@Override
public ResourceResponse processPostResource(ResourceResponse input, Metacard metacard)
throws StopProcessingException {
if (input.getRequest() == null || input.getRequest().getProperties() == null) {
throw new StopProcessingException(
"Unable to filter contents of current message, no user Subject available.");
}
KeyValueCollectionPermission securityPermission =
new KeyValueCollectionPermission(CollectionPermission.READ_ACTION);
Subject subject = getSubject(input);
Attribute attr = metacard.getAttribute(Metacard.SECURITY);
if (!checkPermissions(attr, securityPermission, subject, CollectionPermission.READ_ACTION)) {
for (FilterStrategy filterStrategy : filterStrategies.values()) {
FilterResult filterResult = filterStrategy.process(input, metacard);
if (filterResult.processed()) {
if (filterResult.response() == null) {
throw new StopProcessingException("Subject not permitted to receive resource");
} else {
input = (ResourceResponse) filterResult.response();
}
break;
// returned metacards are ignored for resource requests
}
}
if (filterStrategies.size() == 0) {
throw new StopProcessingException("Subject not permitted to receive resource");
}
}
return input;
}
@Override
public QueryResponse processPostQuery(QueryResponse input) throws StopProcessingException {
if (input.getRequest() == null || input.getRequest().getProperties() == null) {
throw new StopProcessingException(
"Unable to filter contents of current message, no user Subject available.");
}
Subject subject = getSubject(input);
List<Result> results = input.getResults();
List<Result> newResults = new ArrayList<>(results.size());
Metacard metacard;
KeyValueCollectionPermission securityPermission =
new KeyValueCollectionPermission(CollectionPermission.READ_ACTION);
int filteredMetacards = 0;
for (Result result : results) {
metacard = result.getMetacard();
Attribute attr = metacard.getAttribute(Metacard.SECURITY);
if (!checkPermissions(attr, securityPermission, subject, CollectionPermission.READ_ACTION)) {
for (FilterStrategy filterStrategy : filterStrategies.values()) {
FilterResult filterResult = filterStrategy.process(input, metacard);
if (filterResult.processed()) {
if (filterResult.metacard() != null) {
newResults.add(new ResultImpl(filterResult.metacard()));
}
break;
// returned responses are ignored for queries
}
}
filteredMetacards++;
} else {
newResults.add(result);
}
}
LOGGER.info("Filtered {} metacards, returned {}", filteredMetacards, newResults.size());
SecurityLogger.logInfo(
"Filtered " + filteredMetacards + " metacards, returned " + newResults.size());
input.getResults().clear();
input.getResults().addAll(newResults);
newResults.clear();
return input;
}