From 545d03b1985931ee4bc21944219ed21dfc2ccea9 Mon Sep 17 00:00:00 2001 From: etj Date: Thu, 29 Sep 2022 17:55:59 +0200 Subject: [PATCH] #226 Add subfield field --- .../geoserver/geofence/core/model/Rule.java | 26 ++- .../geofence/core/dao/impl/RuleDAOImpl.java | 1 + .../geofence/services/RuleReaderService.java | 88 ++++---- .../geofence/services/dto/RuleFilter.java | 27 ++- .../services/RuleReaderServiceImpl.java | 48 ++--- .../services/RuleReaderServiceImplTest.java | 202 ++++++++++-------- .../services/rest/RESTRuleService.java | 6 + .../services/rest/model/RESTInputRule.java | 12 +- .../services/rest/model/RESTOutputRule.java | 15 +- .../services/rest/RuleServiceHelper.java | 14 +- .../services/rest/GeoFenceClientTest.java | 4 +- .../rest/impl/RESTConfigServiceImpl.java | 1 + .../rest/impl/RESTRuleServiceImpl.java | 17 +- .../services/rest/impl/RESTBaseTest.java | 2 +- 14 files changed, 289 insertions(+), 174 deletions(-) diff --git a/src/services/core/model/src/main/java/org/geoserver/geofence/core/model/Rule.java b/src/services/core/model/src/main/java/org/geoserver/geofence/core/model/Rule.java index 6df3a6fb..d988bd08 100644 --- a/src/services/core/model/src/main/java/org/geoserver/geofence/core/model/Rule.java +++ b/src/services/core/model/src/main/java/org/geoserver/geofence/core/model/Rule.java @@ -106,6 +106,9 @@ public class Rule implements Identifiable, Serializable, Prioritizable, IPRangeP @Index(name = "idx_rule_request") private String request; + @Column + private String subfield; + @Column @Index(name = "idx_rule_workspace") private String workspace; @@ -130,7 +133,7 @@ public Rule() { } public Rule(long priority, String username, String rolename, GSInstance instance, IPAddressRange addressRange, - String service, String request, String workspace, String layer, GrantType access) { + String service, String request, String subfield, String workspace, String layer, GrantType access) { this.priority = priority; this.username = username; this.rolename = rolename; @@ -138,11 +141,21 @@ public Rule(long priority, String username, String rolename, GSInstance instance this.addressRange = addressRange; this.service = service; this.request = request; + this.subfield = subfield; this.workspace = workspace; this.layer = layer; this.access = access; } + /** + * @deprecated need new subfield argument + */ + @Deprecated + public Rule(long priority, String username, String rolename, GSInstance instance, IPAddressRange addressRange, + String service, String request, String workspace, String layer, GrantType access) { + this(priority, username, rolename, instance, addressRange, service, request, null, workspace, layer, access); + } + public Long getId() { return id; } @@ -217,6 +230,14 @@ public void setRequest(String request) { this.request = request; } + public String getSubfield() { + return subfield; + } + + public void setSubfield(String subfield) { + this.subfield = subfield; + } + public String getWorkspace() { return workspace; } @@ -285,6 +306,9 @@ public String toString() { if (request != null) { sb.append(" req:").append(request); } + if (subfield != null) { + sb.append(" sub:").append(subfield); + } if (workspace != null) { sb.append(" ws:").append(workspace); diff --git a/src/services/core/persistence/src/main/java/org/geoserver/geofence/core/dao/impl/RuleDAOImpl.java b/src/services/core/persistence/src/main/java/org/geoserver/geofence/core/dao/impl/RuleDAOImpl.java index a36aac97..905940bf 100644 --- a/src/services/core/persistence/src/main/java/org/geoserver/geofence/core/dao/impl/RuleDAOImpl.java +++ b/src/services/core/persistence/src/main/java/org/geoserver/geofence/core/dao/impl/RuleDAOImpl.java @@ -88,6 +88,7 @@ protected Search getDupSearch(Rule rule) { addSearchField(search, "instance", rule.getInstance()); addSearchField(search, "service", rule.getService()); addSearchField(search, "request", rule.getRequest()); + addSearchField(search, "subfield", rule.getSubfield()); addSearchField(search, "workspace", rule.getWorkspace()); addSearchField(search, "layer", rule.getLayer()); diff --git a/src/services/core/services-api/src/main/java/org/geoserver/geofence/services/RuleReaderService.java b/src/services/core/services-api/src/main/java/org/geoserver/geofence/services/RuleReaderService.java index 50e93829..beab6a4c 100644 --- a/src/services/core/services-api/src/main/java/org/geoserver/geofence/services/RuleReaderService.java +++ b/src/services/core/services-api/src/main/java/org/geoserver/geofence/services/RuleReaderService.java @@ -21,25 +21,25 @@ public interface RuleReaderService { - /** - * Return info on resource accessibility. - *

- * All parameters reference instances by name.
- *

  • If a given parameter is "*", it will match any value in the related {@link Rule} field.
    • - *
  • If a given parameter is null, it will match only null (default) values in the related {@link Rule} field.
    • - * - * In order to have a better control on the query, please use {@link #getAccessInfo(RuleFilter filter) }. - * - * @deprecated Use {@link #getAccessInfo(RuleFilter filter) } - */ - AccessInfo getAccessInfo(String userName, - String profileName, - String instanceName, - String sourceAddress, - String service, - String request, - String workspace, - String layer); +// /** +// * Return info on resource accessibility. +// *

    +// * All parameters reference instances by name.
    +// *

  • If a given parameter is "*", it will match any value in the related {@link Rule} field.
    • +// *
  • If a given parameter is null, it will match only null (default) values in the related {@link Rule} field.
    • +// * +// * In order to have a better control on the query, please use {@link #getAccessInfo(RuleFilter filter) }. +// * +// * @deprecated Use {@link #getAccessInfo(RuleFilter filter) } +// */ +// AccessInfo getAccessInfo(String userName, +// String profileName, +// String instanceName, +// String sourceAddress, +// String service, +// String request, +// String workspace, +// String layer); /** * Return info on resource accessibility. @@ -53,31 +53,31 @@ AccessInfo getAccessInfo(String userName, */ AccessInfo getAdminAuthorization(RuleFilter filter); - /** - * Return the unprocessed {@link Rule} list matching a given filter, sorted - * by priority. - *

    - * Use {@link getAccessInfo(String,String,String,String,String,String,String) getAccessInfo} - * if you need the resulting coalesced access info. - *

    - * Differently from {@link RuleAdminService#getList(String,String,String,String,String,String,String,Integer,Integer) RuleAdminService.getList(...)}, - * when a param is set, it will match - * all the rules with the corresponding matching field, - * plus all the rules having that field set to null. - *
    Null params will only match null values. - *
    The "*" string will always match. - * - * @deprecated Use {@link #getMatchingRules(RuleFilter filter) } - */ - - List getMatchingRules(String userName, - String profileName, - String instanceName, - String sourceAddress, - String service, - String request, - String workspace, - String layer); +// /** +// * Return the unprocessed {@link Rule} list matching a given filter, sorted +// * by priority. +// *

    +// * Use {@link getAccessInfo(String,String,String,String,String,String,String) getAccessInfo} +// * if you need the resulting coalesced access info. +// *

    +// * Differently from {@link RuleAdminService#getList(String,String,String,String,String,String,String,Integer,Integer) RuleAdminService.getList(...)}, +// * when a param is set, it will match +// * all the rules with the corresponding matching field, +// * plus all the rules having that field set to null. +// *
    Null params will only match null values. +// *
    The "*" string will always match. +// * +// * @deprecated Use {@link #getMatchingRules(RuleFilter filter) } +// */ +// +// List getMatchingRules(String userName, +// String profileName, +// String instanceName, +// String sourceAddress, +// String service, +// String request, +// String workspace, +// String layer); /** * Return the unprocessed {@link Rule} list matching a given filter, sorted diff --git a/src/services/core/services-api/src/main/java/org/geoserver/geofence/services/dto/RuleFilter.java b/src/services/core/services-api/src/main/java/org/geoserver/geofence/services/dto/RuleFilter.java index ac46dccd..38fbcd5d 100644 --- a/src/services/core/services-api/src/main/java/org/geoserver/geofence/services/dto/RuleFilter.java +++ b/src/services/core/services-api/src/main/java/org/geoserver/geofence/services/dto/RuleFilter.java @@ -59,6 +59,7 @@ public FilterType getRelatedType() { private final TextFilter sourceAddress; private final TextFilter service; private final TextFilter request; + private final TextFilter subfield; private final TextFilter workspace; private final TextFilter layer; @@ -82,6 +83,7 @@ public RuleFilter(SpecialFilterType type) { sourceAddress = new TextFilter(ft); service = new TextFilter(ft, true); request = new TextFilter(ft, true); + subfield = new TextFilter(ft, true); workspace = new TextFilter(ft); layer = new TextFilter(ft); } @@ -100,6 +102,8 @@ public RuleFilter(SpecialFilterType type, boolean includeDefault) { service.setIncludeDefault(includeDefault); request = new TextFilter(ft, true); request.setIncludeDefault(includeDefault); + subfield = new TextFilter(ft, true); + subfield.setIncludeDefault(includeDefault); workspace = new TextFilter(ft); workspace.setIncludeDefault(includeDefault); layer = new TextFilter(ft); @@ -115,7 +119,7 @@ public RuleFilter(SpecialFilterType type, boolean includeDefault) { */ public RuleFilter(String userName, String groupName, String instanceName, String sourceAddress, - String service, String request, + String service, String request, String subfield, String workspace, String layer) { this(SpecialFilterType.DEFAULT); @@ -127,6 +131,7 @@ public RuleFilter(String userName, String groupName, String instanceName, this.service.setHeuristically(service); this.request.setHeuristically(request); + this.subfield.setHeuristically(subfield); this.workspace.setHeuristically(workspace); this.layer.setHeuristically(layer); } @@ -140,6 +145,7 @@ public RuleFilter(RuleFilter source) { sourceAddress = source.sourceAddress.clone(); service = source.service.clone(); request = source.request.clone(); + subfield = source.subfield.clone(); workspace = source.workspace.clone(); layer = source.layer.clone(); } catch (CloneNotSupportedException ex) { @@ -218,6 +224,16 @@ public RuleFilter setRequest(SpecialFilterType type) { return this; } + public RuleFilter setSubfield(String name) { + subfield.setText(name); + return this; + } + + public RuleFilter setSubfield(SpecialFilterType type) { + subfield.setType(type); + return this; + } + public RuleFilter setWorkspace(String name) { workspace.setText(name); return this; @@ -258,6 +274,10 @@ public TextFilter getRequest() { return request; } + public TextFilter getSubfield() { + return subfield; + } + public TextFilter getService() { return service; } @@ -316,6 +336,9 @@ public boolean equals(Object obj) { if (this.request != other.request && (this.request == null || !this.request.equals(other.request))) { return false; } + if (this.subfield != other.subfield && (this.subfield == null || !this.subfield.equals(other.subfield))) { + return false; + } if (this.workspace != other.workspace && (this.workspace == null || !this.workspace.equals(other.workspace))) { return false; } @@ -335,6 +358,7 @@ public int hashCode() { hash = 37 * hash + (this.sourceAddress != null ? this.sourceAddress.hashCode() : 0); hash = 37 * hash + (this.service != null ? this.service.hashCode() : 0); hash = 37 * hash + (this.request != null ? this.request.hashCode() : 0); + hash = 37 * hash + (this.subfield != null ? this.subfield.hashCode() : 0); hash = 37 * hash + (this.workspace != null ? this.workspace.hashCode() : 0); hash = 37 * hash + (this.layer != null ? this.layer.hashCode() : 0); //NOTE: ipaddress not in hashcode bc it is not used for caching @@ -351,6 +375,7 @@ public String toString() { sb.append(" ip:").append(sourceAddress); sb.append(" serv:").append(service); sb.append(" req:").append(request); + if(subfield != null) sb.append(" sub:").append(subfield); sb.append(" ws:").append(workspace); sb.append(" layer:").append(layer); sb.append(']'); diff --git a/src/services/core/services-impl/src/main/java/org/geoserver/geofence/services/RuleReaderServiceImpl.java b/src/services/core/services-impl/src/main/java/org/geoserver/geofence/services/RuleReaderServiceImpl.java index f5ac39af..e54859f5 100644 --- a/src/services/core/services-impl/src/main/java/org/geoserver/geofence/services/RuleReaderServiceImpl.java +++ b/src/services/core/services-impl/src/main/java/org/geoserver/geofence/services/RuleReaderServiceImpl.java @@ -58,19 +58,19 @@ public class RuleReaderServiceImpl implements RuleReaderService { private UserResolver userResolver; private AuthorizationService authorizationService; - /** - * @deprecated - */ - @Override - @Deprecated - public List getMatchingRules( - String userName, String profileName, String instanceName, - String sourceAddress, - String service, String request, - String workspace, String layer) { - - return getMatchingRules(new RuleFilter(userName, profileName, instanceName, sourceAddress, service, request, workspace, layer)); - } +// /** +// * @deprecated +// */ +// @Override +// @Deprecated +// public List getMatchingRules( +// String userName, String profileName, String instanceName, +// String sourceAddress, +// String service, String request, String subfield, +// String workspace, String layer) { +// +// return getMatchingRules(new RuleFilter(userName, profileName, instanceName, sourceAddress, service, request, subfield, workspace, layer)); +// } /** * TODO: REFACTOR @@ -100,17 +100,17 @@ public List getMatchingRules(RuleFilter filter) { } - /** - * @deprecated - */ - @Override - @Deprecated - public AccessInfo getAccessInfo(String userName, String roleName, String instanceName, - String sourceAddress, - String service, String request, - String workspace, String layer) { - return getAccessInfo(new RuleFilter(userName, roleName, instanceName, sourceAddress, service, request, workspace, layer)); - } +// /** +// * @deprecated +// */ +// @Override +// @Deprecated +// public AccessInfo getAccessInfo(String userName, String roleName, String instanceName, +// String sourceAddress, +// String service, String request, String subfield, +// String workspace, String layer) { +// return getAccessInfo(new RuleFilter(userName, roleName, instanceName, sourceAddress, service, request, subfield, workspace, layer)); +// } @Override public AccessInfo getAccessInfo(RuleFilter filter) diff --git a/src/services/core/services-impl/src/test/java/org/geoserver/geofence/services/RuleReaderServiceImplTest.java b/src/services/core/services-impl/src/test/java/org/geoserver/geofence/services/RuleReaderServiceImplTest.java index 8713acbb..61d1c648 100644 --- a/src/services/core/services-impl/src/test/java/org/geoserver/geofence/services/RuleReaderServiceImplTest.java +++ b/src/services/core/services-impl/src/test/java/org/geoserver/geofence/services/RuleReaderServiceImplTest.java @@ -77,24 +77,24 @@ public void testGetRulesForUsersAndGroup() { userAdminService.insert(user2); userAdminService.insert(user3); - ruleAdminService.insert(new Rule(10, u1, "p1", null, null, "s1", "r1", "w1", "l1", GrantType.ALLOW)); - ruleAdminService.insert(new Rule(20, u2, "p2", null, null, "s1", "r2", "w2", "l2", GrantType.ALLOW)); - ruleAdminService.insert(new Rule(30, u1, "p1", null, null, "s3", "r3", "w3", "l3", GrantType.ALLOW)); - ruleAdminService.insert(new Rule(40, u1, "p1", null, null, null, null, null, null, GrantType.ALLOW)); - ruleAdminService.insert(new Rule(50, null,"g3a", null,null, null, null, null, null, GrantType.ALLOW)); - ruleAdminService.insert(new Rule(60, null,"g3b", null,null, null, null, null, null, GrantType.ALLOW)); - - assertEquals(3, ruleReaderService.getMatchingRules(u1, "*", "Z","*", "*", "*","*","*").size()); - assertEquals(3, ruleReaderService.getMatchingRules("*", "p1", "Z","*", "*", "*","*","*").size()); - assertEquals(1, ruleReaderService.getMatchingRules(u1, "*", "Z","*", null, null,null,null).size()); - assertEquals(0, ruleReaderService.getMatchingRules("*", "Z", "Z","*", null, null,null,null).size()); - assertEquals(1, ruleReaderService.getMatchingRules(u1, "*", "Z","*", null, null,null,null).size()); - assertEquals(1, ruleReaderService.getMatchingRules(u1, "*", "Z","*", null, null,null,null).size()); - assertEquals(1, ruleReaderService.getMatchingRules(u2, "*", "Z","*", "*", "*","*","*").size()); - assertEquals(1, ruleReaderService.getMatchingRules("*", "p2", "Z","*", "*", "*","*","*").size()); - assertEquals(2, ruleReaderService.getMatchingRules(u1, "*", "Z","*", "s1", "*","*","*").size()); - assertEquals(2, ruleReaderService.getMatchingRules("*", "p1", "Z","*", "s1", "*","*","*").size()); - assertEquals(2, ruleReaderService.getMatchingRules(u3, "*", "Z","*", "s1", "*","*","*").size()); + ruleAdminService.insert(new Rule(10, u1, "p1", null, null, "s1", "r1", null, "w1", "l1", GrantType.ALLOW)); + ruleAdminService.insert(new Rule(20, u2, "p2", null, null, "s1", "r2", null, "w2", "l2", GrantType.ALLOW)); + ruleAdminService.insert(new Rule(30, u1, "p1", null, null, "s3", "r3", null, "w3", "l3", GrantType.ALLOW)); + ruleAdminService.insert(new Rule(40, u1, "p1", null, null, null, null, null, null, null, GrantType.ALLOW)); + ruleAdminService.insert(new Rule(50, null,"g3a", null,null, null, null, null, null, null, GrantType.ALLOW)); + ruleAdminService.insert(new Rule(60, null,"g3b", null,null, null, null, null, null, null, GrantType.ALLOW)); + + assertEquals(3, getMatchingRules(u1, "*", "Z","*", "*", "*","*","*").size()); + assertEquals(3, getMatchingRules("*", "p1", "Z","*", "*", "*","*","*").size()); + assertEquals(1, getMatchingRules(u1, "*", "Z","*", null, null,null,null).size()); + assertEquals(0, getMatchingRules("*", "Z", "Z","*", null, null,null,null).size()); + assertEquals(1, getMatchingRules(u1, "*", "Z","*", null, null,null,null).size()); + assertEquals(1, getMatchingRules(u1, "*", "Z","*", null, null,null,null).size()); + assertEquals(1, getMatchingRules(u2, "*", "Z","*", "*", "*","*","*").size()); + assertEquals(1, getMatchingRules("*", "p2", "Z","*", "*", "*","*","*").size()); + assertEquals(2, getMatchingRules(u1, "*", "Z","*", "s1", "*","*","*").size()); + assertEquals(2, getMatchingRules("*", "p1", "Z","*", "s1", "*","*","*").size()); + assertEquals(2, getMatchingRules(u3, "*", "Z","*", "s1", "*","*","*").size()); } private static RuleFilter createFilter(String userName, String groupName, String service) { @@ -120,27 +120,27 @@ public void testGetRulesForGroupOnly() { UserGroup g1 = createRole("p1"); UserGroup g2 = createRole("p2"); - Rule r1 = new Rule(10, null, "p1", null,null, "s1", "r1", "w1", "l1", GrantType.ALLOW); - Rule r2 = new Rule(20, null, "p2", null,null, "s1", "r2", "w2", "l2", GrantType.ALLOW); - Rule r3 = new Rule(30, null, "p1", null,null, "s3", "r3", "w3", "l3", GrantType.ALLOW); - Rule r4 = new Rule(40, null, "p1", null,null, null, null, null, null, GrantType.ALLOW); + Rule r1 = new Rule(10, null, "p1", null,null, "s1", "r1", null, "w1", "l1", GrantType.ALLOW); + Rule r2 = new Rule(20, null, "p2", null,null, "s1", "r2", null, "w2", "l2", GrantType.ALLOW); + Rule r3 = new Rule(30, null, "p1", null,null, "s3", "r3", null, "w3", "l3", GrantType.ALLOW); + Rule r4 = new Rule(40, null, "p1", null,null, null, null, null, null, null, GrantType.ALLOW); ruleAdminService.insert(r1); ruleAdminService.insert(r2); ruleAdminService.insert(r3); ruleAdminService.insert(r4); - assertEquals(4, ruleReaderService.getMatchingRules("*","*","*", "*", "*", "*","*","*").size()); - assertEquals(3, ruleReaderService.getMatchingRules("*","*","*", "*", "s1", "*","*","*").size()); - assertEquals(1, ruleReaderService.getMatchingRules("*","*","*", "*", "ZZ", "*","*","*").size()); + assertEquals(4, getMatchingRules("*","*","*", "*", "*", "*","*","*").size()); + assertEquals(3, getMatchingRules("*","*","*", "*", "s1", "*","*","*").size()); + assertEquals(1, getMatchingRules("*","*","*", "*", "ZZ", "*","*","*").size()); - assertEquals(3, ruleReaderService.getMatchingRules("*","p1","*", "*", "*", "*","*","*").size()); - assertEquals(2, ruleReaderService.getMatchingRules("*","p1","*", "*", "s1", "*","*","*").size()); - assertEquals(1, ruleReaderService.getMatchingRules("*","p1","*", "*", "ZZ", "*","*","*").size()); + assertEquals(3, getMatchingRules("*","p1","*", "*", "*", "*","*","*").size()); + assertEquals(2, getMatchingRules("*","p1","*", "*", "s1", "*","*","*").size()); + assertEquals(1, getMatchingRules("*","p1","*", "*", "ZZ", "*","*","*").size()); - assertEquals(1, ruleReaderService.getMatchingRules("*","p2","*", "*", "*", "*","*","*").size()); - assertEquals(1, ruleReaderService.getMatchingRules("*","p2","*", "*", "s1", "*","*","*").size()); - assertEquals(0, ruleReaderService.getMatchingRules("*","p2","*", "*", "ZZ", "*","*","*").size()); + assertEquals(1, getMatchingRules("*","p2","*", "*", "*", "*","*","*").size()); + assertEquals(1, getMatchingRules("*","p2","*", "*", "s1", "*","*","*").size()); + assertEquals(0, getMatchingRules("*","p2","*", "*", "ZZ", "*","*","*").size()); filter = createFilter(null, g1.getName(), null); assertEquals(3, ruleReaderService.getMatchingRules(filter).size()); @@ -155,10 +155,10 @@ public void testGetInfo() { List rules = new ArrayList<>(); - rules.add(new Rule(100+rules.size(), null, null, null,null, "WCS", null, null, null, GrantType.ALLOW)); - rules.add(new Rule(100+rules.size(), null, null, null,null, "s1", "r2", "w2", "l2", GrantType.ALLOW)); - rules.add(new Rule(100+rules.size(), null, null, null,null, "s3", "r3", "w3", "l3", GrantType.ALLOW)); - rules.add(new Rule(100+rules.size(), null, null, null,null, null, null, null, null, GrantType.DENY)); + rules.add(new Rule(100+rules.size(), null, null, null,null, "WCS", null, null, null, null, GrantType.ALLOW)); + rules.add(new Rule(100+rules.size(), null, null, null,null, "s1", "r2", null, "w2", "l2", GrantType.ALLOW)); + rules.add(new Rule(100+rules.size(), null, null, null,null, "s3", "r3", null, "w3", "l3", GrantType.ALLOW)); + rules.add(new Rule(100+rules.size(), null, null, null,null, null, null, null, null, null, GrantType.DENY)); for (Rule rule : rules) { ruleAdminService.insert(rule); @@ -216,8 +216,8 @@ public void testResolveLazy() { List rules = new ArrayList<>(); - rules.add(new Rule(100+rules.size(), null, null, null,null, "WCS", null, null, null, GrantType.ALLOW)); - rules.add(new Rule(100+rules.size(), null, null, null,null, "s1", "r2", "w2", "l2", GrantType.ALLOW)); + rules.add(new Rule(100+rules.size(), null, null, null,null, "WCS", null, null, null, null, GrantType.ALLOW)); + rules.add(new Rule(100+rules.size(), null, null, null,null, "s1", "r2", null, "w2", "l2", GrantType.ALLOW)); for (Rule rule : rules) { if(rule != null) @@ -253,17 +253,17 @@ public void testNoDefault() { ruleAdminService.insert(new Rule(0, null, null, null,null, "WCS", null, null, null, GrantType.ALLOW)); - assertEquals(1, ruleReaderService.getMatchingRules("u0","*","i0",null, "WCS", null,"W0","l0").size()); - assertEquals(GrantType.ALLOW, ruleReaderService.getAccessInfo("u0","*","i0",null, "WCS", null,"W0","l0").getGrant()); + assertEquals(1, getMatchingRules("u0","*","i0",null, "WCS", null,"W0","l0").size()); + assertEquals(GrantType.ALLOW, getAccessInfo("u0","*","i0",null, "WCS", null,"W0","l0").getGrant()); - assertEquals(1, ruleReaderService.getMatchingRules("*","p0","i0",null, "WCS", null,"W0","l0").size()); - assertEquals(GrantType.ALLOW, ruleReaderService.getAccessInfo("*","p0","i0",null, "WCS", null,"W0","l0").getGrant()); + assertEquals(1, getMatchingRules("*","p0","i0",null, "WCS", null,"W0","l0").size()); + assertEquals(GrantType.ALLOW, getAccessInfo("*","p0","i0",null, "WCS", null,"W0","l0").getGrant()); - assertEquals(0, ruleReaderService.getMatchingRules("u0","*","i0",null, "UNMATCH", null,"W0","l0").size()); - assertEquals(GrantType.DENY, ruleReaderService.getAccessInfo("u0","*","i0",null, "UNMATCH", null,"W0","l0").getGrant()); + assertEquals(0, getMatchingRules("u0","*","i0",null, "UNMATCH", null,"W0","l0").size()); + assertEquals(GrantType.DENY, getAccessInfo("u0","*","i0",null, "UNMATCH", null,"W0","l0").getGrant()); - assertEquals(0, ruleReaderService.getMatchingRules("*","p0","i0",null, "UNMATCH", null,"W0","l0").size()); - assertEquals(GrantType.DENY, ruleReaderService.getAccessInfo("*","p0","i0",null, "UNMATCH", null,"W0","l0").getGrant()); + assertEquals(0, getMatchingRules("*","p0","i0",null, "UNMATCH", null,"W0","l0").size()); + assertEquals(GrantType.DENY, getAccessInfo("*","p0","i0",null, "UNMATCH", null,"W0","l0").getGrant()); } @Test @@ -277,8 +277,8 @@ public void testGroups() { GSUser u2 = createUser("u2", g2); List rules = new ArrayList<>(); - rules.add(new Rule(rules.size()+10, null, "p1", null, null, "s1", "r1", "w1", "l1", GrantType.ALLOW)); - rules.add(new Rule(rules.size()+10, null, "p1", null, null, null, null, null, null, GrantType.DENY)); + rules.add(new Rule(rules.size()+10, null, "p1", null, null, "s1", "r1", null, "w1", "l1", GrantType.ALLOW)); + rules.add(new Rule(rules.size()+10, null, "p1", null, null, null, null, null, null, null, GrantType.DENY)); for (Rule rule : rules) { ruleAdminService.insert(rule); @@ -324,8 +324,8 @@ public void testGroupOrder01() throws UnknownHostException { GSUser u2 = createUser("u2", g2); List rules = new ArrayList(); - rules.add(new Rule(rules.size()+10, null, "p1", null,null, null, null, null, null, GrantType.ALLOW)); - rules.add(new Rule(rules.size()+10, null, "p2", null,null, null, null, null, null, GrantType.DENY)); + rules.add(new Rule(rules.size()+10, null, "p1", null,null, null, null, null, null, null, GrantType.ALLOW)); + rules.add(new Rule(rules.size()+10, null, "p2", null,null, null, null, null, null, null, GrantType.DENY)); for (Rule rule : rules) { ruleAdminService.insert(rule); @@ -360,8 +360,8 @@ public void testGroupOrder02() { GSUser u2 = createUser("u2", g2); List rules = new ArrayList(); - rules.add(new Rule(rules.size()+10, null, "p2", null,null, null, null, null, null, GrantType.DENY)); - rules.add(new Rule(rules.size()+10, null, "p1", null,null, null, null, null, null, GrantType.ALLOW)); + rules.add(new Rule(rules.size()+10, null, "p2", null,null, null, null, null, null, null, GrantType.DENY)); + rules.add(new Rule(rules.size()+10, null, "p1", null,null, null, null, null, null, null, GrantType.ALLOW)); for (Rule rule : rules) { ruleAdminService.insert(rule); @@ -432,7 +432,7 @@ public void testAttrib() throws NotFoundServiceEx { ruleAdminService.setDetails(r1.getId(), d1); } { - Rule r1 = new Rule(pri++, null, "g3", null,null, null, null, null, "l1", GrantType.ALLOW); + Rule r1 = new Rule(pri++, null, "g3", null,null, null, null, null, null, "l1", GrantType.ALLOW); ruleAdminService.insert(r1); LayerDetails d1 = new LayerDetails(); @@ -440,7 +440,7 @@ public void testAttrib() throws NotFoundServiceEx { ruleAdminService.setDetails(r1.getId(), d1); } { - Rule r1 = new Rule(pri++, null, "g4", null,null, null, null, null, "l1", GrantType.DENY); + Rule r1 = new Rule(pri++, null, "g4", null,null, null, null, null, null, "l1", GrantType.DENY); ruleAdminService.insert(r1); } } @@ -556,12 +556,12 @@ public void testNullAllowableStyles() throws NotFoundServiceEx { // no details for first rule { - Rule r1 = new Rule(30, null, "g2", null,null, null, null, null, "l1", GrantType.ALLOW); + Rule r1 = new Rule(30, null, "g2", null,null, null, null, null, null, "l1", GrantType.ALLOW); ruleAdminService.insert(r1); } // some allowed styles for second rule { - Rule r1 = new Rule(40, null, "g1", null,null, null, null, null, "l1", GrantType.ALLOW); + Rule r1 = new Rule(40, null, "g1", null,null, null, null, null, null, "l1", GrantType.ALLOW); ruleAdminService.insert(r1); LayerDetails d1 = new LayerDetails(); @@ -608,10 +608,10 @@ public void testIPAddress() { IPAddressRange ip10 = new IPAddressRange("10.10.100.0/24"); IPAddressRange ip192 = new IPAddressRange("192.168.0.0/16"); - Rule r1 = new Rule(10, null, "g1", null,ip10, "s1", "r1", "w1", "l1", GrantType.ALLOW); - Rule r2 = new Rule(20, null, "g2", null,ip10, "s1", "r2", "w2", "l2", GrantType.ALLOW); - Rule r3 = new Rule(30, null, "g1", null,ip192, "s3", "r3", "w3", "l3", GrantType.ALLOW); - Rule r4 = new Rule(40, null, "g1", null,null, null, null, null, null, GrantType.ALLOW); + Rule r1 = new Rule(10, null, "g1", null,ip10, "s1", "r1", null, "w1", "l1", GrantType.ALLOW); + Rule r2 = new Rule(20, null, "g2", null,ip10, "s1", "r2", null, "w2", "l2", GrantType.ALLOW); + Rule r3 = new Rule(30, null, "g1", null,ip192, "s3", "r3", null, "w3", "l3", GrantType.ALLOW); + Rule r4 = new Rule(40, null, "g1", null,null, null, null, null, null, null, GrantType.ALLOW); ruleAdminService.insert(r1); ruleAdminService.insert(r2); @@ -620,20 +620,20 @@ public void testIPAddress() { // test without address filtering - assertEquals(4, ruleReaderService.getMatchingRules("*","*", "*", "*", "*", "*","*","*").size()); - assertEquals(3, ruleReaderService.getMatchingRules("*","g1","*", "*", "*", "*","*","*").size()); - assertEquals(1, ruleReaderService.getMatchingRules("*","g2","*", "*", "*", "*","*","*").size()); - assertEquals(2, ruleReaderService.getMatchingRules("*","g1","*", "*", "s1", "*","*","*").size()); - assertEquals(1, ruleReaderService.getMatchingRules("*","*", "*", "*", "ZZ", "*","*","*").size()); + assertEquals(4, getMatchingRules("*","*", "*", "*", "*", "*","*","*").size()); + assertEquals(3, getMatchingRules("*","g1","*", "*", "*", "*","*","*").size()); + assertEquals(1, getMatchingRules("*","g2","*", "*", "*", "*","*","*").size()); + assertEquals(2, getMatchingRules("*","g1","*", "*", "s1", "*","*","*").size()); + assertEquals(1, getMatchingRules("*","*", "*", "*", "ZZ", "*","*","*").size()); // test with address filtering - assertEquals(3, ruleReaderService.getMatchingRules("*","*", "*", "10.10.100.4", "*", "*","*","*").size()); - assertEquals(2, ruleReaderService.getMatchingRules("*","g1","*", "10.10.100.4", "*", "*","*","*").size()); - assertEquals(1, ruleReaderService.getMatchingRules("*","*", "*", "10.10.1.4", "*", "*","*","*").size()); - assertEquals(2, ruleReaderService.getMatchingRules("*","*", "*", "192.168.1.1", "*", "*","*","*").size()); - assertEquals(1, ruleReaderService.getMatchingRules("*","*", "*", null, "*", "*","*","*").size()); + assertEquals(3, getMatchingRules("*","*", "*", "10.10.100.4", "*", "*","*","*").size()); + assertEquals(2, getMatchingRules("*","g1","*", "10.10.100.4", "*", "*","*","*").size()); + assertEquals(1, getMatchingRules("*","*", "*", "10.10.1.4", "*", "*","*","*").size()); + assertEquals(2, getMatchingRules("*","*", "*", "192.168.1.1", "*", "*","*","*").size()); + assertEquals(1, getMatchingRules("*","*", "*", null, "*", "*","*","*").size()); - assertEquals(0, ruleReaderService.getMatchingRules("*","*","*","BAD", "*", "*","*","*").size()); + assertEquals(0, getMatchingRules("*","*","*","BAD", "*", "*","*","*").size()); } @Test @@ -669,12 +669,12 @@ public void testGetRulesForUserOnly() { userAdminService.insert(user2); userAdminService.insert(user3); - ruleAdminService.insert(new Rule(10, u1, "g1", null, null, "s1", "r1", "w1", "l1", GrantType.ALLOW)); - ruleAdminService.insert(new Rule(20, u2, "g2", null, null, "s1", "r2", "w2", "l2", GrantType.ALLOW)); - ruleAdminService.insert(new Rule(30, u1, "g1", null, null, "s3", "r3", "w3", "l3", GrantType.ALLOW)); - ruleAdminService.insert(new Rule(40, u1, "g1", null, null, null, null, null, null, GrantType.ALLOW)); - ruleAdminService.insert(new Rule(50, null, "g3a", null,null, null, null, null, null, GrantType.ALLOW)); - ruleAdminService.insert(new Rule(60, null, "g3b", null,null, null, null, null, null, GrantType.ALLOW)); + ruleAdminService.insert(new Rule(10, u1, "g1", null, null, "s1", "r1", null, "w1", "l1", GrantType.ALLOW)); + ruleAdminService.insert(new Rule(20, u2, "g2", null, null, "s1", "r2", null, "w2", "l2", GrantType.ALLOW)); + ruleAdminService.insert(new Rule(30, u1, "g1", null, null, "s3", "r3", null, "w3", "l3", GrantType.ALLOW)); + ruleAdminService.insert(new Rule(40, u1, "g1", null, null, null, null, null, null, null, GrantType.ALLOW)); + ruleAdminService.insert(new Rule(50, null, "g3a", null,null, null, null, null, null, null, GrantType.ALLOW)); + ruleAdminService.insert(new Rule(60, null, "g3b", null,null, null, null, null, null, null, GrantType.ALLOW)); filter = createFilter(u1, null, null); assertEquals(3, ruleReaderService.getMatchingRules(filter).size()); @@ -695,7 +695,7 @@ public void testAdminRules() { GSUser user = createUser("auth00"); - ruleAdminService.insert(new Rule(10, user.getName(), null, null, null, "s1", "r1", "w1", "l1", GrantType.ALLOW)); + ruleAdminService.insert(new Rule(10, user.getName(), null, null, null, "s1", "r1", null, "w1", "l1", GrantType.ALLOW)); RuleFilter filter = new RuleFilter(SpecialFilterType.ANY, true); filter.setWorkspace("w1"); @@ -754,19 +754,19 @@ public void testMultiRoles() { userAdminService.insert(user2); userAdminService.insert(user12); - ruleAdminService.insert(new Rule(10, u1, "p1", null, null, "s1", "r1", "w1", "l1", GrantType.ALLOW)); - ruleAdminService.insert(new Rule(20, u2, "p2", null, null, "s1", "r2", "w2", "l2", GrantType.ALLOW)); - ruleAdminService.insert(new Rule(30, u1, null, null, null, null, null, null, null, GrantType.ALLOW)); - ruleAdminService.insert(new Rule(40, u2, null, null, null, null, null, null, null, GrantType.ALLOW)); - ruleAdminService.insert(new Rule(50, u3, null, null, null, null, null, null, null, GrantType.ALLOW)); - ruleAdminService.insert(new Rule(51, u3, "p1", null, null, null, null, null, null, GrantType.ALLOW)); - ruleAdminService.insert(new Rule(52, u3, "p2", null, null, null, null, null, null, GrantType.ALLOW)); - ruleAdminService.insert(new Rule(60, null,"p1", null, null, null, null, null, null, GrantType.ALLOW)); - ruleAdminService.insert(new Rule(70, null,"p2", null, null, null, null, null, null, GrantType.ALLOW)); - ruleAdminService.insert(new Rule(80, null,"p3", null, null, null, null, null, null, GrantType.ALLOW)); - ruleAdminService.insert(new Rule(901, u1, "p2", null, null, null, null, null, null, GrantType.ALLOW)); - ruleAdminService.insert(new Rule(902, u2, "p1", null, null, null, null, null, null, GrantType.ALLOW)); - ruleAdminService.insert(new Rule(999, null, null, null, null, null, null, null, null, GrantType.ALLOW)); + ruleAdminService.insert(new Rule(10, u1, "p1", null, null, "s1", "r1", null, "w1", "l1", GrantType.ALLOW)); + ruleAdminService.insert(new Rule(20, u2, "p2", null, null, "s1", "r2", null, "w2", "l2", GrantType.ALLOW)); + ruleAdminService.insert(new Rule(30, u1, null, null, null, null, null, null, null, null, GrantType.ALLOW)); + ruleAdminService.insert(new Rule(40, u2, null, null, null, null, null, null, null, null, GrantType.ALLOW)); + ruleAdminService.insert(new Rule(50, u3, null, null, null, null, null, null, null, null, GrantType.ALLOW)); + ruleAdminService.insert(new Rule(51, u3, "p1", null, null, null, null, null, null, null, GrantType.ALLOW)); + ruleAdminService.insert(new Rule(52, u3, "p2", null, null, null, null, null, null, null, GrantType.ALLOW)); + ruleAdminService.insert(new Rule(60, null, "p1", null, null, null, null, null, null, null, GrantType.ALLOW)); + ruleAdminService.insert(new Rule(70, null, "p2", null, null, null, null, null, null, null, GrantType.ALLOW)); + ruleAdminService.insert(new Rule(80, null, "p3", null, null, null, null, null, null, null, GrantType.ALLOW)); + ruleAdminService.insert(new Rule(901, u1, "p2", null, null, null, null, null, null, null, GrantType.ALLOW)); + ruleAdminService.insert(new Rule(902, u2, "p1", null, null, null, null, null, null, null, GrantType.ALLOW)); + ruleAdminService.insert(new Rule(999, null, null, null, null, null, null, null, null, null, GrantType.ALLOW)); assertRules(createFilter("*", "*"), new Integer[]{10,20,30,40,50,51,52,60,70,80,901,902,999}); @@ -814,7 +814,7 @@ public void testMultiRoles() { private RuleFilter createFilter(String userName, String groupName) { - return new RuleFilter(userName, groupName, "*", "*", "*", "*", "*", "*"); + return new RuleFilter(userName, groupName, "*", "*", "*", "*", "*", "*", "*"); } private void assertRules(RuleFilter filter, Integer[] expectedPriorities) { @@ -829,5 +829,25 @@ private void assertRules(RuleFilter filter, Integer[] expectedPriorities) { .collect(Collectors.toSet()); assertEquals("Bad rule set selected for filter " + origFilter, exp, pri); } + + private List getMatchingRules( + String userName, String profileName, String instanceName, + String sourceAddress, + String service, String request, + String workspace, String layer) { + + return ruleReaderService.getMatchingRules( + new RuleFilter(userName, profileName, instanceName, sourceAddress, + service, request, null, workspace, layer)); + } + + private AccessInfo getAccessInfo(String userName, String roleName, String instanceName, + String sourceAddress, + String service, String request, + String workspace, String layer) { + return ruleReaderService.getAccessInfo( + new RuleFilter(userName, roleName, instanceName, sourceAddress, + service, request, null, workspace, layer)); + } } diff --git a/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/RESTRuleService.java b/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/RESTRuleService.java index 2b2a1b89..85bdfeb6 100644 --- a/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/RESTRuleService.java +++ b/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/RESTRuleService.java @@ -80,6 +80,9 @@ RESTOutputRuleList get( @QueryParam("request") String requestName, @QueryParam("requestAny") Boolean requestAny, + @QueryParam("subfield") String subfieldName, + @QueryParam("subfieldAny") Boolean subfieldAny, + @QueryParam("workspace") String workspace, @QueryParam("workspaceAny") Boolean workspaceAny, @@ -105,6 +108,9 @@ long count( @QueryParam("request") String requestName, @QueryParam("requestAny") Boolean requestAny, + + @QueryParam("subfield") String subfieldName, + @QueryParam("subfieldAny") Boolean subfieldAny, @QueryParam("workspace") String workspace, @QueryParam("workspaceAny") Boolean workspaceAny, diff --git a/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/model/RESTInputRule.java b/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/model/RESTInputRule.java index f30c5319..bb6d8ddb 100644 --- a/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/model/RESTInputRule.java +++ b/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/model/RESTInputRule.java @@ -18,7 +18,7 @@ * @author Etj (etj at geo-solutions.it) */ @XmlRootElement(name = "rule") -@XmlType(name="Rule", propOrder={"position","grant","username","rolename","instance","ipaddress","service","request","workspace","layer","constraints"}) +@XmlType(name="Rule", propOrder={"position","grant","username","rolename","instance","ipaddress","service","request","subfield","workspace","layer","constraints"}) public class RESTInputRule extends AbstractRESTPayload { private RESTRulePosition position; @@ -33,6 +33,8 @@ public class RESTInputRule extends AbstractRESTPayload { private String service; private String request; + private String subfield; + private String workspace; private String layer; @@ -101,6 +103,14 @@ public void setRequest(String request) { this.request = request; } + public String getSubfield() { + return subfield; + } + + public void setSubfield(String subfield) { + this.subfield = subfield; + } + public String getService() { return service; } diff --git a/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/model/RESTOutputRule.java b/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/model/RESTOutputRule.java index f4ef7b24..aa950673 100644 --- a/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/model/RESTOutputRule.java +++ b/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/model/RESTOutputRule.java @@ -20,7 +20,7 @@ * @author Etj (etj at geo-solutions.it) */ @XmlRootElement(name = "Rule") -@XmlType(propOrder={"id", "priority","grant","username","rolename","instance","ipaddress","service","request","workspace","layer","constraints"}) +@XmlType(propOrder={"id", "priority","grant","username","rolename","instance","ipaddress","service","request","subfield","workspace","layer","constraints"}) public class RESTOutputRule implements Serializable { private Long id; @@ -35,6 +35,8 @@ public class RESTOutputRule implements Serializable { private String service; private String request; + + private String subfield; private String workspace; private String layer; @@ -104,6 +106,14 @@ public void setRequest(String request) { this.request = request; } + public String getSubfield() { + return subfield; + } + + public void setSubfield(String subfield) { + this.subfield = subfield; + } + public String getService() { return service; } @@ -172,6 +182,9 @@ public String toString() { if (request != null) { sb.append(" request:").append(request); } + if (subfield != null) { + sb.append(" sub:").append(subfield); + } if (workspace != null) { sb.append(" workspace:").append(workspace); } diff --git a/src/services/modules/rest/client/src/main/java/org/geoserver/geofence/services/rest/RuleServiceHelper.java b/src/services/modules/rest/client/src/main/java/org/geoserver/geofence/services/rest/RuleServiceHelper.java index 0737012f..325e41ee 100644 --- a/src/services/modules/rest/client/src/main/java/org/geoserver/geofence/services/rest/RuleServiceHelper.java +++ b/src/services/modules/rest/client/src/main/java/org/geoserver/geofence/services/rest/RuleServiceHelper.java @@ -22,19 +22,19 @@ public RuleServiceHelper(RESTRuleService ruleService) { } public long countAll() { - return count(null, null, null, null, null, null, null); + return count(null, null, null, null, null, null, null, null); } public long count(RuleFilter ruleFilter) { return count( ruleFilter.getUser(), ruleFilter.getRole(), ruleFilter.getInstance(), - ruleFilter.getService(), ruleFilter.getRequest(), + ruleFilter.getService(), ruleFilter.getRequest(), ruleFilter.getSubfield(), ruleFilter.getWorkspace(), ruleFilter.getLayer()); } public long count(RuleFilter.TextFilter userFilter, RuleFilter.TextFilter ruleFilter, RuleFilter.IdNameFilter instanceFilter, - RuleFilter.TextFilter serviceFilter, RuleFilter.TextFilter requestFilter, + RuleFilter.TextFilter serviceFilter, RuleFilter.TextFilter requestFilter, RuleFilter.TextFilter subfieldFilter, RuleFilter.TextFilter workspaceFilter, RuleFilter.TextFilter layerFilter) { return ruleService.count( @@ -43,6 +43,7 @@ public long count(RuleFilter.TextFilter userFilter, RuleFilter.TextFilter ruleFi getFilterId(instanceFilter), getFilterName(instanceFilter), getFilterDefault(instanceFilter), getFilterName(serviceFilter), getFilterDefault(serviceFilter), getFilterName(requestFilter), getFilterDefault(requestFilter), + getFilterName(subfieldFilter), getFilterDefault(subfieldFilter), getFilterName(workspaceFilter), getFilterDefault(workspaceFilter), getFilterName(layerFilter), getFilterDefault(layerFilter)); } @@ -81,21 +82,21 @@ private static Boolean getFilterDefault(RuleFilter.TextFilter filter) { } public RESTOutputRuleList getAll() { - return get(null, null, false, null, null, null, null, null, null, null); + return get(null, null, false, null, null, null, null, null, null, null, null); } public RESTOutputRuleList get(Integer page, Integer entries, boolean full, RuleFilter ruleFilter) { return get( page, entries, full, ruleFilter.getUser(), ruleFilter.getRole(), ruleFilter.getInstance(), - ruleFilter.getService(), ruleFilter.getRequest(), + ruleFilter.getService(), ruleFilter.getRequest(), ruleFilter.getSubfield(), ruleFilter.getWorkspace(), ruleFilter.getLayer()); } public RESTOutputRuleList get( Integer page, Integer entries, boolean full, RuleFilter.TextFilter userFilter, RuleFilter.TextFilter ruleFilter, RuleFilter.IdNameFilter instanceFilter, - RuleFilter.TextFilter serviceFilter, RuleFilter.TextFilter requestFilter, + RuleFilter.TextFilter serviceFilter, RuleFilter.TextFilter requestFilter, RuleFilter.TextFilter subfieldFilter, RuleFilter.TextFilter workspaceFilter, RuleFilter.TextFilter layerFilter) { return ruleService.get(page,entries,full, @@ -104,6 +105,7 @@ public RESTOutputRuleList get( getFilterId(instanceFilter), getFilterName(instanceFilter), getFilterDefault(instanceFilter), getFilterName(serviceFilter), getFilterDefault(serviceFilter), getFilterName(requestFilter), getFilterDefault(requestFilter), + getFilterName(subfieldFilter), getFilterDefault(subfieldFilter), getFilterName(workspaceFilter), getFilterDefault(workspaceFilter), getFilterName(layerFilter), getFilterDefault(layerFilter)); } diff --git a/src/services/modules/rest/client/src/test/java/org/geoserver/geofence/services/rest/GeoFenceClientTest.java b/src/services/modules/rest/client/src/test/java/org/geoserver/geofence/services/rest/GeoFenceClientTest.java index b4bf58e5..4292673b 100644 --- a/src/services/modules/rest/client/src/test/java/org/geoserver/geofence/services/rest/GeoFenceClientTest.java +++ b/src/services/modules/rest/client/src/test/java/org/geoserver/geofence/services/rest/GeoFenceClientTest.java @@ -192,8 +192,8 @@ public void testGroupsRule() { LOGGER.debug("found rule " + rule); } - assertEquals(2, rsh.get(null, null, true, null, new RuleFilter.TextFilter("group01", false, false), null, null, null, null, null).getList().size()); - assertEquals(3, rsh.get(null, null, true, null, new RuleFilter.TextFilter("group01", false, true), null, null, null, null, null).getList().size()); + assertEquals(2, rsh.get(null, null, true, null, new RuleFilter.TextFilter("group01", false, false), null, null, null, null, null, null).getList().size()); + assertEquals(3, rsh.get(null, null, true, null, new RuleFilter.TextFilter("group01", false, true), null, null, null, null, null, null).getList().size()); } @Test diff --git a/src/services/modules/rest/impl/src/main/java/org/geoserver/geofence/services/rest/impl/RESTConfigServiceImpl.java b/src/services/modules/rest/impl/src/main/java/org/geoserver/geofence/services/rest/impl/RESTConfigServiceImpl.java index daf53ce2..74e6ee40 100644 --- a/src/services/modules/rest/impl/src/main/java/org/geoserver/geofence/services/rest/impl/RESTConfigServiceImpl.java +++ b/src/services/modules/rest/impl/src/main/java/org/geoserver/geofence/services/rest/impl/RESTConfigServiceImpl.java @@ -151,6 +151,7 @@ protected RESTBatch collectRules(RESTBatch backup) { input.setService(rule.getService()); input.setRequest(rule.getRequest()); + input.setSubfield(rule.getSubfield()); input.setWorkspace(rule.getWorkspace()); input.setLayer(rule.getLayer()); diff --git a/src/services/modules/rest/impl/src/main/java/org/geoserver/geofence/services/rest/impl/RESTRuleServiceImpl.java b/src/services/modules/rest/impl/src/main/java/org/geoserver/geofence/services/rest/impl/RESTRuleServiceImpl.java index ca5f237c..5b5c0c4d 100644 --- a/src/services/modules/rest/impl/src/main/java/org/geoserver/geofence/services/rest/impl/RESTRuleServiceImpl.java +++ b/src/services/modules/rest/impl/src/main/java/org/geoserver/geofence/services/rest/impl/RESTRuleServiceImpl.java @@ -165,6 +165,11 @@ public void update(Long id, RESTInputRule rule) throws BadRequestRestEx, NotFoun isRuleUpdated = true; } + if (rule.getSubfield() != null) { + old.setSubfield(rule.getSubfield().isEmpty() ? null : rule.getSubfield()); + isRuleUpdated = true; + } + if (rule.getWorkspace() != null) { old.setWorkspace(rule.getWorkspace().isEmpty() ? null : rule.getWorkspace()); isRuleUpdated = true; @@ -195,8 +200,8 @@ public void update(Long id, RESTInputRule rule) throws BadRequestRestEx, NotFoun if (constraintsNew.getAttributes() != null) { isDetailUpdated = true; // this update is complex: pessimistic case: it has to be updated - Set attrToRemove = new HashSet(); - Set attrToAdd = new HashSet(); + Set attrToRemove = new HashSet<>(); + Set attrToAdd = new HashSet<>(); // find attribute by name, then copy in new datatype and accesstype // if not found, attribute has to be removed @@ -367,6 +372,7 @@ public RESTOutputRuleList get(Integer page, Integer entries, Long instanceId, String instanceName, Boolean instanceDefault, String serviceName, Boolean serviceDefault, String requestName, Boolean requestDefault, + String subfieldName, Boolean subfieldDefault, String workspace, Boolean workspaceDefault, String layer, Boolean layerDefault) throws BadRequestRestEx, InternalErrorRestEx { @@ -377,6 +383,7 @@ public RESTOutputRuleList get(Integer page, Integer entries, instanceId, instanceName, instanceDefault, serviceName, serviceDefault, requestName, requestDefault, + subfieldName, subfieldDefault, workspace, workspaceDefault, layer, layerDefault); @@ -395,6 +402,7 @@ protected RuleFilter buildFilter( Long instanceId, String instanceName, Boolean instanceDefault, String serviceName, Boolean serviceDefault, String requestName, Boolean requestDefault, + String subfieldName, Boolean subfieldDefault, String workspace, Boolean workspaceDefault, String layer, Boolean layerDefault) throws BadRequestRestEx { @@ -405,6 +413,7 @@ protected RuleFilter buildFilter( setFilter(filter.getInstance(), instanceId, instanceName, instanceDefault); setFilter(filter.getService(), serviceName, serviceDefault); setFilter(filter.getRequest(), requestName, requestDefault); + setFilter(filter.getSubfield(), subfieldName, subfieldDefault); setFilter(filter.getWorkspace(), workspace, workspaceDefault); setFilter(filter.getLayer(), layer, layerDefault); return filter; @@ -458,6 +467,7 @@ public long count( Long instanceId, String instanceName, Boolean instanceDefault, String serviceName, Boolean serviceDefault, String requestName, Boolean requestDefault, + String subfieldName, Boolean subfieldDefault, String workspace, Boolean workspaceDefault, String layer, Boolean layerDefault) throws BadRequestRestEx, InternalErrorRestEx { @@ -468,6 +478,7 @@ public long count( instanceId, instanceName, instanceDefault, serviceName, serviceDefault, requestName, requestDefault, + subfieldName, subfieldDefault, workspace, workspaceDefault, layer, layerDefault); @@ -549,6 +560,7 @@ protected RESTOutputRule toOutput(Rule rule) { out.setService(rule.getService()); out.setRequest(rule.getRequest()); + out.setSubfield(rule.getSubfield()); out.setWorkspace(rule.getWorkspace()); out.setLayer(rule.getLayer()); @@ -602,6 +614,7 @@ protected Rule fromInput(RESTInputRule in) { rule.setService(in.getService()); rule.setRequest(in.getRequest()); + rule.setSubfield(in.getSubfield()); rule.setWorkspace(in.getWorkspace()); rule.setLayer(in.getLayer()); diff --git a/src/services/modules/rest/impl/src/test/java/org/geoserver/geofence/services/rest/impl/RESTBaseTest.java b/src/services/modules/rest/impl/src/test/java/org/geoserver/geofence/services/rest/impl/RESTBaseTest.java index 53bb3590..d8e031fd 100644 --- a/src/services/modules/rest/impl/src/test/java/org/geoserver/geofence/services/rest/impl/RESTBaseTest.java +++ b/src/services/modules/rest/impl/src/test/java/org/geoserver/geofence/services/rest/impl/RESTBaseTest.java @@ -81,7 +81,7 @@ public void before() throws Exception { LOGGER.info("============================== TEST " + name.getMethodName()); LOGGER.info(""); - RESTOutputRuleList rules = restRuleService.get(null, null, false, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null); + RESTOutputRuleList rules = restRuleService.get(null, null, false, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null); for (RESTOutputRule rule : rules) { LOGGER.warn("Removing " + rule); restRuleService.delete(rule.getId());