diff --git a/src/services/core/model/src/main/java/org/geoserver/geofence/core/model/Rule.java b/src/services/core/model/src/main/java/org/geoserver/geofence/core/model/Rule.java
index 6df3a6fb..d988bd08 100644
--- a/src/services/core/model/src/main/java/org/geoserver/geofence/core/model/Rule.java
+++ b/src/services/core/model/src/main/java/org/geoserver/geofence/core/model/Rule.java
@@ -106,6 +106,9 @@ public class Rule implements Identifiable, Serializable, Prioritizable, IPRangeP
@Index(name = "idx_rule_request")
private String request;
+ @Column
+ private String subfield;
+
@Column
@Index(name = "idx_rule_workspace")
private String workspace;
@@ -130,7 +133,7 @@ public Rule() {
}
public Rule(long priority, String username, String rolename, GSInstance instance, IPAddressRange addressRange,
- String service, String request, String workspace, String layer, GrantType access) {
+ String service, String request, String subfield, String workspace, String layer, GrantType access) {
this.priority = priority;
this.username = username;
this.rolename = rolename;
@@ -138,11 +141,21 @@ public Rule(long priority, String username, String rolename, GSInstance instance
this.addressRange = addressRange;
this.service = service;
this.request = request;
+ this.subfield = subfield;
this.workspace = workspace;
this.layer = layer;
this.access = access;
}
+ /**
+ * @deprecated need new subfield argument
+ */
+ @Deprecated
+ public Rule(long priority, String username, String rolename, GSInstance instance, IPAddressRange addressRange,
+ String service, String request, String workspace, String layer, GrantType access) {
+ this(priority, username, rolename, instance, addressRange, service, request, null, workspace, layer, access);
+ }
+
public Long getId() {
return id;
}
@@ -217,6 +230,14 @@ public void setRequest(String request) {
this.request = request;
}
+ public String getSubfield() {
+ return subfield;
+ }
+
+ public void setSubfield(String subfield) {
+ this.subfield = subfield;
+ }
+
public String getWorkspace() {
return workspace;
}
@@ -285,6 +306,9 @@ public String toString() {
if (request != null) {
sb.append(" req:").append(request);
}
+ if (subfield != null) {
+ sb.append(" sub:").append(subfield);
+ }
if (workspace != null) {
sb.append(" ws:").append(workspace);
diff --git a/src/services/core/persistence/src/main/java/org/geoserver/geofence/core/dao/impl/RuleDAOImpl.java b/src/services/core/persistence/src/main/java/org/geoserver/geofence/core/dao/impl/RuleDAOImpl.java
index a36aac97..905940bf 100644
--- a/src/services/core/persistence/src/main/java/org/geoserver/geofence/core/dao/impl/RuleDAOImpl.java
+++ b/src/services/core/persistence/src/main/java/org/geoserver/geofence/core/dao/impl/RuleDAOImpl.java
@@ -88,6 +88,7 @@ protected Search getDupSearch(Rule rule) {
addSearchField(search, "instance", rule.getInstance());
addSearchField(search, "service", rule.getService());
addSearchField(search, "request", rule.getRequest());
+ addSearchField(search, "subfield", rule.getSubfield());
addSearchField(search, "workspace", rule.getWorkspace());
addSearchField(search, "layer", rule.getLayer());
diff --git a/src/services/core/services-api/src/main/java/org/geoserver/geofence/services/RuleReaderService.java b/src/services/core/services-api/src/main/java/org/geoserver/geofence/services/RuleReaderService.java
index 50e93829..beab6a4c 100644
--- a/src/services/core/services-api/src/main/java/org/geoserver/geofence/services/RuleReaderService.java
+++ b/src/services/core/services-api/src/main/java/org/geoserver/geofence/services/RuleReaderService.java
@@ -21,25 +21,25 @@
public interface RuleReaderService
{
- /**
- * Return info on resource accessibility.
- *
- * All parameters reference instances by name.
- *
If a given parameter is "*", it will match any value in the related {@link Rule} field.
- * If a given parameter is null, it will match only null (default) values in the related {@link Rule} field.
- *
- * In order to have a better control on the query, please use {@link #getAccessInfo(RuleFilter filter) }.
- *
- * @deprecated Use {@link #getAccessInfo(RuleFilter filter) }
- */
- AccessInfo getAccessInfo(String userName,
- String profileName,
- String instanceName,
- String sourceAddress,
- String service,
- String request,
- String workspace,
- String layer);
+// /**
+// * Return info on resource accessibility.
+// *
+// * All parameters reference instances by name.
+// *
If a given parameter is "*", it will match any value in the related {@link Rule} field.
+// * If a given parameter is null, it will match only null (default) values in the related {@link Rule} field.
+// *
+// * In order to have a better control on the query, please use {@link #getAccessInfo(RuleFilter filter) }.
+// *
+// * @deprecated Use {@link #getAccessInfo(RuleFilter filter) }
+// */
+// AccessInfo getAccessInfo(String userName,
+// String profileName,
+// String instanceName,
+// String sourceAddress,
+// String service,
+// String request,
+// String workspace,
+// String layer);
/**
* Return info on resource accessibility.
@@ -53,31 +53,31 @@ AccessInfo getAccessInfo(String userName,
*/
AccessInfo getAdminAuthorization(RuleFilter filter);
- /**
- * Return the unprocessed {@link Rule} list matching a given filter, sorted
- * by priority.
- *
- * Use {@link getAccessInfo(String,String,String,String,String,String,String) getAccessInfo}
- * if you need the resulting coalesced access info.
- *
- * Differently from {@link RuleAdminService#getList(String,String,String,String,String,String,String,Integer,Integer) RuleAdminService.getList(...)},
- * when a param is set, it will match
- * all the rules with the corresponding matching field,
- * plus all the rules having that field set to null.
- *
Null params will only match null values.
- *
The "*" string will always match.
- *
- * @deprecated Use {@link #getMatchingRules(RuleFilter filter) }
- */
-
- List getMatchingRules(String userName,
- String profileName,
- String instanceName,
- String sourceAddress,
- String service,
- String request,
- String workspace,
- String layer);
+// /**
+// * Return the unprocessed {@link Rule} list matching a given filter, sorted
+// * by priority.
+// *
+// * Use {@link getAccessInfo(String,String,String,String,String,String,String) getAccessInfo}
+// * if you need the resulting coalesced access info.
+// *
+// * Differently from {@link RuleAdminService#getList(String,String,String,String,String,String,String,Integer,Integer) RuleAdminService.getList(...)},
+// * when a param is set, it will match
+// * all the rules with the corresponding matching field,
+// * plus all the rules having that field set to null.
+// *
Null params will only match null values.
+// *
The "*" string will always match.
+// *
+// * @deprecated Use {@link #getMatchingRules(RuleFilter filter) }
+// */
+//
+// List getMatchingRules(String userName,
+// String profileName,
+// String instanceName,
+// String sourceAddress,
+// String service,
+// String request,
+// String workspace,
+// String layer);
/**
* Return the unprocessed {@link Rule} list matching a given filter, sorted
diff --git a/src/services/core/services-api/src/main/java/org/geoserver/geofence/services/dto/RuleFilter.java b/src/services/core/services-api/src/main/java/org/geoserver/geofence/services/dto/RuleFilter.java
index ac46dccd..38fbcd5d 100644
--- a/src/services/core/services-api/src/main/java/org/geoserver/geofence/services/dto/RuleFilter.java
+++ b/src/services/core/services-api/src/main/java/org/geoserver/geofence/services/dto/RuleFilter.java
@@ -59,6 +59,7 @@ public FilterType getRelatedType() {
private final TextFilter sourceAddress;
private final TextFilter service;
private final TextFilter request;
+ private final TextFilter subfield;
private final TextFilter workspace;
private final TextFilter layer;
@@ -82,6 +83,7 @@ public RuleFilter(SpecialFilterType type) {
sourceAddress = new TextFilter(ft);
service = new TextFilter(ft, true);
request = new TextFilter(ft, true);
+ subfield = new TextFilter(ft, true);
workspace = new TextFilter(ft);
layer = new TextFilter(ft);
}
@@ -100,6 +102,8 @@ public RuleFilter(SpecialFilterType type, boolean includeDefault) {
service.setIncludeDefault(includeDefault);
request = new TextFilter(ft, true);
request.setIncludeDefault(includeDefault);
+ subfield = new TextFilter(ft, true);
+ subfield.setIncludeDefault(includeDefault);
workspace = new TextFilter(ft);
workspace.setIncludeDefault(includeDefault);
layer = new TextFilter(ft);
@@ -115,7 +119,7 @@ public RuleFilter(SpecialFilterType type, boolean includeDefault) {
*/
public RuleFilter(String userName, String groupName, String instanceName,
String sourceAddress,
- String service, String request,
+ String service, String request, String subfield,
String workspace, String layer) {
this(SpecialFilterType.DEFAULT);
@@ -127,6 +131,7 @@ public RuleFilter(String userName, String groupName, String instanceName,
this.service.setHeuristically(service);
this.request.setHeuristically(request);
+ this.subfield.setHeuristically(subfield);
this.workspace.setHeuristically(workspace);
this.layer.setHeuristically(layer);
}
@@ -140,6 +145,7 @@ public RuleFilter(RuleFilter source) {
sourceAddress = source.sourceAddress.clone();
service = source.service.clone();
request = source.request.clone();
+ subfield = source.subfield.clone();
workspace = source.workspace.clone();
layer = source.layer.clone();
} catch (CloneNotSupportedException ex) {
@@ -218,6 +224,16 @@ public RuleFilter setRequest(SpecialFilterType type) {
return this;
}
+ public RuleFilter setSubfield(String name) {
+ subfield.setText(name);
+ return this;
+ }
+
+ public RuleFilter setSubfield(SpecialFilterType type) {
+ subfield.setType(type);
+ return this;
+ }
+
public RuleFilter setWorkspace(String name) {
workspace.setText(name);
return this;
@@ -258,6 +274,10 @@ public TextFilter getRequest() {
return request;
}
+ public TextFilter getSubfield() {
+ return subfield;
+ }
+
public TextFilter getService() {
return service;
}
@@ -316,6 +336,9 @@ public boolean equals(Object obj) {
if (this.request != other.request && (this.request == null || !this.request.equals(other.request))) {
return false;
}
+ if (this.subfield != other.subfield && (this.subfield == null || !this.subfield.equals(other.subfield))) {
+ return false;
+ }
if (this.workspace != other.workspace && (this.workspace == null || !this.workspace.equals(other.workspace))) {
return false;
}
@@ -335,6 +358,7 @@ public int hashCode() {
hash = 37 * hash + (this.sourceAddress != null ? this.sourceAddress.hashCode() : 0);
hash = 37 * hash + (this.service != null ? this.service.hashCode() : 0);
hash = 37 * hash + (this.request != null ? this.request.hashCode() : 0);
+ hash = 37 * hash + (this.subfield != null ? this.subfield.hashCode() : 0);
hash = 37 * hash + (this.workspace != null ? this.workspace.hashCode() : 0);
hash = 37 * hash + (this.layer != null ? this.layer.hashCode() : 0);
//NOTE: ipaddress not in hashcode bc it is not used for caching
@@ -351,6 +375,7 @@ public String toString() {
sb.append(" ip:").append(sourceAddress);
sb.append(" serv:").append(service);
sb.append(" req:").append(request);
+ if(subfield != null) sb.append(" sub:").append(subfield);
sb.append(" ws:").append(workspace);
sb.append(" layer:").append(layer);
sb.append(']');
diff --git a/src/services/core/services-impl/src/main/java/org/geoserver/geofence/services/RuleReaderServiceImpl.java b/src/services/core/services-impl/src/main/java/org/geoserver/geofence/services/RuleReaderServiceImpl.java
index f5ac39af..e54859f5 100644
--- a/src/services/core/services-impl/src/main/java/org/geoserver/geofence/services/RuleReaderServiceImpl.java
+++ b/src/services/core/services-impl/src/main/java/org/geoserver/geofence/services/RuleReaderServiceImpl.java
@@ -58,19 +58,19 @@ public class RuleReaderServiceImpl implements RuleReaderService {
private UserResolver userResolver;
private AuthorizationService authorizationService;
- /**
- * @deprecated
- */
- @Override
- @Deprecated
- public List getMatchingRules(
- String userName, String profileName, String instanceName,
- String sourceAddress,
- String service, String request,
- String workspace, String layer) {
-
- return getMatchingRules(new RuleFilter(userName, profileName, instanceName, sourceAddress, service, request, workspace, layer));
- }
+// /**
+// * @deprecated
+// */
+// @Override
+// @Deprecated
+// public List getMatchingRules(
+// String userName, String profileName, String instanceName,
+// String sourceAddress,
+// String service, String request, String subfield,
+// String workspace, String layer) {
+//
+// return getMatchingRules(new RuleFilter(userName, profileName, instanceName, sourceAddress, service, request, subfield, workspace, layer));
+// }
/**
* TODO: REFACTOR
@@ -100,17 +100,17 @@ public List getMatchingRules(RuleFilter filter) {
}
- /**
- * @deprecated
- */
- @Override
- @Deprecated
- public AccessInfo getAccessInfo(String userName, String roleName, String instanceName,
- String sourceAddress,
- String service, String request,
- String workspace, String layer) {
- return getAccessInfo(new RuleFilter(userName, roleName, instanceName, sourceAddress, service, request, workspace, layer));
- }
+// /**
+// * @deprecated
+// */
+// @Override
+// @Deprecated
+// public AccessInfo getAccessInfo(String userName, String roleName, String instanceName,
+// String sourceAddress,
+// String service, String request, String subfield,
+// String workspace, String layer) {
+// return getAccessInfo(new RuleFilter(userName, roleName, instanceName, sourceAddress, service, request, subfield, workspace, layer));
+// }
@Override
public AccessInfo getAccessInfo(RuleFilter filter)
diff --git a/src/services/core/services-impl/src/test/java/org/geoserver/geofence/services/RuleReaderServiceImplTest.java b/src/services/core/services-impl/src/test/java/org/geoserver/geofence/services/RuleReaderServiceImplTest.java
index 8713acbb..61d1c648 100644
--- a/src/services/core/services-impl/src/test/java/org/geoserver/geofence/services/RuleReaderServiceImplTest.java
+++ b/src/services/core/services-impl/src/test/java/org/geoserver/geofence/services/RuleReaderServiceImplTest.java
@@ -77,24 +77,24 @@ public void testGetRulesForUsersAndGroup() {
userAdminService.insert(user2);
userAdminService.insert(user3);
- ruleAdminService.insert(new Rule(10, u1, "p1", null, null, "s1", "r1", "w1", "l1", GrantType.ALLOW));
- ruleAdminService.insert(new Rule(20, u2, "p2", null, null, "s1", "r2", "w2", "l2", GrantType.ALLOW));
- ruleAdminService.insert(new Rule(30, u1, "p1", null, null, "s3", "r3", "w3", "l3", GrantType.ALLOW));
- ruleAdminService.insert(new Rule(40, u1, "p1", null, null, null, null, null, null, GrantType.ALLOW));
- ruleAdminService.insert(new Rule(50, null,"g3a", null,null, null, null, null, null, GrantType.ALLOW));
- ruleAdminService.insert(new Rule(60, null,"g3b", null,null, null, null, null, null, GrantType.ALLOW));
-
- assertEquals(3, ruleReaderService.getMatchingRules(u1, "*", "Z","*", "*", "*","*","*").size());
- assertEquals(3, ruleReaderService.getMatchingRules("*", "p1", "Z","*", "*", "*","*","*").size());
- assertEquals(1, ruleReaderService.getMatchingRules(u1, "*", "Z","*", null, null,null,null).size());
- assertEquals(0, ruleReaderService.getMatchingRules("*", "Z", "Z","*", null, null,null,null).size());
- assertEquals(1, ruleReaderService.getMatchingRules(u1, "*", "Z","*", null, null,null,null).size());
- assertEquals(1, ruleReaderService.getMatchingRules(u1, "*", "Z","*", null, null,null,null).size());
- assertEquals(1, ruleReaderService.getMatchingRules(u2, "*", "Z","*", "*", "*","*","*").size());
- assertEquals(1, ruleReaderService.getMatchingRules("*", "p2", "Z","*", "*", "*","*","*").size());
- assertEquals(2, ruleReaderService.getMatchingRules(u1, "*", "Z","*", "s1", "*","*","*").size());
- assertEquals(2, ruleReaderService.getMatchingRules("*", "p1", "Z","*", "s1", "*","*","*").size());
- assertEquals(2, ruleReaderService.getMatchingRules(u3, "*", "Z","*", "s1", "*","*","*").size());
+ ruleAdminService.insert(new Rule(10, u1, "p1", null, null, "s1", "r1", null, "w1", "l1", GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(20, u2, "p2", null, null, "s1", "r2", null, "w2", "l2", GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(30, u1, "p1", null, null, "s3", "r3", null, "w3", "l3", GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(40, u1, "p1", null, null, null, null, null, null, null, GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(50, null,"g3a", null,null, null, null, null, null, null, GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(60, null,"g3b", null,null, null, null, null, null, null, GrantType.ALLOW));
+
+ assertEquals(3, getMatchingRules(u1, "*", "Z","*", "*", "*","*","*").size());
+ assertEquals(3, getMatchingRules("*", "p1", "Z","*", "*", "*","*","*").size());
+ assertEquals(1, getMatchingRules(u1, "*", "Z","*", null, null,null,null).size());
+ assertEquals(0, getMatchingRules("*", "Z", "Z","*", null, null,null,null).size());
+ assertEquals(1, getMatchingRules(u1, "*", "Z","*", null, null,null,null).size());
+ assertEquals(1, getMatchingRules(u1, "*", "Z","*", null, null,null,null).size());
+ assertEquals(1, getMatchingRules(u2, "*", "Z","*", "*", "*","*","*").size());
+ assertEquals(1, getMatchingRules("*", "p2", "Z","*", "*", "*","*","*").size());
+ assertEquals(2, getMatchingRules(u1, "*", "Z","*", "s1", "*","*","*").size());
+ assertEquals(2, getMatchingRules("*", "p1", "Z","*", "s1", "*","*","*").size());
+ assertEquals(2, getMatchingRules(u3, "*", "Z","*", "s1", "*","*","*").size());
}
private static RuleFilter createFilter(String userName, String groupName, String service) {
@@ -120,27 +120,27 @@ public void testGetRulesForGroupOnly() {
UserGroup g1 = createRole("p1");
UserGroup g2 = createRole("p2");
- Rule r1 = new Rule(10, null, "p1", null,null, "s1", "r1", "w1", "l1", GrantType.ALLOW);
- Rule r2 = new Rule(20, null, "p2", null,null, "s1", "r2", "w2", "l2", GrantType.ALLOW);
- Rule r3 = new Rule(30, null, "p1", null,null, "s3", "r3", "w3", "l3", GrantType.ALLOW);
- Rule r4 = new Rule(40, null, "p1", null,null, null, null, null, null, GrantType.ALLOW);
+ Rule r1 = new Rule(10, null, "p1", null,null, "s1", "r1", null, "w1", "l1", GrantType.ALLOW);
+ Rule r2 = new Rule(20, null, "p2", null,null, "s1", "r2", null, "w2", "l2", GrantType.ALLOW);
+ Rule r3 = new Rule(30, null, "p1", null,null, "s3", "r3", null, "w3", "l3", GrantType.ALLOW);
+ Rule r4 = new Rule(40, null, "p1", null,null, null, null, null, null, null, GrantType.ALLOW);
ruleAdminService.insert(r1);
ruleAdminService.insert(r2);
ruleAdminService.insert(r3);
ruleAdminService.insert(r4);
- assertEquals(4, ruleReaderService.getMatchingRules("*","*","*", "*", "*", "*","*","*").size());
- assertEquals(3, ruleReaderService.getMatchingRules("*","*","*", "*", "s1", "*","*","*").size());
- assertEquals(1, ruleReaderService.getMatchingRules("*","*","*", "*", "ZZ", "*","*","*").size());
+ assertEquals(4, getMatchingRules("*","*","*", "*", "*", "*","*","*").size());
+ assertEquals(3, getMatchingRules("*","*","*", "*", "s1", "*","*","*").size());
+ assertEquals(1, getMatchingRules("*","*","*", "*", "ZZ", "*","*","*").size());
- assertEquals(3, ruleReaderService.getMatchingRules("*","p1","*", "*", "*", "*","*","*").size());
- assertEquals(2, ruleReaderService.getMatchingRules("*","p1","*", "*", "s1", "*","*","*").size());
- assertEquals(1, ruleReaderService.getMatchingRules("*","p1","*", "*", "ZZ", "*","*","*").size());
+ assertEquals(3, getMatchingRules("*","p1","*", "*", "*", "*","*","*").size());
+ assertEquals(2, getMatchingRules("*","p1","*", "*", "s1", "*","*","*").size());
+ assertEquals(1, getMatchingRules("*","p1","*", "*", "ZZ", "*","*","*").size());
- assertEquals(1, ruleReaderService.getMatchingRules("*","p2","*", "*", "*", "*","*","*").size());
- assertEquals(1, ruleReaderService.getMatchingRules("*","p2","*", "*", "s1", "*","*","*").size());
- assertEquals(0, ruleReaderService.getMatchingRules("*","p2","*", "*", "ZZ", "*","*","*").size());
+ assertEquals(1, getMatchingRules("*","p2","*", "*", "*", "*","*","*").size());
+ assertEquals(1, getMatchingRules("*","p2","*", "*", "s1", "*","*","*").size());
+ assertEquals(0, getMatchingRules("*","p2","*", "*", "ZZ", "*","*","*").size());
filter = createFilter(null, g1.getName(), null);
assertEquals(3, ruleReaderService.getMatchingRules(filter).size());
@@ -155,10 +155,10 @@ public void testGetInfo() {
List rules = new ArrayList<>();
- rules.add(new Rule(100+rules.size(), null, null, null,null, "WCS", null, null, null, GrantType.ALLOW));
- rules.add(new Rule(100+rules.size(), null, null, null,null, "s1", "r2", "w2", "l2", GrantType.ALLOW));
- rules.add(new Rule(100+rules.size(), null, null, null,null, "s3", "r3", "w3", "l3", GrantType.ALLOW));
- rules.add(new Rule(100+rules.size(), null, null, null,null, null, null, null, null, GrantType.DENY));
+ rules.add(new Rule(100+rules.size(), null, null, null,null, "WCS", null, null, null, null, GrantType.ALLOW));
+ rules.add(new Rule(100+rules.size(), null, null, null,null, "s1", "r2", null, "w2", "l2", GrantType.ALLOW));
+ rules.add(new Rule(100+rules.size(), null, null, null,null, "s3", "r3", null, "w3", "l3", GrantType.ALLOW));
+ rules.add(new Rule(100+rules.size(), null, null, null,null, null, null, null, null, null, GrantType.DENY));
for (Rule rule : rules) {
ruleAdminService.insert(rule);
@@ -216,8 +216,8 @@ public void testResolveLazy() {
List rules = new ArrayList<>();
- rules.add(new Rule(100+rules.size(), null, null, null,null, "WCS", null, null, null, GrantType.ALLOW));
- rules.add(new Rule(100+rules.size(), null, null, null,null, "s1", "r2", "w2", "l2", GrantType.ALLOW));
+ rules.add(new Rule(100+rules.size(), null, null, null,null, "WCS", null, null, null, null, GrantType.ALLOW));
+ rules.add(new Rule(100+rules.size(), null, null, null,null, "s1", "r2", null, "w2", "l2", GrantType.ALLOW));
for (Rule rule : rules) {
if(rule != null)
@@ -253,17 +253,17 @@ public void testNoDefault() {
ruleAdminService.insert(new Rule(0, null, null, null,null, "WCS", null, null, null, GrantType.ALLOW));
- assertEquals(1, ruleReaderService.getMatchingRules("u0","*","i0",null, "WCS", null,"W0","l0").size());
- assertEquals(GrantType.ALLOW, ruleReaderService.getAccessInfo("u0","*","i0",null, "WCS", null,"W0","l0").getGrant());
+ assertEquals(1, getMatchingRules("u0","*","i0",null, "WCS", null,"W0","l0").size());
+ assertEquals(GrantType.ALLOW, getAccessInfo("u0","*","i0",null, "WCS", null,"W0","l0").getGrant());
- assertEquals(1, ruleReaderService.getMatchingRules("*","p0","i0",null, "WCS", null,"W0","l0").size());
- assertEquals(GrantType.ALLOW, ruleReaderService.getAccessInfo("*","p0","i0",null, "WCS", null,"W0","l0").getGrant());
+ assertEquals(1, getMatchingRules("*","p0","i0",null, "WCS", null,"W0","l0").size());
+ assertEquals(GrantType.ALLOW, getAccessInfo("*","p0","i0",null, "WCS", null,"W0","l0").getGrant());
- assertEquals(0, ruleReaderService.getMatchingRules("u0","*","i0",null, "UNMATCH", null,"W0","l0").size());
- assertEquals(GrantType.DENY, ruleReaderService.getAccessInfo("u0","*","i0",null, "UNMATCH", null,"W0","l0").getGrant());
+ assertEquals(0, getMatchingRules("u0","*","i0",null, "UNMATCH", null,"W0","l0").size());
+ assertEquals(GrantType.DENY, getAccessInfo("u0","*","i0",null, "UNMATCH", null,"W0","l0").getGrant());
- assertEquals(0, ruleReaderService.getMatchingRules("*","p0","i0",null, "UNMATCH", null,"W0","l0").size());
- assertEquals(GrantType.DENY, ruleReaderService.getAccessInfo("*","p0","i0",null, "UNMATCH", null,"W0","l0").getGrant());
+ assertEquals(0, getMatchingRules("*","p0","i0",null, "UNMATCH", null,"W0","l0").size());
+ assertEquals(GrantType.DENY, getAccessInfo("*","p0","i0",null, "UNMATCH", null,"W0","l0").getGrant());
}
@Test
@@ -277,8 +277,8 @@ public void testGroups() {
GSUser u2 = createUser("u2", g2);
List rules = new ArrayList<>();
- rules.add(new Rule(rules.size()+10, null, "p1", null, null, "s1", "r1", "w1", "l1", GrantType.ALLOW));
- rules.add(new Rule(rules.size()+10, null, "p1", null, null, null, null, null, null, GrantType.DENY));
+ rules.add(new Rule(rules.size()+10, null, "p1", null, null, "s1", "r1", null, "w1", "l1", GrantType.ALLOW));
+ rules.add(new Rule(rules.size()+10, null, "p1", null, null, null, null, null, null, null, GrantType.DENY));
for (Rule rule : rules) {
ruleAdminService.insert(rule);
@@ -324,8 +324,8 @@ public void testGroupOrder01() throws UnknownHostException {
GSUser u2 = createUser("u2", g2);
List rules = new ArrayList();
- rules.add(new Rule(rules.size()+10, null, "p1", null,null, null, null, null, null, GrantType.ALLOW));
- rules.add(new Rule(rules.size()+10, null, "p2", null,null, null, null, null, null, GrantType.DENY));
+ rules.add(new Rule(rules.size()+10, null, "p1", null,null, null, null, null, null, null, GrantType.ALLOW));
+ rules.add(new Rule(rules.size()+10, null, "p2", null,null, null, null, null, null, null, GrantType.DENY));
for (Rule rule : rules) {
ruleAdminService.insert(rule);
@@ -360,8 +360,8 @@ public void testGroupOrder02() {
GSUser u2 = createUser("u2", g2);
List rules = new ArrayList();
- rules.add(new Rule(rules.size()+10, null, "p2", null,null, null, null, null, null, GrantType.DENY));
- rules.add(new Rule(rules.size()+10, null, "p1", null,null, null, null, null, null, GrantType.ALLOW));
+ rules.add(new Rule(rules.size()+10, null, "p2", null,null, null, null, null, null, null, GrantType.DENY));
+ rules.add(new Rule(rules.size()+10, null, "p1", null,null, null, null, null, null, null, GrantType.ALLOW));
for (Rule rule : rules) {
ruleAdminService.insert(rule);
@@ -432,7 +432,7 @@ public void testAttrib() throws NotFoundServiceEx {
ruleAdminService.setDetails(r1.getId(), d1);
}
{
- Rule r1 = new Rule(pri++, null, "g3", null,null, null, null, null, "l1", GrantType.ALLOW);
+ Rule r1 = new Rule(pri++, null, "g3", null,null, null, null, null, null, "l1", GrantType.ALLOW);
ruleAdminService.insert(r1);
LayerDetails d1 = new LayerDetails();
@@ -440,7 +440,7 @@ public void testAttrib() throws NotFoundServiceEx {
ruleAdminService.setDetails(r1.getId(), d1);
}
{
- Rule r1 = new Rule(pri++, null, "g4", null,null, null, null, null, "l1", GrantType.DENY);
+ Rule r1 = new Rule(pri++, null, "g4", null,null, null, null, null, null, "l1", GrantType.DENY);
ruleAdminService.insert(r1);
}
}
@@ -556,12 +556,12 @@ public void testNullAllowableStyles() throws NotFoundServiceEx {
// no details for first rule
{
- Rule r1 = new Rule(30, null, "g2", null,null, null, null, null, "l1", GrantType.ALLOW);
+ Rule r1 = new Rule(30, null, "g2", null,null, null, null, null, null, "l1", GrantType.ALLOW);
ruleAdminService.insert(r1);
}
// some allowed styles for second rule
{
- Rule r1 = new Rule(40, null, "g1", null,null, null, null, null, "l1", GrantType.ALLOW);
+ Rule r1 = new Rule(40, null, "g1", null,null, null, null, null, null, "l1", GrantType.ALLOW);
ruleAdminService.insert(r1);
LayerDetails d1 = new LayerDetails();
@@ -608,10 +608,10 @@ public void testIPAddress() {
IPAddressRange ip10 = new IPAddressRange("10.10.100.0/24");
IPAddressRange ip192 = new IPAddressRange("192.168.0.0/16");
- Rule r1 = new Rule(10, null, "g1", null,ip10, "s1", "r1", "w1", "l1", GrantType.ALLOW);
- Rule r2 = new Rule(20, null, "g2", null,ip10, "s1", "r2", "w2", "l2", GrantType.ALLOW);
- Rule r3 = new Rule(30, null, "g1", null,ip192, "s3", "r3", "w3", "l3", GrantType.ALLOW);
- Rule r4 = new Rule(40, null, "g1", null,null, null, null, null, null, GrantType.ALLOW);
+ Rule r1 = new Rule(10, null, "g1", null,ip10, "s1", "r1", null, "w1", "l1", GrantType.ALLOW);
+ Rule r2 = new Rule(20, null, "g2", null,ip10, "s1", "r2", null, "w2", "l2", GrantType.ALLOW);
+ Rule r3 = new Rule(30, null, "g1", null,ip192, "s3", "r3", null, "w3", "l3", GrantType.ALLOW);
+ Rule r4 = new Rule(40, null, "g1", null,null, null, null, null, null, null, GrantType.ALLOW);
ruleAdminService.insert(r1);
ruleAdminService.insert(r2);
@@ -620,20 +620,20 @@ public void testIPAddress() {
// test without address filtering
- assertEquals(4, ruleReaderService.getMatchingRules("*","*", "*", "*", "*", "*","*","*").size());
- assertEquals(3, ruleReaderService.getMatchingRules("*","g1","*", "*", "*", "*","*","*").size());
- assertEquals(1, ruleReaderService.getMatchingRules("*","g2","*", "*", "*", "*","*","*").size());
- assertEquals(2, ruleReaderService.getMatchingRules("*","g1","*", "*", "s1", "*","*","*").size());
- assertEquals(1, ruleReaderService.getMatchingRules("*","*", "*", "*", "ZZ", "*","*","*").size());
+ assertEquals(4, getMatchingRules("*","*", "*", "*", "*", "*","*","*").size());
+ assertEquals(3, getMatchingRules("*","g1","*", "*", "*", "*","*","*").size());
+ assertEquals(1, getMatchingRules("*","g2","*", "*", "*", "*","*","*").size());
+ assertEquals(2, getMatchingRules("*","g1","*", "*", "s1", "*","*","*").size());
+ assertEquals(1, getMatchingRules("*","*", "*", "*", "ZZ", "*","*","*").size());
// test with address filtering
- assertEquals(3, ruleReaderService.getMatchingRules("*","*", "*", "10.10.100.4", "*", "*","*","*").size());
- assertEquals(2, ruleReaderService.getMatchingRules("*","g1","*", "10.10.100.4", "*", "*","*","*").size());
- assertEquals(1, ruleReaderService.getMatchingRules("*","*", "*", "10.10.1.4", "*", "*","*","*").size());
- assertEquals(2, ruleReaderService.getMatchingRules("*","*", "*", "192.168.1.1", "*", "*","*","*").size());
- assertEquals(1, ruleReaderService.getMatchingRules("*","*", "*", null, "*", "*","*","*").size());
+ assertEquals(3, getMatchingRules("*","*", "*", "10.10.100.4", "*", "*","*","*").size());
+ assertEquals(2, getMatchingRules("*","g1","*", "10.10.100.4", "*", "*","*","*").size());
+ assertEquals(1, getMatchingRules("*","*", "*", "10.10.1.4", "*", "*","*","*").size());
+ assertEquals(2, getMatchingRules("*","*", "*", "192.168.1.1", "*", "*","*","*").size());
+ assertEquals(1, getMatchingRules("*","*", "*", null, "*", "*","*","*").size());
- assertEquals(0, ruleReaderService.getMatchingRules("*","*","*","BAD", "*", "*","*","*").size());
+ assertEquals(0, getMatchingRules("*","*","*","BAD", "*", "*","*","*").size());
}
@Test
@@ -669,12 +669,12 @@ public void testGetRulesForUserOnly() {
userAdminService.insert(user2);
userAdminService.insert(user3);
- ruleAdminService.insert(new Rule(10, u1, "g1", null, null, "s1", "r1", "w1", "l1", GrantType.ALLOW));
- ruleAdminService.insert(new Rule(20, u2, "g2", null, null, "s1", "r2", "w2", "l2", GrantType.ALLOW));
- ruleAdminService.insert(new Rule(30, u1, "g1", null, null, "s3", "r3", "w3", "l3", GrantType.ALLOW));
- ruleAdminService.insert(new Rule(40, u1, "g1", null, null, null, null, null, null, GrantType.ALLOW));
- ruleAdminService.insert(new Rule(50, null, "g3a", null,null, null, null, null, null, GrantType.ALLOW));
- ruleAdminService.insert(new Rule(60, null, "g3b", null,null, null, null, null, null, GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(10, u1, "g1", null, null, "s1", "r1", null, "w1", "l1", GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(20, u2, "g2", null, null, "s1", "r2", null, "w2", "l2", GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(30, u1, "g1", null, null, "s3", "r3", null, "w3", "l3", GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(40, u1, "g1", null, null, null, null, null, null, null, GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(50, null, "g3a", null,null, null, null, null, null, null, GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(60, null, "g3b", null,null, null, null, null, null, null, GrantType.ALLOW));
filter = createFilter(u1, null, null);
assertEquals(3, ruleReaderService.getMatchingRules(filter).size());
@@ -695,7 +695,7 @@ public void testAdminRules() {
GSUser user = createUser("auth00");
- ruleAdminService.insert(new Rule(10, user.getName(), null, null, null, "s1", "r1", "w1", "l1", GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(10, user.getName(), null, null, null, "s1", "r1", null, "w1", "l1", GrantType.ALLOW));
RuleFilter filter = new RuleFilter(SpecialFilterType.ANY, true);
filter.setWorkspace("w1");
@@ -754,19 +754,19 @@ public void testMultiRoles() {
userAdminService.insert(user2);
userAdminService.insert(user12);
- ruleAdminService.insert(new Rule(10, u1, "p1", null, null, "s1", "r1", "w1", "l1", GrantType.ALLOW));
- ruleAdminService.insert(new Rule(20, u2, "p2", null, null, "s1", "r2", "w2", "l2", GrantType.ALLOW));
- ruleAdminService.insert(new Rule(30, u1, null, null, null, null, null, null, null, GrantType.ALLOW));
- ruleAdminService.insert(new Rule(40, u2, null, null, null, null, null, null, null, GrantType.ALLOW));
- ruleAdminService.insert(new Rule(50, u3, null, null, null, null, null, null, null, GrantType.ALLOW));
- ruleAdminService.insert(new Rule(51, u3, "p1", null, null, null, null, null, null, GrantType.ALLOW));
- ruleAdminService.insert(new Rule(52, u3, "p2", null, null, null, null, null, null, GrantType.ALLOW));
- ruleAdminService.insert(new Rule(60, null,"p1", null, null, null, null, null, null, GrantType.ALLOW));
- ruleAdminService.insert(new Rule(70, null,"p2", null, null, null, null, null, null, GrantType.ALLOW));
- ruleAdminService.insert(new Rule(80, null,"p3", null, null, null, null, null, null, GrantType.ALLOW));
- ruleAdminService.insert(new Rule(901, u1, "p2", null, null, null, null, null, null, GrantType.ALLOW));
- ruleAdminService.insert(new Rule(902, u2, "p1", null, null, null, null, null, null, GrantType.ALLOW));
- ruleAdminService.insert(new Rule(999, null, null, null, null, null, null, null, null, GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(10, u1, "p1", null, null, "s1", "r1", null, "w1", "l1", GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(20, u2, "p2", null, null, "s1", "r2", null, "w2", "l2", GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(30, u1, null, null, null, null, null, null, null, null, GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(40, u2, null, null, null, null, null, null, null, null, GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(50, u3, null, null, null, null, null, null, null, null, GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(51, u3, "p1", null, null, null, null, null, null, null, GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(52, u3, "p2", null, null, null, null, null, null, null, GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(60, null, "p1", null, null, null, null, null, null, null, GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(70, null, "p2", null, null, null, null, null, null, null, GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(80, null, "p3", null, null, null, null, null, null, null, GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(901, u1, "p2", null, null, null, null, null, null, null, GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(902, u2, "p1", null, null, null, null, null, null, null, GrantType.ALLOW));
+ ruleAdminService.insert(new Rule(999, null, null, null, null, null, null, null, null, null, GrantType.ALLOW));
assertRules(createFilter("*", "*"), new Integer[]{10,20,30,40,50,51,52,60,70,80,901,902,999});
@@ -814,7 +814,7 @@ public void testMultiRoles() {
private RuleFilter createFilter(String userName, String groupName) {
- return new RuleFilter(userName, groupName, "*", "*", "*", "*", "*", "*");
+ return new RuleFilter(userName, groupName, "*", "*", "*", "*", "*", "*", "*");
}
private void assertRules(RuleFilter filter, Integer[] expectedPriorities) {
@@ -829,5 +829,25 @@ private void assertRules(RuleFilter filter, Integer[] expectedPriorities) {
.collect(Collectors.toSet());
assertEquals("Bad rule set selected for filter " + origFilter, exp, pri);
}
+
+ private List getMatchingRules(
+ String userName, String profileName, String instanceName,
+ String sourceAddress,
+ String service, String request,
+ String workspace, String layer) {
+
+ return ruleReaderService.getMatchingRules(
+ new RuleFilter(userName, profileName, instanceName, sourceAddress,
+ service, request, null, workspace, layer));
+ }
+
+ private AccessInfo getAccessInfo(String userName, String roleName, String instanceName,
+ String sourceAddress,
+ String service, String request,
+ String workspace, String layer) {
+ return ruleReaderService.getAccessInfo(
+ new RuleFilter(userName, roleName, instanceName, sourceAddress,
+ service, request, null, workspace, layer));
+ }
}
diff --git a/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/RESTRuleService.java b/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/RESTRuleService.java
index 2b2a1b89..85bdfeb6 100644
--- a/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/RESTRuleService.java
+++ b/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/RESTRuleService.java
@@ -80,6 +80,9 @@ RESTOutputRuleList get(
@QueryParam("request") String requestName,
@QueryParam("requestAny") Boolean requestAny,
+ @QueryParam("subfield") String subfieldName,
+ @QueryParam("subfieldAny") Boolean subfieldAny,
+
@QueryParam("workspace") String workspace,
@QueryParam("workspaceAny") Boolean workspaceAny,
@@ -105,6 +108,9 @@ long count(
@QueryParam("request") String requestName,
@QueryParam("requestAny") Boolean requestAny,
+
+ @QueryParam("subfield") String subfieldName,
+ @QueryParam("subfieldAny") Boolean subfieldAny,
@QueryParam("workspace") String workspace,
@QueryParam("workspaceAny") Boolean workspaceAny,
diff --git a/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/model/RESTInputRule.java b/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/model/RESTInputRule.java
index f30c5319..bb6d8ddb 100644
--- a/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/model/RESTInputRule.java
+++ b/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/model/RESTInputRule.java
@@ -18,7 +18,7 @@
* @author Etj (etj at geo-solutions.it)
*/
@XmlRootElement(name = "rule")
-@XmlType(name="Rule", propOrder={"position","grant","username","rolename","instance","ipaddress","service","request","workspace","layer","constraints"})
+@XmlType(name="Rule", propOrder={"position","grant","username","rolename","instance","ipaddress","service","request","subfield","workspace","layer","constraints"})
public class RESTInputRule extends AbstractRESTPayload {
private RESTRulePosition position;
@@ -33,6 +33,8 @@ public class RESTInputRule extends AbstractRESTPayload {
private String service;
private String request;
+ private String subfield;
+
private String workspace;
private String layer;
@@ -101,6 +103,14 @@ public void setRequest(String request) {
this.request = request;
}
+ public String getSubfield() {
+ return subfield;
+ }
+
+ public void setSubfield(String subfield) {
+ this.subfield = subfield;
+ }
+
public String getService() {
return service;
}
diff --git a/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/model/RESTOutputRule.java b/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/model/RESTOutputRule.java
index f4ef7b24..aa950673 100644
--- a/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/model/RESTOutputRule.java
+++ b/src/services/modules/rest/api/src/main/java/org/geoserver/geofence/services/rest/model/RESTOutputRule.java
@@ -20,7 +20,7 @@
* @author Etj (etj at geo-solutions.it)
*/
@XmlRootElement(name = "Rule")
-@XmlType(propOrder={"id", "priority","grant","username","rolename","instance","ipaddress","service","request","workspace","layer","constraints"})
+@XmlType(propOrder={"id", "priority","grant","username","rolename","instance","ipaddress","service","request","subfield","workspace","layer","constraints"})
public class RESTOutputRule implements Serializable {
private Long id;
@@ -35,6 +35,8 @@ public class RESTOutputRule implements Serializable {
private String service;
private String request;
+
+ private String subfield;
private String workspace;
private String layer;
@@ -104,6 +106,14 @@ public void setRequest(String request) {
this.request = request;
}
+ public String getSubfield() {
+ return subfield;
+ }
+
+ public void setSubfield(String subfield) {
+ this.subfield = subfield;
+ }
+
public String getService() {
return service;
}
@@ -172,6 +182,9 @@ public String toString() {
if (request != null) {
sb.append(" request:").append(request);
}
+ if (subfield != null) {
+ sb.append(" sub:").append(subfield);
+ }
if (workspace != null) {
sb.append(" workspace:").append(workspace);
}
diff --git a/src/services/modules/rest/client/src/main/java/org/geoserver/geofence/services/rest/RuleServiceHelper.java b/src/services/modules/rest/client/src/main/java/org/geoserver/geofence/services/rest/RuleServiceHelper.java
index 0737012f..325e41ee 100644
--- a/src/services/modules/rest/client/src/main/java/org/geoserver/geofence/services/rest/RuleServiceHelper.java
+++ b/src/services/modules/rest/client/src/main/java/org/geoserver/geofence/services/rest/RuleServiceHelper.java
@@ -22,19 +22,19 @@ public RuleServiceHelper(RESTRuleService ruleService) {
}
public long countAll() {
- return count(null, null, null, null, null, null, null);
+ return count(null, null, null, null, null, null, null, null);
}
public long count(RuleFilter ruleFilter) {
return count(
ruleFilter.getUser(), ruleFilter.getRole(), ruleFilter.getInstance(),
- ruleFilter.getService(), ruleFilter.getRequest(),
+ ruleFilter.getService(), ruleFilter.getRequest(), ruleFilter.getSubfield(),
ruleFilter.getWorkspace(), ruleFilter.getLayer());
}
public long count(RuleFilter.TextFilter userFilter, RuleFilter.TextFilter ruleFilter, RuleFilter.IdNameFilter instanceFilter,
- RuleFilter.TextFilter serviceFilter, RuleFilter.TextFilter requestFilter,
+ RuleFilter.TextFilter serviceFilter, RuleFilter.TextFilter requestFilter, RuleFilter.TextFilter subfieldFilter,
RuleFilter.TextFilter workspaceFilter, RuleFilter.TextFilter layerFilter) {
return ruleService.count(
@@ -43,6 +43,7 @@ public long count(RuleFilter.TextFilter userFilter, RuleFilter.TextFilter ruleFi
getFilterId(instanceFilter), getFilterName(instanceFilter), getFilterDefault(instanceFilter),
getFilterName(serviceFilter), getFilterDefault(serviceFilter),
getFilterName(requestFilter), getFilterDefault(requestFilter),
+ getFilterName(subfieldFilter), getFilterDefault(subfieldFilter),
getFilterName(workspaceFilter), getFilterDefault(workspaceFilter),
getFilterName(layerFilter), getFilterDefault(layerFilter));
}
@@ -81,21 +82,21 @@ private static Boolean getFilterDefault(RuleFilter.TextFilter filter) {
}
public RESTOutputRuleList getAll() {
- return get(null, null, false, null, null, null, null, null, null, null);
+ return get(null, null, false, null, null, null, null, null, null, null, null);
}
public RESTOutputRuleList get(Integer page, Integer entries, boolean full, RuleFilter ruleFilter) {
return get(
page, entries, full,
ruleFilter.getUser(), ruleFilter.getRole(), ruleFilter.getInstance(),
- ruleFilter.getService(), ruleFilter.getRequest(),
+ ruleFilter.getService(), ruleFilter.getRequest(), ruleFilter.getSubfield(),
ruleFilter.getWorkspace(), ruleFilter.getLayer());
}
public RESTOutputRuleList get(
Integer page, Integer entries, boolean full,
RuleFilter.TextFilter userFilter, RuleFilter.TextFilter ruleFilter, RuleFilter.IdNameFilter instanceFilter,
- RuleFilter.TextFilter serviceFilter, RuleFilter.TextFilter requestFilter,
+ RuleFilter.TextFilter serviceFilter, RuleFilter.TextFilter requestFilter, RuleFilter.TextFilter subfieldFilter,
RuleFilter.TextFilter workspaceFilter, RuleFilter.TextFilter layerFilter) {
return ruleService.get(page,entries,full,
@@ -104,6 +105,7 @@ public RESTOutputRuleList get(
getFilterId(instanceFilter), getFilterName(instanceFilter), getFilterDefault(instanceFilter),
getFilterName(serviceFilter), getFilterDefault(serviceFilter),
getFilterName(requestFilter), getFilterDefault(requestFilter),
+ getFilterName(subfieldFilter), getFilterDefault(subfieldFilter),
getFilterName(workspaceFilter), getFilterDefault(workspaceFilter),
getFilterName(layerFilter), getFilterDefault(layerFilter));
}
diff --git a/src/services/modules/rest/client/src/test/java/org/geoserver/geofence/services/rest/GeoFenceClientTest.java b/src/services/modules/rest/client/src/test/java/org/geoserver/geofence/services/rest/GeoFenceClientTest.java
index b4bf58e5..4292673b 100644
--- a/src/services/modules/rest/client/src/test/java/org/geoserver/geofence/services/rest/GeoFenceClientTest.java
+++ b/src/services/modules/rest/client/src/test/java/org/geoserver/geofence/services/rest/GeoFenceClientTest.java
@@ -192,8 +192,8 @@ public void testGroupsRule() {
LOGGER.debug("found rule " + rule);
}
- assertEquals(2, rsh.get(null, null, true, null, new RuleFilter.TextFilter("group01", false, false), null, null, null, null, null).getList().size());
- assertEquals(3, rsh.get(null, null, true, null, new RuleFilter.TextFilter("group01", false, true), null, null, null, null, null).getList().size());
+ assertEquals(2, rsh.get(null, null, true, null, new RuleFilter.TextFilter("group01", false, false), null, null, null, null, null, null).getList().size());
+ assertEquals(3, rsh.get(null, null, true, null, new RuleFilter.TextFilter("group01", false, true), null, null, null, null, null, null).getList().size());
}
@Test
diff --git a/src/services/modules/rest/impl/src/main/java/org/geoserver/geofence/services/rest/impl/RESTConfigServiceImpl.java b/src/services/modules/rest/impl/src/main/java/org/geoserver/geofence/services/rest/impl/RESTConfigServiceImpl.java
index daf53ce2..74e6ee40 100644
--- a/src/services/modules/rest/impl/src/main/java/org/geoserver/geofence/services/rest/impl/RESTConfigServiceImpl.java
+++ b/src/services/modules/rest/impl/src/main/java/org/geoserver/geofence/services/rest/impl/RESTConfigServiceImpl.java
@@ -151,6 +151,7 @@ protected RESTBatch collectRules(RESTBatch backup) {
input.setService(rule.getService());
input.setRequest(rule.getRequest());
+ input.setSubfield(rule.getSubfield());
input.setWorkspace(rule.getWorkspace());
input.setLayer(rule.getLayer());
diff --git a/src/services/modules/rest/impl/src/main/java/org/geoserver/geofence/services/rest/impl/RESTRuleServiceImpl.java b/src/services/modules/rest/impl/src/main/java/org/geoserver/geofence/services/rest/impl/RESTRuleServiceImpl.java
index ca5f237c..5b5c0c4d 100644
--- a/src/services/modules/rest/impl/src/main/java/org/geoserver/geofence/services/rest/impl/RESTRuleServiceImpl.java
+++ b/src/services/modules/rest/impl/src/main/java/org/geoserver/geofence/services/rest/impl/RESTRuleServiceImpl.java
@@ -165,6 +165,11 @@ public void update(Long id, RESTInputRule rule) throws BadRequestRestEx, NotFoun
isRuleUpdated = true;
}
+ if (rule.getSubfield() != null) {
+ old.setSubfield(rule.getSubfield().isEmpty() ? null : rule.getSubfield());
+ isRuleUpdated = true;
+ }
+
if (rule.getWorkspace() != null) {
old.setWorkspace(rule.getWorkspace().isEmpty() ? null : rule.getWorkspace());
isRuleUpdated = true;
@@ -195,8 +200,8 @@ public void update(Long id, RESTInputRule rule) throws BadRequestRestEx, NotFoun
if (constraintsNew.getAttributes() != null) {
isDetailUpdated = true; // this update is complex: pessimistic case: it has to be updated
- Set attrToRemove = new HashSet();
- Set attrToAdd = new HashSet();
+ Set attrToRemove = new HashSet<>();
+ Set attrToAdd = new HashSet<>();
// find attribute by name, then copy in new datatype and accesstype
// if not found, attribute has to be removed
@@ -367,6 +372,7 @@ public RESTOutputRuleList get(Integer page, Integer entries,
Long instanceId, String instanceName, Boolean instanceDefault,
String serviceName, Boolean serviceDefault,
String requestName, Boolean requestDefault,
+ String subfieldName, Boolean subfieldDefault,
String workspace, Boolean workspaceDefault,
String layer, Boolean layerDefault)
throws BadRequestRestEx, InternalErrorRestEx {
@@ -377,6 +383,7 @@ public RESTOutputRuleList get(Integer page, Integer entries,
instanceId, instanceName, instanceDefault,
serviceName, serviceDefault,
requestName, requestDefault,
+ subfieldName, subfieldDefault,
workspace, workspaceDefault,
layer, layerDefault);
@@ -395,6 +402,7 @@ protected RuleFilter buildFilter(
Long instanceId, String instanceName, Boolean instanceDefault,
String serviceName, Boolean serviceDefault,
String requestName, Boolean requestDefault,
+ String subfieldName, Boolean subfieldDefault,
String workspace, Boolean workspaceDefault,
String layer, Boolean layerDefault) throws BadRequestRestEx {
@@ -405,6 +413,7 @@ protected RuleFilter buildFilter(
setFilter(filter.getInstance(), instanceId, instanceName, instanceDefault);
setFilter(filter.getService(), serviceName, serviceDefault);
setFilter(filter.getRequest(), requestName, requestDefault);
+ setFilter(filter.getSubfield(), subfieldName, subfieldDefault);
setFilter(filter.getWorkspace(), workspace, workspaceDefault);
setFilter(filter.getLayer(), layer, layerDefault);
return filter;
@@ -458,6 +467,7 @@ public long count(
Long instanceId, String instanceName, Boolean instanceDefault,
String serviceName, Boolean serviceDefault,
String requestName, Boolean requestDefault,
+ String subfieldName, Boolean subfieldDefault,
String workspace, Boolean workspaceDefault,
String layer, Boolean layerDefault)
throws BadRequestRestEx, InternalErrorRestEx {
@@ -468,6 +478,7 @@ public long count(
instanceId, instanceName, instanceDefault,
serviceName, serviceDefault,
requestName, requestDefault,
+ subfieldName, subfieldDefault,
workspace, workspaceDefault,
layer, layerDefault);
@@ -549,6 +560,7 @@ protected RESTOutputRule toOutput(Rule rule) {
out.setService(rule.getService());
out.setRequest(rule.getRequest());
+ out.setSubfield(rule.getSubfield());
out.setWorkspace(rule.getWorkspace());
out.setLayer(rule.getLayer());
@@ -602,6 +614,7 @@ protected Rule fromInput(RESTInputRule in) {
rule.setService(in.getService());
rule.setRequest(in.getRequest());
+ rule.setSubfield(in.getSubfield());
rule.setWorkspace(in.getWorkspace());
rule.setLayer(in.getLayer());
diff --git a/src/services/modules/rest/impl/src/test/java/org/geoserver/geofence/services/rest/impl/RESTBaseTest.java b/src/services/modules/rest/impl/src/test/java/org/geoserver/geofence/services/rest/impl/RESTBaseTest.java
index 53bb3590..d8e031fd 100644
--- a/src/services/modules/rest/impl/src/test/java/org/geoserver/geofence/services/rest/impl/RESTBaseTest.java
+++ b/src/services/modules/rest/impl/src/test/java/org/geoserver/geofence/services/rest/impl/RESTBaseTest.java
@@ -81,7 +81,7 @@ public void before() throws Exception {
LOGGER.info("============================== TEST " + name.getMethodName());
LOGGER.info("");
- RESTOutputRuleList rules = restRuleService.get(null, null, false, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null);
+ RESTOutputRuleList rules = restRuleService.get(null, null, false, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null);
for (RESTOutputRule rule : rules) {
LOGGER.warn("Removing " + rule);
restRuleService.delete(rule.getId());