opendaylight/northbound/commons/src/main/java/org/opendaylight/controller/northbound/commons/utils/NorthboundUtils.java

   1 package org.opendaylight.controller.northbound.commons.utils;
   2
   3 import org.opendaylight.controller.containermanager.IContainerAuthorization;
   4 import org.opendaylight.controller.sal.authorization.Privilege;
   5 import org.opendaylight.controller.sal.authorization.UserLevel;
   6 import org.opendaylight.controller.sal.utils.GlobalConstants;
   7 import org.opendaylight.controller.sal.utils.ServiceHelper;
   8 import org.opendaylight.controller.usermanager.IUserManager;
   9
  10 public class NorthboundUtils {
  11
  12
  13     /**
  14      * Returns whether the current user has the required privilege on the
  15      * specified container
  16      *
  17      * @param userName
  18      *            The user name
  19      * @param containerName
  20      *            The container name
  21      * @param required
  22      *            Operation to be performed - READ/WRITE
  23      * @param bundle
  24      *            Class from where the function is invoked
  25      * @return The Status of the request, either Success or Unauthorized
  26      */
  27     public static boolean isAuthorized(String userName, String containerName,
  28             Privilege required,Object bundle) {
  29
  30          if (containerName.equals(GlobalConstants.DEFAULT.toString())) {
  31             IUserManager auth = (IUserManager) ServiceHelper.getGlobalInstance(
  32                     IUserManager.class, bundle);
  33
  34             switch (required) {
  35             case WRITE:
  36                 return (auth.getUserLevel(userName).ordinal() <= UserLevel.NETWORKADMIN.ordinal());
  37             case READ:
  38                 return (auth.getUserLevel(userName).ordinal() <= UserLevel.NETWORKOPERATOR.ordinal());
  39             default:
  40                 return false;
  41             }
  42
  43         } else {
  44             IContainerAuthorization auth = (IContainerAuthorization) ServiceHelper
  45                     .getGlobalInstance(IContainerAuthorization.class, bundle);
  46
  47             if (auth == null) {
  48                 return false;
  49             }
  50
  51             Privilege current = auth.getResourcePrivilege(userName,
  52                     containerName);
  53             if (required.ordinal() > current.ordinal()) {
  54                 return false;
  55             }
  56         }
  57         return true;
  58     }
  59
  60 }