Partial Commit for Permission Authorizer module

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml

@@ -103,6 +103,10 @@
             <groupId>org.wso2.carbon</groupId>
             <artifactId>org.wso2.carbon.core.services</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.wso2.carbon</groupId>
+            <artifactId>org.wso2.carbon.registry.api</artifactId>
+        </dependency>
     </dependencies>
 
 </project>

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java

@@ -21,6 +21,7 @@ public final class Constants {
 
     public static final String AUTHORIZATION_HEADER_PREFIX_BEARER = "Bearer";
     public static final String NO_MATCHING_AUTH_SCHEME = "noMatchedAuthScheme";
+    public static final String PERMISSION_PATH = "/_system/governance/permission/admin/device-mgt/";
 
     public static final class HTTPHeaders {
         private HTTPHeaders() {
@@ -40,4 +41,25 @@ public final class Constants {
         public static final String CONTENT_TYPE_APPLICATION_XML = "application/xml";
     }
 
+    public static final class HttpVerb {
+        private HttpVerb() {
+            throw new AssertionError();
+        }
+
+        public static final String GET = "GET";
+        public static final String POST = "POST";
+        public static final String DELETE = "DELETE";
+        public static final String PUT = "PUT";
+    }
+
+    public static final class PermissionMethod {
+        private PermissionMethod() {
+            throw new AssertionError();
+        }
+
+        public static final String READ = "read";
+        public static final String WRITE = "write";
+        public static final String DELETE = "delete";
+        public static final String ACTION = "action";
+    }
 }

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java

@@ -26,6 +26,9 @@ import org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve;
 import org.wso2.carbon.tomcat.ext.valves.CompositeValve;
 
 import javax.servlet.http.HttpServletResponse;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Properties;
 
 public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve {
 
@@ -34,8 +37,7 @@ public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve {
 
     @Override
     public void invoke(Request request, Response response, CompositeValve compositeValve) {
-        String authScheme =
+        String authScheme = request.getAuthType();
-                request.getContext().findParameter(WebappAuthenticatorFrameworkValve.AUTHENTICATION_SCHEME);
         if (authScheme == null || "".equals(authScheme)) {
             this.getNext().invoke(request, response, compositeValve);
             return;

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizerUtil.java

@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.webapp.authenticator.framework.authorizer;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.context.CarbonContext;
+import org.wso2.carbon.context.RegistryType;
+import org.wso2.carbon.registry.api.Collection;
+import org.wso2.carbon.registry.api.Registry;
+import org.wso2.carbon.registry.api.RegistryException;
+import org.wso2.carbon.webapp.authenticator.framework.authorizer.config.Permission;
+
+public class PermissionAuthorizerUtil {
+
+    private static Registry registry = CarbonContext.getThreadLocalCarbonContext().
+            getRegistry(RegistryType.SYSTEM_GOVERNANCE);
+
+    private static final String PROPERTY_NAME = "name";
+    private static final String PATH_PERMISSION = "/permission";
+    private static final Log log = LogFactory.getLog(PermissionAuthorizerUtil.class);
+
+    public static void addPermission(Permission permission) {
+
+        if (registry == null) {
+            throw new IllegalArgumentException("Registry instance retrieved is null");
+        }
+
+        if (permission == null) {
+            throw new IllegalArgumentException("Permission argument is null");
+        }
+        try {
+            Collection collection = registry.newCollection();
+            collection.setProperty(PROPERTY_NAME, permission.getName());
+            registry.put(PATH_PERMISSION + permission.getPath(), collection);
+
+        } catch (RegistryException e) {
+            String errorMsg = "Error occured while adding permission '" + permission.getName() +
+                              "' to registry. ";
+            log.error(errorMsg + e.getMessage());
+        }
+    }
+}

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkBundleActivator.java

@@ -28,6 +28,10 @@ import org.wso2.carbon.webapp.authenticator.framework.DataHolder;
 import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticator;
 import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticatorFrameworkValve;
 import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticatorRepository;
+import org.wso2.carbon.webapp.authenticator.framework.authorizer.PermissionAuthorizerUtil;
+import org.wso2.carbon.webapp.authenticator.framework.authorizer.PermissionAuthorizerValve;
+import org.wso2.carbon.webapp.authenticator.framework.authorizer.config.Permission;
+import org.wso2.carbon.webapp.authenticator.framework.authorizer.config.PermissionAuthorizerConfig;
 import org.wso2.carbon.webapp.authenticator.framework.config.AuthenticatorConfig;
 import org.wso2.carbon.webapp.authenticator.framework.config.WebappAuthenticatorConfig;
 
@@ -54,8 +58,15 @@ public class WebappAuthenticatorFrameworkBundleActivator implements BundleActiva
             }
             DataHolder.setWebappAuthenticatorRepository(repository);
 
+            // Adding permissions to registry
+//            PermissionAuthorizerConfig.init();
+//            for (Permission permission : PermissionAuthorizerConfig.getInstance().getPermissions()) {
+//                PermissionAuthorizerUtil.addPermission(permission);
+//            }
+
             List<CarbonTomcatValve> valves = new ArrayList<CarbonTomcatValve>();
             valves.add(new WebappAuthenticatorFrameworkValve());
+            valves.add(new PermissionAuthorizerValve());
             TomcatValveContainer.addValves(valves);
 
             if (log.isDebugEnabled()) {

features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/p2.inf

@@ -1,2 +1,3 @@
 instructions.configure = \
 org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.webapp.authenticator.framework.server_${feature.version}/conf/webapp-authenticator-config.xml,target:${installFolder}/../../conf/etc/webapp-authenticator-config.xml,overwrite:true);\
+org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.webapp.authenticator.framework.server_${feature.version}/conf/permissions-config.xml,target:${installFolder}/../../conf/etc/permissions-config.xml,overwrite:true);\