From b00a7e9898ea2819100290cab22bf614e23a3abf Mon Sep 17 00:00:00 2001 From: Mathieu Baudier Date: Sat, 19 Sep 2009 08:21:35 +0000 Subject: [PATCH] Restructure security git-svn-id: https://svn.argeo.org/commons/trunk@2975 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc --- security/demo/.project | 2 +- security/demo/init.ldif | 9 --- .../log4j.properties | 7 ++- .../META-INF/MANIFEST.MF | 2 +- .../META-INF/spring/dao.xml | 7 +-- .../META-INF/spring/ldap.xml | 20 +----- .../META-INF/spring/osgi.xml | 6 +- .../META-INF/MANIFEST.MF | 1 - .../WEB-INF/osgi.xml | 3 +- .../WEB-INF/security-servlet.xml | 31 +++++----- .../org/argeo/security/ArgeoSecurity.java | 12 ++++ .../UserDao.java => ArgeoSecurityDao.java} | 15 ++--- .../argeo/security/ArgeoSecurityService.java | 8 +++ .../security/core/DefaultArgeoSecurity.java | 24 +++++++ .../security/core/DefaultSecurityService.java | 35 +++++++++++ .../java/org/argeo/security/dao/RoleDao.java | 13 ---- .../ldap/ArgeoUserDetailsContextMapper.java | 4 +- .../org/argeo/security/ldap/RoleDaoLdap.java | 62 ------------------- ...{UserDaoLdap.java => SecurityDaoLdap.java} | 57 ++++++++++++----- .../CoworkerUserNatureMapper.java | 3 +- .../{ => nature}/SimpleUserNatureMapper.java | 3 +- .../argeo/security/nature/CoworkerNature.java | 1 + .../security/nature/SimpleUserNature.java | 1 + .../main/resources/META-INF/spring/osgi.xml | 11 ++++ .../resources/META-INF/spring/services.xml | 10 +++ .../security/mvc/UsersRolesController.java | 48 +++++++------- .../server/json/GenericJsonDeserializer.java | 5 +- .../server/json/JsonObjectFactoryImpl.java | 24 ++----- 28 files changed, 218 insertions(+), 206 deletions(-) create mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurity.java rename security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/{dao/UserDao.java => ArgeoSecurityDao.java} (60%) create mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityService.java create mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultArgeoSecurity.java create mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/dao/RoleDao.java delete mode 100644 security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/RoleDaoLdap.java rename security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/{UserDaoLdap.java => SecurityDaoLdap.java} (63%) rename security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/{ => nature}/CoworkerUserNatureMapper.java (94%) rename security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/{ => nature}/SimpleUserNatureMapper.java (93%) create mode 100644 security/runtime/org.argeo.security.core/src/main/resources/META-INF/spring/services.xml diff --git a/security/demo/.project b/security/demo/.project index 170a23688..7acd402df 100644 --- a/security/demo/.project +++ b/security/demo/.project @@ -1,6 +1,6 @@ - org.argeo.commons.security.demo + org.argeo.security.demo diff --git a/security/demo/init.ldif b/security/demo/init.ldif index 2a566f3d9..bc1512b34 100644 --- a/security/demo/init.ldif +++ b/security/demo/init.ldif @@ -58,12 +58,3 @@ objectClass: groupOfUniqueNames objectClass: top cn: admin uniquemember: uid=gandalf,ou=users,dc=demo,dc=argeo,dc=org - -dn: cn=user,ou=groups,dc=demo,dc=argeo,dc=org -objectClass: groupOfUniqueNames -objectClass: top -cn: user -uniquemember: uid=gandalf,ou=users,dc=demo,dc=argeo,dc=org -uniquemember: uid=demo,ou=users,dc=demo,dc=argeo,dc=org -uniquemember: uid=frodo,ou=users,dc=demo,dc=argeo,dc=org - diff --git a/security/demo/org.argeo.security.demo.log4j/log4j.properties b/security/demo/org.argeo.security.demo.log4j/log4j.properties index f54a84e41..274c80608 100644 --- a/security/demo/org.argeo.security.demo.log4j/log4j.properties +++ b/security/demo/org.argeo.security.demo.log4j/log4j.properties @@ -10,11 +10,12 @@ log4j.logger.org.springframework=WARN #log4j.logger.org.springframework.jms=WARN log4j.logger.org.springframework.security=WARN -log4j.org.apache.directory=ERROR +log4j.logger.org.apache.directory.server=INFO +log4j.logger.org.apache.directory.server.core.partition=ERROR +log4j.logger.org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry=ERROR -log4j.logger.org.apache.catalina=INFO +log4j.logger.org.apache.catalina.core.ContainerBase=INFO log4j.logger.org.apache.coyote=INFO -log4j.logger.org.apache.tomcat=INFO ## Appenders # console is set to be a ConsoleAppender. diff --git a/security/modules/org.argeo.security.manager.ldap/META-INF/MANIFEST.MF b/security/modules/org.argeo.security.manager.ldap/META-INF/MANIFEST.MF index 34ad7d391..e95bbc2e5 100644 --- a/security/modules/org.argeo.security.manager.ldap/META-INF/MANIFEST.MF +++ b/security/modules/org.argeo.security.manager.ldap/META-INF/MANIFEST.MF @@ -1,6 +1,6 @@ Bundle-SymbolicName: org.argeo.security.manager.ldap Bundle-Version: 0.1.1.SNAPSHOT -Import-Package: org.argeo.security.dao, +Import-Package: org.argeo.security, org.argeo.security.ldap, org.springframework.ldap.core.support, org.springframework.security, diff --git a/security/modules/org.argeo.security.manager.ldap/META-INF/spring/dao.xml b/security/modules/org.argeo.security.manager.ldap/META-INF/spring/dao.xml index 6d50a5537..1d540a398 100644 --- a/security/modules/org.argeo.security.manager.ldap/META-INF/spring/dao.xml +++ b/security/modules/org.argeo.security.manager.ldap/META-INF/spring/dao.xml @@ -5,14 +5,9 @@ http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd"> - + - - - - - diff --git a/security/modules/org.argeo.security.manager.ldap/META-INF/spring/ldap.xml b/security/modules/org.argeo.security.manager.ldap/META-INF/spring/ldap.xml index 2867ad2c2..ddfa022f7 100644 --- a/security/modules/org.argeo.security.manager.ldap/META-INF/spring/ldap.xml +++ b/security/modules/org.argeo.security.manager.ldap/META-INF/spring/ldap.xml @@ -13,17 +13,6 @@ - - @@ -55,7 +44,7 @@ - + @@ -74,11 +63,6 @@ - - - - - - + diff --git a/security/modules/org.argeo.security.manager.ldap/META-INF/spring/osgi.xml b/security/modules/org.argeo.security.manager.ldap/META-INF/spring/osgi.xml index 76d63766c..6a5f57b86 100644 --- a/security/modules/org.argeo.security.manager.ldap/META-INF/spring/osgi.xml +++ b/security/modules/org.argeo.security.manager.ldap/META-INF/spring/osgi.xml @@ -9,6 +9,8 @@ - - + + + \ No newline at end of file diff --git a/security/modules/org.argeo.security.webapp/META-INF/MANIFEST.MF b/security/modules/org.argeo.security.webapp/META-INF/MANIFEST.MF index 74c67491f..805536e81 100644 --- a/security/modules/org.argeo.security.webapp/META-INF/MANIFEST.MF +++ b/security/modules/org.argeo.security.webapp/META-INF/MANIFEST.MF @@ -4,7 +4,6 @@ Import-Package: javax.servlet, javax.servlet.http, javax.servlet.resources, org.argeo.security, - org.argeo.security.dao, org.argeo.security.mvc, org.argeo.server.json, org.argeo.server.mvc, diff --git a/security/modules/org.argeo.security.webapp/WEB-INF/osgi.xml b/security/modules/org.argeo.security.webapp/WEB-INF/osgi.xml index aa2f7164a..6b73babc5 100644 --- a/security/modules/org.argeo.security.webapp/WEB-INF/osgi.xml +++ b/security/modules/org.argeo.security.webapp/WEB-INF/osgi.xml @@ -9,8 +9,7 @@ - - + diff --git a/security/modules/org.argeo.security.webapp/WEB-INF/security-servlet.xml b/security/modules/org.argeo.security.webapp/WEB-INF/security-servlet.xml index 97d3b121a..3201f73e6 100644 --- a/security/modules/org.argeo.security.webapp/WEB-INF/security-servlet.xml +++ b/security/modules/org.argeo.security.webapp/WEB-INF/security-servlet.xml @@ -10,24 +10,25 @@ - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurity.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurity.java new file mode 100644 index 000000000..815372bab --- /dev/null +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurity.java @@ -0,0 +1,12 @@ +package org.argeo.security; + +/** Callback related to the lifecycle of a user. */ +public interface ArgeoSecurity { + /** + * Called before a user is actually created. Default user natures and roles + * should be added there. + */ + public void beforeCreate(ArgeoUser user); + + public String getSuperUsername(); +} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/dao/UserDao.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityDao.java similarity index 60% rename from security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/dao/UserDao.java rename to security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityDao.java index 859da1b72..039e549e3 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/dao/UserDao.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityDao.java @@ -1,26 +1,23 @@ -package org.argeo.security.dao; +package org.argeo.security; import java.util.List; -import org.argeo.security.ArgeoUser; - -public interface UserDao { +public interface ArgeoSecurityDao { public List listUsers(); + public List listEditableRoles(); + public void create(ArgeoUser user); public void update(ArgeoUser user); public void delete(String username); + public void deleteRole(String role); + public void updatePassword(String oldPassword, String newPassword); public Boolean userExists(String username); public ArgeoUser getUser(String username); - - public void addRoles(String username, List roles); - - public void removeRoles(String username, List roles); - } diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityService.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityService.java new file mode 100644 index 000000000..7eecfb56a --- /dev/null +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoSecurityService.java @@ -0,0 +1,8 @@ +package org.argeo.security; + + +public interface ArgeoSecurityService { + public void newUser(ArgeoUser argeoUser); + public void newRole(String role); + public ArgeoSecurityDao getSecurityDao(); +} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultArgeoSecurity.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultArgeoSecurity.java new file mode 100644 index 000000000..c3b593246 --- /dev/null +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultArgeoSecurity.java @@ -0,0 +1,24 @@ +package org.argeo.security.core; + +import org.argeo.security.ArgeoUser; +import org.argeo.security.ArgeoSecurity; +import org.argeo.security.nature.SimpleUserNature; + +public class DefaultArgeoSecurity implements ArgeoSecurity { + private String superUsername = "root"; + + public void beforeCreate(ArgeoUser user) { + SimpleUserNature simpleUserNature = new SimpleUserNature(); + simpleUserNature.setLastName("");// to prevent issue with sn in LDAP + user.getUserNatures().add(simpleUserNature); + } + + public String getSuperUsername() { + return superUsername; + } + + public void setSuperUsername(String superUsername) { + this.superUsername = superUsername; + } + +} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java new file mode 100644 index 000000000..6be432547 --- /dev/null +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java @@ -0,0 +1,35 @@ +package org.argeo.security.core; + +import org.argeo.security.ArgeoSecurity; +import org.argeo.security.ArgeoSecurityDao; +import org.argeo.security.ArgeoSecurityService; +import org.argeo.security.ArgeoUser; + +public class DefaultSecurityService implements ArgeoSecurityService { + private ArgeoSecurity argeoSecurity = new DefaultArgeoSecurity(); + private ArgeoSecurityDao securityDao; + + public ArgeoSecurityDao getSecurityDao() { + return securityDao; + } + + public void newRole(String role) { + ArgeoUser superUser = securityDao.getUser(argeoSecurity.getSuperUsername()); + superUser.getRoles().add(role); + securityDao.update(superUser); + } + + public void newUser(ArgeoUser user) { + argeoSecurity.beforeCreate(user); + securityDao.create(user); + } + + public void setArgeoSecurity(ArgeoSecurity argeoSecurity) { + this.argeoSecurity = argeoSecurity; + } + + public void setSecurityDao(ArgeoSecurityDao dao) { + this.securityDao = dao; + } + +} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/dao/RoleDao.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/dao/RoleDao.java deleted file mode 100644 index dc6f3a6ab..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/dao/RoleDao.java +++ /dev/null @@ -1,13 +0,0 @@ -package org.argeo.security.dao; - -import java.util.List; - -public interface RoleDao { - public List listEditableRoles(); - - public void create(String role); - - public void delete(String role); - - -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoUserDetailsContextMapper.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoUserDetailsContextMapper.java index d9b76a6c6..3bb8fb7e4 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoUserDetailsContextMapper.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoUserDetailsContextMapper.java @@ -30,7 +30,7 @@ public class ArgeoUserDetailsContextMapper implements UserDetailsContextMapper { List userInfos = new ArrayList(); for (UserNatureMapper userInfoMapper : userNatureMappers) { UserNature userNature = userInfoMapper.mapUserInfoFromContext(ctx); - if (log.isDebugEnabled()) + if (log.isTraceEnabled()) log.debug("Add user nature " + userNature); userInfos.add(userNature); } @@ -49,7 +49,7 @@ public class ArgeoUserDetailsContextMapper implements UserDetailsContextMapper { for (UserNatureMapper userInfoMapper : userNatureMappers) { if (userInfoMapper.supports(userInfo)) { userInfoMapper.mapUserInfoToContext(userInfo, ctx); - break;// use the first mapper found an no others + break;// use the first mapper found and no others } } } diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/RoleDaoLdap.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/RoleDaoLdap.java deleted file mode 100644 index 7a40a3faa..000000000 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/RoleDaoLdap.java +++ /dev/null @@ -1,62 +0,0 @@ -package org.argeo.security.ldap; - -import java.util.List; - -import javax.naming.Name; - -import org.argeo.security.dao.RoleDao; -import org.springframework.ldap.core.ContextMapper; -import org.springframework.ldap.core.ContextSource; -import org.springframework.ldap.core.DirContextAdapter; -import org.springframework.ldap.core.DistinguishedName; -import org.springframework.ldap.core.LdapTemplate; - -public class RoleDaoLdap implements RoleDao { - - private ArgeoLdapAuthoritiesPopulator authoritiesPopulator; - private final LdapTemplate ldapTemplate; - - public RoleDaoLdap(ContextSource contextSource) { - ldapTemplate = new LdapTemplate(contextSource); - } - - public void create(String role) { - Name dn = buildDn(role); - DirContextAdapter context = new DirContextAdapter(); - context.setAttributeValues("objectClass", new String[] { "top", - "groupOfUniqueNames" }); - context.setAttributeValue("cn", role); - ldapTemplate.bind(dn, context, null); - } - - @SuppressWarnings("unchecked") - public List listEditableRoles() { - return (List) ldapTemplate.listBindings(authoritiesPopulator - .getGroupSearchBase(), new ContextMapper() { - public Object mapFromContext(Object ctxArg) { - String groupName = ((DirContextAdapter) ctxArg) - .getStringAttribute(authoritiesPopulator - .getGroupRoleAttribute()); - String roleName = authoritiesPopulator - .convertGroupToRole(groupName); - return roleName; - } - }); - } - - public void delete(String role) { - // TODO Auto-generated method stub - - } - - public void setAuthoritiesPopulator( - ArgeoLdapAuthoritiesPopulator ldapAuthoritiesPopulator) { - this.authoritiesPopulator = ldapAuthoritiesPopulator; - } - - protected Name buildDn(String name) { - return new DistinguishedName("cn=" + name + "," - + authoritiesPopulator.getGroupSearchBase()); - } - -} diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/UserDaoLdap.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/SecurityDaoLdap.java similarity index 63% rename from security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/UserDaoLdap.java rename to security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/SecurityDaoLdap.java index 110d1e650..27ee4443c 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/UserDaoLdap.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/SecurityDaoLdap.java @@ -3,29 +3,30 @@ package org.argeo.security.ldap; import java.util.ArrayList; import java.util.List; +import javax.naming.Name; + +import org.argeo.security.ArgeoSecurityDao; import org.argeo.security.ArgeoUser; import org.argeo.security.core.ArgeoUserDetails; -import org.argeo.security.dao.UserDao; import org.springframework.ldap.core.ContextMapper; import org.springframework.ldap.core.ContextSource; import org.springframework.ldap.core.DirContextAdapter; import org.springframework.ldap.core.DistinguishedName; import org.springframework.ldap.core.LdapTemplate; -import org.springframework.security.GrantedAuthority; -import org.springframework.security.GrantedAuthorityImpl; import org.springframework.security.userdetails.UserDetails; import org.springframework.security.userdetails.UserDetailsManager; -public class UserDaoLdap implements UserDao { +public class SecurityDaoLdap implements ArgeoSecurityDao { // private final static Log log = LogFactory.getLog(UserDaoLdap.class); private UserDetailsManager userDetailsManager; + private ArgeoLdapAuthoritiesPopulator authoritiesPopulator; private String userBase = "ou=users"; private String usernameAttribute = "uid"; private final LdapTemplate ldapTemplate; - public UserDaoLdap(ContextSource contextSource) { + public SecurityDaoLdap(ContextSource contextSource) { ldapTemplate = new LdapTemplate(contextSource); } @@ -56,6 +57,21 @@ public class UserDaoLdap implements UserDao { return lst; } + @SuppressWarnings("unchecked") + public List listEditableRoles() { + return (List) ldapTemplate.listBindings(authoritiesPopulator + .getGroupSearchBase(), new ContextMapper() { + public Object mapFromContext(Object ctxArg) { + String groupName = ((DirContextAdapter) ctxArg) + .getStringAttribute(authoritiesPopulator + .getGroupRoleAttribute()); + String roleName = authoritiesPopulator + .convertGroupToRole(groupName); + return roleName; + } + }); + } + public void update(ArgeoUser user) { userDetailsManager.updateUser(new ArgeoUserDetails(user)); } @@ -72,20 +88,24 @@ public class UserDaoLdap implements UserDao { return userDetailsManager.userExists(username); } - public void addRoles(String username, List roles) { - GrantedAuthority[] auths = new GrantedAuthority[roles.size()]; - for (int i = 0; i < roles.size(); i++) - auths[i] = new GrantedAuthorityImpl(roles.get(i)); - ArgeoUserDetails user = (ArgeoUserDetails) userDetailsManager - .loadUserByUsername(username); - throw new UnsupportedOperationException(); - //userDetailsManager. + public void deleteRole(String role) { + if(true) + throw new UnsupportedOperationException(); + + Name dn = buildRoleDn(role); + DirContextAdapter context = new DirContextAdapter(); + context.setAttributeValues("objectClass", new String[] { "top", + "groupOfUniqueNames" }); + context.setAttributeValue("cn", role); + ldapTemplate.bind(dn, context, null); } - - public void removeRoles(String username, List roles) { - throw new UnsupportedOperationException(); + + protected Name buildRoleDn(String name) { + return new DistinguishedName("cn=" + name + "," + + authoritiesPopulator.getGroupSearchBase()); } + public void setUserDetailsManager(UserDetailsManager userDetailsManager) { this.userDetailsManager = userDetailsManager; } @@ -97,4 +117,9 @@ public class UserDaoLdap implements UserDao { public void setUsernameAttribute(String usernameAttribute) { this.usernameAttribute = usernameAttribute; } + + public void setAuthoritiesPopulator( + ArgeoLdapAuthoritiesPopulator authoritiesPopulator) { + this.authoritiesPopulator = authoritiesPopulator; + } } diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/CoworkerUserNatureMapper.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/nature/CoworkerUserNatureMapper.java similarity index 94% rename from security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/CoworkerUserNatureMapper.java rename to security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/nature/CoworkerUserNatureMapper.java index 47e80dc2e..2ed072526 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/CoworkerUserNatureMapper.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/nature/CoworkerUserNatureMapper.java @@ -1,6 +1,7 @@ -package org.argeo.security.ldap; +package org.argeo.security.ldap.nature; import org.argeo.security.UserNature; +import org.argeo.security.ldap.UserNatureMapper; import org.argeo.security.nature.CoworkerNature; import org.springframework.ldap.core.DirContextAdapter; import org.springframework.ldap.core.DirContextOperations; diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/SimpleUserNatureMapper.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/nature/SimpleUserNatureMapper.java similarity index 93% rename from security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/SimpleUserNatureMapper.java rename to security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/nature/SimpleUserNatureMapper.java index 2a210910c..3bc4b51e1 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/SimpleUserNatureMapper.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/nature/SimpleUserNatureMapper.java @@ -1,6 +1,7 @@ -package org.argeo.security.ldap; +package org.argeo.security.ldap.nature; import org.argeo.security.UserNature; +import org.argeo.security.ldap.UserNatureMapper; import org.argeo.security.nature.SimpleUserNature; import org.springframework.ldap.core.DirContextAdapter; import org.springframework.ldap.core.DirContextOperations; diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/CoworkerNature.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/CoworkerNature.java index 24f1c9b16..f7cb425d0 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/CoworkerNature.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/CoworkerNature.java @@ -3,6 +3,7 @@ package org.argeo.security.nature; import org.argeo.security.UserNature; public class CoworkerNature extends UserNature { + private static final long serialVersionUID = 1L; private String description; private String mobile; private String telephoneNumber; diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/SimpleUserNature.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/SimpleUserNature.java index da31bbae7..ce986d51c 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/SimpleUserNature.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/nature/SimpleUserNature.java @@ -3,6 +3,7 @@ package org.argeo.security.nature; import org.argeo.security.UserNature; public class SimpleUserNature extends UserNature { + private static final long serialVersionUID = 1L; private String email; private String firstName; private String lastName; diff --git a/security/runtime/org.argeo.security.core/src/main/resources/META-INF/spring/osgi.xml b/security/runtime/org.argeo.security.core/src/main/resources/META-INF/spring/osgi.xml index 649157f68..204ae5ce4 100644 --- a/security/runtime/org.argeo.security.core/src/main/resources/META-INF/spring/osgi.xml +++ b/security/runtime/org.argeo.security.core/src/main/resources/META-INF/spring/osgi.xml @@ -7,5 +7,16 @@ http://www.springframework.org/schema/beans/spring-beans-2.5.xsd"> + + + + + + + + + + + \ No newline at end of file diff --git a/security/runtime/org.argeo.security.core/src/main/resources/META-INF/spring/services.xml b/security/runtime/org.argeo.security.core/src/main/resources/META-INF/spring/services.xml new file mode 100644 index 000000000..dbf648926 --- /dev/null +++ b/security/runtime/org.argeo.security.core/src/main/resources/META-INF/spring/services.xml @@ -0,0 +1,10 @@ + + + + + + + \ No newline at end of file diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java index ce6054645..8b09b94a5 100644 --- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java +++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java @@ -7,11 +7,10 @@ import java.util.List; import org.apache.commons.io.IOUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.argeo.security.ArgeoSecurityService; import org.argeo.security.ArgeoUser; import org.argeo.security.BasicArgeoUser; import org.argeo.security.core.ArgeoUserDetails; -import org.argeo.security.dao.RoleDao; -import org.argeo.security.dao.UserDao; import org.argeo.server.BooleanAnswer; import org.argeo.server.DeserializingEditor; import org.argeo.server.ServerAnswer; @@ -31,8 +30,7 @@ public class UsersRolesController implements MvcConstants { private final static Log log = LogFactory .getLog(UsersRolesController.class); - private UserDao userDao; - private RoleDao roleDao; + private ArgeoSecurityService securityService; private ServerDeserializer userDeserializer = null; @@ -55,29 +53,31 @@ public class UsersRolesController implements MvcConstants { @RequestMapping("/getUsersList.security") @ModelAttribute(ANSWER_MODEL_KEY) public List getUsersList() { - return userDao.listUsers(); + return securityService.getSecurityDao().listUsers(); } @RequestMapping("/userExists.security") @ModelAttribute(ANSWER_MODEL_KEY) public BooleanAnswer userExists(@RequestParam("username") String username) { - return new BooleanAnswer(userDao.userExists(username)); + return new BooleanAnswer(securityService.getSecurityDao().userExists( + username)); } @RequestMapping("/createUser.security") @ModelAttribute(ANSWER_MODEL_KEY) public ArgeoUser createUser(Reader reader) { ArgeoUser user = (ArgeoUser) userDeserializer.deserialize(reader); - userDao.create(user); - return userDao.getUser(user.getUsername()); + cleanUserBeforeCreate(user); + securityService.newUser(user); + return securityService.getSecurityDao().getUser(user.getUsername()); } @RequestMapping("/updateUser.security") @ModelAttribute(ANSWER_MODEL_KEY) public ArgeoUser updateUser(Reader reader) { ArgeoUser user = (ArgeoUser) userDeserializer.deserialize(reader); - userDao.update(user); - return userDao.getUser(user.getUsername()); + securityService.getSecurityDao().update(user); + return securityService.getSecurityDao().getUser(user.getUsername()); } @RequestMapping("/createUser2.security") @@ -92,54 +92,56 @@ public class UsersRolesController implements MvcConstants { } finally { IOUtils.closeQuietly(reader); } - userDao.create(user); - return userDao.getUser(user.getUsername()); + cleanUserBeforeCreate(user); + securityService.newUser(user); + return securityService.getSecurityDao().getUser(user.getUsername()); } @RequestMapping("/deleteUser.security") @ModelAttribute(ANSWER_MODEL_KEY) public ServerAnswer deleteUser(@RequestParam("username") String username) { - userDao.delete(username); + securityService.getSecurityDao().delete(username); return ServerAnswer.ok("User " + username + " deleted"); } @RequestMapping("/getUserDetails.security") @ModelAttribute(ANSWER_MODEL_KEY) public ArgeoUser getUserDetails(@RequestParam("username") String username) { - return userDao.getUser(username); + return securityService.getSecurityDao().getUser(username); } /* ROLE */ @RequestMapping("/getRolesList.security") @ModelAttribute(ANSWER_MODEL_KEY) public List getEditableRolesList() { - return roleDao.listEditableRoles(); + return securityService.getSecurityDao().listEditableRoles(); } @RequestMapping("/createRole.security") @ModelAttribute(ANSWER_MODEL_KEY) public ServerAnswer createRole(@RequestParam("role") String role) { - roleDao.create(role); + securityService.newRole(role); return ServerAnswer.ok("Role " + role + " created"); } @RequestMapping("/deleteRole.security") @ModelAttribute(ANSWER_MODEL_KEY) public ServerAnswer deleteRole(@RequestParam("role") String role) { - roleDao.delete(role); + securityService.getSecurityDao().deleteRole(role); return ServerAnswer.ok("Role " + role + " created"); } - public void setUserDao(UserDao userDao) { - this.userDao = userDao; - } - - public void setRoleDao(RoleDao roleDao) { - this.roleDao = roleDao; + protected void cleanUserBeforeCreate(ArgeoUser user) { + user.getUserNatures().clear(); + user.getRoles().clear(); } public void setUserDeserializer(ServerDeserializer userDeserializer) { this.userDeserializer = userDeserializer; } + public void setSecurityService(ArgeoSecurityService securityService) { + this.securityService = securityService; + } + } diff --git a/server/runtime/org.argeo.server.json/src/main/java/org/argeo/server/json/GenericJsonDeserializer.java b/server/runtime/org.argeo.server.json/src/main/java/org/argeo/server/json/GenericJsonDeserializer.java index 38a1541b2..6bfe9b698 100644 --- a/server/runtime/org.argeo.server.json/src/main/java/org/argeo/server/json/GenericJsonDeserializer.java +++ b/server/runtime/org.argeo.server.json/src/main/java/org/argeo/server/json/GenericJsonDeserializer.java @@ -29,6 +29,7 @@ public class GenericJsonDeserializer extends JsonDeserializer { private List objectFactories = new ArrayList(); + @SuppressWarnings("unchecked") @Override public T deserialize(JsonParser parser, DeserializationContext ctxt) throws IOException, JsonProcessingException { @@ -44,7 +45,7 @@ public class GenericJsonDeserializer extends JsonDeserializer { generator.writeTree(root); String str = writer.toString(); - if (log.isDebugEnabled()) + if (log.isTraceEnabled()) log.debug("Deserialize object of type=" + type + ", str=" + str); JsonObjectFactory objectFactory = null; @@ -59,7 +60,7 @@ public class GenericJsonDeserializer extends JsonDeserializer { throw new ArgeoServerException( "Cannot find JSON object factory for type " + type); - return (T) objectFactory.readValue(type, str); + return (T)objectFactory.readValue(type, str); } public void setTypeField(String typeField) { diff --git a/server/runtime/org.argeo.server.json/src/main/java/org/argeo/server/json/JsonObjectFactoryImpl.java b/server/runtime/org.argeo.server.json/src/main/java/org/argeo/server/json/JsonObjectFactoryImpl.java index a38e45ddd..0f1e91e49 100644 --- a/server/runtime/org.argeo.server.json/src/main/java/org/argeo/server/json/JsonObjectFactoryImpl.java +++ b/server/runtime/org.argeo.server.json/src/main/java/org/argeo/server/json/JsonObjectFactoryImpl.java @@ -21,37 +21,24 @@ public class JsonObjectFactoryImpl implements JsonObjectFactory, private ClassLoader classLoader = getClass().getClassLoader(); private ObjectMapper objectMapper = new ObjectMapper(); - private Map supportedTypes = new HashMap(); + private Map> supportedTypes = new HashMap>(); public Boolean supports(String type) { if (supportedTypes.containsKey(type)) return true; return loadClass(type) != null ? true : false; - // try { - // // Class.forName(type); - // Thread.currentThread().getContextClassLoader().loadClass(type); - // return true; - // } catch (ClassNotFoundException e) { - // return false; - // } } + @SuppressWarnings("unchecked") public T readValue(String type, String str) { - final Class clss; + final Class clss; if (supportedTypes.containsKey(type)) clss = supportedTypes.get(type); else { clss = loadClass(type); if (clss == null) throw new ArgeoServerException("Cannot find type " + type); - // try { - // // clss = Class.forName(type); - // clss = Thread.currentThread().getContextClassLoader() - // .loadClass(type); - // } catch (ClassNotFoundException e) { - // throw new ArgeoServerException("Cannot find type " + type, e); - // } } try { @@ -62,12 +49,11 @@ public class JsonObjectFactoryImpl implements JsonObjectFactory, } } - public void setSupportedTypes(Map supportedTypes) { + public void setSupportedTypes(Map> supportedTypes) { this.supportedTypes = supportedTypes; } - protected Class loadClass(String type) { - Class clss; + protected Class loadClass(String type) { // try { // return Class.forName(type); // } catch (ClassNotFoundException e) { -- 2.30.2