Package com.google.enterprise.connector.spi

Examples of com.google.enterprise.connector.spi.AuthorizationResponse


      if (user == null) {
        LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
            "Person not found in connector user database: " + gsaName +
            " using " + ncs.getUsernameType() + " username type");
        for (String docId : docIds) {
          authorized.add(new AuthorizationResponse(false, docId));
        }
      } else {
        LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
            "Authorizing documents for user " + gsaName +
            " using " + ncs.getUsernameType() + " username type");
        ArrayList<String> userGroups = new ArrayList<String>(user.getGroups());
        LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
            "Groups for " + gsaName + " are: " + userGroups);

        NotesSession ns = null;
        try {
          ns = ncs.createNotesSession();
          NotesDatabase cdb =
              ns.getDatabase(ncs.getServer(), ncs.getDatabase());
          NotesView securityView = cdb.getView(NCCONST.VIEWSECURITY);
          for (String docId : docIds) {
            NotesViewNavigator secVN = null;
            NotesDocument dbdoc = null;
            try {
              // Extract the database and UNID from the URL
              String repId = getRepIdFromDocId(docId);
              String unid = getUNIDFromDocId(docId);
              LOGGER.logp(Level.FINER, CLASS_NAME, METHOD,
                  "Authorizing document: " + repId + " : " + unid);

              // Get the category from the security view for this
              // database. The first document in the category is
              // ALWAYS the database document.
              secVN = securityView.createViewNavFromCategory(repId);
              dbdoc = secVN.getFirstDocument().getDocument();
              boolean dballow =
                  checkDatabaseAccess(dbdoc, user);

              // Only check document level security if we are
              // allowed at the database level. Assume we have
              // access to the document unless proven
              // otherwise...
              boolean docallow = true;
              if (dballow) {
                Collection<String> readers =
                    ncs.getNotesDocumentManager()
                        .getDocumentReaders(unid, repId);
                if (readers.size() > 0) {
                  docallow = checkDocumentReaders(user, readers, repId);
                } else {
                  LOGGER.logp(Level.FINEST, CLASS_NAME, METHOD,
                      "No document level security for " + unid);
                }
              }
              boolean allow = docallow && dballow;
              LOGGER.logp(Level.FINER, CLASS_NAME, METHOD,
                  "Final auth decision is " + allow + " " + unid);
              authorized.add(new AuthorizationResponse(allow, docId));
            } catch (Throwable t) {
              LOGGER.logp(Level.WARNING, CLASS_NAME, METHOD,
                  "Failed to complete check for: " + docId, t);
              authorized.add(new AuthorizationResponse(
                      AuthorizationResponse.Status.INDETERMINATE, docId));
            } finally {
              Util.recycle(dbdoc);
              Util.recycle(secVN);
              // Log timing for each document.
              if (LOGGER.isLoggable(Level.FINER)) {
                elapsedTimeMillis = System.currentTimeMillis() - startTime;
                LOGGER.logp(Level.FINER, CLASS_NAME, METHOD,
                    "ElapsedAuthorizationResponseTime: " + elapsedTimeMillis
                    + " Documents authorized: " + authorized.size());
              }
            }
          }
        } finally {
          ncs.closeNotesSession(ns);
        }
      }
    } catch (Exception e) {
      LOGGER.log(Level.SEVERE, CLASS_NAME, e);
    }

    if (LOGGER.isLoggable(Level.FINER)) {
      for (int i = 0; i < authorized.size(); i++) {
        AuthorizationResponse ar = authorized.get(i);
        LOGGER.logp(Level.FINER, CLASS_NAME, METHOD,
            "AuthorizationResponse: " + ar.getDocid() + " : " + ar.isValid());
      }
    }
    // Get elapsed time in milliseconds
    elapsedTimeMillis = System.currentTimeMillis() - startTime;
    LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
View Full Code Here


      }
      authorized = new ArrayList<AuthorizationResponse>(docids.size());
      for (String id : docids) {
        boolean isAuthorized = object_id.contains(id);
        logger.info("id " + id + " hasRight? " + isAuthorized);
        authorized.add(new AuthorizationResponse(isAuthorized, id));
      }
    } finally {
      collec.close();
      logger.finest("after collec.close");
    }
View Full Code Here

  }

  @Override
  public AuthorizationResponse authorizeDocid(String docId, IUser user,
      boolean checkMarkings) throws RepositoryException {
    AuthorizationResponse authorizationResponse = null;
    IVersionSeries versionSeries = null;
    try {
      logger.config("Getting version series for document DocID: "
          + docId);
      versionSeries = (IVersionSeries) objectStore.getObject(ClassNames.VERSION_SERIES, URLDecoder.decode(docId, "UTF-8"));
    } catch (UnsupportedEncodingException e) {
      logger.log(Level.WARNING, "Unable to Decode: Encoding is not supported for the document with DocID: "
          + docId);
      versionSeries = null;
    } catch (RepositoryException e) {
      logger.log(Level.WARNING, "Error : document Version Series Id "
          + docId + " may no longer exist. Message: "
          + e.getLocalizedMessage());
      versionSeries = null;
    }

    if (versionSeries != null) {
      logger.config("Authorizing DocID: " + docId + " for user: "
          + user.get_Name());
      // Check whether the search user is authorized to view document
      // contents or
      // not.
      IDocument releasedVersion = versionSeries.get_ReleasedVersion();
      Permissions permissions = new Permissions(
          releasedVersion.get_Permissions(), releasedVersion.get_Owner());
      if (permissions.authorize(user)) {
        logger.log(Level.INFO, "As per the ACLS User "
            + user.get_Name()
            + " is authorized for document DocID " + docId);
        authorizationResponse = new AuthorizationResponse(true,
            docId);

        if (checkMarkings) {
          logger.log(Level.INFO, "Authorizing DocID: " + docId
              + " for user: " + user.get_Name()
              + " for Marking sets ");

          // check whether current document has property values
          // set for properties associated with marking sets or
          // not //
          if (releasedVersion.get_ActiveMarkings() != null) {
            logger.log(Level.INFO, "Document has property associated with Markings set");

            // check whether USER is authorized to view the
            // document as per the Marking set security applied
            // over it.
            MarkingPermissions markingPermissions =
                new MarkingPermissions(releasedVersion.get_ActiveMarkings());
            if (markingPermissions.authorize(user)) {
              logger.log(Level.INFO, "As per the Marking Sets User "
                  + user.get_Name()
                  + " is authorized for document DocID "
                  + docId);
              authorizationResponse = new AuthorizationResponse(
                  true, docId);
            } else {
              logger.log(Level.INFO, "As per the Marking Sets User "
                  + user.get_Name()
                  + " is NOT authorized for document DocID "
                  + docId);
              authorizationResponse = new AuthorizationResponse(
                  false, docId);
            }

          } else {
            logger.log(Level.INFO, "Document does not have property associated with Marking Sets "
                + docId);
            logger.log(Level.INFO, "User "
                + user.get_Name()
                + " is authorized for document DocID "
                + docId);
            authorizationResponse = new AuthorizationResponse(
                true, docId);
          }
        } else {
          logger.log(Level.INFO, "Either Document class does not have property associated with Marking Sets or Connector is not configured to check Marking Sets ");
          logger.log(Level.INFO, "User " + user.get_Name()
              + " is authorized for document DocID " + docId);
          authorizationResponse = new AuthorizationResponse(true,
              docId);
        }
      } else {
        authorizationResponse = new AuthorizationResponse(false,
            docId);
        logger.log(Level.INFO, "As per the ACLS User "
            + user.get_Name()
            + " is NOT authorized for document DocID " + docId);
      }
    } else {
      authorizationResponse = new AuthorizationResponse(false, docId);
      logger.log(Level.INFO, "User " + user.get_Name()
          + " is NOT authorized for document DocID " + docId
          + "version series null");
    }
    return authorizationResponse;
View Full Code Here

          try {
            responses.put(docId, getResponse(docId));
          } catch (RepositoryException e) {
            logger.log(Level.WARNING, "Failed to authorize docid " + docId
                + " for user " + user.get_Name(), e);
            responses.put(docId, new AuthorizationResponse(false, docId));
          }
        }
      } finally {
        handler.popSubject();
      }
View Full Code Here

    @Override
    public AuthorizationResponse authorizeDocid(String docid, IUser user,
        boolean checkMarkings) throws RepositoryException {
      threads.add(Thread.currentThread().getName());
      return new AuthorizationResponse(true, docid);
    }
View Full Code Here

  private void mCheckForUser(String username, Collection<IdAuth> baseline,
      Collection<AuthorizationResponse> actual) throws RepositoryException {
    for (IdAuth authz : baseline) {
      String docid = authz.id;

      AuthorizationResponse found = null;
      for (AuthorizationResponse a : actual) {
        if (docid.equals(a.getDocid())) {
          assertNull("DocId " + docid + " appears in the " +
              "authorized list more than once.", found);
          found = a;
View Full Code Here

      addAuthorizedDocids(docids, username, authorized);
    authorized.trimToSize();

    if (LOGGER.isLoggable(Level.FINEST)) {
      for (String docid : docids) {
        AuthorizationResponse ar = new AuthorizationResponse(true, docid);
        LOGGER.finest("AUTHORIZED " + docid + ": " + authorized.contains(ar));
      }
    } else if (LOGGER.isLoggable(Level.FINE))
      LOGGER.fine("AUTHORIZED: " + authorized.size() + " documents.");
View Full Code Here

  }

  /** A factory interface for <code>AuthorizationResponse</code> objects. */
  private static class AuthzCreator implements Creator<AuthorizationResponse> {
    @Override public AuthorizationResponse fromString(String value) {
      return new AuthorizationResponse(true, value);
    }
View Full Code Here

    if (status) {
      LOGGER.log(Level.FINE, logMessage);
    } else {
      LOGGER.log(Level.WARNING, logMessage);
    }
    return response.add(new AuthorizationResponse(status, DocId));
  }
View Full Code Here

    List<String> authorizedIds = new ArrayList<String>();
    List<String> notAutorizedIds = new ArrayList<String>();
    for (String docId : docIds) {
      if (canRead(docId, identity)) {
        authorizedIds.add(docId);
        authorized.add(new AuthorizationResponse(true, docId));
      } else {
        notAutorizedIds.add(docId);
      }
    }
    if (LOG.isLoggable(Level.INFO)) {
View Full Code Here

TOP

Related Classes of com.google.enterprise.connector.spi.AuthorizationResponse

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.