Revision 55ecdf3a
Added by Andreas Kohlbecker over 6 years ago
src/main/java/eu/etaxonomy/cdm/service/CdmUserHelper.java | ||
---|---|---|
190 | 190 |
|
191 | 191 |
/** |
192 | 192 |
* {@inheritDoc} |
193 |
* |
|
193 | 194 |
*/ |
194 | 195 |
@Override |
195 |
public void createAuthorityFor(String username, CdmBase cdmEntity, EnumSet<CRUD> crud, String property) {
|
|
196 |
public CdmAuthority createAuthorityFor(String username, CdmBase cdmEntity, EnumSet<CRUD> crud, String property) {
|
|
196 | 197 |
UserDetails userDetails = repo.getUserService().loadUserByUsername(username); |
198 |
boolean newAuthorityAdded = false; |
|
199 |
CdmAuthority authority = null; |
|
197 | 200 |
if(userDetails != null){ |
198 | 201 |
runAsAutheticator.runAsAuthentication(Role.ROLE_USER_MANAGER); |
199 | 202 |
User user = (User)userDetails; |
200 |
CdmAuthority authority = new CdmAuthority(cdmEntity, property, crud);
|
|
203 |
authority = new CdmAuthority(cdmEntity, property, crud); |
|
201 | 204 |
try { |
202 |
user.getGrantedAuthorities().add(authority.asNewGrantedAuthority()); |
|
205 |
newAuthorityAdded = user.getGrantedAuthorities().add(authority.asNewGrantedAuthority());
|
|
203 | 206 |
} catch (CdmAuthorityParsingException e) { |
204 | 207 |
throw new RuntimeException(e); |
205 | 208 |
} |
... | ... | |
210 | 213 |
SecurityContextHolder.getContext().setAuthentication(authentication); |
211 | 214 |
logger.debug("security context refreshed with user " + username); |
212 | 215 |
} |
216 |
return newAuthorityAdded ? authority : null; |
|
213 | 217 |
|
214 | 218 |
} |
215 | 219 |
|
... | ... | |
221 | 225 |
* @return |
222 | 226 |
*/ |
223 | 227 |
@Override |
224 |
public void createAuthorityFor(String username, Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud, String property) {
|
|
228 |
public CdmAuthority createAuthorityFor(String username, Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud, String property) {
|
|
225 | 229 |
|
226 | 230 |
CdmBase cdmEntity = repo.getCommonService().find(cdmType, entitiyId); |
227 |
|
|
228 |
createAuthorityFor(username,cdmEntity, crud, property); |
|
231 |
return createAuthorityFor(username,cdmEntity, crud, property); |
|
229 | 232 |
} |
230 | 233 |
|
231 | 234 |
/** |
232 | 235 |
* {@inheritDoc} |
233 | 236 |
*/ |
234 | 237 |
@Override |
235 |
public void createAuthorityForCurrentUser(CdmBase cdmEntity, EnumSet<CRUD> crud, String property) {
|
|
236 |
createAuthorityFor(userName(), cdmEntity, crud, property); |
|
238 |
public CdmAuthority createAuthorityForCurrentUser(CdmBase cdmEntity, EnumSet<CRUD> crud, String property) {
|
|
239 |
return createAuthorityFor(userName(), cdmEntity, crud, property);
|
|
237 | 240 |
|
238 | 241 |
} |
239 | 242 |
|
... | ... | |
244 | 247 |
* @return |
245 | 248 |
*/ |
246 | 249 |
@Override |
247 |
public void createAuthorityForCurrentUser(Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud, String property) { |
|
248 |
createAuthorityFor(userName(), cdmType, entitiyId, crud, property); |
|
250 |
public CdmAuthority createAuthorityForCurrentUser(Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud, String property) { |
|
251 |
return createAuthorityFor(userName(), cdmType, entitiyId, crud, property); |
|
252 |
} |
|
253 |
|
|
254 |
/** |
|
255 |
* {@inheritDoc} |
|
256 |
*/ |
|
257 |
@Override |
|
258 |
public void removeAuthorityForCurrentUser(CdmAuthority cdmAuthority) { |
|
259 |
removeAuthorityForCurrentUser(userName(), cdmAuthority); |
|
260 |
|
|
261 |
} |
|
262 |
|
|
263 |
/** |
|
264 |
* {@inheritDoc} |
|
265 |
*/ |
|
266 |
@Override |
|
267 |
public void removeAuthorityForCurrentUser(String username, CdmAuthority cdmAuthority) { |
|
268 |
|
|
269 |
UserDetails userDetails = repo.getUserService().loadUserByUsername(username); |
|
270 |
if(userDetails != null){ |
|
271 |
runAsAutheticator.runAsAuthentication(Role.ROLE_USER_MANAGER); |
|
272 |
User user = (User)userDetails; |
|
273 |
user.getGrantedAuthorities().remove(cdmAuthority); |
|
274 |
repo.getSession().flush(); |
|
275 |
runAsAutheticator.restoreAuthentication(); |
|
276 |
Authentication authentication = new PreAuthenticatedAuthenticationToken(user, user.getPassword(), user.getAuthorities()); |
|
277 |
SecurityContextHolder.getContext().setAuthentication(authentication); |
|
278 |
logger.debug("security context refreshed with user " + username); |
|
279 |
} |
|
280 |
|
|
249 | 281 |
} |
250 | 282 |
|
251 | 283 |
} |
Also available in: Unified diff
ref #6867 generic failsave mechanism to grant per entity permission in CdmPopupEditors