diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 7f038b4..ae07526 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -22,5 +22,6 @@ repos:
rev: v0.3.3
hooks:
# Project compiles and passes unit tests
+ - id: maven-spotless-apply
- id: maven-compile
- id: maven-test
diff --git a/pom.xml b/pom.xml
index 4f36451..d5c1c5f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -214,6 +214,21 @@
+
+
+
+ com.diffplug.spotless
+ spotless-maven-plugin
+ 2.40.0
+
+
+
+ 1.18.1
+ false
+
+
+
+
spreg
diff --git a/src/main/java/edu/washington/iam/registry/accessctrl/AccessCtrl.java b/src/main/java/edu/washington/iam/registry/accessctrl/AccessCtrl.java
index f9e1661..5111571 100644
--- a/src/main/java/edu/washington/iam/registry/accessctrl/AccessCtrl.java
+++ b/src/main/java/edu/washington/iam/registry/accessctrl/AccessCtrl.java
@@ -15,197 +15,207 @@
* ========================================================================
*/
-
package edu.washington.iam.registry.accessctrl;
import edu.washington.iam.registry.exception.AccessCtrlException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
import java.io.Serializable;
import java.util.UUID;
import org.apache.commons.lang.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
-public class AccessCtrl implements Serializable {
-
- private final Logger log = LoggerFactory.getLogger(getClass());
-
- private Boolean is2FASet;
- private Boolean auto2FA;
- private String groupAuto2FA;
- private Boolean conditional;
- private String conditionalGroup;
- private String conditionalLink;
- private String entityId;
- private UUID uuid;
- private String startTime;
- private String endTime;
- private String updatedBy;
-
-
- private String safePy(String in) {
- return in.replaceAll("\"","\\\"");
- }
-
-
-
-
- public AccessCtrl(){
-
- //is2FASet keeps track if some idiot (like your author) tries to enable conditional AND auto 2fa
- //perhaps a better name would have been "is2FASetByUser". If the DB sets the value we don't care.
- is2FASet = false;
- auto2FA = false;
- groupAuto2FA = "";
- conditional = false;
- conditionalGroup = "";
- conditionalLink = "";
- entityId = "";
- uuid = null;
- startTime = null;
- endTime = null;
- updatedBy = "";
-
- }
-
-
- //"conditional 2fa" is a virtual state--it means auto2fa is true and a group is set to a non-empty string
- public Boolean getCond2FA() {
- if (auto2FA && getGroupAuto2FA() != "")
- {
- return true;
- } else return false;
- }
- //for setting the virtual state above
- public void setCond2FA(String group) throws AccessCtrlException {
- if (is2FASet) { throw new AccessCtrlException("Can't sent Auto 2FA AND Conditional 2FA!!"); }
- if (StringUtils.isNotBlank(group))
- {
- this.auto2FA = true;
- this.groupAuto2FA = group;
- is2FASet = true; //2fa is set. We can't set it again
-
- } else {
- throw new AccessCtrlException("tried to set conditional 2FA but provided empty or whitespace string for group name");
- }
-
- }
-
- //this is for external stuff to call--if this returns true then the entity ID uses "auto 2fa". Handles the logic
- //of figuring out the auto2fa/group-is-populated permutations.
- public Boolean getAuto2FA() {
- if (auto2FA && getGroupAuto2FA() == "")
- {
- return true;
- } else return false;
- }
- //like the get method, sets the state to "auto 2fa" without you having to figure out if the group field is populated
- //or not
- public void setAuto2FA(Boolean auto2FA) throws AccessCtrlException {
- if (is2FASet) { throw new AccessCtrlException("Can't sent Auto 2FA AND Conditional 2FA!!"); }
- this.auto2FA = auto2FA;
- this.groupAuto2FA = "";
- is2FASet = true; //2fa is set. We can't set it again
- }
-
- //only use when DB is setting this property (doesn't have the safety features of the other methods)
- //DB needs to be able to set auto2fa and groupAuto2FA properties independently
- public void setAuto2FAInternal(Boolean auto2FA)
- {
- this.auto2FA = auto2FA;
- }
- //also for DB use only--DB needs to be able to get the "naked" auto2fa state
- public Boolean getAuto2FAInternal() {
- return this.auto2FA;
- }
-
- public String getGroupAuto2FA() {
- //if not null, empty, or only whitespace, return the string
- if (StringUtils.isNotBlank(groupAuto2FA)) { return groupAuto2FA; }
- //otherwise return a string that is definitely empty (avoids whitespace issues)
- else { return ""; }
- }
-
- public void setGroupAuto2FA(String groupAuto2FA) {
- this.groupAuto2FA = groupAuto2FA;
- }
-
- public Boolean getConditional() {
- return conditional;
- }
-
- public void setConditional(Boolean conditional) {
- this.conditional = conditional;
- }
-
- public String getConditionalGroup() {
- return conditionalGroup;
- }
-
- public void setConditionalGroup(String conditionalGroup) {
+public class AccessCtrl implements Serializable {
+
+ private final Logger log = LoggerFactory.getLogger(getClass());
+
+ private Boolean is2FASet;
+ private Boolean auto2FA;
+ private String groupAuto2FA;
+ private Boolean conditional;
+ private String conditionalGroup;
+ private String conditionalLink;
+ private String entityId;
+ private UUID uuid;
+ private String startTime;
+ private String endTime;
+ private String updatedBy;
+
+ private String safePy(String in) {
+ return in.replaceAll("\"", "\\\"");
+ }
+
+ public AccessCtrl() {
+
+ // is2FASet keeps track if some idiot (like your author) tries to enable conditional AND auto
+ // 2fa
+ // perhaps a better name would have been "is2FASetByUser". If the DB sets the value we don't
+ // care.
+ is2FASet = false;
+ auto2FA = false;
+ groupAuto2FA = "";
+ conditional = false;
+ conditionalGroup = "";
+ conditionalLink = "";
+ entityId = "";
+ uuid = null;
+ startTime = null;
+ endTime = null;
+ updatedBy = "";
+ }
+
+ // "conditional 2fa" is a virtual state--it means auto2fa is true and a group is set to a
+ // non-empty string
+ public Boolean getCond2FA() {
+ if (auto2FA && getGroupAuto2FA() != "") {
+ return true;
+ } else return false;
+ }
+
+ // for setting the virtual state above
+ public void setCond2FA(String group) throws AccessCtrlException {
+ if (is2FASet) {
+ throw new AccessCtrlException("Can't sent Auto 2FA AND Conditional 2FA!!");
+ }
+ if (StringUtils.isNotBlank(group)) {
+ this.auto2FA = true;
+ this.groupAuto2FA = group;
+ is2FASet = true; // 2fa is set. We can't set it again
+
+ } else {
+ throw new AccessCtrlException(
+ "tried to set conditional 2FA but provided empty or whitespace string for group name");
+ }
+ }
+
+ // this is for external stuff to call--if this returns true then the entity ID uses "auto 2fa".
+ // Handles the logic
+ // of figuring out the auto2fa/group-is-populated permutations.
+ public Boolean getAuto2FA() {
+ if (auto2FA && getGroupAuto2FA() == "") {
+ return true;
+ } else return false;
+ }
+
+ // like the get method, sets the state to "auto 2fa" without you having to figure out if the group
+ // field is populated
+ // or not
+ public void setAuto2FA(Boolean auto2FA) throws AccessCtrlException {
+ if (is2FASet) {
+ throw new AccessCtrlException("Can't sent Auto 2FA AND Conditional 2FA!!");
+ }
+ this.auto2FA = auto2FA;
+ this.groupAuto2FA = "";
+ is2FASet = true; // 2fa is set. We can't set it again
+ }
+
+ // only use when DB is setting this property (doesn't have the safety features of the other
+ // methods)
+ // DB needs to be able to set auto2fa and groupAuto2FA properties independently
+ public void setAuto2FAInternal(Boolean auto2FA) {
+ this.auto2FA = auto2FA;
+ }
+
+ // also for DB use only--DB needs to be able to get the "naked" auto2fa state
+ public Boolean getAuto2FAInternal() {
+ return this.auto2FA;
+ }
+
+ public String getGroupAuto2FA() {
+ // if not null, empty, or only whitespace, return the string
+ if (StringUtils.isNotBlank(groupAuto2FA)) {
+ return groupAuto2FA;
+ }
+ // otherwise return a string that is definitely empty (avoids whitespace issues)
+ else {
+ return "";
+ }
+ }
+
+ public void setGroupAuto2FA(String groupAuto2FA) {
+ this.groupAuto2FA = groupAuto2FA;
+ }
+
+ public Boolean getConditional() {
+ return conditional;
+ }
+
+ public void setConditional(Boolean conditional) {
+ this.conditional = conditional;
+ }
+
+ public String getConditionalGroup() {
+ return conditionalGroup;
+ }
+
+ public void setConditionalGroup(String conditionalGroup) {
+ this.conditionalGroup = conditionalGroup;
+ }
+
+ public String getConditionalLink() {
+ return conditionalLink;
+ }
+
+ public void setConditionalLink(String conditionalLink) {
+ this.conditionalLink = conditionalLink;
+ }
+
+ // for setting conditional access using user input--DB uses plain "unsafe" methods above
+ public void setConditionalByUser(
+ Boolean conditional, String conditionalGroup, String conditionalLink)
+ throws AccessCtrlException {
+
+ if (conditional) {
+ if (StringUtils.isNotBlank(conditionalGroup)) {
this.conditionalGroup = conditionalGroup;
- }
-
- public String getConditionalLink() {
- return conditionalLink;
- }
-
- public void setConditionalLink(String conditionalLink) {
this.conditionalLink = conditionalLink;
- }
-
- //for setting conditional access using user input--DB uses plain "unsafe" methods above
- public void setConditionalByUser(Boolean conditional, String conditionalGroup, String conditionalLink) throws AccessCtrlException {
-
- if (conditional) {
- if (StringUtils.isNotBlank(conditionalGroup))
- {
- this.conditionalGroup = conditionalGroup;
- this.conditionalLink = conditionalLink;
- this.conditional = true;
- } else {
- throw new AccessCtrlException("tried to set conditional access but provided empty or whitespace" +
- "string for group name");
- }
- } else { this.conditional = false; }
- }
- public String getEntityId() {
- return entityId;
- }
-
- public void setEntityId(String entityId) {
- this.entityId = entityId;
- }
-
- public UUID getUuid() {
- return uuid;
- }
-
- public void setUuid(UUID uuid) {
- this.uuid = uuid;
- }
- public String getStartTime() {
- return startTime;
- }
-
- public void setStartTime(String startTime) {
- this.startTime = startTime;
- }
-
- public String getEndTime() {
- return endTime;
- }
-
- public void setEndTime(String endTime) {
- this.endTime = endTime;
- }
-
- public String getUpdatedBy() {
- return updatedBy;
- }
-
- public void setUpdatedBy(String updatedBy) {
- this.updatedBy = updatedBy;
- }
+ this.conditional = true;
+ } else {
+ throw new AccessCtrlException(
+ "tried to set conditional access but provided empty or whitespace"
+ + "string for group name");
+ }
+ } else {
+ this.conditional = false;
+ }
+ }
+
+ public String getEntityId() {
+ return entityId;
+ }
+
+ public void setEntityId(String entityId) {
+ this.entityId = entityId;
+ }
+
+ public UUID getUuid() {
+ return uuid;
+ }
+
+ public void setUuid(UUID uuid) {
+ this.uuid = uuid;
+ }
+
+ public String getStartTime() {
+ return startTime;
+ }
+
+ public void setStartTime(String startTime) {
+ this.startTime = startTime;
+ }
+
+ public String getEndTime() {
+ return endTime;
+ }
+
+ public void setEndTime(String endTime) {
+ this.endTime = endTime;
+ }
+
+ public String getUpdatedBy() {
+ return updatedBy;
+ }
+
+ public void setUpdatedBy(String updatedBy) {
+ this.updatedBy = updatedBy;
+ }
}
-
diff --git a/src/main/java/edu/washington/iam/registry/accessctrl/AccessCtrlManager.java b/src/main/java/edu/washington/iam/registry/accessctrl/AccessCtrlManager.java
index 67dbb62..229c7d8 100644
--- a/src/main/java/edu/washington/iam/registry/accessctrl/AccessCtrlManager.java
+++ b/src/main/java/edu/washington/iam/registry/accessctrl/AccessCtrlManager.java
@@ -18,16 +18,15 @@
package edu.washington.iam.registry.accessctrl;
import edu.washington.iam.registry.exception.AccessCtrlException;
-import edu.washington.iam.registry.exception.ProxyException;
-import edu.washington.iam.registry.proxy.Proxy;
-
import java.io.Serializable;
import java.util.List;
public interface AccessCtrlManager extends Serializable {
- public AccessCtrl getAccessCtrl(String entityId);
- public void updateAccessCtrl(AccessCtrl accessCtrl, String updatedBy) throws AccessCtrlException;
- public List getAccessCtrlHistory(String entityId) throws AccessCtrlException;
- public int removeAccessCtrl(String entityId, String updatedBy) throws AccessCtrlException;
+ public AccessCtrl getAccessCtrl(String entityId);
+
+ public void updateAccessCtrl(AccessCtrl accessCtrl, String updatedBy) throws AccessCtrlException;
+
+ public List getAccessCtrlHistory(String entityId) throws AccessCtrlException;
+ public int removeAccessCtrl(String entityId, String updatedBy) throws AccessCtrlException;
}
diff --git a/src/main/java/edu/washington/iam/registry/accessctrl/AccessCtrlManagerDB.java b/src/main/java/edu/washington/iam/registry/accessctrl/AccessCtrlManagerDB.java
index 554fd6b..ec8e69b 100644
--- a/src/main/java/edu/washington/iam/registry/accessctrl/AccessCtrlManagerDB.java
+++ b/src/main/java/edu/washington/iam/registry/accessctrl/AccessCtrlManagerDB.java
@@ -2,6 +2,12 @@
import edu.washington.iam.registry.exception.AccessCtrlException;
import edu.washington.iam.registry.rp.UuidManager;
+import edu.washington.iam.tools.IdpHelper;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.UUID;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -9,135 +15,137 @@
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.ResultSetExtractor;
-import java.sql.ResultSet;
-import java.sql.SQLException;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.UUID;
-
-import edu.washington.iam.tools.IdpHelper;
-
public class AccessCtrlManagerDB implements AccessCtrlManager {
- private final Logger log = LoggerFactory.getLogger(getClass());
- private JdbcTemplate template;
-
- public void setTemplate(JdbcTemplate template) {
- this.template = template;
+ private final Logger log = LoggerFactory.getLogger(getClass());
+ private JdbcTemplate template;
+
+ public void setTemplate(JdbcTemplate template) {
+ this.template = template;
+ }
+
+ private IdpHelper idpHelper = null;
+
+ public void setIdpHelper(IdpHelper v) {
+ idpHelper = v;
+ }
+
+ @Autowired private UuidManager uuidManager;
+
+ public List getAccessCtrlHistory(String entityId) throws AccessCtrlException {
+ List AccessCtrlHistory = null;
+ try {
+ AccessCtrlHistory =
+ template.query(
+ "select * from access_ctrl where end_time is not null and entity_id = ?",
+ new Object[] {entityId},
+ new AccessCtrlMapper());
+ return AccessCtrlHistory;
+ } catch (Exception e) {
+ String errorMsg = String.format("error getting access control history: %s", entityId);
+ log.debug(errorMsg);
+ throw new AccessCtrlException(errorMsg);
}
-
- private IdpHelper idpHelper = null;
- public void setIdpHelper(IdpHelper v) {
- idpHelper = v;
+ }
+
+ public AccessCtrl getAccessCtrl(String entityId) {
+ log.debug("looking for access control for " + entityId);
+ AccessCtrl accessCtrl = new AccessCtrl();
+
+ List accessCtrlList =
+ template.query(
+ "select * from access_control where entity_id = ? and end_time is null",
+ new Object[] {entityId},
+ new AccessCtrlMapper());
+ if (accessCtrlList.size() != 0) {
+ accessCtrl = accessCtrlList.get(0);
}
- @Autowired
- private UuidManager uuidManager;
-
-
- public List getAccessCtrlHistory(String entityId) throws AccessCtrlException {
- List AccessCtrlHistory = null;
- try {
- AccessCtrlHistory = template.query(
- "select * from access_ctrl where end_time is not null and entity_id = ?",
- new Object[] {entityId},
- new AccessCtrlMapper());
- return AccessCtrlHistory;
- }
- catch (Exception e){
- String errorMsg = String.format("error getting access control history: %s", entityId);
- log.debug(errorMsg);
- throw new AccessCtrlException(errorMsg);
- }
-
+ return accessCtrl;
+ }
+
+ public void updateAccessCtrl(AccessCtrl accessCtrl, String updatedBy) throws AccessCtrlException {
+ log.debug("looking to update access control for " + accessCtrl.getEntityId());
+
+ try {
+
+ accessCtrl.setUuid(uuidManager.getUuid(accessCtrl.getEntityId()));
+ log.info("attempting access control update for " + accessCtrl.getEntityId());
+ // recycle "delete" method to mark current record inactive
+ removeAccessCtrl(accessCtrl.getEntityId(), updatedBy);
+ log.info("Marked current access control record (if any) inactive--adding new one next");
+ // add new active record
+ log.info(
+ Integer.toString(
+ template.update(
+ "insert into access_control (uuid, entity_id, end_time, start_time, updated_by, auto_2fa,"
+ + "auto_2fa_group, conditional, conditional_group, conditional_link) values "
+ + "(? ,?, ?, now(), ?, ?, ?, ?, ?, ?)",
+ accessCtrl.getUuid(),
+ accessCtrl.getEntityId(),
+ null,
+ updatedBy,
+ accessCtrl.getAuto2FAInternal(),
+ accessCtrl.getGroupAuto2FA(),
+ accessCtrl.getConditional(),
+ accessCtrl.getConditionalGroup(),
+ accessCtrl.getConditionalLink())));
+ log.debug("updated existing access control for " + accessCtrl.getEntityId());
+
+ if (idpHelper != null) idpHelper.notifyIdps("accessctrl");
+ } catch (Exception e) {
+ log.info("update access control trouble: " + e.getMessage());
+ throw new AccessCtrlException("update access control trouble: " + e.getMessage());
}
-
- public AccessCtrl getAccessCtrl(String entityId) {
- log.debug("looking for access control for " + entityId);
- AccessCtrl accessCtrl = new AccessCtrl();
-
- List accessCtrlList = template.query("select * from access_control where entity_id = ? and end_time is null",
- new Object[] {entityId},
- new AccessCtrlMapper());
- if(accessCtrlList.size() != 0){
- accessCtrl = accessCtrlList.get(0);
- }
-
- return accessCtrl;
- }
-
- public void updateAccessCtrl(AccessCtrl accessCtrl, String updatedBy) throws AccessCtrlException {
- log.debug("looking to update access control for " + accessCtrl.getEntityId());
-
- try {
-
- accessCtrl.setUuid(uuidManager.getUuid(accessCtrl.getEntityId()));
- log.info("attempting access control update for " + accessCtrl.getEntityId());
- //recycle "delete" method to mark current record inactive
- removeAccessCtrl(accessCtrl.getEntityId(), updatedBy);
- log.info("Marked current access control record (if any) inactive--adding new one next");
- // add new active record
- log.info(Integer.toString(template.update(
- "insert into access_control (uuid, entity_id, end_time, start_time, updated_by, auto_2fa," +
- "auto_2fa_group, conditional, conditional_group, conditional_link) values " +
- "(? ,?, ?, now(), ?, ?, ?, ?, ?, ?)",
- accessCtrl.getUuid(), accessCtrl.getEntityId(), null, updatedBy, accessCtrl.getAuto2FAInternal(),
- accessCtrl.getGroupAuto2FA(), accessCtrl.getConditional(),
- accessCtrl.getConditionalGroup(), accessCtrl.getConditionalLink())));
- log.debug("updated existing access control for " + accessCtrl.getEntityId());
-
- if (idpHelper!=null) idpHelper.notifyIdps("accessctrl");
- } catch (Exception e) {
- log.info("update access control trouble: " + e.getMessage());
- throw new AccessCtrlException("update access control trouble: " + e.getMessage());
- }
-
-
-
-
+ }
+
+ public int removeAccessCtrl(String entityId, String updatedBy) throws AccessCtrlException {
+ log.debug("looking to delete access control for " + entityId);
+
+ List ids =
+ template.queryForList(
+ "select id from access_control where entity_id = ? and end_time is null",
+ Integer.class,
+ entityId);
+ if (ids.size() == 1 && ids.get(0) != null) {
+ template.update(
+ "update access_control set end_time = now(), updated_by = ? where id = ?",
+ updatedBy,
+ ids.get(0));
+ log.info("updated (delete) access control for %s", entityId);
+ if (idpHelper != null) idpHelper.notifyIdps("accessctrl");
+ return 200;
+ } else if (ids.size() == 0) {
+ // there is no record with end_time = null if access control has never been enabled
+ log.info(
+ String.format(
+ "No access control found for %s (usually not an error--wasn't set before)",
+ entityId));
+ // if there are no records with end_time = null then there are no active records to remove
+ // and everything is fine. mattjm 2018-10-23
+ return 200;
+ } else {
+ throw new AccessCtrlException(
+ "more than one active access control record found!! No update performed.");
+ // TODO what about a return code?
}
-
- public int removeAccessCtrl(String entityId, String updatedBy) throws AccessCtrlException {
- log.debug("looking to delete access control for " + entityId);
-
- List ids = template.queryForList(
- "select id from access_control where entity_id = ? and end_time is null",
- Integer.class, entityId);
- if (ids.size() == 1 && ids.get(0) != null) {
- template.update("update access_control set end_time = now(), updated_by = ? where id = ?", updatedBy, ids.get(0));
- log.info("updated (delete) access control for %s", entityId);
- if (idpHelper!=null) idpHelper.notifyIdps("accessctrl");
- return 200;
- }
- else if (ids.size() == 0) {
- //there is no record with end_time = null if access control has never been enabled
- log.info(String.format("No access control found for %s (usually not an error--wasn't set before)", entityId));
- //if there are no records with end_time = null then there are no active records to remove
- //and everything is fine. mattjm 2018-10-23
- return 200;
- }
- else{
- throw new AccessCtrlException("more than one active access control record found!! No update performed.");
- //TODO what about a return code?
- }
- }
-
-
- private static final class AccessCtrlMapper implements ResultSetExtractor> {
- @Override
- public List extractData(ResultSet rs) throws SQLException, DataAccessException{
- List accessCtrlList = new ArrayList<>();
- while (rs.next()) {
- AccessCtrl accessCtrlItem = new AccessCtrl();
- accessCtrlItem.setEntityId(rs.getString("entity_id"));
- accessCtrlItem.setUuid((UUID) rs.getObject("uuid"));
- accessCtrlItem.setAuto2FAInternal(rs.getBoolean("auto_2fa"));
- accessCtrlItem.setConditional(rs.getBoolean("conditional"));
- accessCtrlItem.setConditionalGroup(rs.getString("conditional_group"));
- accessCtrlItem.setConditionalLink(rs.getString("conditional_link"));
- accessCtrlItem.setGroupAuto2FA(rs.getString("auto_2fa_group"));
- accessCtrlList.add(accessCtrlItem);
- }
- return accessCtrlList;
- }
+ }
+
+ private static final class AccessCtrlMapper implements ResultSetExtractor> {
+ @Override
+ public List extractData(ResultSet rs) throws SQLException, DataAccessException {
+ List accessCtrlList = new ArrayList<>();
+ while (rs.next()) {
+ AccessCtrl accessCtrlItem = new AccessCtrl();
+ accessCtrlItem.setEntityId(rs.getString("entity_id"));
+ accessCtrlItem.setUuid((UUID) rs.getObject("uuid"));
+ accessCtrlItem.setAuto2FAInternal(rs.getBoolean("auto_2fa"));
+ accessCtrlItem.setConditional(rs.getBoolean("conditional"));
+ accessCtrlItem.setConditionalGroup(rs.getString("conditional_group"));
+ accessCtrlItem.setConditionalLink(rs.getString("conditional_link"));
+ accessCtrlItem.setGroupAuto2FA(rs.getString("auto_2fa_group"));
+ accessCtrlList.add(accessCtrlItem);
+ }
+ return accessCtrlList;
}
+ }
}
diff --git a/src/main/java/edu/washington/iam/registry/exception/AccessCtrlException.java b/src/main/java/edu/washington/iam/registry/exception/AccessCtrlException.java
index 906b7f5..2b470ed 100644
--- a/src/main/java/edu/washington/iam/registry/exception/AccessCtrlException.java
+++ b/src/main/java/edu/washington/iam/registry/exception/AccessCtrlException.java
@@ -21,13 +21,16 @@ public class AccessCtrlException extends Exception {
public AccessCtrlException() {
super();
}
+
public AccessCtrlException(String msg) {
super(msg);
}
+
public AccessCtrlException(String msg, Throwable cause) {
super(msg, cause);
}
+
public AccessCtrlException(Throwable cause) {
super(cause);
}
-}
\ No newline at end of file
+}
diff --git a/src/main/java/edu/washington/iam/registry/exception/AttributeException.java b/src/main/java/edu/washington/iam/registry/exception/AttributeException.java
index 492d38e..070bf5a 100644
--- a/src/main/java/edu/washington/iam/registry/exception/AttributeException.java
+++ b/src/main/java/edu/washington/iam/registry/exception/AttributeException.java
@@ -21,12 +21,15 @@ public class AttributeException extends Exception {
public AttributeException() {
super();
}
+
public AttributeException(String msg) {
super(msg);
}
+
public AttributeException(String msg, Throwable cause) {
super(msg, cause);
}
+
public AttributeException(Throwable cause) {
super(cause);
}
diff --git a/src/main/java/edu/washington/iam/registry/exception/AttributeNotFoundException.java b/src/main/java/edu/washington/iam/registry/exception/AttributeNotFoundException.java
index 2b673e0..790e2c4 100644
--- a/src/main/java/edu/washington/iam/registry/exception/AttributeNotFoundException.java
+++ b/src/main/java/edu/washington/iam/registry/exception/AttributeNotFoundException.java
@@ -21,12 +21,15 @@ public class AttributeNotFoundException extends Exception {
public AttributeNotFoundException() {
super();
}
+
public AttributeNotFoundException(String msg) {
super(msg);
}
+
public AttributeNotFoundException(String msg, Throwable cause) {
super(msg, cause);
}
+
public AttributeNotFoundException(Throwable cause) {
super(cause);
}
diff --git a/src/main/java/edu/washington/iam/registry/exception/FilterPolicyException.java b/src/main/java/edu/washington/iam/registry/exception/FilterPolicyException.java
index 908b68e..9cadd2d 100644
--- a/src/main/java/edu/washington/iam/registry/exception/FilterPolicyException.java
+++ b/src/main/java/edu/washington/iam/registry/exception/FilterPolicyException.java
@@ -21,12 +21,15 @@ public class FilterPolicyException extends Exception {
public FilterPolicyException() {
super();
}
+
public FilterPolicyException(String msg) {
super(msg);
}
+
public FilterPolicyException(String msg, Throwable cause) {
super(msg, cause);
}
+
public FilterPolicyException(Throwable cause) {
super(cause);
}
diff --git a/src/main/java/edu/washington/iam/registry/exception/NoPermissionException.java b/src/main/java/edu/washington/iam/registry/exception/NoPermissionException.java
index d72d784..1137c69 100644
--- a/src/main/java/edu/washington/iam/registry/exception/NoPermissionException.java
+++ b/src/main/java/edu/washington/iam/registry/exception/NoPermissionException.java
@@ -21,12 +21,15 @@ public class NoPermissionException extends Exception {
public NoPermissionException() {
super();
}
+
public NoPermissionException(String msg) {
super(msg);
}
+
public NoPermissionException(String msg, Throwable cause) {
super(msg, cause);
}
+
public NoPermissionException(Throwable cause) {
super(cause);
}
diff --git a/src/main/java/edu/washington/iam/registry/exception/ProxyException.java b/src/main/java/edu/washington/iam/registry/exception/ProxyException.java
index edd67e6..866bb51 100644
--- a/src/main/java/edu/washington/iam/registry/exception/ProxyException.java
+++ b/src/main/java/edu/washington/iam/registry/exception/ProxyException.java
@@ -21,13 +21,16 @@ public class ProxyException extends Exception {
public ProxyException() {
super();
}
+
public ProxyException(String msg) {
super(msg);
}
+
public ProxyException(String msg, Throwable cause) {
super(msg, cause);
}
+
public ProxyException(Throwable cause) {
super(cause);
}
-}
\ No newline at end of file
+}
diff --git a/src/main/java/edu/washington/iam/registry/exception/RelyingPartyException.java b/src/main/java/edu/washington/iam/registry/exception/RelyingPartyException.java
index 41ca66c..a7c139c 100644
--- a/src/main/java/edu/washington/iam/registry/exception/RelyingPartyException.java
+++ b/src/main/java/edu/washington/iam/registry/exception/RelyingPartyException.java
@@ -21,12 +21,15 @@ public class RelyingPartyException extends Exception {
public RelyingPartyException() {
super();
}
+
public RelyingPartyException(String msg) {
super(msg);
}
+
public RelyingPartyException(String msg, Throwable cause) {
super(msg, cause);
}
+
public RelyingPartyException(Throwable cause) {
super(cause);
}
diff --git a/src/main/java/edu/washington/iam/registry/filter/Attribute.java b/src/main/java/edu/washington/iam/registry/filter/Attribute.java
index 23addc6..db26ded 100644
--- a/src/main/java/edu/washington/iam/registry/filter/Attribute.java
+++ b/src/main/java/edu/washington/iam/registry/filter/Attribute.java
@@ -15,117 +15,111 @@
* ========================================================================
*/
-
package edu.washington.iam.registry.filter;
+import edu.washington.iam.registry.exception.AttributeException;
import java.io.Serializable;
-
-import java.util.List;
-import java.util.Vector;
-import java.util.Arrays;
-
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
-import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-import org.w3c.dom.Node;
-
-import edu.washington.iam.registry.exception.AttributeException;
-import edu.washington.iam.tools.XMLHelper;
-
-import edu.washington.iam.registry.exception.FilterPolicyException;
-
-public class Attribute implements Serializable {
-
- private final Logger log = LoggerFactory.getLogger(getClass());
-
- private String id;
- private String name;
- private String description;
- private boolean ferpa;
- private boolean hippa;
- private String authorizingGroup;
- private String type;
- // reqHidden = hidden on attribute request page
- private boolean reqHidden = false;
- private boolean editable = false;
- AttributeFilterPolicy attributeFilterPolicy;
- AttributeRule attributeRule;
-
- // create from document element
- public Attribute (Element ele) throws AttributeException {
-
- id = ele.getAttribute("id");
- if (id==null) throw new AttributeException("No id for attribute");
- name = ele.getAttribute("name");
- description = ele.getAttribute("description");
- type = ele.getAttribute("type");
- reqHidden = ele.getAttribute("reqHidden").equals("true");
-
- log.debug("create from doc: " + id);
-
- // get authorized users
- authorizingGroup = ele.getAttribute("authorizingGroup");
-
- }
-
- // create from another attribute
- public Attribute (Attribute src) {
-
- id = src.getId();
- name = src.getName();
- description = src.getDescription();
- type = src.getType();
- editable = src.isEditable();
- reqHidden = src.isReqHidden();
- }
-
-
- public void setId(String v) {
- id = v;
- }
- public String getId() {
- return (id);
- }
- public String getName() {
- return (name);
- }
- public String getDescription() {
- return description;
- }
- public String getType() {
- return type;
- }
- public String getAuthorizingGroup() {
- return authorizingGroup;
- }
- public AttributeFilterPolicy getAttributeFilterPolicy() {
- return attributeFilterPolicy;
- }
- public void setAttributeFilterPolicy(AttributeFilterPolicy v) {
- attributeFilterPolicy = v;
- }
- public AttributeRule getAttributeRule() {
- return attributeRule;
- }
- public void setAttributeRule(AttributeRule v) {
- attributeRule = v;
- }
-
- public void setEditable(boolean v) {
- editable = v;
- }
- public boolean isEditable() {
- return editable;
- }
- public void setReqHidden(boolean v) {
- reqHidden = v;
- }
- public boolean isReqHidden() {
- return reqHidden;
- }
+public class Attribute implements Serializable {
+
+ private final Logger log = LoggerFactory.getLogger(getClass());
+
+ private String id;
+ private String name;
+ private String description;
+ private boolean ferpa;
+ private boolean hippa;
+ private String authorizingGroup;
+ private String type;
+ // reqHidden = hidden on attribute request page
+ private boolean reqHidden = false;
+ private boolean editable = false;
+ AttributeFilterPolicy attributeFilterPolicy;
+ AttributeRule attributeRule;
+
+ // create from document element
+ public Attribute(Element ele) throws AttributeException {
+
+ id = ele.getAttribute("id");
+ if (id == null) throw new AttributeException("No id for attribute");
+ name = ele.getAttribute("name");
+ description = ele.getAttribute("description");
+ type = ele.getAttribute("type");
+ reqHidden = ele.getAttribute("reqHidden").equals("true");
+
+ log.debug("create from doc: " + id);
+
+ // get authorized users
+ authorizingGroup = ele.getAttribute("authorizingGroup");
+ }
+
+ // create from another attribute
+ public Attribute(Attribute src) {
+
+ id = src.getId();
+ name = src.getName();
+ description = src.getDescription();
+ type = src.getType();
+ editable = src.isEditable();
+ reqHidden = src.isReqHidden();
+ }
+
+ public void setId(String v) {
+ id = v;
+ }
+
+ public String getId() {
+ return (id);
+ }
+
+ public String getName() {
+ return (name);
+ }
+
+ public String getDescription() {
+ return description;
+ }
+
+ public String getType() {
+ return type;
+ }
+
+ public String getAuthorizingGroup() {
+ return authorizingGroup;
+ }
+
+ public AttributeFilterPolicy getAttributeFilterPolicy() {
+ return attributeFilterPolicy;
+ }
+
+ public void setAttributeFilterPolicy(AttributeFilterPolicy v) {
+ attributeFilterPolicy = v;
+ }
+
+ public AttributeRule getAttributeRule() {
+ return attributeRule;
+ }
+
+ public void setAttributeRule(AttributeRule v) {
+ attributeRule = v;
+ }
+
+ public void setEditable(boolean v) {
+ editable = v;
+ }
+
+ public boolean isEditable() {
+ return editable;
+ }
+
+ public void setReqHidden(boolean v) {
+ reqHidden = v;
+ }
+
+ public boolean isReqHidden() {
+ return reqHidden;
+ }
}
-
diff --git a/src/main/java/edu/washington/iam/registry/filter/AttributeDAO.java b/src/main/java/edu/washington/iam/registry/filter/AttributeDAO.java
index 2053ef2..8d02a3e 100644
--- a/src/main/java/edu/washington/iam/registry/filter/AttributeDAO.java
+++ b/src/main/java/edu/washington/iam/registry/filter/AttributeDAO.java
@@ -1,10 +1,10 @@
package edu.washington.iam.registry.filter;
import edu.washington.iam.registry.exception.AttributeNotFoundException;
-
import java.util.List;
public interface AttributeDAO {
- List getAttributes();
- Attribute getAttribute(String id) throws AttributeNotFoundException;
+ List getAttributes();
+
+ Attribute getAttribute(String id) throws AttributeNotFoundException;
}
diff --git a/src/main/java/edu/washington/iam/registry/filter/AttributeDAOXML.java b/src/main/java/edu/washington/iam/registry/filter/AttributeDAOXML.java
index 35ae457..5941693 100644
--- a/src/main/java/edu/washington/iam/registry/filter/AttributeDAOXML.java
+++ b/src/main/java/edu/washington/iam/registry/filter/AttributeDAOXML.java
@@ -2,137 +2,135 @@
import edu.washington.iam.registry.exception.AttributeException;
import edu.washington.iam.registry.exception.AttributeNotFoundException;
-import edu.washington.iam.registry.rp.RelyingParty;
import edu.washington.iam.tools.XMLHelper;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-
-import javax.annotation.PostConstruct;
-import javax.annotation.PreDestroy;
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
import java.io.File;
import java.util.List;
import java.util.Vector;
import java.util.concurrent.locks.ReentrantReadWriteLock;
+import javax.annotation.PostConstruct;
+import javax.annotation.PreDestroy;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
public class AttributeDAOXML implements AttributeDAO {
- private final Logger log = LoggerFactory.getLogger(getClass());
- private final ReentrantReadWriteLock locker = new ReentrantReadWriteLock();
-
- private List attributes;
- private String attributeUri;
- private String attributeSourceName;
- public void setAttributeUri(String v) {
- attributeUri = v;
- attributeSourceName = attributeUri.replaceFirst("file:","");
- }
+ private final Logger log = LoggerFactory.getLogger(getClass());
+ private final ReentrantReadWriteLock locker = new ReentrantReadWriteLock();
- private int attributeRefresh = 0; // seconds
- public void setAttributeRefresh(int i) {
- attributeRefresh = i;
- }
- Thread reloader = null;
- private long modifyTime = 0; // for the attrs
+ private List attributes;
+ private String attributeUri;
+ private String attributeSourceName;
- @Override
- public List getAttributes() {
- return attributes;
- }
+ public void setAttributeUri(String v) {
+ attributeUri = v;
+ attributeSourceName = attributeUri.replaceFirst("file:", "");
+ }
- // find an attribute
- @Override
- public Attribute getAttribute(String id) throws AttributeNotFoundException {
- for (int i=0; imodifyTime) {
- // reload the attributes
- log.debug("reload starting for " + attributeUri);
- locker.writeLock().lock();
- try {
- loadAttributes();
- } catch (Exception e) {
- log.error("reload errro: " + e);
- }
- locker.writeLock().unlock();
- log.debug("reload completed, time now " + modifyTime);
- }
- try {
- if (isInterrupted()) {
- log.info("interrupted during processing");
- break;
- }
- Thread.sleep(attributeRefresh * 1000);
- } catch (InterruptedException e) {
- log.info("sleep interrupted");
- break;
- }
- }
- }
+ @Override
+ public List getAttributes() {
+ return attributes;
+ }
+ // find an attribute
+ @Override
+ public Attribute getAttribute(String id) throws AttributeNotFoundException {
+ for (int i = 0; i < attributes.size(); i++) {
+ if (attributes.get(i).getId().equals(id)) return attributes.get(i);
+ }
+ throw new AttributeNotFoundException();
+ }
+
+ private void loadAttributes() {
+ attributes = new Vector();
+ DocumentBuilderFactory builderFactory = DocumentBuilderFactory.newInstance();
+ builderFactory.setNamespaceAware(false);
+ Document doc;
+
+ try {
+ DocumentBuilder builder = builderFactory.newDocumentBuilder();
+ doc = builder.parse(attributeUri);
+ } catch (Exception e) {
+ log.error("parse issue: " + e);
+ return;
+ }
+ // update the timestamp
+ File f = new File(attributeSourceName);
+ modifyTime = f.lastModified();
+ log.debug("attr load " + f.getName() + ": time = " + modifyTime);
+
+ List list = XMLHelper.getElementsByName(doc.getDocumentElement(), "Attribute");
+ log.info("found " + list.size());
+
+ for (int i = 0; i < list.size(); i++) {
+ Element fpe = list.get(i);
+ try {
+ attributes.add(new Attribute(fpe));
+ } catch (AttributeException e) {
+ log.error("load of element failed: " + e);
+ }
}
+ }
- @PostConstruct
- public void init() {
- loadAttributes();
+ // attribute reloader
+ class AttributeReloader extends Thread {
- // start attribute list refresher
- if (attributeRefresh>0) {
- reloader = new Thread(new AttributeReloader());
- reloader.start();
+ public void run() {
+ log.debug("attr reloader running: interval = " + attributeRefresh);
+
+ while (true) {
+ log.debug("reloader checking...");
+ File f = new File(attributeSourceName);
+ if (f.lastModified() > modifyTime) {
+ // reload the attributes
+ log.debug("reload starting for " + attributeUri);
+ locker.writeLock().lock();
+ try {
+ loadAttributes();
+ } catch (Exception e) {
+ log.error("reload errro: " + e);
+ }
+ locker.writeLock().unlock();
+ log.debug("reload completed, time now " + modifyTime);
}
+ try {
+ if (isInterrupted()) {
+ log.info("interrupted during processing");
+ break;
+ }
+ Thread.sleep(attributeRefresh * 1000);
+ } catch (InterruptedException e) {
+ log.info("sleep interrupted");
+ break;
+ }
+ }
}
+ }
- @PreDestroy
- public void cleanup() {
- if (reloader != null) reloader.interrupt();
+ @PostConstruct
+ public void init() {
+ loadAttributes();
+
+ // start attribute list refresher
+ if (attributeRefresh > 0) {
+ reloader = new Thread(new AttributeReloader());
+ reloader.start();
}
+ }
+
+ @PreDestroy
+ public void cleanup() {
+ if (reloader != null) reloader.interrupt();
+ }
}
diff --git a/src/main/java/edu/washington/iam/registry/filter/AttributeFilterPolicy.java b/src/main/java/edu/washington/iam/registry/filter/AttributeFilterPolicy.java
index 3cf139b..64d91e4 100644
--- a/src/main/java/edu/washington/iam/registry/filter/AttributeFilterPolicy.java
+++ b/src/main/java/edu/washington/iam/registry/filter/AttributeFilterPolicy.java
@@ -15,224 +15,226 @@
* ========================================================================
*/
-
package edu.washington.iam.registry.filter;
+import edu.washington.iam.registry.exception.FilterPolicyException;
+import edu.washington.iam.registry.rp.RelyingParty;
+import edu.washington.iam.tools.XMLHelper;
+import edu.washington.iam.tools.XMLSerializable;
import java.io.BufferedWriter;
import java.io.IOException;
-
import java.util.List;
-import java.util.Vector;
import java.util.UUID;
-
-import edu.washington.iam.tools.XMLSerializable;
+import java.util.Vector;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
import org.w3c.dom.Node;
-
-import edu.washington.iam.tools.XMLHelper;
-
-import edu.washington.iam.registry.exception.FilterPolicyException;
-import edu.washington.iam.registry.rp.RelyingParty;
+import org.w3c.dom.NodeList;
public class AttributeFilterPolicy implements XMLSerializable {
- private final Logger log = LoggerFactory.getLogger(getClass());
-
- private String entityId;
- private UUID uuid;
- private String start_time;
- private String end_time;
- private String updatedBy;
- private boolean regex;
- private boolean editable;
- private List attributeRules;
- private String policyGroupId;
- private String policyGroupDescription;
- private boolean category;
-
- // create from document element ( partly parsed )
- public AttributeFilterPolicy (String type, String name, Element ele, boolean edit, FilterPolicyGroup pg) throws FilterPolicyException {
-
- editable = edit;
- attributeRules = new Vector();
- entityId = name;
- policyGroupId = pg.getId();
- policyGroupDescription = pg.getDescription();
- category = false;
- if (type.equals("basic:AttributeRequesterString")) regex = false;
- else if (type.equals("basic:AttributeRequesterRegex")) regex = true;
- else if (type.equals("saml:AttributeRequesterEntityAttributeExactMatch")) category = true;
- else throw new FilterPolicyException("cant use type " + type);
-
- // log.debug("create filter policy for " + entityId + " regex?" + regex + " cat?" + category );
- addAttributeRules(ele, edit, policyGroupId);
- }
-
- // create from strings
- public AttributeFilterPolicy (FilterPolicyGroup pg, String rpid) {
- editable = false;
- attributeRules = new Vector();
- policyGroupId = pg.getId();
- policyGroupDescription = pg.getDescription();
- entityId = rpid;
- regex = false;
- }
-
- // add rules
- public void addAttributeRules(Element ele, boolean edit, String pgid) {
- NodeList nl1 = ele.getChildNodes();
- for (int i=0; i attributeRules;
+ private String policyGroupId;
+ private String policyGroupDescription;
+ private boolean category;
+
+ // create from document element ( partly parsed )
+ public AttributeFilterPolicy(
+ String type, String name, Element ele, boolean edit, FilterPolicyGroup pg)
+ throws FilterPolicyException {
+
+ editable = edit;
+ attributeRules = new Vector();
+ entityId = name;
+ policyGroupId = pg.getId();
+ policyGroupDescription = pg.getDescription();
+ category = false;
+ if (type.equals("basic:AttributeRequesterString")) regex = false;
+ else if (type.equals("basic:AttributeRequesterRegex")) regex = true;
+ else if (type.equals("saml:AttributeRequesterEntityAttributeExactMatch")) category = true;
+ else throw new FilterPolicyException("cant use type " + type);
+
+ // log.debug("create filter policy for " + entityId + " regex?" + regex + " cat?" + category );
+ addAttributeRules(ele, edit, policyGroupId);
+ }
+
+ // create from strings
+ public AttributeFilterPolicy(FilterPolicyGroup pg, String rpid) {
+ editable = false;
+ attributeRules = new Vector();
+ policyGroupId = pg.getId();
+ policyGroupDescription = pg.getDescription();
+ entityId = rpid;
+ regex = false;
+ }
+
+ // add rules
+ public void addAttributeRules(Element ele, boolean edit, String pgid) {
+ NodeList nl1 = ele.getChildNodes();
+ for (int i = 0; i < nl1.getLength(); i++) {
+ if (nl1.item(i).getNodeType() != Node.ELEMENT_NODE) continue;
+ Element e1 = (Element) nl1.item(i);
+ String name = e1.getNodeName();
+ // log.info("rp ele: " + name);
- // add an attribute to this policy
- public void addAttribute(String id, String type, String value) {
try {
- for (int i=0; i\n" +
- " \n");
- for (int i=0; i\n\n");
- }
-
- public void setEntityId(String v) {
- entityId = v;
- }
- public String getEntityId() {
- return (entityId);
- }
- public String getPolicyGroupId() {
- return (policyGroupId);
- }
- public String getPolicyGroupDescription() {
- return (policyGroupDescription);
- }
-
- public void setEditable(boolean v) {
- editable = v;
- }
- public boolean isEditable() {
- return (editable);
- }
-
- public void setAttributeRules(List v) {
- attributeRules = v;
- }
- public List getAttributeRules() {
- return (attributeRules);
- }
-
- public UUID getUuid() {
- return uuid;
- }
+ // replace rules
+ public void replaceAttributeRule(String id, Element rule) throws FilterPolicyException {
+ removeAttributeRule(id);
+ attributeRules.add(new AttributeRule(rule));
+ }
- public void setUuid(UUID uuid) {
- this.uuid = uuid;
- }
-
- public String getStart_time() {
- return start_time;
- }
-
- public void setStart_time(String start_time) {
- this.start_time = start_time;
- }
-
- public String getEnd_time() {
- return end_time;
- }
-
- public void setEnd_time(String end_time) {
- this.end_time = end_time;
- }
-
- public String getUpdatedBy() {
- return updatedBy;
+ // remove an attribute from this policy
+ public void removeAttributeRule(String id) {
+ for (int i = 0; i < attributeRules.size(); i++) {
+ if (attributeRules.get(i).getId().equals(id)) {
+ attributeRules.remove(i);
+ break;
+ }
}
+ }
- public void setUpdatedBy(String updatedBy) {
- this.updatedBy = updatedBy;
+ // add an attribute to this policy
+ public void addAttribute(String id, String type, String value) {
+ try {
+ for (int i = 0; i < attributeRules.size(); i++) {
+ if (attributeRules.get(i).equals(id)) {
+ attributeRules.get(i).addValue(type, value);
+ return;
+ }
+ }
+ attributeRules.add(new AttributeRule(id, type, value));
+ } catch (FilterPolicyException e) {
+ log.error("except: " + e);
+ }
+ }
+
+ // remove an attribute from this policy
+ public void removeAttribute(String id, String type, String value) {
+ for (int i = 0; i < attributeRules.size(); i++) {
+ if (attributeRules.get(i).equals(id)) {
+ attributeRules.get(i).removeValue(type, value);
+ return;
+ }
}
-
-
+ // throw exception
+ }
+
+ // see if this policy applies to the rp
+ public boolean matches(String rpid) {
+ // log.debug("string match: " + entityId + " = " + rpid );
+ if (regex) return rpid.matches(entityId);
+ return rpid.equals(entityId);
+ }
+
+ // see if this policy applies to the rp
+ public boolean matches(RelyingParty rp) {
+ // log.debug("policy match: " + entityId + " = " + rp.getEntityId());
+ if (category && rp.getEntityCategory() != null) return rp.getEntityCategory().equals(entityId);
+ return matches(rp.getEntityId());
+ }
+
+ // write xml doc
+ public void writeXml(BufferedWriter xout) throws IOException {
+
+ // skip if no rules
+ if (attributeRules.size() == 0) {
+ log.debug("no rules for " + entityId);
+ return;
+ }
+ String pid = entityId.replaceAll("[^a-zA-Z0-9]", "_");
+ xout.write(
+ " \n"
+ + " \n");
+ for (int i = 0; i < attributeRules.size(); i++) attributeRules.get(i).writeXml(xout);
+ xout.write(" \n\n");
+ }
+
+ public void setEntityId(String v) {
+ entityId = v;
+ }
+
+ public String getEntityId() {
+ return (entityId);
+ }
+
+ public String getPolicyGroupId() {
+ return (policyGroupId);
+ }
+
+ public String getPolicyGroupDescription() {
+ return (policyGroupDescription);
+ }
+
+ public void setEditable(boolean v) {
+ editable = v;
+ }
+
+ public boolean isEditable() {
+ return (editable);
+ }
+
+ public void setAttributeRules(List v) {
+ attributeRules = v;
+ }
+
+ public List getAttributeRules() {
+ return (attributeRules);
+ }
+
+ public UUID getUuid() {
+ return uuid;
+ }
+
+ public void setUuid(UUID uuid) {
+ this.uuid = uuid;
+ }
+
+ public String getStart_time() {
+ return start_time;
+ }
+
+ public void setStart_time(String start_time) {
+ this.start_time = start_time;
+ }
+
+ public String getEnd_time() {
+ return end_time;
+ }
+
+ public void setEnd_time(String end_time) {
+ this.end_time = end_time;
+ }
+
+ public String getUpdatedBy() {
+ return updatedBy;
+ }
+
+ public void setUpdatedBy(String updatedBy) {
+ this.updatedBy = updatedBy;
+ }
}
-
diff --git a/src/main/java/edu/washington/iam/registry/filter/AttributeRule.java b/src/main/java/edu/washington/iam/registry/filter/AttributeRule.java
index efa5076..2a7635a 100644
--- a/src/main/java/edu/washington/iam/registry/filter/AttributeRule.java
+++ b/src/main/java/edu/washington/iam/registry/filter/AttributeRule.java
@@ -15,123 +15,114 @@
* ========================================================================
*/
-
package edu.washington.iam.registry.filter;
-import java.io.Serializable;
+import edu.washington.iam.registry.exception.FilterPolicyException;
+import edu.washington.iam.tools.XMLHelper;
import java.io.BufferedWriter;
import java.io.IOException;
-
+import java.io.Serializable;
import java.util.List;
import java.util.Vector;
-import java.util.Arrays;
-
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
-
-import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
-import edu.washington.iam.tools.XMLHelper;
-
-import edu.washington.iam.registry.exception.FilterPolicyException;
-
-public class AttributeRule implements Serializable {
-
- private final Logger log = LoggerFactory.getLogger(getClass());
-
- private String id;
- private List valueRules;
-
- private boolean editable = false; // used by controller-velocity
-
- // create from document element
- public AttributeRule (Element ele) throws FilterPolicyException {
+public class AttributeRule implements Serializable {
- valueRules = new Vector();
- id = ele.getAttribute("attributeID");
- if (id==null) throw new FilterPolicyException("No attributeId attribute");
- // log.debug("create atr rule from doc: " + id);
+ private final Logger log = LoggerFactory.getLogger(getClass());
+ private String id;
+ private List valueRules;
- NodeList nl1 = ele.getChildNodes();
- for (int i=0; i 0) {
+ xout.write(" \n");
+ for (int i = 0; i < valueRules.size(); i++) valueRules.get(i).writeXml(xout);
+ xout.write(" \n");
}
+ }
- public boolean equals(String id) {
- if (this.id.equals(id)) return true;
- return false;
- }
+ public void setId(String v) {
+ id = v;
+ }
- // write
- public void writeXml(BufferedWriter xout) throws IOException {
- if (valueRules.size()>0) {
- xout.write(" \n");
- for (int i=0; i\n");
- }
- }
+ public String getId() {
+ return (id);
+ }
- public void setId(String v) {
- id = v;
- }
- public String getId() {
- return (id);
- }
+ public void setValueRules(List v) {
+ valueRules = v;
+ }
- public void setValueRules(List v) {
- valueRules = v;
- }
- public List getValueRules() {
- return (valueRules);
- }
+ public List getValueRules() {
+ return (valueRules);
+ }
- public void setEditable(boolean v) {
- editable = v;
- }
- public boolean isEditable() {
- return editable;
- }
+ public void setEditable(boolean v) {
+ editable = v;
+ }
+ public boolean isEditable() {
+ return editable;
+ }
}
-
diff --git a/src/main/java/edu/washington/iam/registry/filter/DBFilterPolicyDAO.java b/src/main/java/edu/washington/iam/registry/filter/DBFilterPolicyDAO.java
index 552566b..9bfb547 100644
--- a/src/main/java/edu/washington/iam/registry/filter/DBFilterPolicyDAO.java
+++ b/src/main/java/edu/washington/iam/registry/filter/DBFilterPolicyDAO.java
@@ -2,8 +2,14 @@
import edu.washington.iam.registry.exception.FilterPolicyException;
import edu.washington.iam.registry.rp.UuidManager;
-import edu.washington.iam.tools.XMLHelper;
import edu.washington.iam.tools.IdpHelper;
+import edu.washington.iam.tools.XMLHelper;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.sql.Timestamp;
+import java.util.*;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -14,396 +20,398 @@
import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import java.sql.ResultSet;
-import java.sql.SQLException;
-import java.sql.Timestamp;
-import java.util.*;
-
public class DBFilterPolicyDAO implements FilterPolicyDAO {
- private final Logger log = LoggerFactory.getLogger(getClass());
+ private final Logger log = LoggerFactory.getLogger(getClass());
- private IdpHelper idpHelper = null;
- public void setIdpHelper(IdpHelper v) {
- idpHelper = v;
- }
+ private IdpHelper idpHelper = null;
- @Autowired
- private UuidManager uuidManager;
-
- @Autowired
- private JdbcTemplate template;
-
- private List filterPolicyGroups;
- private FilterPolicyGetter filterPolicyGetter = new FilterPolicyGetter();
-
- //private Map> attributeFilterListMap = new HashMap<>();
-
- @Override
- public List getFilterPolicyGroups() {
- if(filterPolicyGroups == null){
- filterPolicyGroups = template.query("select * from filter_group where status = 1",
- new RowMapper() {
- @Override
- public FilterPolicyGroup mapRow(ResultSet resultSet, int i) throws SQLException {
- FilterPolicyGroup filterPolicyGroup = new FilterPolicyGroup();
- filterPolicyGroup.setId(resultSet.getString("id"));
- filterPolicyGroup.setEditable(resultSet.getInt("edit_mode") == 1);
- filterPolicyGroup.setDescription(filterPolicyGroup.getId());
- return filterPolicyGroup;
- }
- });
- }
- return filterPolicyGroups;
- }
-
- @Override
- public FilterPolicyGroup getFilterPolicyGroup(String id) {
- for(FilterPolicyGroup filterPolicyGroup : this.getFilterPolicyGroups()){
- if(filterPolicyGroup.getId().equals(id))
- return filterPolicyGroup;
- }
- return null;
- }
+ public void setIdpHelper(IdpHelper v) {
+ idpHelper = v;
+ }
- private class AttributeFilterPolicyEntries {
- private List attributeFilterPolicies;
-
- public Timestamp getLastFetchTime() {
- return lastFetchTime;
- }
-
- public void setLastFetchTime(Timestamp lastFetchTime) {
- this.lastFetchTime = lastFetchTime;
- }
+ @Autowired private UuidManager uuidManager;
- public List getAttributeFilterPolicies() {
- return attributeFilterPolicies;
- }
+ @Autowired private JdbcTemplate template;
- public void setAttributeFilterPolicies(List attributeFilterPolicies) {
- this.attributeFilterPolicies = attributeFilterPolicies;
- }
+ private List filterPolicyGroups;
+ private FilterPolicyGetter filterPolicyGetter = new FilterPolicyGetter();
- private Timestamp lastFetchTime;
- }
+ // private Map> attributeFilterListMap = new HashMap<>();
- private class FilterPolicyGetter {
- //private final Logger log = LoggerFactory.getLogger(getClass());
-
- private Map attributeFiltersMap = new HashMap<>();
-
- public List getFilterPolicies(final FilterPolicyGroup filterPolicyGroup)
- {
- if(attributeFiltersMap.containsKey(filterPolicyGroup.getId())){
- log.debug("checking filter table for updates to " + filterPolicyGroup.getId());
- Timestamp lastUpdateTime = null;
- //the most recent start_time will almost always be the most recent update time
- //but if someone has "deleted" an SP then the most recent end_time will be the most recent update time
- //so we get both and see which is more recent and use that
- Timestamp lastUpdateTimeStart =
- template.queryForObject("select max(start_time) from filter where group_id = ? and end_time is null",
- new Object[]{filterPolicyGroup.getId()},
- Timestamp.class);
- Timestamp lastUpdateTimeEnd =
- template.queryForObject("select max(end_time) from filter where group_id = ? and end_time is not null",
- new Object[]{filterPolicyGroup.getId()},
- Timestamp.class);
- if ( lastUpdateTimeEnd == null || lastUpdateTimeStart.after(lastUpdateTimeEnd)){
- lastUpdateTime = lastUpdateTimeStart;
- } else { lastUpdateTime = lastUpdateTimeEnd; }
- log.debug("last update = " + lastUpdateTime.toString());
- Timestamp ft = attributeFiltersMap.get(filterPolicyGroup.getId()).getLastFetchTime();
- if(ft==null || lastUpdateTime.after(ft)){
- log.info("attribute filter policy has been updated, rebuilding for " + filterPolicyGroup.getId());
- attributeFiltersMap.remove(filterPolicyGroup.getId());
- }
- else {
- return attributeFiltersMap.get(filterPolicyGroup.getId()).getAttributeFilterPolicies();
+ @Override
+ public List getFilterPolicyGroups() {
+ if (filterPolicyGroups == null) {
+ filterPolicyGroups =
+ template.query(
+ "select * from filter_group where status = 1",
+ new RowMapper() {
+ @Override
+ public FilterPolicyGroup mapRow(ResultSet resultSet, int i) throws SQLException {
+ FilterPolicyGroup filterPolicyGroup = new FilterPolicyGroup();
+ filterPolicyGroup.setId(resultSet.getString("id"));
+ filterPolicyGroup.setEditable(resultSet.getInt("edit_mode") == 1);
+ filterPolicyGroup.setDescription(filterPolicyGroup.getId());
+ return filterPolicyGroup;
}
- }
- Timestamp fetchTime = new Timestamp(new Date().getTime());
- DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
- List tmpAttributeFilterPolicies =
- template.query("select * from filter where group_id = ? and end_time is null",
- new Object[] {filterPolicyGroup.getId()},
- new RowMapper() {
- DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
-
- @Override
- public AttributeFilterPolicy mapRow(ResultSet resultSet, int i) throws SQLException {
- Document document;
- String entityId = resultSet.getString("entity_id");
- String groupId = resultSet.getString("group_id");
- try {
- DocumentBuilder builder = dbf.newDocumentBuilder();
- document = builder.parse(resultSet.getAsciiStream("xml"));
-
- }
- catch(Exception e){
- return null;
- }
-
- AttributeFilterPolicy attributeFilterPolicy =
- attributeFilterPolicyFromElement(
- document.getDocumentElement(),
- filterPolicyGroup);
-
- if(attributeFilterPolicy == null){
- log.info(String.format("unparseable attribute filter for entity: %s in group: %s",
- entityId, groupId));
- }
-
- return attributeFilterPolicy;
- }
- });
-
- // TODO: figure if this next block should come out. Only if we're confident there could never be nulls
- List attributeFilterPolicies = new ArrayList<>();
- for(AttributeFilterPolicy attributeFilterPolicy : tmpAttributeFilterPolicies){
- if(attributeFilterPolicy != null)
- attributeFilterPolicies.add(attributeFilterPolicy);
- }
-
- log.info("got the following attributeFilterPolicies: " + attributeFilterPolicies.size());
- AttributeFilterPolicyEntries newEntry = new AttributeFilterPolicyEntries();
- newEntry.setLastFetchTime(fetchTime);
- newEntry.setAttributeFilterPolicies(attributeFilterPolicies);
- attributeFiltersMap.put(filterPolicyGroup.getId(), newEntry);
- return attributeFilterPolicies;
- }
+ });
}
+ return filterPolicyGroups;
+ }
- @Override
- public List getFilterPolicies(FilterPolicyGroup filterPolicyGroup) {
- return filterPolicyGetter.getFilterPolicies(filterPolicyGroup);
+ @Override
+ public FilterPolicyGroup getFilterPolicyGroup(String id) {
+ for (FilterPolicyGroup filterPolicyGroup : this.getFilterPolicyGroups()) {
+ if (filterPolicyGroup.getId().equals(id)) return filterPolicyGroup;
}
+ return null;
+ }
- @Override
- public AttributeFilterPolicy getFilterPolicy(FilterPolicyGroup filterPolicyGroup, String rpid) {
- for(AttributeFilterPolicy attributeFilterPolicy : getFilterPolicies(filterPolicyGroup)){
- if(attributeFilterPolicy.matches(rpid))
- return attributeFilterPolicy;
- }
- return null;
- }
-
- /**mattjm 2018-10-26
- * I still have no idea why this takes a LIST of filter policies as an argument
- */
- @Override
- public void updateFilterPolicies(FilterPolicyGroup filterPolicyGroup,
- List attributeFilterPolicies, String updatedBy)
- throws FilterPolicyException {
- Map afpMap = new HashMap<>();
- for(AttributeFilterPolicy attributeFilterPolicy : attributeFilterPolicies){
- //map of new entityids and filter policies as received via arguments
- afpMap.put(attributeFilterPolicy.getEntityId(), attributeFilterPolicy);
- }
+ private class AttributeFilterPolicyEntries {
+ private List attributeFilterPolicies;
- NamedParameterJdbcTemplate npTemplate = new NamedParameterJdbcTemplate(template);
- //get existing group/entityid pairs by group and entityid
- List entityIdsToUpdate = npTemplate.queryForList(
- "select entity_id from filter where end_time is null and group_id = :groupId and entity_id in (:ids)"
- ,new MapSqlParameterSource()
- .addValue("groupId", filterPolicyGroup.getId())
- .addValue("ids", afpMap.keySet())
- , String.class
- );
- //this is a list of ONLY entity IDs from the hashmap above--all this came in from the client via
- // XML PUT(e.g. NEW STUFF)
- List entityIdsToAdd = new ArrayList<>(afpMap.keySet());
- //this removes the entityids already in the database from the "to add" list above
- entityIdsToAdd.removeAll(entityIdsToUpdate);
-
- //add a new entry if no active records in the DB already--all this does is keep us from having to make an extra,
- //unnecessary "removerelyingparty" (i.e. mark an attribute entry deleted) call to the DB
- for(String addEntityId : entityIdsToAdd){
- createFilterPolicy(filterPolicyGroup, afpMap.get(addEntityId), updatedBy);
- }
- //update the entry if there are active DB records already
- for(String updateEntityId : entityIdsToUpdate){
- updateFilterPolicy(filterPolicyGroup, afpMap.get(updateEntityId), updatedBy);
- }
+ public Timestamp getLastFetchTime() {
+ return lastFetchTime;
+ }
+ public void setLastFetchTime(Timestamp lastFetchTime) {
+ this.lastFetchTime = lastFetchTime;
}
- public void updateFilterPolicy(FilterPolicyGroup filterPolicyGroup,
- AttributeFilterPolicy attributeFilterPolicy, String updatedBy) throws FilterPolicyException {
-
- attributeFilterPolicy.setUuid(uuidManager.getUuid(attributeFilterPolicy.getEntityId()));
- log.info(String.format("updating %s for %s", attributeFilterPolicy.getEntityId(), filterPolicyGroup.getId()));
- //recycle delete method
- removeRelyingParty(filterPolicyGroup, attributeFilterPolicy.getEntityId(), updatedBy);
- log.info(String.format("marked old fp deleted %s for %s, attempting to add new one", attributeFilterPolicy.getEntityId(), filterPolicyGroup.getId()));
- try {
- String xml = XMLHelper.serializeXmlToString(attributeFilterPolicy);
- template.update("insert into filter (uuid, entity_id, start_time, end_time, updated_by, xml, group_id, status) "
- + "values (?, ?, now(), null, ?, ?, ?, 1)",
- attributeFilterPolicy.getUuid(),
- attributeFilterPolicy.getEntityId(),
- updatedBy,
- xml,
- filterPolicyGroup.getId());
- if (idpHelper!=null) idpHelper.notifyIdps("filter");
- } catch (Exception e) {
- log.info("fp update trouble: " + e.getMessage());
- throw(new FilterPolicyException(e));
- }
+ public List getAttributeFilterPolicies() {
+ return attributeFilterPolicies;
}
- public void createFilterPolicy(FilterPolicyGroup filterPolicyGroup,
- AttributeFilterPolicy attributeFilterPolicy, String updatedBy) throws FilterPolicyException {
-
- attributeFilterPolicy.setUuid(uuidManager.getUuid(attributeFilterPolicy.getEntityId()));
- log.info(String.format("creating %s for %s", attributeFilterPolicy.getEntityId(), filterPolicyGroup.getId()));
- try {
- String xml = XMLHelper.serializeXmlToString(attributeFilterPolicy);
- template.update("insert into filter (uuid, entity_id, start_time, end_time, updated_by, xml, group_id, status) "
- + "values (?, ?, now(), null, ?, ?, ?, 1)",
- attributeFilterPolicy.getUuid(),
- attributeFilterPolicy.getEntityId(),
- updatedBy,
- xml,
- filterPolicyGroup.getId());
- if (idpHelper!=null) idpHelper.notifyIdps("filter");
- } catch (Exception e) {
- log.info("create trouble: " + e.getMessage());
- throw(new FilterPolicyException(e));
- }
+ public void setAttributeFilterPolicies(List attributeFilterPolicies) {
+ this.attributeFilterPolicies = attributeFilterPolicies;
}
- @Override
- public int removeRelyingParty(FilterPolicyGroup filterPolicyGroup, String entityId, String updatedBy)
- throws FilterPolicyException {
- log.info("marking old fp record deleted for " + entityId + " in " + filterPolicyGroup.getId());
- List rpIds = template.queryForList(
- "select id from filter where entity_id = ? and group_id = ? and end_time is null",
- Integer.class,
- entityId,
- filterPolicyGroup.getId()
- );
- if (rpIds.size() == 1 && rpIds.get(0) != null) {
- template.update("update filter set end_time = now(), updated_by = ?, status = ? where id= ?",
- updatedBy,
- 0,
- rpIds.get(0));
+ private Timestamp lastFetchTime;
+ }
+
+ private class FilterPolicyGetter {
+ // private final Logger log = LoggerFactory.getLogger(getClass());
+
+ private Map attributeFiltersMap = new HashMap<>();
+
+ public List getFilterPolicies(
+ final FilterPolicyGroup filterPolicyGroup) {
+ if (attributeFiltersMap.containsKey(filterPolicyGroup.getId())) {
+ log.debug("checking filter table for updates to " + filterPolicyGroup.getId());
+ Timestamp lastUpdateTime = null;
+ // the most recent start_time will almost always be the most recent update time
+ // but if someone has "deleted" an SP then the most recent end_time will be the most recent
+ // update time
+ // so we get both and see which is more recent and use that
+ Timestamp lastUpdateTimeStart =
+ template.queryForObject(
+ "select max(start_time) from filter where group_id = ? and end_time is null",
+ new Object[] {filterPolicyGroup.getId()},
+ Timestamp.class);
+ Timestamp lastUpdateTimeEnd =
+ template.queryForObject(
+ "select max(end_time) from filter where group_id = ? and end_time is not null",
+ new Object[] {filterPolicyGroup.getId()},
+ Timestamp.class);
+ if (lastUpdateTimeEnd == null || lastUpdateTimeStart.after(lastUpdateTimeEnd)) {
+ lastUpdateTime = lastUpdateTimeStart;
+ } else {
+ lastUpdateTime = lastUpdateTimeEnd;
}
- else if (rpIds.size() == 0)
- {
- log.info(String.format("No filter policy found for %s ", entityId));
+ log.debug("last update = " + lastUpdateTime.toString());
+ Timestamp ft = attributeFiltersMap.get(filterPolicyGroup.getId()).getLastFetchTime();
+ if (ft == null || lastUpdateTime.after(ft)) {
+ log.info(
+ "attribute filter policy has been updated, rebuilding for "
+ + filterPolicyGroup.getId());
+ attributeFiltersMap.remove(filterPolicyGroup.getId());
+ } else {
+ return attributeFiltersMap.get(filterPolicyGroup.getId()).getAttributeFilterPolicies();
}
- else
- {
- throw new FilterPolicyException("more than one active filter policy record found!! No update performed.");
- }
- if (idpHelper!=null) idpHelper.notifyIdps("filter");
- // TODO: DB error handling
- // one way to clear the cache
- //attributeFilterListMap.remove(filterPolicyGroup.getId());
- return 200;
- }
-
- public AttributeFilterPolicy attributeFilterPolicyFromElement(Element topElement,
- FilterPolicyGroup filterPolicyGroup) {
- AttributeFilterPolicy attributeFilterPolicy = null;
- // scan requirement rules
- for (Element childElement : XMLHelper.getChildElements(topElement)) {
- String name = childElement.getNodeName();
-
- if (XMLHelper.matches(name, "PolicyRequirementRule")) {
- String type = childElement.getAttribute("xsi:type");
- if (type.equals("basic:AttributeRequesterString") || type.equals("basic:AttributeRequesterRegex"))
- attributeFilterPolicy = addOrUpdatePolicy(
- attributeFilterPolicy,
- childElement,
- topElement,
- filterPolicyGroup);
- else if (type.equals("saml:AttributeRequesterEntityAttributeExactMatch"))
- attributeFilterPolicy = addOrUpdateSamlPolicy(
- attributeFilterPolicy,
- childElement,
- topElement,
- filterPolicyGroup);
- else if (type.equals("basic:OR")) {
- // scan rules
- for (Element orElement : XMLHelper.getChildElements(childElement)) {
- name = orElement.getNodeName();
-
- if (XMLHelper.matches(name,"Rule")) {
- attributeFilterPolicy = addOrUpdatePolicy(
- attributeFilterPolicy,
- orElement,
- topElement,
- filterPolicyGroup);
- }
- }
+ }
+ Timestamp fetchTime = new Timestamp(new Date().getTime());
+ DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+ List tmpAttributeFilterPolicies =
+ template.query(
+ "select * from filter where group_id = ? and end_time is null",
+ new Object[] {filterPolicyGroup.getId()},
+ new RowMapper() {
+ DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+
+ @Override
+ public AttributeFilterPolicy mapRow(ResultSet resultSet, int i)
+ throws SQLException {
+ Document document;
+ String entityId = resultSet.getString("entity_id");
+ String groupId = resultSet.getString("group_id");
+ try {
+ DocumentBuilder builder = dbf.newDocumentBuilder();
+ document = builder.parse(resultSet.getAsciiStream("xml"));
+
+ } catch (Exception e) {
+ return null;
+ }
+
+ AttributeFilterPolicy attributeFilterPolicy =
+ attributeFilterPolicyFromElement(
+ document.getDocumentElement(), filterPolicyGroup);
+
+ if (attributeFilterPolicy == null) {
+ log.info(
+ String.format(
+ "unparseable attribute filter for entity: %s in group: %s",
+ entityId, groupId));
+ }
+
+ return attributeFilterPolicy;
}
- }
- }
- return attributeFilterPolicy;
+ });
+
+ // TODO: figure if this next block should come out. Only if we're confident there could never
+ // be nulls
+ List attributeFilterPolicies = new ArrayList<>();
+ for (AttributeFilterPolicy attributeFilterPolicy : tmpAttributeFilterPolicies) {
+ if (attributeFilterPolicy != null) attributeFilterPolicies.add(attributeFilterPolicy);
+ }
+
+ log.info("got the following attributeFilterPolicies: " + attributeFilterPolicies.size());
+ AttributeFilterPolicyEntries newEntry = new AttributeFilterPolicyEntries();
+ newEntry.setLastFetchTime(fetchTime);
+ newEntry.setAttributeFilterPolicies(attributeFilterPolicies);
+ attributeFiltersMap.put(filterPolicyGroup.getId(), newEntry);
+ return attributeFilterPolicies;
}
+ }
- private AttributeFilterPolicy addOrUpdatePolicy(AttributeFilterPolicy existingAttributeFilterPolicy,
- Element childElement,
- Element topElement,
- FilterPolicyGroup filterPolicyGroup
- ) {
-
- AttributeFilterPolicy attributeFilterPolicy = null;
- String type = childElement.getAttribute("xsi:type");
- String value = childElement.getAttribute("value");
- if (value.length()==0) value = childElement.getAttribute("regex");
- try {
- if(existingAttributeFilterPolicy != null){
- attributeFilterPolicy = existingAttributeFilterPolicy;
- attributeFilterPolicy.addAttributeRules(topElement, filterPolicyGroup.isEditable(), filterPolicyGroup.getId() );
- }
- else
- attributeFilterPolicy = new AttributeFilterPolicy(
- type,
- value,
- topElement,
- filterPolicyGroup.isEditable(),
- filterPolicyGroup);
- } catch (FilterPolicyException ex) {
- log.error("load of attribute failed: " + ex);
+ @Override
+ public List getFilterPolicies(FilterPolicyGroup filterPolicyGroup) {
+ return filterPolicyGetter.getFilterPolicies(filterPolicyGroup);
+ }
- }
- return attributeFilterPolicy;
+ @Override
+ public AttributeFilterPolicy getFilterPolicy(FilterPolicyGroup filterPolicyGroup, String rpid) {
+ for (AttributeFilterPolicy attributeFilterPolicy : getFilterPolicies(filterPolicyGroup)) {
+ if (attributeFilterPolicy.matches(rpid)) return attributeFilterPolicy;
+ }
+ return null;
+ }
+
+ /**mattjm 2018-10-26
+ * I still have no idea why this takes a LIST of filter policies as an argument
+ */
+ @Override
+ public void updateFilterPolicies(
+ FilterPolicyGroup filterPolicyGroup,
+ List attributeFilterPolicies,
+ String updatedBy)
+ throws FilterPolicyException {
+ Map afpMap = new HashMap<>();
+ for (AttributeFilterPolicy attributeFilterPolicy : attributeFilterPolicies) {
+ // map of new entityids and filter policies as received via arguments
+ afpMap.put(attributeFilterPolicy.getEntityId(), attributeFilterPolicy);
}
- private AttributeFilterPolicy addOrUpdateSamlPolicy(AttributeFilterPolicy existingAttributeFilterPolicy,
- Element childElement,
- Element topElement,
- FilterPolicyGroup filterPolicyGroup) {
- AttributeFilterPolicy attributeFilterPolicy = null;
+ NamedParameterJdbcTemplate npTemplate = new NamedParameterJdbcTemplate(template);
+ // get existing group/entityid pairs by group and entityid
+ List entityIdsToUpdate =
+ npTemplate.queryForList(
+ "select entity_id from filter where end_time is null and group_id = :groupId and entity_id in (:ids)",
+ new MapSqlParameterSource()
+ .addValue("groupId", filterPolicyGroup.getId())
+ .addValue("ids", afpMap.keySet()),
+ String.class);
+ // this is a list of ONLY entity IDs from the hashmap above--all this came in from the client
+ // via
+ // XML PUT(e.g. NEW STUFF)
+ List entityIdsToAdd = new ArrayList<>(afpMap.keySet());
+ // this removes the entityids already in the database from the "to add" list above
+ entityIdsToAdd.removeAll(entityIdsToUpdate);
+
+ // add a new entry if no active records in the DB already--all this does is keep us from having
+ // to make an extra,
+ // unnecessary "removerelyingparty" (i.e. mark an attribute entry deleted) call to the DB
+ for (String addEntityId : entityIdsToAdd) {
+ createFilterPolicy(filterPolicyGroup, afpMap.get(addEntityId), updatedBy);
+ }
+ // update the entry if there are active DB records already
+ for (String updateEntityId : entityIdsToUpdate) {
+ updateFilterPolicy(filterPolicyGroup, afpMap.get(updateEntityId), updatedBy);
+ }
+ }
+
+ public void updateFilterPolicy(
+ FilterPolicyGroup filterPolicyGroup,
+ AttributeFilterPolicy attributeFilterPolicy,
+ String updatedBy)
+ throws FilterPolicyException {
+
+ attributeFilterPolicy.setUuid(uuidManager.getUuid(attributeFilterPolicy.getEntityId()));
+ log.info(
+ String.format(
+ "updating %s for %s", attributeFilterPolicy.getEntityId(), filterPolicyGroup.getId()));
+ // recycle delete method
+ removeRelyingParty(filterPolicyGroup, attributeFilterPolicy.getEntityId(), updatedBy);
+ log.info(
+ String.format(
+ "marked old fp deleted %s for %s, attempting to add new one",
+ attributeFilterPolicy.getEntityId(), filterPolicyGroup.getId()));
+ try {
+ String xml = XMLHelper.serializeXmlToString(attributeFilterPolicy);
+ template.update(
+ "insert into filter (uuid, entity_id, start_time, end_time, updated_by, xml, group_id, status) "
+ + "values (?, ?, now(), null, ?, ?, ?, 1)",
+ attributeFilterPolicy.getUuid(),
+ attributeFilterPolicy.getEntityId(),
+ updatedBy,
+ xml,
+ filterPolicyGroup.getId());
+ if (idpHelper != null) idpHelper.notifyIdps("filter");
+ } catch (Exception e) {
+ log.info("fp update trouble: " + e.getMessage());
+ throw (new FilterPolicyException(e));
+ }
+ }
+
+ public void createFilterPolicy(
+ FilterPolicyGroup filterPolicyGroup,
+ AttributeFilterPolicy attributeFilterPolicy,
+ String updatedBy)
+ throws FilterPolicyException {
+
+ attributeFilterPolicy.setUuid(uuidManager.getUuid(attributeFilterPolicy.getEntityId()));
+ log.info(
+ String.format(
+ "creating %s for %s", attributeFilterPolicy.getEntityId(), filterPolicyGroup.getId()));
+ try {
+ String xml = XMLHelper.serializeXmlToString(attributeFilterPolicy);
+ template.update(
+ "insert into filter (uuid, entity_id, start_time, end_time, updated_by, xml, group_id, status) "
+ + "values (?, ?, now(), null, ?, ?, ?, 1)",
+ attributeFilterPolicy.getUuid(),
+ attributeFilterPolicy.getEntityId(),
+ updatedBy,
+ xml,
+ filterPolicyGroup.getId());
+ if (idpHelper != null) idpHelper.notifyIdps("filter");
+ } catch (Exception e) {
+ log.info("create trouble: " + e.getMessage());
+ throw (new FilterPolicyException(e));
+ }
+ }
+
+ @Override
+ public int removeRelyingParty(
+ FilterPolicyGroup filterPolicyGroup, String entityId, String updatedBy)
+ throws FilterPolicyException {
+ log.info("marking old fp record deleted for " + entityId + " in " + filterPolicyGroup.getId());
+ List rpIds =
+ template.queryForList(
+ "select id from filter where entity_id = ? and group_id = ? and end_time is null",
+ Integer.class,
+ entityId,
+ filterPolicyGroup.getId());
+ if (rpIds.size() == 1 && rpIds.get(0) != null) {
+ template.update(
+ "update filter set end_time = now(), updated_by = ?, status = ? where id= ?",
+ updatedBy,
+ 0,
+ rpIds.get(0));
+ } else if (rpIds.size() == 0) {
+ log.info(String.format("No filter policy found for %s ", entityId));
+ } else {
+ throw new FilterPolicyException(
+ "more than one active filter policy record found!! No update performed.");
+ }
+ if (idpHelper != null) idpHelper.notifyIdps("filter");
+ // TODO: DB error handling
+ // one way to clear the cache
+ // attributeFilterListMap.remove(filterPolicyGroup.getId());
+ return 200;
+ }
+
+ public AttributeFilterPolicy attributeFilterPolicyFromElement(
+ Element topElement, FilterPolicyGroup filterPolicyGroup) {
+ AttributeFilterPolicy attributeFilterPolicy = null;
+ // scan requirement rules
+ for (Element childElement : XMLHelper.getChildElements(topElement)) {
+ String name = childElement.getNodeName();
+
+ if (XMLHelper.matches(name, "PolicyRequirementRule")) {
String type = childElement.getAttribute("xsi:type");
- String name = childElement.getAttribute("attributeName");
- if (!name.equals("http://macedir.org/entity-category")) {
- log.error("saml policy not category");
- return existingAttributeFilterPolicy;
- }
- String value = childElement.getAttribute("attributeValue");
- try {
- if (existingAttributeFilterPolicy != null){
- attributeFilterPolicy = existingAttributeFilterPolicy;
- attributeFilterPolicy.addAttributeRules(topElement,
- filterPolicyGroup.isEditable(),
- filterPolicyGroup.getId());
+ if (type.equals("basic:AttributeRequesterString")
+ || type.equals("basic:AttributeRequesterRegex"))
+ attributeFilterPolicy =
+ addOrUpdatePolicy(attributeFilterPolicy, childElement, topElement, filterPolicyGroup);
+ else if (type.equals("saml:AttributeRequesterEntityAttributeExactMatch"))
+ attributeFilterPolicy =
+ addOrUpdateSamlPolicy(
+ attributeFilterPolicy, childElement, topElement, filterPolicyGroup);
+ else if (type.equals("basic:OR")) {
+ // scan rules
+ for (Element orElement : XMLHelper.getChildElements(childElement)) {
+ name = orElement.getNodeName();
+
+ if (XMLHelper.matches(name, "Rule")) {
+ attributeFilterPolicy =
+ addOrUpdatePolicy(
+ attributeFilterPolicy, orElement, topElement, filterPolicyGroup);
}
- else attributeFilterPolicy = new AttributeFilterPolicy(
- type,
- value,
- topElement,
- filterPolicyGroup.isEditable(),
- filterPolicyGroup);
- } catch (FilterPolicyException ex) {
- log.error("load of attribute failed: " + ex);
+ }
}
- return attributeFilterPolicy;
+ }
}
-
-
+ return attributeFilterPolicy;
+ }
+
+ private AttributeFilterPolicy addOrUpdatePolicy(
+ AttributeFilterPolicy existingAttributeFilterPolicy,
+ Element childElement,
+ Element topElement,
+ FilterPolicyGroup filterPolicyGroup) {
+
+ AttributeFilterPolicy attributeFilterPolicy = null;
+ String type = childElement.getAttribute("xsi:type");
+ String value = childElement.getAttribute("value");
+ if (value.length() == 0) value = childElement.getAttribute("regex");
+ try {
+ if (existingAttributeFilterPolicy != null) {
+ attributeFilterPolicy = existingAttributeFilterPolicy;
+ attributeFilterPolicy.addAttributeRules(
+ topElement, filterPolicyGroup.isEditable(), filterPolicyGroup.getId());
+ } else
+ attributeFilterPolicy =
+ new AttributeFilterPolicy(
+ type, value, topElement, filterPolicyGroup.isEditable(), filterPolicyGroup);
+ } catch (FilterPolicyException ex) {
+ log.error("load of attribute failed: " + ex);
+ }
+ return attributeFilterPolicy;
+ }
+
+ private AttributeFilterPolicy addOrUpdateSamlPolicy(
+ AttributeFilterPolicy existingAttributeFilterPolicy,
+ Element childElement,
+ Element topElement,
+ FilterPolicyGroup filterPolicyGroup) {
+ AttributeFilterPolicy attributeFilterPolicy = null;
+ String type = childElement.getAttribute("xsi:type");
+ String name = childElement.getAttribute("attributeName");
+ if (!name.equals("http://macedir.org/entity-category")) {
+ log.error("saml policy not category");
+ return existingAttributeFilterPolicy;
+ }
+ String value = childElement.getAttribute("attributeValue");
+ try {
+ if (existingAttributeFilterPolicy != null) {
+ attributeFilterPolicy = existingAttributeFilterPolicy;
+ attributeFilterPolicy.addAttributeRules(
+ topElement, filterPolicyGroup.isEditable(), filterPolicyGroup.getId());
+ } else
+ attributeFilterPolicy =
+ new AttributeFilterPolicy(
+ type, value, topElement, filterPolicyGroup.isEditable(), filterPolicyGroup);
+ } catch (FilterPolicyException ex) {
+ log.error("load of attribute failed: " + ex);
+ }
+ return attributeFilterPolicy;
+ }
}
diff --git a/src/main/java/edu/washington/iam/registry/filter/FilterPolicyDAO.java b/src/main/java/edu/washington/iam/registry/filter/FilterPolicyDAO.java
index ce52be2..f138e95 100644
--- a/src/main/java/edu/washington/iam/registry/filter/FilterPolicyDAO.java
+++ b/src/main/java/edu/washington/iam/registry/filter/FilterPolicyDAO.java
@@ -1,25 +1,26 @@
package edu.washington.iam.registry.filter;
-import edu.washington.iam.registry.exception.AttributeNotFoundException;
import edu.washington.iam.registry.exception.FilterPolicyException;
-import edu.washington.iam.registry.exception.NoPermissionException;
-
import java.util.List;
public interface FilterPolicyDAO {
- List getFilterPolicyGroups();
- FilterPolicyGroup getFilterPolicyGroup(String id);
-
- List getFilterPolicies(FilterPolicyGroup filterPolicyGroup);
- // returns filter policy for a given rp or null if none exist
- AttributeFilterPolicy getFilterPolicy(FilterPolicyGroup filterPolicyGroup,
- String rpid);
- // add new or update existing filterPolicies
- void updateFilterPolicies(FilterPolicyGroup filterPolicyGroup,
- List attributeFilterPolicies, String updatedBy)
- throws FilterPolicyException;
- int removeRelyingParty(FilterPolicyGroup filterPolicyGroup,
- String entityId, String updatedBy)
- throws FilterPolicyException;
+ List getFilterPolicyGroups();
+
+ FilterPolicyGroup getFilterPolicyGroup(String id);
+
+ List getFilterPolicies(FilterPolicyGroup filterPolicyGroup);
+
+ // returns filter policy for a given rp or null if none exist
+ AttributeFilterPolicy getFilterPolicy(FilterPolicyGroup filterPolicyGroup, String rpid);
+
+ // add new or update existing filterPolicies
+ void updateFilterPolicies(
+ FilterPolicyGroup filterPolicyGroup,
+ List attributeFilterPolicies,
+ String updatedBy)
+ throws FilterPolicyException;
+
+ int removeRelyingParty(FilterPolicyGroup filterPolicyGroup, String entityId, String updatedBy)
+ throws FilterPolicyException;
}
diff --git a/src/main/java/edu/washington/iam/registry/filter/FilterPolicyGroup.java b/src/main/java/edu/washington/iam/registry/filter/FilterPolicyGroup.java
index 541c4c6..f011a5e 100644
--- a/src/main/java/edu/washington/iam/registry/filter/FilterPolicyGroup.java
+++ b/src/main/java/edu/washington/iam/registry/filter/FilterPolicyGroup.java
@@ -1,33 +1,33 @@
package edu.washington.iam.registry.filter;
public class FilterPolicyGroup {
- public String getId() {
- return id;
- }
+ public String getId() {
+ return id;
+ }
- public void setId(String id) {
- this.id = id;
- }
+ public void setId(String id) {
+ this.id = id;
+ }
- private String id;
+ private String id;
- public String getDescription() {
- return description;
- }
+ public String getDescription() {
+ return description;
+ }
- public void setDescription(String description) {
- this.description = description;
- }
+ public void setDescription(String description) {
+ this.description = description;
+ }
- private String description;
+ private String description;
- public boolean isEditable() {
- return editable;
- }
+ public boolean isEditable() {
+ return editable;
+ }
- public void setEditable(boolean editable) {
- this.editable = editable;
- }
+ public void setEditable(boolean editable) {
+ this.editable = editable;
+ }
- private boolean editable;
+ private boolean editable;
}
diff --git a/src/main/java/edu/washington/iam/registry/filter/FilterPolicyManager.java b/src/main/java/edu/washington/iam/registry/filter/FilterPolicyManager.java
index 8de588f..76f77d1 100644
--- a/src/main/java/edu/washington/iam/registry/filter/FilterPolicyManager.java
+++ b/src/main/java/edu/washington/iam/registry/filter/FilterPolicyManager.java
@@ -17,36 +17,32 @@
package edu.washington.iam.registry.filter;
+import edu.washington.iam.registry.exception.FilterPolicyException;
+import edu.washington.iam.registry.rp.RelyingParty;
import java.io.Serializable;
import java.util.List;
-
import org.w3c.dom.Document;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+public interface FilterPolicyManager extends Serializable {
+
+ public List getAttributes();
+ public List getAttributes(RelyingParty rp);
-import edu.washington.iam.registry.rp.RelyingParty;
-import edu.washington.iam.registry.exception.FilterPolicyException;
-import edu.washington.iam.registry.exception.AttributeNotFoundException;
-import edu.washington.iam.registry.exception.NoPermissionException;
+ public List getFilterPolicies(RelyingParty rp);
-public interface FilterPolicyManager extends Serializable {
+ public AttributeFilterPolicy getFilterPolicy(FilterPolicyGroup filterPolicyGroup, String rpid);
- public List getAttributes();
- public List getAttributes(RelyingParty rp);
- public List getFilterPolicies(RelyingParty rp);
- public AttributeFilterPolicy getFilterPolicy(FilterPolicyGroup filterPolicyGroup, String rpid);
+ public int removeRelyingParty(String entityId, String pgid, String updatedBy)
+ throws FilterPolicyException;
- public int removeRelyingParty(String entityId, String pgid, String updatedBy)
- throws FilterPolicyException;
+ public int removeEditableRelyingParty(String entityId, String updatedBy)
+ throws FilterPolicyException;
- public int removeEditableRelyingParty(String entityId, String updatedBy)
- throws FilterPolicyException;
+ public List getFilterPolicyGroups();
- public List getFilterPolicyGroups();
- public void updateRelyingParty(String pgid, Document doc, String updatedBy)
- throws FilterPolicyException;
- public FilterPolicyGroup getPolicyGroup(String pgid);
+ public void updateRelyingParty(String pgid, Document doc, String updatedBy)
+ throws FilterPolicyException;
+ public FilterPolicyGroup getPolicyGroup(String pgid);
}
diff --git a/src/main/java/edu/washington/iam/registry/filter/FilterPolicyManagerImpl.java b/src/main/java/edu/washington/iam/registry/filter/FilterPolicyManagerImpl.java
index 00958ad..052a4d6 100644
--- a/src/main/java/edu/washington/iam/registry/filter/FilterPolicyManagerImpl.java
+++ b/src/main/java/edu/washington/iam/registry/filter/FilterPolicyManagerImpl.java
@@ -17,175 +17,168 @@
package edu.washington.iam.registry.filter;
-
+import edu.washington.iam.registry.exception.AttributeNotFoundException;
+import edu.washington.iam.registry.exception.FilterPolicyException;
+import edu.washington.iam.registry.rp.RelyingParty;
+import edu.washington.iam.tools.XMLHelper;
import java.util.*;
-
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import edu.washington.iam.registry.rp.RelyingParty;
-import edu.washington.iam.tools.XMLHelper;
-import edu.washington.iam.registry.exception.FilterPolicyException;
-import edu.washington.iam.registry.exception.AttributeNotFoundException;
-
public class FilterPolicyManagerImpl implements FilterPolicyManager {
- private final Logger log = LoggerFactory.getLogger(getClass());
+ private final Logger log = LoggerFactory.getLogger(getClass());
- @Autowired
- private FilterPolicyDAO filterPolicyDAO;
+ @Autowired private FilterPolicyDAO filterPolicyDAO;
- @Autowired
- private AttributeDAO attributeDAO;
-
- @Override
- public AttributeFilterPolicy getFilterPolicy(FilterPolicyGroup filterPolicyGroup, String rpid){
- log.debug(String.format("getting filter policy: pgid: %s; rpid: %s",
- filterPolicyGroup != null ? filterPolicyGroup.getId() : "null",
- rpid));
- return filterPolicyDAO.getFilterPolicy(filterPolicyGroup, rpid);
- }
+ @Autowired private AttributeDAO attributeDAO;
- @Override
- public List getFilterPolicies(RelyingParty rp) {
- log.debug("looking for fps for " + rp.getEntityId());
- List list = new Vector();
-
- for(FilterPolicyGroup filterPolicyGroup : filterPolicyDAO.getFilterPolicyGroups()){
- List attributeFilterPolicies = filterPolicyDAO.getFilterPolicies(filterPolicyGroup);
- for(AttributeFilterPolicy attributeFilterPolicy : attributeFilterPolicies){
- if(attributeFilterPolicy.matches(rp)){
- list.add(attributeFilterPolicy);
- }
- }
- }
-
- log.info("fp search found "+list.size());
- return list;
- }
+ @Override
+ public AttributeFilterPolicy getFilterPolicy(FilterPolicyGroup filterPolicyGroup, String rpid) {
+ log.debug(
+ String.format(
+ "getting filter policy: pgid: %s; rpid: %s",
+ filterPolicyGroup != null ? filterPolicyGroup.getId() : "null", rpid));
+ return filterPolicyDAO.getFilterPolicy(filterPolicyGroup, rpid);
+ }
- @Override
- public List getAttributes(){
- return attributeDAO.getAttributes();
- }
+ @Override
+ public List getFilterPolicies(RelyingParty rp) {
+ log.debug("looking for fps for " + rp.getEntityId());
+ List list = new Vector();
- @Override
- public List getAttributes(RelyingParty rp) {
- List ret = new Vector();
- log.debug("getting editable attributes for " + rp.getEntityId());
- List fps = this.getFilterPolicies(rp);
- int matches = 0;
- for (Attribute attribute : attributeDAO.getAttributes()) {
- Attribute attr = new Attribute(attribute);
- for (AttributeFilterPolicy afp : fps) {
- for (AttributeRule attributeRule : afp.getAttributeRules()) {
- if (attributeRule.getId().equals(attr.getId())) {
- //attributefilterpolicy is set so we can see attribute source with mouseover text
- //on attribute page.
- attr.setAttributeFilterPolicy(afp);
- attr.setAttributeRule(attributeRule);
- matches++;
- }
- }
- }
- ret.add(attr);
+ for (FilterPolicyGroup filterPolicyGroup : filterPolicyDAO.getFilterPolicyGroups()) {
+ List attributeFilterPolicies =
+ filterPolicyDAO.getFilterPolicies(filterPolicyGroup);
+ for (AttributeFilterPolicy attributeFilterPolicy : attributeFilterPolicies) {
+ if (attributeFilterPolicy.matches(rp)) {
+ list.add(attributeFilterPolicy);
}
- log.debug("from " + attributeDAO.getAttributes().size() + ", found " + matches + " matches");
- return ret;
+ }
}
- /*
- * Update policies from an API PUT.
- * simplified document
- */
- @Override
- public void updateRelyingParty(String pgid, Document doc, String updatedBy)
- throws FilterPolicyException {
- // we have received an XML document (doc) containing the new requested new attribute state
- // "pgid" is the request policygroup as passed from spreg UI, "doc" contains the actual entityid
- // within the XML payload
- log.info("rp update attr doc for " + pgid);
-
- FilterPolicyGroup policyGroup = filterPolicyDAO.getFilterPolicyGroup(pgid);
- if (policyGroup==null) throw new FilterPolicyException("policy group not found");
- if (!policyGroup.isEditable()) throw new FilterPolicyException("policy group not editable");
-
- // process each policy ( will be only one requirement rule )
- List attributeFilterPolicies = new ArrayList<>();
- for(Element policy : XMLHelper.getElementsByName(doc.getDocumentElement(), "AttributeFilterPolicy")){
- Element reqRule = XMLHelper.getElementByName(policy, "PolicyRequirementRule");
- if (reqRule==null) throw new FilterPolicyException("invalid post");
-
- // type assumed
- String rpid = reqRule.getAttribute("value");
- log.debug("attr update, pol=" + pgid + ", rp=" + rpid);
- AttributeFilterPolicy afp = filterPolicyDAO.getFilterPolicy(policyGroup, rpid);
- if (afp==null) {
- afp = new AttributeFilterPolicy(policyGroup, rpid);
- }
-
- for (Element attributeRule : XMLHelper.getElementsByName(policy, "AttributeRule")) {
- String attributeId = attributeRule.getAttribute("attributeID");
- String act = attributeRule.getAttribute("action");
- Attribute attribute;
- try {
- attribute = attributeDAO.getAttribute(attributeId);
- } catch (AttributeNotFoundException e){
- throw new FilterPolicyException(String.format("attribute not found: %s", attributeId), e);
- }
-
- log.debug(".." + act + " " + attributeId);
-
- if (act.equals("replace")) afp.replaceAttributeRule(attributeId, attributeRule);
- else if (act.equals("remove")) afp.removeAttributeRule(attributeId);
- else throw new FilterPolicyException("unknown action");
- }
- //create list of filter policies (based on XML doc) to send to updatefilterpolicy method
- attributeFilterPolicies.add(afp);
+ log.info("fp search found " + list.size());
+ return list;
+ }
+
+ @Override
+ public List getAttributes() {
+ return attributeDAO.getAttributes();
+ }
+
+ @Override
+ public List getAttributes(RelyingParty rp) {
+ List ret = new Vector();
+ log.debug("getting editable attributes for " + rp.getEntityId());
+ List fps = this.getFilterPolicies(rp);
+ int matches = 0;
+ for (Attribute attribute : attributeDAO.getAttributes()) {
+ Attribute attr = new Attribute(attribute);
+ for (AttributeFilterPolicy afp : fps) {
+ for (AttributeRule attributeRule : afp.getAttributeRules()) {
+ if (attributeRule.getId().equals(attr.getId())) {
+ // attributefilterpolicy is set so we can see attribute source with mouseover text
+ // on attribute page.
+ attr.setAttributeFilterPolicy(afp);
+ attr.setAttributeRule(attributeRule);
+ matches++;
+ }
}
-
- filterPolicyDAO.updateFilterPolicies(policyGroup, attributeFilterPolicies, updatedBy);
- // save the new doc
- //policyGroup.writePolicyGroup();
+ }
+ ret.add(attr);
}
-
- @Override
- public int removeEditableRelyingParty(String entityId, String updatedBy)
- throws FilterPolicyException {
- int status = 200;
- for (FilterPolicyGroup filterPolicyGroup : this.getFilterPolicyGroups()){
- if(filterPolicyGroup.isEditable()){
- log.info(String.format("Removing %s from policy group %s", entityId, filterPolicyGroup.getId()));
- status = filterPolicyDAO.removeRelyingParty(filterPolicyGroup, entityId, updatedBy);
- }
+ log.debug("from " + attributeDAO.getAttributes().size() + ", found " + matches + " matches");
+ return ret;
+ }
+
+ /*
+ * Update policies from an API PUT.
+ * simplified document
+ */
+ @Override
+ public void updateRelyingParty(String pgid, Document doc, String updatedBy)
+ throws FilterPolicyException {
+ // we have received an XML document (doc) containing the new requested new attribute state
+ // "pgid" is the request policygroup as passed from spreg UI, "doc" contains the actual entityid
+ // within the XML payload
+ log.info("rp update attr doc for " + pgid);
+
+ FilterPolicyGroup policyGroup = filterPolicyDAO.getFilterPolicyGroup(pgid);
+ if (policyGroup == null) throw new FilterPolicyException("policy group not found");
+ if (!policyGroup.isEditable()) throw new FilterPolicyException("policy group not editable");
+
+ // process each policy ( will be only one requirement rule )
+ List attributeFilterPolicies = new ArrayList<>();
+ for (Element policy :
+ XMLHelper.getElementsByName(doc.getDocumentElement(), "AttributeFilterPolicy")) {
+ Element reqRule = XMLHelper.getElementByName(policy, "PolicyRequirementRule");
+ if (reqRule == null) throw new FilterPolicyException("invalid post");
+
+ // type assumed
+ String rpid = reqRule.getAttribute("value");
+ log.debug("attr update, pol=" + pgid + ", rp=" + rpid);
+ AttributeFilterPolicy afp = filterPolicyDAO.getFilterPolicy(policyGroup, rpid);
+ if (afp == null) {
+ afp = new AttributeFilterPolicy(policyGroup, rpid);
+ }
+
+ for (Element attributeRule : XMLHelper.getElementsByName(policy, "AttributeRule")) {
+ String attributeId = attributeRule.getAttribute("attributeID");
+ String act = attributeRule.getAttribute("action");
+ Attribute attribute;
+ try {
+ attribute = attributeDAO.getAttribute(attributeId);
+ } catch (AttributeNotFoundException e) {
+ throw new FilterPolicyException(String.format("attribute not found: %s", attributeId), e);
}
- return status;
- }
- @Override
- public int removeRelyingParty(String entityId, String pgid, String updatedBy)
- throws FilterPolicyException {
+ log.debug(".." + act + " " + attributeId);
- return filterPolicyDAO.removeRelyingParty(
- filterPolicyDAO.getFilterPolicyGroup(pgid),
- entityId,
- updatedBy
- );
+ if (act.equals("replace")) afp.replaceAttributeRule(attributeId, attributeRule);
+ else if (act.equals("remove")) afp.removeAttributeRule(attributeId);
+ else throw new FilterPolicyException("unknown action");
+ }
+ // create list of filter policies (based on XML doc) to send to updatefilterpolicy method
+ attributeFilterPolicies.add(afp);
}
- @Override
- public FilterPolicyGroup getPolicyGroup(String pgid) {
- return filterPolicyDAO.getFilterPolicyGroup(pgid);
+ filterPolicyDAO.updateFilterPolicies(policyGroup, attributeFilterPolicies, updatedBy);
+ // save the new doc
+ // policyGroup.writePolicyGroup();
+ }
+
+ @Override
+ public int removeEditableRelyingParty(String entityId, String updatedBy)
+ throws FilterPolicyException {
+ int status = 200;
+ for (FilterPolicyGroup filterPolicyGroup : this.getFilterPolicyGroups()) {
+ if (filterPolicyGroup.isEditable()) {
+ log.info(
+ String.format("Removing %s from policy group %s", entityId, filterPolicyGroup.getId()));
+ status = filterPolicyDAO.removeRelyingParty(filterPolicyGroup, entityId, updatedBy);
+ }
}
-
- @Override
- public List getFilterPolicyGroups()
- {
- return filterPolicyDAO.getFilterPolicyGroups();
- }
-
+ return status;
+ }
+
+ @Override
+ public int removeRelyingParty(String entityId, String pgid, String updatedBy)
+ throws FilterPolicyException {
+
+ return filterPolicyDAO.removeRelyingParty(
+ filterPolicyDAO.getFilterPolicyGroup(pgid), entityId, updatedBy);
+ }
+
+ @Override
+ public FilterPolicyGroup getPolicyGroup(String pgid) {
+ return filterPolicyDAO.getFilterPolicyGroup(pgid);
+ }
+
+ @Override
+ public List getFilterPolicyGroups() {
+ return filterPolicyDAO.getFilterPolicyGroups();
+ }
}
diff --git a/src/main/java/edu/washington/iam/registry/filter/Rule.java b/src/main/java/edu/washington/iam/registry/filter/Rule.java
index 693771a..53b6b36 100644
--- a/src/main/java/edu/washington/iam/registry/filter/Rule.java
+++ b/src/main/java/edu/washington/iam/registry/filter/Rule.java
@@ -15,88 +15,82 @@
* ========================================================================
*/
-
package edu.washington.iam.registry.filter;
-import java.io.Serializable;
+import edu.washington.iam.registry.exception.FilterPolicyException;
+import edu.washington.iam.tools.XMLHelper;
import java.io.BufferedWriter;
import java.io.IOException;
-
-import java.util.List;
-import java.util.Vector;
-import java.util.Arrays;
-
+import java.io.Serializable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
-
-
-import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-import org.w3c.dom.Node;
-
-import edu.washington.iam.tools.XMLHelper;
-
-import edu.washington.iam.registry.exception.FilterPolicyException;
-public class Rule implements Serializable {
+public class Rule implements Serializable {
- private final Logger log = LoggerFactory.getLogger(getClass());
+ private final Logger log = LoggerFactory.getLogger(getClass());
- private String id;
- private String type;
- private String value;
+ private String id;
+ private String type;
+ private String value;
- // create from document element
- public Rule (Element ele) throws FilterPolicyException {
+ // create from document element
+ public Rule(Element ele) throws FilterPolicyException {
- type = ele.getAttribute("xsi:type");
- if (type==null) throw new FilterPolicyException("No type attribute");
- // log.debug("create from doc: " + type);
+ type = ele.getAttribute("xsi:type");
+ if (type == null) throw new FilterPolicyException("No type attribute");
+ // log.debug("create from doc: " + type);
- if (type.equals("basic:AttributeValueString")) {
- value = ele.getAttribute("value");
- } else if (type.equals("basic:AttributeValueRegex")) {
- value = ele.getAttribute("regex");
- } else {
- throw new FilterPolicyException("unknown rule requirement rules not editable");
- }
- }
-
- // create from strings
- public Rule (String t, String v) throws FilterPolicyException {
- type = t;
- if (type==null) throw new FilterPolicyException("No type attribute");
- value = v;
- }
-
- public void writeXml(BufferedWriter xout) throws IOException {
- String valueStr = "value";
- if (type.equals("basic:AttributeValueRegex")) valueStr = "regex";
- xout.write(" \n");
- }
-
- public void setType(String v) {
- type = v;
- }
- public String getType() {
- return (type);
- }
-
- public void setValue(String v) {
- value = v;
- }
- public String getValue() {
- return (value);
- }
-
- public boolean isString() {
- return type.equals("basic:AttributeValueString");
- }
- public boolean isRegex() {
- return type.equals("basic:AttributeValueRegex");
+ if (type.equals("basic:AttributeValueString")) {
+ value = ele.getAttribute("value");
+ } else if (type.equals("basic:AttributeValueRegex")) {
+ value = ele.getAttribute("regex");
+ } else {
+ throw new FilterPolicyException("unknown rule requirement rules not editable");
}
+ }
+
+ // create from strings
+ public Rule(String t, String v) throws FilterPolicyException {
+ type = t;
+ if (type == null) throw new FilterPolicyException("No type attribute");
+ value = v;
+ }
+
+ public void writeXml(BufferedWriter xout) throws IOException {
+ String valueStr = "value";
+ if (type.equals("basic:AttributeValueRegex")) valueStr = "regex";
+ xout.write(
+ " \n");
+ }
+
+ public void setType(String v) {
+ type = v;
+ }
+
+ public String getType() {
+ return (type);
+ }
+
+ public void setValue(String v) {
+ value = v;
+ }
+
+ public String getValue() {
+ return (value);
+ }
+
+ public boolean isString() {
+ return type.equals("basic:AttributeValueString");
+ }
+
+ public boolean isRegex() {
+ return type.equals("basic:AttributeValueRegex");
+ }
}
-
diff --git a/src/main/java/edu/washington/iam/registry/filter/ValueRule.java b/src/main/java/edu/washington/iam/registry/filter/ValueRule.java
index 69ff41c..b19affc 100644
--- a/src/main/java/edu/washington/iam/registry/filter/ValueRule.java
+++ b/src/main/java/edu/washington/iam/registry/filter/ValueRule.java
@@ -15,136 +15,132 @@
* ========================================================================
*/
-
package edu.washington.iam.registry.filter;
-import java.io.Serializable;
+import edu.washington.iam.registry.exception.FilterPolicyException;
+import edu.washington.iam.tools.XMLHelper;
import java.io.BufferedWriter;
import java.io.IOException;
-
+import java.io.Serializable;
import java.util.List;
import java.util.Vector;
-import java.util.Arrays;
-
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
-
-
-import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
-import edu.washington.iam.tools.XMLHelper;
-
-import edu.washington.iam.registry.exception.FilterPolicyException;
-
-public class ValueRule implements Serializable {
-
- private final Logger log = LoggerFactory.getLogger(getClass());
-
- private String id;
- private String type;
- private String value;
- private List rules;
- private boolean permit;
-
- // create from document element
- public ValueRule (Element ele, boolean pf) throws FilterPolicyException {
-
- rules = new Vector();
- type = ele.getAttribute("xsi:type");
- if (type==null) throw new FilterPolicyException("No type attribute");
- // log.debug("create from doc: " + type);
-
- permit = pf;
-
- // add value as first rule
- if (type.equals("basic:AttributeValueString")) {
- value = ele.getAttribute("value");
- if (value.length()>0) {
- log.debug("adding value as rule: " + value);
- rules.add(new Rule(type, value));
- }
- } else if (type.equals("basic:AttributeValueRegex")) {
- value = ele.getAttribute("regex");
- if (value.length()>0) {
- log.debug("adding value as rule: " + value);
- rules.add(new Rule(type, value));
- }
- }
-
- NodeList nl1 = ele.getChildNodes();
- for (int i=0; i rules;
+ private boolean permit;
+
+ // create from document element
+ public ValueRule(Element ele, boolean pf) throws FilterPolicyException {
+
+ rules = new Vector();
+ type = ele.getAttribute("xsi:type");
+ if (type == null) throw new FilterPolicyException("No type attribute");
+ // log.debug("create from doc: " + type);
+
+ permit = pf;
+
+ // add value as first rule
+ if (type.equals("basic:AttributeValueString")) {
+ value = ele.getAttribute("value");
+ if (value.length() > 0) {
+ log.debug("adding value as rule: " + value);
+ rules.add(new Rule(type, value));
+ }
+ } else if (type.equals("basic:AttributeValueRegex")) {
+ value = ele.getAttribute("regex");
+ if (value.length() > 0) {
+ log.debug("adding value as rule: " + value);
+ rules.add(new Rule(type, value));
+ }
}
+ NodeList nl1 = ele.getChildNodes();
+ for (int i = 0; i < nl1.getLength(); i++) {
+ if (nl1.item(i).getNodeType() != Node.ELEMENT_NODE) continue;
+ Element e1 = (Element) nl1.item(i);
+ String name = e1.getNodeName();
+ // log.info("rp ele: " + name);
- // create from string element
- public ValueRule (String type, String value, boolean pf) throws FilterPolicyException {
-
- rules = new Vector();
- this.type = type;
- log.debug("create from string: " + type);
-
- permit = pf;
- this.value = value;
+ if (XMLHelper.matches(name, "Rule")) {
+ rules.add(new Rule(e1));
+ }
}
-
- // equals
- public boolean equals(String type, String value) {
- if (this.type.equals(type) && this.value.equals(value)) return true;
- return false;
+ }
+
+ // create from string element
+ public ValueRule(String type, String value, boolean pf) throws FilterPolicyException {
+
+ rules = new Vector();
+ this.type = type;
+ log.debug("create from string: " + type);
+
+ permit = pf;
+ this.value = value;
+ }
+
+ // equals
+ public boolean equals(String type, String value) {
+ if (this.type.equals(type) && this.value.equals(value)) return true;
+ return false;
+ }
+
+ public void writeXml(BufferedWriter xout) throws IOException {
+ String pd = "PermitValueRule";
+ if (!permit) pd = "DenyValueRule";
+ if (rules.size() == 0) {
+ xout.write(" <" + pd + " xsi:type=\"" + type + "\"/>\n");
+ } else if (rules.size() == 1) {
+ String valueStr = "value";
+ if (rules.get(0).getType().equals("basic:AttributeValueRegex")) valueStr = "regex";
+ xout.write(
+ " <"
+ + pd
+ + " xsi:type=\""
+ + rules.get(0).getType()
+ + "\" "
+ + valueStr
+ + "=\""
+ + XMLHelper.safeXml(rules.get(0).getValue())
+ + "\"/>\n");
+ } else {
+ xout.write(" <" + pd + " xsi:type=\"" + type + "\">\n");
+ for (int i = 0; i < rules.size(); i++) rules.get(i).writeXml(xout);
+ xout.write(" \n");
}
+ }
+ public void setId(String v) {
+ id = v;
+ }
- public void writeXml(BufferedWriter xout) throws IOException {
- String pd = "PermitValueRule";
- if (!permit) pd = "DenyValueRule";
- if (rules.size()==0) {
- xout.write(" <" + pd + " xsi:type=\"" + type + "\"/>\n");
- } else if (rules.size()==1) {
- String valueStr = "value";
- if (rules.get(0).getType().equals("basic:AttributeValueRegex")) valueStr = "regex";
- xout.write(" <" + pd + " xsi:type=\"" + rules.get(0).getType() + "\" " + valueStr + "=\""
- + XMLHelper.safeXml(rules.get(0).getValue()) + "\"/>\n");
- } else {
- xout.write(" <" + pd + " xsi:type=\"" + type + "\">\n");
- for (int i=0; i\n");
- }
- }
-
- public void setId(String v) {
- id = v;
- }
- public String getId() {
- return (id);
- }
+ public String getId() {
+ return (id);
+ }
- public void setType(String v) {
- type = v;
- }
- public String getType() {
- return (type);
- }
+ public void setType(String v) {
+ type = v;
+ }
- public void setRules(List v) {
- rules = v;
- }
- public List getRules() {
- return (rules);
- }
+ public String getType() {
+ return (type);
+ }
+ public void setRules(List v) {
+ rules = v;
+ }
+ public List getRules() {
+ return (rules);
+ }
}
-
diff --git a/src/main/java/edu/washington/iam/registry/filter/XMLFilterPolicyDAO.java b/src/main/java/edu/washington/iam/registry/filter/XMLFilterPolicyDAO.java
index 5970602..43d4766 100644
--- a/src/main/java/edu/washington/iam/registry/filter/XMLFilterPolicyDAO.java
+++ b/src/main/java/edu/washington/iam/registry/filter/XMLFilterPolicyDAO.java
@@ -1,111 +1,106 @@
package edu.washington.iam.registry.filter;
-import edu.washington.iam.registry.exception.AttributeNotFoundException;
import edu.washington.iam.registry.exception.FilterPolicyException;
-import edu.washington.iam.registry.exception.NoPermissionException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-
-import javax.annotation.PostConstruct;
-import javax.xml.parsers.DocumentBuilderFactory;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;
import java.util.Vector;
+import javax.annotation.PostConstruct;
+import javax.xml.parsers.DocumentBuilderFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
public class XMLFilterPolicyDAO implements FilterPolicyDAO {
- private final Logger log = LoggerFactory.getLogger(getClass());
- private List filterPolicyGroups;
-
- public void setPolicyGroupSources(List policyGroupSources) {
- this.policyGroupSources = policyGroupSources;
- }
-
- List policyGroupSources;
+ private final Logger log = LoggerFactory.getLogger(getClass());
+ private List filterPolicyGroups;
- @Override
- public List getFilterPolicyGroups() {
- List filterPolicyGroupList = new ArrayList<>();
- for(XMLFilterPolicyGroup xmlFilterPolicyGroup : filterPolicyGroups)
- {
- filterPolicyGroupList.add(xmlFilterPolicyGroup.toFilterPolicyGroup());
- }
- return filterPolicyGroupList;
- }
-
- @Override
- public FilterPolicyGroup getFilterPolicyGroup(String pgid) {
- for (XMLFilterPolicyGroup filterPolicyGroup : filterPolicyGroups)
- if (filterPolicyGroup.getId().equals(pgid))
- return filterPolicyGroup.toFilterPolicyGroup();
- return null;
- }
+ public void setPolicyGroupSources(List policyGroupSources) {
+ this.policyGroupSources = policyGroupSources;
+ }
- @Override
- public List getFilterPolicies(FilterPolicyGroup filterPolicyGroup) {
- return getXMLFilterPolicyGroup(filterPolicyGroup).getFilterPolicies();
- }
-
- @Override
- public AttributeFilterPolicy getFilterPolicy(FilterPolicyGroup filterPolicyGroup, String rpid) {
- XMLFilterPolicyGroup xmlFilterPolicyGroup = this.getXMLFilterPolicyGroup(filterPolicyGroup);
- xmlFilterPolicyGroup.refreshPolicyIfNeeded();
- return xmlFilterPolicyGroup.getFilterPolicy(rpid);
- }
+ List policyGroupSources;
- @Override
- public void updateFilterPolicies(FilterPolicyGroup filterPolicyGroup,
- List attributeFilterPolicies, String updatedBy)
- throws FilterPolicyException
- {
- // updates against AttributeFilterPolicy mean that existing afps are already updated in memory
- // this means that it's updated the moment we do writePolicyGroup()
- XMLFilterPolicyGroup xmlFilterPolicyGroup = this.getXMLFilterPolicyGroup(filterPolicyGroup);
- for(AttributeFilterPolicy attributeFilterPolicy : attributeFilterPolicies){
- if(xmlFilterPolicyGroup.getFilterPolicy(attributeFilterPolicy.getEntityId()) == null){
- xmlFilterPolicyGroup.getFilterPolicies().add(attributeFilterPolicy);
- }
- // else already updated in memory
- }
- xmlFilterPolicyGroup.writePolicyGroup();
+ @Override
+ public List getFilterPolicyGroups() {
+ List filterPolicyGroupList = new ArrayList<>();
+ for (XMLFilterPolicyGroup xmlFilterPolicyGroup : filterPolicyGroups) {
+ filterPolicyGroupList.add(xmlFilterPolicyGroup.toFilterPolicyGroup());
}
-
- @Override
- public int removeRelyingParty(FilterPolicyGroup filterPolicyGroup, String entityId, String updatedBy)
- throws FilterPolicyException {
- return this.getXMLFilterPolicyGroup(filterPolicyGroup).removeFilterPolicy(entityId);
+ return filterPolicyGroupList;
+ }
+
+ @Override
+ public FilterPolicyGroup getFilterPolicyGroup(String pgid) {
+ for (XMLFilterPolicyGroup filterPolicyGroup : filterPolicyGroups)
+ if (filterPolicyGroup.getId().equals(pgid)) return filterPolicyGroup.toFilterPolicyGroup();
+ return null;
+ }
+
+ @Override
+ public List getFilterPolicies(FilterPolicyGroup filterPolicyGroup) {
+ return getXMLFilterPolicyGroup(filterPolicyGroup).getFilterPolicies();
+ }
+
+ @Override
+ public AttributeFilterPolicy getFilterPolicy(FilterPolicyGroup filterPolicyGroup, String rpid) {
+ XMLFilterPolicyGroup xmlFilterPolicyGroup = this.getXMLFilterPolicyGroup(filterPolicyGroup);
+ xmlFilterPolicyGroup.refreshPolicyIfNeeded();
+ return xmlFilterPolicyGroup.getFilterPolicy(rpid);
+ }
+
+ @Override
+ public void updateFilterPolicies(
+ FilterPolicyGroup filterPolicyGroup,
+ List attributeFilterPolicies,
+ String updatedBy)
+ throws FilterPolicyException {
+ // updates against AttributeFilterPolicy mean that existing afps are already updated in memory
+ // this means that it's updated the moment we do writePolicyGroup()
+ XMLFilterPolicyGroup xmlFilterPolicyGroup = this.getXMLFilterPolicyGroup(filterPolicyGroup);
+ for (AttributeFilterPolicy attributeFilterPolicy : attributeFilterPolicies) {
+ if (xmlFilterPolicyGroup.getFilterPolicy(attributeFilterPolicy.getEntityId()) == null) {
+ xmlFilterPolicyGroup.getFilterPolicies().add(attributeFilterPolicy);
+ }
+ // else already updated in memory
}
-
- private XMLFilterPolicyGroup getXMLFilterPolicyGroup(FilterPolicyGroup filterPolicyGroup){
- for(XMLFilterPolicyGroup xmlFilterPolicyGroup : filterPolicyGroups){
- if(xmlFilterPolicyGroup.getId().equals(filterPolicyGroup.getId())){
- return xmlFilterPolicyGroup;
- }
- }
- log.info("The unthinkable has happened");
- return null;
+ xmlFilterPolicyGroup.writePolicyGroup();
+ }
+
+ @Override
+ public int removeRelyingParty(
+ FilterPolicyGroup filterPolicyGroup, String entityId, String updatedBy)
+ throws FilterPolicyException {
+ return this.getXMLFilterPolicyGroup(filterPolicyGroup).removeFilterPolicy(entityId);
+ }
+
+ private XMLFilterPolicyGroup getXMLFilterPolicyGroup(FilterPolicyGroup filterPolicyGroup) {
+ for (XMLFilterPolicyGroup xmlFilterPolicyGroup : filterPolicyGroups) {
+ if (xmlFilterPolicyGroup.getId().equals(filterPolicyGroup.getId())) {
+ return xmlFilterPolicyGroup;
+ }
}
-
- private void loadPolicyGroups() {
- filterPolicyGroups = new Vector();
- DocumentBuilderFactory builderFactory = DocumentBuilderFactory.newInstance();
- builderFactory.setNamespaceAware(true);
-
- // load policyGroups from each source
- for (int p=0; p filterPolicies;
-
- private String xmlStart = "\n" +
- "\n";
-
- private String xmlEnd = "";
- private String xmlNotice = "\n \n\n";
-
- private long modifyTime = 0;
-
- Thread reloader = null;
-
-
- public void refreshPolicyIfNeeded() {
- log.debug("fp reloader checking...");
- File f = new File(sourceName);
- if (f.lastModified()>modifyTime) {
- log.debug("reloading policy for " + id + " from " + uri);
- locker.writeLock().lock();
- try {
- loadPolicyGroup();
- } catch (Exception e) {
- log.error("reload errro: " + e);
- }
- locker.writeLock().unlock();
- log.debug("reload completed, time now " + modifyTime);
- }
- }
-
- // thread to sometimes reload the policies
- class PolicyReloader extends Thread {
-
- public void run() {
- log.debug("policy reloader running: interval = " + refreshInterval);
-
- // loop on checking the source
-
- while (true) {
- refreshPolicyIfNeeded();
- try {
- if (isInterrupted()) {
- log.info("interrupted during processing");
- break;
- }
- Thread.sleep(refreshInterval * 1000);
- } catch (InterruptedException e) {
- log.info("sleep interrupted");
- break;
- }
- }
- }
+ private final Logger log = LoggerFactory.getLogger(getClass());
+ private final ReentrantReadWriteLock locker = new ReentrantReadWriteLock();
+
+ private String id;
+ private String description;
+ private Document doc;
+ private boolean editable;
+ private String uri;
+ private String sourceName;
+ private String tempUri;
+ private int refreshInterval = 0;
+ private List filterPolicies;
+
+ private String xmlStart =
+ "\n"
+ + "\n";
+
+ private String xmlEnd = "";
+ private String xmlNotice =
+ "\n \n\n";
+
+ private long modifyTime = 0;
+
+ Thread reloader = null;
+
+ public void refreshPolicyIfNeeded() {
+ log.debug("fp reloader checking...");
+ File f = new File(sourceName);
+ if (f.lastModified() > modifyTime) {
+ log.debug("reloading policy for " + id + " from " + uri);
+ locker.writeLock().lock();
+ try {
+ loadPolicyGroup();
+ } catch (Exception e) {
+ log.error("reload errro: " + e);
+ }
+ locker.writeLock().unlock();
+ log.debug("reload completed, time now " + modifyTime);
}
+ }
- public XMLFilterPolicyGroup(Properties prop) throws FilterPolicyException {
- id = prop.getProperty("id");
- description = prop.getProperty("description");
- uri = prop.getProperty("uri");
- sourceName = uri.replaceFirst("file:","");
- tempUri = prop.getProperty("tempUri");
- String v = prop.getProperty("editable");
- if (v.equalsIgnoreCase("true")) editable = true;
- else editable = false;
- v = prop.getProperty("refresh");
- try {
- if (v!=null) refreshInterval = Integer.parseInt(v); // seconds
- } catch (NumberFormatException e) {
- log.error("invalid refresh arg " + v);
- }
- loadPolicyGroup();
- if (refreshInterval>0) {
- reloader = new Thread(new PolicyReloader());
- reloader.start();
- }
-
- }
-
- /*
- * Load policies. This code allows us to input more complex documents
- * than we produce. e.g. multiple requirement rules, split requirement rules.
- */
- private void loadPolicyGroup() throws FilterPolicyException {
- log.info("load policy group for " + id + " from " + uri);
- DocumentBuilderFactory builderFactory = DocumentBuilderFactory.newInstance();
- builderFactory.setNamespaceAware(true);
- filterPolicies = new Vector();
-
- if (uri!=null) {
- try {
- DocumentBuilder builder = builderFactory.newDocumentBuilder();
- doc = builder.parse (uri);
- } catch (Exception ex) {
- log.error("parse issue: " + ex);
- throw new FilterPolicyException("parse error");
- }
+ // thread to sometimes reload the policies
+ class PolicyReloader extends Thread {
- // update the timestamp
- File f = new File(sourceName);
- modifyTime = f.lastModified();
- log.debug("filter load " + f.getName() + ": time = " + modifyTime);
+ public void run() {
+ log.debug("policy reloader running: interval = " + refreshInterval);
+ // loop on checking the source
- List list = XMLHelper.getElementsByName(doc.getDocumentElement(), "AttributeFilterPolicy");
- log.info("found " + list.size());
+ while (true) {
+ refreshPolicyIfNeeded();
+ try {
+ if (isInterrupted()) {
+ log.info("interrupted during processing");
+ break;
+ }
+ Thread.sleep(refreshInterval * 1000);
+ } catch (InterruptedException e) {
+ log.info("sleep interrupted");
+ break;
+ }
+ }
+ }
+ }
+
+ public XMLFilterPolicyGroup(Properties prop) throws FilterPolicyException {
+ id = prop.getProperty("id");
+ description = prop.getProperty("description");
+ uri = prop.getProperty("uri");
+ sourceName = uri.replaceFirst("file:", "");
+ tempUri = prop.getProperty("tempUri");
+ String v = prop.getProperty("editable");
+ if (v.equalsIgnoreCase("true")) editable = true;
+ else editable = false;
+ v = prop.getProperty("refresh");
+ try {
+ if (v != null) refreshInterval = Integer.parseInt(v); // seconds
+ } catch (NumberFormatException e) {
+ log.error("invalid refresh arg " + v);
+ }
+ loadPolicyGroup();
+ if (refreshInterval > 0) {
+ reloader = new Thread(new PolicyReloader());
+ reloader.start();
+ }
+ }
+
+ /*
+ * Load policies. This code allows us to input more complex documents
+ * than we produce. e.g. multiple requirement rules, split requirement rules.
+ */
+ private void loadPolicyGroup() throws FilterPolicyException {
+ log.info("load policy group for " + id + " from " + uri);
+ DocumentBuilderFactory builderFactory = DocumentBuilderFactory.newInstance();
+ builderFactory.setNamespaceAware(true);
+ filterPolicies = new Vector();
+
+ if (uri != null) {
+ try {
+ DocumentBuilder builder = builderFactory.newDocumentBuilder();
+ doc = builder.parse(uri);
+ } catch (Exception ex) {
+ log.error("parse issue: " + ex);
+ throw new FilterPolicyException("parse error");
+ }
- for (int i=0; i getFilterPolicies() {
- return filterPolicies;
- }
- public boolean isEditable() {
- return editable;
- }
-
-}
+ // move the temp file to live
+ try {
+ File live = new File(new URI(uri));
+ File temp = new File(new URI(tempUri));
+ temp.renameTo(live);
+ } catch (Exception e) {
+ log.error("rename: " + e);
+ return 1;
+ }
+ return 0;
+ }
+
+ public String getId() {
+ return (id);
+ }
+ public String getUri() {
+ return (uri);
+ }
+
+ public String getDescription() {
+ return (description);
+ }
+
+ public List getFilterPolicies() {
+ return filterPolicies;
+ }
+
+ public boolean isEditable() {
+ return editable;
+ }
+}
diff --git a/src/main/java/edu/washington/iam/registry/proxy/Proxy.java b/src/main/java/edu/washington/iam/registry/proxy/Proxy.java
index 5a8bbf5..7b46c44 100644
--- a/src/main/java/edu/washington/iam/registry/proxy/Proxy.java
+++ b/src/main/java/edu/washington/iam/registry/proxy/Proxy.java
@@ -15,92 +15,78 @@
* ========================================================================
*/
-
package edu.washington.iam.registry.proxy;
import java.io.Serializable;
-
-import java.util.List;
-import java.util.Vector;
-import java.util.Arrays;
-import java.io.BufferedWriter;
-import java.io.IOException;
-
-
+import java.util.UUID;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-import org.w3c.dom.Node;
+public class Proxy implements Serializable {
-import edu.washington.iam.tools.XMLHelper;
+ private final Logger log = LoggerFactory.getLogger(getClass());
-import edu.washington.iam.registry.exception.ProxyException;
-import java.util.UUID;
-
-public class Proxy implements Serializable {
-
- private final Logger log = LoggerFactory.getLogger(getClass());
+ private UUID uuid;
+ private String entityId;
+ private boolean socialActive;
+ private String updatedBy;
+ private String startTime;
+ private String endTime;
- private UUID uuid;
- private String entityId;
- private boolean socialActive;
- private String updatedBy;
- private String startTime;
- private String endTime;
+ private String safePy(String in) {
+ return in.replaceAll("\"", "\\\"");
+ }
+ public Proxy() {}
- private String safePy(String in) {
- return in.replaceAll("\"","\\\"");
- }
+ // 2017-11-13 mattjm constructor taking XML document as argument removed (and deleted
+ // XMLProxyManager)
- public Proxy (){}
+ public void setEntityId(String entityId) {
+ this.entityId = entityId;
+ }
- //2017-11-13 mattjm constructor taking XML document as argument removed (and deleted XMLProxyManager)
+ public String getEntityId() {
+ return (entityId);
+ }
+ public void setSocialActive(boolean socialActive) {
+ this.socialActive = socialActive;
+ }
- public void setEntityId(String entityId) {
- this.entityId = entityId;
- }
- public String getEntityId() {
- return (entityId);
- }
+ public boolean getSocialActive() {
+ return (socialActive);
+ }
- public void setSocialActive(boolean socialActive) {
- this.socialActive = socialActive;
- }
- public boolean getSocialActive() { return (socialActive); }
+ public void setUuid(UUID uuid) {
+ this.uuid = uuid;
+ }
- public void setUuid(UUID uuid) {
- this.uuid = uuid;
- }
- public UUID getUuid() { return uuid; }
+ public UUID getUuid() {
+ return uuid;
+ }
- public String getUpdatedBy() {
- return updatedBy;
- }
+ public String getUpdatedBy() {
+ return updatedBy;
+ }
- public void setUpdatedBy(String updatedBy) {
- this.updatedBy = updatedBy;
- }
+ public void setUpdatedBy(String updatedBy) {
+ this.updatedBy = updatedBy;
+ }
- public String getStartTime() {
- return startTime;
- }
+ public String getStartTime() {
+ return startTime;
+ }
- public void setStartTime(String startTime) {
- this.startTime = startTime;
- }
+ public void setStartTime(String startTime) {
+ this.startTime = startTime;
+ }
- public String getEndTime() {
- return endTime;
- }
-
- public void setEndTime(String endTime) {
- this.endTime = endTime;
- }
+ public String getEndTime() {
+ return endTime;
+ }
+ public void setEndTime(String endTime) {
+ this.endTime = endTime;
+ }
}
-
diff --git a/src/main/java/edu/washington/iam/registry/proxy/ProxyIdp.java b/src/main/java/edu/washington/iam/registry/proxy/ProxyIdp.java
index 827e870..d151be2 100644
--- a/src/main/java/edu/washington/iam/registry/proxy/ProxyIdp.java
+++ b/src/main/java/edu/washington/iam/registry/proxy/ProxyIdp.java
@@ -18,90 +18,95 @@
/*TODO mattjm 2017-11-13 this class can be deleted soon--no non-test JAVA code reaches it (some tests and javascript
still do)*/
-
package edu.washington.iam.registry.proxy;
-import java.io.Serializable;
-
-import java.util.List;
-import java.util.Vector;
-import java.util.Arrays;
+import edu.washington.iam.registry.exception.ProxyException;
+import edu.washington.iam.tools.XMLHelper;
import java.io.BufferedWriter;
import java.io.IOException;
-
-
+import java.io.Serializable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
-import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-import org.w3c.dom.Node;
-
-import edu.washington.iam.tools.XMLHelper;
-
-import edu.washington.iam.registry.exception.ProxyException;
-
-public class ProxyIdp implements Serializable {
-
- private final Logger log = LoggerFactory.getLogger(getClass());
-
- private String idp;
- private String clientId;
- private String clientSecret;
-
- private String safePy(String in) {
- return in.replaceAll("\"","\\\"");
- }
-
- // TODO: Our new constructor doesn't check for 'invalid' characters. Sort out if these are really invalid
- // check for any bad chars
- private void isOK(String s) throws ProxyException {
- if (s.indexOf('<')>=0 || s.indexOf('>')>=0 || s.indexOf('"')>=0 || s.indexOf('\'')>=0 ) throw new ProxyException("invalid characters");
- }
-
- // create from document element
- public ProxyIdp(){}
- public ProxyIdp (Element ele) throws ProxyException {
-
- idp = ele.getAttribute("idp");
- clientId = ele.getAttribute("clientId");
- clientSecret = ele.getAttribute("clientSecret");
- isOK(clientId);
- isOK(clientSecret);
- log.debug("create from doc: " + clientId);
- }
-
- // write xml doc
- public void writeXml(BufferedWriter xout) throws IOException {
- xout.write("\n");
- }
-
- // write py doc
- public void writePy(BufferedWriter xout) throws IOException {
- xout.write("\"" + idp + "\": {\"key\": \"" + safePy(clientId) + "\", \"secret\": \"" + safePy(clientSecret) + "\"},\n");
- }
-
- public void setIdp(String v) {
- idp = v;
- }
- public String getIdp() {
- return (idp);
- }
- public void setClientId(String v) {
- clientId = v;
- }
- public String getClientId() {
- return (clientId);
- }
- public void setClientSecret(String v) {
- clientSecret = v;
- }
- public String getClientSecret() {
- return (clientSecret);
- }
+public class ProxyIdp implements Serializable {
+
+ private final Logger log = LoggerFactory.getLogger(getClass());
+
+ private String idp;
+ private String clientId;
+ private String clientSecret;
+
+ private String safePy(String in) {
+ return in.replaceAll("\"", "\\\"");
+ }
+
+ // TODO: Our new constructor doesn't check for 'invalid' characters. Sort out if these are really
+ // invalid
+ // check for any bad chars
+ private void isOK(String s) throws ProxyException {
+ if (s.indexOf('<') >= 0 || s.indexOf('>') >= 0 || s.indexOf('"') >= 0 || s.indexOf('\'') >= 0)
+ throw new ProxyException("invalid characters");
+ }
+
+ // create from document element
+ public ProxyIdp() {}
+
+ public ProxyIdp(Element ele) throws ProxyException {
+
+ idp = ele.getAttribute("idp");
+ clientId = ele.getAttribute("clientId");
+ clientSecret = ele.getAttribute("clientSecret");
+ isOK(clientId);
+ isOK(clientSecret);
+ log.debug("create from doc: " + clientId);
+ }
+
+ // write xml doc
+ public void writeXml(BufferedWriter xout) throws IOException {
+ xout.write(
+ "\n");
+ }
+
+ // write py doc
+ public void writePy(BufferedWriter xout) throws IOException {
+ xout.write(
+ "\""
+ + idp
+ + "\": {\"key\": \""
+ + safePy(clientId)
+ + "\", \"secret\": \""
+ + safePy(clientSecret)
+ + "\"},\n");
+ }
+
+ public void setIdp(String v) {
+ idp = v;
+ }
+
+ public String getIdp() {
+ return (idp);
+ }
+
+ public void setClientId(String v) {
+ clientId = v;
+ }
+
+ public String getClientId() {
+ return (clientId);
+ }
+
+ public void setClientSecret(String v) {
+ clientSecret = v;
+ }
+
+ public String getClientSecret() {
+ return (clientSecret);
+ }
}
-
diff --git a/src/main/java/edu/washington/iam/registry/proxy/ProxyManager.java b/src/main/java/edu/washington/iam/registry/proxy/ProxyManager.java
index 0496de1..91de01e 100644
--- a/src/main/java/edu/washington/iam/registry/proxy/ProxyManager.java
+++ b/src/main/java/edu/washington/iam/registry/proxy/ProxyManager.java
@@ -17,29 +17,23 @@
package edu.washington.iam.registry.proxy;
+import edu.washington.iam.registry.exception.ProxyException;
import java.io.Serializable;
import java.util.List;
-import org.w3c.dom.Document;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
+public interface ProxyManager extends Serializable {
+ public List getProxys();
-import edu.washington.iam.registry.exception.ProxyException;
-import edu.washington.iam.registry.exception.NoPermissionException;
+ public Proxy getProxy(String entityId);
-public interface ProxyManager extends Serializable {
- public List getProxys();
- public Proxy getProxy(String entityId);
- public int removeProxy(String rpid, String updatedBy) throws ProxyException;
- public List getProxyHistory(String entityId) throws ProxyException;
- ;
+ public int removeProxy(String rpid, String updatedBy) throws ProxyException;
- /**
- *
- * @param proxy Takes a validated proxy and stores it
- */
- public void updateProxy(Proxy proxy, String updatedBy) throws ProxyException;
+ public List getProxyHistory(String entityId) throws ProxyException;
+ ;
+ /**
+ *
+ * @param proxy Takes a validated proxy and stores it
+ */
+ public void updateProxy(Proxy proxy, String updatedBy) throws ProxyException;
}
diff --git a/src/main/java/edu/washington/iam/registry/proxy/ProxyManagerDB.java b/src/main/java/edu/washington/iam/registry/proxy/ProxyManagerDB.java
index c4f8a98..3dd629e 100644
--- a/src/main/java/edu/washington/iam/registry/proxy/ProxyManagerDB.java
+++ b/src/main/java/edu/washington/iam/registry/proxy/ProxyManagerDB.java
@@ -2,6 +2,11 @@
import edu.washington.iam.registry.exception.ProxyException;
import edu.washington.iam.registry.rp.UuidManager;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.UUID;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -9,119 +14,114 @@
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.ResultSetExtractor;
-import java.sql.ResultSet;
-import java.sql.SQLException;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.UUID;
-
public class ProxyManagerDB implements ProxyManager {
- private final Logger log = LoggerFactory.getLogger(getClass());
- private JdbcTemplate template;
-
- public void setTemplate(JdbcTemplate template) {
- this.template = template;
+ private final Logger log = LoggerFactory.getLogger(getClass());
+ private JdbcTemplate template;
+
+ public void setTemplate(JdbcTemplate template) {
+ this.template = template;
+ }
+
+ @Autowired private UuidManager uuidManager;
+
+ public List getProxys() {
+ log.debug("getting the list of proxies");
+ return template.query("select * from proxy where end_time is null", new ProxyMapper());
+ }
+
+ public List getProxyHistory(String entityId) throws ProxyException {
+ List proxys = null;
+ try {
+ proxys =
+ template.query(
+ "select * from proxy where end_time is not null and entity_id = ?",
+ new Object[] {entityId},
+ new ProxyMapper());
+ return proxys;
+ } catch (Exception e) {
+ String errorMsg = String.format("error getting proxy history: %s", entityId);
+ log.debug(errorMsg);
+ throw new ProxyException(errorMsg);
}
-
- @Autowired
- private UuidManager uuidManager;
-
- public List getProxys() {
- log.debug("getting the list of proxies");
- return template.query("select * from proxy where end_time is null",
- new ProxyMapper());
+ }
+
+ public Proxy getProxy(String entityId) {
+ log.debug("looking for proxy for " + entityId);
+ Proxy proxy = null;
+
+ List proxies =
+ template.query(
+ "select * from proxy where entity_id = ? and end_time is null",
+ new Object[] {entityId},
+ new ProxyMapper());
+ if (proxies.size() != 0) {
+ proxy = proxies.get(0);
}
- public List getProxyHistory(String entityId) throws ProxyException {
- List proxys = null;
- try {
- proxys = template.query(
- "select * from proxy where end_time is not null and entity_id = ?",
- new Object[] {entityId},
- new ProxyMapper());
- return proxys;
- }
- catch (Exception e){
- String errorMsg = String.format("error getting proxy history: %s", entityId);
- log.debug(errorMsg);
- throw new ProxyException(errorMsg);
- }
-
+ return proxy;
+ }
+
+ public int removeProxy(String rpid, String updatedBy) throws ProxyException {
+ log.debug("looking to delete proxy for " + rpid);
+
+ List rpIds =
+ template.queryForList(
+ "select id from proxy where entity_id = ? and end_time is null", Integer.class, rpid);
+ if (rpIds.size() == 1 && rpIds.get(0) != null) {
+ template.update(
+ "update proxy set end_time = now(), updated_by = ?, status = ? where id = ?",
+ updatedBy,
+ 0,
+ rpIds.get(0));
+ log.debug("updated (delete) proxy for %s", rpid);
+ return 200;
+ } else if (rpIds.size() == 0) {
+ // there is no record with end_time = null if social gateway wasn't enabled
+ log.info(String.format("No proxy found for %s (usually not an error--was inactive)", rpid));
+ // if there are no records with end_time = null then there are no active records to remove
+ // and everything is fine. mattjm 2018-10-23
+ return 200;
+ } else {
+ throw new ProxyException("more than one active proxy record found!! No update performed.");
+ // TODO what about a return code?
}
-
- public Proxy getProxy(String entityId) {
- log.debug("looking for proxy for " + entityId);
- Proxy proxy = null;
-
- List proxies = template.query("select * from proxy where entity_id = ? and end_time is null",
- new Object[] {entityId},
- new ProxyMapper());
- if(proxies.size() != 0){
- proxy = proxies.get(0);
- }
-
- return proxy;
- }
-
- public int removeProxy(String rpid, String updatedBy) throws ProxyException {
- log.debug("looking to delete proxy for " + rpid);
-
- List rpIds = template.queryForList(
- "select id from proxy where entity_id = ? and end_time is null",
- Integer.class, rpid);
- if (rpIds.size() == 1 && rpIds.get(0) != null) {
- template.update("update proxy set end_time = now(), updated_by = ?, status = ? where id = ?", updatedBy, 0, rpIds.get(0));
- log.debug("updated (delete) proxy for %s", rpid);
- return 200;
- }
- else if (rpIds.size() == 0) {
- //there is no record with end_time = null if social gateway wasn't enabled
- log.info(String.format("No proxy found for %s (usually not an error--was inactive)", rpid));
- //if there are no records with end_time = null then there are no active records to remove
- //and everything is fine. mattjm 2018-10-23
- return 200;
- }
- else{
- throw new ProxyException("more than one active proxy record found!! No update performed.");
- //TODO what about a return code?
- }
+ }
+
+ // add or update a proxy
+ public void updateProxy(Proxy proxy, String updatedBy) throws ProxyException {
+
+ proxy.setUuid(uuidManager.getUuid(proxy.getEntityId()));
+ log.info("attempting proxy update " + proxy.getEntityId());
+ // recycle "delete" method to mark current record inactive
+ removeProxy(proxy.getEntityId(), updatedBy);
+ // only add a record with end_time=null if social gateway should be active.
+ if (proxy.getSocialActive()) {
+ log.info("Marked current proxy record inactive--adding new one next");
+ template.update(
+ "insert into proxy (uuid, entity_id, start_time, end_time, updated_by, status) "
+ + "values (?, ?, now(), null, ?, 1)",
+ proxy.getUuid(),
+ proxy.getEntityId(),
+ updatedBy);
}
-
- //add or update a proxy
- public void updateProxy(Proxy proxy, String updatedBy) throws ProxyException {
-
- proxy.setUuid(uuidManager.getUuid(proxy.getEntityId()));
- log.info("attempting proxy update " + proxy.getEntityId());
- //recycle "delete" method to mark current record inactive
- removeProxy(proxy.getEntityId(), updatedBy);
- //only add a record with end_time=null if social gateway should be active.
- if (proxy.getSocialActive()) {
- log.info("Marked current proxy record inactive--adding new one next");
- template.update("insert into proxy (uuid, entity_id, start_time, end_time, updated_by, status) "
- + "values (?, ?, now(), null, ?, 1)",
- proxy.getUuid(),
- proxy.getEntityId(),
- updatedBy);
-
- }
- }
-
- private static final class ProxyMapper implements ResultSetExtractor> {
- @Override
- public List extractData(ResultSet rs) throws SQLException, DataAccessException{
- List proxyList = new ArrayList<>();
- while(rs.next()){
- Proxy proxy = new Proxy();
- proxy.setEntityId(rs.getString("entity_id"));
- proxy.setUuid((UUID)rs.getObject("uuid"));
- proxy.setSocialActive(true);
- proxy.setUpdatedBy(rs.getString("updated_by"));
- proxy.setStartTime(rs.getString("start_time"));
- proxy.setEndTime(rs.getString("end_time"));
- proxyList.add(proxy);
- }
-
- return proxyList;
- }
+ }
+
+ private static final class ProxyMapper implements ResultSetExtractor> {
+ @Override
+ public List extractData(ResultSet rs) throws SQLException, DataAccessException {
+ List proxyList = new ArrayList<>();
+ while (rs.next()) {
+ Proxy proxy = new Proxy();
+ proxy.setEntityId(rs.getString("entity_id"));
+ proxy.setUuid((UUID) rs.getObject("uuid"));
+ proxy.setSocialActive(true);
+ proxy.setUpdatedBy(rs.getString("updated_by"));
+ proxy.setStartTime(rs.getString("start_time"));
+ proxy.setEndTime(rs.getString("end_time"));
+ proxyList.add(proxy);
+ }
+
+ return proxyList;
}
+ }
}
diff --git a/src/main/java/edu/washington/iam/registry/rp/AssertionConsumerService.java b/src/main/java/edu/washington/iam/registry/rp/AssertionConsumerService.java
index 03eb8c7..e1dca59 100644
--- a/src/main/java/edu/washington/iam/registry/rp/AssertionConsumerService.java
+++ b/src/main/java/edu/washington/iam/registry/rp/AssertionConsumerService.java
@@ -15,94 +15,89 @@
* ========================================================================
*/
-
package edu.washington.iam.registry.rp;
-import java.io.Serializable;
+import edu.washington.iam.registry.exception.RelyingPartyException;
+import edu.washington.iam.tools.XMLHelper;
import java.io.BufferedWriter;
import java.io.IOException;
-
-import java.lang.NumberFormatException;
-import java.util.List;
-import java.util.Vector;
-
+import java.io.Serializable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
-
-import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-
-import edu.washington.iam.tools.XMLHelper;
-import edu.washington.iam.registry.exception.RelyingPartyException;
-
-public class AssertionConsumerService implements Serializable {
-
- private final Logger log = LoggerFactory.getLogger(getClass());
-
- private String binding;
- private String location;
- private String index;
-
- // create from document element
- public AssertionConsumerService (Element ele) throws RelyingPartyException {
- binding = ele.getAttribute("Binding");
- location = ele.getAttribute("Location");
- index = ele.getAttribute("index");
- if (binding==null || location==null || index==null) throw new RelyingPartyException("missing ACS attributes");
- if (!binding.startsWith("urn:")) throw new RelyingPartyException("invalid ACS binding");
- if (!location.startsWith("http")) throw new RelyingPartyException("invalid ACS location");
- try {
- int i = Integer.parseInt(index);
- } catch (NumberFormatException e) {
- throw new RelyingPartyException("invalid acs index");
- }
- }
- // create from inputs
- public AssertionConsumerService (int i, String b, String l) {
- binding = b;
- location = l;
- index = "" + i;
+public class AssertionConsumerService implements Serializable {
+
+ private final Logger log = LoggerFactory.getLogger(getClass());
+
+ private String binding;
+ private String location;
+ private String index;
+
+ // create from document element
+ public AssertionConsumerService(Element ele) throws RelyingPartyException {
+ binding = ele.getAttribute("Binding");
+ location = ele.getAttribute("Location");
+ index = ele.getAttribute("index");
+ if (binding == null || location == null || index == null)
+ throw new RelyingPartyException("missing ACS attributes");
+ if (!binding.startsWith("urn:")) throw new RelyingPartyException("invalid ACS binding");
+ if (!location.startsWith("http")) throw new RelyingPartyException("invalid ACS location");
+ try {
+ int i = Integer.parseInt(index);
+ } catch (NumberFormatException e) {
+ throw new RelyingPartyException("invalid acs index");
}
-
-/**
- public Element toDOM(Document doc) {
- Element acs = doc.createElement("AssertionConsumerService");
- acs.setAttribute("Binding", binding);
- acs.setAttribute("Location", location);
- acs.setAttribute("index", index);
- return acs;
- }
- **/
-
- public void writeXml(BufferedWriter xout) throws IOException {
- xout.write(" \n");
- }
-
- public void setBinding(String v) {
- binding = v;
- }
- public String getBinding() {
- return (binding);
- }
-
- public void setLocation(String v) {
- location = v;
- }
- public String getLocation() {
- return (location);
- }
-
- public void setIndex(String v) {
- index = v;
- }
- public String getIndex() {
- return (index);
- }
-
+ }
+
+ // create from inputs
+ public AssertionConsumerService(int i, String b, String l) {
+ binding = b;
+ location = l;
+ index = "" + i;
+ }
+
+ /**
+ * public Element toDOM(Document doc) {
+ * Element acs = doc.createElement("AssertionConsumerService");
+ * acs.setAttribute("Binding", binding);
+ * acs.setAttribute("Location", location);
+ * acs.setAttribute("index", index);
+ * return acs;
+ * }
+ **/
+ public void writeXml(BufferedWriter xout) throws IOException {
+ xout.write(
+ " \n");
+ }
+
+ public void setBinding(String v) {
+ binding = v;
+ }
+
+ public String getBinding() {
+ return (binding);
+ }
+
+ public void setLocation(String v) {
+ location = v;
+ }
+
+ public String getLocation() {
+ return (location);
+ }
+
+ public void setIndex(String v) {
+ index = v;
+ }
+
+ public String getIndex() {
+ return (index);
+ }
}
-
diff --git a/src/main/java/edu/washington/iam/registry/rp/ContactPerson.java b/src/main/java/edu/washington/iam/registry/rp/ContactPerson.java
index b7fc374..98fabd3 100644
--- a/src/main/java/edu/washington/iam/registry/rp/ContactPerson.java
+++ b/src/main/java/edu/washington/iam/registry/rp/ContactPerson.java
@@ -15,126 +15,126 @@
* ========================================================================
*/
-
package edu.washington.iam.registry.rp;
-import java.io.Serializable;
+import edu.washington.iam.registry.exception.RelyingPartyException;
+import edu.washington.iam.tools.XMLHelper;
import java.io.BufferedWriter;
import java.io.IOException;
-
-import java.util.List;
-import java.util.Vector;
-
+import java.io.Serializable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
-
-import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
-import edu.washington.iam.tools.XMLHelper;
-
-import edu.washington.iam.registry.exception.RelyingPartyException;
-
-public class ContactPerson implements Serializable {
-
- private final Logger log = LoggerFactory.getLogger(getClass());
-
-
- private String type;
- private String company;
- private String surName;
- private String givenName;
- private String email;
- private String phone;
-
- // create from document element
- public ContactPerson (Element ele) throws RelyingPartyException {
- type = ele.getAttribute("contactType");
- if (type==null || !(type.equals("technical") || type.equals("administrative") || type.equals("support") ||
- type.equals("billing") || type.equals("other"))) throw new RelyingPartyException("invalid contact type");
- company = null;
- surName = null;
- givenName = null;
- email = null;
- phone = null;
-
- NodeList chl = ele.getChildNodes();
- for (int i=0; i\n");
- if (company != null) xout.write(" " + XMLHelper.safeXml(company) + "\n");
- if (givenName != null) xout.write(" " + XMLHelper.safeXml(givenName) + "\n");
- if (surName != null) xout.write(" " + XMLHelper.safeXml(surName) + "\n");
- if (email != null) xout.write(" " + XMLHelper.safeXml(email) + "\n");
- if (phone != null) xout.write(" " + XMLHelper.safeXml(phone) + "\n");
- xout.write(" \n");
- }
-
- public void setType(String v) {
- type = v;
- }
- public String getType() {
- return (type);
- }
-
- public void setCompany(String v) {
- company = v;
- }
- public String getCompany() {
- return (company);
- }
-
- public void setSurName(String v) {
- surName = v;
- }
- public String getSurName() {
- return (surName);
- }
-
- public void setGivenName(String v) {
- givenName = v;
- }
- public String getGivenName() {
- return (givenName);
- }
-
- public void setEmail(String v) {
- email = v;
- }
- public String getEmail() {
- return (email);
- }
-
- public void setPhone(String v) {
- phone = v;
- }
- public String getPhone() {
- return (phone);
+public class ContactPerson implements Serializable {
+
+ private final Logger log = LoggerFactory.getLogger(getClass());
+
+ private String type;
+ private String company;
+ private String surName;
+ private String givenName;
+ private String email;
+ private String phone;
+
+ // create from document element
+ public ContactPerson(Element ele) throws RelyingPartyException {
+ type = ele.getAttribute("contactType");
+ if (type == null
+ || !(type.equals("technical")
+ || type.equals("administrative")
+ || type.equals("support")
+ || type.equals("billing")
+ || type.equals("other"))) throw new RelyingPartyException("invalid contact type");
+ company = null;
+ surName = null;
+ givenName = null;
+ email = null;
+ phone = null;
+
+ NodeList chl = ele.getChildNodes();
+ for (int i = 0; i < chl.getLength(); i++) {
+ if (chl.item(i).getNodeType() != Node.ELEMENT_NODE) continue;
+ Element ch = (Element) chl.item(i);
+ String name = ch.getNodeName();
+ if (XMLHelper.matches(name, "Company")) company = ch.getTextContent();
+ if (XMLHelper.matches(name, "SurName")) surName = ch.getTextContent();
+ if (XMLHelper.matches(name, "GivenName")) givenName = ch.getTextContent();
+ if (XMLHelper.matches(name, "EmailAddress")) email = ch.getTextContent();
+ if (XMLHelper.matches(name, "TelephoneNumber")) phone = ch.getTextContent();
}
+ }
+
+ // create from string
+ public ContactPerson(String t) {
+ type = t;
+ company = null;
+ surName = null;
+ givenName = null;
+ email = null;
+ phone = null;
+ }
+
+ public void writeXml(BufferedWriter xout) throws IOException {
+ xout.write(" \n");
+ if (company != null) xout.write(" " + XMLHelper.safeXml(company) + "\n");
+ if (givenName != null)
+ xout.write(" " + XMLHelper.safeXml(givenName) + "\n");
+ if (surName != null) xout.write(" " + XMLHelper.safeXml(surName) + "\n");
+ if (email != null)
+ xout.write(" " + XMLHelper.safeXml(email) + "\n");
+ if (phone != null)
+ xout.write(" " + XMLHelper.safeXml(phone) + "\n");
+ xout.write(" \n");
+ }
+
+ public void setType(String v) {
+ type = v;
+ }
+
+ public String getType() {
+ return (type);
+ }
+
+ public void setCompany(String v) {
+ company = v;
+ }
+
+ public String getCompany() {
+ return (company);
+ }
+
+ public void setSurName(String v) {
+ surName = v;
+ }
+
+ public String getSurName() {
+ return (surName);
+ }
+
+ public void setGivenName(String v) {
+ givenName = v;
+ }
+
+ public String getGivenName() {
+ return (givenName);
+ }
+
+ public void setEmail(String v) {
+ email = v;
+ }
+
+ public String getEmail() {
+ return (email);
+ }
+
+ public void setPhone(String v) {
+ phone = v;
+ }
+
+ public String getPhone() {
+ return (phone);
+ }
}
-
diff --git a/src/main/java/edu/washington/iam/registry/rp/DBMetadata.java b/src/main/java/edu/washington/iam/registry/rp/DBMetadata.java
index c71b714..abcd5e5 100644
--- a/src/main/java/edu/washington/iam/registry/rp/DBMetadata.java
+++ b/src/main/java/edu/washington/iam/registry/rp/DBMetadata.java
@@ -1,276 +1,311 @@
-package edu.washington.iam.registry.rp;
-
-
-import edu.washington.iam.registry.exception.RelyingPartyException;
-import edu.washington.iam.tools.XMLHelper;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.jdbc.core.JdbcTemplate;
-import org.springframework.jdbc.core.RowMapper;
-import org.w3c.dom.Document;
-
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import java.sql.ResultSet;
-import java.sql.SQLException;
-import java.util.*;
-import java.sql.Timestamp;
-
-import edu.washington.iam.tools.IdpHelper;
-
-public class DBMetadata implements MetadataDAO {
- private final Logger log = LoggerFactory.getLogger(getClass());
-
-
- private String id;
- private String groupId;
- private boolean editable;
- private IdpHelper idpHelper = null;
- public void setIdpHelper(IdpHelper v) {
- idpHelper = v;
- }
-
-
-
- @Autowired
- private JdbcTemplate template;
-
-
- @Override
- public List getRelyingParties() {
- List rps = template.query(
- "select * from metadata where end_time is null and group_id = ?",
- new Object[] {groupId},
- new RelyingPartyMapper());
- return rps;
- }
-
-
- @Override
- public List getRelyingPartyHistoryById(String id) throws RelyingPartyException {
- // get metadata
- List rps = null;
- try {
- rps = template.query(
- "select * from metadata where group_id = ? and entity_id = ?" +
- " order by start_time ASC",
- new Object[]{groupId, id},
- new RelyingPartyMapper());
- log.info("Got a response in getRelyingPartyHistoryById");
- return rps;
- }
- catch (Exception e){
- String errorMsg = String.format("error getting rp: %s, rps size = %s", id, (rps == null) ? 0 : rps.size());
- log.error(errorMsg, e);
- throw new RelyingPartyException(errorMsg);
- }
-
-
- }
-
-
- @Override
- public RelyingParty getRelyingPartyById(String id) throws RelyingPartyException {
- List rps = template.query(
- "select * from metadata where end_time is null and group_id = ? and entity_id = ?",
- new Object[] { groupId, id},
- new RelyingPartyMapper());
- if(rps.size() == 1 && rps.get(0) != null){
- return rps.get(0);
- }
- else {
- String errorMsg = String.format("error getting rp: %s, rps size = %s", id, (rps == null) ? 0 : rps.size());
- log.error(errorMsg);
- throw new RelyingPartyException(errorMsg);
- }
- }
-
- @Override
- public List searchRelyingPartyIds(String searchStr){
- String sql;
- List results;
- if(searchStr != null) {
- results = template.queryForList(
- "select entity_id from metadata where end_time is null and group_id = ? and entity_id like ?",
- new Object[]{groupId, '%' + searchStr + '%'},
- String.class);
- }
- else {
- results = template.queryForList(
- "select entity_id from metadata where end_time is null and group_id = ?",
- new Object[]{groupId},
- String.class);
- }
- return results;
- }
-
- @Override
- public List getRelyingPartiesById(String search){
- String sql;
- log.debug("DB search for id like " + search);
- List rps = template.query(
- "select * from metadata where end_time is null and group_id = ? and entity_id like ?",
- new Object[]{groupId, '%' + search + '%'},
- new RelyingPartyMapper());
- return rps;
- }
-
- @Override
- public List getRelyingPartiesByAdmin(String admin){
- String sql;
- log.debug("DB search for admin " + admin);
- List rps = null;
- if (admin.indexOf("@")>0) {
- rps = template.query(
- "select * from metadata where end_time is null and group_id = ? and (xml like ? or xml like ?)",
- new Object[]{groupId, "%"+admin+"%",
- "%mailto:"+admin+"%"},
- new RelyingPartyMapper());
- } else {
- rps = template.query(
- "select * from metadata where end_time is null and group_id = ? and (xml like ? or xml like ? or xml like ? or xml like ?)",
- new Object[]{groupId, "%"+admin+"@uw.edu%",
- "%"+admin+"@washington.edu%",
- "%mailto:"+admin+"@uw.edu%",
- "%mailto:"+admin+"@washington.edu%"},
- new RelyingPartyMapper());
- }
- return rps;
- }
-
- @Override
- public void updateRelyingParty(RelyingParty relyingParty, String updatedBy) {
- log.info(String.format("updating metadata for rp %s in %s", relyingParty.getEntityId(), groupId));
- try {
- String xml = XMLHelper.serializeXmlToString(relyingParty);
- List existingIds = template.queryForList(
- "select id from metadata where group_id = ? and entity_id = ? and end_time is null",
- Integer.class,
- groupId, relyingParty.getEntityId());
- if (existingIds.size() == 0) {
- // no active records so we add an active record
-
- template.update(
- "insert into metadata (uuid, group_id, entity_id, xml, end_time, start_time, updated_by, status) values " +
- "(? ,?, ?, ?, ?, now(), ?, 1)",
- genUUID(), groupId, relyingParty.getEntityId(), xml, null, updatedBy);
- log.debug("added new rp " + relyingParty.getEntityId());
- } else if (existingIds.size() == 1) {
- //we need to get the uuid
- List uuid = template.queryForList("select uuid from metadata where entity_id = ? and end_time is null",
- UUID.class,
- relyingParty.getEntityId());
- relyingParty.setUuid(uuid.get(0));
- // active record exists so mark last one inactive
- template.update("update metadata set end_time = now(), status = ? where id = ?", 0, existingIds.get(0));
- // add new active record
- log.info(Integer.toString(template.update(
- "insert into metadata (uuid, group_id, entity_id, xml, end_time, start_time, updated_by, status) values " +
- "(?, ?, ?, ?, ?, now(), ?, 1)",
- relyingParty.getUuid(), groupId, relyingParty.getEntityId(), xml, null, updatedBy)));
- log.debug("updated existing rp " + relyingParty.getEntityId());
- } else {
- throw new RelyingPartyException("more than one active metadata record found!! No update performed. ");
- }
- if (idpHelper!=null) idpHelper.notifyIdps("metadata");
- } catch (Exception e) {
- log.info("update metadata trouble: " + e.getMessage());
- // just eat it - don't know the repercussions
- }
- }
-
-
- @Override
- public void removeRelyingParty(String rpid, String updatedBy) {
- try {
- log.info(String.format("looking to remove metadata for rp %s in %s", rpid, groupId));
- /* small bit of errata: when removing an RP we rewrite the updatedBy field of the last record to the netid
- of the person who deleted it. In this sense we lose the data of whoever made the last update,
- but I think it's more important to know who deleted it over who made the last update
- before it was deleted. Contrast with an update (above) where we mark the old record
- inactive but don't change who updated it. We don't display deletes to users, so this mostly
- matters in an audit situation.
- I supposed a smarter implementation could put an end_date on the last update record and just add a new one
- with end_date already set. */
- List rpIds = template.queryForList(
- "select id from metadata where group_id = ? and entity_id = ? and end_time is null",
- Integer.class,
- groupId, rpid);
- if (rpIds.size() == 1 && rpIds.get(0) != null) {
- log.info(Integer.toString(template.update("update metadata set end_time = now(), updated_by = ?, status = ? where id = ?",
- updatedBy, 0, rpIds.get(0))));
- log.info(String.format("updated (delete) %s", rpid));
- }
- else if (rpIds.size() == 0) {
- log.info(String.format("No rp found for %s", rpid));
- }
- else {
- throw new RelyingPartyException("more than one active metadata record found!! No update performed. ");
- }
-
-
- }
- catch (Exception e) {
- log.info("remove metadata trouble: " + e.getMessage());
- }
- }
- @Override
- public boolean isEditable() {
- return editable;
- }
-
- @Override
- public void cleanup() {
-
- }
-
- public void setGroupId(String groupId) { this.groupId = groupId; }
- public void setId(String id) { this.id = id; }
- public void setEditable(boolean editable) { this.editable = editable; }
- //we don't use uuidmanager here because this class only handles UW metadata
- private UUID genUUID() { return UUID.randomUUID(); }
-
-
- private class RelyingPartyMapper implements RowMapper {
- DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
-
- @Override
- public RelyingParty mapRow(ResultSet resultSet, int i) throws SQLException {
-
- Document document;
- RelyingParty relyingParty;
- String groupId = resultSet.getString("group_id");
- String entityId = resultSet.getString("entity_id");
- String startTime = resultSet.getString("start_time");
- String endTime = resultSet.getString("end_time");
- String updatedBy = resultSet.getString("updated_by");
- UUID uuid = (UUID) resultSet.getObject("uuid");
-
- try {
- DocumentBuilder builder = dbf.newDocumentBuilder();
- document = builder.parse(resultSet.getAsciiStream("xml"));
-
- } catch (Exception e) {
- return null;
- }
-
- try {
- relyingParty = new RelyingParty(document.getDocumentElement(), id, true, updatedBy, startTime, endTime, uuid);
- } catch (RelyingPartyException ex) {
- log.debug(String.format("exception for new Relying Party group_id: %s entity_id: %s message: %s",
- groupId, entityId, ex.getMessage()));
- relyingParty = null;
- }
-
- if (relyingParty == null) {
- log.info(String.format("unparseable attribute filter for entity: %s in group: %s",
- entityId, groupId));
- }
-
- return relyingParty;
- }
- }
-
-
-}
+package edu.washington.iam.registry.rp;
+
+import edu.washington.iam.registry.exception.RelyingPartyException;
+import edu.washington.iam.tools.IdpHelper;
+import edu.washington.iam.tools.XMLHelper;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.*;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.jdbc.core.JdbcTemplate;
+import org.springframework.jdbc.core.RowMapper;
+import org.w3c.dom.Document;
+
+public class DBMetadata implements MetadataDAO {
+ private final Logger log = LoggerFactory.getLogger(getClass());
+
+ private String id;
+ private String groupId;
+ private boolean editable;
+ private IdpHelper idpHelper = null;
+
+ public void setIdpHelper(IdpHelper v) {
+ idpHelper = v;
+ }
+
+ @Autowired private JdbcTemplate template;
+
+ @Override
+ public List getRelyingParties() {
+ List rps =
+ template.query(
+ "select * from metadata where end_time is null and group_id = ?",
+ new Object[] {groupId},
+ new RelyingPartyMapper());
+ return rps;
+ }
+
+ @Override
+ public List getRelyingPartyHistoryById(String id) throws RelyingPartyException {
+ // get metadata
+ List rps = null;
+ try {
+ rps =
+ template.query(
+ "select * from metadata where group_id = ? and entity_id = ?"
+ + " order by start_time ASC",
+ new Object[] {groupId, id},
+ new RelyingPartyMapper());
+ log.info("Got a response in getRelyingPartyHistoryById");
+ return rps;
+ } catch (Exception e) {
+ String errorMsg =
+ String.format("error getting rp: %s, rps size = %s", id, (rps == null) ? 0 : rps.size());
+ log.error(errorMsg, e);
+ throw new RelyingPartyException(errorMsg);
+ }
+ }
+
+ @Override
+ public RelyingParty getRelyingPartyById(String id) throws RelyingPartyException {
+ List rps =
+ template.query(
+ "select * from metadata where end_time is null and group_id = ? and entity_id = ?",
+ new Object[] {groupId, id},
+ new RelyingPartyMapper());
+ if (rps.size() == 1 && rps.get(0) != null) {
+ return rps.get(0);
+ } else {
+ String errorMsg =
+ String.format("error getting rp: %s, rps size = %s", id, (rps == null) ? 0 : rps.size());
+ log.error(errorMsg);
+ throw new RelyingPartyException(errorMsg);
+ }
+ }
+
+ @Override
+ public List searchRelyingPartyIds(String searchStr) {
+ String sql;
+ List results;
+ if (searchStr != null) {
+ results =
+ template.queryForList(
+ "select entity_id from metadata where end_time is null and group_id = ? and entity_id like ?",
+ new Object[] {groupId, '%' + searchStr + '%'},
+ String.class);
+ } else {
+ results =
+ template.queryForList(
+ "select entity_id from metadata where end_time is null and group_id = ?",
+ new Object[] {groupId},
+ String.class);
+ }
+ return results;
+ }
+
+ @Override
+ public List getRelyingPartiesById(String search) {
+ String sql;
+ log.debug("DB search for id like " + search);
+ List rps =
+ template.query(
+ "select * from metadata where end_time is null and group_id = ? and entity_id like ?",
+ new Object[] {groupId, '%' + search + '%'},
+ new RelyingPartyMapper());
+ return rps;
+ }
+
+ @Override
+ public List getRelyingPartiesByAdmin(String admin) {
+ String sql;
+ log.debug("DB search for admin " + admin);
+ List rps = null;
+ if (admin.indexOf("@") > 0) {
+ rps =
+ template.query(
+ "select * from metadata where end_time is null and group_id = ? and (xml like ? or xml like ?)",
+ new Object[] {
+ groupId,
+ "%" + admin + "%",
+ "%mailto:" + admin + "%"
+ },
+ new RelyingPartyMapper());
+ } else {
+ rps =
+ template.query(
+ "select * from metadata where end_time is null and group_id = ? and (xml like ? or xml like ? or xml like ? or xml like ?)",
+ new Object[] {
+ groupId,
+ "%" + admin + "@uw.edu%",
+ "%" + admin + "@washington.edu%",
+ "%mailto:" + admin + "@uw.edu%",
+ "%mailto:" + admin + "@washington.edu%"
+ },
+ new RelyingPartyMapper());
+ }
+ return rps;
+ }
+
+ @Override
+ public void updateRelyingParty(RelyingParty relyingParty, String updatedBy) {
+ log.info(
+ String.format("updating metadata for rp %s in %s", relyingParty.getEntityId(), groupId));
+ try {
+ String xml = XMLHelper.serializeXmlToString(relyingParty);
+ List existingIds =
+ template.queryForList(
+ "select id from metadata where group_id = ? and entity_id = ? and end_time is null",
+ Integer.class,
+ groupId,
+ relyingParty.getEntityId());
+ if (existingIds.size() == 0) {
+ // no active records so we add an active record
+
+ template.update(
+ "insert into metadata (uuid, group_id, entity_id, xml, end_time, start_time, updated_by, status) values "
+ + "(? ,?, ?, ?, ?, now(), ?, 1)",
+ genUUID(),
+ groupId,
+ relyingParty.getEntityId(),
+ xml,
+ null,
+ updatedBy);
+ log.debug("added new rp " + relyingParty.getEntityId());
+ } else if (existingIds.size() == 1) {
+ // we need to get the uuid
+ List uuid =
+ template.queryForList(
+ "select uuid from metadata where entity_id = ? and end_time is null",
+ UUID.class,
+ relyingParty.getEntityId());
+ relyingParty.setUuid(uuid.get(0));
+ // active record exists so mark last one inactive
+ template.update(
+ "update metadata set end_time = now(), status = ? where id = ?", 0, existingIds.get(0));
+ // add new active record
+ log.info(
+ Integer.toString(
+ template.update(
+ "insert into metadata (uuid, group_id, entity_id, xml, end_time, start_time, updated_by, status) values "
+ + "(?, ?, ?, ?, ?, now(), ?, 1)",
+ relyingParty.getUuid(),
+ groupId,
+ relyingParty.getEntityId(),
+ xml,
+ null,
+ updatedBy)));
+ log.debug("updated existing rp " + relyingParty.getEntityId());
+ } else {
+ throw new RelyingPartyException(
+ "more than one active metadata record found!! No update performed. ");
+ }
+ if (idpHelper != null) idpHelper.notifyIdps("metadata");
+ } catch (Exception e) {
+ log.info("update metadata trouble: " + e.getMessage());
+ // just eat it - don't know the repercussions
+ }
+ }
+
+ @Override
+ public void removeRelyingParty(String rpid, String updatedBy) {
+ try {
+ log.info(String.format("looking to remove metadata for rp %s in %s", rpid, groupId));
+ /* small bit of errata: when removing an RP we rewrite the updatedBy field of the last record to the netid
+ of the person who deleted it. In this sense we lose the data of whoever made the last update,
+ but I think it's more important to know who deleted it over who made the last update
+ before it was deleted. Contrast with an update (above) where we mark the old record
+ inactive but don't change who updated it. We don't display deletes to users, so this mostly
+ matters in an audit situation.
+ I supposed a smarter implementation could put an end_date on the last update record and just add a new one
+ with end_date already set. */
+ List rpIds =
+ template.queryForList(
+ "select id from metadata where group_id = ? and entity_id = ? and end_time is null",
+ Integer.class,
+ groupId,
+ rpid);
+ if (rpIds.size() == 1 && rpIds.get(0) != null) {
+ log.info(
+ Integer.toString(
+ template.update(
+ "update metadata set end_time = now(), updated_by = ?, status = ? where id = ?",
+ updatedBy,
+ 0,
+ rpIds.get(0))));
+ log.info(String.format("updated (delete) %s", rpid));
+ } else if (rpIds.size() == 0) {
+ log.info(String.format("No rp found for %s", rpid));
+ } else {
+ throw new RelyingPartyException(
+ "more than one active metadata record found!! No update performed. ");
+ }
+
+ } catch (Exception e) {
+ log.info("remove metadata trouble: " + e.getMessage());
+ }
+ }
+
+ @Override
+ public boolean isEditable() {
+ return editable;
+ }
+
+ @Override
+ public void cleanup() {}
+
+ public void setGroupId(String groupId) {
+ this.groupId = groupId;
+ }
+
+ public void setId(String id) {
+ this.id = id;
+ }
+
+ public void setEditable(boolean editable) {
+ this.editable = editable;
+ }
+
+ // we don't use uuidmanager here because this class only handles UW metadata
+ private UUID genUUID() {
+ return UUID.randomUUID();
+ }
+
+ private class RelyingPartyMapper implements RowMapper {
+ DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+
+ @Override
+ public RelyingParty mapRow(ResultSet resultSet, int i) throws SQLException {
+
+ Document document;
+ RelyingParty relyingParty;
+ String groupId = resultSet.getString("group_id");
+ String entityId = resultSet.getString("entity_id");
+ String startTime = resultSet.getString("start_time");
+ String endTime = resultSet.getString("end_time");
+ String updatedBy = resultSet.getString("updated_by");
+ UUID uuid = (UUID) resultSet.getObject("uuid");
+
+ try {
+ DocumentBuilder builder = dbf.newDocumentBuilder();
+ document = builder.parse(resultSet.getAsciiStream("xml"));
+
+ } catch (Exception e) {
+ return null;
+ }
+
+ try {
+ relyingParty =
+ new RelyingParty(
+ document.getDocumentElement(), id, true, updatedBy, startTime, endTime, uuid);
+ } catch (RelyingPartyException ex) {
+ log.debug(
+ String.format(
+ "exception for new Relying Party group_id: %s entity_id: %s message: %s",
+ groupId, entityId, ex.getMessage()));
+ relyingParty = null;
+ }
+
+ if (relyingParty == null) {
+ log.info(
+ String.format(
+ "unparseable attribute filter for entity: %s in group: %s", entityId, groupId));
+ }
+
+ return relyingParty;
+ }
+ }
+}
diff --git a/src/main/java/edu/washington/iam/registry/rp/HistoryItem.java b/src/main/java/edu/washington/iam/registry/rp/HistoryItem.java
index 1dd5f82..987db7d 100644
--- a/src/main/java/edu/washington/iam/registry/rp/HistoryItem.java
+++ b/src/main/java/edu/washington/iam/registry/rp/HistoryItem.java
@@ -4,116 +4,103 @@
public class HistoryItem {
+ private String effectiveDate;
+ private List changes;
+ private String updatedBy;
- private String effectiveDate;
- private List changes;
- private String updatedBy;
+ public class ChangeItem {
- public class ChangeItem
- {
+ private String objectName;
+ private Object oldValue;
+ private Object newValue;
+ private int changeType;
+ private void LocalInit() {
- private String objectName;
- private Object oldValue;
- private Object newValue;
- private int changeType;
-
- private void LocalInit(){
-
- objectName = null;
- oldValue = null;
- newValue = null;
- changeType = 0;
- }
-
- private ChangeItem(String objectName, Object oldValue, Object newValue, int changeType) {
-
- LocalInit();
-
- this.objectName = objectName;
- this.oldValue = oldValue;
- this.newValue = newValue;
- this.changeType = changeType;
-
-
- }
-
- public String getObjectName() {
- return this.objectName;
- }
-
- public Object getOldValue() {
- return this.oldValue;
- }
-
- public Object getNewValue() {
- return this.newValue;
- }
+ objectName = null;
+ oldValue = null;
+ newValue = null;
+ changeType = 0;
+ }
- public int getChangeType() {
- return this.changeType;
- }
+ private ChangeItem(String objectName, Object oldValue, Object newValue, int changeType) {
+ LocalInit();
+ this.objectName = objectName;
+ this.oldValue = oldValue;
+ this.newValue = newValue;
+ this.changeType = changeType;
}
- private void localInit () {
- effectiveDate = null;
- changes = new Vector();
- updatedBy = "";
-
+ public String getObjectName() {
+ return this.objectName;
}
+ public Object getOldValue() {
+ return this.oldValue;
+ }
+ public Object getNewValue() {
+ return this.newValue;
+ }
- public HistoryItem (String effectiveDate, String updatedBy) {
-
- localInit();
-
- this.effectiveDate = effectiveDate;
- this.updatedBy = updatedBy;
-
+ public int getChangeType() {
+ return this.changeType;
}
+ }
- //1 = object changed
- //add a new instance of something that changed
- public void AddChangeItem(String objectName, Object oldValue, Object newValue){
+ private void localInit() {
+ effectiveDate = null;
+ changes = new Vector();
+ updatedBy = "";
+ }
- ChangeItem myItem = new ChangeItem(objectName, oldValue, newValue, 1);
- changes.add(myItem);
+ public HistoryItem(String effectiveDate, String updatedBy) {
- }
- //2 = object added (only new is populated)
- // something added that wasn't there before
- public void AddNewItem(String objectName, Object newValue){
+ localInit();
- ChangeItem myItem = new ChangeItem(objectName, null, newValue, 2);
- changes.add(myItem);
+ this.effectiveDate = effectiveDate;
+ this.updatedBy = updatedBy;
+ }
- }
- //3 = object removed (only old is populated)
- //something completely removed
- public void AddDeleteItem(String objectName, Object oldValue){
+ // 1 = object changed
+ // add a new instance of something that changed
+ public void AddChangeItem(String objectName, Object oldValue, Object newValue) {
- ChangeItem myItem = new ChangeItem(objectName, oldValue, null, 3);
- changes.add(myItem);
+ ChangeItem myItem = new ChangeItem(objectName, oldValue, newValue, 1);
+ changes.add(myItem);
+ }
- }
+ // 2 = object added (only new is populated)
+ // something added that wasn't there before
+ public void AddNewItem(String objectName, Object newValue) {
- public String getEffectiveDate() {
- return effectiveDate;
- }
+ ChangeItem myItem = new ChangeItem(objectName, null, newValue, 2);
+ changes.add(myItem);
+ }
- public List getChanges() {
- return changes;
- }
+ // 3 = object removed (only old is populated)
+ // something completely removed
+ public void AddDeleteItem(String objectName, Object oldValue) {
- public String getUpdatedBy() {
- return updatedBy;
- }
+ ChangeItem myItem = new ChangeItem(objectName, oldValue, null, 3);
+ changes.add(myItem);
+ }
- public int getNumberOfChanges() { return changes.size(); }
-}
+ public String getEffectiveDate() {
+ return effectiveDate;
+ }
+ public List getChanges() {
+ return changes;
+ }
+ public String getUpdatedBy() {
+ return updatedBy;
+ }
+ public int getNumberOfChanges() {
+ return changes.size();
+ }
+}
diff --git a/src/main/java/edu/washington/iam/registry/rp/KeyDescriptor.java b/src/main/java/edu/washington/iam/registry/rp/KeyDescriptor.java
index edfb6fa..7485baa 100644
--- a/src/main/java/edu/washington/iam/registry/rp/KeyDescriptor.java
+++ b/src/main/java/edu/washington/iam/registry/rp/KeyDescriptor.java
@@ -15,127 +15,122 @@
* ========================================================================
*/
-
package edu.washington.iam.registry.rp;
-import java.io.Serializable;
+import edu.washington.iam.registry.exception.RelyingPartyException;
+import edu.washington.iam.tools.IamCertificate;
+import edu.washington.iam.tools.IamCertificateException;
+import edu.washington.iam.tools.XMLHelper;
import java.io.BufferedWriter;
import java.io.IOException;
-
-import java.util.List;
-import java.util.Vector;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-
-import org.w3c.dom.Document;
+import java.io.Serializable;
import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-import org.w3c.dom.Node;
-import edu.washington.iam.tools.XMLHelper;
-import edu.washington.iam.tools.IamCertificate;
-import edu.washington.iam.tools.IamCertificateHelper;
-import edu.washington.iam.tools.IamCertificateException;
+// small subset of all possible keydescriptors
+public class KeyDescriptor implements Serializable {
-import edu.washington.iam.registry.exception.RelyingPartyException;
+ // private final Logger log = LoggerFactory.getLogger(getClass());
-// small subset of all possible keydescriptors
-public class KeyDescriptor implements Serializable {
-
- //private final Logger log = LoggerFactory.getLogger(getClass());
-
-
- private String use;
- private String keyName;
- private String certificate;
-
- // expanded cert (not written to the xml files)
- private IamCertificate cert;
-
- // create from document element (KeyDescriptor)
- public KeyDescriptor (Element ele) throws RelyingPartyException {
-
- use = ele.getAttribute("use");
- if (use==null) use = "";
-
- Element ki = XMLHelper.getElementByName(ele, "KeyInfo");
- keyName = null;
- certificate = null;
- if (ki==null) throw new RelyingPartyException("missing keyinfo");
-
- Element kn = XMLHelper.getElementByName(ki, "KeyName");
- Element x5 = XMLHelper.getElementByName(ki, "X509Data");
-
- if (kn==null && x5==null) throw new RelyingPartyException("invlaid keyinfo");
-
- if (kn!=null) keyName = kn.getTextContent();
- if (x5!=null) {
- Element crt = XMLHelper.getElementByName(x5, "X509Certificate");
- if (crt!=null) {
- try {
- String pem = crt.getTextContent();
- cert = new IamCertificate(pem);
- setCertificate(pem);
- } catch (IamCertificateException e) {
- throw new RelyingPartyException("The certificate PEM text is not valid.");
- }
- }
- }
- }
+ private String use;
+ private String keyName;
+ private String certificate;
- // create from dns default
- public KeyDescriptor (String dns) {
- keyName = dns;
- certificate = null;
- }
+ // expanded cert (not written to the xml files)
+ private IamCertificate cert;
+ // create from document element (KeyDescriptor)
+ public KeyDescriptor(Element ele) throws RelyingPartyException {
- public void writeXml(BufferedWriter xout) throws IOException {
- if (use.length()>0) xout.write(" \n");
- else xout.write(" \n");
- xout.write(" \n");
- if (keyName!=null) xout.write(" " + XMLHelper.safeXml(keyName) + "\n");
- if (certificate!=null) xout.write(" " + XMLHelper.safeXml(certificate) + "\n");
- xout.write(" \n");
- xout.write(" \n");
- }
+ use = ele.getAttribute("use");
+ if (use == null) use = "";
- // check for duplicate descriptor (ignore 'use')
- public boolean isDuplicate(KeyDescriptor test) {
- if (test.getUse()!=null && !use.equals(test.getUse())) return false;
- if (keyName!=null && (test.getKeyName()==null || !test.getKeyName().equals(keyName))) return false;
- if (keyName==null && test.getKeyName()!=null) return false;
- if (certificate!=null && (test.getCertificate()==null || !test.getCertificate().equals(certificate))) return false;
- if (certificate==null && test.getCertificate()!=null) return false;
- return true;
- }
+ Element ki = XMLHelper.getElementByName(ele, "KeyInfo");
+ keyName = null;
+ certificate = null;
+ if (ki == null) throw new RelyingPartyException("missing keyinfo");
- public void setUse(String v) {
- use = v;
- if (use==null) use = "";
- }
- public String getUse() {
- return (use);
- }
+ Element kn = XMLHelper.getElementByName(ki, "KeyName");
+ Element x5 = XMLHelper.getElementByName(ki, "X509Data");
- public void setKeyName(String v) {
- keyName = v;
- }
- public String getKeyName() {
- return (keyName);
- }
+ if (kn == null && x5 == null) throw new RelyingPartyException("invlaid keyinfo");
- public void setCertificate(String v) {
- certificate = v.replaceAll("\\s*-----BEGIN CERTIFICATE-----\\s*","").replaceAll("\\s*-----END CERTIFICATE-----\\s*","");
- }
- public String getCertificate() {
- return (certificate);
- }
- public IamCertificate getCert() {
- return (cert);
+ if (kn != null) keyName = kn.getTextContent();
+ if (x5 != null) {
+ Element crt = XMLHelper.getElementByName(x5, "X509Certificate");
+ if (crt != null) {
+ try {
+ String pem = crt.getTextContent();
+ cert = new IamCertificate(pem);
+ setCertificate(pem);
+ } catch (IamCertificateException e) {
+ throw new RelyingPartyException("The certificate PEM text is not valid.");
+ }
+ }
}
-
+ }
+
+ // create from dns default
+ public KeyDescriptor(String dns) {
+ keyName = dns;
+ certificate = null;
+ }
+
+ public void writeXml(BufferedWriter xout) throws IOException {
+ if (use.length() > 0) xout.write(" \n");
+ else xout.write(" \n");
+ xout.write(" \n");
+ if (keyName != null)
+ xout.write(" " + XMLHelper.safeXml(keyName) + "\n");
+ if (certificate != null)
+ xout.write(
+ " "
+ + XMLHelper.safeXml(certificate)
+ + "\n");
+ xout.write(" \n");
+ xout.write(" \n");
+ }
+
+ // check for duplicate descriptor (ignore 'use')
+ public boolean isDuplicate(KeyDescriptor test) {
+ if (test.getUse() != null && !use.equals(test.getUse())) return false;
+ if (keyName != null && (test.getKeyName() == null || !test.getKeyName().equals(keyName)))
+ return false;
+ if (keyName == null && test.getKeyName() != null) return false;
+ if (certificate != null
+ && (test.getCertificate() == null || !test.getCertificate().equals(certificate)))
+ return false;
+ if (certificate == null && test.getCertificate() != null) return false;
+ return true;
+ }
+
+ public void setUse(String v) {
+ use = v;
+ if (use == null) use = "";
+ }
+
+ public String getUse() {
+ return (use);
+ }
+
+ public void setKeyName(String v) {
+ keyName = v;
+ }
+
+ public String getKeyName() {
+ return (keyName);
+ }
+
+ public void setCertificate(String v) {
+ certificate =
+ v.replaceAll("\\s*-----BEGIN CERTIFICATE-----\\s*", "")
+ .replaceAll("\\s*-----END CERTIFICATE-----\\s*", "");
+ }
+
+ public String getCertificate() {
+ return (certificate);
+ }
+
+ public IamCertificate getCert() {
+ return (cert);
+ }
}
-
diff --git a/src/main/java/edu/washington/iam/registry/rp/ManageNameIDService.java b/src/main/java/edu/washington/iam/registry/rp/ManageNameIDService.java
index 8f4c615..5e666dd 100644
--- a/src/main/java/edu/washington/iam/registry/rp/ManageNameIDService.java
+++ b/src/main/java/edu/washington/iam/registry/rp/ManageNameIDService.java
@@ -15,66 +15,57 @@
* ========================================================================
*/
-
package edu.washington.iam.registry.rp;
-import java.io.Serializable;
+import edu.washington.iam.registry.exception.RelyingPartyException;
import java.io.BufferedWriter;
import java.io.IOException;
-
-import java.lang.NumberFormatException;
-import java.util.List;
-import java.util.Vector;
-
+import java.io.Serializable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
-
-import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-
-import edu.washington.iam.registry.exception.RelyingPartyException;
-
-public class ManageNameIDService implements Serializable {
-
- private final Logger log = LoggerFactory.getLogger(getClass());
-
- private String binding;
- private String location;
- private String index;
-
- // create from document element
- public ManageNameIDService (Element ele) throws RelyingPartyException {
- binding = ele.getAttribute("Binding");
- location = ele.getAttribute("Location");
- if (binding==null || location==null) throw new RelyingPartyException("missing NIM attributes");
- if (!binding.startsWith("urn:")) throw new RelyingPartyException("invalid NIM binding");
- if (!location.startsWith("http")) throw new RelyingPartyException("invalid NIM location");
- }
-
- public ManageNameIDService (String b, String l) {
- binding = b;
- location = l;
- }
-
- public void writeXml(BufferedWriter xout) throws IOException {
- xout.write(" \n");
- }
-
- public void setBinding(String v) {
- binding = v;
- }
- public String getBinding() {
- return (binding);
- }
-
- public void setLocation(String v) {
- location = v;
- }
- public String getLocation() {
- return (location);
- }
+public class ManageNameIDService implements Serializable {
+
+ private final Logger log = LoggerFactory.getLogger(getClass());
+
+ private String binding;
+ private String location;
+ private String index;
+
+ // create from document element
+ public ManageNameIDService(Element ele) throws RelyingPartyException {
+ binding = ele.getAttribute("Binding");
+ location = ele.getAttribute("Location");
+ if (binding == null || location == null)
+ throw new RelyingPartyException("missing NIM attributes");
+ if (!binding.startsWith("urn:")) throw new RelyingPartyException("invalid NIM binding");
+ if (!location.startsWith("http")) throw new RelyingPartyException("invalid NIM location");
+ }
+
+ public ManageNameIDService(String b, String l) {
+ binding = b;
+ location = l;
+ }
+
+ public void writeXml(BufferedWriter xout) throws IOException {
+ xout.write(
+ " \n");
+ }
+
+ public void setBinding(String v) {
+ binding = v;
+ }
+
+ public String getBinding() {
+ return (binding);
+ }
+
+ public void setLocation(String v) {
+ location = v;
+ }
+
+ public String getLocation() {
+ return (location);
+ }
}
-
diff --git a/src/main/java/edu/washington/iam/registry/rp/MetadataDAO.java b/src/main/java/edu/washington/iam/registry/rp/MetadataDAO.java
index 23416f4..45d1564 100644
--- a/src/main/java/edu/washington/iam/registry/rp/MetadataDAO.java
+++ b/src/main/java/edu/washington/iam/registry/rp/MetadataDAO.java
@@ -1,18 +1,26 @@
-package edu.washington.iam.registry.rp;
-
-import edu.washington.iam.registry.exception.RelyingPartyException;
-
-import java.util.List;
-
-public interface MetadataDAO {
- public List getRelyingParties();
- public List getRelyingPartyHistoryById(String id) throws RelyingPartyException;
- public RelyingParty getRelyingPartyById(String id) throws RelyingPartyException;
- public List searchRelyingPartyIds(String searchStr);
- public List getRelyingPartiesById(String searchStr);
- public List getRelyingPartiesByAdmin(String admin);
- public void updateRelyingParty(RelyingParty rp, String updatedBy);
- public void removeRelyingParty(String rpid, String updatedBy);
- public boolean isEditable();
- public void cleanup();
-}
+package edu.washington.iam.registry.rp;
+
+import edu.washington.iam.registry.exception.RelyingPartyException;
+import java.util.List;
+
+public interface MetadataDAO {
+ public List getRelyingParties();
+
+ public List getRelyingPartyHistoryById(String id) throws RelyingPartyException;
+
+ public RelyingParty getRelyingPartyById(String id) throws RelyingPartyException;
+
+ public List searchRelyingPartyIds(String searchStr);
+
+ public List getRelyingPartiesById(String searchStr);
+
+ public List getRelyingPartiesByAdmin(String admin);
+
+ public void updateRelyingParty(RelyingParty rp, String updatedBy);
+
+ public void removeRelyingParty(String rpid, String updatedBy);
+
+ public boolean isEditable();
+
+ public void cleanup();
+}
diff --git a/src/main/java/edu/washington/iam/registry/rp/Organization.java b/src/main/java/edu/washington/iam/registry/rp/Organization.java
index f2560ec..90ceecc 100644
--- a/src/main/java/edu/washington/iam/registry/rp/Organization.java
+++ b/src/main/java/edu/washington/iam/registry/rp/Organization.java
@@ -15,92 +15,92 @@
* ========================================================================
*/
-
package edu.washington.iam.registry.rp;
-import java.io.Serializable;
+import edu.washington.iam.registry.exception.RelyingPartyException;
+import edu.washington.iam.tools.XMLHelper;
import java.io.BufferedWriter;
import java.io.IOException;
-
-import java.util.List;
-import java.util.Vector;
-
+import java.io.Serializable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
-
-import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
-import edu.washington.iam.tools.XMLHelper;
-import edu.washington.iam.registry.exception.RelyingPartyException;
-
-
-public class Organization implements Serializable {
-
- private final Logger log = LoggerFactory.getLogger(getClass());
-
- private String name;
- private String displayName;
- private String url;
-
- // create from document element
- public Organization (Element ele) throws RelyingPartyException {
- name = null;
- displayName = null;
- url = null;
- NodeList chl = ele.getChildNodes();
- for (int i=0; i\n");
- if (name!=null) xout.write(" " + XMLHelper.safeXml(name) + "\n");
- if (displayName!=null) xout.write(" " + XMLHelper.safeXml(displayName) + "\n");
- if (url!=null) xout.write(" " + XMLHelper.safeXml(url) + "\n");
- xout.write(" \n");
- }
-
-
- public void setName(String v) {
- name = v;
- }
- public String getName() {
- return (name);
- }
-
- public void setDisplayName(String v) {
- displayName = v;
- }
- public String getDisplayName() {
- return (displayName);
- }
-
- public void setUrl(String v) {
- url = v;
- }
- public String getUrl() {
- return (url);
+public class Organization implements Serializable {
+
+ private final Logger log = LoggerFactory.getLogger(getClass());
+
+ private String name;
+ private String displayName;
+ private String url;
+
+ // create from document element
+ public Organization(Element ele) throws RelyingPartyException {
+ name = null;
+ displayName = null;
+ url = null;
+ NodeList chl = ele.getChildNodes();
+ for (int i = 0; i < chl.getLength(); i++) {
+ if (chl.item(i).getNodeType() != Node.ELEMENT_NODE) continue;
+ Element ch = (Element) chl.item(i);
+ String nn = ch.getNodeName();
+ if (XMLHelper.matches(nn, "OrganizationName")) name = ch.getTextContent();
+ if (XMLHelper.matches(nn, "OrganizationDisplayName")) displayName = ch.getTextContent();
+ if (XMLHelper.matches(nn, "OrganizationURL")) url = ch.getTextContent();
}
+ // if (name==null) throw new RelyingPartyException("missing org name");
+ // if (displayName==null) throw new RelyingPartyException("missing org displayName");
+ // if (url==null) throw new RelyingPartyException("missing org url");
+ }
+
+ // create from strings
+ public Organization(String n, String d, String u) {
+ name = n;
+ displayName = d;
+ url = u;
+ }
+
+ public void writeXml(BufferedWriter xout) throws IOException {
+ xout.write(" \n");
+ if (name != null)
+ xout.write(
+ " "
+ + XMLHelper.safeXml(name)
+ + "\n");
+ if (displayName != null)
+ xout.write(
+ " "
+ + XMLHelper.safeXml(displayName)
+ + "\n");
+ if (url != null)
+ xout.write(
+ " " + XMLHelper.safeXml(url) + "\n");
+ xout.write(" \n");
+ }
+
+ public void setName(String v) {
+ name = v;
+ }
+
+ public String getName() {
+ return (name);
+ }
+
+ public void setDisplayName(String v) {
+ displayName = v;
+ }
+
+ public String getDisplayName() {
+ return (displayName);
+ }
+
+ public void setUrl(String v) {
+ url = v;
+ }
+
+ public String getUrl() {
+ return (url);
+ }
}
-
diff --git a/src/main/java/edu/washington/iam/registry/rp/RelyingParty.java b/src/main/java/edu/washington/iam/registry/rp/RelyingParty.java
index 52ea396..fd219ad 100644
--- a/src/main/java/edu/washington/iam/registry/rp/RelyingParty.java
+++ b/src/main/java/edu/washington/iam/registry/rp/RelyingParty.java
@@ -1,523 +1,534 @@
-/* ========================================================================
- * Copyright (c) 2009 The University of Washington
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ========================================================================
- */
-
-
-package edu.washington.iam.registry.rp;
-
-import java.io.BufferedWriter;
-import java.io.IOException;
-
-import java.lang.reflect.Field;
-import java.lang.reflect.Method;
-import java.util.*;
-
-import edu.washington.iam.tools.XMLSerializable;
-
-import org.javers.core.diff.Change;
-import org.javers.core.diff.changetype.NewObject;
-import org.javers.core.diff.changetype.ObjectRemoved;
-import org.javers.core.diff.changetype.ValueChange;
-import org.javers.core.metamodel.annotation.Id;
-import org.javers.core.metamodel.annotation.TypeName;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-
-
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-import org.w3c.dom.Node;
-
-import edu.washington.iam.tools.XMLHelper;
-
-import edu.washington.iam.registry.exception.RelyingPartyException;
-
-import org.javers.core.*;
-import org.javers.core.diff.Diff;
-import org.javers.core.metamodel.object.*;
-
-import edu.washington.iam.registry.rp.HistoryItem;
-import edu.washington.iam.registry.rp.HistoryItem.*;
-
-import javax.xml.bind.ValidationEvent;
-
-import static org.javers.core.diff.ListCompareAlgorithm.LEVENSHTEIN_DISTANCE;
-
-//decorator for javers compare functions
-@TypeName("RelyingParty")
-public class RelyingParty implements XMLSerializable {
-
- private final Logger log = LoggerFactory.getLogger(getClass());
-
- private UUID uuid;
- @Id //decorator for javers
- private String entityId;
- private String startTime;
- private String endTime;
- private String updatedBy;
- private String metadataId;
- private boolean editable;
- private String protocolSupportEnumerationsUnsplit;
- private List protocolSupportEnumerations;
- // List extensions;
- private List keyDescriptors;
- private List nameIDFormats;
- private List assertionConsumerServices;
- private Organization organization;
- private List contactPersons;
-
- private String authnRequestsSigned;
- private List manageNameIDServices;
-
- private String entityCategory;
-
- // initialize
- private void localInit () {
- metadataId = "";
-
- updatedBy = "";
- startTime = "";
- endTime = "";
- uuid = null;
- editable = false;
- // extensions = new Vector();
- keyDescriptors = new Vector();
- nameIDFormats = new Vector();
- assertionConsumerServices = new Vector();
- organization = null;
- contactPersons = new Vector();
- manageNameIDServices = new Vector();
- }
-
- // create from document element
-// public RelyingParty (Element ele, Metadata md) throws RelyingPartyException {
-// this(ele, md.getId(), md.isEditable());
-// }
-
- public RelyingParty (Element ele, String mdid, boolean edit) throws RelyingPartyException {
-
- this(ele, mdid, edit, "", "", "", null);
-
- }
-
- // create from document element
-
- public RelyingParty (Element ele, String mdid, boolean edit, String updatedBy, String startTime, String endTime,
- UUID uuid)
- throws RelyingPartyException {
-
- localInit();
- this.entityId = ele.getAttribute("entityID");
- if (entityId==null) throw new RelyingPartyException("No entity id attribute");
- // log.debug("create from doc: " + entityId);
-
- this.metadataId = mdid;
- this.editable = edit;
- this.updatedBy = updatedBy;
- this.startTime = startTime;
- this.endTime = endTime;
- this.uuid = uuid;
-
- NodeList nl1 = ele.getChildNodes();
- for (int i=0; i\n");
- String ars = "";
- if (authnRequestsSigned.length()>0) ars = " AuthnRequestsSigned=\"" + XMLHelper.safeXml(authnRequestsSigned) + "\"";
- xout.write(" \n");
-
- for (int i=0; i" + XMLHelper.safeXml(nameIDFormats.get(i)) + "\n");
- }
-
-/*** don't know if this goes before or after the nameidformats
- for (int i=0; i\n");
-
- if (organization!=null) organization.writeXml(xout);
- else log.info("no org for " + entityId);
- for (int i=0; i\n");
- }
-
- public HistoryItem RpCompare(RelyingParty obj){
-
- HistoryItem historyItems;
-
- Javers javers = JaversBuilder.javers()
- .withListCompareAlgorithm(LEVENSHTEIN_DISTANCE)
- .build();
-
- //take a diff
- Diff diff = javers.compare(this, obj);
- String foo = javers.getJsonConverter().toJson(diff).toString();
- //get the date
- ValueChange effectiveDate = (ValueChange)diff.getPropertyChanges("startTime").get(0);
- //create new history item using date
- historyItems = new HistoryItem(effectiveDate.getRight().toString(), obj.getUpdatedBy());
- //now iterate over all changes and put into history item (ignore start and end times now)
- try {
- //select out ValueChange objects only
- int objDupIndex = -1; //prevent duplicates
- Object objDupType = null; //prevent duplicates
- List myValueChanges = diff.getChangesByType(ValueChange.class);
- for (ValueChange change : myValueChanges) {
- //changed value
- Object obj1 = change.getAffectedObject(); //returns changed object
- //we don't care about these fields
- if (change.getPropertyName().equalsIgnoreCase("startTime") ||
- change.getPropertyName().equalsIgnoreCase("endTime") ||
- change.getPropertyName().equalsIgnoreCase("uuid") ||
- change.getPropertyName().equalsIgnoreCase("updatedBy")) continue;
- //if object type is RelyingParty then this change is a single valued field, not a list of fields of a different object type (e.g. contactPersons).
- if (obj1 instanceof RelyingParty) {
- String propertyName = change.getPropertyName().toString();
- String left = change.getLeft().toString();
- String right = change.getRight().toString();
- historyItems.AddChangeItem(propertyName, left, right);
-
- } else { //else should catch any "object" type fields of RelyingParty
- String propertyName = change.getPropertyName().toString();
- //string containing index of affected object
- GlobalId globalId = change.getAffectedGlobalId();
- ValueObjectId valueId = (ValueObjectId) globalId;
- String[] idList = valueId.getFragment().split("/");
- int objIndex = Integer.parseInt(idList[1]);
- //since we grab the entire object when we detect one change,
- //don't bother tracking additional changes
- if (objIndex == objDupIndex && obj1.equals(objDupType)) {
- continue;
- }
- objDupIndex = objIndex; //keep track of this instance index
- objDupType = obj1; //keep track of this object so we don't duplicate it
- //easy to get the change TO value from the change object
- Object right = change.getAffectedObject().get();
- //some nutty reflection to get the original value
- Class leftCls = this.getClass();
- Field leftField = leftCls.getDeclaredField(idList[0]);
- Object left = ((Vector) leftField.get(this)).get(objIndex);
-
- //idList[0] is the name of the property in RelyingParty Object
- //note the object type name from left and right are different from idlist[0]. The latter is the name of
- //the list of the former objects in RelyingParty Object.
- historyItems.AddChangeItem(idList[0], left, right);
-
-
- }
- }
- List myNewObjects = diff.getChangesByType(NewObject.class);
- for (Change change : myNewObjects) {
- Object obj2 = change.getAffectedObject().get();
- String[] classNameSplit = obj2.getClass().toString().split("\\.");
- String className = classNameSplit[classNameSplit.length - 1];
- if (className.equalsIgnoreCase("startTime") ||
- className.equalsIgnoreCase("endTime") ||
- className.equalsIgnoreCase("uuid") ||
- className.equalsIgnoreCase("loggerRemoteView") ||
- className.equalsIgnoreCase("logger") ||
- className.equalsIgnoreCase("updatedBy")) continue;
- //if object type is RelyingParty then this change is a single valued field, not a list of fields of a different object type (e.g. contactPersons).
- if (obj2 instanceof RelyingParty) {
- historyItems.AddNewItem(className, obj2);
- } else { //else should catch any "object" type fields of RelyingParty
- String propertyName = className;
- //string containing index of affected object
- GlobalId globalId = change.getAffectedGlobalId();
- ValueObjectId valueId = (ValueObjectId) globalId;
- String[] idList = valueId.getFragment().split("/");
- int objIndex = Integer.parseInt(idList[1]);
- //since we grab the entire object when we detect one change,
- //don't bother tracking additional changes
- if (objIndex == objDupIndex && obj2.equals(objDupType)) {
- continue;
- }
- objDupIndex = objIndex; //keep track of this instance index
- objDupType = obj2; //keep track of this object so we don't duplicate it
- //idList[0] is the name of the property in RelyingParty Object
- //note the object type (classname above) is different from idlist[0]. The latter is the name of
- //the list of the former objects in RelyingParty Object.
- historyItems.AddNewItem(idList[0], obj2);
-
-
- }
-
- }
- List myRemovedObjects = diff.getChangesByType(ObjectRemoved.class);
- for (Change change : myRemovedObjects) {
- Object obj3 = change.getAffectedObject().get();
- String[] classNameSplit = obj3.getClass().toString().split("\\.");
- String className = classNameSplit[classNameSplit.length - 1];
- if (className.equalsIgnoreCase("startTime") ||
- className.equalsIgnoreCase("endTime") ||
- className.equalsIgnoreCase("uuid") ||
- className.equalsIgnoreCase("loggerRemoteView") ||
- className.equalsIgnoreCase("logger") ||
- className.equalsIgnoreCase("updatedBy")) continue;
- //if object type is RelyingParty then this change is a single valued field, not a list of fields of a different object type (e.g. contactPersons).
- if (obj3 instanceof RelyingParty) {
- historyItems.AddDeleteItem(className, change.toString()); //will that work?
- } else { //else should catch any "object" type fields of RelyingParty
- String propertyName = className;
- //string containing index of affected object
- GlobalId globalId = change.getAffectedGlobalId();
- ValueObjectId valueId = (ValueObjectId) globalId;
- String[] idList = valueId.getFragment().split("/");
- int objIndex = Integer.parseInt(idList[1]);
- //since we grab the entire object when we detect one change,
- //don't bother tracking additional changes
- if (objIndex == objDupIndex && obj3.equals(objDupType)) {
- continue;
- }
- objDupIndex = objIndex; //keep track of this instance index
- objDupType = obj3; //keep track of this object so we don't duplicate it
- //some nutty reflection to get the original value
- Class leftCls = this.getClass();
- Field leftField = leftCls.getDeclaredField(idList[0]);
- Object left = ((Vector) leftField.get(this)).get(objIndex);
- //idList[0] is the name of the property in RelyingParty Object
- //note the object type (classname above) is different from idlist[0]. The latter is the name of
- //the list of the former objects in RelyingParty Object.
- historyItems.AddDeleteItem(idList[0], left);
- }
-
- }
- }
- catch (Exception e) {
- Exception ee = e;
- }
-
- return historyItems;
- }
-
- public RelyingParty replicate(String dns) {
- return null;
- }
-
- public void setEntityId(String v) {
- entityId = v;
- }
- public String getEntityId() {
- return (entityId);
- }
-
- public void setMetadataId(String v) {
- metadataId = v;
- }
- public String getMetadataId() {
- return (metadataId);
- }
-
- public void setStartTime(String v) {
- startTime = v;
- }
- public String getStartTime() {
- return (startTime);
- }
- public void setEndTime(String v) {
- endTime = v;
- }
- public String getEndTime() {
- return (endTime);
- }
- public void setUuid(UUID v) {
- uuid = v;
- }
- public UUID getUuid() {
- return (uuid);
- }
- public void setUpdatedBy(String v) {
- updatedBy = v;
- }
- public String getUpdatedBy() {
- return (updatedBy);
- }
-
-
- public void setEditable(boolean v) {
- editable = v;
- }
- public boolean getEditable() {
- return (editable);
- }
-
- public List getProtocolSupportEnumerations() {
- return (protocolSupportEnumerations);
- }
- public void setKeyDescriptors(List v) {
- keyDescriptors = v;
- }
- public List getKeyDescriptors() {
- return (keyDescriptors);
- }
-
- public void setNameIDFormats(List v) {
- nameIDFormats = v;
- }
- public List getNameIDFormats() {
- return (nameIDFormats);
- }
-
- public void setAssertionConsumerServices(List v) {
- assertionConsumerServices = v;
- }
- public List getAssertionConsumerServices() {
- return (assertionConsumerServices);
- }
- public String getAuthnRequestsSigned(){
- return authnRequestsSigned;
- }
- public void setAuthnRequestsSigned(String v){
- authnRequestsSigned = v;
- }
-
- public void setOrganization(Organization v) {
- organization = v;
- }
- public Organization getOrganization() {
- return organization;
- }
-
- public void setContactPersons(List v) {
- contactPersons = v;
- }
- public List getContactPersons() {
- return (contactPersons);
- }
-
- public String getEntityCategory() {
- return (entityCategory);
- }
-
-}
-
+/* ========================================================================
+ * Copyright (c) 2009 The University of Washington
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ========================================================================
+ */
+
+package edu.washington.iam.registry.rp;
+
+import static org.javers.core.diff.ListCompareAlgorithm.LEVENSHTEIN_DISTANCE;
+
+import edu.washington.iam.registry.exception.RelyingPartyException;
+import edu.washington.iam.registry.rp.HistoryItem.*;
+import edu.washington.iam.tools.XMLHelper;
+import edu.washington.iam.tools.XMLSerializable;
+import java.io.BufferedWriter;
+import java.io.IOException;
+import java.lang.reflect.Field;
+import java.util.*;
+import org.javers.core.*;
+import org.javers.core.diff.Change;
+import org.javers.core.diff.Diff;
+import org.javers.core.diff.changetype.NewObject;
+import org.javers.core.diff.changetype.ObjectRemoved;
+import org.javers.core.diff.changetype.ValueChange;
+import org.javers.core.metamodel.annotation.Id;
+import org.javers.core.metamodel.annotation.TypeName;
+import org.javers.core.metamodel.object.*;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+// decorator for javers compare functions
+@TypeName("RelyingParty")
+public class RelyingParty implements XMLSerializable {
+
+ private final Logger log = LoggerFactory.getLogger(getClass());
+
+ private UUID uuid;
+ @Id // decorator for javers
+ private String entityId;
+ private String startTime;
+ private String endTime;
+ private String updatedBy;
+ private String metadataId;
+ private boolean editable;
+ private String protocolSupportEnumerationsUnsplit;
+ private List protocolSupportEnumerations;
+ // List extensions;
+ private List keyDescriptors;
+ private List nameIDFormats;
+ private List assertionConsumerServices;
+ private Organization organization;
+ private List contactPersons;
+
+ private String authnRequestsSigned;
+ private List manageNameIDServices;
+
+ private String entityCategory;
+
+ // initialize
+ private void localInit() {
+ metadataId = "";
+
+ updatedBy = "";
+ startTime = "";
+ endTime = "";
+ uuid = null;
+ editable = false;
+ // extensions = new Vector();
+ keyDescriptors = new Vector();
+ nameIDFormats = new Vector();
+ assertionConsumerServices = new Vector();
+ organization = null;
+ contactPersons = new Vector();
+ manageNameIDServices = new Vector();
+ }
+
+ // create from document element
+ // public RelyingParty (Element ele, Metadata md) throws RelyingPartyException {
+ // this(ele, md.getId(), md.isEditable());
+ // }
+
+ public RelyingParty(Element ele, String mdid, boolean edit) throws RelyingPartyException {
+
+ this(ele, mdid, edit, "", "", "", null);
+ }
+
+ // create from document element
+
+ public RelyingParty(
+ Element ele,
+ String mdid,
+ boolean edit,
+ String updatedBy,
+ String startTime,
+ String endTime,
+ UUID uuid)
+ throws RelyingPartyException {
+
+ localInit();
+ this.entityId = ele.getAttribute("entityID");
+ if (entityId == null) throw new RelyingPartyException("No entity id attribute");
+ // log.debug("create from doc: " + entityId);
+
+ this.metadataId = mdid;
+ this.editable = edit;
+ this.updatedBy = updatedBy;
+ this.startTime = startTime;
+ this.endTime = endTime;
+ this.uuid = uuid;
+
+ NodeList nl1 = ele.getChildNodes();
+ for (int i = 0; i < nl1.getLength(); i++) {
+ if (nl1.item(i).getNodeType() != Node.ELEMENT_NODE) continue;
+ Element e1 = (Element) nl1.item(i);
+ String name = e1.getNodeName();
+ // log.debug("rp ele: " + name);
+
+ if (XMLHelper.matches(name, "SPSSODescriptor")) {
+ authnRequestsSigned = ele.getAttribute("AuthnRequestsSigned");
+ protocolSupportEnumerationsUnsplit = e1.getAttribute("protocolSupportEnumeration");
+ protocolSupportEnumerations = Arrays.asList(protocolSupportEnumerationsUnsplit.split(" "));
+ /***
+ * for (int j=0; j\n");
+ String ars = "";
+ if (authnRequestsSigned.length() > 0)
+ ars = " AuthnRequestsSigned=\"" + XMLHelper.safeXml(authnRequestsSigned) + "\"";
+ xout.write(
+ " \n");
+
+ for (int i = 0; i < keyDescriptors.size(); i++) {
+ keyDescriptors.get(i).writeXml(xout);
+ }
+
+ for (int i = 0; i < nameIDFormats.size(); i++) {
+ xout.write(
+ " " + XMLHelper.safeXml(nameIDFormats.get(i)) + "\n");
+ }
+
+ /*** don't know if this goes before or after the nameidformats
+ * for (int i=0; i\n");
+
+ if (organization != null) organization.writeXml(xout);
+ else log.info("no org for " + entityId);
+ for (int i = 0; i < contactPersons.size(); i++) {
+ contactPersons.get(i).writeXml(xout);
+ }
+ xout.write(" \n");
+ }
+
+ public HistoryItem RpCompare(RelyingParty obj) {
+
+ HistoryItem historyItems;
+
+ Javers javers = JaversBuilder.javers().withListCompareAlgorithm(LEVENSHTEIN_DISTANCE).build();
+
+ // take a diff
+ Diff diff = javers.compare(this, obj);
+ String foo = javers.getJsonConverter().toJson(diff).toString();
+ // get the date
+ ValueChange effectiveDate = (ValueChange) diff.getPropertyChanges("startTime").get(0);
+ // create new history item using date
+ historyItems = new HistoryItem(effectiveDate.getRight().toString(), obj.getUpdatedBy());
+ // now iterate over all changes and put into history item (ignore start and end times now)
+ try {
+ // select out ValueChange objects only
+ int objDupIndex = -1; // prevent duplicates
+ Object objDupType = null; // prevent duplicates
+ List myValueChanges = diff.getChangesByType(ValueChange.class);
+ for (ValueChange change : myValueChanges) {
+ // changed value
+ Object obj1 = change.getAffectedObject(); // returns changed object
+ // we don't care about these fields
+ if (change.getPropertyName().equalsIgnoreCase("startTime")
+ || change.getPropertyName().equalsIgnoreCase("endTime")
+ || change.getPropertyName().equalsIgnoreCase("uuid")
+ || change.getPropertyName().equalsIgnoreCase("updatedBy")) continue;
+ // if object type is RelyingParty then this change is a single valued field, not a list of
+ // fields of a different object type (e.g. contactPersons).
+ if (obj1 instanceof RelyingParty) {
+ String propertyName = change.getPropertyName().toString();
+ String left = change.getLeft().toString();
+ String right = change.getRight().toString();
+ historyItems.AddChangeItem(propertyName, left, right);
+
+ } else { // else should catch any "object" type fields of RelyingParty
+ String propertyName = change.getPropertyName().toString();
+ // string containing index of affected object
+ GlobalId globalId = change.getAffectedGlobalId();
+ ValueObjectId valueId = (ValueObjectId) globalId;
+ String[] idList = valueId.getFragment().split("/");
+ int objIndex = Integer.parseInt(idList[1]);
+ // since we grab the entire object when we detect one change,
+ // don't bother tracking additional changes
+ if (objIndex == objDupIndex && obj1.equals(objDupType)) {
+ continue;
+ }
+ objDupIndex = objIndex; // keep track of this instance index
+ objDupType = obj1; // keep track of this object so we don't duplicate it
+ // easy to get the change TO value from the change object
+ Object right = change.getAffectedObject().get();
+ // some nutty reflection to get the original value
+ Class leftCls = this.getClass();
+ Field leftField = leftCls.getDeclaredField(idList[0]);
+ Object left = ((Vector) leftField.get(this)).get(objIndex);
+
+ // idList[0] is the name of the property in RelyingParty Object
+ // note the object type name from left and right are different from idlist[0]. The latter
+ // is the name of
+ // the list of the former objects in RelyingParty Object.
+ historyItems.AddChangeItem(idList[0], left, right);
+ }
+ }
+ List myNewObjects = diff.getChangesByType(NewObject.class);
+ for (Change change : myNewObjects) {
+ Object obj2 = change.getAffectedObject().get();
+ String[] classNameSplit = obj2.getClass().toString().split("\\.");
+ String className = classNameSplit[classNameSplit.length - 1];
+ if (className.equalsIgnoreCase("startTime")
+ || className.equalsIgnoreCase("endTime")
+ || className.equalsIgnoreCase("uuid")
+ || className.equalsIgnoreCase("loggerRemoteView")
+ || className.equalsIgnoreCase("logger")
+ || className.equalsIgnoreCase("updatedBy")) continue;
+ // if object type is RelyingParty then this change is a single valued field, not a list of
+ // fields of a different object type (e.g. contactPersons).
+ if (obj2 instanceof RelyingParty) {
+ historyItems.AddNewItem(className, obj2);
+ } else { // else should catch any "object" type fields of RelyingParty
+ String propertyName = className;
+ // string containing index of affected object
+ GlobalId globalId = change.getAffectedGlobalId();
+ ValueObjectId valueId = (ValueObjectId) globalId;
+ String[] idList = valueId.getFragment().split("/");
+ int objIndex = Integer.parseInt(idList[1]);
+ // since we grab the entire object when we detect one change,
+ // don't bother tracking additional changes
+ if (objIndex == objDupIndex && obj2.equals(objDupType)) {
+ continue;
+ }
+ objDupIndex = objIndex; // keep track of this instance index
+ objDupType = obj2; // keep track of this object so we don't duplicate it
+ // idList[0] is the name of the property in RelyingParty Object
+ // note the object type (classname above) is different from idlist[0]. The latter is the
+ // name of
+ // the list of the former objects in RelyingParty Object.
+ historyItems.AddNewItem(idList[0], obj2);
+ }
+ }
+ List myRemovedObjects = diff.getChangesByType(ObjectRemoved.class);
+ for (Change change : myRemovedObjects) {
+ Object obj3 = change.getAffectedObject().get();
+ String[] classNameSplit = obj3.getClass().toString().split("\\.");
+ String className = classNameSplit[classNameSplit.length - 1];
+ if (className.equalsIgnoreCase("startTime")
+ || className.equalsIgnoreCase("endTime")
+ || className.equalsIgnoreCase("uuid")
+ || className.equalsIgnoreCase("loggerRemoteView")
+ || className.equalsIgnoreCase("logger")
+ || className.equalsIgnoreCase("updatedBy")) continue;
+ // if object type is RelyingParty then this change is a single valued field, not a list of
+ // fields of a different object type (e.g. contactPersons).
+ if (obj3 instanceof RelyingParty) {
+ historyItems.AddDeleteItem(className, change.toString()); // will that work?
+ } else { // else should catch any "object" type fields of RelyingParty
+ String propertyName = className;
+ // string containing index of affected object
+ GlobalId globalId = change.getAffectedGlobalId();
+ ValueObjectId valueId = (ValueObjectId) globalId;
+ String[] idList = valueId.getFragment().split("/");
+ int objIndex = Integer.parseInt(idList[1]);
+ // since we grab the entire object when we detect one change,
+ // don't bother tracking additional changes
+ if (objIndex == objDupIndex && obj3.equals(objDupType)) {
+ continue;
+ }
+ objDupIndex = objIndex; // keep track of this instance index
+ objDupType = obj3; // keep track of this object so we don't duplicate it
+ // some nutty reflection to get the original value
+ Class leftCls = this.getClass();
+ Field leftField = leftCls.getDeclaredField(idList[0]);
+ Object left = ((Vector) leftField.get(this)).get(objIndex);
+ // idList[0] is the name of the property in RelyingParty Object
+ // note the object type (classname above) is different from idlist[0]. The latter is the
+ // name of
+ // the list of the former objects in RelyingParty Object.
+ historyItems.AddDeleteItem(idList[0], left);
+ }
+ }
+ } catch (Exception e) {
+ Exception ee = e;
+ }
+
+ return historyItems;
+ }
+
+ public RelyingParty replicate(String dns) {
+ return null;
+ }
+
+ public void setEntityId(String v) {
+ entityId = v;
+ }
+
+ public String getEntityId() {
+ return (entityId);
+ }
+
+ public void setMetadataId(String v) {
+ metadataId = v;
+ }
+
+ public String getMetadataId() {
+ return (metadataId);
+ }
+
+ public void setStartTime(String v) {
+ startTime = v;
+ }
+
+ public String getStartTime() {
+ return (startTime);
+ }
+
+ public void setEndTime(String v) {
+ endTime = v;
+ }
+
+ public String getEndTime() {
+ return (endTime);
+ }
+
+ public void setUuid(UUID v) {
+ uuid = v;
+ }
+
+ public UUID getUuid() {
+ return (uuid);
+ }
+
+ public void setUpdatedBy(String v) {
+ updatedBy = v;
+ }
+
+ public String getUpdatedBy() {
+ return (updatedBy);
+ }
+
+ public void setEditable(boolean v) {
+ editable = v;
+ }
+
+ public boolean getEditable() {
+ return (editable);
+ }
+
+ public List getProtocolSupportEnumerations() {
+ return (protocolSupportEnumerations);
+ }
+
+ public void setKeyDescriptors(List v) {
+ keyDescriptors = v;
+ }
+
+ public List getKeyDescriptors() {
+ return (keyDescriptors);
+ }
+
+ public void setNameIDFormats(List v) {
+ nameIDFormats = v;
+ }
+
+ public List getNameIDFormats() {
+ return (nameIDFormats);
+ }
+
+ public void setAssertionConsumerServices(List v) {
+ assertionConsumerServices = v;
+ }
+
+ public List getAssertionConsumerServices() {
+ return (assertionConsumerServices);
+ }
+
+ public String getAuthnRequestsSigned() {
+ return authnRequestsSigned;
+ }
+
+ public void setAuthnRequestsSigned(String v) {
+ authnRequestsSigned = v;
+ }
+
+ public void setOrganization(Organization v) {
+ organization = v;
+ }
+
+ public Organization getOrganization() {
+ return organization;
+ }
+
+ public void setContactPersons(List v) {
+ contactPersons = v;
+ }
+
+ public List getContactPersons() {
+ return (contactPersons);
+ }
+
+ public String getEntityCategory() {
+ return (entityCategory);
+ }
+}
diff --git a/src/main/java/edu/washington/iam/registry/rp/RelyingPartyComparator.java b/src/main/java/edu/washington/iam/registry/rp/RelyingPartyComparator.java
index d4405a3..ea47524 100644
--- a/src/main/java/edu/washington/iam/registry/rp/RelyingPartyComparator.java
+++ b/src/main/java/edu/washington/iam/registry/rp/RelyingPartyComparator.java
@@ -1,39 +1,31 @@
package edu.washington.iam.registry.rp;
import java.util.Comparator;
-
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
-
/* Comparator for relying parties. Sort by reverse dns */
-public class RelyingPartyComparator implements Comparator {
+public class RelyingPartyComparator implements Comparator {
- private final Logger log = LoggerFactory.getLogger(getClass());
+ private final Logger log = LoggerFactory.getLogger(getClass());
+ public int compare(Object rp1, Object rp2) {
- public int compare(Object rp1, Object rp2) {
-
- String id1 = ((RelyingParty)rp1).getEntityId();
- if (id1.startsWith("https://")) id1 = id1.substring(8);
- if (id1.startsWith("http://")) id1 = id1.substring(7);
- String id2 = ((RelyingParty)rp2).getEntityId();
- if (id2.startsWith("https://")) id2 = id2.substring(8);
- if (id2.startsWith("http://")) id2 = id2.substring(7);
- RelyingPartyIdComparator c = new RelyingPartyIdComparator();
-// log.info("compare " + id1 + " to " + id2);
- return (c.compare(id1, id2));
- }
-
- public boolean equals(Object rp1, Object rp2) {
- String id1 = ((RelyingParty)rp1).getEntityId();
- String id2 = ((RelyingParty)rp2).getEntityId();
- return (id1.equals(id2));
- }
+ String id1 = ((RelyingParty) rp1).getEntityId();
+ if (id1.startsWith("https://")) id1 = id1.substring(8);
+ if (id1.startsWith("http://")) id1 = id1.substring(7);
+ String id2 = ((RelyingParty) rp2).getEntityId();
+ if (id2.startsWith("https://")) id2 = id2.substring(8);
+ if (id2.startsWith("http://")) id2 = id2.substring(7);
+ RelyingPartyIdComparator c = new RelyingPartyIdComparator();
+ // log.info("compare " + id1 + " to " + id2);
+ return (c.compare(id1, id2));
+ }
+ public boolean equals(Object rp1, Object rp2) {
+ String id1 = ((RelyingParty) rp1).getEntityId();
+ String id2 = ((RelyingParty) rp2).getEntityId();
+ return (id1.equals(id2));
+ }
}
-
-
-
diff --git a/src/main/java/edu/washington/iam/registry/rp/RelyingPartyEntry.java b/src/main/java/edu/washington/iam/registry/rp/RelyingPartyEntry.java
index 612fd9c..97014a6 100644
--- a/src/main/java/edu/washington/iam/registry/rp/RelyingPartyEntry.java
+++ b/src/main/java/edu/washington/iam/registry/rp/RelyingPartyEntry.java
@@ -2,24 +2,22 @@
public class RelyingPartyEntry {
- public String getMetadataId() {
- return metadataId;
- }
+ public String getMetadataId() {
+ return metadataId;
+ }
- public void setMetadataId(String metadataId) {
- this.metadataId = metadataId;
- }
+ public void setMetadataId(String metadataId) {
+ this.metadataId = metadataId;
+ }
- public String getRelyingPartyId() {
- return relyingPartyId;
- }
-
- public void setRelyingPartyId(String relyingPartyId) {
- this.relyingPartyId = relyingPartyId;
- }
-
- private String relyingPartyId;
- private String metadataId;
+ public String getRelyingPartyId() {
+ return relyingPartyId;
+ }
+ public void setRelyingPartyId(String relyingPartyId) {
+ this.relyingPartyId = relyingPartyId;
+ }
+ private String relyingPartyId;
+ private String metadataId;
}
diff --git a/src/main/java/edu/washington/iam/registry/rp/RelyingPartyEntryComparator.java b/src/main/java/edu/washington/iam/registry/rp/RelyingPartyEntryComparator.java
index 2059b30..2232537 100644
--- a/src/main/java/edu/washington/iam/registry/rp/RelyingPartyEntryComparator.java
+++ b/src/main/java/edu/washington/iam/registry/rp/RelyingPartyEntryComparator.java
@@ -3,13 +3,13 @@
import java.util.Comparator;
public class RelyingPartyEntryComparator implements Comparator {
- @Override
- public int compare(RelyingPartyEntry rpe1, RelyingPartyEntry rpe2) {
- int entityIdCompare = new RelyingPartyIdComparator()
- .compare(rpe1.getRelyingPartyId(), rpe2.getRelyingPartyId());
- if(entityIdCompare == 0){
- return rpe1.getMetadataId().compareTo(rpe2.getMetadataId());
- }
- return entityIdCompare;
+ @Override
+ public int compare(RelyingPartyEntry rpe1, RelyingPartyEntry rpe2) {
+ int entityIdCompare =
+ new RelyingPartyIdComparator().compare(rpe1.getRelyingPartyId(), rpe2.getRelyingPartyId());
+ if (entityIdCompare == 0) {
+ return rpe1.getMetadataId().compareTo(rpe2.getMetadataId());
}
+ return entityIdCompare;
+ }
}
diff --git a/src/main/java/edu/washington/iam/registry/rp/RelyingPartyIdComparator.java b/src/main/java/edu/washington/iam/registry/rp/RelyingPartyIdComparator.java
index 26f9a34..82b49d6 100644
--- a/src/main/java/edu/washington/iam/registry/rp/RelyingPartyIdComparator.java
+++ b/src/main/java/edu/washington/iam/registry/rp/RelyingPartyIdComparator.java
@@ -1,30 +1,21 @@
package edu.washington.iam.registry.rp;
import java.util.Comparator;
-
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
-import org.apache.commons.lang.ArrayUtils;
-
-
/* Comparator for relying parties. Sort by reverse dns */
public class RelyingPartyIdComparator implements Comparator {
- private final Logger log = LoggerFactory.getLogger(getClass());
-
- @Override
- public int compare(String id1, String id2) {
- if (id1.startsWith("https://")) id1 = id1.substring(8);
- if (id1.startsWith("http://")) id1 = id1.substring(7);
- if (id2.startsWith("https://")) id2 = id2.substring(8);
- if (id2.startsWith("http://")) id2 = id2.substring(7);
- return id1.compareTo(id2);
- }
+ private final Logger log = LoggerFactory.getLogger(getClass());
+ @Override
+ public int compare(String id1, String id2) {
+ if (id1.startsWith("https://")) id1 = id1.substring(8);
+ if (id1.startsWith("http://")) id1 = id1.substring(7);
+ if (id2.startsWith("https://")) id2 = id2.substring(8);
+ if (id2.startsWith("http://")) id2 = id2.substring(7);
+ return id1.compareTo(id2);
+ }
}
-
-
-
diff --git a/src/main/java/edu/washington/iam/registry/rp/RelyingPartyManager.java b/src/main/java/edu/washington/iam/registry/rp/RelyingPartyManager.java
index f38cfc2..f720fea 100644
--- a/src/main/java/edu/washington/iam/registry/rp/RelyingPartyManager.java
+++ b/src/main/java/edu/washington/iam/registry/rp/RelyingPartyManager.java
@@ -1,36 +1,39 @@
-package edu.washington.iam.registry.rp;
-
-import java.io.Serializable;
-import java.util.List;
-
-import org.w3c.dom.Document;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-
-import edu.washington.iam.registry.exception.RelyingPartyException;
-
-public interface RelyingPartyManager extends Serializable {
-
- public List getRelyingParties();
- public List getRelyingParties(String search, String admin);
- public List