#85: Guest login configuration

This commit is contained in:
jendib 2016-05-28 23:09:52 +02:00
parent 8aca012c99
commit ead01ce1d0
No known key found for this signature in database
GPG Key ID: 06EE7F699579166F
8 changed files with 73 additions and 27 deletions

View File

@ -13,5 +13,10 @@ public enum ConfigType {
/** /**
* Theme configuration. * Theme configuration.
*/ */
THEME THEME,
/**
* Guest login.
*/
GUEST_LOGIN
} }

View File

@ -1 +1 @@
db.version=9 db.version=10

View File

@ -0,0 +1,2 @@
insert into T_CONFIG(CFG_ID_C, CFG_VALUE_C) values('GUEST_LOGIN', 'false');
update T_CONFIG set CFG_VALUE_C = '10' where CFG_ID_C = 'DB_VERSION';

View File

@ -1,3 +1,3 @@
api.current_version=${project.version} api.current_version=${project.version}
api.min_version=1.0 api.min_version=1.0
db.version=9 db.version=10

View File

@ -14,15 +14,12 @@ import javax.json.JsonArrayBuilder;
import javax.json.JsonObjectBuilder; import javax.json.JsonObjectBuilder;
import javax.persistence.EntityManager; import javax.persistence.EntityManager;
import javax.persistence.Query; import javax.persistence.Query;
import javax.ws.rs.GET; import javax.ws.rs.*;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
import com.sismics.docs.core.constant.ConfigType;
import com.sismics.docs.core.constant.PermType; import com.sismics.docs.core.constant.PermType;
import com.sismics.docs.core.dao.jpa.AclDao; import com.sismics.docs.core.dao.jpa.*;
import com.sismics.docs.core.dao.jpa.TagDao;
import com.sismics.docs.core.dao.jpa.criteria.TagCriteria; import com.sismics.docs.core.dao.jpa.criteria.TagCriteria;
import com.sismics.docs.core.dao.jpa.dto.AclDto; import com.sismics.docs.core.dao.jpa.dto.AclDto;
import com.sismics.docs.core.dao.jpa.dto.TagDto; import com.sismics.docs.core.dao.jpa.dto.TagDto;
@ -33,8 +30,6 @@ import org.apache.log4j.Level;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import com.sismics.docs.core.dao.jpa.FileDao;
import com.sismics.docs.core.dao.jpa.UserDao;
import com.sismics.docs.core.model.context.AppContext; import com.sismics.docs.core.model.context.AppContext;
import com.sismics.docs.core.model.jpa.File; import com.sismics.docs.core.model.jpa.File;
import com.sismics.docs.core.model.jpa.User; import com.sismics.docs.core.model.jpa.User;
@ -70,32 +65,58 @@ public class AppResource extends BaseResource {
* @apiGroup App * @apiGroup App
* @apiSuccess {String} current_version API current version * @apiSuccess {String} current_version API current version
* @apiSuccess {String} min_version API minimum version * @apiSuccess {String} min_version API minimum version
* @apiSuccess {Boolean} guest_login True if guest login is enabled
* @apiSuccess {String} total_memory Allocated JVM memory (in bytes) * @apiSuccess {String} total_memory Allocated JVM memory (in bytes)
* @apiSuccess {String} free_memory Free JVM memory (in bytes) * @apiSuccess {String} free_memory Free JVM memory (in bytes)
* @apiError (client) ForbiddenError Access denied * @apiPermission none
* @apiPermission user
* @apiVersion 1.5.0 * @apiVersion 1.5.0
* *
* @return Response * @return Response
*/ */
@GET @GET
public Response info() { public Response info() {
if (!authenticate()) {
throw new ForbiddenClientException();
}
ResourceBundle configBundle = ConfigUtil.getConfigBundle(); ResourceBundle configBundle = ConfigUtil.getConfigBundle();
String currentVersion = configBundle.getString("api.current_version"); String currentVersion = configBundle.getString("api.current_version");
String minVersion = configBundle.getString("api.min_version"); String minVersion = configBundle.getString("api.min_version");
Boolean guestLogin = ConfigUtil.getConfigBooleanValue(ConfigType.GUEST_LOGIN);
JsonObjectBuilder response = Json.createObjectBuilder() JsonObjectBuilder response = Json.createObjectBuilder()
.add("current_version", currentVersion.replace("-SNAPSHOT", "")) .add("current_version", currentVersion.replace("-SNAPSHOT", ""))
.add("min_version", minVersion) .add("min_version", minVersion)
.add("guest_login", guestLogin)
.add("total_memory", Runtime.getRuntime().totalMemory()) .add("total_memory", Runtime.getRuntime().totalMemory())
.add("free_memory", Runtime.getRuntime().freeMemory()); .add("free_memory", Runtime.getRuntime().freeMemory());
return Response.ok().entity(response.build()).build(); return Response.ok().entity(response.build()).build();
} }
/**
* Enable/disable guest login.
*
* @api {post} /app/guest_login Enable/disable guest login
* @apiName PostAppGuestLogin
* @apiGroup App
* @apiParam {Boolean} enabled If true, enable guest login
* @apiError (client) ForbiddenError Access denied
* @apiPermission admin
* @apiVersion 1.5.0
*
* @param enabled If true, enable guest login
* @return Response
*/
@POST
@Path("guest_login")
public Response guestLogin(@FormParam("enabled") Boolean enabled) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
checkBaseFunction(BaseFunction.ADMIN);
ConfigDao configDao = new ConfigDao();
configDao.update(ConfigType.GUEST_LOGIN, enabled.toString());
return Response.ok().build();
}
/** /**
* Retrieve the application logs. * Retrieve the application logs.
@ -325,7 +346,7 @@ public class AppResource extends BaseResource {
/** /**
* Recompute the quota for each user. * Recompute the quota for each user.
* *
* @api {post} /app/batch/recompute_quote Recompute user quotas * @api {post} /app/batch/recompute_quota Recompute user quotas
* @apiName PostAppBatchRecomputeQuota * @apiName PostAppBatchRecomputeQuota
* @apiGroup App * @apiGroup App
* @apiSuccess {String} status Status OK * @apiSuccess {String} status Status OK
@ -385,7 +406,7 @@ public class AppResource extends BaseResource {
/** /**
* Add base ACLs to tags. * Add base ACLs to tags.
* *
* @api {post} /app/batch/recompute_quote Add base ACL to tags * @api {post} /app/batch/tag_acls Add base ACL to tags
* @apiDescription This resource must be used after migrating to 1.5. * @apiDescription This resource must be used after migrating to 1.5.
* It will not do anything if base ACL are already present on tags. * It will not do anything if base ACL are already present on tags.
* @apiName PostAppBatchTagAcls * @apiName PostAppBatchTagAcls

View File

@ -1,3 +1,3 @@
api.current_version=${project.version} api.current_version=${project.version}
api.min_version=1.0 api.min_version=1.0
db.version=9 db.version=10

View File

@ -1,3 +1,3 @@
api.current_version=${project.version} api.current_version=${project.version}
api.min_version=1.0 api.min_version=1.0
db.version=9 db.version=10

View File

@ -35,17 +35,15 @@ public class TestAppResource extends BaseJerseyTest {
// Check the application info // Check the application info
JsonObject json = target().path("/app").request() JsonObject json = target().path("/app").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.get(JsonObject.class); .get(JsonObject.class);
String currentVersion = json.getString("current_version"); Assert.assertNotNull(json.getString("current_version"));
Assert.assertNotNull(currentVersion); Assert.assertNotNull(json.getString("min_version"));
String minVersion = json.getString("min_version");
Assert.assertNotNull(minVersion);
Long freeMemory = json.getJsonNumber("free_memory").longValue(); Long freeMemory = json.getJsonNumber("free_memory").longValue();
Assert.assertTrue(freeMemory > 0); Assert.assertTrue(freeMemory > 0);
Long totalMemory = json.getJsonNumber("total_memory").longValue(); Long totalMemory = json.getJsonNumber("total_memory").longValue();
Assert.assertTrue(totalMemory > 0 && totalMemory > freeMemory); Assert.assertTrue(totalMemory > 0 && totalMemory > freeMemory);
Assert.assertFalse(json.getBoolean("guest_login"));
// Rebuild Lucene index // Rebuild Lucene index
Response response = target().path("/app/batch/reindex").request() Response response = target().path("/app/batch/reindex").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
@ -127,4 +125,24 @@ public class TestAppResource extends BaseJerseyTest {
Long date4 = logs.getJsonObject(9).getJsonNumber("date").longValue(); Long date4 = logs.getJsonObject(9).getJsonNumber("date").longValue();
Assert.assertTrue(date3 >= date4); Assert.assertTrue(date3 >= date4);
} }
/**
* Test the guest login.
*/
@Test
public void testGuestLogin() {
// Login admin
String adminToken = clientUtil.login("admin", "admin", false);
// Try to login without credentials
Response response = target().path("/user/login").request()
.post(Entity.form(new Form()));
Assert.assertEquals(Status.FORBIDDEN.getStatusCode(), response.getStatus());
// Enable guest login
target().path("/app/guest_login").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.post(Entity.form(new Form()
.param("enabled", "true")), JsonObject.class);
}
} }