Skip to content

Commit

Permalink
Merge branch 'master' of github.com:restlet/restlet-framework-java
Browse files Browse the repository at this point in the history
  • Loading branch information
Thierry Boileau committed Sep 16, 2014
2 parents f96ae56 + 933ffa5 commit 59bf3d3
Show file tree
Hide file tree
Showing 3 changed files with 257 additions and 308 deletions.
86 changes: 20 additions & 66 deletions modules/org.restlet.ext.apispark/src/org/restlet/ext/apispark/FirewallService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,21 +33,10 @@

package org.restlet.ext.apispark;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

import org.restlet.Context;
import org.restlet.ext.apispark.internal.firewall.handler.BlockingHandler;
import org.restlet.ext.apispark.internal.firewall.handler.policy.PerValueLimitPolicy;
import org.restlet.ext.apispark.internal.firewall.handler.policy.RoleLimitPolicy;
import org.restlet.ext.apispark.internal.firewall.handler.policy.UniqueLimitPolicy;
import org.restlet.ext.apispark.internal.firewall.rule.ConcurrentFirewallCounterRule;
import org.restlet.ext.apispark.internal.firewall.rule.FirewallCounterRule;
import org.restlet.ext.apispark.internal.firewall.rule.PeriodicFirewallCounterRule;
import org.restlet.ext.apispark.internal.firewall.rule.policy.HostDomainCountingPolicy;
import org.restlet.ext.apispark.internal.firewall.rule.policy.IpAddressCountingPolicy;
import org.restlet.ext.apispark.internal.firewall.rule.policy.UserCountingPolicy;
import org.restlet.routing.Filter;
import org.restlet.security.Role;
import org.restlet.security.User;
Expand All @@ -63,7 +52,7 @@ public class FirewallService extends Service {
private FirewallFilter firewall;

/**
* Returns a rule that limits the number of concurrent requests by request's
* Adds a rule that limits the number of concurrent requests by request's
* host domain.
*
* @param limit
Expand All @@ -72,14 +61,11 @@ public class FirewallService extends Service {
* @return The associated rule.
*/
public void addHostDomainConcurrencyCounter(int limit) {
FirewallCounterRule rule = new ConcurrentFirewallCounterRule(
new HostDomainCountingPolicy());
rule.addHandler(new BlockingHandler(new UniqueLimitPolicy(limit)));
firewall.add(rule);
FirewallUtils.addHostDomainConcurrencyCounter(firewall, limit);
}

/**
* Returns a rule that limits the number of requests for a given period of
* Adds a rule that limits the number of requests for a given period of
* time by request's host domain.
*
* @param period
Expand All @@ -90,48 +76,34 @@ public void addHostDomainConcurrencyCounter(int limit) {
* @return The associated rule.
*/
public void addHostDomainPeriodicCounter(int period, int limit) {
FirewallCounterRule rule = new PeriodicFirewallCounterRule(period,
new HostDomainCountingPolicy());
rule.addHandler(new BlockingHandler(new UniqueLimitPolicy(limit)));
firewall.add(rule);
FirewallUtils.addHostDomainPeriodicCounter(firewall, period, limit);
}

/**
* Returns a rule that forbids access to the given set of IP addresses.
* Adds a rule that forbids access to the given set of IP addresses.
*
* @param blackList
* The list of rejected IP adresses.
* @return The associated rule.
*/
public void addIpAddressesBlackList(List<String> blackList) {
FirewallCounterRule rule = new ConcurrentFirewallCounterRule(
new IpAddressCountingPolicy());
Map<String, Integer> map = new HashMap<String, Integer>();
for (String ip : blackList) {
map.put(ip, 0);
}
rule.addHandler(new BlockingHandler(new PerValueLimitPolicy(map,
Integer.MAX_VALUE)));
firewall.add(rule);
FirewallUtils.addIpAddressesBlackList(firewall, blackList);
}

/**
* Returns a rule that restricts access according to the IP address of the
* Adds a rule that restricts access according to the IP address of the
* request's client. A unique limit is applied for all IP addresses.
*
* @param limit
* The maximum number of accepted concurrent requests.
* @return The associated rule.
*/
public void addIpAddressesConcurrencyCounter(int limit) {
FirewallCounterRule rule = new ConcurrentFirewallCounterRule(
new IpAddressCountingPolicy());
rule.addHandler(new BlockingHandler(new UniqueLimitPolicy(limit)));
firewall.add(rule);
FirewallUtils.addIpAddressesConcurrencyCounter(firewall, limit);
}

/**
* Returns a rule that restricts access by period of time according to the
* Adds a rule that restricts access by period of time according to the
* IP address of the request's client. A unique limit is applied for all IP
* addresses.
*
Expand All @@ -142,32 +114,22 @@ public void addIpAddressesConcurrencyCounter(int limit) {
* @return The associated rule.
*/
public void addIpAddressesPeriodicCounter(int period, int limit) {
FirewallCounterRule rule = new PeriodicFirewallCounterRule(period,
new IpAddressCountingPolicy());
rule.addHandler(new BlockingHandler(new UniqueLimitPolicy(limit)));
firewall.add(rule);
FirewallUtils.addIpAddressesPeriodicCounter(firewall, period, limit);
}

/**
* Returns a rule that restricts access to the given set of IP addresses.
* Adds a rule that restricts access to the given set of IP addresses.
*
* @param whiteList
* The list of accepted IP adresses.
* @return The associated rule.
*/
public void addIpAddressesWhiteList(List<String> whiteList) {
FirewallCounterRule rule = new ConcurrentFirewallCounterRule(
new IpAddressCountingPolicy());
Map<String, Integer> map = new HashMap<String, Integer>();
for (String ip : whiteList) {
map.put(ip, Integer.MAX_VALUE);
}
rule.addHandler(new BlockingHandler(new PerValueLimitPolicy(map, 0)));
firewall.add(rule);
FirewallUtils.addIpAddressesWhiteList(firewall, whiteList);
}

/**
* Returns a rule that restricts access according to the {@link Role} of the
* Adds a rule that restricts access according to the {@link Role} of the
* current authenticated {@link User}. Each role is defined a limit in terms
* of concurrent requests, in any other case the access is forbidden.
*
Expand All @@ -177,11 +139,11 @@ public void addIpAddressesWhiteList(List<String> whiteList) {
* @return The associated rule.
*/
public void addRolesConcurrencyCounter(Map<String, Integer> limitsPerRole) {
addRolesConcurrencyCounter(limitsPerRole, 0);
FirewallUtils.addRolesConcurrencyCounter(firewall, limitsPerRole);
}

/**
* Returns a rule that restricts access according to the {@link Role} of the
* Adds a rule that restricts access according to the {@link Role} of the
* current authenticated {@link User}. Each role is defined a limit in terms
* of concurrent requests, in any other case a default limit is applied.
*
Expand All @@ -194,15 +156,11 @@ public void addRolesConcurrencyCounter(Map<String, Integer> limitsPerRole) {
*/
public void addRolesConcurrencyCounter(Map<String, Integer> limitsPerRole,
int defaultLimit) {
FirewallCounterRule rule = new ConcurrentFirewallCounterRule(
new UserCountingPolicy());
rule.addHandler(new BlockingHandler(new RoleLimitPolicy(limitsPerRole,
defaultLimit)));
firewall.add(rule);
FirewallUtils.addRolesConcurrencyCounter(firewall, limitsPerRole, defaultLimit);
}

/**
* Returns a rule that restricts access according to the {@link Role} of the
* Adds a rule that restricts access according to the {@link Role} of the
* current authenticated {@link User}. Each role is defined a limit in terms
* of requests by period of time, in any other case the access is forbidden.
*
Expand All @@ -215,11 +173,11 @@ public void addRolesConcurrencyCounter(Map<String, Integer> limitsPerRole,
*/
public void addRolesPeriodicCounter(int period,
Map<String, Integer> limitsPerRole) {
addRolesPeriodicCounter(period, limitsPerRole, 0);
FirewallUtils.addRolesPeriodicCounter(firewall, period, limitsPerRole);
}

/**
* Returns a rule that restricts access according to the {@link Role} of the
* Adds a rule that restricts access according to the {@link Role} of the
* current authenticated {@link User}. Each role is defined a limit in terms
* of concurrent requests, in any other case a default limit is applied.
*
Expand All @@ -234,11 +192,7 @@ public void addRolesPeriodicCounter(int period,
*/
public void addRolesPeriodicCounter(int period,
Map<String, Integer> limitsPerRole, int defaultLimit) {
FirewallCounterRule rule = new PeriodicFirewallCounterRule(period,
new UserCountingPolicy());
rule.addHandler(new BlockingHandler(new RoleLimitPolicy(limitsPerRole,
defaultLimit)));
firewall.add(rule);
FirewallUtils.addRolesPeriodicCounter(firewall, period, limitsPerRole, defaultLimit);
}

@Override
Expand Down
3 changes: 1 addition & 2 deletions ...pispark/internal/utils/FirewallUtils.java → ...g/restlet/ext/apispark/FirewallUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,13 +31,12 @@
* Restlet is a registered trademark of Restlet S.A.S.
*/

package org.restlet.ext.apispark.internal.utils;
package org.restlet.ext.apispark;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

import org.restlet.ext.apispark.FirewallFilter;
import org.restlet.ext.apispark.internal.firewall.handler.BlockingHandler;
import org.restlet.ext.apispark.internal.firewall.handler.policy.PerValueLimitPolicy;
import org.restlet.ext.apispark.internal.firewall.handler.policy.RoleLimitPolicy;
Expand Down
Loading

0 comments on commit 59bf3d3

Please sign in to comment.