#gg-9809: add SecurityContext interface and method GridSecurityProcessor.createSecurityContext.
Project: http://git-wip-us.apache.org/repos/asf/incubator-ignite/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ignite/commit/4756e144 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ignite/tree/4756e144 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ignite/diff/4756e144 Branch: refs/heads/sprint-2 Commit: 4756e144e00d639ebba470b13254e608b54a30d1 Parents: bedb39c Author: ivasilinets <ivasilin...@gridgain.com> Authored: Wed Feb 18 14:25:52 2015 +0300 Committer: ivasilinets <ivasilin...@gridgain.com> Committed: Wed Feb 18 14:25:52 2015 +0300 ---------------------------------------------------------------------- .../security/GridSecurityContext.java | 2 +- .../security/GridSecurityProcessor.java | 7 +++ .../processors/security/SecurityContext.java | 56 ++++++++++++++++++++ .../security/os/GridOsSecurityProcessor.java | 5 ++ 4 files changed, 69 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ignite/blob/4756e144/modules/core/src/main/java/org/apache/ignite/internal/processors/security/GridSecurityContext.java ---------------------------------------------------------------------- diff --git a/modules/core/src/main/java/org/apache/ignite/internal/processors/security/GridSecurityContext.java b/modules/core/src/main/java/org/apache/ignite/internal/processors/security/GridSecurityContext.java index b8057c6..ca92770 100644 --- a/modules/core/src/main/java/org/apache/ignite/internal/processors/security/GridSecurityContext.java +++ b/modules/core/src/main/java/org/apache/ignite/internal/processors/security/GridSecurityContext.java @@ -26,7 +26,7 @@ import java.util.*; /** * Security context. */ -public class GridSecurityContext implements Externalizable { +public class GridSecurityContext implements SecurityContext, Externalizable { /** */ private static final long serialVersionUID = 0L; http://git-wip-us.apache.org/repos/asf/incubator-ignite/blob/4756e144/modules/core/src/main/java/org/apache/ignite/internal/processors/security/GridSecurityProcessor.java ---------------------------------------------------------------------- diff --git a/modules/core/src/main/java/org/apache/ignite/internal/processors/security/GridSecurityProcessor.java b/modules/core/src/main/java/org/apache/ignite/internal/processors/security/GridSecurityProcessor.java index 1228ebb..e8879c8 100644 --- a/modules/core/src/main/java/org/apache/ignite/internal/processors/security/GridSecurityProcessor.java +++ b/modules/core/src/main/java/org/apache/ignite/internal/processors/security/GridSecurityProcessor.java @@ -84,6 +84,13 @@ public interface GridSecurityProcessor extends GridProcessor { throws GridSecurityException; /** + * Create security context. + * + * @subj Security subject. + */ + public SecurityContext createSecurityContext(GridSecuritySubject subj); + + /** * Callback invoked when subject session got expired. * * @param subjId Subject ID. http://git-wip-us.apache.org/repos/asf/incubator-ignite/blob/4756e144/modules/core/src/main/java/org/apache/ignite/internal/processors/security/SecurityContext.java ---------------------------------------------------------------------- diff --git a/modules/core/src/main/java/org/apache/ignite/internal/processors/security/SecurityContext.java b/modules/core/src/main/java/org/apache/ignite/internal/processors/security/SecurityContext.java new file mode 100644 index 0000000..7bb5c70 --- /dev/null +++ b/modules/core/src/main/java/org/apache/ignite/internal/processors/security/SecurityContext.java @@ -0,0 +1,56 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ignite.internal.processors.security; + +import org.apache.ignite.plugin.security.*; + +/** + * Security context. + */ +public interface SecurityContext { + /** + * @return Security subject. + */ + public GridSecuritySubject subject(); + + /** + * Checks whether task operation is allowed. + * + * @param taskClsName Task class name. + * @param perm Permission to check. + * @return {@code True} if task operation is allowed. + */ + public boolean taskOperationAllowed(String taskClsName, GridSecurityPermission perm); + + /** + * Checks whether cache operation is allowed. + * + * @param cacheName Cache name. + * @param perm Permission to check. + * @return {@code True} if cache operation is allowed. + */ + public boolean cacheOperationAllowed(String cacheName, GridSecurityPermission perm); + + /** + * Checks whether system-wide permission is allowed (excluding Visor task operations). + * + * @param perm Permission to check. + * @return {@code True} if system operation is allowed. + */ + public boolean systemOperationAllowed(GridSecurityPermission perm); +} http://git-wip-us.apache.org/repos/asf/incubator-ignite/blob/4756e144/modules/core/src/main/java/org/apache/ignite/internal/processors/security/os/GridOsSecurityProcessor.java ---------------------------------------------------------------------- diff --git a/modules/core/src/main/java/org/apache/ignite/internal/processors/security/os/GridOsSecurityProcessor.java b/modules/core/src/main/java/org/apache/ignite/internal/processors/security/os/GridOsSecurityProcessor.java index b785f01..9360cb2 100644 --- a/modules/core/src/main/java/org/apache/ignite/internal/processors/security/os/GridOsSecurityProcessor.java +++ b/modules/core/src/main/java/org/apache/ignite/internal/processors/security/os/GridOsSecurityProcessor.java @@ -115,6 +115,11 @@ public class GridOsSecurityProcessor extends GridProcessorAdapter implements Gri } /** {@inheritDoc} */ + @Override public SecurityContext createSecurityContext(GridSecuritySubject subj) { + return new GridSecurityContext(subj); + } + + /** {@inheritDoc} */ @Override public void onSessionExpired(UUID subjId) { // No-op. }
