Browse files

Successful read of field permissions based on user's credentials and …

…each field's permission treeset. The subsequent person that is returned has valid values in fields that match with the user's credentials. Otherwise it returns a null value.
  • Loading branch information...
1 parent 09a7587 commit f3ec66dc0b4131cdecd210fadabd0e99c4a04504 @chrim chrim committed Nov 11, 2010
View
45 src/main/java/gov/nysenate/opendirectory/ldap/Test.java
@@ -41,12 +41,39 @@
*/
public static void main(String[] args) throws NamingException, SolrServerException, IOException {
- try {
+ //try {
+ //Test secureloader
+ Solr test_solr = new Solr();
+ test_solr.connect();
+
+ Person test_person = new Person();
+ TreeSet<String> creds = new TreeSet<String>();
+
+ creds.add("charlie_senate");
+
+ test_person.setCredentials(creds);
+
+ SolrSession test_session = new SolrSession(test_person, test_solr);
+ Person result = new Person();
+ result = test_session.loadPersonByName("codetestname");
+ System.out.println(result.getLastName());
+ System.out.println(result.getLocation());
+ System.out.println(result.getEmail());
+ System.out.println(result.getDepartment());
+ System.out.println(result.getFullName());
+ System.out.println(result.getFirstName());
- /*TEST INPUTTING A PERSON INTO SOLR
+ /*SolrQuery query = new SolrQuery();
+ query.setQuery("id:codetes*");
+ query.setRows(1);
+
+ QueryResponse rsp = server.query(query);
+ */
+
+ /*/TEST INPUTTING A PERSON INTO SOLR
Solr test_solr = new Solr();
test_solr.connect();
@@ -70,21 +97,25 @@ public static void main(String[] args) throws NamingException, SolrServerExcepti
credentials.add("delta_admin");
credentials.add("echo_GODMODE");
permission.put("location", new TreeSet<String>(credentials));
+ permission.put("fullName", new TreeSet<String>(credentials));
credentials.add("foxtrot_senatorA");
+
+
test_person.setUid("codetest");
test_person.setDepartment("CODETEST_department");
test_person.setEmail("CODETEST_email");
test_person.setFirstName("CODETEST_first");
test_person.setLastName("CODETEST_last");
test_person.setLocation("CODETEST_location");
+ test_person.setFullName("codetestname");
test_person.setCredentials(new TreeSet<String>(credentials));
test_person.setPermissions(permission);
SolrSession test_session = new SolrSession(test_person, test_solr);
test_session.savePerson(test_person);
- /*
+
/*******PULL in INFO from LDAP*********
//Set the attributes to retrieve
@@ -191,8 +222,8 @@ public static void main(String[] args) throws NamingException, SolrServerExcepti
*/
- }
- /*/If the authorization credentials are bad, we'll catch that here and report the failure
+ /*}
+ //If the authorization credentials are bad, we'll catch that here and report the failure
catch (AuthenticationException e) {
System.out.println("Authentication Failed!");
} catch (MalformedURLException e) {
@@ -201,10 +232,10 @@ public static void main(String[] args) throws NamingException, SolrServerExcepti
} catch (SolrServerException e) {
// TODO Auto-generated catch block
e.printStackTrace();
- }*/ catch (IOException e) {
+ } catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
- }
+ }*/
//Bad queries aren't caught here, not sure how to do that yet.
}
View
80 src/main/java/gov/nysenate/opendirectory/solr/SecureLoader.java
@@ -1,6 +1,13 @@
package gov.nysenate.opendirectory.solr;
+import java.io.StringReader;
+import java.lang.reflect.Method;
+import java.util.TreeSet;
+
import org.apache.solr.common.SolrDocument;
+import javax.xml.parsers.*;
+import org.xml.sax.InputSource;
+import org.w3c.dom.*;
import gov.nysenate.opendirectory.models.Person;
@@ -15,17 +22,70 @@ public SecureLoader(Person user) {
public Person loadPerson(SolrDocument profile) {
//Do the loading here
Person person = new Person();
- person.setFirstName((String)profile.getFieldValue("firstName"));
- person.setLastName((String)profile.getFieldValue("lastName"));
- person.setFullName((String)profile.getFieldValue("fullName"));
- person.setDepartment((String)profile.getFieldValue("department"));
- person.setLocation((String)profile.getFieldValue("location"));
- person.setEmail((String)profile.getFieldValue("email"));
- person.setPhone((String)profile.getFieldValue("phone"));
- person.setTitle((String)profile.getFieldValue("title"));
- person.setState((String)profile.getFieldValue("state"));
- person.setUid((String)profile.getFieldValue("id"));
+
+ //Dependent on matching user credentials and field credentials
+ //load into the person object
+ String permissions_xml = (String)profile.getFieldValue("permissions");
+
+ try {
+ DocumentBuilderFactory dbf =
+ DocumentBuilderFactory.newInstance();
+ DocumentBuilder db = dbf.newDocumentBuilder();
+ InputSource is = new InputSource();
+ is.setCharacterStream(new StringReader(permissions_xml));
+
+ Document doc = db.parse(is);
+
+ NodeList fields = doc.getDocumentElement().getChildNodes();
+ //Node field = new Node();
+ TreeSet<String> permissions = new TreeSet<String>();
+
+ Boolean approved;
+
+ for(int c=0; c<fields.getLength(); c++)
+ {
+ approved=false;
+ permissions = Permission((String)fields.item(c).getAttributes().item(0).getNodeValue());
+
+ String fieldname = (String)fields.item(c).getAttributes().item(1).getNodeValue();
+
+ String setFieldName = "set"+fieldname.substring(0, 1).toUpperCase()+fieldname.substring(1);
+ Method setMethod = person.getClass().getMethod(setFieldName, String.class);
+
+ for(String temp : permissions) {
+ if(user.getCredentials().contains(temp) == true)
+ {
+ approved = true;
+ }
+ }
+
+ if(approved) {
+ setMethod.invoke(person, profile.getFieldValue(fieldname));
+ }
+ else{
+ setMethod.invoke(person, (String)null);
+ }
+ }
+ }
+
+ catch (Exception e) {
+ e.printStackTrace();
+ }
return person;
}
+ public TreeSet<String> Permission(String credentials){
+
+ TreeSet<String> permissions = new TreeSet<String>();
+
+ String[] credentialset = credentials.split(", ");
+
+ for(String temp : credentialset)
+ {
+ permissions.add(temp);
+ }
+
+ return permissions;
+ }
+
}
View
6 src/main/java/gov/nysenate/opendirectory/solr/SolrSession.java
@@ -31,7 +31,7 @@ public SolrSession(Person user, Solr solr) {
public Person loadPersonByName(String name) {
//Do the query
- QueryResponse results = solr.query("fullname:"+name);
+ QueryResponse results = solr.query("fullName:"+name);
SolrDocumentList profiles = results.getResults();
//Return null on no results
@@ -130,7 +130,7 @@ public String Permissions(HashMap<String,TreeSet<String>> permissions)
//XML to be written
String credentials = new String();
- credentials="<fields>\n";
+ credentials="<fields>";
String key;
String credential_list;
@@ -143,7 +143,7 @@ public String Permissions(HashMap<String,TreeSet<String>> permissions)
temp = credential_list.substring(1, credential_list.length()- 1);
credentials+="<field name=\"" + key + "\" allow = \"" +
- temp + "\"/>\n";
+ temp + "\"/>";
}

0 comments on commit f3ec66d

Please sign in to comment.