vmario/wisemapping-open-source
1
0
Fork 0
mirror of https://bitbucket.org/wisemapping/wisemapping-open-source.git synced 2024-10-05 17:58:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add configurable support for admin profile.

Browse Source
This commit is contained in:
Paulo Gustavo Veiga 2012-02-21 16:36:19 -03:00
parent 7b6cae0fd2
commit 6ff556b317
10 changed files with 102 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
wise-webapp/src/main/java/com/wisemapping/model/User.java
View File

@ -25,7 +25,6 @@ public class User
extends Collaborator
implements Serializable {
private static final String ADMIN_EMAIL = "test@wisemapping.org";
private String firstname;
private String lastname;
private String password;
@ -132,8 +131,4 @@ public class User
public void setUsername(String username) {
this.username = username;
}
public boolean isAdmin() {
return ADMIN_EMAIL.equals(this.getEmail());
}
}

10
wise-webapp/src/main/java/com/wisemapping/rest/AdminController.java
View File

@ -18,7 +18,7 @@ public class AdminController {
@Autowired
private UserService userService;
@RequestMapping(method = RequestMethod.GET, value = "admin/users/{id}", produces = {"application/xml", "application/json"})
@RequestMapping(method = RequestMethod.GET, value = "admin/users/{id}", produces = {"application/xml", "application/json","text/html"})
@ResponseBody
public ModelAndView getUserById(@PathVariable int id) throws IOException {
final User userBy = userService.getUserBy(id);
@ -28,22 +28,24 @@ public class AdminController {
return new ModelAndView("userView", "user", new RestUser(userBy));
}
@RequestMapping(method = RequestMethod.GET, value = "admin/users/email/{email}", produces = {"application/xml", "application/json"})
@RequestMapping(method = RequestMethod.GET, value = "admin/users/email/{email}", produces = {"application/xml", "application/json","text/html"})
@ResponseBody
public ModelAndView getUserByEmail(@PathVariable String email) throws IOException {
final User userBy = userService.getUserBy(email);
if (userBy == null) {
throw new IllegalArgumentException("User could not be found");
throw new IllegalArgumentException("User '" + email + "' could not be found" );
}
return new ModelAndView("userView", "user", new RestUser(userBy));
}
@RequestMapping(method = RequestMethod.POST, value = "admin/users", consumes = {"application/xml", "application/json"})
public void getUserByEmail(@RequestBody RestUser user) throws IOException, WiseMappingException {
public ModelAndView getUserByEmail(@RequestBody RestUser user) throws IOException, WiseMappingException {
if (user == null) {
throw new IllegalArgumentException("User could not be found");
}
userService.createUser(user.getDelegated(), false);
return new ModelAndView("responseView", "message", "User created successfully");
}
}

17
wise-webapp/src/main/java/com/wisemapping/security/AuthenticationProvider.java
View File

@ -1,10 +1,8 @@
package com.wisemapping.security;
import com.wisemapping.dao.UserManager;
import com.wisemapping.model.User;
import org.jetbrains.annotations.NotNull;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.encoding.PasswordEncoder;
@ -13,8 +11,7 @@ import org.springframework.security.core.AuthenticationException;
public class AuthenticationProvider implements org.springframework.security.authentication.AuthenticationProvider {
private UserManager userManager;
private UserDetailsService userDetailsService;
private PasswordEncoder encoder;
@Override()
@ -23,13 +20,12 @@ public class AuthenticationProvider implements org.springframework.security.auth
// All your user authentication needs
final String email = auth.getName();
final User user = userManager.getUserBy(email);
final UserDetails userDetails = getUserDetailsService().loadUserByUsername(email);
final User user = userDetails.getUser();
final String credentials = (String) auth.getCredentials();
if (user == null || credentials == null || !encoder.isPasswordValid(user.getPassword(), credentials, null)) {
throw new BadCredentialsException("Username/Password does not match for " + auth.getPrincipal());
}
final UserDetails userDetails = new UserDetails(user);
return new UsernamePasswordAuthenticationToken(userDetails, credentials, userDetails.getAuthorities());
}
@ -42,8 +38,11 @@ public class AuthenticationProvider implements org.springframework.security.auth
this.encoder = encoder;
}
public void setUserManager(UserManager userManager) {
this.userManager = userManager;
public UserDetailsService getUserDetailsService() {
return userDetailsService;
}
public void setUserDetailsService(UserDetailsService userDetailsService) {
this.userDetailsService = userDetailsService;
}
}

6
wise-webapp/src/main/java/com/wisemapping/security/UserDetails.java
View File

@ -28,14 +28,16 @@ import java.util.Collection;
public class UserDetails implements org.springframework.security.core.userdetails.UserDetails {
private com.wisemapping.model.User user;
private boolean isAdmin;
public UserDetails(@NotNull final com.wisemapping.model.User user) {
public UserDetails(@NotNull final com.wisemapping.model.User user, boolean isAdmin) {
this.user = user;
this.isAdmin = isAdmin;
}
public Collection<? extends GrantedAuthority> getAuthorities() {
final Collection<GrantedAuthority> result = new ArrayList<GrantedAuthority>();
if(this.getUser().isAdmin()) {
if (this.isAdmin) {
final SimpleGrantedAuthority role_admin = new SimpleGrantedAuthority("ROLE_ADMIN");
result.add(role_admin);
}

17
wise-webapp/src/main/java/com/wisemapping/security/UserDetailService.java → wise-webapp/src/main/java/com/wisemapping/security/UserDetailsService.java
View File

@ -20,25 +20,31 @@ package com.wisemapping.security;
import com.wisemapping.dao.UserManager;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.springframework.dao.DataAccessException;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
public class UserDetailService
public class UserDetailsService
implements org.springframework.security.core.userdetails.UserDetailsService {
private UserManager userManager;
private String adminUser;
@Override
public UserDetails loadUserByUsername(@NotNull String email) throws UsernameNotFoundException, DataAccessException {
final com.wisemapping.model.User model = userManager.getUserBy(email);
if (model != null) {
return new UserDetails(model);
return new UserDetails(model, isAdmin(email));
} else {
throw new UsernameNotFoundException(email);
}
}
private boolean isAdmin(@Nullable String email) {
return email != null && adminUser != null && email.trim().endsWith(adminUser);
}
public UserManager getUserManager() {
return userManager;
}
@ -47,4 +53,11 @@ public class UserDetailService
this.userManager = userManager;
}
public String getAdminUser() {
return adminUser;
}
public void setAdminUser(String adminUser) {
this.adminUser = adminUser;
}
}

15
wise-webapp/src/main/webapp/WEB-INF/app.properties
View File

@ -16,8 +16,6 @@ database.hibernate.dialect=org.hibernate.dialect.HSQLDialect
database.username=sa
database.password=
# Enable/Disable user confirmation by e-mail. If it's enabled, mail must be configured.
user.confirm.registration=false
##################################################################################
# Mail configuration. Must be configured to enable user registration confirmation.
@ -34,3 +32,16 @@ mail.user=
mail.password=
mail.registrationEmail=root@localhost
mail.siteEmail=root@localhost
##################################################################################
# Site configuration
##################################################################################
# Enable/Disable user registration confirmation by e-mail. If it's enabled, mail must be configured.
user.confirm.registration=false
# Site administration user. This user will have special permissions for operations such as removing users, set password
# etc.
admin.user = admin@wisemapping.org

35
wise-webapp/src/main/webapp/WEB-INF/jsp-rest/userView.jsp Normal file
View File

@ -0,0 +1,35 @@
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Mindmap Detail</title>
</head>
<body>
<h1>Details for User with id '${user.id}'</h1>
<table border="1" cellspacing="0">
<tbody>
<tr>
<td>Email:</td>
<td>${user.email}</td>
</tr>
<tr>
<td>Fist Name:</td>
<td>${user.firstname}</td>
</tr>
<tr>
<td>Last Name:</td>
<td>${user.lastname}</td>
</tr>
<tr>
<td>Username:</td>
<td>${user.username}</td>
</tr>
<tr>
<td>Active:</td>
<td>${user.active}</td>
</tr>
</tbody>
</table>
</body>
</html>

11
wise-webapp/src/main/webapp/WEB-INF/wisemapping-security.xml
View File

@ -8,6 +8,11 @@
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="location" value="/WEB-INF/app.properties"/>
</bean>
<bean id="encoder"
class="com.wisemapping.security.CustomPasswordEncoder"/>
@ -50,11 +55,13 @@
</sec:authentication-manager>
<bean id="dbAuthenticationProvider" class="com.wisemapping.security.AuthenticationProvider">
<property name="userManager" ref="userManager"/>
<property name="userDetailsService" ref="userDetailsService"/>
<property name="encoder" ref="encoder"/>
</bean>
<bean id="userDetailsService" class="com.wisemapping.security.UserDetailService">
<bean id="userDetailsService" class="com.wisemapping.security.UserDetailsService">
<property name="userManager" ref="userManager"/>
<property name="adminUser" value="${admin.user}"/>
</bean>
</beans>

6
wise-webapp/src/test/sql/hsql/test-data.sql
View File

@ -1,5 +1,11 @@
INSERT INTO COLABORATOR(id,email,creation_date) values (1,'test@wisemapping.org',CURDATE());
INSERT INTO USER (colaborator_id,username,firstname, lastname, password, activationCode,activation_date,allowSendEmail)
values(1,'WiseMapping Test User','Wise','test', 'ENC:a94a8fe5ccb19ba61c4c0873d391e987982fbbd3',1237,CURDATE(),1);
INSERT INTO COLABORATOR(id,email,creation_date) values (2,'admin@wisemapping.org',CURDATE());
INSERT INTO USER (colaborator_id,username,firstname, lastname, password, activationCode,activation_date,allowSendEmail)
values(2,'WiseMapping Admin User','Wise','test', 'admin',1237,CURDATE(),1);
COMMIT;
SHUTDOWN;

6
wise-webapp/src/test/sql/mysql/test-data.sql
View File

@ -1,4 +1,10 @@
INSERT INTO COLABORATOR(id,email,creation_date) values (1,'test@wisemapping.org',CURRENT_DATE());
INSERT INTO USER (colaborator_id,username,firstname, lastname, password, activationCode,activation_date,allowSendEmail)
values(1,'WiseMapping Test User','Wise','Test', 'ENC:a94a8fe5ccb19ba61c4c0873d391e987982fbbd3',1237,CURRENT_DATE(),1);
INSERT INTO COLABORATOR(id,email,creation_date) values (2,'admin@wisemapping.org',CURRENT_DATE());
INSERT INTO USER (colaborator_id,username,firstname, lastname, password, activationCode,activation_date,allowSendEmail)
values(2,'WiseMapping Admin User','Wise','Test', 'admin',1237,CURRENT_DATE(),1);
COMMIT;