Skip to content
This repository has been archived by the owner on Jun 23, 2022. It is now read-only.

Commit

Permalink
add public authz when not using access-controls
Browse files Browse the repository at this point in the history
  • Loading branch information
PJ committed Jan 24, 2015
1 parent 840a715 commit 5d6d312
Showing 1 changed file with 33 additions and 0 deletions.
33 changes: 33 additions & 0 deletions src/com/google/enterprise/adaptor/database/DatabaseAdaptor.java
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,9 @@
import com.google.enterprise.adaptor.AbstractAdaptor;
import com.google.enterprise.adaptor.Acl;
import com.google.enterprise.adaptor.AdaptorContext;
import com.google.enterprise.adaptor.AuthnIdentity;
import com.google.enterprise.adaptor.AuthzAuthority;
import com.google.enterprise.adaptor.AuthzStatus;
import com.google.enterprise.adaptor.Config;
import com.google.enterprise.adaptor.DocId;
import com.google.enterprise.adaptor.DocIdPusher;
Expand Down Expand Up @@ -186,6 +189,12 @@ public void init(AdaptorContext context) throws Exception {
if (encodeDocId) {
log.config("adaptor runs in lister-only mode");
}

if (aclSql == null) {
context.setAuthzAuthority(new AllPublic());
} else {
context.setAuthzAuthority(new AllPrivate());
}
}

/** Get all doc ids from database. */
Expand Down Expand Up @@ -687,4 +696,28 @@ public String toString() {
return text;
}
}

private static class AllPublic implements AuthzAuthority {
public Map<DocId, AuthzStatus> isUserAuthorized(AuthnIdentity userIdentity,
Collection<DocId> ids) throws IOException {
Map<DocId, AuthzStatus> result =
new HashMap<DocId, AuthzStatus>(ids.size() * 2);
for (DocId docId : ids) {
result.put(docId, AuthzStatus.PERMIT);
}
return Collections.unmodifiableMap(result);
}
}

private static class AllPrivate implements AuthzAuthority {
public Map<DocId, AuthzStatus> isUserAuthorized(AuthnIdentity userIdentity,
Collection<DocId> ids) throws IOException {
Map<DocId, AuthzStatus> result =
new HashMap<DocId, AuthzStatus>(ids.size() * 2);
for (DocId docId : ids) {
result.put(docId, AuthzStatus.DENY);
}
return Collections.unmodifiableMap(result);
}
}
}

0 comments on commit 5d6d312

Please sign in to comment.