コード例 #1
0
  /** set note authorization information */
  @PUT
  @Path("{noteId}/permissions")
  @ZeppelinApi
  public Response putNotePermissions(@PathParam("noteId") String noteId, String req)
      throws IOException {
    HashMap<String, HashSet> permMap =
        gson.fromJson(req, new TypeToken<HashMap<String, HashSet>>() {}.getType());
    Note note = notebook.getNote(noteId);
    String principal = SecurityUtils.getPrincipal();
    HashSet<String> roles = SecurityUtils.getRoles();
    LOG.info(
        "Set permissions {} {} {} {} {}",
        noteId,
        principal,
        permMap.get("owners"),
        permMap.get("readers"),
        permMap.get("writers"));

    HashSet<String> userAndRoles = new HashSet<String>();
    userAndRoles.add(principal);
    userAndRoles.addAll(roles);
    if (!notebookAuthorization.isOwner(noteId, userAndRoles)) {
      return new JsonResponse<>(
              Status.FORBIDDEN,
              ownerPermissionError(userAndRoles, notebookAuthorization.getOwners(noteId)))
          .build();
    }

    HashSet readers = permMap.get("readers");
    HashSet owners = permMap.get("owners");
    HashSet writers = permMap.get("writers");
    // Set readers, if writers and owners is empty -> set to user requesting the change
    if (readers != null && !readers.isEmpty()) {
      if (writers.isEmpty()) {
        writers = Sets.newHashSet(SecurityUtils.getPrincipal());
      }
      if (owners.isEmpty()) {
        owners = Sets.newHashSet(SecurityUtils.getPrincipal());
      }
    }
    // Set writers, if owners is empty -> set to user requesting the change
    if (writers != null && !writers.isEmpty()) {
      if (owners.isEmpty()) {
        owners = Sets.newHashSet(SecurityUtils.getPrincipal());
      }
    }

    notebookAuthorization.setReaders(noteId, readers);
    notebookAuthorization.setWriters(noteId, writers);
    notebookAuthorization.setOwners(noteId, owners);
    LOG.debug(
        "After set permissions {} {} {}",
        notebookAuthorization.getOwners(noteId),
        notebookAuthorization.getReaders(noteId),
        notebookAuthorization.getWriters(noteId));
    AuthenticationInfo subject = new AuthenticationInfo(SecurityUtils.getPrincipal());
    note.persist(subject);
    notebookServer.broadcastNote(note);
    return new JsonResponse<>(Status.OK).build();
  }
コード例 #2
0
 /** Search for a Notes with permissions */
 @GET
 @Path("search")
 @ZeppelinApi
 public Response search(@QueryParam("q") String queryTerm) {
   LOG.info("Searching notebooks for: {}", queryTerm);
   String principal = SecurityUtils.getPrincipal();
   HashSet<String> roles = SecurityUtils.getRoles();
   HashSet<String> userAndRoles = new HashSet<String>();
   userAndRoles.add(principal);
   userAndRoles.addAll(roles);
   List<Map<String, String>> notebooksFound = notebookIndex.query(queryTerm);
   for (int i = 0; i < notebooksFound.size(); i++) {
     String[] Id = notebooksFound.get(i).get("id").split("/", 2);
     String noteId = Id[0];
     if (!notebookAuthorization.isOwner(noteId, userAndRoles)
         && !notebookAuthorization.isReader(noteId, userAndRoles)
         && !notebookAuthorization.isWriter(noteId, userAndRoles)) {
       notebooksFound.remove(i);
       i--;
     }
   }
   LOG.info("{} notebooks found", notebooksFound.size());
   return new JsonResponse<>(Status.OK, notebooksFound).build();
 }