Project

General

Profile

« Previous | Next » 

Revision 55ecdf3a

Added by Andreas Kohlbecker over 6 years ago

ref #6867 generic failsave mechanism to grant per entity permission in CdmPopupEditors

View differences:

src/main/java/eu/etaxonomy/cdm/service/CdmUserHelper.java
190 190 

  		




  191
  191
  
    
    /**


  		




  192
  192
  
    
     * {@inheritDoc}


  		




  
  193
  
    
     *


  		




  193
  194
  
    
     */


  		




  194
  195
  
    
    @Override


  		




  195
  
  
    
    public void createAuthorityFor(String username, CdmBase cdmEntity, EnumSet<CRUD> crud, String property) {


  		




  
  196
  
    
    public CdmAuthority createAuthorityFor(String username, CdmBase cdmEntity, EnumSet<CRUD> crud, String property) {


  		




  196
  197
  
    
        UserDetails userDetails = repo.getUserService().loadUserByUsername(username);


  		




  
  198
  
    
        boolean newAuthorityAdded = false;


  		




  
  199
  
    
        CdmAuthority authority = null;


  		




  197
  200
  
    
        if(userDetails != null){


  		




  198
  201
  
    
            runAsAutheticator.runAsAuthentication(Role.ROLE_USER_MANAGER);


  		




  199
  202
  
    
            User user = (User)userDetails;


  		




  200
  
  
    
            CdmAuthority authority = new CdmAuthority(cdmEntity, property, crud);


  		




  
  203
  
    
            authority = new CdmAuthority(cdmEntity, property, crud);


  		




  201
  204
  
    
            try {


  		




  202
  
  
    
                user.getGrantedAuthorities().add(authority.asNewGrantedAuthority());


  		




  
  205
  
    
                newAuthorityAdded = user.getGrantedAuthorities().add(authority.asNewGrantedAuthority());


  		




  203
  206
  
    
            } catch (CdmAuthorityParsingException e) {


  		




  204
  207
  
    
                throw new RuntimeException(e);


  		




  205
  208
  
    
            }


  		




  ......




  210
  213
  
    
            SecurityContextHolder.getContext().setAuthentication(authentication);


  		




  211
  214
  
    
            logger.debug("security context refreshed with user " + username);


  		




  212
  215
  
    
        }


  		




  
  216
  
    
        return newAuthorityAdded ? authority : null;


  		




  213
  217
  
    

  		




  214
  218
  
    
    }


  		




  215
  219
  
    

  		




  ......




  221
  225
  
    
     * @return


  		




  222
  226
  
    
     */


  		




  223
  227
  
    
    @Override


  		




  224
  
  
    
    public void createAuthorityFor(String username, Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud, String property) {


  		




  
  228
  
    
    public CdmAuthority createAuthorityFor(String username, Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud, String property) {


  		




  225
  229
  
    

  		




  226
  230
  
    
        CdmBase cdmEntity = repo.getCommonService().find(cdmType, entitiyId);


  		




  227
  
  
    

  		




  228
  
  
    
        createAuthorityFor(username,cdmEntity, crud, property);


  		




  
  231
  
    
        return createAuthorityFor(username,cdmEntity, crud, property);


  		




  229
  232
  
    
    }


  		




  230
  233
  
    

  		




  231
  234
  
    
    /**


  		




  232
  235
  
    
     * {@inheritDoc}


  		




  233
  236
  
    
     */


  		




  234
  237
  
    
    @Override


  		




  235
  
  
    
    public void createAuthorityForCurrentUser(CdmBase cdmEntity, EnumSet<CRUD> crud, String property) {


  		




  236
  
  
    
        createAuthorityFor(userName(), cdmEntity, crud, property);


  		




  
  238
  
    
    public CdmAuthority createAuthorityForCurrentUser(CdmBase cdmEntity, EnumSet<CRUD> crud, String property) {


  		




  
  239
  
    
        return createAuthorityFor(userName(), cdmEntity, crud, property);


  		




  237
  240
  
    

  		




  238
  241
  
    
    }


  		




  239
  242
  
    

  		




  ......




  244
  247
  
    
     * @return


  		




  245
  248
  
    
     */


  		




  246
  249
  
    
    @Override


  		




  247
  
  
    
    public void createAuthorityForCurrentUser(Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud, String property) {


  		




  248
  
  
    
        createAuthorityFor(userName(), cdmType, entitiyId, crud, property);


  		




  
  250
  
    
    public CdmAuthority createAuthorityForCurrentUser(Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud, String property) {


  		




  
  251
  
    
        return createAuthorityFor(userName(), cdmType, entitiyId, crud, property);


  		




  
  252
  
    
    }


  		




  
  253
  
    

  		




  
  254
  
    
    /**


  		




  
  255
  
    
     * {@inheritDoc}


  		




  
  256
  
    
     */


  		




  
  257
  
    
    @Override


  		




  
  258
  
    
    public void removeAuthorityForCurrentUser(CdmAuthority cdmAuthority) {


  		




  
  259
  
    
        removeAuthorityForCurrentUser(userName(), cdmAuthority);


  		




  
  260
  
    

  		




  
  261
  
    
    }


  		




  
  262
  
    

  		




  
  263
  
    
    /**


  		




  
  264
  
    
     * {@inheritDoc}


  		




  
  265
  
    
     */


  		




  
  266
  
    
    @Override


  		




  
  267
  
    
    public void removeAuthorityForCurrentUser(String username, CdmAuthority cdmAuthority) {


  		




  
  268
  
    

  		




  
  269
  
    
        UserDetails userDetails = repo.getUserService().loadUserByUsername(username);


  		




  
  270
  
    
        if(userDetails != null){


  		




  
  271
  
    
            runAsAutheticator.runAsAuthentication(Role.ROLE_USER_MANAGER);


  		




  
  272
  
    
            User user = (User)userDetails;


  		




  
  273
  
    
            user.getGrantedAuthorities().remove(cdmAuthority);


  		




  
  274
  
    
            repo.getSession().flush();


  		




  
  275
  
    
            runAsAutheticator.restoreAuthentication();


  		




  
  276
  
    
            Authentication authentication = new PreAuthenticatedAuthenticationToken(user, user.getPassword(), user.getAuthorities());


  		




  
  277
  
    
            SecurityContextHolder.getContext().setAuthentication(authentication);


  		




  
  278
  
    
            logger.debug("security context refreshed with user " + username);


  		




  
  279
  
    
        }


  		




  
  280
  
    

  		




  249
  281
  
    
    }


  		




  250
  282
  
    

  		




  251
  283
  
    
}


  		












Also available in:  Unified diff