summaryrefslogtreecommitdiff
path: root/qpid/java/broker-plugins
diff options
context:
space:
mode:
authorAlex Rudyy <orudyy@apache.org>2013-10-05 00:28:57 +0000
committerAlex Rudyy <orudyy@apache.org>2013-10-05 00:28:57 +0000
commit0dcd7fe71b5376b4ab569623080262be29491343 (patch)
tree30c5bca50158dd733ff1b45c41b8ff6ac6048ecb /qpid/java/broker-plugins
parent4a8cda9d14fbe042cb8d4ca487c6972fd1173e19 (diff)
downloadqpid-python-0dcd7fe71b5376b4ab569623080262be29491343.tar.gz
QPID-5138: Change preferences provider to allow deletion of preferences for multiple users
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1529362 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'qpid/java/broker-plugins')
-rw-r--r--qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/UserPreferencesServlet.java86
1 files changed, 54 insertions, 32 deletions
diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/UserPreferencesServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/UserPreferencesServlet.java
index 56e83db4d2..36949e22e1 100644
--- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/UserPreferencesServlet.java
+++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/UserPreferencesServlet.java
@@ -25,7 +25,7 @@ import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
-import java.util.Iterator;
+import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
@@ -157,53 +157,75 @@ public class UserPreferencesServlet extends AbstractServlet
@Override
protected void doDeleteWithSubjectAndActor(HttpServletRequest request, HttpServletResponse response) throws IOException
{
- final List<String[]> userData = new ArrayList<String[]>();
- for (String name : request.getParameterValues("user"))
+ Broker broker = getBroker();
+ Collection<AuthenticationProvider> authenticationProviders = broker.getAuthenticationProviders();
+ Map<String, Set<String>> providerUsers = new HashMap<String, Set<String>>();
+ Map<String, AuthenticationProvider> requestProviders = new HashMap<String, AuthenticationProvider>();
+ for (String path : request.getParameterValues("user"))
{
- String[] elements = name.split("/");
+ String[] elements = path.split("/");
if (elements.length != 2)
{
- throw new IllegalArgumentException("Illegal parameter");
+ throw new IllegalArgumentException("Illegal user parameter " + path);
+ }
+
+ String userId = elements[1];
+
+ if (!userPreferencesOperationAuthorized(userId))
+ {
+ response.sendError(HttpServletResponse.SC_FORBIDDEN, "Deletion of preferences is not allowed");
+ return;
}
- userData.add(elements);
+ String providerName = elements[0];
+ Set<String> users = providerUsers.get(providerName);
+
+ if (users == null)
+ {
+ AuthenticationProvider provider = findAuthenticationProviderByName(providerName, authenticationProviders);
+ if (provider == null)
+ {
+ throw new IllegalArgumentException("Cannot find provider with name '" + providerName + "'");
+ }
+ users = new HashSet<String>();
+ providerUsers.put(providerName, users);
+ requestProviders.put(providerName, provider);
+ }
+ users.add(userId);
}
- if (!userData.isEmpty())
+ if (!providerUsers.isEmpty())
{
- Broker broker = getBroker();
- Collection<AuthenticationProvider> authenticationProviders = broker.getAuthenticationProviders();
- for (Iterator<String[]> it = userData.iterator(); it.hasNext();)
+ for (Map.Entry<String, Set<String>> entry : providerUsers.entrySet())
{
- String[] data = (String[]) it.next();
- String authenticationProviderName = data[0];
- String userId = data[1];
+ String providerName = entry.getKey();
+ AuthenticationProvider provider = requestProviders.get(providerName);
+ Set<String> usersToDelete = entry.getValue();
+ PreferencesProvider preferencesProvider = provider.getPreferencesProvider();
- for (AuthenticationProvider authenticationProvider : authenticationProviders)
+ if (preferencesProvider != null && !usersToDelete.isEmpty())
{
- if (authenticationProviderName.equals(authenticationProvider.getName()))
- {
- PreferencesProvider preferencesProvider = authenticationProvider.getPreferencesProvider();
- if (preferencesProvider != null)
- {
- Set<String> usernames = preferencesProvider.listUserIDs();
- if (usernames.contains(userId))
- {
- if (!userPreferencesOperationAuthorized(userId))
- {
- response.sendError(HttpServletResponse.SC_FORBIDDEN, "Deletion of preferences is not allowed");
- return;
- }
- preferencesProvider.deletePreferences(userId);
- }
- }
- break;
- }
+ String[] users = usersToDelete.toArray(new String[usersToDelete.size()]);
+ preferencesProvider.deletePreferences(users);
}
}
}
}
+ protected AuthenticationProvider findAuthenticationProviderByName(String providerName, Collection<AuthenticationProvider> authenticationProviders)
+ {
+ AuthenticationProvider provider = null;
+ for (AuthenticationProvider authenticationProvider : authenticationProviders)
+ {
+ if(authenticationProvider.getName().equals(providerName))
+ {
+ provider = authenticationProvider;
+ break;
+ }
+ }
+ return provider;
+ }
+
private boolean userPreferencesOperationAuthorized(String userId)
{
return getBroker().getSecurityManager().authoriseUserOperation(Operation.UPDATE, userId);
View Lorry Controller Status