X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.core%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fcore%2FArgeoUserDetails.java;h=1785357d589a253af76012de5ca29fc11a03fe97;hb=dc6f911c680574a9b57c34dcf515ac8f9aa808da;hp=1f82ee949ae639ac837a95472f1227f1de90b3d7;hpb=62a87e0195f69747aa5168ebecfebd8626442ba8;p=lgpl%2Fargeo-commons.git

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java
index 1f82ee949..1785357d5 100644
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java
@@ -1,39 +1,130 @@
+/*
+ * Copyright (C) 2010 Mathieu Baudier <mbaudier@argeo.org>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *         http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package org.argeo.security.core;
 
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
+import java.util.Map;
 
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
 import org.argeo.security.ArgeoUser;
+import org.argeo.security.SimpleArgeoUser;
 import org.argeo.security.UserNature;
+import org.argeo.security.nature.SimpleUserNature;
+import org.springframework.security.Authentication;
 import org.springframework.security.GrantedAuthority;
+import org.springframework.security.GrantedAuthorityImpl;
+import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.userdetails.User;
+import org.springframework.security.userdetails.UserDetails;
 
 public class ArgeoUserDetails extends User implements ArgeoUser {
 	private static final long serialVersionUID = 1L;
+	private final static Log log = LogFactory.getLog(ArgeoUserDetails.class);
 
-	private final List<UserNature> userNatures;
+	private final Map<String, UserNature> userNatures;
 	private final List<String> roles;
 
-	public ArgeoUserDetails(String username, List<UserNature> userNatures,
-			String password, GrantedAuthority[] authorities)
-			throws IllegalArgumentException {
+	public ArgeoUserDetails(String username,
+			Map<String, UserNature> userNatures, String password,
+			GrantedAuthority[] authorities) throws IllegalArgumentException {
 		super(username, password, true, true, true, true, authorities);
-		this.userNatures = Collections.unmodifiableList(userNatures);
-		
+		this.userNatures = Collections.unmodifiableMap(userNatures);
+
 		// Roles
-		List<String> roles = new ArrayList<String>();
-		for (GrantedAuthority authority : getAuthorities()) {
-			roles.add(authority.getAuthority());
-		}
-		this.roles = Collections.unmodifiableList(roles);
+		this.roles = Collections.unmodifiableList(addAuthoritiesToRoles(
+				getAuthorities(), new ArrayList<String>()));
 	}
 
-	public List<UserNature> getUserNatures() {
+	public ArgeoUserDetails(ArgeoUser argeoUser) {
+		this(argeoUser.getUsername(), argeoUser.getUserNatures(), argeoUser
+				.getPassword(), rolesToAuthorities(argeoUser.getRoles()));
+	}
+
+	public Map<String, UserNature> getUserNatures() {
 		return userNatures;
 	}
 
+	public void updateUserNatures(Map<String, UserNature> userNaturesData) {
+		SimpleArgeoUser
+				.updateUserNaturesWithCheck(userNatures, userNaturesData);
+	}
+
 	public List<String> getRoles() {
 		return roles;
 	}
+
+	/** The provided list, for chaining using {@link Collections} */
+	public static List<String> addAuthoritiesToRoles(
+			GrantedAuthority[] authorities, List<String> roles) {
+		for (GrantedAuthority authority : authorities) {
+			roles.add(authority.getAuthority());
+		}
+		return roles;
+	}
+
+	public static GrantedAuthority[] rolesToAuthorities(List<String> roles) {
+		GrantedAuthority[] arr = new GrantedAuthority[roles.size()];
+		for (int i = 0; i < roles.size(); i++) {
+			String role = roles.get(i);
+			if (log.isTraceEnabled())
+				log.debug("Convert role " + role + " to authority (i=" + i
+						+ ")");
+			arr[i] = new GrantedAuthorityImpl(role);
+		}
+		return arr;
+	}
+
+	public static SimpleArgeoUser createSimpleArgeoUser(UserDetails userDetails) {
+		if (userDetails instanceof ArgeoUser) {
+			return new SimpleArgeoUser((ArgeoUser) userDetails);
+		} else {
+			SimpleArgeoUser argeoUser = new SimpleArgeoUser();
+			argeoUser.setUsername(userDetails.getUsername());
+			addAuthoritiesToRoles(userDetails.getAuthorities(),
+					argeoUser.getRoles());
+			return argeoUser;
+		}
+	}
+
+	/** Creates an argeo user based on spring authentication */
+	public static ArgeoUser asArgeoUser(Authentication authentication) {
+		if (authentication == null)
+			return null;
+
+		if (authentication.getPrincipal() instanceof ArgeoUser) {
+			return new SimpleArgeoUser(
+					(ArgeoUser) authentication.getPrincipal());
+		} else {
+			SimpleArgeoUser argeoUser = new SimpleArgeoUser();
+			argeoUser.setUsername(authentication.getName());
+			addAuthoritiesToRoles(authentication.getAuthorities(),
+					argeoUser.getRoles());
+			return argeoUser;
+		}
+	}
+
+	/** The Spring security context as an argeo user */
+	public static ArgeoUser securityContextUser() {
+		Authentication authentication = SecurityContextHolder.getContext()
+				.getAuthentication();
+		ArgeoUser argeoUser = ArgeoUserDetails.asArgeoUser(authentication);
+		return argeoUser;
+	}
 }