.gigi.util.AuthorizationContext; /** * This class encapsulates a sub page of Gigi. A template residing nearby this @@ -137,8 +138,8 @@ public abstract class Page implements PermissionCheckable { } @Override - public boolean isPermitted(User u) { - return !needsLogin() || u != null; + public boolean isPermitted(AuthorizationContext ac) { + return !needsLogin() || ac != null; } } diff --git a/src/org/cacert/gigi/pages/admin/TTPAdminPage.java b/src/org/cacert/gigi/pages/admin/TTPAdminPage.java index 5dbc6409..a6bd0d47 100644 --- a/src/org/cacert/gigi/pages/admin/TTPAdminPage.java +++ b/src/org/cacert/gigi/pages/admin/TTPAdminPage.java @@ -17,6 +17,7 @@ import org.cacert.gigi.output.template.IterableDataset; import org.cacert.gigi.output.template.SprintfCommand; import org.cacert.gigi.pages.Page; import org.cacert.gigi.pages.error.PageNotFound; +import org.cacert.gigi.util.AuthorizationContext; public class TTPAdminPage extends Page { @@ -87,7 +88,7 @@ public class TTPAdminPage extends Page { } @Override - public boolean isPermitted(User u) { - return u != null && u.isInGroup(Group.getByString("ttp-assurer")); + public boolean isPermitted(AuthorizationContext ac) { + return ac != null && ac.isInGroup(Group.getByString("ttp-assurer")); } } diff --git a/src/org/cacert/gigi/pages/admin/support/FindDomainPage.java b/src/org/cacert/gigi/pages/admin/support/FindDomainPage.java index fec8bc1b..acff6463 100644 --- a/src/org/cacert/gigi/pages/admin/support/FindDomainPage.java +++ b/src/org/cacert/gigi/pages/admin/support/FindDomainPage.java @@ -1,9 +1,9 @@ package org.cacert.gigi.pages.admin.support; import org.cacert.gigi.dbObjects.Group; -import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.output.template.Form; import org.cacert.gigi.pages.OneFormPage; +import org.cacert.gigi.util.AuthorizationContext; public class FindDomainPage extends OneFormPage { @@ -19,10 +19,7 @@ public class FindDomainPage extends OneFormPage { } @Override - public boolean isPermitted(User u) { - if (u == null) { - return false; - } - return u.isInGroup(Group.SUPPORTER); + public boolean isPermitted(AuthorizationContext ac) { + return ac != null && ac.isInGroup(Group.SUPPORTER); } } diff --git a/src/org/cacert/gigi/pages/admin/support/FindUserPage.java b/src/org/cacert/gigi/pages/admin/support/FindUserPage.java index 6f4fc875..ad112919 100644 --- a/src/org/cacert/gigi/pages/admin/support/FindUserPage.java +++ b/src/org/cacert/gigi/pages/admin/support/FindUserPage.java @@ -14,6 +14,7 @@ import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.template.Form; import org.cacert.gigi.output.template.IterableDataset; import org.cacert.gigi.pages.Page; +import org.cacert.gigi.util.AuthorizationContext; public class FindUserPage extends Page { @@ -65,11 +66,8 @@ public class FindUserPage extends Page { } @Override - public boolean isPermitted(User u) { - if (u == null) { - return false; - } - return u.isInGroup(Group.SUPPORTER); + public boolean isPermitted(AuthorizationContext ac) { + return ac != null && ac.isInGroup(Group.SUPPORTER); } } diff --git a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java index 924ba08b..b1ec3abf 100644 --- a/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java +++ b/src/org/cacert/gigi/pages/admin/support/SupportUserDetailsPage.java @@ -16,6 +16,7 @@ import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.template.Form; import org.cacert.gigi.output.template.IterableDataset; import org.cacert.gigi.pages.Page; +import org.cacert.gigi.util.AuthorizationContext; public class SupportUserDetailsPage extends Page { @@ -88,10 +89,7 @@ public class SupportUserDetailsPage extends Page { } @Override - public boolean isPermitted(User u) { - if (u == null) { - return false; - } - return u.isInGroup(Group.SUPPORTER); + public boolean isPermitted(AuthorizationContext ac) { + return ac != null && ac.isInGroup(Group.SUPPORTER); } } diff --git a/src/org/cacert/gigi/pages/main/RegisterPage.java b/src/org/cacert/gigi/pages/main/RegisterPage.java index 72adc23e..78b1cc19 100644 --- a/src/org/cacert/gigi/pages/main/RegisterPage.java +++ b/src/org/cacert/gigi/pages/main/RegisterPage.java @@ -8,9 +8,9 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; -import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.output.template.Form; import org.cacert.gigi.pages.Page; +import org.cacert.gigi.util.AuthorizationContext; public class RegisterPage extends Page { @@ -56,7 +56,7 @@ public class RegisterPage extends Page { } @Override - public boolean isPermitted(User u) { - return u == null; + public boolean isPermitted(AuthorizationContext ac) { + return ac == null; } } diff --git a/src/org/cacert/gigi/pages/orga/CreateOrgPage.java b/src/org/cacert/gigi/pages/orga/CreateOrgPage.java index f1e8ea6a..4d6a3879 100644 --- a/src/org/cacert/gigi/pages/orga/CreateOrgPage.java +++ b/src/org/cacert/gigi/pages/orga/CreateOrgPage.java @@ -8,9 +8,9 @@ import javax.servlet.http.HttpServletResponse; import org.cacert.gigi.GigiApiException; import org.cacert.gigi.dbObjects.Group; -import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.output.template.Form; import org.cacert.gigi.pages.Page; +import org.cacert.gigi.util.AuthorizationContext; public class CreateOrgPage extends Page { @@ -23,8 +23,8 @@ public class CreateOrgPage extends Page { } @Override - public boolean isPermitted(User u) { - return u != null && u.isInGroup(ORG_ASSURER); + public boolean isPermitted(AuthorizationContext ac) { + return ac != null && ac.isInGroup(ORG_ASSURER); } @Override diff --git a/src/org/cacert/gigi/pages/orga/ViewOrgPage.java b/src/org/cacert/gigi/pages/orga/ViewOrgPage.java index 3996095e..b2b39f1a 100644 --- a/src/org/cacert/gigi/pages/orga/ViewOrgPage.java +++ b/src/org/cacert/gigi/pages/orga/ViewOrgPage.java @@ -18,6 +18,7 @@ import org.cacert.gigi.output.template.IterableDataset; import org.cacert.gigi.output.template.Template; import org.cacert.gigi.pages.LoginPage; import org.cacert.gigi.pages.Page; +import org.cacert.gigi.util.AuthorizationContext; public class ViewOrgPage extends Page { @@ -32,8 +33,8 @@ public class ViewOrgPage extends Page { } @Override - public boolean isPermitted(User u) { - return u != null && (u.isInGroup(CreateOrgPage.ORG_ASSURER) || u.getOrganisations().size() != 0); + public boolean isPermitted(AuthorizationContext ac) { + return ac != null && (ac.isInGroup(CreateOrgPage.ORG_ASSURER) || ac.getActor().getOrganisations().size() != 0); } @Override diff --git a/src/org/cacert/gigi/pages/wot/AssurePage.java b/src/org/cacert/gigi/pages/wot/AssurePage.java index 924cc953..af00c0e8 100644 --- a/src/org/cacert/gigi/pages/wot/AssurePage.java +++ b/src/org/cacert/gigi/pages/wot/AssurePage.java @@ -19,6 +19,7 @@ import org.cacert.gigi.output.template.Form; import org.cacert.gigi.output.template.Template; import org.cacert.gigi.pages.LoginPage; import org.cacert.gigi.pages.Page; +import org.cacert.gigi.util.AuthorizationContext; import org.cacert.gigi.util.Notary; public class AssurePage extends Page { @@ -46,8 +47,8 @@ public class AssurePage extends Page { } @Override - public boolean isPermitted(User u) { - return u != null && u.canAssure(); + public boolean isPermitted(AuthorizationContext ac) { + return ac != null && ac.getActor().canAssure(); } private void outputForm(HttpServletRequest req, PrintWriter out, AssuranceForm form) { diff --git a/src/org/cacert/gigi/util/AuthorizationContext.java b/src/org/cacert/gigi/util/AuthorizationContext.java index 4a329a9f..9d190f72 100644 --- a/src/org/cacert/gigi/util/AuthorizationContext.java +++ b/src/org/cacert/gigi/util/AuthorizationContext.java @@ -23,7 +23,14 @@ public class AuthorizationContext { return actor; } - public boolean hasRight(Group g) { + public boolean isInGroup(Group g) { return actor.isInGroup(g); } + + public User getActor(AuthorizationContext ac) { + if (ac == null) { + return null; + } + return ac.getActor(); + } } -- 2.39.2