Merge pull request #15 from HackTheOxidation/feat/AclAndRbac

HackTheOxidation · web-flow · commit 178a82ed0b49 · 2023-11-15T14:08:59.000+01:00
Cleanup, print and rbac
diff --git a/src/main/java/printserver/client/Client.java b/src/main/java/printserver/client/Client.java
@@ -8,6 +8,7 @@
 import java.util.Scanner;
 
 public class Client {
+        private final static String PRIVILEGE = "You don't have the required privileges for this operation";
         public static void main(String[] args) {
 
             try (Scanner scanner = new Scanner(System.in)) {
@@ -51,7 +52,7 @@ public static void main(String[] args) {
 
                     System.out.print(":> ");
                     choice = scanner.nextInt();
-                    String printer = null;
+                    String printer;
 
                     switch (choice) {
                         case 1:
@@ -61,13 +62,13 @@ public static void main(String[] args) {
                             System.out.print("Enter the name of the printer: ");
                             printer = scanner.next();
 
-                            ps.print(filename, printer);
+                            if(!ps.print(filename, printer)) System.out.println(PRIVILEGE);
                             break;
                         case 2:
                             System.out.print("Enter the name of the printer: ");
                             printer = scanner.next();
 
-                            ps.queue(printer);
+                            if(!ps.queue(printer)) System.out.println(PRIVILEGE);
                             break;
                         case 3:
                             System.out.print("Enter the name of the printer: ");
@@ -76,28 +77,28 @@ public static void main(String[] args) {
                             System.out.print("Enter the number of the job to prioritize: ");
                             int job = scanner.nextInt();
 
-                            ps.topQueue(printer, job);
+                            if(!ps.topQueue(printer, job)) System.out.println(PRIVILEGE);
                             break;
                         case 4:
-                            ps.start();
+                            if(!ps.start()) System.out.println(PRIVILEGE);
                             break;
                         case 5:
-                            ps.stop();
+                            if(!ps.stop()) System.out.println(PRIVILEGE);
                             break;
                         case 6:
-                            ps.restart();
+                            if(!ps.restart()) System.out.println(PRIVILEGE);
                             break;
                         case 7:
                             System.out.print("Enter the name of the printer: ");
                             printer = scanner.next();
 
-                            ps.status(printer);
+                            if(!ps.status(printer)) System.out.println(PRIVILEGE);
                             break;
                         case 8:
                             System.out.print("Enter the name of the printer: ");
                             printer = scanner.next();
 
-                            ps.readConfig(printer);
+                            if(!ps.readConfig(printer)) System.out.println(PRIVILEGE);
                             break;
                         case 9:
                             System.out.print("Enter the name of the printer: ");
@@ -106,7 +107,7 @@ public static void main(String[] args) {
                             System.out.print("Enter the configuration value to set: ");
                             String value = scanner.next();
 
-                            ps.setConfig(printer, value);
+                            if(!ps.setConfig(printer, value)) System.out.println(PRIVILEGE);
                             break;
                         case 0:
                             System.out.println("Shutting down...");
diff --git a/src/main/java/printserver/common/PrintServer.java b/src/main/java/printserver/common/PrintServer.java
@@ -4,21 +4,21 @@
 import java.rmi.RemoteException;
 
 public interface PrintServer extends Remote {
-        void print(String filename, String printer) throws RemoteException;
+        boolean print(String filename, String printer) throws RemoteException;
 
-        void queue(String printer) throws RemoteException;
+        boolean queue(String printer) throws RemoteException;
 
-        void topQueue(String printer, int job) throws RemoteException;
+        boolean topQueue(String printer, int job) throws RemoteException;
 
-        void start() throws RemoteException;
+        boolean start() throws RemoteException;
 
-        void stop() throws RemoteException;
+        boolean stop() throws RemoteException;
 
-        void restart() throws RemoteException;
+        boolean restart() throws RemoteException;
 
-        void status(String printer) throws RemoteException;
+        boolean status(String printer) throws RemoteException;
 
-        void readConfig(String printer) throws RemoteException;
+        boolean readConfig(String printer) throws RemoteException;
 
-        void setConfig(String printer, String value) throws RemoteException;
+        boolean setConfig(String printer, String value) throws RemoteException;
 }
diff --git a/src/main/java/printserver/server/EncryptedAuthenticator.java b/src/main/java/printserver/server/EncryptedAuthenticator.java
@@ -32,7 +32,17 @@ protected void addUser(String username, String password) throws NoSuchAlgorithmE
         public PrintServer authenticate(String username, String password) throws RemoteException {
                 try {
                         Login login = this.authenticateLogin(username, password);
-                        if(login.isAuthenticated()) return new Proxy(db.getPriviligesForUser(username));
+                        if(login.isAuthenticated())
+                        {
+                                String role = db.getRoleForUser(username);
+                                List<String> aclPrivileges = db.getPriviligesForUser(username);
+                                List<String> rbacPrivileges = db.getPrivilegesForRole(role);
+                                System.out.println("Username: " + username);
+                                System.out.println("Role: " + role);
+                                System.out.println("ACL privileges: " + aclPrivileges);
+                                System.out.println("RBAC privileges: " + rbacPrivileges);
+                                return new Proxy(username, rbacPrivileges);
+                        }
                 } catch (Exception e) {
                         System.out.println("DEBUG - authenticate: " + e.getMessage());
                 }
diff --git a/src/main/java/printserver/server/PrintServant.java b/src/main/java/printserver/server/PrintServant.java
@@ -10,39 +10,48 @@ public PrintServant() throws RemoteException {
                 super();
         }
 
-        public void print(String filename, String printer) throws RemoteException {
+        public boolean print(String filename, String printer) throws RemoteException {
                 System.out.println("Invoked print() with filename: " + filename + ", printer: " + printer);
+                return true;
         }
 
-        public void queue(String printer) throws RemoteException {
+        public boolean queue(String printer) throws RemoteException {
                 System.out.println("Invoked queue() with printer: " + printer);
+                return true;
         }
 
-        public void topQueue(String printer, int job) throws RemoteException {
+        public boolean topQueue(String printer, int job) throws RemoteException {
                 System.out.println("Invoked topQueue() with printer: " + printer + ", job: " + job);
+                return true;
         }
 
-        public void start() throws RemoteException {
+        public boolean start() throws RemoteException {
                 System.out.println("Invoked start()");
+                return true;
         }
 
-        public void stop() throws RemoteException {
+        public boolean stop() throws RemoteException {
                 System.out.println("Invoked stop()");
+                return true;
         }
 
-        public void restart() throws RemoteException {
+        public boolean restart() throws RemoteException {
                 System.out.println("Invoked restart()");
+                return true;
         }
 
-        public void status(String printer) throws RemoteException {
+        public boolean status(String printer) throws RemoteException {
                 System.out.println("Invoked status() with printer: " + printer);
+                return true;
         }
 
-        public void readConfig(String printer) throws RemoteException {
+        public boolean readConfig(String printer) throws RemoteException {
                 System.out.println("Invoked readConfig() with printer: " + printer);
+                return true;
         }
 
-        public void setConfig(String printer, String value) throws RemoteException {
+        public boolean setConfig(String printer, String value) throws RemoteException {
                 System.out.println("Invoked setConfig() with printer: " + printer + ", value: " + value);
+                return true;
         }
 }
diff --git a/src/main/java/printserver/server/Proxy.java b/src/main/java/printserver/server/Proxy.java
@@ -4,91 +4,79 @@
 import java.util.List;
 
 public class Proxy extends PrintServant{
-    private final List<String> acl;
+    private final List<String> permissions;
+    private final String username;
 
-    public Proxy(List<String> access) throws RemoteException {
+    public Proxy(String username, List<String> permissions) throws RemoteException {
         super();
-        acl = access;
+        this.permissions = permissions;
+        this.username = username;
     }
 
     @Override
-    public void print(String filename, String printer) throws RemoteException {
-        if (acl.contains("print")) {
-            super.print(filename, printer);
-        } else {
-            System.out.println("Permission for print is denied");
-        }
+    public boolean print(String filename, String printer) throws RemoteException {
+        if (permissions.contains("print")) return super.print(filename, printer);
+        System.out.println(getPermissionDenied("print"));
+        return false;
     }
 
     @Override
-    public void queue(String printer) throws RemoteException {
-        if (acl.contains("queue")) {
-            super.queue(printer);
-        } else {
-            System.out.println("Permission for queue is denied");
-        } 
+    public boolean queue(String printer) throws RemoteException {
+        if (permissions.contains("queue")) return super.queue(printer);
+        System.out.println(getPermissionDenied("queue"));
+        return false;
     }
 
     @Override
-    public void topQueue(String printer, int job) throws RemoteException {
-        if (acl.contains("topQueue")) {
-            super.topQueue(printer, job);
-        } else {
-            System.out.println("Permission for topQueue is denied");
-        } 
+    public boolean topQueue(String printer, int job) throws RemoteException {
+        if (permissions.contains("topQueue")) return super.topQueue(printer, job);
+        System.out.println(getPermissionDenied("topQueue"));
+        return false;
     }
-    
+
     @Override
-    public void start() throws RemoteException {
-        if (acl.contains("start")) {
-            super.start();
-        } else {
-            System.out.println("Permission for start is denied");
-        } 
+    public boolean start() throws RemoteException {
+        if (permissions.contains("start")) return super.start();
+        System.out.println(getPermissionDenied("start"));
+        return false;
     }
 
     @Override
-    public void stop() throws RemoteException {
-        if (acl.contains("stop")) {
-            super.stop();
-        } else {
-            System.out.println("Permission for stop is denied");
-        } 
+    public boolean stop() throws RemoteException {
+        if (permissions.contains("stop")) return super.stop();
+        System.out.println(getPermissionDenied("stop"));
+        return false;
     }
 
     @Override
-    public void restart() throws RemoteException {
-        if (acl.contains("restart")) {
-            super.restart();
-        } else {
-            System.out.println("Permission for restart is denied");
-        } 
+    public boolean restart() throws RemoteException {
+        if (permissions.contains("restart")) return super.restart();
+        System.out.println(getPermissionDenied("restart"));
+        return false;
     }
 
     @Override
-    public void status(String printer) throws RemoteException {
-        if (acl.contains("status")) {
-            super.status(printer);
-        } else {
-            System.out.println("Permission for status is denied");
-        } 
+    public boolean status(String printer) throws RemoteException {
+        if (permissions.contains("status")) return super.status(printer);
+        System.out.println(getPermissionDenied("status"));
+        return false;
     }
 
     @Override
-    public void readConfig(String printer) throws RemoteException {
-        if (acl.contains("readConfig")) {
-            super.readConfig(printer);
-        } else {
-            System.out.println("Permission for readConfig is denied");
-        } 
+    public boolean readConfig(String printer) throws RemoteException {
+        if (permissions.contains("readConfig")) return super.readConfig(printer);
+        System.out.println(getPermissionDenied("readConfig"));
+        return false;
     }
 
     @Override
-    public void setConfig(String printer, String value) throws RemoteException {
-        if (acl.contains("setConfig")) {
-            super.setConfig(printer, value);
-        } else {
-            System.out.println("Permission for setConfig is denied");
-        } 
+    public boolean setConfig(String printer, String value) throws RemoteException {
+        if (permissions.contains("setConfig")) super.setConfig(printer, value);
+        System.out.println(getPermissionDenied("setConfig"));
+        return false;
+    }
+
+    private String getPermissionDenied(String methodName){
+        return String.format("Permission for %s is denied for user %s", methodName, username);
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -10,39 +10,48 @@ public PrintServant() throws RemoteException {`
`10`	`10`	`super();`
`11`	`11`	`}`
`12`	`12`
`13`		`- public void print(String filename, String printer) throws RemoteException {`
	`13`	`+ public boolean print(String filename, String printer) throws RemoteException {`
`14`	`14`	`System.out.println("Invoked print() with filename: " + filename + ", printer: " + printer);`
	`15`	`+ return true;`
`15`	`16`	`}`
`16`	`17`
`17`		`- public void queue(String printer) throws RemoteException {`
	`18`	`+ public boolean queue(String printer) throws RemoteException {`
`18`	`19`	`System.out.println("Invoked queue() with printer: " + printer);`
	`20`	`+ return true;`
`19`	`21`	`}`
`20`	`22`
`21`		`- public void topQueue(String printer, int job) throws RemoteException {`
	`23`	`+ public boolean topQueue(String printer, int job) throws RemoteException {`
`22`	`24`	`System.out.println("Invoked topQueue() with printer: " + printer + ", job: " + job);`
	`25`	`+ return true;`
`23`	`26`	`}`
`24`	`27`
`25`		`- public void start() throws RemoteException {`
	`28`	`+ public boolean start() throws RemoteException {`
`26`	`29`	`System.out.println("Invoked start()");`
	`30`	`+ return true;`
`27`	`31`	`}`
`28`	`32`
`29`		`- public void stop() throws RemoteException {`
	`33`	`+ public boolean stop() throws RemoteException {`
`30`	`34`	`System.out.println("Invoked stop()");`
	`35`	`+ return true;`
`31`	`36`	`}`
`32`	`37`
`33`		`- public void restart() throws RemoteException {`
	`38`	`+ public boolean restart() throws RemoteException {`
`34`	`39`	`System.out.println("Invoked restart()");`
	`40`	`+ return true;`
`35`	`41`	`}`
`36`	`42`
`37`		`- public void status(String printer) throws RemoteException {`
	`43`	`+ public boolean status(String printer) throws RemoteException {`
`38`	`44`	`System.out.println("Invoked status() with printer: " + printer);`
	`45`	`+ return true;`
`39`	`46`	`}`
`40`	`47`
`41`		`- public void readConfig(String printer) throws RemoteException {`
	`48`	`+ public boolean readConfig(String printer) throws RemoteException {`
`42`	`49`	`System.out.println("Invoked readConfig() with printer: " + printer);`
	`50`	`+ return true;`
`43`	`51`	`}`
`44`	`52`
`45`		`- public void setConfig(String printer, String value) throws RemoteException {`
	`53`	`+ public boolean setConfig(String printer, String value) throws RemoteException {`
`46`	`54`	`System.out.println("Invoked setConfig() with printer: " + printer + ", value: " + value);`
	`55`	`+ return true;`
`47`	`56`	`}`
`48`	`57`	`}`