1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
package org.openpermis.basic; |
11 | |
|
12 | |
import java.net.URI; |
13 | |
import java.util.List; |
14 | |
|
15 | |
import org.openpermis.AuthorizationService; |
16 | |
import org.openpermis.AuthorizationServiceException; |
17 | |
import org.openpermis.PolicyDecisionException; |
18 | |
import org.openpermis.PolicyDecisionPoint; |
19 | |
import org.openpermis.Subject; |
20 | |
import org.openpermis.policy.AccessDecision; |
21 | |
import org.openpermis.repository.SubjectRepository; |
22 | |
import org.openpermis.repository.SubjectRepositoryException; |
23 | |
|
24 | |
|
25 | |
|
26 | |
|
27 | |
|
28 | |
public class BasicAuthorizationService |
29 | |
implements AuthorizationService |
30 | |
{ |
31 | |
|
32 | |
|
33 | |
|
34 | |
private final PolicyDecisionPoint policyDecisionPoint; |
35 | |
|
36 | |
private SubjectRepository repository; |
37 | |
|
38 | |
private final Clock clock; |
39 | |
|
40 | |
|
41 | |
|
42 | |
|
43 | |
|
44 | |
|
45 | |
|
46 | |
|
47 | |
|
48 | |
|
49 | |
|
50 | |
public BasicAuthorizationService ( |
51 | |
PolicyDecisionPoint policyDecisionPoint, SubjectRepository repository, Clock clock |
52 | 6 | ) { |
53 | 6 | this.policyDecisionPoint = policyDecisionPoint; |
54 | 6 | this.repository = repository; |
55 | 6 | this.clock = clock; |
56 | 6 | } |
57 | |
|
58 | |
|
59 | |
|
60 | |
|
61 | |
|
62 | |
|
63 | |
public AccessDecision getAccessDecision ( |
64 | |
URI identity, |
65 | |
URI resource, |
66 | |
String actionName, |
67 | |
List<?> arguments |
68 | |
) |
69 | |
throws AuthorizationServiceException |
70 | |
{ |
71 | 0 | final Subject subject = retrieveSubject(identity); |
72 | |
|
73 | 0 | return getAccessDecision(subject, resource, actionName, arguments); |
74 | |
} |
75 | |
|
76 | |
|
77 | |
|
78 | |
|
79 | |
public AccessDecision getAccessDecision ( |
80 | |
Subject subject, |
81 | |
URI resource, |
82 | |
String actionName, |
83 | |
List<?> arguments |
84 | |
) |
85 | |
throws AuthorizationServiceException |
86 | |
{ |
87 | |
try { |
88 | 4 | return this.policyDecisionPoint.getAccessDecision( |
89 | |
subject, resource, actionName, arguments, this.clock.getTime() |
90 | |
); |
91 | 0 | } catch (PolicyDecisionException e) { |
92 | 0 | throw new AuthorizationServiceException("Could not retrieve access decision.", e); |
93 | |
} |
94 | |
} |
95 | |
|
96 | |
|
97 | |
|
98 | |
|
99 | |
public Subject retrieveSubject (URI identity) throws AuthorizationServiceException { |
100 | |
try { |
101 | 3 | return this.repository.retrieveSubject(identity); |
102 | 0 | } catch (SubjectRepositoryException e) { |
103 | 0 | throw new AuthorizationServiceException("Could not retrieve subject.", e); |
104 | |
} |
105 | |
} |
106 | |
|
107 | |
} |