Add HttpServletRequest to service filter rule

3ca9147c · michael.simon · afc3ae84 · 3ca9147c · 3ca9147c · 3ca9147c
Commit 3ca9147c authored Dec 18, 2020 by michael.simon
--- a/bwreg-service/src/main/java/edu/kit/scc/webreg/drools/KnowledgeSessionService.java
+++ b/bwreg-service/src/main/java/edu/kit/scc/webreg/drools/KnowledgeSessionService.java
@@ -14,6 +14,8 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;

+import javax.servlet.http.HttpServletRequest;
+
 import org.kie.api.runtime.KieSession;
 import org.opensaml.saml.saml2.core.Assertion;
 import org.opensaml.saml.saml2.metadata.EntityDescriptor;
@@ -59,6 +61,6 @@ public interface KnowledgeSessionService {

 	List<ServiceEntity> checkServiceFilterRule(String unitId, UserEntity user,
 			List<ServiceEntity> serviceList, Set<GroupEntity> groups,
-			Set<RoleEntity> roles) throws MisconfiguredServiceException;
+			Set<RoleEntity> roles, HttpServletRequest request) throws MisconfiguredServiceException;

 }
--- a/bwreg-service/src/main/java/edu/kit/scc/webreg/drools/impl/KnowledgeSessionServiceImpl.java
+++ b/bwreg-service/src/main/java/edu/kit/scc/webreg/drools/impl/KnowledgeSessionServiceImpl.java
@@ -19,6 +19,7 @@ import java.util.Set;

 import javax.ejb.Stateless;
 import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;

 import org.kie.api.KieServices;
 import org.kie.api.builder.ReleaseId;
@@ -153,7 +154,7 @@ public class KnowledgeSessionServiceImpl implements KnowledgeSessionService {
 	
 	@Override
 	public List<ServiceEntity> checkServiceFilterRule(String unitId, UserEntity user, List<ServiceEntity> serviceList,
-			Set<GroupEntity> groups, Set<RoleEntity> roles) 
+			Set<GroupEntity> groups, Set<RoleEntity> roles, HttpServletRequest request) 
 			throws MisconfiguredServiceException {
 		
 		user = userDao.merge(user);
@@ -170,6 +171,7 @@ public class KnowledgeSessionServiceImpl implements KnowledgeSessionService {
 		for (ServiceEntity service : serviceList)
 			ksession.insert(service);
 		ksession.insert(new Date());
+		ksession.insert(request);
 		
 		ksession.fireAllRules();


--- a/bwreg-service/src/main/java/edu/kit/scc/webreg/service/AuthorizationService.java
+++ b/bwreg-service/src/main/java/edu/kit/scc/webreg/service/AuthorizationService.java
@@ -3,12 +3,13 @@ package edu.kit.scc.webreg.service;
 import java.io.Serializable;
 import java.util.List;

+import javax.servlet.http.HttpServletRequest;
+
 import edu.kit.scc.webreg.entity.RegistryEntity;
-import edu.kit.scc.webreg.entity.identity.IdentityEntity;
 import edu.kit.scc.webreg.session.SessionManager;

 public interface AuthorizationService extends Serializable {

-	List<RegistryEntity> loadAll(SessionManager sessionManager, Long identityId);
+	List<RegistryEntity> loadAll(SessionManager sessionManager, Long identityId, HttpServletRequest request);

 }
--- a/bwreg-service/src/main/java/edu/kit/scc/webreg/service/impl/AuthorizationServiceImpl.java
+++ b/bwreg-service/src/main/java/edu/kit/scc/webreg/service/impl/AuthorizationServiceImpl.java
@@ -8,6 +8,7 @@ import java.util.Set;

 import javax.ejb.Stateless;
 import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;

 import org.slf4j.Logger;

@@ -63,7 +64,7 @@ public class AuthorizationServiceImpl implements AuthorizationService {
    private ApplicationConfig appConfig;

 	@Override
-	public List<RegistryEntity> loadAll(SessionManager sessionManager, Long identityId) {
+	public List<RegistryEntity> loadAll(SessionManager sessionManager, Long identityId, HttpServletRequest request) {
 		IdentityEntity identity = identityDao.findById(identityId);

    	Long rolesTimeout;
@@ -171,7 +172,7 @@ public class AuthorizationServiceImpl implements AuthorizationService {
 		    	for (UserEntity user : identity.getUsers()) {
 			    	tempList.addAll(knowledgeSessionService.checkServiceFilterRule(
 			    			serviceFilterRule, user, unregisteredServiceList,
-			    			sessionManager.getGroups(), sessionManager.getRoles()));
+			    			sessionManager.getGroups(), sessionManager.getRoles(), request));
 		    	}
 		    	
 		    	unregisteredServiceList = tempList;

--- a/bwreg-webapp/src/main/java/edu/kit/scc/webreg/sec/AuthorizationBean.java
+++ b/bwreg-webapp/src/main/java/edu/kit/scc/webreg/sec/AuthorizationBean.java
@@ -20,6 +20,7 @@ import javax.annotation.PostConstruct;
 import javax.enterprise.context.RequestScoped;
 import javax.inject.Inject;
 import javax.inject.Named;
+import javax.servlet.http.HttpServletRequest;

 import edu.kit.scc.webreg.bootstrap.ApplicationConfig;
 import edu.kit.scc.webreg.entity.RegistryEntity;
@@ -49,12 +50,15 @@ public class AuthorizationBean implements Serializable {
    @Inject
    private RoleCache roleCache;

+    @Inject 
+    private HttpServletRequest request;
+    
    @PostConstruct
    private void init() {
    	if (sessionManager.getIdentityId() == null)
    		return;
    	
-    	userRegistryList = authService.loadAll(sessionManager, sessionManager.getIdentityId());
+    	userRegistryList = authService.loadAll(sessionManager, sessionManager.getIdentityId(), request);
 	}

    public Duration getLoggedInSince() {