Projet

Général

Profil

« Précédent | Suivant » 

Révision 96454bcd

Ajouté par Sylvain Sauvage il y a plus de 11 ans

Version 1.9-mock

This is version 1.9-mock. 1.9 because the API still have changes pending
(principally relative to the Discovery Services). “mock” because TLS
configuration is not yet available and the signatures (SigMa) are not fully
implemented.

  • All:
    - code cleaned and refactored
    - lots of bugs fixed
    - dependencies checked and trimmed
    - documentation added
    - Identity handling added
  • New library modules (Mu, Nu)
  • New signature modules (SigMa)
  • Access Layer and User interfaces (ALfA and OMeGa):
    - code refactored
    - new, better APIs
    - Identity handling added
    - use EPCglobal and DS events (no proxy types anymore)
  • New tempororay DSeTa web service (pending new DS)
  • ETa corrected and added to the IoTa-Installer
    - ETa-Callback modules are now available as web applications
    - filtering rules: if a part of an event is not allowed, now the whole
    event is deleted from the result (before only the rejectd part was)
  • CaPPa: overall refactoring of XACML handling
    - new temporary User web service
    - new Xi module: XACML Interrogation web service (was two modules: TCP and
    servlet)
  • PSi now signs its events
  • Installer, now also installs or configures:
    - ETa and its Callback modules
    - ActiveMQ
    - SigMa
    - certificate/signing key
  • Greyc letters figures:
    - new simplified figures (sans IoTa and simplified IoTa)
    - new figure for ETa modules
    - show 3rd party clients
    - data flows specified
    - TLS and link security added
    - IDs and trusted IDs added
    - color adjusted for printing
    - GREYC logo added

Voir les différences:

IoTa-DiscoveryWS/IoTa-DiscoveryWS/src/main/java/fr/unicaen/iota/discovery/server/querycontrol/DSControler.java
*
* Copyright © 2008-2012 Université de Caen Basse-Normandie, GREYC
* Copyright © 2008-2012 Orange Labs
*
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
......
*/
package fr.unicaen.iota.discovery.server.querycontrol;
import com.sun.xacml.ctx.Result;
import fr.unicaen.iota.discovery.server.hibernate.Event;
import fr.unicaen.iota.discovery.server.hibernate.EventToPublish;
import fr.unicaen.iota.discovery.server.hibernate.Partner;
import fr.unicaen.iota.discovery.server.hibernate.User;
import fr.unicaen.iota.discovery.server.query.DSPEP;
import fr.unicaen.iota.discovery.server.query.QueryOperationsModule;
import fr.unicaen.iota.discovery.server.util.EPCUtilities.InvalidFormatException;
import fr.unicaen.iota.discovery.server.util.*;
import fr.unicaen.iota.xacml.policy.Module;
import fr.unicaen.iota.discovery.server.util.Constants;
import fr.unicaen.iota.discovery.server.util.ProtocolException;
import fr.unicaen.iota.discovery.server.util.Session;
import fr.unicaen.iota.discovery.server.util.XACMLUtils;
import fr.unicaen.iota.nu.EPCUtilities;
import fr.unicaen.iota.nu.EPCUtilities.InvalidFormatException;
import fr.unicaen.iota.xi.client.DSPEP;
import fr.unicaen.iota.xi.utils.Utils;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Date;
......
private static final Log log = LogFactory.getLog(DSControler.class);
private QueryOperationsModule queryOperationsModule = new QueryOperationsModule();
private DSPEP dspep = new DSPEP();
private DSPEP dspep = new DSPEP(Constants.XACML_URL);
public String hello() {
return Constants.SERVICE_ID;
......
public List<Event> eventLookup(String sessionId, String epc) throws ProtocolException {
log.trace("eventLookup method called.");
try {
new EPCUtilities().checkEpcOrUri(epc);
EPCUtilities.checkEpcOrUri(epc);
} catch (InvalidFormatException ex) {
throw new ProtocolException(2000, ex.getMessage());
}
......
List<Event> eventList = new ArrayList<Event>();
User u = Session.getUser(sessionId);
for (Event e : eventListTmp) {
int resp = dspep.eventLookup(u.getUserID(), XACMLUtils.createXACMLEvent(e), Module.queryModule.getValue());
if (resp == Result.DECISION_PERMIT) {
int resp = dspep.eventLookup(u.getUserID(), XACMLUtils.createXACMLEvent(e));
if (Utils.responseIsPermit(resp)) {
eventList.add(e);
}
}
......
User u = Session.getUser(sessionId);
List<User> uList = queryOperationsModule.userLookup(userID);
for (User u2 : uList) {
int resp = dspep.userLookup(u.getUserID(), u2.getPartner().getPartnerID(), Module.administrationModule.getValue());
if (resp != Result.DECISION_PERMIT && !dspep.isRootAccess(sessionId, Module.administrationModule.getValue())) {
int resp = dspep.userLookup(u.getUserID(), u2.getPartner().getPartnerID());
if (!Utils.responseIsPermit(resp) && !isRootAccess(sessionId)) {
throw new ProtocolException(2100, "Access denied for user " + userID);
}
}
......
throw new ProtocolException(2002, "user not found");
}
User u = Session.getUser(sessionID);
int resp = dspep.userInfo(u.getUserID(), uList.get(0).getPartner().getPartnerID(), Module.administrationModule.getValue());
if (resp != Result.DECISION_PERMIT && !dspep.isRootAccess(sessionID, Module.administrationModule.getValue())) {
int resp = dspep.userInfo(u.getUserID(), uList.get(0).getPartner().getPartnerID());
if (!Utils.responseIsPermit(resp) && !isRootAccess(sessionID)) {
throw new ProtocolException(2100, "Access denied for user " + userId);
}
if (uList.isEmpty()) {
......
public int userCreate(String sessionID, String partnerId, String password, String login) throws ProtocolException {
log.trace("userCreate method called.");
User u = Session.getUser(sessionID);
int resp = dspep.userCreate(u.getUserID(), partnerId, Module.administrationModule.getValue());
if (resp != Result.DECISION_PERMIT && !dspep.isRootAccess(sessionID, Module.administrationModule.getValue())) {
int resp = dspep.userCreate(u.getUserID(), partnerId);
if (!Utils.responseIsPermit(resp) && !isRootAccess(sessionID)) {
throw new ProtocolException(2100, "Access denied for user " + u.getUserID());
}
if (!queryOperationsModule.userLookup(login).isEmpty()) {
throw new ProtocolException(2002, "user already exists");
}
List<Partner> pList = null;
List<Partner> pList;
if ((pList = queryOperationsModule.partnerLookup(partnerId)).isEmpty()) {
throw new ProtocolException(2002, "partner not found");
}
......
public void userUpdate(String sessionID, String partnerId, int uid, String userId, String password) throws ProtocolException {
log.trace("userUpdate method called.");
User u = Session.getUser(sessionID);
int resp = dspep.userInfo(u.getUserID(), partnerId, Module.administrationModule.getValue());
if (resp != Result.DECISION_PERMIT && !dspep.isRootAccess(sessionID, Module.administrationModule.getValue())) {
int resp = dspep.userInfo(u.getUserID(), partnerId);
if (!Utils.responseIsPermit(resp) && !isRootAccess(sessionID)) {
throw new ProtocolException(2100, "Access denied for user " + userId);
}
User u2 = queryOperationsModule.userLookup(uid);
......
}
for (User u2 : uList) {
User u = Session.getUser(sessionID);
int resp = dspep.userDelete(u.getUserID(), u2.getPartner().getPartnerID(), Module.administrationModule.getValue());
if (resp != Result.DECISION_PERMIT && !dspep.isRootAccess(sessionID, Module.administrationModule.getValue())) {
int resp = dspep.userDelete(u.getUserID(), u2.getPartner().getPartnerID());
if (!Utils.responseIsPermit(resp) && !isRootAccess(sessionID)) {
throw new ProtocolException(2100, "Access denied for user " + userId);
}
queryOperationsModule.userDelete(u2);
......
public List<Partner> partnerLookup(String sessionId, String partnerId) throws ProtocolException {
log.trace("partnerLookup method called.");
User u = Session.getUser(sessionId);
int resp = dspep.partnerLookup(u.getUserID(), partnerId, Module.administrationModule.getValue());
if (resp != Result.DECISION_PERMIT && !dspep.isRootAccess(sessionId, Module.administrationModule.getValue())) {
int resp = dspep.partnerLookup(u.getUserID(), partnerId);
if (!Utils.responseIsPermit(resp) && !isRootAccess(sessionId)) {
throw new ProtocolException(2100, "Access denied for user " + u.getUserID());
}
List<Partner> pList = queryOperationsModule.partnerLookup(partnerId);
......
public Partner partnerInfo(String sessionId, String partnerId) throws ProtocolException {
log.trace("partnerLookup method called.");
User u = Session.getUser(sessionId);
int resp = dspep.partnerInfo(u.getUserID(), partnerId, Module.administrationModule.getValue());
if (resp != Result.DECISION_PERMIT && !dspep.isRootAccess(sessionId, Module.administrationModule.getValue())) {
int resp = dspep.partnerInfo(u.getUserID(), partnerId);
if (!Utils.responseIsPermit(resp) && !isRootAccess(sessionId)) {
throw new ProtocolException(2100, "Access denied for user " + u.getUserID());
}
List<Partner> pList = queryOperationsModule.partnerLookup(partnerId);
......
public int partnerCreate(String sessionId, String partnerId, String partnerServiceType, String partnerServiceURL) throws ProtocolException {
log.trace("partnerCreate method called: " + partnerId);
User u = Session.getUser(sessionId);
int resp = dspep.partnerCreate(u.getUserID(), partnerId, Module.administrationModule.getValue());
if (resp != Result.DECISION_PERMIT && !dspep.isRootAccess(sessionId, Module.administrationModule.getValue())) {
int resp = dspep.partnerCreate(u.getUserID(), partnerId);
if (!Utils.responseIsPermit(resp) && !isRootAccess(sessionId)) {
throw new ProtocolException(2100, "Access denied for user " + u.getUserID());
}
if (!queryOperationsModule.partnerLookup(partnerId).isEmpty()) {
......
public int partnerUpdate(String sessionId, int partnerUID, String partnerId, String serviceType, String serviceUri) throws ProtocolException {
log.trace("partnerUpdate method called.");
User u = Session.getUser(sessionId);
int resp = dspep.partnerUpdate(u.getUserID(), partnerId, Module.administrationModule.getValue());
if (resp != Result.DECISION_PERMIT && !dspep.isRootAccess(sessionId, Module.administrationModule.getValue())) {
int resp = dspep.partnerUpdate(u.getUserID(), partnerId);
if (!Utils.responseIsPermit(resp) && !isRootAccess(sessionId)) {
throw new ProtocolException(2100, "Access denied for user " + u.getUserID());
}
Partner p = queryOperationsModule.partnerLookup(partnerUID);
......
public void partnerDelete(String sessionId, String partnerId) throws ProtocolException {
log.trace("partnerDelete method called.");
User u = Session.getUser(sessionId);
int resp = dspep.partnerCreate(u.getUserID(), partnerId, Module.administrationModule.getValue());
if (resp != Result.DECISION_PERMIT && !dspep.isRootAccess(sessionId, Module.administrationModule.getValue())) {
int resp = dspep.partnerCreate(u.getUserID(), partnerId);
if (!Utils.responseIsPermit(resp) && !isRootAccess(sessionId)) {
throw new ProtocolException(2100, "Access denied for user " + u.getUserID());
}
List<Partner> pList = queryOperationsModule.partnerLookup(partnerId);
......
log.trace("eventInfo method called.");
Event e = queryOperationsModule.eventLookup(eventId);
User u = Session.getUser(sessionID);
int resp = dspep.eventInfo(u.getUserID(), XACMLUtils.createXACMLEvent(e), Module.queryModule.getValue());
if (resp != Result.DECISION_PERMIT) {
int resp = dspep.eventInfo(u.getUserID(), XACMLUtils.createXACMLEvent(e));
if (!Utils.responseIsPermit(resp)) {
throw new ProtocolException(2100, "Access denied for user " + u.getUserID());
}
return e;
......
public int eventCreate(String sessionId, String partnerId, String epc, String eventClass, Timestamp eventTimeStamp,
Timestamp sourceTimeStamp, String eventType, String bizStep) throws ProtocolException {
log.trace("eventCreate method called.");
EPCUtilities ePCUtilities = new EPCUtilities();
try {
ePCUtilities.checkEpcOrUri(epc);
EPCUtilities.checkEpcOrUri(epc);
} catch (InvalidFormatException ex) {
throw new ProtocolException(2000, ex.getMessage());
}
......
event.setBizStep(bizStep);
event.setPartner(p.get(0));
User u = Session.getUser(sessionId);
int resp = dspep.eventCreate(u.getUserID(), XACMLUtils.createXACMLEvent(event), Module.captureModule.getValue());
if (resp != Result.DECISION_PERMIT) {
int resp = dspep.eventCreate(u.getUserID(), XACMLUtils.createXACMLEvent(event));
if (!Utils.responseIsPermit(resp)) {
throw new ProtocolException(2100, "Access denied for user " + u.getUserID());
}
if (ePCUtilities.isReferencable(epc)) {
if (EPCUtilities.isReferencable(epc)) {
EventToPublish etp = new EventToPublish();
etp.setEvent(event);
etp.setLastupdate(Constants.DEFAULT_EVENT_TOPUBLISH_TIMESTAMP);
......
log.trace("voidEvent method called.");
Event event = queryOperationsModule.eventLookup(eventId);
User u = Session.getUser(sessionId);
int resp = dspep.voidEvent(u.getUserID(), XACMLUtils.createXACMLEvent(event), Module.captureModule.getValue());
if (resp != Result.DECISION_PERMIT) {
int resp = dspep.voidEvent(u.getUserID(), XACMLUtils.createXACMLEvent(event));
if (!Utils.responseIsPermit(resp)) {
throw new ProtocolException(2100, "Access denied for user " + u.getUserID());
}
event.setEventType("void");
......
partnerCreate(sessionId, partnerId, partnerServiceType, partnerServiceURL);
userCreate("root", partnerId, rootUserPass, rootUserLogin);
}
public boolean isRootAccess(String sessionId) {
User u = Session.getUser(sessionId);
return dspep.isRootAccess(u.getUserID(), u.getPartner().getPartnerID());
}
}

Formats disponibles : Unified diff