Package com.google.enterprise.connector.filesystem

Source Code of com.google.enterprise.connector.filesystem.FileAuthorizationManager

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
// Copyright 2009 Google Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package com.google.enterprise.connector.filesystem;

import com.google.common.base.Strings;
import com.google.enterprise.connector.spi.AuthenticationIdentity;
import com.google.enterprise.connector.spi.AuthorizationManager;
import com.google.enterprise.connector.spi.AuthorizationResponse;
import com.google.enterprise.connector.spi.RepositoryException;

import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;

/**
* Implementation of the SPI {@link AuthorizationManager} interface
* for the file system connector.
*/
public class FileAuthorizationManager implements AuthorizationManager {
  private static final Logger LOG =
      Logger.getLogger(FileAuthorizationManager.class.getName());
  private final PathParser pathParser;

  FileAuthorizationManager(PathParser pathParser) {
    this.pathParser = pathParser;
  }

  /**
   * Returns true if we succeed in verifying that the user indicated by the
   * passed in identity has permission to read the document with the
   * passed in docId and false otherwise.
   */
  private boolean canRead(String docId, AuthenticationIdentity identity)
      throws RepositoryException {
    Credentials credentials =
        FileConnectorType.newCredentials(identity.getDomain(),
            identity.getUsername(), identity.getPassword());
    if (credentials == null) {
      // Null credentials mean identity has a null or zero length userName.
      return false;
    }

    if (Strings.isNullOrEmpty(identity.getPassword())
        && pathParser.isUserNamePasswordNeeded(docId)) {
      return false;
    }

    try {
      ReadonlyFile<?> file = pathParser.getFile(docId, credentials);
      return file.getFileSystemType().supportsAuthz() && file.canRead();
    } catch (RepositoryException re) {
      LOG.log(Level.FINE,
          "Exception during authorization check for document id "
          + docId, re);
      return false;
    }
  }

  /**
   * @param docIds
   * @param identity
   * @return a list of authorizations for document IDs.
   */
  // TODO: This will require work for non-SMB files.
  @Override
  public List<AuthorizationResponse> authorizeDocids(Collection<String> docIds,
      AuthenticationIdentity identity) throws RepositoryException {
    LOG.info("User name passed is : " + getShowString(identity.getUsername(),
        false) + " password is :"
        + getShowString(identity.getPassword(), true) + " domain is : "
        + getShowString(identity.getDomain(), false));
    List<AuthorizationResponse> authorized = new ArrayList<AuthorizationResponse>();
    List<String> authorizedIds = new ArrayList<String>();
    List<String> notAutorizedIds = new ArrayList<String>();
    for (String docId : docIds) {
      if (canRead(docId, identity)) {
        authorizedIds.add(docId);
        authorized.add(new AuthorizationResponse(true, docId));
      } else {
        notAutorizedIds.add(docId);
      }
    }
    if (LOG.isLoggable(Level.INFO)) {
      LOG.info("Authorization request for domainName = " + identity.getDomain()
          + " userName = " + identity.getUsername()
          + " authorized Ids = " + authorizedIds
          + " not authorized Ids = " + notAutorizedIds);
    }
    return authorized;
  }

  /**
   * @param arg String to show
   * @param isPassword Whether the string to show is password or not
   * @return checks whether the input is null or blank, if yes then returns "blank or null",
   * If the input is not null or blank, then if it is a password then it returns "is not blank or null"
   * if it is not password and not blank or null then returns the input as it is.
   */
  private String getShowString(String arg, boolean isPassword) {
    if (arg == null || arg.trim().length() < 1) {
      return "blank or null";
    } else if (isPassword){
      return "is not blank or null";
    } else {
      return arg;
    }
  }
}
TOP

Related Classes of com.google.enterprise.connector.filesystem.FileAuthorizationManager

  • com.google.enterprise.connector.spi.AuthorizationResponse
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.