1
|
/**
|
2
|
* Copyright (C) 2017 EDIT
|
3
|
* European Distributed Institute of Taxonomy
|
4
|
* http://www.e-taxonomy.eu
|
5
|
*
|
6
|
* The contents of this file are subject to the Mozilla Public License Version 1.1
|
7
|
* See LICENSE.TXT at the top of this package for the full license terms.
|
8
|
*/
|
9
|
package eu.etaxonomy.cdm.vaadin.security;
|
10
|
|
11
|
import java.util.EnumSet;
|
12
|
|
13
|
import org.apache.log4j.Logger;
|
14
|
import org.springframework.beans.factory.annotation.Autowired;
|
15
|
import org.springframework.beans.factory.annotation.Qualifier;
|
16
|
import org.springframework.context.annotation.Profile;
|
17
|
import org.springframework.security.core.Authentication;
|
18
|
import org.springframework.security.core.context.SecurityContextHolder;
|
19
|
import org.springframework.security.core.userdetails.UserDetails;
|
20
|
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
|
21
|
|
22
|
import com.vaadin.server.FontAwesome;
|
23
|
import com.vaadin.server.VaadinSession;
|
24
|
import com.vaadin.spring.annotation.SpringComponent;
|
25
|
import com.vaadin.spring.annotation.UIScope;
|
26
|
import com.vaadin.ui.AbstractComponentContainer;
|
27
|
import com.vaadin.ui.Button;
|
28
|
import com.vaadin.ui.themes.ValoTheme;
|
29
|
|
30
|
import eu.etaxonomy.cdm.api.application.CdmRepository;
|
31
|
import eu.etaxonomy.cdm.model.common.CdmBase;
|
32
|
import eu.etaxonomy.cdm.model.common.User;
|
33
|
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;
|
34
|
import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmAuthority;
|
35
|
import sun.security.provider.PolicyParser.ParsingException;
|
36
|
|
37
|
/**
|
38
|
* PermissionDebugUtils provide the following tools:
|
39
|
* <ul>
|
40
|
* <li>{@link #addGainPerEntityPermissionButton(AbstractComponentContainer, Class, Integer, EnumSet)}:
|
41
|
* A button which gives a per entity authority to the current user.</li>
|
42
|
* </ul>
|
43
|
*
|
44
|
*
|
45
|
*
|
46
|
* To enable the PermissionDebugUtils you need to activate the spring profile <code>debug</code>. You can add
|
47
|
* <code>-Dspring.profiles.active=debug</code> to the command starting the jvm
|
48
|
* or set this as an environment variable.
|
49
|
*
|
50
|
* @author a.kohlbecker
|
51
|
* @since Oct 11, 2017
|
52
|
*
|
53
|
*/
|
54
|
@SpringComponent
|
55
|
@UIScope
|
56
|
@Profile("debug")
|
57
|
public class PermissionDebugUtils {
|
58
|
|
59
|
|
60
|
private final static Logger logger = Logger.getLogger(PermissionDebugUtils.class);
|
61
|
|
62
|
public static final String VADDIN_SESSION_KEY = "PERMISSION_DEBUG_UTILS";
|
63
|
|
64
|
public static final String SYSTEM_PROP_KEY = "GainPerEntityPermissionButtons";
|
65
|
|
66
|
|
67
|
@Autowired
|
68
|
@Qualifier("cdmRepository")
|
69
|
private CdmRepository repo;
|
70
|
|
71
|
public PermissionDebugUtils() {
|
72
|
VaadinSession.getCurrent().setAttribute(VADDIN_SESSION_KEY, this);
|
73
|
}
|
74
|
|
75
|
public static PermissionDebugUtils fromSession() {
|
76
|
return (PermissionDebugUtils)VaadinSession.getCurrent().getAttribute(VADDIN_SESSION_KEY);
|
77
|
}
|
78
|
|
79
|
public Button addGainPerEntityPermissionButton(AbstractComponentContainer toContainer, Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud){
|
80
|
Button button = gainPerEntityPermissionButton(cdmType, entitiyId, crud);
|
81
|
if(button != null){
|
82
|
toContainer.addComponent(button);
|
83
|
}
|
84
|
return button;
|
85
|
}
|
86
|
|
87
|
public Button gainPerEntityPermissionButton(Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud){
|
88
|
|
89
|
Button button = new Button(FontAwesome.BOLT);
|
90
|
button.addClickListener(e -> createAuthority(cdmType, entitiyId, crud));
|
91
|
button.addStyleName(ValoTheme.BUTTON_DANGER);
|
92
|
return button;
|
93
|
|
94
|
}
|
95
|
|
96
|
/**
|
97
|
* @param cdmType
|
98
|
* @param entitiyId
|
99
|
* @param crud
|
100
|
* @return
|
101
|
*/
|
102
|
private void createAuthority(Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud) {
|
103
|
String username = UserHelper.fromSession().userName();
|
104
|
UserDetails userDetails = repo.getUserService().loadUserByUsername(username);
|
105
|
if(userDetails != null){
|
106
|
User user = (User)userDetails;
|
107
|
CdmBase entity = repo.getCommonService().find(cdmType, entitiyId);
|
108
|
CdmAuthority authority = new CdmAuthority(entity, crud);
|
109
|
try {
|
110
|
user.getGrantedAuthorities().add(authority.asNewGrantedAuthority());
|
111
|
} catch (ParsingException e) {
|
112
|
throw new RuntimeException(e);
|
113
|
}
|
114
|
repo.getUserService().saveOrUpdate(user);
|
115
|
Authentication authentication = new PreAuthenticatedAuthenticationToken(user, user.getPassword(), user.getAuthorities());
|
116
|
SecurityContextHolder.getContext().setAuthentication(authentication);
|
117
|
}
|
118
|
}
|
119
|
}
|