X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;ds=sidebyside;f=security%2Fruntime%2Forg.argeo.security.core%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fcore%2FDefaultSecurityService.java;h=e005e1ad4fac8bcb794417a56322c25381141078;hb=136dab5338b5f731b285d17c804861bd5e5a9b5c;hp=a4dd7a2029c6b0410dff75164186426b607c6a09;hpb=aa401dce8ba1ba5fecd386d857937354682537fa;p=lgpl%2Fargeo-commons.git diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java index a4dd7a202..e005e1ad4 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java @@ -1,11 +1,32 @@ +/* + * Copyright (C) 2010 Mathieu Baudier + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + package org.argeo.security.core; +import java.util.Iterator; +import java.util.Map; +import java.util.Set; + import org.argeo.ArgeoException; import org.argeo.security.ArgeoSecurity; import org.argeo.security.ArgeoSecurityDao; import org.argeo.security.ArgeoSecurityService; import org.argeo.security.ArgeoUser; import org.argeo.security.SimpleArgeoUser; +import org.argeo.security.UserNature; import org.springframework.core.task.SimpleAsyncTaskExecutor; import org.springframework.core.task.TaskExecutor; import org.springframework.security.Authentication; @@ -20,6 +41,15 @@ public class DefaultSecurityService implements ArgeoSecurityService { private String systemAuthenticationKey; + public ArgeoUser getCurrentUser() { + ArgeoUser argeoUser = ArgeoUserDetails.securityContextUser(); + if (argeoUser == null) + return null; + if (argeoUser.getRoles().contains(securityDao.getDefaultRole())) + argeoUser.getRoles().remove(securityDao.getDefaultRole()); + return argeoUser; + } + public ArgeoSecurityDao getSecurityDao() { return securityDao; } @@ -29,32 +59,61 @@ public class DefaultSecurityService implements ArgeoSecurityService { } public void updateUserPassword(String username, String password) { - SimpleArgeoUser user = new SimpleArgeoUser(securityDao - .getUser(username)); - user.setPassword(password); - securityDao.update(user); + SimpleArgeoUser user = new SimpleArgeoUser( + securityDao.getUser(username)); + user.setPassword(securityDao.encodePassword(password)); + securityDao.updateUser(user); } public void updateCurrentUserPassword(String oldPassword, String newPassword) { - SimpleArgeoUser user = new SimpleArgeoUser(securityDao.getCurrentUser()); - if (!user.getPassword().equals(oldPassword)) + SimpleArgeoUser user = new SimpleArgeoUser(getCurrentUser()); + if (!securityDao.isPasswordValid(user.getPassword(), oldPassword)) throw new ArgeoException("Old password is not correct."); - user.setPassword(newPassword); - securityDao.update(user); + user.setPassword(securityDao.encodePassword(newPassword)); + securityDao.updateUser(user); } public void newUser(ArgeoUser user) { - user.getUserNatures().clear(); argeoSecurity.beforeCreate(user); - securityDao.create(user); + // normalize password + if (user instanceof SimpleArgeoUser) { + if (user.getPassword() == null || user.getPassword().equals("")) + ((SimpleArgeoUser) user).setPassword(securityDao + .encodePassword(user.getUsername())); + else if (!user.getPassword().startsWith("{")) + ((SimpleArgeoUser) user).setPassword(securityDao + .encodePassword(user.getPassword())); + } + securityDao.createUser(user); + } + + public ArgeoUser getUser(String username) { + return securityDao.getUser(username); + } + + public Boolean userExists(String username) { + return securityDao.userExists(username); } public void updateUser(ArgeoUser user) { - String password = securityDao.getUserWithPassword(user.getUsername()) - .getPassword(); + String password = user.getPassword(); + if (password == null) + password = securityDao.getUserWithPassword(user.getUsername()) + .getPassword(); + if (!password.startsWith("{")) + password = securityDao.encodePassword(user.getPassword()); SimpleArgeoUser simpleArgeoUser = new SimpleArgeoUser(user); simpleArgeoUser.setPassword(password); - securityDao.update(simpleArgeoUser); + securityDao.updateUser(simpleArgeoUser); + } + + public void deleteUser(String username) { + securityDao.deleteUser(username); + + } + + public void deleteRole(String role) { + securityDao.deleteRole(role); } public TaskExecutor createSystemAuthenticatedTaskExecutor() { @@ -90,6 +149,33 @@ public class DefaultSecurityService implements ArgeoSecurityService { }; } + public Set listUsersInRole(String role) { + Set lst = securityDao.listUsersInRole(role); + Iterator it = lst.iterator(); + while (it.hasNext()) { + if (it.next().getUsername() + .equals(argeoSecurity.getSuperUsername())) { + it.remove(); + break; + } + } + return lst; + } + + public void updateCurrentUserNatures(Map userNatures) { + // TODO Auto-generated method stub + + } + + public Set listUsers() { + return securityDao.listUsers(); + } + + public Set listEditableRoles() { + // TODO Auto-generated method stub + return securityDao.listEditableRoles(); + } + public void setArgeoSecurity(ArgeoSecurity argeoSecurity) { this.argeoSecurity = argeoSecurity; } @@ -106,5 +192,4 @@ public class DefaultSecurityService implements ArgeoSecurityService { public void setSystemAuthenticationKey(String systemAuthenticationKey) { this.systemAuthenticationKey = systemAuthenticationKey; } - }