From 9163cba0538a3ad33700b5fe1e4c8913c17feec5 Mon Sep 17 00:00:00 2001 From: "Francois @fanf42 Armand" Date: Fri, 28 Aug 2015 18:19:00 +0200 Subject: [PATCH] Fixes #7145: Move eventlog and authz project into rudder --- authorization-api/pom.xml | 33 --- .../authorization/AuthorizationType.scala | 89 -------- .../authorization/AuthorizatonService.scala | 87 -------- .../com/normation/authorization/Rights.scala | 42 ---- .../authorization/authorizationPackage.scala | 39 ---- eventlog-api/pom.xml | 35 ---- .../com/normation/eventlog/EventLog.scala | 190 ------------------ .../com/normation/eventlog/Modification.scala | 53 ----- eventlog-api/src/test/scala/gitPlaceholder | 0 pom.xml | 2 - 10 files changed, 570 deletions(-) delete mode 100644 authorization-api/pom.xml delete mode 100644 authorization-api/src/main/scala/com/normation/authorization/AuthorizationType.scala delete mode 100644 authorization-api/src/main/scala/com/normation/authorization/AuthorizatonService.scala delete mode 100644 authorization-api/src/main/scala/com/normation/authorization/Rights.scala delete mode 100644 authorization-api/src/main/scala/com/normation/authorization/authorizationPackage.scala delete mode 100644 eventlog-api/pom.xml delete mode 100644 eventlog-api/src/main/scala/com/normation/eventlog/EventLog.scala delete mode 100644 eventlog-api/src/main/scala/com/normation/eventlog/Modification.scala delete mode 100644 eventlog-api/src/test/scala/gitPlaceholder diff --git a/authorization-api/pom.xml b/authorization-api/pom.xml deleted file mode 100644 index 5fb6ec7..0000000 --- a/authorization-api/pom.xml +++ /dev/null @@ -1,33 +0,0 @@ - - - 4.0.0 - - - com.normation - parent-pom - 3.2.0~alpha1-SNAPSHOT - - - authorization-api - - - This project defines a generic authorization API and related - data types. - It also give guide-line about how to implements that API. - - - diff --git a/authorization-api/src/main/scala/com/normation/authorization/AuthorizationType.scala b/authorization-api/src/main/scala/com/normation/authorization/AuthorizationType.scala deleted file mode 100644 index 15f1d9a..0000000 --- a/authorization-api/src/main/scala/com/normation/authorization/AuthorizationType.scala +++ /dev/null @@ -1,89 +0,0 @@ -/* -************************************************************************************* -* Copyright 2011 Normation SAS -************************************************************************************* -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -* -************************************************************************************* -*/ - -package com.normation.authorization - -/** - * Base class for Authorization types. - * Common types are read, write, etc but the list is - * open and implementations are free to add their semantic. - * - */ -trait AuthorizationType { - - /** - * A string identifier of that authorization type - * which may be use to transform string to that - * type. - */ - val id : String - -} - - -/** - * Represent the right to delete the target. - * Semantic is let to AuthorizationService implementation, - * but common example are: - * delete a file in a file system, - * destroy an entry in a database, - * allow to start a "fire employee" work flow. - */ -case object Delete extends AuthorizationType { val id = "DELETE" } - -/** - * Represent the right to read the target. - * Semantic is let to AuthorizationService implementation, - * but common example are: - * read the content of file on file system, - * access internal properties of an object, - * display something in a user interface. - */ -case object Read extends AuthorizationType { val id = "READ" } - -/** - * Represent the right to write the target. - * Semantic is let to AuthorizationService implementation, - * but common example are: - * modify some properties of an object, - * allows user input in a form. - */ -case object Write extends AuthorizationType { val id = "WRITE" } - -/** - * Represent the right to search for or from - * the target. - * Semantic is let to AuthorizationService implementation, - * but common example are: - * return the target in a search result set, allow to use - * the target has a base path for a search request. - */ -case object Search extends AuthorizationType { val id = "SEARCH" } - -/** - * Represent the right to create the target, or - * let children be created under the target. - * Semantic is let to AuthorizationService implementation, - * but common example are: - * allow target type of object to be created, - * in a file system allows file to be created under target - * directory - */ -case object Create extends AuthorizationType { val id = "CREATE" } diff --git a/authorization-api/src/main/scala/com/normation/authorization/AuthorizatonService.scala b/authorization-api/src/main/scala/com/normation/authorization/AuthorizatonService.scala deleted file mode 100644 index 32a6bea..0000000 --- a/authorization-api/src/main/scala/com/normation/authorization/AuthorizatonService.scala +++ /dev/null @@ -1,87 +0,0 @@ -/* -************************************************************************************* -* Copyright 2011 Normation SAS -************************************************************************************* -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -* -************************************************************************************* -*/ - -package com.normation.authorization - - -import java.security.Principal - -/** - * This class define the main method to interact with - * authorization questions. - * Methods allow to answer to questions like: - * "Does PRINCIPAL have RIGHTS on TARGETS" - * - */ -trait AuthorizationService { - - /** - * Check if the given principal has all the rights in rights on the given target - * @param principal - * the principal for whom the authorization has to be perform - * @param rights - * the set of AuthorizationType to check - * @param target - * the target on which we want to check rights for principal - * @return false if any AuthorizationType in rights is missing for principal on target. - */ - def isAllowed(principal:Principal, right: AuthorizationType, target:String) : Boolean - - /** - * Check on what target from the list principal has rights. - * - * @param principal - * the principal for whom the authorization has to be perform - * @param rights - * the set of AuthorizationType to check - * @param target - * the list of targets on which we want to check rights for principal - * @return the list of targets from targets parameter on which principal has rights, or - * empty collection if principal has rights on zero target. - */ - def isAllowed(principal:Principal, rights: AuthorizationType, targets:String*) : Traversable[String] - - - /** - * Check if the given principal has all the rights in rights on the given target - * @param principal - * the principal for whom the authorization has to be perform - * @param rights - * the set of AuthorizationType to check - * @param target - * the target on which we want to check rights for principal - * @return false if any AuthorizationType in rights is missing for principal on target. - */ - def isAllowed(principal:Principal, rights: Rights, target:String) : Boolean - - /** - * Check on what target from the list principal has rights. - * - * @param principal - * the principal for whom the authorization has to be perform - * @param rights - * the set of AuthorizationType to check - * @param target - * the list of targets on which we want to check rights for principal - * @return the list of targets from targets parameter on which principal has rights, or - * empty collection if principal has rights on zero target. - */ - def isAllowed(principal:Principal, rights: Rights, targets:String*) : Traversable[String] -} \ No newline at end of file diff --git a/authorization-api/src/main/scala/com/normation/authorization/Rights.scala b/authorization-api/src/main/scala/com/normation/authorization/Rights.scala deleted file mode 100644 index d32f337..0000000 --- a/authorization-api/src/main/scala/com/normation/authorization/Rights.scala +++ /dev/null @@ -1,42 +0,0 @@ -/* -************************************************************************************* -* Copyright 2011 Normation SAS -************************************************************************************* -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -* -************************************************************************************* -*/ - -package com.normation.authorization - -/** - * That class represents a set of AuthorizationType that - * HAS TO all be validated on the same time. It acts like - * a new AuthorizationType which melt each AuthorizationType - * that composed it. - */ -class Rights(_authorizationTypes:AuthorizationType*) { - - require(null != _authorizationTypes && _authorizationTypes.nonEmpty, "At least one AuthorizationType must be include in a Rights object") - - val authorizationTypes = _authorizationTypes.toSet - - override lazy val hashCode = 23 * authorizationTypes.hashCode - - override def equals(other:Any) = other match { - case that:Rights => this.authorizationTypes == that.authorizationTypes - case _ => false - } - -} \ No newline at end of file diff --git a/authorization-api/src/main/scala/com/normation/authorization/authorizationPackage.scala b/authorization-api/src/main/scala/com/normation/authorization/authorizationPackage.scala deleted file mode 100644 index 9fe143f..0000000 --- a/authorization-api/src/main/scala/com/normation/authorization/authorizationPackage.scala +++ /dev/null @@ -1,39 +0,0 @@ -/* -************************************************************************************* -* Copyright 2011 Normation SAS -************************************************************************************* -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -* -************************************************************************************* -*/ - -package com.normation - -import language.implicitConversions - -package object authorization { - - /** - * Implicit transformation from AuthorizationType - * (and tuple of AuthorizationType up to 7) into Rights - */ - private[this] type AT = AuthorizationType - implicit def authzType2ToRights( t:(AT,AT)) : Rights = new Rights(t._1, t._2) - implicit def authzType3ToRights( t:(AT,AT,AT)) : Rights = new Rights(t._1, t._2, t._3) - implicit def authzType4ToRights( t:(AT,AT,AT,AT)) : Rights = new Rights(t._1, t._2, t._3, t._4) - implicit def authzType5ToRights( t:(AT,AT,AT,AT,AT)) : Rights = new Rights(t._1, t._2, t._3, t._4, t._5) - implicit def authzType6ToRights( t:(AT,AT,AT,AT,AT,AT)) : Rights = new Rights(t._1, t._2, t._3, t._4, t._5, t._6) - implicit def authzType7ToRights( t:(AT,AT,AT,AT,AT,AT,AT)) : Rights = new Rights(t._1, t._2, t._3, t._4, t._5, t._6, t._7) - -} \ No newline at end of file diff --git a/eventlog-api/pom.xml b/eventlog-api/pom.xml deleted file mode 100644 index 49686a4..0000000 --- a/eventlog-api/pom.xml +++ /dev/null @@ -1,35 +0,0 @@ - - - 4.0.0 - - - com.normation - parent-pom - 3.2.0~alpha1-SNAPSHOT - - - eventlog-api - - - - com.normation - utils - ${rudder-version} - - - - diff --git a/eventlog-api/src/main/scala/com/normation/eventlog/EventLog.scala b/eventlog-api/src/main/scala/com/normation/eventlog/EventLog.scala deleted file mode 100644 index b8715df..0000000 --- a/eventlog-api/src/main/scala/com/normation/eventlog/EventLog.scala +++ /dev/null @@ -1,190 +0,0 @@ -/* -************************************************************************************* -* Copyright 2011 Normation SAS -************************************************************************************* -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -* -************************************************************************************* -*/ - -package com.normation.eventlog - -import org.joda.time.DateTime -import org.joda.time.format._ -import scala.collection._ -import scala.xml._ -import java.security.Principal -import com.normation.utils.HashcodeCaching - - -final case class EventActor(name:String) extends HashcodeCaching - -/** - * A type that describe on what category an event belongs to. - */ -trait EventLogCategory - -private[eventlog] final case object UnknownLogCategory extends EventLogCategory - -/** - * Define the event log type, that will be serialized - * the event class name minus "EventLog" is OK - * It is a PartialFunction so the pattern matching are not a bottleneck anymore - * (too much match ina pattern matching usually fail) - */ -trait EventLogType extends PartialFunction[String, EventLogType] { - def serialize : String - - def canRollback : Boolean - - override def isDefinedAt(x : String) : Boolean = { - serialize == x - } - - def apply(x : String) = this - -} - -trait RollbackEventLogType extends EventLogType { - val canRollback = true -} - -trait NoRollbackEventLogType extends EventLogType { - val canRollback = false -} - - -/** - * This case class holds all the important information - * about the EventLog. - * - * NOTE: EventLogDetails was introduced as a "simpler" event log, - * and perhaps some refactoring should be done to not - * keep the two classes. - */ -final case class EventLogDetails( - val id : Option[Int] = None - , val modificationId: Option[ModificationId] - , val principal : EventActor - , val creationDate : DateTime = DateTime.now() - , val cause : Option[Int] = None - , val severity : Int = 100 - , val reason : Option[String] - , val details : NodeSeq -) extends HashcodeCaching - -trait EventLogFilter extends PartialFunction[(EventLogType, EventLogDetails) , EventLog] { - /** - * An EventLogType used as identifier for that type of event. - * Must be unique among all events. - * Most of the time, the event class name plus Type is OK. - */ - val eventType : EventLogType - - - override def isDefinedAt(x : (EventLogType, EventLogDetails)) : Boolean = { - eventType == x._1 - } - - /** - * This is used to simply build object from - */ - def apply(x : (EventLogType, EventLogDetails)) : EventLog - -} - - - -/** - * An EventLog is an object tracing activities on an entity. - * It has an id (generated by the serialisation method), a type, a creation date, - * a principal (the actor doing the action), a cause, a severity (like in syslog) and some raw data - */ -trait EventLog { - def eventDetails : EventLogDetails - - def id : Option[Int] = eventDetails.id // autogenerated id, by the serialization system - - def principal : EventActor = eventDetails.principal - - def creationDate : DateTime = eventDetails.creationDate - - /** - * When we create the EventLog, it usually shouldn't have an id, so the cause cannot be set - * That why we have the EventLogTree that holds the hierarchy of EventLogs, the cause being used only when deserializing the object - */ - def cause : Option[Int] = eventDetails.cause - - - def severity : Int = eventDetails.severity - - /** - * Some more (technical) details about the event, in a semi-structured - * format (XML). - * - * Usually, the rawData will be computed from the fields when serializing, - * and be used to fill the fields when deserializing - */ - def details : NodeSeq = eventDetails.details - - /** - * The modification id linked to that event log. - * Not all event log must have that id, but most should. - */ - def modificationId : Option[ModificationId] = eventDetails.modificationId - - //// not in details - - //event log type is given by the implementation class. - //we only precise the category. - /** - * Big category of the event - */ - def eventLogCategory : EventLogCategory - - /** - * An EventLogType used as identifier for that type of event. - * Must be unique among all events. - * Most of the time, the event class name plus Type is OK. - */ - def eventType : EventLogType - - def canRollBack : Boolean = eventType.canRollback -} - -/** - * The unspecialized Event Log. Used as a container when unserializing data, to be specialized later by the EventLogSpecializers - */ -case class UnspecializedEventLog( - override val eventDetails : EventLogDetails -) extends EventLog with HashcodeCaching { - override val eventType = UnspecializedEventLog.eventType - override val eventLogCategory = UnknownLogCategory -} - -object UnspecializedEventLog extends EventLogFilter { - override val eventType = UnknownEventLogType - - override def apply(x : (EventLogType, EventLogDetails)) : UnspecializedEventLog = UnspecializedEventLog(x._2) -} - -object EventLog { - def withContent(nodes:NodeSeq) = {nodes} - val emptyDetails = withContent(NodeSeq.Empty) -} - -case object UnknownEventLogType extends NoRollbackEventLogType { - def serialize = "UnknownType" -} - diff --git a/eventlog-api/src/main/scala/com/normation/eventlog/Modification.scala b/eventlog-api/src/main/scala/com/normation/eventlog/Modification.scala deleted file mode 100644 index f95ec32..0000000 --- a/eventlog-api/src/main/scala/com/normation/eventlog/Modification.scala +++ /dev/null @@ -1,53 +0,0 @@ -/* -************************************************************************************* -* Copyright 2011 Normation SAS -************************************************************************************* -* -* This program is free software: you can redistribute it and/or modify -* it under the terms of the GNU Affero General Public License as -* published by the Free Software Foundation, either version 3 of the -* License, or (at your option) any later version. -* -* In accordance with the terms of section 7 (7. Additional Terms.) of -* the GNU Affero GPL v3, the copyright holders add the following -* Additional permissions: -* Notwithstanding to the terms of section 5 (5. Conveying Modified Source -* Versions) and 6 (6. Conveying Non-Source Forms.) of the GNU Affero GPL v3 -* licence, when you create a Related Module, this Related Module is -* not considered as a part of the work and may be distributed under the -* license agreement of your choice. -* A "Related Module" means a set of sources files including their -* documentation that, without modification of the Source Code, enables -* supplementary functions or services in addition to those offered by -* the Software. -* -* This program is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU Affero General Public License for more details. -* -* You should have received a copy of the GNU Affero General Public License -* along with this program. If not, see . -* -************************************************************************************* -*/ - -package com.normation.eventlog - -import com.normation.utils.HashcodeCaching - -/** - * A modification is some write action we want to be able to trace. - * Typical modification are update on a rule, creation of a directive, - * acceptation of a node, deletion of a group. - * - * Modification may be initiated from a user of from some automated - * process, like the update of dynamic groups - */ - - -final case class ModificationId(value:String) extends HashcodeCaching - -object ModificationId { - val dummy = ModificationId("dummy-modification-id") -} \ No newline at end of file diff --git a/eventlog-api/src/test/scala/gitPlaceholder b/eventlog-api/src/test/scala/gitPlaceholder deleted file mode 100644 index e69de29..0000000 diff --git a/pom.xml b/pom.xml index 5844d50..418a976 100644 --- a/pom.xml +++ b/pom.xml @@ -31,8 +31,6 @@ limitations under the License. utils - authorization-api - eventlog-api historization-api