taverna-server-webapp/src/test/java/org/taverna/server/master/mocks/SimpleServerPolicy.java - incubator-taverna-server - Git at Google

 package org.taverna.server.master.mocks;
 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 import java.net.URI;
 import java.util.List;

 import org.taverna.server.master.common.Workflow;
 import org.taverna.server.master.exceptions.NoCreateException;
 import org.taverna.server.master.exceptions.NoDestroyException;
 import org.taverna.server.master.exceptions.NoUpdateException;
 import org.taverna.server.master.interfaces.Policy;
 import org.taverna.server.master.interfaces.TavernaRun;
 import org.taverna.server.master.utils.UsernamePrincipal;

 /**
  * A very simple (and unsafe) security model. The number of runs is configurable
  * through Spring (or 10 if unconfigured) with no per-user limits supported, all
  * workflows are permitted, and all identified users may create a workflow run.
  * Any user may read off information about any run, but only its owner may
  * modify or destroy it.
  * <p>
  * Note that this is a <i>Policy Enforcement Point</i> for access control to
  * individual workflows.
  *
  * @author Donal Fellows
  */
 public class SimpleServerPolicy implements Policy {
 	private int maxRuns = 10;
 	private int cleanerInterval;
 	SimpleNonpersistentRunStore store;

 	public void setMaxRuns(int maxRuns) {
 		this.maxRuns = maxRuns;
 	}

 	@Override
 	public int getMaxRuns() {
 		return maxRuns;
 	}

 	@Override
 	public Integer getMaxRuns(UsernamePrincipal p) {
 		return null; // No per-user limits
 	}

 	public int getCleanerInterval() {
 		return cleanerInterval;
 	}

 	/**
 	 * Sets how often the store of workflow runs will try to clean out expired
 	 * runs.
 	 *
 	 * @param intervalInSeconds
 	 */
 	public void setCleanerInterval(int intervalInSeconds) {
 		cleanerInterval = intervalInSeconds;
 		if (store != null)
 			store.cleanerIntervalUpdated(intervalInSeconds);
 	}

 	@Override
 	public boolean permitAccess(UsernamePrincipal p, TavernaRun run) {
 		// No secrets here!
 		return true;
 	}

 	@Override
 	public void permitCreate(UsernamePrincipal p, Workflow workflow)
 			throws NoCreateException {
 		// Only identified users may create
 		if (p == null)
 			throw new NoCreateException();
 		// Global run count limit enforcement
 		if (store.listRuns(p, this).size() >= maxRuns)
 			throw new NoCreateException();
 		// Per-user run count enforcement would come here
 	}

 	@Override
 	public void permitDestroy(UsernamePrincipal p, TavernaRun run)
 			throws NoDestroyException {
 		// Only the creator may destroy
 		if (p == null || !p.equals(run.getSecurityContext().getOwner()))
 			throw new NoDestroyException();
 	}

 	@Override
 	public void permitUpdate(UsernamePrincipal p, TavernaRun run)
 			throws NoUpdateException {
 		// Only the creator may change
 		if (p == null || !p.equals(run.getSecurityContext().getOwner()))
 			throw new NoUpdateException();
 	}

 	@Override
 	public int getOperatingLimit() {
 		return 1;
 	}

 	@Override
 	public List<URI> listPermittedWorkflowURIs(UsernamePrincipal user) {
 		return null;
 	}

 	@Override
 	public void setPermittedWorkflowURIs(UsernamePrincipal user,
 			List<URI> permitted) {
 		// Ignore
 	}
 }
	package org.taverna.server.master.mocks;
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	import java.net.URI;
	import java.util.List;

	import org.taverna.server.master.common.Workflow;
	import org.taverna.server.master.exceptions.NoCreateException;
	import org.taverna.server.master.exceptions.NoDestroyException;
	import org.taverna.server.master.exceptions.NoUpdateException;
	import org.taverna.server.master.interfaces.Policy;
	import org.taverna.server.master.interfaces.TavernaRun;
	import org.taverna.server.master.utils.UsernamePrincipal;

	/**
	* A very simple (and unsafe) security model. The number of runs is configurable
	* through Spring (or 10 if unconfigured) with no per-user limits supported, all
	* workflows are permitted, and all identified users may create a workflow run.
	* Any user may read off information about any run, but only its owner may
	* modify or destroy it.
	* <p>
	* Note that this is a <i>Policy Enforcement Point</i> for access control to
	* individual workflows.
	*
	* @author Donal Fellows
	*/
	public class SimpleServerPolicy implements Policy {
	private int maxRuns = 10;
	private int cleanerInterval;
	SimpleNonpersistentRunStore store;

	public void setMaxRuns(int maxRuns) {
	this.maxRuns = maxRuns;
	}

	@Override
	public int getMaxRuns() {
	return maxRuns;
	}

	@Override
	public Integer getMaxRuns(UsernamePrincipal p) {
	return null; // No per-user limits
	}

	public int getCleanerInterval() {
	return cleanerInterval;
	}

	/**
	* Sets how often the store of workflow runs will try to clean out expired
	* runs.
	*
	* @param intervalInSeconds
	*/
	public void setCleanerInterval(int intervalInSeconds) {
	cleanerInterval = intervalInSeconds;
	if (store != null)
	store.cleanerIntervalUpdated(intervalInSeconds);
	}

	@Override
	public boolean permitAccess(UsernamePrincipal p, TavernaRun run) {
	// No secrets here!
	return true;
	}

	@Override
	public void permitCreate(UsernamePrincipal p, Workflow workflow)
	throws NoCreateException {
	// Only identified users may create
	if (p == null)
	throw new NoCreateException();
	// Global run count limit enforcement
	if (store.listRuns(p, this).size() >= maxRuns)
	throw new NoCreateException();
	// Per-user run count enforcement would come here
	}

	@Override
	public void permitDestroy(UsernamePrincipal p, TavernaRun run)
	throws NoDestroyException {
	// Only the creator may destroy
	if (p == null \|\| !p.equals(run.getSecurityContext().getOwner()))
	throw new NoDestroyException();
	}

	@Override
	public void permitUpdate(UsernamePrincipal p, TavernaRun run)
	throws NoUpdateException {
	// Only the creator may change
	if (p == null \|\| !p.equals(run.getSecurityContext().getOwner()))
	throw new NoUpdateException();
	}

	@Override
	public int getOperatingLimit() {
	return 1;
	}

	@Override
	public List<URI> listPermittedWorkflowURIs(UsernamePrincipal user) {
	return null;
	}

	@Override
	public void setPermittedWorkflowURIs(UsernamePrincipal user,
	List<URI> permitted) {
	// Ignore
	}
	}