Add group modification methods to IResourceAuthorization

[controller.git] / opendaylight / appauth / src / main / java / org / opendaylight / controller / appauth / authorization / Authorization.java

diff --git a/opendaylight/appauth/src/main/java/org/opendaylight/controller/appauth/authorization/Authorization.java b/opendaylight/appauth/src/main/java/org/opendaylight/controller/appauth/authorization/Authorization.java
index b872f49130205d239f9ee9bfac647b09eb7a241e..1992f5971120e37a83d3b6698732fecee2a64ee0 100644 (file)
--- a/opendaylight/appauth/src/main/java/org/opendaylight/controller/appauth/authorization/Authorization.java
+++ b/opendaylight/appauth/src/main/java/org/opendaylight/controller/appauth/authorization/Authorization.java
@@ -144,6 +144,7 @@ private static final Logger logger = LoggerFactory.getLogger(Authorization.class
             try {
                 toBeAdded.add((T) obj);
             } catch (ClassCastException e) {
+                logger.debug("Attempt to add a resource with invalid type");
                 allAdded = false;
             }
         }
@@ -152,23 +153,48 @@ private static final Logger logger = LoggerFactory.getLogger(Authorization.class
             new Status(StatusCode.SUCCESS, "One or more resources couldn't be added"));
     }
 
-    public Status addResourceToGroup(String groupName, T resource) {
+    @SuppressWarnings("unchecked")
+    @Override
+    public Status addResourceToGroup(String groupName, Object resource) {
         if (groupName == null || groupName.trim().isEmpty()) {
             return new Status(StatusCode.BADREQUEST, "Invalid group name");
         }
 
+        if (resource == null) {
+            return new Status(StatusCode.BADREQUEST, "Null resource");
+        }
+
+        T castedResource = null;
+        try {
+            castedResource = (T) resource;
+        } catch (ClassCastException e) {
+            logger.debug("Attempt to add a resource with invalid type");
+            return new Status(StatusCode.BADREQUEST, "Incompatible resource");
+        }
+
         Set<T> group = resourceGroups.get(groupName);
-        if (group != null && resource != null) {
-            group.add(resource);
-            // Update cluster
-            resourceGroups.put(groupName, group);
-            return new Status(StatusCode.SUCCESS, "Resource added successfully");
+        if (group == null) {
+            return new Status(StatusCode.NOTFOUND, "Group not found");
         }
 
-        return new Status(StatusCode.NOTFOUND, "Group not found or incompatible resource");
+        return addResourceToGroupInternal(groupName, castedResource);
+    }
+
+    /*
+     * Method child classes can overload if they need application specific
+     * checks on the resource
+     */
+    protected Status addResourceToGroupInternal(String groupName, T resource) {
+        Set<T> group = resourceGroups.get(groupName);
+        // Update group and cluster
+        group.add(resource);
+        resourceGroups.put(groupName, group);
+
+        return new Status(StatusCode.SUCCESS, "Resource added successfully");
+
     }
 
-    public Status removeRoleResourceGroupMapping(String groupName) {
+    private Status removeRoleResourceGroupMapping(String groupName) {
         List<String> affectedRoles = new ArrayList<String>();
         Status result;
         for (Entry<String, Set<ResourceGroup>> pairs : groupsAuthorizations.entrySet()) {
@@ -215,7 +241,8 @@ private static final Logger logger = LoggerFactory.getLogger(Authorization.class
     }
 
 
-    public Status removeResourceFromGroup(String groupName, T resource) {
+    @Override
+    public Status removeResourceFromGroup(String groupName, Object resource) {
         if (groupName == null || groupName.trim().isEmpty()) {
             return new Status(StatusCode.BADREQUEST, "Invalid group name");
         }
@@ -535,6 +562,24 @@ private static final Logger logger = LoggerFactory.getLogger(Authorization.class
         return roles.containsKey(roleName);
     }
 
+    @Override
+    public boolean isApplicationUser(String userName) {
+        IUserManager userManager = (IUserManager) ServiceHelper
+                .getGlobalInstance(IUserManager.class, this);
+        if (userManager == null) {
+            return false;
+        }
+        List<String> roles = userManager.getUserRoles(userName);
+        if (roles != null && !roles.isEmpty()) {
+            for (String role : roles) {
+                if (isApplicationRole(role)) {
+                    return true;
+                }
+            }
+        }
+        return false;
+    }
+
     @Override
     public AppRoleLevel getApplicationRoleLevel(String roleName) {
         if (roleName == null || roleName.trim().isEmpty()) {