From fb4f7c451ea7d9025f7cf7fe032020f229df794a Mon Sep 17 00:00:00 2001 From: Mathieu Baudier Date: Wed, 23 Mar 2011 22:24:22 +0000 Subject: [PATCH] Remove old interfaces git-svn-id: https://svn.argeo.org/commons/trunk@4355 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc --- .../META-INF/MANIFEST.MF | 2 - .../META-INF/spring/ldap-osgi.xml | 13 +- .../META-INF/spring/ldap.xml | 5 +- .../META-INF/spring/natures-osgi.xml | 17 -- .../META-INF/spring/osgi.xml | 7 - .../META-INF/spring/services.xml | 4 - .../security/equinox/SpringLoginModule.java | 4 +- .../META-INF/spring/commands.xml | 10 +- .../META-INF/spring/common.xml | 2 +- .../META-INF/spring/editors.xml | 2 +- .../META-INF/spring/osgi.xml | 3 - .../META-INF/spring/views.xml | 4 +- .../org.argeo.security.ui.admin/plugin.xml | 6 +- .../security/ui/admin/commands/AddRole.java | 1 - .../security/ui/admin/commands/NewUser.java | 12 +- .../ui/admin/commands/RefreshUsersList.java | 7 + .../ui/admin/editors/ArgeoUserEditor.java | 27 +--- .../admin/editors/ArgeoUserEditorInput.java | 26 ---- .../security/ui/admin/views/RolesView.java | 54 ------- .../security/ui/admin/views/UsersView.java | 44 +----- .../admin/wizards/MainUserInfoWizardPage.java | 13 +- .../ui/admin/wizards/NewUserWizard.java | 16 +- .../ui/rap/SecureActionBarAdvisor.java | 29 ++-- .../ui/dialogs/DefaultLoginDialog.java | 34 ++-- .../argeo/security/AbstractUserNature.java | 38 ----- .../org/argeo/security/ArgeoSecurityDao.java | 26 ---- .../argeo/security/ArgeoSecurityService.java | 27 ---- .../java/org/argeo/security/ArgeoUser.java | 36 ----- .../org/argeo/security/CurrentUserDao.java | 29 ---- .../argeo/security/CurrentUserService.java | 14 -- .../org/argeo/security/SimpleArgeoUser.java | 131 ---------------- .../java/org/argeo/security/UserAdminDao.java | 23 +-- .../org/argeo/security/UserAdminService.java | 23 +-- .../java/org/argeo/security/UserNature.java | 30 ---- .../argeo/security/core/ArgeoUserDetails.java | 130 ---------------- .../core/DefaultCurrentUserService.java | 54 ------- .../core/DefaultUserAdminService.java | 123 --------------- .../argeo/security/jcr/CurrentUserDaoJcr.java | 21 --- .../security/jcr/CurrentUserServiceJcr.java | 57 ------- .../org/argeo/security/jcr/JcrArgeoUser.java | 79 ---------- .../argeo/security/jcr/JcrUserDetails.java | 43 ------ .../argeo/security/nature/CoworkerNature.java | 42 ----- .../nature/InfrastructureUserNature.java | 67 -------- .../security/nature/PosixAccountNature.java | 45 ------ .../security/nature/SimpleUserNature.java | 102 ------------ .../security/jackrabbit/ArgeoLoginModule.java | 2 +- .../ldap/ArgeoLdapUserDetailsManager.java | 63 +++++++- .../security/ldap/ArgeoSecurityDaoLdap.java | 146 ++---------------- .../ldap/ArgeoUserDetailsContextMapper.java | 82 ---------- .../argeo/security/ldap/UserNatureMapper.java | 32 ---- .../ldap/nature/CoworkerUserNatureMapper.java | 59 ------- .../ldap/nature/SimpleUserNatureMapper.java | 57 ------- security/runtime/pom.xml | 4 +- .../src/main/java/org/argeo/jcr/JcrUtils.java | 25 ++- 54 files changed, 189 insertions(+), 1763 deletions(-) delete mode 100644 security/modules/org.argeo.security.dao.ldap/META-INF/spring/natures-osgi.xml delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/AbstractUserNature.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityDao.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityService.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoUser.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/CurrentUserDao.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/CurrentUserService.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/SimpleArgeoUser.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserNature.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultCurrentUserService.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultUserAdminService.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/CurrentUserDaoJcr.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/CurrentUserServiceJcr.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/JcrArgeoUser.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/CoworkerNature.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/InfrastructureUserNature.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/PosixAccountNature.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/SimpleUserNature.java delete mode 100644 security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/ArgeoUserDetailsContextMapper.java delete mode 100644 security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/UserNatureMapper.java delete mode 100644 security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/nature/CoworkerUserNatureMapper.java delete mode 100644 security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/nature/SimpleUserNatureMapper.java diff --git a/security/modules/org.argeo.security.dao.ldap/META-INF/MANIFEST.MF b/security/modules/org.argeo.security.dao.ldap/META-INF/MANIFEST.MF index 60bdd8210..320dd7ab4 100644 --- a/security/modules/org.argeo.security.dao.ldap/META-INF/MANIFEST.MF +++ b/security/modules/org.argeo.security.dao.ldap/META-INF/MANIFEST.MF @@ -7,8 +7,6 @@ Import-Package: com.sun.jndi.ldap;resolution:=optional, org.argeo.security.jcr, org.argeo.security.ldap, org.argeo.security.ldap.jcr, - org.argeo.security.ldap.nature, - org.argeo.security.nature, org.springframework.beans.factory.config, org.springframework.ldap.core.support, org.springframework.security, diff --git a/security/modules/org.argeo.security.dao.ldap/META-INF/spring/ldap-osgi.xml b/security/modules/org.argeo.security.dao.ldap/META-INF/spring/ldap-osgi.xml index d0ad0eca9..1d1de4b15 100644 --- a/security/modules/org.argeo.security.dao.ldap/META-INF/spring/ldap-osgi.xml +++ b/security/modules/org.argeo.security.dao.ldap/META-INF/spring/ldap-osgi.xml @@ -7,13 +7,6 @@ http://www.springframework.org/schema/beans/spring-beans-2.5.xsd"> - - - - - - - @@ -23,14 +16,12 @@ interface="org.springframework.security.providers.AuthenticationProvider" context-class-loader="service-provider" /> - - + \ No newline at end of file diff --git a/security/modules/org.argeo.security.dao.ldap/META-INF/spring/ldap.xml b/security/modules/org.argeo.security.dao.ldap/META-INF/spring/ldap.xml index 3891077e0..33dc554a8 100644 --- a/security/modules/org.argeo.security.dao.ldap/META-INF/spring/ldap.xml +++ b/security/modules/org.argeo.security.dao.ldap/META-INF/spring/ldap.xml @@ -58,7 +58,7 @@ - + @@ -73,9 +73,7 @@ - - + diff --git a/security/modules/org.argeo.security.dao.ldap/META-INF/spring/natures-osgi.xml b/security/modules/org.argeo.security.dao.ldap/META-INF/spring/natures-osgi.xml deleted file mode 100644 index 6f7c1e5cb..000000000 --- a/security/modules/org.argeo.security.dao.ldap/META-INF/spring/natures-osgi.xml +++ /dev/null @@ -1,17 +0,0 @@ - - - - - - - - - - - - \ No newline at end of file diff --git a/security/modules/org.argeo.security.services/META-INF/spring/osgi.xml b/security/modules/org.argeo.security.services/META-INF/spring/osgi.xml index 91f2e8429..173034810 100644 --- a/security/modules/org.argeo.security.services/META-INF/spring/osgi.xml +++ b/security/modules/org.argeo.security.services/META-INF/spring/osgi.xml @@ -7,12 +7,6 @@ http://www.springframework.org/schema/beans/spring-beans-2.5.xsd"> - - - @@ -21,7 +15,6 @@ - - - - - diff --git a/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/SpringLoginModule.java b/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/SpringLoginModule.java index 7631dade1..298323b3d 100644 --- a/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/SpringLoginModule.java +++ b/security/plugins/org.argeo.security.equinox/src/main/java/org/argeo/security/equinox/SpringLoginModule.java @@ -113,13 +113,11 @@ public class SpringLoginModule extends SecurityContextLoginModule { loginException.initCause(e); throw loginException; } - // } } @Override public boolean logout() throws LoginException { - // if (log.isDebugEnabled()) - // log.debug("logout subject=" + subject); + subject.getPrincipals().clear(); return super.logout(); } diff --git a/security/plugins/org.argeo.security.ui.admin/META-INF/spring/commands.xml b/security/plugins/org.argeo.security.ui.admin/META-INF/spring/commands.xml index 46d3b058c..96d25ddb6 100644 --- a/security/plugins/org.argeo.security.ui.admin/META-INF/spring/commands.xml +++ b/security/plugins/org.argeo.security.ui.admin/META-INF/spring/commands.xml @@ -8,10 +8,10 @@ class="org.argeo.security.ui.admin.commands.OpenArgeoUserEditor" scope="prototype" /> - - - + + + scope="prototype"> + + diff --git a/security/plugins/org.argeo.security.ui.admin/META-INF/spring/common.xml b/security/plugins/org.argeo.security.ui.admin/META-INF/spring/common.xml index 131ccdac2..3a6f8141c 100644 --- a/security/plugins/org.argeo.security.ui.admin/META-INF/spring/common.xml +++ b/security/plugins/org.argeo.security.ui.admin/META-INF/spring/common.xml @@ -3,7 +3,7 @@ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd"> - + \ No newline at end of file diff --git a/security/plugins/org.argeo.security.ui.admin/META-INF/spring/editors.xml b/security/plugins/org.argeo.security.ui.admin/META-INF/spring/editors.xml index c1eb9ea61..8510866f9 100644 --- a/security/plugins/org.argeo.security.ui.admin/META-INF/spring/editors.xml +++ b/security/plugins/org.argeo.security.ui.admin/META-INF/spring/editors.xml @@ -8,6 +8,6 @@ - + diff --git a/security/plugins/org.argeo.security.ui.admin/META-INF/spring/osgi.xml b/security/plugins/org.argeo.security.ui.admin/META-INF/spring/osgi.xml index b0947860f..2fa51446c 100644 --- a/security/plugins/org.argeo.security.ui.admin/META-INF/spring/osgi.xml +++ b/security/plugins/org.argeo.security.ui.admin/META-INF/spring/osgi.xml @@ -11,7 +11,4 @@ - - \ No newline at end of file diff --git a/security/plugins/org.argeo.security.ui.admin/META-INF/spring/views.xml b/security/plugins/org.argeo.security.ui.admin/META-INF/spring/views.xml index 49cf9d8a0..d399c895b 100644 --- a/security/plugins/org.argeo.security.ui.admin/META-INF/spring/views.xml +++ b/security/plugins/org.argeo.security.ui.admin/META-INF/spring/views.xml @@ -6,9 +6,9 @@ - - + + diff --git a/security/plugins/org.argeo.security.ui.admin/plugin.xml b/security/plugins/org.argeo.security.ui.admin/plugin.xml index f6c164391..67f4092c0 100644 --- a/security/plugins/org.argeo.security.ui.admin/plugin.xml +++ b/security/plugins/org.argeo.security.ui.admin/plugin.xml @@ -50,8 +50,8 @@ + id="org.argeo.security.ui.admin.newUser" + name="New User"> diff --git a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/AddRole.java b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/AddRole.java index a036d12a3..d550484fc 100644 --- a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/AddRole.java +++ b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/AddRole.java @@ -10,7 +10,6 @@ import org.eclipse.core.commands.ExecutionException; import org.eclipse.ui.IEditorReference; import org.eclipse.ui.IWorkbenchPage; import org.eclipse.ui.handlers.HandlerUtil; -import org.eclipse.ui.internal.EditorReference; /** Add a new role. */ public class AddRole extends AbstractHandler { diff --git a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/NewUser.java b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/NewUser.java index 2c7b8bf57..5e8313f17 100644 --- a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/NewUser.java +++ b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/NewUser.java @@ -2,28 +2,28 @@ package org.argeo.security.ui.admin.commands; import javax.jcr.Session; +import org.argeo.security.UserAdminService; import org.argeo.security.ui.admin.wizards.NewUserWizard; import org.eclipse.core.commands.AbstractHandler; import org.eclipse.core.commands.ExecutionEvent; import org.eclipse.core.commands.ExecutionException; import org.eclipse.jface.wizard.WizardDialog; import org.eclipse.ui.handlers.HandlerUtil; -import org.springframework.security.userdetails.UserDetailsManager; /** Command handler to set visible or open a Argeo user. */ public class NewUser extends AbstractHandler { private Session session; - private UserDetailsManager userDetailsManager; + private UserAdminService userAdminService; public Object execute(ExecutionEvent event) throws ExecutionException { try { NewUserWizard newUserWizard = new NewUserWizard(session, - userDetailsManager); + userAdminService); WizardDialog dialog = new WizardDialog( HandlerUtil.getActiveShell(event), newUserWizard); dialog.open(); } catch (Exception e) { - throw new ExecutionException("Cannot open editor", e); + throw new ExecutionException("Cannot open wizard", e); } return null; } @@ -32,8 +32,8 @@ public class NewUser extends AbstractHandler { this.session = session; } - public void setUserDetailsManager(UserDetailsManager userDetailsManager) { - this.userDetailsManager = userDetailsManager; + public void setUserAdminService(UserAdminService userAdminService) { + this.userAdminService = userAdminService; } } diff --git a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/RefreshUsersList.java b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/RefreshUsersList.java index 10e413a6c..a66b79067 100644 --- a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/RefreshUsersList.java +++ b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/RefreshUsersList.java @@ -1,5 +1,6 @@ package org.argeo.security.ui.admin.commands; +import org.argeo.security.UserAdminService; import org.argeo.security.ui.admin.views.UsersView; import org.eclipse.core.commands.AbstractHandler; import org.eclipse.core.commands.ExecutionEvent; @@ -8,8 +9,10 @@ import org.eclipse.ui.handlers.HandlerUtil; /** Refresh the main EBI list. */ public class RefreshUsersList extends AbstractHandler { + private UserAdminService userAdminService; public Object execute(ExecutionEvent event) throws ExecutionException { + userAdminService.synchronize(); UsersView view = (UsersView) HandlerUtil .getActiveWorkbenchWindow(event).getActivePage() .findView(UsersView.ID); @@ -17,4 +20,8 @@ public class RefreshUsersList extends AbstractHandler { return null; } + public void setUserAdminService(UserAdminService userAdminService) { + this.userAdminService = userAdminService; + } + } \ No newline at end of file diff --git a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/editors/ArgeoUserEditor.java b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/editors/ArgeoUserEditor.java index 41b27b5dd..b511e683c 100644 --- a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/editors/ArgeoUserEditor.java +++ b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/editors/ArgeoUserEditor.java @@ -1,14 +1,13 @@ package org.argeo.security.ui.admin.editors; import javax.jcr.Node; +import javax.jcr.Session; import org.argeo.ArgeoException; import org.argeo.jcr.ArgeoNames; -import org.argeo.security.ArgeoUser; -import org.argeo.security.SimpleArgeoUser; +import org.argeo.jcr.JcrUtils; import org.argeo.security.UserAdminService; import org.argeo.security.jcr.JcrUserDetails; -import org.argeo.security.nature.SimpleUserNature; import org.argeo.security.ui.admin.SecurityAdminPlugin; import org.argeo.security.ui.admin.views.UsersView; import org.eclipse.core.runtime.IProgressMonitor; @@ -17,35 +16,26 @@ import org.eclipse.ui.IEditorSite; import org.eclipse.ui.IWorkbench; import org.eclipse.ui.PartInitException; import org.eclipse.ui.forms.editor.FormEditor; -import org.springframework.security.userdetails.UserDetailsManager; /** Editor for an Argeo user. */ public class ArgeoUserEditor extends FormEditor { public final static String ID = "org.argeo.security.ui.admin.adminArgeoUserEditor"; - private ArgeoUser user; private JcrUserDetails userDetails; private Node userHome; private UserAdminService userAdminService; - private UserDetailsManager userDetailsManager; + private Session session; public void init(IEditorSite site, IEditorInput input) throws PartInitException { super.init(site, input); - userHome = ((ArgeoUserEditorInput) getEditorInput()).getUserHome(); String username = ((ArgeoUserEditorInput) getEditorInput()) .getUsername(); + userHome = JcrUtils.getUserHome(session, username); - userDetails = (JcrUserDetails) userDetailsManager + userDetails = (JcrUserDetails) userAdminService .loadUserByUsername(username); - if (username == null) {// new - user = new SimpleArgeoUser(); - user.getUserNatures().put(SimpleUserNature.TYPE, - new SimpleUserNature()); - } else - user = userAdminService.getUser(username); - this.setPartProperty("name", username != null ? username : ""); setPartName(username != null ? username : ""); } @@ -80,7 +70,7 @@ public class ArgeoUserEditor extends FormEditor { .getRoles()); } - userDetailsManager.updateUser(userDetails); + userAdminService.updateUser(userDetails); // if (userAdminService.userExists(user.getUsername())) // userAdminService.updateUser(user); @@ -117,8 +107,7 @@ public class ArgeoUserEditor extends FormEditor { this.userAdminService = userAdminService; } - public void setUserDetailsManager(UserDetailsManager userDetailsManager) { - this.userDetailsManager = userDetailsManager; + public void setSession(Session session) { + this.session = session; } - } diff --git a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/editors/ArgeoUserEditorInput.java b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/editors/ArgeoUserEditorInput.java index 51aeeef80..9fcb755c5 100644 --- a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/editors/ArgeoUserEditorInput.java +++ b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/editors/ArgeoUserEditorInput.java @@ -1,12 +1,5 @@ package org.argeo.security.ui.admin.editors; -import javax.jcr.Node; -import javax.jcr.PathNotFoundException; -import javax.jcr.RepositoryException; -import javax.jcr.ValueFormatException; - -import org.argeo.ArgeoException; -import org.argeo.jcr.ArgeoNames; import org.eclipse.jface.resource.ImageDescriptor; import org.eclipse.ui.IEditorInput; import org.eclipse.ui.IPersistableElement; @@ -14,23 +7,9 @@ import org.eclipse.ui.IPersistableElement; /** Editor input for an Argeo user. */ public class ArgeoUserEditorInput implements IEditorInput { private final String username; - private final Node userHome; - @Deprecated public ArgeoUserEditorInput(String username) { this.username = username; - this.userHome = null; - } - - public ArgeoUserEditorInput(Node userHome) { - try { - this.username = userHome.getProperty(ArgeoNames.ARGEO_USER_ID) - .getString(); - this.userHome = userHome; - } catch (RepositoryException e) { - throw new ArgeoException("Cannot initialize editor input for " - + userHome, e); - } } public Object getAdapter(@SuppressWarnings("rawtypes") Class adapter) { @@ -68,9 +47,4 @@ public class ArgeoUserEditorInput implements IEditorInput { public String getUsername() { return username; } - - public Node getUserHome() { - return userHome; - } - } diff --git a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/views/RolesView.java b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/views/RolesView.java index e2779590a..491647a8d 100644 --- a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/views/RolesView.java +++ b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/views/RolesView.java @@ -1,21 +1,10 @@ package org.argeo.security.ui.admin.views; -import java.util.ArrayList; - import org.argeo.ArgeoException; -import org.argeo.security.ArgeoUser; import org.argeo.security.UserAdminService; import org.argeo.security.ui.admin.SecurityAdminPlugin; import org.argeo.security.ui.admin.commands.AddRole; -import org.argeo.security.ui.admin.commands.OpenArgeoUserEditor; -import org.eclipse.core.commands.Command; -import org.eclipse.core.commands.IParameter; -import org.eclipse.core.commands.Parameterization; -import org.eclipse.core.commands.ParameterizedCommand; -import org.eclipse.jface.viewers.DoubleClickEvent; -import org.eclipse.jface.viewers.IDoubleClickListener; import org.eclipse.jface.viewers.IStructuredContentProvider; -import org.eclipse.jface.viewers.IStructuredSelection; import org.eclipse.jface.viewers.ITableLabelProvider; import org.eclipse.jface.viewers.LabelProvider; import org.eclipse.jface.viewers.TableViewer; @@ -30,8 +19,6 @@ import org.eclipse.swt.widgets.Listener; import org.eclipse.swt.widgets.Table; import org.eclipse.swt.widgets.Text; import org.eclipse.ui.IWorkbench; -import org.eclipse.ui.IWorkbenchWindow; -import org.eclipse.ui.commands.ICommandService; import org.eclipse.ui.handlers.IHandlerService; import org.eclipse.ui.part.ViewPart; @@ -84,7 +71,6 @@ public class RolesView extends ViewPart { viewer.setContentProvider(new RolesContentProvider()); viewer.setLabelProvider(new UsersLabelProvider()); viewer.setInput(getViewSite()); - viewer.addDoubleClickListener(new ViewDoubleClickListener()); } @Override @@ -126,46 +112,6 @@ public class RolesView extends ViewPart { } - class ViewDoubleClickListener implements IDoubleClickListener { - public void doubleClick(DoubleClickEvent evt) { - Object obj = ((IStructuredSelection) evt.getSelection()) - .getFirstElement(); - - if (obj instanceof ArgeoUser) { - ArgeoUser argeoUser = (ArgeoUser) obj; - - IWorkbench iw = SecurityAdminPlugin.getDefault().getWorkbench(); - IHandlerService handlerService = (IHandlerService) iw - .getService(IHandlerService.class); - try { - String commandId = OpenArgeoUserEditor.COMMAND_ID; - String paramName = OpenArgeoUserEditor.PARAM_USERNAME; - - // TODO: factorize this - // execute related command - IWorkbenchWindow window = iw.getActiveWorkbenchWindow(); - ICommandService cmdService = (ICommandService) window - .getService(ICommandService.class); - Command cmd = cmdService.getCommand(commandId); - ArrayList parameters = new ArrayList(); - IParameter iparam = cmd.getParameter(paramName); - Parameterization param = new Parameterization(iparam, - argeoUser.getUsername()); - parameters.add(param); - ParameterizedCommand pc = new ParameterizedCommand(cmd, - parameters.toArray(new Parameterization[parameters - .size()])); - handlerService = (IHandlerService) window - .getService(IHandlerService.class); - handlerService.executeCommand(pc, null); - } catch (Exception e) { - throw new ArgeoException("Cannot open editor", e); - } - - } - } - } - public String getNewRole() { return newRole.getText(); } diff --git a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/views/UsersView.java b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/views/UsersView.java index 8ddba7683..77b718e12 100644 --- a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/views/UsersView.java +++ b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/views/UsersView.java @@ -12,14 +12,10 @@ import javax.jcr.observation.EventListener; import javax.jcr.query.Query; import org.argeo.ArgeoException; -import org.argeo.eclipse.ui.dialogs.Error; import org.argeo.jcr.ArgeoNames; import org.argeo.jcr.ArgeoTypes; -import org.argeo.security.ArgeoUser; import org.argeo.security.ui.admin.SecurityAdminPlugin; import org.argeo.security.ui.admin.commands.OpenArgeoUserEditor; -import org.argeo.security.ui.admin.editors.ArgeoUserEditor; -import org.argeo.security.ui.admin.editors.ArgeoUserEditorInput; import org.eclipse.core.commands.Command; import org.eclipse.core.commands.IParameter; import org.eclipse.core.commands.Parameterization; @@ -39,7 +35,6 @@ import org.eclipse.swt.widgets.Table; import org.eclipse.swt.widgets.TableColumn; import org.eclipse.ui.IWorkbench; import org.eclipse.ui.IWorkbenchWindow; -import org.eclipse.ui.PartInitException; import org.eclipse.ui.commands.ICommandService; import org.eclipse.ui.handlers.IHandlerService; import org.eclipse.ui.part.ViewPart; @@ -156,31 +151,9 @@ public class UsersView extends ViewPart implements ArgeoNames, ArgeoTypes, } catch (RepositoryException e) { throw new ArgeoException("Cannot get text", e); } - - // String currentUsername = CurrentUser.getUsername(); - // String currentUsername = ""; - // ArgeoUser user = (ArgeoUser) element; - // SimpleUserNature simpleNature = SimpleUserNature - // .findSimpleUserNature(user, simpleNatureType); - // switch (columnIndex) { - // case 0: - // String userName = user.getUsername(); - // if (userName.equals(currentUsername)) - // userName = userName + "*"; - // return userName; - // case 1: - // return simpleNature.getFirstName(); - // case 2: - // return simpleNature.getLastName(); - // case 3: - // return simpleNature.getEmail(); - // default: - // throw new ArgeoException("Unmanaged column " + columnIndex); - // } } public Image getColumnImage(Object element, int columnIndex) { - // TODO Auto-generated method stub return null; } @@ -194,23 +167,12 @@ public class UsersView extends ViewPart implements ArgeoNames, ArgeoTypes, Object obj = ((IStructuredSelection) evt.getSelection()) .getFirstElement(); if (obj instanceof Node) { - try { - IWorkbench iw = SecurityAdminPlugin.getDefault() - .getWorkbench(); - iw.getActiveWorkbenchWindow() - .getActivePage() - .openEditor(new ArgeoUserEditorInput((Node) obj), - ArgeoUserEditor.ID); - } catch (PartInitException e) { - Error.show("Cannot open user editor for " + obj, e); - } - } else if (obj instanceof ArgeoUser) { - ArgeoUser argeoUser = (ArgeoUser) obj; - IWorkbench iw = SecurityAdminPlugin.getDefault().getWorkbench(); IHandlerService handlerService = (IHandlerService) iw .getService(IHandlerService.class); try { + String username = ((Node) obj).getProperty(ARGEO_USER_ID) + .getString(); String commandId = OpenArgeoUserEditor.COMMAND_ID; String paramName = OpenArgeoUserEditor.PARAM_USERNAME; @@ -223,7 +185,7 @@ public class UsersView extends ViewPart implements ArgeoNames, ArgeoTypes, ArrayList parameters = new ArrayList(); IParameter iparam = cmd.getParameter(paramName); Parameterization param = new Parameterization(iparam, - argeoUser.getUsername()); + username); parameters.add(param); ParameterizedCommand pc = new ParameterizedCommand(cmd, parameters.toArray(new Parameterization[parameters diff --git a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/wizards/MainUserInfoWizardPage.java b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/wizards/MainUserInfoWizardPage.java index 066c376a1..e00decd53 100644 --- a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/wizards/MainUserInfoWizardPage.java +++ b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/wizards/MainUserInfoWizardPage.java @@ -15,14 +15,18 @@ import org.eclipse.swt.events.ModifyListener; import org.eclipse.swt.layout.GridLayout; import org.eclipse.swt.widgets.Composite; import org.eclipse.swt.widgets.Text; +import org.springframework.security.userdetails.UserDetails; +import org.springframework.security.userdetails.UsernameNotFoundException; public class MainUserInfoWizardPage extends WizardPage implements ModifyListener, ArgeoNames { private Text username, firstName, lastName, primaryEmail, password1, password2; + private UserAdminService userAdminService; - public MainUserInfoWizardPage() { + public MainUserInfoWizardPage(UserAdminService userAdminService) { super("Main"); + this.userAdminService = userAdminService; setTitle("Required Information"); } @@ -55,6 +59,13 @@ public class MainUserInfoWizardPage extends WizardPage implements protected String checkComplete() { if (!username.getText().matches(UserAdminService.USERNAME_PATTERN)) return "Wrong user name format, should be lower case, between 3 and 15 characters with only '_' as acceptable special character."; + try { + UserDetails userDetails = userAdminService + .loadUserByUsername(username.getText()); + return "User " + userDetails.getUsername() + " alreayd exists"; + } catch (UsernameNotFoundException e) { + // silent + } if (!primaryEmail.getText().matches(UserAdminService.EMAIL_PATTERN)) return "Not a valid email address"; if (firstName.getText().trim().equals("")) diff --git a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/wizards/NewUserWizard.java b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/wizards/NewUserWizard.java index 6c894d62a..493e1881f 100644 --- a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/wizards/NewUserWizard.java +++ b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/wizards/NewUserWizard.java @@ -6,35 +6,39 @@ import javax.jcr.Session; import org.argeo.eclipse.ui.dialogs.Error; import org.argeo.jcr.ArgeoNames; import org.argeo.jcr.JcrUtils; +import org.argeo.security.UserAdminService; import org.argeo.security.jcr.JcrUserDetails; import org.eclipse.jface.wizard.Wizard; import org.springframework.security.GrantedAuthority; -import org.springframework.security.userdetails.UserDetailsManager; /** Wizard to create a new user */ public class NewUserWizard extends Wizard { private String homeBasePath = "/home"; private Session session; - private UserDetailsManager userDetailsManager; + private UserAdminService userAdminService; // pages private MainUserInfoWizardPage mainUserInfo; - public NewUserWizard(Session session, UserDetailsManager userDetailsManager) { + public NewUserWizard(Session session, UserAdminService userAdminService) { this.session = session; - this.userDetailsManager = userDetailsManager; + this.userAdminService = userAdminService; } @Override public void addPages() { - mainUserInfo = new MainUserInfoWizardPage(); + mainUserInfo = new MainUserInfoWizardPage(userAdminService); addPage(mainUserInfo); } @Override public boolean performFinish() { + if (!canFinish()) + return false; + try { String username = mainUserInfo.getUsername(); + session.save(); Node userHome = JcrUtils.createUserHome(session, homeBasePath, username); Node userProfile = userHome.getNode(ArgeoNames.ARGEO_PROFILE); @@ -44,7 +48,7 @@ public class NewUserWizard extends Wizard { userHome.getPath(), username, password, true, true, true, true, new GrantedAuthority[0]); session.save(); - userDetailsManager.createUser(jcrUserDetails); + userAdminService.createUser(jcrUserDetails); return true; } catch (Exception e) { JcrUtils.discardQuietly(session); diff --git a/security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/SecureActionBarAdvisor.java b/security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/SecureActionBarAdvisor.java index 88836f466..569412bd6 100644 --- a/security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/SecureActionBarAdvisor.java +++ b/security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/SecureActionBarAdvisor.java @@ -52,8 +52,21 @@ public class SecureActionBarAdvisor extends ActionBarAdvisor { showViewMenuAction = ActionFactory.SHOW_VIEW_MENU.create(window); register(showViewMenuAction); - // logoutAction = ActionFactory.QUIT.create(window); + // logout + logoutAction = createLogoutAction(); + register(logoutAction); + + // Save semantics + saveAction = ActionFactory.SAVE.create(window); + register(saveAction); + saveAllAction = ActionFactory.SAVE_ALL.create(window); + register(saveAllAction); + closeAllAction = ActionFactory.CLOSE_ALL.create(window); + register(closeAllAction); + + } + protected IAction createLogoutAction() { Subject subject = null; try { subject = SecureRapActivator.getLoginContext().getSubject(); @@ -62,7 +75,7 @@ public class SecureActionBarAdvisor extends ActionBarAdvisor { } final Principal principal = subject.getPrincipals().iterator().next(); - logoutAction = new Action() { + IAction logoutAction = new Action() { public String getId() { return SecureRapActivator.ID + ".logoutAction"; } @@ -76,6 +89,7 @@ public class SecureActionBarAdvisor extends ActionBarAdvisor { Subject subject = SecureRapActivator.getLoginContext() .getSubject(); String subjectStr = subject.toString(); + subject.getPrincipals().clear(); SecureRapActivator.getLoginContext().logout(); log.info(subjectStr + " logged out"); } catch (LoginException e) { @@ -91,16 +105,7 @@ public class SecureActionBarAdvisor extends ActionBarAdvisor { } }; - register(logoutAction); - - // Save semantics - saveAction = ActionFactory.SAVE.create(window); - register(saveAction); - saveAllAction = ActionFactory.SAVE_ALL.create(window); - register(saveAllAction); - closeAllAction = ActionFactory.CLOSE_ALL.create(window); - register(closeAllAction); - + return logoutAction; } protected void fillMenuBar(IMenuManager menuBar) { diff --git a/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/dialogs/DefaultLoginDialog.java b/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/dialogs/DefaultLoginDialog.java index b21af2049..19affc854 100644 --- a/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/dialogs/DefaultLoginDialog.java +++ b/security/plugins/org.argeo.security.ui/src/main/java/org/argeo/security/ui/dialogs/DefaultLoginDialog.java @@ -5,7 +5,6 @@ import javax.security.auth.callback.NameCallback; import javax.security.auth.callback.PasswordCallback; import javax.security.auth.callback.TextOutputCallback; -import org.eclipse.jface.dialogs.IMessageProvider; import org.eclipse.swt.SWT; import org.eclipse.swt.events.ModifyEvent; import org.eclipse.swt.events.ModifyListener; @@ -30,13 +29,11 @@ public class DefaultLoginDialog extends AbstractLoginDialog { } protected Point getInitialSize() { - return new Point(300, 150); + return new Point(300, 180); } protected Control createDialogArea(Composite parent) { Composite dialogarea = (Composite) super.createDialogArea(parent); - // dialogarea.setLayoutData(new GridData(SWT.FILL, SWT.FILL, true, - // true)); Composite composite = new Composite(dialogarea, SWT.NONE); composite.setLayout(new GridLayout(2, false)); composite.setLayoutData(new GridData(SWT.FILL, SWT.FILL, true, false)); @@ -93,20 +90,21 @@ public class DefaultLoginDialog extends AbstractLoginDialog { private void createTextoutputHandler(Composite composite, TextOutputCallback callback) { - int messageType = callback.getMessageType(); - int dialogMessageType = IMessageProvider.NONE; - switch (messageType) { - case TextOutputCallback.INFORMATION: - dialogMessageType = IMessageProvider.INFORMATION; - break; - case TextOutputCallback.WARNING: - dialogMessageType = IMessageProvider.WARNING; - break; - case TextOutputCallback.ERROR: - dialogMessageType = IMessageProvider.ERROR; - break; - } - //setMessage(callback.getMessage(), dialogMessageType); + // TODO: find a way to pass this information + // int messageType = callback.getMessageType(); + // int dialogMessageType = IMessageProvider.NONE; + // switch (messageType) { + // case TextOutputCallback.INFORMATION: + // dialogMessageType = IMessageProvider.INFORMATION; + // break; + // case TextOutputCallback.WARNING: + // dialogMessageType = IMessageProvider.WARNING; + // break; + // case TextOutputCallback.ERROR: + // dialogMessageType = IMessageProvider.ERROR; + // break; + // } + // setMessage(callback.getMessage(), dialogMessageType); } public void internalHandle() { diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/AbstractUserNature.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/AbstractUserNature.java deleted file mode 100644 index bbb5eb804..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/AbstractUserNature.java +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright (C) 2010 Mathieu Baudier - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.argeo.security; - - -/** A set of specific data attached to a user. */ -@Deprecated -public abstract class AbstractUserNature implements UserNature { - private static final long serialVersionUID = 1169323440459736478L; - - private String type; - - public String getType() { - if (type != null) - return type; - else - return getClass().getName(); - } - - public void setType(String type) { - this.type = type; - } - -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityDao.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityDao.java deleted file mode 100644 index 81baa5e28..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityDao.java +++ /dev/null @@ -1,26 +0,0 @@ -/* - * Copyright (C) 2010 Mathieu Baudier - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.argeo.security; - - -/** - * Access to the users and roles referential (dependent from the underlying - * storage, e.g. LDAP). - */ -@Deprecated -public interface ArgeoSecurityDao extends CurrentUserDao,UserAdminDao{ -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityService.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityService.java deleted file mode 100644 index 172fba189..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityService.java +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Copyright (C) 2010 Mathieu Baudier - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.argeo.security; - - -/** - * High level access to the user referential (independent from the underlying - * storage). - */ -@Deprecated -public interface ArgeoSecurityService extends CurrentUserService, - UserAdminService { -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoUser.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoUser.java deleted file mode 100644 index 71009604d..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoUser.java +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Copyright (C) 2010 Mathieu Baudier - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.argeo.security; - -import java.util.List; -import java.util.Map; - -/** Abstraction for a user. */ -public interface ArgeoUser { - public String getUsername(); - - @Deprecated - public Map getUserNatures(); - - /** Implementation should refuse to add new user natures via this method. */ - @Deprecated - public void updateUserNatures(Map userNatures); - - public List getRoles(); - - public String getPassword(); -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/CurrentUserDao.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/CurrentUserDao.java deleted file mode 100644 index 37b6d7735..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/CurrentUserDao.java +++ /dev/null @@ -1,29 +0,0 @@ -/* - * Copyright (C) 2010 Mathieu Baudier - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.argeo.security; - -/** - * Access to user backend for the currently logged in user - */ -@Deprecated -public interface CurrentUserDao { - public void updateCurrentUserPassword(String oldPassword, String newPassword); - - @Deprecated - public String getDefaultRole(); - -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/CurrentUserService.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/CurrentUserService.java deleted file mode 100644 index 9ae88e37d..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/CurrentUserService.java +++ /dev/null @@ -1,14 +0,0 @@ -package org.argeo.security; - -import java.util.Map; - -@Deprecated -public interface CurrentUserService { - public ArgeoUser getCurrentUser(); - - public void updateCurrentUserPassword(String oldPassword, String newPassword); - - @Deprecated - public void updateCurrentUserNatures(Map userNatures); - -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/SimpleArgeoUser.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/SimpleArgeoUser.java deleted file mode 100644 index 291664721..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/SimpleArgeoUser.java +++ /dev/null @@ -1,131 +0,0 @@ -/* - * Copyright (C) 2010 Mathieu Baudier - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.argeo.security; - -import java.io.Serializable; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import org.argeo.ArgeoException; - -/** - * Read-write implementation of an Argeo user. Typically initialized with a - * generic instance (read-only9 in order to modify a user. - */ -@Deprecated -public class SimpleArgeoUser implements ArgeoUser, Serializable, - Comparable { - private static final long serialVersionUID = 1L; - - private String username; - private String password; - private Map userNatures = new HashMap(); - private List roles = new ArrayList(); - - public SimpleArgeoUser() { - - } - - public SimpleArgeoUser(ArgeoUser argeoUser) { - username = argeoUser.getUsername(); - password = argeoUser.getPassword(); - userNatures = new HashMap( - argeoUser.getUserNatures()); - roles = new ArrayList(argeoUser.getRoles()); - } - - public Map getUserNatures() { - return userNatures; - } - - @Deprecated - public void updateUserNatures(Map userNaturesData) { - updateUserNaturesWithCheck(userNatures, userNaturesData); - } - - @Deprecated - public static void updateUserNaturesWithCheck( - Map userNatures, - Map userNaturesData) { - // checks consistency - if (userNatures.size() != userNaturesData.size()) - throw new ArgeoException( - "It is forbidden to add or remove user natures via this method"); - - for (String type : userNatures.keySet()) { - if (!userNaturesData.containsKey(type)) - throw new ArgeoException( - "Could not find a user nature of type " + type); - } - - for (String key : userNatures.keySet()) { - userNatures.put(key, userNaturesData.get(key)); - } - } - - @Override - public boolean equals(Object obj) { - if (!(obj instanceof ArgeoUser)) - return false; - return ((ArgeoUser) obj).getUsername().equals(username); - } - - public int compareTo(ArgeoUser o) { - return username.compareTo(o.getUsername()); - } - - @Override - public int hashCode() { - return username.hashCode(); - } - - @Override - public String toString() { - return username; - } - - public List getRoles() { - return roles; - } - - public String getUsername() { - return username; - } - - public void setUsername(String username) { - this.username = username; - } - - @Deprecated - public void setUserNatures(Map userNatures) { - this.userNatures = userNatures; - } - - public void setRoles(List roles) { - this.roles = roles; - } - - public String getPassword() { - return password; - } - - public void setPassword(String password) { - this.password = password; - } -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserAdminDao.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserAdminDao.java index 1ca452a74..cf8c77b59 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserAdminDao.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserAdminDao.java @@ -22,25 +22,13 @@ import java.util.Set; * Access to the users and roles referential (dependent from the underlying * storage, e.g. LDAP). */ -public interface UserAdminDao{ +public interface UserAdminDao { /** List all users */ - public Set listUsers(); + public Set listUsers(); /** List roles that can be modified */ public Set listEditableRoles(); - public void updateUser(ArgeoUser user); - - public void updateUserPassword(String username, String password); - - /** - * Creates a new user in the underlying storage. DO NOT CALL DIRECTLY - * use {@link ArgeoSecurityService#newUser(ArgeoUser)} instead. - */ - public void createUser(ArgeoUser user); - - public void deleteUser(String username); - /** * Creates a new role in the underlying storage. DO NOT CALL DIRECTLY * use {@link ArgeoSecurityService#newRole(String)} instead. @@ -50,11 +38,6 @@ public interface UserAdminDao{ public void deleteRole(String role); /** List all users having this role. */ - public Set listUsersInRole(String role); - - public Boolean userExists(String username); - - public ArgeoUser getUser(String username); + public Set listUsersInRole(String role); - public ArgeoUser getUserWithPassword(String username); } diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserAdminService.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserAdminService.java index 4babb87a0..dddec0357 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserAdminService.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserAdminService.java @@ -1,9 +1,10 @@ package org.argeo.security; -import java.util.List; import java.util.Set; -public interface UserAdminService { +import org.springframework.security.userdetails.UserDetailsManager; + +public interface UserAdminService extends UserDetailsManager{ /** * Usernames must match this regexp pattern ({@value #USERNAME_PATTERN}). * Thanks to listUsers(); - - public Boolean userExists(String username); - - public void updateUser(ArgeoUser user); - - public void updateUserPassword(String username, String password); - /** List users having this role (except the super user). */ - public Set listUsersInRole(String role); - - public List listUserRoles(String username); - - public void deleteUser(String username); + public Set listUsersInRole(String role); /** Synchronize with the underlying DAO. */ public void synchronize(); diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserNature.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserNature.java deleted file mode 100644 index cf0fa4819..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserNature.java +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright (C) 2010 Mathieu Baudier - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.argeo.security; - -import java.io.Serializable; - -/** - * A set of specific data attached to a user. TODO: is this interface really - * useful? - */ -@Deprecated -public interface UserNature extends Serializable { - @Deprecated - /** @deprecated will be removed soon*/ - public String getType(); -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java deleted file mode 100644 index eac1d3706..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java +++ /dev/null @@ -1,130 +0,0 @@ -/* - * Copyright (C) 2010 Mathieu Baudier - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.argeo.security.core; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; -import java.util.Map; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.argeo.security.ArgeoUser; -import org.argeo.security.SimpleArgeoUser; -import org.argeo.security.UserNature; -import org.springframework.security.Authentication; -import org.springframework.security.GrantedAuthority; -import org.springframework.security.GrantedAuthorityImpl; -import org.springframework.security.context.SecurityContextHolder; -import org.springframework.security.userdetails.User; -import org.springframework.security.userdetails.UserDetails; - -@Deprecated -public class ArgeoUserDetails extends User implements ArgeoUser { - private static final long serialVersionUID = 1L; - private final static Log log = LogFactory.getLog(ArgeoUserDetails.class); - - private final Map userNatures; - private final List roles; - - public ArgeoUserDetails(String username, - Map userNatures, String password, - GrantedAuthority[] authorities) throws IllegalArgumentException { - super(username, password, true, true, true, true, authorities); - this.userNatures = Collections.unmodifiableMap(userNatures); - - // Roles - this.roles = Collections.unmodifiableList(addAuthoritiesToRoles( - getAuthorities(), new ArrayList())); - } - - public ArgeoUserDetails(ArgeoUser argeoUser) { - this(argeoUser.getUsername(), argeoUser.getUserNatures(), argeoUser - .getPassword(), rolesToAuthorities(argeoUser.getRoles())); - } - - public Map getUserNatures() { - return userNatures; - } - - public void updateUserNatures(Map userNaturesData) { - SimpleArgeoUser - .updateUserNaturesWithCheck(userNatures, userNaturesData); - } - - public List getRoles() { - return roles; - } - - /** The provided list, for chaining using {@link Collections} */ - public static List addAuthoritiesToRoles( - GrantedAuthority[] authorities, List roles) { - for (GrantedAuthority authority : authorities) { - roles.add(authority.getAuthority()); - } - return roles; - } - - public static GrantedAuthority[] rolesToAuthorities(List roles) { - GrantedAuthority[] arr = new GrantedAuthority[roles.size()]; - for (int i = 0; i < roles.size(); i++) { - String role = roles.get(i); - if (log.isTraceEnabled()) - log.debug("Convert role " + role + " to authority (i=" + i - + ")"); - arr[i] = new GrantedAuthorityImpl(role); - } - return arr; - } - - public static SimpleArgeoUser createSimpleArgeoUser(UserDetails userDetails) { - if (userDetails instanceof ArgeoUser) { - return new SimpleArgeoUser((ArgeoUser) userDetails); - } else { - SimpleArgeoUser argeoUser = new SimpleArgeoUser(); - argeoUser.setUsername(userDetails.getUsername()); - addAuthoritiesToRoles(userDetails.getAuthorities(), - argeoUser.getRoles()); - return argeoUser; - } - } - - /** Creates an argeo user based on spring authentication */ - public static ArgeoUser asArgeoUser(Authentication authentication) { - if (authentication == null) - return null; - - if (authentication.getPrincipal() instanceof ArgeoUser) { - return new SimpleArgeoUser( - (ArgeoUser) authentication.getPrincipal()); - } else { - SimpleArgeoUser argeoUser = new SimpleArgeoUser(); - argeoUser.setUsername(authentication.getName()); - addAuthoritiesToRoles(authentication.getAuthorities(), - argeoUser.getRoles()); - return argeoUser; - } - } - - /** The Spring security context as an argeo user */ - public static ArgeoUser securityContextUser() { - Authentication authentication = SecurityContextHolder.getContext() - .getAuthentication(); - ArgeoUser argeoUser = ArgeoUserDetails.asArgeoUser(authentication); - return argeoUser; - } -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultCurrentUserService.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultCurrentUserService.java deleted file mode 100644 index 8e330cb11..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultCurrentUserService.java +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright (C) 2010 Mathieu Baudier - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.argeo.security.core; - -import java.util.Map; - -import org.argeo.security.ArgeoUser; -import org.argeo.security.CurrentUserDao; -import org.argeo.security.CurrentUserService; -import org.argeo.security.UserNature; - -@Deprecated -public class DefaultCurrentUserService implements CurrentUserService { - private CurrentUserDao currentUserDao; - - public DefaultCurrentUserService() { - } - - public ArgeoUser getCurrentUser() { - ArgeoUser argeoUser = ArgeoUserDetails.securityContextUser(); - if (argeoUser == null) - return null; - if (argeoUser.getRoles().contains(currentUserDao.getDefaultRole())) - argeoUser.getRoles().remove(currentUserDao.getDefaultRole()); - return argeoUser; - } - - public void updateCurrentUserPassword(String oldPassword, String newPassword) { - currentUserDao.updateCurrentUserPassword(oldPassword, newPassword); - } - - public void updateCurrentUserNatures(Map userNatures) { - // TODO Auto-generated method stub - - } - - public void setCurrentUserDao(CurrentUserDao dao) { - this.currentUserDao = dao; - } -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultUserAdminService.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultUserAdminService.java deleted file mode 100644 index e823124d7..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultUserAdminService.java +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright (C) 2010 Mathieu Baudier - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.argeo.security.core; - -import java.util.HashSet; -import java.util.Iterator; -import java.util.List; -import java.util.Set; - -import org.argeo.security.ArgeoUser; -import org.argeo.security.UserAdminDao; -import org.argeo.security.UserAdminService; -import org.argeo.security.nature.SimpleUserNature; - -public class DefaultUserAdminService implements UserAdminService { - private String superUsername = "root"; - private UserAdminDao userAdminDao; - - public void newRole(String role) { - userAdminDao.createRole(role, getSuperUsername()); - } - - public void updateUserPassword(String username, String password) { - userAdminDao.updateUserPassword(username, password); - } - - public void newUser(ArgeoUser user) { - // pre-process - SimpleUserNature simpleUserNature; - try { - simpleUserNature = SimpleUserNature - .findSimpleUserNature(user, null); - } catch (Exception e) { - simpleUserNature = new SimpleUserNature(); - user.getUserNatures().put("simpleUserNature", simpleUserNature); - } - - if (simpleUserNature.getLastName() == null - || simpleUserNature.getLastName().equals("")) { - // to prevent issue with sn in LDAP - simpleUserNature.setLastName("empty"); - } - - userAdminDao.createUser(user); - } - - - - public void synchronize() { - // TODO Auto-generated method stub - - } - - public ArgeoUser getUser(String username) { - return userAdminDao.getUser(username); - } - - public Boolean userExists(String username) { - return userAdminDao.userExists(username); - } - - public void updateUser(ArgeoUser user) { - userAdminDao.updateUser(user); - } - - public void deleteUser(String username) { - userAdminDao.deleteUser(username); - - } - - public void deleteRole(String role) { - userAdminDao.deleteRole(role); - } - - public Set listUsersInRole(String role) { - Set lst = new HashSet( - userAdminDao.listUsersInRole(role)); - Iterator it = lst.iterator(); - while (it.hasNext()) { - if (it.next().getUsername().equals(getSuperUsername())) { - it.remove(); - break; - } - } - return lst; - } - - public Set listUsers() { - return userAdminDao.listUsers(); - } - - public List listUserRoles(String username) { - return getUser(username).getRoles(); - } - - public Set listEditableRoles() { - return userAdminDao.listEditableRoles(); - } - - // TODO: expose it via the interface as well? - public String getSuperUsername() { - return superUsername; - } - - public void setUserAdminDao(UserAdminDao userAdminDao) { - this.userAdminDao = userAdminDao; - } - -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/CurrentUserDaoJcr.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/CurrentUserDaoJcr.java deleted file mode 100644 index 0c8cc33b1..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/CurrentUserDaoJcr.java +++ /dev/null @@ -1,21 +0,0 @@ -package org.argeo.security.jcr; - -import org.argeo.security.CurrentUserDao; - -public class CurrentUserDaoJcr implements CurrentUserDao { - private String defaultRole= "ROLE_USER"; - - public void updateCurrentUserPassword(String oldPassword, String newPassword) { - throw new UnsupportedOperationException( - "Updating passwords is not supported"); - } - - public String getDefaultRole() { - return defaultRole; - } - - public void setDefaultRole(String defaultRole) { - this.defaultRole = defaultRole; - } - -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/CurrentUserServiceJcr.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/CurrentUserServiceJcr.java deleted file mode 100644 index 2c2a1ce41..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/CurrentUserServiceJcr.java +++ /dev/null @@ -1,57 +0,0 @@ -package org.argeo.security.jcr; - -import java.util.Map; - -import javax.jcr.Session; - -import org.argeo.ArgeoException; -import org.argeo.security.ArgeoUser; -import org.argeo.security.CurrentUserDao; -import org.argeo.security.CurrentUserService; -import org.argeo.security.UserNature; -import org.springframework.security.Authentication; -import org.springframework.security.context.SecurityContextHolder; - -public class CurrentUserServiceJcr implements CurrentUserService { - private Session session; - private CurrentUserDao currentUserDao; - - public ArgeoUser getCurrentUser() { - Authentication authentication = SecurityContextHolder.getContext() - .getAuthentication(); - - Session userSession; - if (authentication instanceof JcrAuthenticationToken) { - userSession = ((JcrAuthenticationToken) authentication) - .getSession(); - } else { - if (session == null) - throw new ArgeoException("No user JCR session available"); - userSession = session; - } - - JcrUserDetails jcrUserDetails = (JcrUserDetails) authentication - .getDetails(); - return JcrUserDetails.jcrUserDetailsToArgeoUser(userSession, - jcrUserDetails); - } - - public void updateCurrentUserPassword(String oldPassword, String newPassword) { - currentUserDao.updateCurrentUserPassword(oldPassword, newPassword); - - } - - public void updateCurrentUserNatures(Map userNatures) { - // TODO Auto-generated method stub - - } - - public void setSession(Session session) { - this.session = session; - } - - public void setCurrentUserDao(CurrentUserDao currentUserDao) { - this.currentUserDao = currentUserDao; - } - -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/JcrArgeoUser.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/JcrArgeoUser.java deleted file mode 100644 index 131d6ea5e..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/JcrArgeoUser.java +++ /dev/null @@ -1,79 +0,0 @@ -package org.argeo.security.jcr; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; -import java.util.Map; - -import javax.jcr.Node; -import javax.jcr.RepositoryException; - -import org.argeo.ArgeoException; -import org.argeo.security.ArgeoUser; -import org.argeo.security.UserNature; - -public class JcrArgeoUser implements ArgeoUser { - /** Cached for performance reasons. */ - private final String username; - private final Node home; - private final List roles; - private final Boolean enabled; - private final String password; - - public JcrArgeoUser(Node home, String password, List roles, - Boolean enabled) { - this.home = home; - this.password = password; - this.roles = Collections.unmodifiableList(new ArrayList(roles)); - this.enabled = enabled; - try { - username = home.getSession().getUserID(); - } catch (RepositoryException e) { - throw new ArgeoException("Cannot find JCR user id", e); - } - - } - - public String getUsername() { - return username; - } - - public Map getUserNatures() { - throw new UnsupportedOperationException("deprecated"); - } - - public void updateUserNatures(Map userNatures) { - throw new UnsupportedOperationException("deprecated"); - } - - public List getRoles() { - return roles; - } - - public String getPassword() { - return password; - } - - public Node getHome() { - return home; - } - - public Boolean getEnabled() { - return enabled; - } - - public boolean equals(Object obj) { - if (!(obj instanceof ArgeoUser)) - return false; - return ((ArgeoUser) obj).getUsername().equals(username); - } - - @Override - public int hashCode() { - return username.hashCode(); - } - - public String toString() { - return getUsername() + "@" + getHome(); - } -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/JcrUserDetails.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/JcrUserDetails.java index 3815b843b..f7d016cf4 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/JcrUserDetails.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/JcrUserDetails.java @@ -3,11 +3,6 @@ package org.argeo.security.jcr; import java.util.ArrayList; import java.util.List; -import javax.jcr.Node; -import javax.jcr.RepositoryException; -import javax.jcr.Session; - -import org.argeo.ArgeoException; import org.springframework.security.GrantedAuthority; import org.springframework.security.GrantedAuthorityImpl; import org.springframework.security.userdetails.User; @@ -29,44 +24,6 @@ public class JcrUserDetails extends User { return homePath; } - public static JcrUserDetails argeoUserToJcrUserDetails( - JcrArgeoUser argeoUser) { - try { - List gas = new ArrayList(); - for (String role : argeoUser.getRoles()) - gas.add(new GrantedAuthorityImpl(role)); - return new JcrUserDetails(argeoUser.getHome().getPath(), - argeoUser.getUsername(), argeoUser.getPassword(), - argeoUser.getEnabled(), true, true, true, - gas.toArray(new GrantedAuthority[gas.size()])); - } catch (Exception e) { - throw new ArgeoException("Cannot convert " + argeoUser - + " to JCR user details", e); - } - } - - public static JcrArgeoUser jcrUserDetailsToArgeoUser(Session userSession, - JcrUserDetails jcrUserDetails) { - if (!userSession.getUserID().equals(jcrUserDetails.getUsername())) - throw new ArgeoException("User session has user id " - + userSession.getUserID() + " while details has username " - + jcrUserDetails.getUsername()); - - Node userHome; - try { - userHome = userSession.getNode(jcrUserDetails.getHomePath()); - } catch (RepositoryException e) { - throw new ArgeoException("Cannot retrieve user home with path " - + jcrUserDetails.getHomePath(), e); - } - List roles = new ArrayList(); - for (GrantedAuthority ga : jcrUserDetails.getAuthorities()) - roles.add(ga.getAuthority()); - return new JcrArgeoUser(userHome, jcrUserDetails.getPassword(), roles, - jcrUserDetails.isEnabled()); - - } - public JcrUserDetails cloneWithNewRoles(List roles) { List authorities = new ArrayList(); for (String role : roles) { diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/CoworkerNature.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/CoworkerNature.java deleted file mode 100644 index ac0503276..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/CoworkerNature.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (C) 2010 Mathieu Baudier - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.argeo.security.nature; - -import org.argeo.security.AbstractUserNature; - -public class CoworkerNature extends AbstractUserNature { - private static final long serialVersionUID = 1L; - private String mobile; - private String telephoneNumber; - - public String getMobile() { - return mobile; - } - - public void setMobile(String mobile) { - this.mobile = mobile; - } - - public String getTelephoneNumber() { - return telephoneNumber; - } - - public void setTelephoneNumber(String telephoneNumber) { - this.telephoneNumber = telephoneNumber; - } - -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/InfrastructureUserNature.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/InfrastructureUserNature.java deleted file mode 100644 index 08ac376a8..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/InfrastructureUserNature.java +++ /dev/null @@ -1,67 +0,0 @@ -package org.argeo.security.nature; - -import org.argeo.security.AbstractUserNature; - -/** - * Argeo infrastructure user nature. People with access to the infrastructure - * must be properly identified. - */ -public class InfrastructureUserNature extends AbstractUserNature { - private static final long serialVersionUID = 1L; - - private String mobile; - private String telephoneNumber; - private String postalAddress; - private String postalCode; - private String city; - private String countryCode; - - public String getMobile() { - return mobile; - } - - public void setMobile(String mobile) { - this.mobile = mobile; - } - - public String getTelephoneNumber() { - return telephoneNumber; - } - - public void setTelephoneNumber(String telephoneNumber) { - this.telephoneNumber = telephoneNumber; - } - - public String getPostalAddress() { - return postalAddress; - } - - public void setPostalAddress(String postalAddress) { - this.postalAddress = postalAddress; - } - - public String getPostalCode() { - return postalCode; - } - - public void setPostalCode(String postalCode) { - this.postalCode = postalCode; - } - - public String getCity() { - return city; - } - - public void setCity(String city) { - this.city = city; - } - - public String getCountryCode() { - return countryCode; - } - - public void setCountryCode(String countryCode) { - this.countryCode = countryCode; - } - -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/PosixAccountNature.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/PosixAccountNature.java deleted file mode 100644 index 3984ffe3d..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/PosixAccountNature.java +++ /dev/null @@ -1,45 +0,0 @@ -package org.argeo.security.nature; - -import org.argeo.security.AbstractUserNature; - -/** User with access to POSIX operating systems*/ -public class PosixAccountNature extends AbstractUserNature { - private static final long serialVersionUID = 1L; - - private Integer uidNumber; - private Integer gidNumber; - private String homeDirectory; - private String authorizedKeys; - - public Integer getUidNumber() { - return uidNumber; - } - - public void setUidNumber(Integer uidNumber) { - this.uidNumber = uidNumber; - } - - public Integer getGidNumber() { - return gidNumber; - } - - public void setGidNumber(Integer gidNumber) { - this.gidNumber = gidNumber; - } - - public String getHomeDirectory() { - return homeDirectory; - } - - public void setHomeDirectory(String homeDirectory) { - this.homeDirectory = homeDirectory; - } - - public String getAuthorizedKeys() { - return authorizedKeys; - } - - public void setAuthorizedKeys(String authorizedKeys) { - this.authorizedKeys = authorizedKeys; - } -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/SimpleUserNature.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/SimpleUserNature.java deleted file mode 100644 index e400e99d9..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/SimpleUserNature.java +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (C) 2010 Mathieu Baudier - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.argeo.security.nature; - -import org.argeo.ArgeoException; -import org.argeo.security.AbstractUserNature; -import org.argeo.security.ArgeoUser; -import org.argeo.security.UserNature; - -@Deprecated -public class SimpleUserNature extends AbstractUserNature { - /** - * No PAI, for internal use within the Argeo Security framework. Will - * probably be removed. - */ - public final static String TYPE = "simpleUser"; - - private static final long serialVersionUID = 1L; - private String email; - private String firstName; - private String lastName; - private String description; - - public String getEmail() { - return email; - } - - public void setEmail(String email) { - this.email = email; - } - - public String getFirstName() { - return firstName; - } - - public void setFirstName(String firstName) { - this.firstName = firstName; - } - - public String getLastName() { - return lastName; - } - - public void setLastName(String lastName) { - this.lastName = lastName; - } - - public String getDescription() { - return description; - } - - public void setDescription(String description) { - this.description = description; - } - - /* - * SECURITY UTILITIES - */ - /** - * Finds a user nature extending {@link SimpleUserNature} in the provided - * user. - * - * @param user - * the user to scan - * @param simpleNatureType - * the type under which a {@link SimpleUserNature} is registered, - * useful if there are many. can be null. - * @return the {@link SimpleUserNature} - * @throws ArgeoException - * if no simple user nature was found - */ - public final static SimpleUserNature findSimpleUserNature(ArgeoUser user, - String simpleNatureType) { - SimpleUserNature simpleNature = null; - if (simpleNatureType != null) - simpleNature = (SimpleUserNature) user.getUserNatures().get( - simpleNatureType); - else - for (UserNature userNature : user.getUserNatures().values()) - if (userNature instanceof SimpleUserNature) - simpleNature = (SimpleUserNature) userNature; - - if (simpleNature == null) - throw new ArgeoException("No simple user nature in user " + user); - return simpleNature; - } - -} diff --git a/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/ArgeoLoginModule.java b/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/ArgeoLoginModule.java index f30af7060..69bab5293 100644 --- a/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/ArgeoLoginModule.java +++ b/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/ArgeoLoginModule.java @@ -91,7 +91,7 @@ public class ArgeoLoginModule extends AbstractLoginModule { // we resync with Spring Security since the subject may have been reused // in beetween // TODO: check if this is clean - subject.getPrincipals().addAll(syncPrincipals()); + //subject.getPrincipals().addAll(syncPrincipals()); return true; } diff --git a/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/ArgeoLdapUserDetailsManager.java b/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/ArgeoLdapUserDetailsManager.java index 54ef836a0..040d650d7 100644 --- a/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/ArgeoLdapUserDetailsManager.java +++ b/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/ArgeoLdapUserDetailsManager.java @@ -2,14 +2,27 @@ package org.argeo.security.ldap; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; +import java.util.ArrayList; +import java.util.Collections; +import java.util.Iterator; +import java.util.List; import java.util.Random; +import java.util.Set; +import java.util.TreeSet; +import org.argeo.security.UserAdminDao; +import org.argeo.security.UserAdminService; import org.springframework.ldap.core.ContextSource; +import org.springframework.security.GrantedAuthority; import org.springframework.security.providers.encoding.PasswordEncoder; +import org.springframework.security.userdetails.UserDetails; import org.springframework.security.userdetails.ldap.LdapUserDetailsManager; /** Extends {@link LdapUserDetailsManager} by adding password encoding support. */ -public class ArgeoLdapUserDetailsManager extends LdapUserDetailsManager { +public class ArgeoLdapUserDetailsManager extends LdapUserDetailsManager + implements UserAdminService { + private String superUsername = "root"; + private UserAdminDao userAdminDao; private PasswordEncoder passwordEncoder; private final Random random; @@ -31,6 +44,46 @@ public class ArgeoLdapUserDetailsManager extends LdapUserDetailsManager { super.changePassword(oldPassword, encodePassword(newPassword)); } + public void newRole(String role) { + userAdminDao.createRole(role, superUsername); + } + + public void synchronize() { + for (String username : userAdminDao.listUsers()) + loadUserByUsername(username); + // TODO: find a way to remove from JCR + } + + public void deleteRole(String role) { + userAdminDao.deleteRole(role); + } + + public Set listUsersInRole(String role) { + Set lst = new TreeSet( + userAdminDao.listUsersInRole(role)); + Iterator it = lst.iterator(); + while (it.hasNext()) { + if (it.next().equals(superUsername)) { + it.remove(); + break; + } + } + return lst; + } + + public List listUserRoles(String username) { + UserDetails userDetails = loadUserByUsername(username); + List roles = new ArrayList(); + for (GrantedAuthority ga : userDetails.getAuthorities()) { + roles.add(ga.getAuthority()); + } + return Collections.unmodifiableList(roles); + } + + public Set listEditableRoles() { + return userAdminDao.listEditableRoles(); + } + protected String encodePassword(String password) { if (!password.startsWith("{")) { byte[] salt = new byte[16]; @@ -45,4 +98,12 @@ public class ArgeoLdapUserDetailsManager extends LdapUserDetailsManager { this.passwordEncoder = passwordEncoder; } + public void setSuperUsername(String superUsername) { + this.superUsername = superUsername; + } + + public void setUserAdminDao(UserAdminDao userAdminDao) { + this.userAdminDao = userAdminDao; + } + } diff --git a/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java b/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java index 200ed351e..dc6cd6392 100644 --- a/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java +++ b/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java @@ -16,13 +16,8 @@ package org.argeo.security.ldap; -import static org.argeo.security.core.ArgeoUserDetails.createSimpleArgeoUser; - -import java.security.NoSuchAlgorithmException; -import java.security.SecureRandom; import java.util.Collections; import java.util.List; -import java.util.Random; import java.util.Set; import java.util.TreeSet; @@ -30,31 +25,21 @@ import javax.naming.Name; import javax.naming.NamingException; import javax.naming.directory.DirContext; -import org.argeo.ArgeoException; -import org.argeo.security.ArgeoUser; -import org.argeo.security.CurrentUserDao; -import org.argeo.security.SimpleArgeoUser; import org.argeo.security.UserAdminDao; -import org.argeo.security.core.ArgeoUserDetails; import org.springframework.ldap.core.ContextExecutor; import org.springframework.ldap.core.ContextMapper; import org.springframework.ldap.core.DirContextAdapter; import org.springframework.ldap.core.DistinguishedName; import org.springframework.ldap.core.LdapTemplate; import org.springframework.ldap.core.support.BaseLdapPathContextSource; -import org.springframework.security.context.SecurityContextHolder; import org.springframework.security.ldap.LdapUsernameToDnMapper; import org.springframework.security.ldap.LdapUtils; -import org.springframework.security.providers.UsernamePasswordAuthenticationToken; -import org.springframework.security.providers.encoding.PasswordEncoder; -import org.springframework.security.userdetails.UserDetails; -import org.springframework.security.userdetails.UserDetailsManager; /** * Wraps a Spring LDAP user details manager, providing additional methods to * manage roles. */ -public class ArgeoSecurityDaoLdap implements CurrentUserDao, UserAdminDao { +public class ArgeoSecurityDaoLdap implements UserAdminDao { private String userBase; private String usernameAttribute; private String groupBase; @@ -66,63 +51,18 @@ public class ArgeoSecurityDaoLdap implements CurrentUserDao, UserAdminDao { private String rolePrefix; private final LdapTemplate ldapTemplate; - private final Random random; - private LdapUsernameToDnMapper usernameMapper; - private UserDetailsManager userDetailsManager; - - private PasswordEncoder passwordEncoder; /** * Standard constructor, using the LDAP context source shared with Spring * Security components. */ public ArgeoSecurityDaoLdap(BaseLdapPathContextSource contextSource) { - this(new LdapTemplate(contextSource), createRandom()); - } - - /** - * Advanced constructor allowing to reuse an LDAP template and to explicitly - * set the random used as seed for SSHA password generation. - */ - public ArgeoSecurityDaoLdap(LdapTemplate ldapTemplate, Random random) { - this.ldapTemplate = ldapTemplate; - this.random = random; - } - - private static Random createRandom() { - try { - return SecureRandom.getInstance("SHA1PRNG"); - } catch (NoSuchAlgorithmException e) { - return new Random(System.currentTimeMillis()); - } - } - - public synchronized void createUser(ArgeoUser user) { - // normalize password - if (user instanceof SimpleArgeoUser) { - if (user.getPassword() == null || user.getPassword().equals("")) - ((SimpleArgeoUser) user).setPassword(encodePassword(user - .getUsername())); - else if (!user.getPassword().startsWith("{")) - ((SimpleArgeoUser) user).setPassword(encodePassword(user - .getPassword())); - } - userDetailsManager.createUser(new ArgeoUserDetails(user)); - } - - public synchronized ArgeoUser getUser(String uname) { - SimpleArgeoUser user = createSimpleArgeoUser(getDetails(uname)); - user.setPassword(null); - return user; - } - - public synchronized ArgeoUser getUserWithPassword(String uname) { - return createSimpleArgeoUser(getDetails(uname)); + this.ldapTemplate = new LdapTemplate(contextSource); } @SuppressWarnings("unchecked") - public synchronized Set listUsers() { + public synchronized Set listUsers() { List usernames = (List) ldapTemplate.listBindings( new DistinguishedName(userBase), new ContextMapper() { public Object mapFromContext(Object ctxArg) { @@ -131,11 +71,8 @@ public class ArgeoSecurityDaoLdap implements CurrentUserDao, UserAdminDao { } }); - TreeSet lst = new TreeSet(); - for (String username : usernames) { - lst.add(createSimpleArgeoUser(getDetails(username))); - } - return Collections.unmodifiableSortedSet(lst); + return Collections + .unmodifiableSortedSet(new TreeSet(usernames)); } @SuppressWarnings("unchecked") @@ -152,76 +89,24 @@ public class ArgeoSecurityDaoLdap implements CurrentUserDao, UserAdminDao { } @SuppressWarnings("unchecked") - public Set listUsersInRole(String role) { - return (Set) ldapTemplate.lookup( + public Set listUsersInRole(String role) { + return (Set) ldapTemplate.lookup( buildGroupDn(convertRoleToGroup(role)), new ContextMapper() { public Object mapFromContext(Object ctxArg) { DirContextAdapter ctx = (DirContextAdapter) ctxArg; String[] userDns = ctx .getStringAttributes(groupMemberAttribute); - TreeSet set = new TreeSet(); + TreeSet set = new TreeSet(); for (String userDn : userDns) { DistinguishedName dn = new DistinguishedName(userDn); String username = dn.getValue(usernameAttribute); - set.add(createSimpleArgeoUser(getDetails(username))); + set.add(username); } return Collections.unmodifiableSortedSet(set); } }); } - public synchronized void updateUser(ArgeoUser user) { - // normalize password - String password = user.getPassword(); - if (password == null) - password = getUserWithPassword(user.getUsername()).getPassword(); - if (!password.startsWith("{")) - password = encodePassword(user.getPassword()); - SimpleArgeoUser simpleArgeoUser = new SimpleArgeoUser(user); - simpleArgeoUser.setPassword(password); - - ArgeoUserDetails argeoUserDetails = new ArgeoUserDetails(user); - userDetailsManager.updateUser(new ArgeoUserDetails(user)); - // refresh logged in user - if (ArgeoUserDetails.securityContextUser().getUsername() - .equals(argeoUserDetails.getUsername())) { - SecurityContextHolder.getContext().setAuthentication( - new UsernamePasswordAuthenticationToken(argeoUserDetails, - null, argeoUserDetails.getAuthorities())); - } - } - - public void updateCurrentUserPassword(String oldPassword, String newPassword) { - SimpleArgeoUser user = new SimpleArgeoUser( - ArgeoUserDetails.securityContextUser()); - if (!passwordEncoder.isPasswordValid(user.getPassword(), oldPassword, - null)) - throw new ArgeoException("Old password is not correct."); - user.setPassword(encodePassword(newPassword)); - updateUser(user); - //userDetailsManager.changePassword(oldPassword, newPassword); - } - - public void updateUserPassword(String username, String password) { - SimpleArgeoUser user = new SimpleArgeoUser(getUser(username)); - user.setPassword(encodePassword(password)); - updateUser(user); - } - - protected String encodePassword(String password) { - byte[] salt = new byte[16]; - random.nextBytes(salt); - return passwordEncoder.encodePassword(password, salt); - } - - public synchronized void deleteUser(String username) { - userDetailsManager.deleteUser(username); - } - - public synchronized Boolean userExists(String username) { - return userDetailsManager.userExists(username); - } - public void createRole(String role, final String superuserName) { String group = convertRoleToGroup(role); DistinguishedName superuserDn = (DistinguishedName) ldapTemplate @@ -270,10 +155,6 @@ public class ArgeoSecurityDaoLdap implements CurrentUserDao, UserAdminDao { + groupBase); } - public void setUserDetailsManager(UserDetailsManager userDetailsManager) { - this.userDetailsManager = userDetailsManager; - } - public void setUserBase(String userBase) { this.userBase = userBase; } @@ -282,10 +163,6 @@ public class ArgeoSecurityDaoLdap implements CurrentUserDao, UserAdminDao { this.usernameAttribute = usernameAttribute; } - protected UserDetails getDetails(String username) { - return userDetailsManager.loadUserByUsername(username); - } - public void setGroupBase(String groupBase) { this.groupBase = groupBase; } @@ -317,9 +194,4 @@ public class ArgeoSecurityDaoLdap implements CurrentUserDao, UserAdminDao { public void setGroupClasses(String[] groupClasses) { this.groupClasses = groupClasses; } - - public void setPasswordEncoder(PasswordEncoder passwordEncoder) { - this.passwordEncoder = passwordEncoder; - } - } diff --git a/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/ArgeoUserDetailsContextMapper.java b/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/ArgeoUserDetailsContextMapper.java deleted file mode 100644 index 459d5e5fc..000000000 --- a/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/ArgeoUserDetailsContextMapper.java +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (C) 2010 Mathieu Baudier - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.argeo.security.ldap; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import org.argeo.security.ArgeoUser; -import org.argeo.security.UserNature; -import org.argeo.security.core.ArgeoUserDetails; -import org.springframework.ldap.core.DirContextAdapter; -import org.springframework.ldap.core.DirContextOperations; -import org.springframework.security.GrantedAuthority; -import org.springframework.security.userdetails.UserDetails; -import org.springframework.security.userdetails.ldap.UserDetailsContextMapper; - -/** - * Performs the mapping between LDAP and the user natures, using - * {@link UserNatureMapper}. - */ -public class ArgeoUserDetailsContextMapper implements UserDetailsContextMapper { - // private final static Log log = LogFactory - // .getLog(ArgeoUserDetailsContextMapper.class); - - private List userNatureMappers = new ArrayList(); - - public UserDetails mapUserFromContext(DirContextOperations ctx, - String username, GrantedAuthority[] authorities) { - byte[] arr = (byte[]) ctx.getAttributeSortedStringSet("userPassword") - .first(); - String password = new String(arr); - - Map userNatures = new HashMap(); - for (UserNatureMapper userInfoMapper : userNatureMappers) { - UserNature userNature = userInfoMapper.mapUserInfoFromContext(ctx); - if (userNature != null) - userNatures.put(userInfoMapper.getName(), userNature); - } - - return new ArgeoUserDetails(username, - Collections.unmodifiableMap(userNatures), password, authorities); - } - - public void mapUserToContext(UserDetails user, DirContextAdapter ctx) { - ctx.setAttributeValues("objectClass", new String[] { "inetOrgPerson" }); - ctx.setAttributeValue("uid", user.getUsername()); - ctx.setAttributeValue("userPassword", user.getPassword()); - if (user instanceof ArgeoUser) { - ArgeoUser argeoUser = (ArgeoUser) user; - for (UserNature userNature : argeoUser.getUserNatures().values()) { - for (UserNatureMapper userInfoMapper : userNatureMappers) { - if (userInfoMapper.supports(userNature)) { - userInfoMapper.mapUserInfoToContext(userNature, ctx); - break;// use the first mapper found and no others - } - } - } - } - } - - public void setUserNatureMappers(List userNatureMappers) { - this.userNatureMappers = userNatureMappers; - } - -} diff --git a/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/UserNatureMapper.java b/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/UserNatureMapper.java deleted file mode 100644 index 81d9f9129..000000000 --- a/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/UserNatureMapper.java +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright (C) 2010 Mathieu Baudier - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.argeo.security.ldap; - -import org.argeo.security.UserNature; -import org.springframework.ldap.core.DirContextAdapter; -import org.springframework.ldap.core.DirContextOperations; - -/** Maps a user nature from LDAP. */ -public interface UserNatureMapper { - public String getName(); - - public void mapUserInfoToContext(UserNature userInfo, DirContextAdapter ctx); - - public UserNature mapUserInfoFromContext(DirContextOperations ctx); - - public Boolean supports(UserNature userInfo); -} diff --git a/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/nature/CoworkerUserNatureMapper.java b/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/nature/CoworkerUserNatureMapper.java deleted file mode 100644 index 761d1186c..000000000 --- a/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/nature/CoworkerUserNatureMapper.java +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (C) 2010 Mathieu Baudier - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.argeo.security.ldap.nature; - -import org.argeo.security.UserNature; -import org.argeo.security.ldap.UserNatureMapper; -import org.argeo.security.nature.CoworkerNature; -import org.springframework.ldap.core.DirContextAdapter; -import org.springframework.ldap.core.DirContextOperations; - -public class CoworkerUserNatureMapper implements UserNatureMapper { - - public String getName() { - return "coworker"; - } - - public UserNature mapUserInfoFromContext(DirContextOperations ctx) { - CoworkerNature nature = new CoworkerNature(); - nature.setMobile(ctx.getStringAttribute("mobile")); - nature.setTelephoneNumber(ctx.getStringAttribute("telephoneNumber")); - - if (nature.getMobile() == null && nature.getTelephoneNumber() == null) - return null; - else - return nature; - } - - public void mapUserInfoToContext(UserNature userInfoArg, - DirContextAdapter ctx) { - CoworkerNature nature = (CoworkerNature) userInfoArg; - if (nature.getMobile() == null || !nature.getMobile().equals("")) { - ctx.setAttributeValue("mobile", nature.getMobile()); - } - if (nature.getTelephoneNumber() == null - || !nature.getTelephoneNumber().equals("")) { - ctx.setAttributeValue("telephoneNumber", - nature.getTelephoneNumber()); - } - } - - public Boolean supports(UserNature userNature) { - return userNature instanceof CoworkerNature; - } - -} diff --git a/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/nature/SimpleUserNatureMapper.java b/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/nature/SimpleUserNatureMapper.java deleted file mode 100644 index 681c5174a..000000000 --- a/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/nature/SimpleUserNatureMapper.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (C) 2010 Mathieu Baudier - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.argeo.security.ldap.nature; - -import org.argeo.security.UserNature; -import org.argeo.security.ldap.UserNatureMapper; -import org.argeo.security.nature.SimpleUserNature; -import org.springframework.ldap.core.DirContextAdapter; -import org.springframework.ldap.core.DirContextOperations; - -public class SimpleUserNatureMapper implements UserNatureMapper { - public String getName() { - return SimpleUserNature.TYPE; - } - - public UserNature mapUserInfoFromContext(DirContextOperations ctx) { - SimpleUserNature nature = new SimpleUserNature(); - nature.setLastName(ctx.getStringAttribute("sn")); - nature.setFirstName(ctx.getStringAttribute("givenName")); - nature.setEmail(ctx.getStringAttribute("mail")); - nature.setDescription(ctx.getStringAttribute("description")); - return nature; - } - - public void mapUserInfoToContext(UserNature userInfoArg, - DirContextAdapter ctx) { - SimpleUserNature nature = (SimpleUserNature) userInfoArg; - ctx.setAttributeValue("cn", - nature.getFirstName() + " " + nature.getLastName()); - ctx.setAttributeValue("sn", nature.getLastName()); - ctx.setAttributeValue("givenName", nature.getFirstName()); - ctx.setAttributeValue("mail", nature.getEmail()); - if (nature.getDescription() != null - && !nature.getDescription().equals("")) { - ctx.setAttributeValue("description", nature.getDescription()); - } - } - - public Boolean supports(UserNature userNature) { - return userNature instanceof SimpleUserNature; - } - -} diff --git a/security/runtime/pom.xml b/security/runtime/pom.xml index 641ca066a..9ecd07c06 100644 --- a/security/runtime/pom.xml +++ b/security/runtime/pom.xml @@ -13,7 +13,7 @@ pom org.argeo.security.core - org.argeo.security.mvc + org.argeo.security.ldap org.argeo.security.activemq org.argeo.security.jackrabbit @@ -71,7 +71,7 @@ true - org.argeo.security.ria + diff --git a/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/JcrUtils.java b/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/JcrUtils.java index 77309feea..bc7862f5f 100644 --- a/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/JcrUtils.java +++ b/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/JcrUtils.java @@ -663,10 +663,10 @@ public class JcrUtils implements ArgeoJcrConstants { * the session to use in order to perform the search, this can be * a session with a different user ID than the one searched, * typically when a system or admin session is used. - * @param userID - * the id of the user + * @param username + * the username of the user */ - public static Node getUserHome(Session session, String userID) { + public static Node getUserHome(Session session, String username) { try { QueryObjectModelFactory qomf = session.getWorkspace() .getQueryManager().getQOMFactory(); @@ -677,18 +677,18 @@ public class JcrUtils implements ArgeoJcrConstants { DynamicOperand userIdDop = qomf.propertyValue("userHome", ArgeoNames.ARGEO_USER_ID); StaticOperand userIdSop = qomf.literal(session.getValueFactory() - .createValue(userID)); + .createValue(username)); Constraint constraint = qomf.comparison(userIdDop, QueryObjectModelFactory.JCR_OPERATOR_EQUAL_TO, userIdSop); Query query = qomf.createQuery(userHomeSel, constraint, null, null); Node userHome = JcrUtils.querySingleNode(query); return userHome; } catch (RepositoryException e) { - throw new ArgeoException("Cannot find home for user " + userID, e); + throw new ArgeoException("Cannot find home for user " + username, e); } } - public static Node getUserProfile(Session session, String userID) { + public static Node getUserProfile(Session session, String username) { try { QueryObjectModelFactory qomf = session.getWorkspace() .getQueryManager().getQOMFactory(); @@ -697,21 +697,23 @@ public class JcrUtils implements ArgeoJcrConstants { DynamicOperand userIdDop = qomf.propertyValue("userProfile", ArgeoNames.ARGEO_USER_ID); StaticOperand userIdSop = qomf.literal(session.getValueFactory() - .createValue(userID)); + .createValue(username)); Constraint constraint = qomf.comparison(userIdDop, QueryObjectModelFactory.JCR_OPERATOR_EQUAL_TO, userIdSop); Query query = qomf.createQuery(sel, constraint, null, null); Node userHome = JcrUtils.querySingleNode(query); return userHome; } catch (RepositoryException e) { - throw new ArgeoException("Cannot find profile for user " + userID, - e); + throw new ArgeoException( + "Cannot find profile for user " + username, e); } } public static Node createUserHome(Session session, String homeBasePath, String username) { try { + if (session == null) + throw new ArgeoException("Session is null"); if (session.hasPendingChanges()) throw new ArgeoException( "Session has pending changes, save them first"); @@ -724,11 +726,6 @@ public class JcrUtils implements ArgeoJcrConstants { userProfile.setProperty(ArgeoNames.ARGEO_USER_ID, username); session.save(); // we need to save the profile before adding the user home type - PropertyIterator pit = userHome.getProperties(); - while (pit.hasNext()) { - Property p = pit.nextProperty(); - log.debug(p.getName() + "=" + p.getValue().getString()); - } userHome.addMixin(ArgeoTypes.ARGEO_USER_HOME); // see // http://jackrabbit.510166.n4.nabble.com/Jackrabbit-2-0-beta-6-Problem-adding-a-Mixin-type-with-mandatory-properties-after-setting-propertiesn-td1290332.html -- 2.30.2