Revision 42af5bd2
Added by Andreas Kohlbecker almost 7 years ago
src/main/java/eu/etaxonomy/cdm/vaadin/security/UserHelper.java | ||
---|---|---|
8 | 8 |
*/ |
9 | 9 |
package eu.etaxonomy.cdm.vaadin.security; |
10 | 10 |
|
11 |
import org.springframework.security.authentication.AnonymousAuthenticationToken; |
|
12 |
import org.springframework.security.core.Authentication; |
|
13 |
import org.springframework.security.core.context.SecurityContext; |
|
14 |
import org.springframework.security.core.context.SecurityContextHolder; |
|
11 |
import com.vaadin.server.VaadinSession; |
|
15 | 12 |
|
16 |
import eu.etaxonomy.cdm.persistence.hibernate.permission.Role;
|
|
13 |
import eu.etaxonomy.cdm.model.common.CdmBase;
|
|
17 | 14 |
|
18 | 15 |
/** |
16 |
* UserHelper interface. Imeplemtations should use the {@link #VADDIN_SESSION_KEY} to auto registers |
|
17 |
* in the VaadinSession. |
|
18 |
* |
|
19 | 19 |
* @author a.kohlbecker |
20 |
* @since May 19, 2017
|
|
20 |
* @since May 23, 2017
|
|
21 | 21 |
* |
22 | 22 |
*/ |
23 |
public class UserHelper {
|
|
23 |
public interface UserHelper {
|
|
24 | 24 |
|
25 |
public static final String VADDIN_SESSION_KEY = "USER_HELPER"; |
|
25 | 26 |
|
26 |
public static boolean userIsAutheticated() { |
|
27 |
Authentication authentication = getAuthentication(); |
|
28 |
if(authentication != null){ |
|
29 |
return authentication.isAuthenticated(); |
|
30 |
} |
|
31 |
return false; |
|
27 |
/** |
|
28 |
* Static accessor method to obtain the auto-registered UserHelper-Bean from the |
|
29 |
* VaadinSession. |
|
30 |
* |
|
31 |
* @return |
|
32 |
*/ |
|
33 |
public static UserHelper fromSession() { |
|
34 |
return (UserHelper)VaadinSession.getCurrent().getAttribute(VADDIN_SESSION_KEY); |
|
32 | 35 |
} |
33 | 36 |
|
37 |
boolean userHasPermission(Class<? extends CdmBase> cdmType, Integer entitiyId, Object ... args); |
|
34 | 38 |
|
35 |
public static boolean userIsAnnonymous() { |
|
36 |
Authentication authentication = getAuthentication(); |
|
37 |
return authentication != null |
|
38 |
&& authentication.isAuthenticated() |
|
39 |
&& authentication instanceof AnonymousAuthenticationToken; |
|
40 |
} |
|
39 |
boolean userHasPermission(CdmBase entity, Object ... args); |
|
41 | 40 |
|
42 |
public static String userName() { |
|
43 |
Authentication authentication = getAuthentication(); |
|
44 |
if(authentication != null) { |
|
45 |
return authentication.getName(); |
|
46 |
} |
|
47 |
return null; |
|
48 |
} |
|
41 |
boolean userIsRegistrationCurator(); |
|
49 | 42 |
|
50 |
public static boolean userIsAdmin() { |
|
51 |
Authentication authentication = getAuthentication(); |
|
52 |
if(authentication != null) { |
|
53 |
return authentication.getAuthorities().stream().anyMatch(a -> { |
|
54 |
return a.getAuthority().equals(Role.ROLE_ADMIN.getAuthority()); |
|
55 |
}); |
|
56 |
} |
|
57 |
return false; |
|
58 |
} |
|
43 |
boolean userIsAdmin(); |
|
59 | 44 |
|
60 |
public static boolean userIsRegistrationCurator() { |
|
61 |
Authentication authentication = getAuthentication(); |
|
62 |
if(authentication != null) { |
|
63 |
return authentication.getAuthorities().stream().anyMatch(a -> { |
|
64 |
return a.equals(RolesAndPermissions.ROLE_CURATION) |
|
65 |
// doing faster regex check here instreas of using CdmAuthoritiy.fromString() |
|
66 |
|| a.getAuthority().matches("^Registration\\.\\[.*UPDATE"); |
|
67 |
}); |
|
68 |
} |
|
69 |
return false; |
|
70 |
} |
|
45 |
String userName(); |
|
71 | 46 |
|
72 |
/** |
|
73 |
* @return |
|
74 |
* |
|
75 |
* FIXME is it ok to use the SecurityContextHolder or do we need to hold the context in the vaadin session? |
|
76 |
*/ |
|
77 |
private static SecurityContext currentSecurityContext() { |
|
78 |
return SecurityContextHolder.getContext(); |
|
79 |
} |
|
47 |
boolean userIsAnnonymous(); |
|
80 | 48 |
|
81 |
/** |
|
82 |
* @return |
|
83 |
*/ |
|
84 |
private static Authentication getAuthentication() { |
|
85 |
return currentSecurityContext().getAuthentication(); |
|
86 |
} |
|
49 |
boolean userIsAutheticated(); |
|
87 | 50 |
|
88 | 51 |
} |
Also available in: Unified diff
ref #6169 UserHelper checking permissions: