From ce93b07bb253df3c548c59bacc869839aa78bb4c Mon Sep 17 00:00:00 2001 From: mguetlein Date: Wed, 26 Jan 2011 15:54:05 +0100 Subject: add whitlisting concept for A&A, some minor modifications --- lib/authorization.rb | 42 +++++++++++++++++++++++++++++++++++++++++- lib/error.rb | 13 ++++++++++++- lib/helper.rb | 12 +----------- lib/model.rb | 10 +++++----- 4 files changed, 59 insertions(+), 18 deletions(-) (limited to 'lib') diff --git a/lib/authorization.rb b/lib/authorization.rb index 5bc690a..c6f39c1 100644 --- a/lib/authorization.rb +++ b/lib/authorization.rb @@ -322,7 +322,47 @@ module OpenTox alias :token_valid? :is_token_valid end - end + #Check Authorization for URI with method and subjectid. + def self.authorized?(uri, request_method, subjectid) + return true if OpenTox::Authorization.whitelisted?(uri, request_method) + if CONFIG[:authorization][:authorize_request].include?(request_method) + ret = OpenTox::Authorization.authorize(uri, request_method, subjectid) + LOGGER.debug "OpenTox helpers OpenTox::Authorization authorized? method: #{request_method} , URI: #{uri}, subjectid: #{subjectid} with return >>#{ret}<<" + return ret + end + if CONFIG[:authorization][:authenticate_request].include?(request_method) + return true if OpenTox::Authorization.is_token_valid(subjectid) + end + LOGGER.debug "Not authorized for: #{uri} with Method: #{request_method} with Token #{subjectid}" + return false + end + + @@whitelist = {} + + private + def self.whitelisted?(uri, request_method) + return false unless @@whitelist[request_method] + @@whitelist[request_method].each do |r| + return true if r.match(uri) + end + return false + end + + public + def self.whitelist(uri_match, request_method) + if uri_match.is_a?(Regexp) + uri_regex = uri_match + elsif uri_match.is_a?(String) + uri_regex = Regexp.new("^"+uri_match+"$") + else + raise "uri-match param is neither string(->exact uri match) nor regexp: "+uri_match.class + end + LOGGER.info("whitelisted "+request_method+" "+uri_regex.to_s) + @@whitelist[request_method] = [] unless @@whitelist[request_method] + @@whitelist[request_method] << uri_regex + end + + end end diff --git a/lib/error.rb b/lib/error.rb index e5c460d..8c666f3 100644 --- a/lib/error.rb +++ b/lib/error.rb @@ -39,7 +39,7 @@ module OpenTox @actor = actor @errorCause = error.errorCause if error.errorCause @rest_params = error.rest_params if error.is_a?(OpenTox::RestCallError) and error.rest_params - @backtrace = error.backtrace.join("\n") if CONFIG[:backtrace] + @backtrace = error.backtrace.short_backtrace if CONFIG[:backtrace] end # overwrite sorting to make easier readable @@ -72,4 +72,15 @@ module OpenTox s.to_rdfxml end end +end + +class Array + def short_backtrace + short = [] + each do |c| + break if c =~ /sinatra\/base/ + short << c + end + short.join("\n") + end end \ No newline at end of file diff --git a/lib/helper.rb b/lib/helper.rb index e82c8fb..afeeb43 100644 --- a/lib/helper.rb +++ b/lib/helper.rb @@ -16,22 +16,12 @@ helpers do end end - #Check Authorization for URI with method and subjectid. def authorized?(subjectid) request_method = request.env['REQUEST_METHOD'] uri = clean_uri("#{request.env['rack.url_scheme']}://#{request.env['HTTP_HOST']}#{request.env['REQUEST_URI']}") request_method = "GET" if request_method == "POST" && uri =~ /\/model\/\d+\/?$/ - if CONFIG[:authorization][:authorize_request].include?(request_method) - ret = OpenTox::Authorization.authorize(uri, request_method, subjectid) - LOGGER.debug "OpenTox helpers OpenTox::Authorization authorized? method: #{request_method} , URI: #{request.env['rack.url_scheme']}://#{request.env['HTTP_HOST']}#{request.env['REQUEST_URI']}, subjectid: #{subjectid} with return >>#{ret}<<" - return ret - end - if CONFIG[:authorization][:authenticate_request].include?(request_method) - return true if OpenTox::Authorization.is_token_valid(subjectid) - end - LOGGER.debug "Not authorized for: #{uri} with Method: #{request.env['REQUEST_METHOD']}/#{request_method} with Token #{subjectid}" - return false + return OpenTox::Authorization.authorized?(uri, request_method, subjectid) end #cleans URI from querystring and file-extension. Sets port 80 to emptystring diff --git a/lib/model.rb b/lib/model.rb index 85be1b5..741eea6 100644 --- a/lib/model.rb +++ b/lib/model.rb @@ -24,9 +24,9 @@ module OpenTox # Find Generic Opentox Model via URI, and loads metadata # @param [String] uri Model URI # @return [OpenTox::Model::Generic] Model instance, nil if model was not found - def self.find(uri) + def self.find(uri,subjectid=nil) model = Generic.new(uri) - model.load_metadata + model.load_metadata(subjectid) if model.metadata==nil or model.metadata.size==0 nil else @@ -36,10 +36,10 @@ module OpenTox # provides feature type, possible types are "regression" or "classification" # @return [String] feature type, "unknown" if type could not be estimated - def feature_type + def feature_type(subjectid=nil) # dynamically perform restcalls if necessary - load_metadata if @metadata==nil or @metadata.size==0 or (@metadata.size==1 && @metadata.values[0]==@uri) - @dependentVariable = OpenTox::Feature.find( @metadata[OT.dependentVariables] ) unless @dependentVariable + load_metadata(subjectid) if @metadata==nil or @metadata.size==0 or (@metadata.size==1 && @metadata.values[0]==@uri) + @dependentVariable = OpenTox::Feature.find( @metadata[OT.dependentVariables],subjectid ) unless @dependentVariable [@dependentVariable.feature_type, @metadata[OT.isA], @metadata[DC.title], @uri].each do |type| case type -- cgit v1.2.3