X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;ds=sidebyside;f=security%2Fruntime%2Forg.argeo.security.core%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fcore%2FDefaultSecurityService.java;h=68f97d4a069e3eaa73257d943da72913ea5bf24d;hb=977a7a352131b082a98739f15e421f2bff747567;hp=28f399f5a240078f2d8ef4531926cab390380909;hpb=490d9907457c43acfa965e7979ce5974bc1ba6ca;p=lgpl%2Fargeo-commons.git
diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java
index 28f399f5a..68f97d4a0 100644
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java
@@ -16,12 +16,15 @@
package org.argeo.security.core;
-import org.argeo.ArgeoException;
+import java.util.Iterator;
+import java.util.Set;
+
import org.argeo.security.ArgeoSecurity;
import org.argeo.security.ArgeoSecurityDao;
import org.argeo.security.ArgeoSecurityService;
import org.argeo.security.ArgeoUser;
import org.argeo.security.SimpleArgeoUser;
+import org.argeo.security.UserAdminService;
import org.springframework.core.task.SimpleAsyncTaskExecutor;
import org.springframework.core.task.TaskExecutor;
import org.springframework.security.Authentication;
@@ -29,7 +32,8 @@ import org.springframework.security.AuthenticationManager;
import org.springframework.security.context.SecurityContext;
import org.springframework.security.context.SecurityContextHolder;
-public class DefaultSecurityService implements ArgeoSecurityService {
+public class DefaultSecurityService extends DefaultCurrentUserService implements
+ UserAdminService, ArgeoSecurityService {
private ArgeoSecurity argeoSecurity = new DefaultArgeoSecurity();
private ArgeoSecurityDao securityDao;
private AuthenticationManager authenticationManager;
@@ -45,34 +49,56 @@ public class DefaultSecurityService implements ArgeoSecurityService {
}
public void updateUserPassword(String username, String password) {
- SimpleArgeoUser user = new SimpleArgeoUser(securityDao
- .getUser(username));
- user.setPassword(password);
- securityDao.update(user);
- }
-
- public void updateCurrentUserPassword(String oldPassword, String newPassword) {
- SimpleArgeoUser user = new SimpleArgeoUser(securityDao.getCurrentUser());
- if (!user.getPassword().equals(oldPassword))
- throw new ArgeoException("Old password is not correct.");
- user.setPassword(newPassword);
- securityDao.update(user);
+ SimpleArgeoUser user = new SimpleArgeoUser(
+ securityDao.getUser(username));
+ user.setPassword(encodePassword(password));
+ securityDao.updateUser(user);
}
public void newUser(ArgeoUser user) {
- user.getUserNatures().clear();
argeoSecurity.beforeCreate(user);
- securityDao.create(user);
+ // normalize password
+ if (user instanceof SimpleArgeoUser) {
+ if (user.getPassword() == null || user.getPassword().equals(""))
+ ((SimpleArgeoUser) user).setPassword(encodePassword(user
+ .getUsername()));
+ else if (!user.getPassword().startsWith("{"))
+ ((SimpleArgeoUser) user).setPassword(encodePassword(user
+ .getPassword()));
+ }
+ securityDao.createUser(user);
+ }
+
+ public ArgeoUser getUser(String username) {
+ return securityDao.getUser(username);
+ }
+
+ public Boolean userExists(String username) {
+ return securityDao.userExists(username);
}
public void updateUser(ArgeoUser user) {
- String password = securityDao.getUserWithPassword(user.getUsername())
- .getPassword();
+ String password = user.getPassword();
+ if (password == null)
+ password = securityDao.getUserWithPassword(user.getUsername())
+ .getPassword();
+ if (!password.startsWith("{"))
+ password = encodePassword(user.getPassword());
SimpleArgeoUser simpleArgeoUser = new SimpleArgeoUser(user);
simpleArgeoUser.setPassword(password);
- securityDao.update(simpleArgeoUser);
+ securityDao.updateUser(simpleArgeoUser);
+ }
+
+ public void deleteUser(String username) {
+ securityDao.deleteUser(username);
+
}
+ public void deleteRole(String role) {
+ securityDao.deleteRole(role);
+ }
+
+ @Deprecated
public TaskExecutor createSystemAuthenticatedTaskExecutor() {
return new SimpleAsyncTaskExecutor() {
private static final long serialVersionUID = -8126773862193265020L;
@@ -90,6 +116,7 @@ public class DefaultSecurityService implements ArgeoSecurityService {
* Wraps another runnable, adding security context
* TODO: secure the call to this method with Java Security
*/
+ @Deprecated
public Runnable wrapWithSystemAuthentication(final Runnable runnable) {
return new Runnable() {
@@ -106,12 +133,35 @@ public class DefaultSecurityService implements ArgeoSecurityService {
};
}
+ public Set listUsersInRole(String role) {
+ Set lst = securityDao.listUsersInRole(role);
+ Iterator it = lst.iterator();
+ while (it.hasNext()) {
+ if (it.next().getUsername()
+ .equals(argeoSecurity.getSuperUsername())) {
+ it.remove();
+ break;
+ }
+ }
+ return lst;
+ }
+
+ public Set listUsers() {
+ return securityDao.listUsers();
+ }
+
+ public Set listEditableRoles() {
+ // TODO Auto-generated method stub
+ return securityDao.listEditableRoles();
+ }
+
public void setArgeoSecurity(ArgeoSecurity argeoSecurity) {
this.argeoSecurity = argeoSecurity;
}
public void setSecurityDao(ArgeoSecurityDao dao) {
this.securityDao = dao;
+ setCurrentUserDao(dao);
}
public void setAuthenticationManager(
@@ -122,5 +172,4 @@ public class DefaultSecurityService implements ArgeoSecurityService {
public void setSystemAuthenticationKey(String systemAuthenticationKey) {
this.systemAuthenticationKey = systemAuthenticationKey;
}
-
}