@Override
public void authorize(ContainerRequestContext request) {
logger.debug("ApplicationFilter.authorize");
if (SubjectUtils.isAnonymous()) {
ApplicationInfo application = null;
try {
// TODO not safe. could load arbitrary application
application = management.getApplicationInfo(getApplicationIdentifier());
} catch (Exception e) {
e.printStackTrace();
}
EntityManager em = getEntityManagerFactory().getEntityManager(application.getId());
Map<String, String> roles = null;
try {
roles = em.getRoles();
logger.debug("found roles {}", roles);
} catch (Exception e) {
logger.error("Unable retrieve roles", e);
}
if ((roles != null) && roles.containsKey("guest")) {
loginApplicationGuest(application);
} else {
throw mappableSecurityException("unauthorized", "No application guest access authorized");
}
}
if (!isPermittedAccessToApplication(getApplicationIdentifier())) {
throw mappableSecurityException("unauthorized", "No application access authorized");
}
}
@Override
public ApplicationInfo createSampleFor(OrganizationInfo organizationInfo)
throws ApplicationCreationException {
Preconditions.checkArgument(organizationInfo != null, "OrganizationInfo was null");
Preconditions.checkArgument(organizationInfo.getUuid() != null, "OrganizationInfo had no UUID");
logger.info("create sample app {} in: {}", sampleAppName, organizationInfo.getName());
UUID appId = null;
try {
appId =
managementService.createApplication(organizationInfo.getUuid(), sampleAppName).getId();
} catch (Exception ex) {
throw new ApplicationCreationException(
"'"
+ sampleAppName
+ "' could not be created for organization: "
+ organizationInfo.getUuid(),
ex);
}
logger.info("granting permissions for: {} in: {}", sampleAppName, organizationInfo.getName());
// grant access to all default collections with groups
EntityManager em = entityManagerFactory.getEntityManager(appId);
try {
em.grantRolePermissions("guest", Arrays.asList("get,post,put,delete:/**"));
em.grantRolePermissions("default", Arrays.asList("get,put,post,delete:/**"));
} catch (Exception ex) {
throw new ApplicationCreationException(
"Could not grant permissions to guest for default collections in '" + sampleAppName + "'",
ex);
}
// re-load the applicationinfo so the correct name is set
try {
return managementService.getApplicationInfo(appId);
} catch (Exception ex) {
throw new ApplicationCreationException("Could not load new Application.", ex);
}
}