Refactoring

tushar-97 · Aug 12, 2019 · 46a0d93 · 46a0d93
1 parent 684fb31
commit 46a0d93
Show file tree

Hide file tree

Showing 6 changed files with 28 additions and 14 deletions.
diff --git a/.../src/main/java/edu/emory/cci/bindaas/datasource/provider/mongodb/MongoDBQueryHandler.java b/.../src/main/java/edu/emory/cci/bindaas/datasource/provider/mongodb/MongoDBQueryHandler.java
@@ -153,12 +153,12 @@ else if(configuration.getUsername().isEmpty() && configuration.getPassword().isE
                     }
 
                     final Object role = requestContext.getAttributes().get(BindaasConstants.ROLE);
-                    Boolean authorization = configuration.getAuthorizationCollection() != null && !configuration.getAuthorizationCollection().isEmpty();
+                    boolean authorization = configuration.getAuthorizationCollection() != null && !configuration.getAuthorizationCollection().isEmpty();
 
                     // caching role for all query operations
                     if( role != null && authorization) {
                         try {
-                            getAuthorizationRulesCache().get(role.toString(), new Callable<List<String>>() {
+                           List<String> projects =  getAuthorizationRulesCache().get(role.toString(), new Callable<List<String>>() {
                                 @Override
                                 public List<String> call() throws Exception {
                                     MongoClient mongo = null;
@@ -195,8 +195,6 @@ else if(configuration.getUsername().isEmpty() && configuration.getPassword().isE
                                 }
                             });
 
-//                            addAuthRule(role.toString(),projectsList);
-
                         } catch (Exception e) {
                             log.error(e);
                             throw e;

diff --git a/...va/edu/emory/cci/bindaas/datasource/provider/mongodb/operation/CountOperationHandler.java b/...va/edu/emory/cci/bindaas/datasource/provider/mongodb/operation/CountOperationHandler.java
@@ -29,7 +29,7 @@ public class CountOperationHandler implements IOperationHandler {
 
 	@Override
 	public QueryResult handleOperation(DBCollection collection,
-			OutputFormatProps outputFormatProps, JsonObject operationArguments , OutputFormatRegistry registry, String role, Boolean authorization)
+			OutputFormatProps outputFormatProps, JsonObject operationArguments , OutputFormatRegistry registry, String role, boolean authorization)
 			throws ProviderException {
 		CountOperationDescriptor operationDescriptor = GSONUtil.getGSONInstance().fromJson(operationArguments, CountOperationDescriptor.class);
 		validateArguments(operationDescriptor);
@@ -39,7 +39,8 @@ public QueryResult handleOperation(DBCollection collection,
 				DBCursor cursor = collection.find(query);
 				if(authorization) {
 					for(DBObject o : cursor) {
-						if(!getAuthorizationRulesCache().getIfPresent(role).contains(o.get("Project").toString())){
+						if(!getAuthorizationRulesCache().getIfPresent(role).
+								contains(o.get("Project").toString())){
 							throw new ProviderException(MongoDBProvider.class.getName() , MongoDBProvider.VERSION, "Not authorized to execute this query.");
 						}
 					}

diff --git a/...a/edu/emory/cci/bindaas/datasource/provider/mongodb/operation/DeleteOperationHandler.java b/...a/edu/emory/cci/bindaas/datasource/provider/mongodb/operation/DeleteOperationHandler.java
@@ -29,7 +29,7 @@ public class DeleteOperationHandler implements IOperationHandler{
 	private Log log = LogFactory.getLog(getClass());
 	@Override
 	public QueryResult handleOperation(DBCollection collection,
-			OutputFormatProps outputFormatProps, JsonObject operationArguments , OutputFormatRegistry registry, String role, Boolean authorization )
+			OutputFormatProps outputFormatProps, JsonObject operationArguments , OutputFormatRegistry registry, String role, boolean authorization )
 			throws ProviderException {
 
 		DeleteOperationDescriptor operationDescriptor = GSONUtil.getGSONInstance().fromJson(operationArguments, DeleteOperationDescriptor.class);
@@ -38,7 +38,8 @@ public QueryResult handleOperation(DBCollection collection,
 		DBCursor cursor = collection.find(query);
 		if(authorization) {
 			for(DBObject o : cursor) {
-				if(!getAuthorizationRulesCache().getIfPresent(role).contains(o.get("Project").toString())){
+				if(!getAuthorizationRulesCache().getIfPresent(role).
+						contains(o.get("Project").toString())){
 					throw new ProviderException(MongoDBProvider.class.getName() , MongoDBProvider.VERSION, "Not authorized to execute this query.");
 				}
 			}

diff --git a/...ava/edu/emory/cci/bindaas/datasource/provider/mongodb/operation/FindOperationHandler.java b/...ava/edu/emory/cci/bindaas/datasource/provider/mongodb/operation/FindOperationHandler.java
@@ -29,7 +29,7 @@ public class FindOperationHandler implements IOperationHandler {
 	private Log log = LogFactory.getLog(getClass());
 	@Override
 	public QueryResult handleOperation(DBCollection collection,
-			OutputFormatProps outputFormatProps, JsonObject operationArguments , OutputFormatRegistry registry, String role, Boolean authorization )
+			OutputFormatProps outputFormatProps, JsonObject operationArguments , OutputFormatRegistry registry, String role, boolean authorization )
 			throws ProviderException {
 
 		FindOperationDescriptor operationDescriptor = GSONUtil.getGSONInstance().fromJson(operationArguments, FindOperationDescriptor.class);
@@ -57,7 +57,8 @@ public QueryResult handleOperation(DBCollection collection,
 
 				if(authorization) {
 					for(DBObject o : cursor) {
-						if(!getAuthorizationRulesCache().getIfPresent(role).contains(o.get("Project").toString())){
+						if(!getAuthorizationRulesCache().getIfPresent(role).
+								contains(o.get("Project").toString())){
 							throw new ProviderException(MongoDBProvider.class.getName() , MongoDBProvider.VERSION, "Not authorized to execute this query.");
 						}
 					}

diff --git a/...n/java/edu/emory/cci/bindaas/datasource/provider/mongodb/operation/IOperationHandler.java b/...n/java/edu/emory/cci/bindaas/datasource/provider/mongodb/operation/IOperationHandler.java
@@ -10,6 +10,6 @@
 
 public interface IOperationHandler {
 
-	public QueryResult handleOperation(DBCollection collection, OutputFormatProps outputFormatProps , JsonObject operationArguments, OutputFormatRegistry registry, String rsole, Boolean authorization) throws ProviderException;
+	public QueryResult handleOperation(DBCollection collection, OutputFormatProps outputFormatProps , JsonObject operationArguments, OutputFormatRegistry registry, String rsole, boolean authorization) throws ProviderException;
 
 }
diff --git a/...a/edu/emory/cci/bindaas/datasource/provider/mongodb/operation/UpdateOperationHandler.java b/...a/edu/emory/cci/bindaas/datasource/provider/mongodb/operation/UpdateOperationHandler.java
@@ -8,6 +8,7 @@
 import com.google.gson.JsonObject;
 import com.google.gson.annotations.Expose;
 import com.mongodb.DBCollection;
+import com.mongodb.DBCursor;
 import com.mongodb.DBObject;
 import com.mongodb.WriteResult;
 import com.mongodb.util.JSON;
@@ -20,18 +21,30 @@
 import edu.emory.cci.bindaas.framework.util.GSONUtil;
 import edu.emory.cci.bindaas.framework.util.StandardMimeType;
 
+import static edu.emory.cci.bindaas.datasource.provider.mongodb.MongoDBProvider.getAuthorizationRulesCache;
+
 public class UpdateOperationHandler implements IOperationHandler{
 
 	private Log log = LogFactory.getLog(getClass());
 	@Override
 	public QueryResult handleOperation(DBCollection collection,
-			OutputFormatProps outputFormatProps, JsonObject operationArguments , OutputFormatRegistry registry )
+			OutputFormatProps outputFormatProps, JsonObject operationArguments , OutputFormatRegistry registry, String role, boolean authorization )
 			throws ProviderException {
 
 		UpdateOperationDescriptor operationDescriptor = GSONUtil.getGSONInstance().fromJson(operationArguments, UpdateOperationDescriptor.class);
 		validateArguments(operationDescriptor);
-
-		WriteResult writeResult = collection.update( DBObject.class.cast(JSON.parse(operationDescriptor.query.toString())), DBObject.class.cast(JSON.parse(operationDescriptor.update.toString())),operationDescriptor.upsert,operationDescriptor.multi);
+
+		DBObject query = (DBObject) JSON.parse(operationDescriptor.query.toString());
+		DBCursor cursor = collection.find(query);
+		if(authorization) {
+			for(DBObject o : cursor) {
+				if(!getAuthorizationRulesCache().getIfPresent(role).
+						contains(o.get("Project").toString())){
+					throw new ProviderException(MongoDBProvider.class.getName() , MongoDBProvider.VERSION, "Not authorized to execute this query.");
+				}
+			}
+		}
+		WriteResult writeResult = collection.update(query, DBObject.class.cast(JSON.parse(operationDescriptor.update.toString())),operationDescriptor.upsert,operationDescriptor.multi);
 		QueryResult queryResult = new QueryResult();
 		queryResult.setData(new ByteArrayInputStream( String.format("{ \"rowsAffected\" : %s ,  \"operation\" : \"update\" , " +
 				"\"query\" : %s , \"upsert\": %b , \"multi\": %b }", writeResult.getN() + "" ,