Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

FCREPO-1008 Filtering of search results by access constraints

Applied the principle of the patch from Swithun Crowe, thank you,
however, not the case specific parts, and I have chosen to send all
user attributes to the SearchResultFilteringDemoImpl, not just
fedoraRoles.
  • Loading branch information...
commit 0cdb26dd40b59ebc3a9fdb94bf650f927c616bdd 1 parent 779db05
Gert Schmeltz Pedersen authored
View
9 FedoraGenericSearch/src/java/dk/defxws/fedoragsearch/server/Config.java
@@ -18,7 +18,9 @@
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.ListIterator;
+import java.util.Map;
import java.util.Properties;
+import java.util.Set;
import java.util.StringTokenizer;
import javax.xml.transform.Transformer;
@@ -1153,6 +1155,11 @@ public GenericOperationsImpl getOperationsImpl(String indexNameParam)
public GenericOperationsImpl getOperationsImpl(String fgsUserNameParam, String indexNameParam)
throws ConfigException {
+ return getOperationsImpl(null, indexNameParam, null);
+ }
+
+ public GenericOperationsImpl getOperationsImpl(String fgsUserNameParam, String indexNameParam, Map<String, Set<String>> fgsUserAttributes)
+ throws ConfigException {
GenericOperationsImpl ops = null;
String indexName = getIndexName(indexNameParam);
Properties indexProps = getIndexProps(indexName);
@@ -1191,7 +1198,7 @@ public GenericOperationsImpl getOperationsImpl(String fgsUserNameParam, String i
throw new ConfigException(operationsImpl
+ ": instantiation error.\n", e);
}
- ops.init(fgsUserNameParam, indexName, this);
+ ops.init(fgsUserNameParam, indexName, this, fgsUserAttributes);
return ops;
}
View
8 FedoraGenericSearch/src/java/dk/defxws/fedoragsearch/server/GenericOperationsImpl.java
@@ -15,6 +15,7 @@
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
+import java.util.Set;
import java.util.StringTokenizer;
import javax.xml.transform.stream.StreamSource;
@@ -49,6 +50,8 @@
int debuglength = 500;
private static final Map fedoraClients = new HashMap();
+
+ protected Map<String, Set<String>> fgsUserAttributes;
protected String fgsUserName;
protected String indexName;
@@ -152,8 +155,13 @@ public void init(String indexName, Config currentConfig) {
}
public void init(String fgsUserName, String indexName, Config currentConfig) {
+ init(null, indexName, currentConfig, null);
+ }
+
+ public void init(String fgsUserName, String indexName, Config currentConfig, Map<String, Set<String>> fgsUserAttributes) {
this.fgsUserName = fgsUserName;
this.indexName = indexName;
+ this.fgsUserAttributes = fgsUserAttributes;
config = currentConfig;
if (null==this.fgsUserName || this.fgsUserName.length()==0) {
try {
View
11 FedoraGenericSearch/src/java/dk/defxws/fedoragsearch/server/RESTImpl.java
@@ -49,6 +49,8 @@
private String resultPageXslt;
private String restXslt;
+ private Map<String, Set<String>> fgsUserAttributes;
+
private static final String CONTENTTYPEHTML = "Html";
private static final String OP_GFINDOBJECTS = "gfindObjects";
@@ -87,9 +89,9 @@ public void doGet(HttpServletRequest request, HttpServletResponse response)
String remoteUser = request.getRemoteUser();
if (remoteUser==null) remoteUser = "";
StringBuffer uasb = new StringBuffer("\nFEDORA_AUX_SUBJECT_ATTRIBUTES=");
- Map<String, Set<String>> userAttributes = (Map<String, Set<String>>) request.getAttribute("FEDORA_AUX_SUBJECT_ATTRIBUTES");
- if (null != userAttributes) {
- for (Map.Entry<String, Set<String>> e : userAttributes.entrySet()) {
+ fgsUserAttributes = (Map<String, Set<String>>) request.getAttribute("FEDORA_AUX_SUBJECT_ATTRIBUTES");
+ if (null != fgsUserAttributes) {
+ for (Map.Entry<String, Set<String>> e : fgsUserAttributes.entrySet()) {
uasb.append(e.getKey() + ":");
for (String s : e.getValue()) {
uasb.append(s + ",");
@@ -223,7 +225,8 @@ private String gfindObjects(HttpServletRequest request, HttpServletResponse resp
if (sortFields==null) {
sortFields = "";
}
- Operations ops = config.getOperationsImpl(request.getRemoteUser(), indexName);
+// Operations ops = config.getOperationsImpl(request.getRemoteUser(), indexName);
+ Operations ops = config.getOperationsImpl(request.getRemoteUser(), indexName, fgsUserAttributes);
String result = ops.gfindObjects(query, hitPageStart, hitPageSize, snippetsMax, fieldMaxLength, indexName, sortFields,resultPageXslt);
return result;
}
View
24 FedoraGenericSearch/src/java/dk/defxws/fedoragsearch/server/SearchResultFiltering.java
@@ -7,6 +7,9 @@
*/
package dk.defxws.fedoragsearch.server;
+import java.util.Map;
+import java.util.Set;
+
/**
*
@@ -14,10 +17,25 @@
* @version
*/public interface SearchResultFiltering {
- public String selectIndexNameForPresearch(String fgsUserName, String indexName) throws java.rmi.RemoteException;
+ public String selectIndexNameForPresearch(
+ String fgsUserName,
+ String indexName,
+ Map<String, Set<String>> fgsUserAttributes,
+ Config config)
+ throws java.rmi.RemoteException;
- public String rewriteQueryForInsearch(String fgsUserName, String indexName, String query) throws java.rmi.RemoteException;
+ public String rewriteQueryForInsearch(
+ String fgsUserName,
+ String indexName,
+ String query,
+ Map<String, Set<String>> fgsUserAttributes,
+ Config config)
+ throws java.rmi.RemoteException;
- public StringBuffer filterResultsetForPostsearch(String fgsUserName, StringBuffer resultSetXml, Config config) throws java.rmi.RemoteException;
+ public StringBuffer filterResultsetForPostsearch(
+ String fgsUserName,
+ StringBuffer resultSetXml,
+ Map<String, Set<String>> fgsUserAttributes,
+ Config config) throws java.rmi.RemoteException;
}
View
64 FedoraGenericSearch/src/java/dk/defxws/fedoragsearch/server/SearchResultFilteringDemoImpl.java
@@ -11,6 +11,7 @@
import java.io.StringReader;
import java.util.HashMap;
import java.util.Map;
+import java.util.Set;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
@@ -44,32 +45,54 @@
private static final Map fedoraClients = new HashMap();
- public String selectIndexNameForPresearch(String fgsUserName, String indexNameParam) throws java.rmi.RemoteException {
+ public String selectIndexNameForPresearch(
+ String fgsUserName,
+ String indexNameParam,
+ Map<String, Set<String>> fgsUserAttributes,
+ Config config)
+ throws java.rmi.RemoteException {
String indexName = indexNameParam;
- String userRole = getUserRole(fgsUserName);
- if ("SmileyAdmin".equals(userRole))
- indexName = "SmileyAdminIndex";
- else if ("SmileyUser".equals(userRole))
- indexName = "SmileyUserIndex";
- else if ("administrator".equals(userRole))
- indexName = "AllObjectsIndex";
+ if (null != fgsUserAttributes) {
+ Set<String> roles = fgsUserAttributes.get("smileyRole");
+ if (null != roles && 0 < roles.size()) {
+ if (roles.contains("SmileyAdministrator")) {
+ indexName = "SmileyAdminIndex";
+ } else if (roles.contains("SmileyUser")) {
+ indexName = "SmileyUserIndex";
+ } else if (roles.contains("administrator")) {
+ indexName = "AllObjectsIndex";
+ }
+ }
+ }
return indexName;
}
- public String rewriteQueryForInsearch(String fgsUserName, String indexName, String query) throws java.rmi.RemoteException {
+ public String rewriteQueryForInsearch(
+ String fgsUserName,
+ String indexName,
+ String query,
+ Map<String, Set<String>> fgsUserAttributes,
+ Config config)
+ throws java.rmi.RemoteException {
// query rewriting shall correspond to the additional index field(s) in the xslt indexing stylesheet.
String rewrittenQuery = query;
- String userRole = getUserRole(fgsUserName);
- if ("SmileyAdmin".equals(userRole))
- rewrittenQuery = "( " + query + " ) AND smiley AND PID:demo*";
- else if ("SmileyUser".equals(userRole))
- rewrittenQuery = "( " + query + " ) AND smiley AND PID:demo* NOT PID:\"demo:SmileyStuff\"";
+ if (null != fgsUserAttributes) {
+ Set<String> roles = fgsUserAttributes.get("smileyRole");
+ if (null != roles && 0 < roles.size()) {
+ if (roles.contains("SmileyAdministrator")) {
+ rewrittenQuery = "( " + query + " ) AND smiley AND PID:demo*";
+ } else if (roles.contains("SmileyUser")) {
+ rewrittenQuery = "( " + query + " ) AND smiley AND PID:demo* NOT PID:\"demo:SmileyStuff\"";
+ }
+ }
+ }
return rewrittenQuery;
}
public StringBuffer filterResultsetForPostsearch(
String fgsUserName,
StringBuffer resultSetXml,
+ Map<String, Set<String>> fgsUserAttributes,
Config config)
throws java.rmi.RemoteException {
StringBuffer result = resultSetXml;
@@ -154,19 +177,6 @@ public StringBuffer filterResultsetForPostsearch(
new String[0]);
return result;
}
-
- private String getUserRole(String fgsUserName) {
- //fetch user role from ldap or ... shortcut for this demo:
- //assuming that the user name implies the role
- String userRole = "";
- if (fgsUserName.startsWith("smileyAdmin"))
- userRole = "SmileyAdmin";
- else if (fgsUserName.startsWith("smileyUser"))
- userRole = "SmileyUser";
- else if (fgsUserName.equals("fedoraAdmin"))
- userRole = "administrator";
- return userRole;
- }
private static FedoraClient getFedoraClient(
String repositoryName,
View
6 FgsLucene/src/java/dk/defxws/fgslucene/OperationsImpl.java
@@ -71,7 +71,7 @@ public String gfindObjects(
super.gfindObjects(query, hitPageStart, hitPageSize, snippetsMax, fieldMaxLength, indexName, sortFields, resultPageXslt);
String usingIndexName = config.getIndexName(indexName);
if (srf != null && config.isSearchResultFilteringActive("presearch")) {
- usingIndexName = srf.selectIndexNameForPresearch(fgsUserName, usingIndexName);
+ usingIndexName = srf.selectIndexNameForPresearch(fgsUserName, usingIndexName, fgsUserAttributes, config);
if (logger.isDebugEnabled())
logger.debug("gfindObjects presearch" +
" fgsUserName="+fgsUserName+
@@ -79,7 +79,7 @@ public String gfindObjects(
}
String usingQuery = query;
if (srf != null && config.isSearchResultFilteringActive("insearch")) {
- usingQuery = srf.rewriteQueryForInsearch(fgsUserName, usingIndexName, query);
+ usingQuery = srf.rewriteQueryForInsearch(fgsUserName, usingIndexName, query, fgsUserAttributes, config);
if (logger.isDebugEnabled())
logger.debug("gfindObjects insearch" +
" fgsUserName="+fgsUserName+
@@ -107,7 +107,7 @@ public String gfindObjects(
resultSet.getResultXml(),
params);
if (srf != null && config.isSearchResultFilteringActive("postsearch")) {
- resultXml = srf.filterResultsetForPostsearch(fgsUserName, resultXml, config);
+ resultXml = srf.filterResultsetForPostsearch(fgsUserName, resultXml, fgsUserAttributes, config);
if (logger.isDebugEnabled())
logger.debug("gfindObjects postsearch" +
" fgsUserName="+fgsUserName+
View
6 FgsSolr2/src/java/dk/defxws/fgssolr/OperationsImpl.java
@@ -73,7 +73,7 @@ public String gfindObjects(
super.gfindObjects(query, hitPageStart, hitPageSize, snippetsMax, fieldMaxLength, indexName, sortFields, resultPageXslt);
String usingIndexName = config.getIndexName(indexName);
if (srf != null && config.isSearchResultFilteringActive("presearch")) {
- usingIndexName = srf.selectIndexNameForPresearch(fgsUserName, usingIndexName);
+ usingIndexName = srf.selectIndexNameForPresearch(fgsUserName, usingIndexName, fgsUserAttributes, config);
if (logger.isDebugEnabled())
logger.debug("gfindObjects presearch" +
" fgsUserName="+fgsUserName+
@@ -81,7 +81,7 @@ public String gfindObjects(
}
String usingQuery = query;
if (srf != null && config.isSearchResultFilteringActive("insearch")) {
- usingQuery = srf.rewriteQueryForInsearch(fgsUserName, usingIndexName, query);
+ usingQuery = srf.rewriteQueryForInsearch(fgsUserName, usingIndexName, query, fgsUserAttributes, config);
if (logger.isDebugEnabled())
logger.debug("gfindObjects insearch" +
" fgsUserName="+fgsUserName+
@@ -108,7 +108,7 @@ public String gfindObjects(
resultSet.getResultXml(),
params);
if (srf != null && config.isSearchResultFilteringActive("postsearch")) {
- resultXml = srf.filterResultsetForPostsearch(fgsUserName, resultXml, config);
+ resultXml = srf.filterResultsetForPostsearch(fgsUserName, resultXml, fgsUserAttributes, config);
if (logger.isDebugEnabled())
logger.debug("gfindObjects postsearch" +
" fgsUserName="+fgsUserName+
Please sign in to comment.
Something went wrong with that request. Please try again.