Author: jcouteau Date: 2010-12-29 11:01:53 +0100 (Wed, 29 Dec 2010) New Revision: 671 Url: http://nuiton.org/repositories/revision/wikitty/671 Log: Add security methods on proxy. Deprecates WikittySecurityHelper (helpers should be generated). Use WikittySecurityUtil instead. Added: trunk/wikitty-api/src/main/java/org/nuiton/wikitty/services/WikittySecurityUtil.java Modified: trunk/wikitty-api/src/main/java/org/nuiton/wikitty/WikittyProxy.java trunk/wikitty-api/src/main/java/org/nuiton/wikitty/services/WikittySecurityHelper.java Modified: trunk/wikitty-api/src/main/java/org/nuiton/wikitty/WikittyProxy.java =================================================================== --- trunk/wikitty-api/src/main/java/org/nuiton/wikitty/WikittyProxy.java 2010-12-26 15:28:04 UTC (rev 670) +++ trunk/wikitty-api/src/main/java/org/nuiton/wikitty/WikittyProxy.java 2010-12-29 10:01:53 UTC (rev 671) @@ -33,29 +33,24 @@ import org.nuiton.wikitty.entities.BusinessEntityImpl; import org.nuiton.wikitty.entities.Wikitty; import org.nuiton.wikitty.entities.WikittyExtension; -import org.nuiton.wikitty.entities.WikittyTreeNode; +import org.nuiton.wikitty.entities.WikittyGroup; +import org.nuiton.wikitty.entities.WikittyUser; import org.nuiton.wikitty.search.Criteria; import org.nuiton.wikitty.search.PagedResult; import org.nuiton.wikitty.search.Search; import org.nuiton.wikitty.search.operators.Element; import org.nuiton.wikitty.services.WikittyEvent; +import org.nuiton.wikitty.services.WikittySecurityUtil; import org.nuiton.wikitty.services.WikittyServiceEnhanced; import java.util.ArrayList; import java.util.Collection; import java.util.HashMap; import java.util.HashSet; -import java.util.Iterator; import java.util.LinkedHashMap; import java.util.List; import java.util.Map; import java.util.Map.Entry; -import java.util.Set; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.nuiton.util.ApplicationConfig; -import org.nuiton.util.TimeTrace; -import org.nuiton.wikitty.entities.WikittyTreeNode; /** * Wikitty proxy is used to transform wikitty object used by {@link WikittyService} @@ -826,4 +821,50 @@ return result; } + /** + * Check that the logged in user is in a group. A #SecurityException might + * be thrown at runtime if the #WikittyUser session timed out. + * @param groupName the name of the group to check + * @return true is the logged in user is in the group + */ + public boolean isMember(String groupName) { + long start = TimeTrace.getTime(); + boolean result = false; + + WikittyUser user = getLoggedInUser(); + + //Find the group from its name + Search search = Search.query() + .eq(Element.ELT_EXTENSION, WikittyGroup.EXT_WIKITTYGROUP) + .eq(WikittyGroup.FQ_FIELD_WIKITTYGROUP_NAME, groupName); + Criteria criteria = search.criteria(); + + Wikitty group = findByCriteria(criteria); + + if (group != null) { + result = WikittySecurityUtil.isMember(wikittyService, securityToken, + user.getWikittyId(), group.getId()); + } + + timeTrace.add(start, "isMember"); + return result; + } + + /** + * Get the #WikittyUser that is logged in. A #SecurityException might be + * thrown at runtime if the #WikittyUser session timed out. + * @return the logged in #WikittyUser + */ + public WikittyUser getLoggedInUser() { + long start = TimeTrace.getTime(); + + String userId = WikittySecurityUtil.getUserForToken(wikittyService, + securityToken); + + WikittyUser user = restore(WikittyUser.class, userId); + + timeTrace.add(start, "getLoggedInUser"); + return user; + } + } Modified: trunk/wikitty-api/src/main/java/org/nuiton/wikitty/services/WikittySecurityHelper.java =================================================================== --- trunk/wikitty-api/src/main/java/org/nuiton/wikitty/services/WikittySecurityHelper.java 2010-12-26 15:28:04 UTC (rev 670) +++ trunk/wikitty-api/src/main/java/org/nuiton/wikitty/services/WikittySecurityHelper.java 2010-12-29 10:01:53 UTC (rev 671) @@ -79,7 +79,10 @@ /** * create appAdminGroup and add current user as first member + * + * @deprecated Use #WikittySecurityUtil.createAppAdminGroup */ + @Deprecated static public WikittyGroup createAppAdminGroup(WikittyUser user) { WikittyGroup result = new WikittyGroupImpl(); result.setName(WIKITTY_APPADMIN_GROUP_NAME); Added: trunk/wikitty-api/src/main/java/org/nuiton/wikitty/services/WikittySecurityUtil.java =================================================================== --- trunk/wikitty-api/src/main/java/org/nuiton/wikitty/services/WikittySecurityUtil.java (rev 0) +++ trunk/wikitty-api/src/main/java/org/nuiton/wikitty/services/WikittySecurityUtil.java 2010-12-29 10:01:53 UTC (rev 671) @@ -0,0 +1,95 @@ +package org.nuiton.wikitty.services; + +import java.util.Set; +import org.nuiton.wikitty.WikittyService; +import org.nuiton.wikitty.entities.Wikitty; +import org.nuiton.wikitty.entities.WikittyGroup; +import org.nuiton.wikitty.entities.WikittyGroupHelper; +import org.nuiton.wikitty.entities.WikittyGroupImpl; +import org.nuiton.wikitty.entities.WikittyTokenHelper; +import org.nuiton.wikitty.entities.WikittyUser; + +/** + * + * Security utility methods. This class should replace #WikittySecurityHelper + * + * User: couteau + * Date: 22/12/10 + */ +public class WikittySecurityUtil { + + /** + * Name of the application administrators group + */ + static final public String WIKITTY_APPADMIN_GROUP_NAME = "WikittyAppAdmin"; + + /** + * Check on a WikittyService if a user is member of a group. A + * SecurityException might be thrown at runtime if the securityToken has + * expired. + * + * @param ws the wikitty service to do the check on + * @param securityToken the security token + * @param userId the user to check's wikitty id + * @param groupId the group to check the user is in's wikitty id + * @return true if the user is in the group, false otherwise + */ + public static boolean isMember(WikittyService ws, String securityToken, + String userId, String groupId) { + if (groupId != null) { + + Wikitty group = WikittyServiceEnhanced.restore(ws, securityToken, + groupId); + + if (WikittyGroupHelper.hasExtension(group)) { + Set<String> members = WikittyGroupHelper.getMembers(group); + return members.contains(userId); + } + } + + return false; + } + + /** + * Get a user corresponding to a securityToken + * @param ws the WikittyService to do the check on + * @param securityToken the token of the user to search for. + * @return the wikitty Id of the user corresponding to the securityToken + */ + public static String getUserForToken(WikittyService ws, + String securityToken) { + // recuperation de l'utilisateur associe au securityToken + // le securityToken est aussi l'id de l'objet + String userId = null; + if (securityToken != null) { + //Get the token + Wikitty securityTokenWikitty = WikittyServiceEnhanced.restore(ws, + securityToken, securityToken); + if (securityTokenWikitty == null) { + throw new SecurityException("bad (obsolete ?) token"); + } else { + //Get the user + userId = WikittyTokenHelper.getUser(securityTokenWikitty); + } + } + return userId; + } + + /** + * Create appAdminGroup and add current user as first member. The group has + * to be stored after as it is not persisted in this method. + * + * @param user the user that will be the first admin group member + * @return the admin group + */ + static public WikittyGroup createAppAdminGroup(WikittyUser user) { + WikittyGroup result = new WikittyGroupImpl(); + result.setName(WIKITTY_APPADMIN_GROUP_NAME); + + String firstUserId = user.getWikittyId(); + result.addMembers(firstUserId); + + return result; + } + +}
participants (1)
-
jcouteau@users.nuiton.org