Project

General

Profile

Revision 877a8283

ID877a828399caf058d931a8af6d0e6d2868201023
Parent f951fe45
Child 44b9dbd2

Added by Andreas Kohlbecker over 2 years ago

renaming package from eu.eu.etaxonomy.cdm.vaadin.security to etaxonomy.cdm.vaadin.permission

View differences:

src/main/java/eu/etaxonomy/cdm/addon/config/CdmVaadinConfiguration.java
49 49
import eu.etaxonomy.cdm.cache.CdmTransientEntityCacher;
50 50
import eu.etaxonomy.cdm.dataInserter.RegistrationRequiredDataInserter;
51 51
import eu.etaxonomy.cdm.persistence.hibernate.GrantedAuthorityRevokingRegistrationUpdateLister;
52
import eu.etaxonomy.cdm.vaadin.security.annotation.EnableAnnotationBasedAccessControl;
52
import eu.etaxonomy.cdm.vaadin.permission.annotation.EnableAnnotationBasedAccessControl;
53 53
import eu.etaxonomy.cdm.vaadin.ui.ConceptRelationshipUI;
54 54
import eu.etaxonomy.cdm.vaadin.ui.DistributionStatusUI;
55 55
import eu.etaxonomy.cdm.vaadin.ui.RegistrationUI;
src/main/java/eu/etaxonomy/cdm/dataInserter/RegistrationRequiredDataInserter.java
54 54
import eu.etaxonomy.cdm.persistence.hibernate.permission.Role;
55 55
import eu.etaxonomy.cdm.persistence.query.MatchMode;
56 56
import eu.etaxonomy.cdm.vaadin.model.registration.KindOfUnitTerms;
57
import eu.etaxonomy.cdm.vaadin.security.RolesAndPermissions;
57
import eu.etaxonomy.cdm.vaadin.permission.RolesAndPermissions;
58 58

  
59 59
/**
60 60
 *
src/main/java/eu/etaxonomy/cdm/persistence/hibernate/GrantedAuthorityRevokingRegistrationUpdateLister.java
86 86
    /**
87 87
     * Walks the entity graph of the Registration instance and collects all authorities which
88 88
     * could have been granted to users. Code parts in which this could have happened can be
89
     * found by searching for usage of the methods {@link eu.etaxonomy.cdm.vaadin.security.UserHelper#createAuthorityForCurrentUser(eu.etaxonomy.cdm.model.common.CdmBase, EnumSet, String)
90
     * UserHelper.createAuthorityForCurrentUser(eu.etaxonomy.cdm.model.common.CdmBase, EnumSet, String)} and {@link eu.etaxonomy.cdm.vaadin.security.UserHelper#createAuthorityForCurrentUser(Class, Integer, EnumSet, String)
89
     * found by searching for usage of the methods {@link eu.etaxonomy.cdm.vaadin.permission.UserHelper#createAuthorityForCurrentUser(eu.etaxonomy.cdm.model.common.CdmBase, EnumSet, String)
90
     * UserHelper.createAuthorityForCurrentUser(eu.etaxonomy.cdm.model.common.CdmBase, EnumSet, String)} and {@link eu.etaxonomy.cdm.vaadin.permission.UserHelper#createAuthorityForCurrentUser(Class, Integer, EnumSet, String)
91 91
     * UserHelper.createAuthorityForCurrentUser(Class, Integer, EnumSet, String)}
92 92
     * <p>
93 93
     * At the time of implementing this function these places are:
src/main/java/eu/etaxonomy/cdm/service/CdmUserHelper.java
38 38
import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmAuthorityParsingException;
39 39
import eu.etaxonomy.cdm.persistence.hibernate.permission.ICdmPermissionEvaluator;
40 40
import eu.etaxonomy.cdm.persistence.hibernate.permission.Role;
41
import eu.etaxonomy.cdm.vaadin.security.RolesAndPermissions;
42
import eu.etaxonomy.cdm.vaadin.security.VaadinUserHelper;
41
import eu.etaxonomy.cdm.vaadin.permission.RolesAndPermissions;
42
import eu.etaxonomy.cdm.vaadin.permission.VaadinUserHelper;
43 43

  
44 44
/**
45 45
 * @author a.kohlbecker
src/main/java/eu/etaxonomy/cdm/vaadin/component/common/PersonField.java
28 28
import eu.etaxonomy.cdm.model.agent.Person;
29 29
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;
30 30
import eu.etaxonomy.cdm.vaadin.component.TextFieldNFix;
31
import eu.etaxonomy.cdm.vaadin.security.UserHelper;
31
import eu.etaxonomy.cdm.vaadin.permission.UserHelper;
32 32
import eu.etaxonomy.vaadin.component.CompositeCustomField;
33 33
import eu.etaxonomy.vaadin.component.SwitchButton;
34 34

  
src/main/java/eu/etaxonomy/cdm/vaadin/component/common/TeamOrPersonField.java
33 33
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;
34 34
import eu.etaxonomy.cdm.service.CdmFilterablePagingProvider;
35 35
import eu.etaxonomy.cdm.vaadin.event.ToOneRelatedEntityReloader;
36
import eu.etaxonomy.cdm.vaadin.security.UserHelper;
36
import eu.etaxonomy.cdm.vaadin.permission.UserHelper;
37 37
import eu.etaxonomy.cdm.vaadin.util.TeamOrPersonBaseCaptionGenerator;
38 38
import eu.etaxonomy.cdm.vaadin.util.converter.CdmBaseDeproxyConverter;
39 39
import eu.etaxonomy.cdm.vaadin.view.name.CachingPresenter;
src/main/java/eu/etaxonomy/cdm/vaadin/component/registration/RegistrationItem.java
42 42
import eu.etaxonomy.cdm.vaadin.event.ReferenceEditorAction;
43 43
import eu.etaxonomy.cdm.vaadin.event.ShowDetailsEvent;
44 44
import eu.etaxonomy.cdm.vaadin.model.registration.RegistrationWorkingSet;
45
import eu.etaxonomy.cdm.vaadin.security.PermissionDebugUtils;
46
import eu.etaxonomy.cdm.vaadin.security.UserHelper;
45
import eu.etaxonomy.cdm.vaadin.permission.PermissionDebugUtils;
46
import eu.etaxonomy.cdm.vaadin.permission.UserHelper;
47 47
import eu.etaxonomy.cdm.vaadin.theme.EditValoTheme;
48 48
import eu.etaxonomy.cdm.vaadin.util.formatter.DateTimeFormat;
49 49
import eu.etaxonomy.cdm.vaadin.util.formatter.TimePeriodFormatter;
src/main/java/eu/etaxonomy/cdm/vaadin/component/registration/RegistrationItemNameAndTypeButtons.java
32 32
import eu.etaxonomy.cdm.model.name.TypeDesignationBase;
33 33
import eu.etaxonomy.cdm.model.occurrence.SpecimenOrObservationBase;
34 34
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;
35
import eu.etaxonomy.cdm.vaadin.security.PermissionDebugUtils;
36
import eu.etaxonomy.cdm.vaadin.security.UserHelper;
35
import eu.etaxonomy.cdm.vaadin.permission.PermissionDebugUtils;
36
import eu.etaxonomy.cdm.vaadin.permission.UserHelper;
37 37
import eu.etaxonomy.vaadin.component.CompositeStyledComponent;
38 38

  
39 39
/**
src/main/java/eu/etaxonomy/cdm/vaadin/event/ToOneRelatedEntityButtonUpdater.java
13 13

  
14 14
import eu.etaxonomy.cdm.model.common.CdmBase;
15 15
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;
16
import eu.etaxonomy.cdm.vaadin.security.UserHelper;
16
import eu.etaxonomy.cdm.vaadin.permission.UserHelper;
17 17
import eu.etaxonomy.vaadin.component.ToOneRelatedEntityField;
18 18

  
19 19
/**
src/main/java/eu/etaxonomy/cdm/vaadin/permission/AccessRestrictedView.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.permission;
10

  
11
import java.util.Collection;
12

  
13
import org.springframework.security.core.GrantedAuthority;
14

  
15
/**
16
 * @author a.kohlbecker
17
 * @since Apr 25, 2017
18
 *
19
 */
20
public interface AccessRestrictedView extends ReleasableResourcesView {
21

  
22
    /**
23
     * @return
24
     */
25
    public boolean allowAnonymousAccess();
26

  
27
    /**
28
     * The collections of  {@link GrantedAuthority} objects returned by this method are
29
     * evaluated by the {@link AnnotationBasedAccessControlBean} to determine if the
30
     * current authentication is having sufficient grants to access the view.
31
     * <p>
32
     * The collections are alternative sets of GrantedAuthorities to check.
33
     * The GrantedAuthorities of each of the inner collections must instead all be satisfied.
34
     *
35
     * @return
36
     */
37
    public Collection<Collection<GrantedAuthority>> allowedGrantedAuthorities();
38

  
39
}
src/main/java/eu/etaxonomy/cdm/vaadin/permission/AnnotationBasedAccessControlBean.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.permission;
10

  
11
import java.io.Serializable;
12

  
13
import org.apache.log4j.Logger;
14
import org.springframework.security.authentication.AnonymousAuthenticationToken;
15
import org.springframework.security.core.Authentication;
16
import org.springframework.security.core.context.SecurityContext;
17
import org.springframework.security.core.context.SecurityContextHolder;
18

  
19
import com.vaadin.navigator.View;
20
import com.vaadin.spring.access.ViewInstanceAccessControl;
21
import com.vaadin.ui.UI;
22

  
23
/**
24
 * @author a.kohlbecker
25
 * @since Apr 24, 2017
26
 *
27
 *
28
 * FIMXE consider renaming this class and its interface, since it is no longer annotation based!!!!
29
 */
30
public class AnnotationBasedAccessControlBean implements ViewInstanceAccessControl, Serializable {
31

  
32
    private static final long serialVersionUID = -4232241572782673248L;
33

  
34
    private final static Logger logger = Logger.getLogger(AnnotationBasedAccessControlBean.class);
35

  
36
    /**
37
     * {@inheritDoc}
38
     */
39
    @Override
40
    public boolean isAccessGranted(UI ui, String beanName, View view) {
41

  
42
//        if(view.getClass().isAnnotationPresent(RequireAuthentication.class)){
43
//            return currentSecurityContext().getAuthentication().isAuthenticated();
44
//        }
45
        // no RequireAuthentication annotation => grant access
46

  
47
        if(AccessRestrictedView.class.isAssignableFrom(view.getClass())){
48
            AccessRestrictedView restricedView = (AccessRestrictedView)view;
49
            if(restricedView.allowAnonymousAccess()){
50
                if(logger.isTraceEnabled()){
51
                    logger.trace("anonymous access to " + view.getClass().getName() + " allowed");
52
                }
53
                return true;
54
            } else {
55
                Authentication authentication = currentSecurityContext().getAuthentication();
56
                if(authentication != null && authentication.isAuthenticated() && !(authentication instanceof AnonymousAuthenticationToken)) {
57
                    if(logger.isTraceEnabled()){
58
                        logger.trace("allowing authenticated user " + authentication.getName() + " to access " + view.getClass().getName() );
59
                    }
60
                    return true;
61
                }
62

  
63
                if(logger.isTraceEnabled()){
64
                    logger.trace("denying access to " + view.getClass().getName());
65
                }
66
                restricedView.releaseResourcesOnAccessDenied();
67
                return false;
68
                // FIMXE implement further checks
69
                // TODO use the UserHelperBean?
70
            }
71
        }
72

  
73
        return true;
74
    }
75

  
76
    /**
77
     * @return
78
     *
79
     * FIXME is it ok to use the SecurityContextHolder or do we need to hold the context in the vaadin session?
80
     */
81
    private SecurityContext currentSecurityContext() {
82
        return SecurityContextHolder.getContext();
83
    }
84

  
85

  
86

  
87

  
88
}
src/main/java/eu/etaxonomy/cdm/vaadin/permission/AnnotationBasedAccessControlConfiguration.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.permission;
10

  
11
import org.springframework.context.annotation.Bean;
12
import org.springframework.context.annotation.Configuration;
13

  
14
import com.vaadin.spring.annotation.UIScope;
15

  
16
/**
17
 * @author a.kohlbecker
18
 * @since Apr 24, 2017
19
 *
20
 */
21
@Configuration
22
public class AnnotationBasedAccessControlConfiguration {
23

  
24
    @Bean
25
    @UIScope
26
    public AnnotationBasedAccessControlBean annotationBasedAccessControlBean() {
27
        return new AnnotationBasedAccessControlBean();
28
    }
29

  
30
}
src/main/java/eu/etaxonomy/cdm/vaadin/permission/CdmEditDeletePermissionTester.java
1
/**
2
* Copyright (C) 2018 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.permission;
10

  
11
import eu.etaxonomy.cdm.model.common.CdmBase;
12
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;
13
import eu.etaxonomy.vaadin.permission.EditPermissionTester;
14

  
15
/**
16
 * To be used for {@link ToManyRelatedEntitiesComboboxSelect}
17
 *
18
 * @author a.kohlbecker
19
 * @since Apr 20, 2018
20
 *
21
 */
22
public class CdmEditDeletePermissionTester implements EditPermissionTester {
23
    @Override
24
    public boolean userHasEditPermission(Object bean) {
25
        return  UserHelper.fromSession().userHasPermission((CdmBase)bean, CRUD.UPDATE, CRUD.DELETE);
26
    }
27
}
src/main/java/eu/etaxonomy/cdm/vaadin/permission/PermissionDebugUtils.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.permission;
10

  
11
import java.io.Serializable;
12
import java.util.EnumSet;
13
import java.util.UUID;
14

  
15
import org.apache.log4j.Logger;
16
import org.springframework.context.annotation.Profile;
17

  
18
import com.vaadin.server.FontAwesome;
19
import com.vaadin.server.VaadinSession;
20
import com.vaadin.spring.annotation.SpringComponent;
21
import com.vaadin.spring.annotation.UIScope;
22
import com.vaadin.ui.AbstractComponentContainer;
23
import com.vaadin.ui.Button;
24
import com.vaadin.ui.themes.ValoTheme;
25

  
26
import eu.etaxonomy.cdm.model.common.CdmBase;
27
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;
28

  
29
/**
30
 * PermissionDebugUtils provide the following tools:
31
 * <ul>
32
 *   <li>{@link #addGainPerEntityPermissionButton(AbstractComponentContainer, Class, Integer, EnumSet)}:
33
 *   A button which gives a per entity authority to the current user.</li>
34
 * </ul>
35
 *
36
 *
37
 *
38
 * To enable the PermissionDebugUtils you need to activate the spring profile <code>debug</code>. You can add
39
 * <code>-Dspring.profiles.active=debug</code> to the command starting the jvm
40
 * or set this as an environment variable.
41
 *
42
 * @author a.kohlbecker
43
 * @since Oct 11, 2017
44
 *
45
 */
46
@SpringComponent
47
@UIScope
48
@Profile("debug")
49
public class PermissionDebugUtils implements Serializable {
50

  
51
    private static final long serialVersionUID = -210079304170235459L;
52

  
53
    private final static Logger logger = Logger.getLogger(PermissionDebugUtils.class);
54

  
55
    public static final String VADDIN_SESSION_KEY = "PERMISSION_DEBUG_UTILS";
56

  
57
    public static final String SYSTEM_PROP_KEY = "GainPerEntityPermissionButtons";
58

  
59

  
60
    public PermissionDebugUtils() {
61
        VaadinSession.getCurrent().setAttribute(VADDIN_SESSION_KEY, this);
62
    }
63

  
64
    public static PermissionDebugUtils fromSession() {
65
        return (PermissionDebugUtils)VaadinSession.getCurrent().getAttribute(VADDIN_SESSION_KEY);
66
     }
67

  
68
    public static Button addGainPerEntityPermissionButton(AbstractComponentContainer toContainer, Class<? extends CdmBase> cdmType,
69
            UUID entitiyUuid, EnumSet<CRUD> crud, String property){
70

  
71
        PermissionDebugUtils pu = PermissionDebugUtils.fromSession();
72
        if(pu != null){
73
            Button button = pu.gainPerEntityPermissionButton(cdmType, entitiyUuid, crud, property);
74
            if(button != null){
75
                toContainer.addComponent(button);
76
            }
77
            return button;
78
        }
79
        return null;
80
    }
81

  
82
    public Button gainPerEntityPermissionButton(Class<? extends CdmBase> cdmType, UUID entitiyUuid, EnumSet<CRUD> crud, String property){
83

  
84
       Button button = new Button(FontAwesome.BOLT);
85
       button.addClickListener(e -> UserHelper.fromSession().createAuthorityFor(UserHelper.fromSession().userName(), cdmType, entitiyUuid, crud, property));
86
       button.addStyleName(ValoTheme.BUTTON_DANGER);
87
       return button;
88

  
89
    }
90

  
91

  
92
}
src/main/java/eu/etaxonomy/cdm/vaadin/permission/ReleasableResourcesView.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.permission;
10

  
11
/**
12
 * @author a.kohlbecker
13
 * @since 25.10.2017
14
 *
15
 */
16
public interface ReleasableResourcesView {
17

  
18
    /**
19
     * Callback
20
     */
21
    public void releaseResourcesOnAccessDenied();
22

  
23
}
src/main/java/eu/etaxonomy/cdm/vaadin/permission/RolesAndPermissions.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.permission;
10

  
11
import java.util.UUID;
12

  
13
import eu.etaxonomy.cdm.persistence.hibernate.permission.Role;
14

  
15
/**
16
 * Provides the Roles required by the
17
 * vaadin applications.
18
 *
19
 * @author a.kohlbecker
20
 * @since May 8, 2017
21
 *
22
 */
23
public class RolesAndPermissions {
24

  
25
    public static final Role ROLE_CURATION = new Role(UUID.fromString("642d9ea7-f18c-4ac3-b437-ed05ce5461c3"), "ROLE_CURATION");
26

  
27

  
28
}
src/main/java/eu/etaxonomy/cdm/vaadin/permission/UserHelper.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.permission;
10

  
11
import java.util.EnumSet;
12
import java.util.UUID;
13

  
14
import com.vaadin.server.VaadinSession;
15

  
16
import eu.etaxonomy.cdm.model.common.CdmBase;
17
import eu.etaxonomy.cdm.model.common.User;
18
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;
19
import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmAuthority;
20

  
21
/**
22
 * UserHelper interface. Implementations should use the {@link #VADDIN_SESSION_KEY} to auto registers
23
 * in the VaadinSession.
24
 *
25
 * @author a.kohlbecker
26
 * @since May 23, 2017
27
 *
28
 */
29
public interface UserHelper {
30

  
31
    public static final String VADDIN_SESSION_KEY = "USER_HELPER";
32

  
33
    /**
34
     * Static accessor method to obtain the auto-registered UserHelper-Bean from the
35
     * VaadinSession.
36
     *
37
     * @return
38
     */
39
    public static UserHelper fromSession() {
40
       return (UserHelper)VaadinSession.getCurrent().getAttribute(VADDIN_SESSION_KEY);
41
    }
42

  
43
    boolean userHasPermission(Class<? extends CdmBase> cdmType, Integer entitiyId, Object ... args);
44

  
45
    boolean userHasPermission(Class<? extends CdmBase> cdmType, UUID entitiyUUID, Object ... args);
46

  
47
    boolean userHasPermission(Class<? extends CdmBase> cdmType, Object ... args);
48

  
49
    boolean userHasPermission(CdmBase entity, Object ... args);
50

  
51
    boolean userIsRegistrationCurator();
52

  
53
    boolean userIsAdmin();
54

  
55
    User user();
56

  
57
    String userName();
58

  
59
    boolean userIsAnnonymous();
60

  
61
    boolean userIsAutheticated();
62

  
63
    /**
64
     *
65
     * @param username
66
     * @param cdmEntity
67
     * @param crud
68
     * @param property
69
     * @return the newly created CdmAuthority only if a new CdmAuthority has been added to the user otherwise
70
     * <code>null</code> in case the operation failed of if the user was already granted with this authority.
71
     */
72
    public CdmAuthority createAuthorityFor(String username, CdmBase cdmEntity, EnumSet<CRUD> crud, String property);
73

  
74
    /**
75
     *
76
     * @param username
77
     * @param cdmType
78
     * @param entitiyId
79
     * @param crud
80
     * @param property
81
     * @return the newly created CdmAuthority only if a new CdmAuthority has been added to the user otherwise
82
     * <code>null</code> in case the operation failed of if the user was already granted with this authority.
83
     */
84
    public CdmAuthority createAuthorityFor(String username, Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud, String property);
85

  
86

  
87
    /**
88
    *
89
    * @param username
90
    * @param cdmType
91
    * @param entitiyUuid
92
    * @param crud
93
    * @param property
94
    * @return the newly created CdmAuthority only if a new CdmAuthority has been added to the user otherwise
95
    * <code>null</code> in case the operation failed of if the user was already granted with this authority.
96
    */
97
   public CdmAuthority createAuthorityFor(String username, Class<? extends CdmBase> cdmType, UUID entitiyUuid, EnumSet<CRUD> crud, String property);
98

  
99

  
100
    /**
101
     * @param cdmType
102
     * @param entitiyId
103
     * @param crud
104
     * @return the newly created CdmAuthority only if a new CdmAuthority has been added to the user otherwise
105
     * <code>null</code> in case the operation failed of if the user was already granted with this authority.
106
     */
107
    public CdmAuthority createAuthorityForCurrentUser(Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud, String property);
108

  
109
    /**
110
     * @param cdmType
111
     * @param entitiyUuid
112
     * @param crud
113
     * @return the newly created CdmAuthority only if a new CdmAuthority has been added to the user otherwise
114
     * <code>null</code> in case the operation failed of if the user was already granted with this authority.
115
     */
116
    public CdmAuthority createAuthorityForCurrentUser(Class<? extends CdmBase> cdmType, UUID entitiyUuid, EnumSet<CRUD> crud, String property);
117

  
118
    /**
119
     * @param cdmType
120
     * @param entitiyId
121
     * @param crud
122
     * @return the newly created CdmAuthority only if a new CdmAuthority has been added to the user otherwise
123
     * <code>null</code> in case the operation failed of if the user was already granted with this authority.
124
     */
125
    public CdmAuthority createAuthorityForCurrentUser(CdmBase cdmEntity, EnumSet<CRUD> crud, String property);
126

  
127
    /**
128
     * @param newAuthority
129
     */
130
    public void removeAuthorityForCurrentUser(CdmAuthority newAuthority);
131

  
132
    /**
133
     * @param username
134
     * @param newAuthority
135
     */
136
    public void removeAuthorityForCurrentUser(String username, CdmAuthority newAuthority);
137

  
138

  
139
}
src/main/java/eu/etaxonomy/cdm/vaadin/permission/VaadinUserHelper.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.permission;
10

  
11
import com.vaadin.server.VaadinSession;
12

  
13
/**
14
 * Abstract UserHelper which auto registers in the VaadinSession.
15
 *
16
 * @author a.kohlbecker
17
 * @since May 23, 2017
18
 *
19
 */
20
public abstract class VaadinUserHelper implements UserHelper {
21

  
22
    public VaadinUserHelper() {
23
        VaadinSession.getCurrent().setAttribute(VADDIN_SESSION_KEY, this);
24
    }
25

  
26
}
src/main/java/eu/etaxonomy/cdm/vaadin/permission/annotation/EnableAnnotationBasedAccessControl.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.permission.annotation;
10

  
11
import static java.lang.annotation.ElementType.TYPE;
12
import static java.lang.annotation.RetentionPolicy.RUNTIME;
13

  
14
import java.lang.annotation.Documented;
15
import java.lang.annotation.Retention;
16
import java.lang.annotation.Target;
17

  
18
import org.springframework.context.annotation.Import;
19

  
20
import eu.etaxonomy.cdm.vaadin.permission.AnnotationBasedAccessControlConfiguration;
21

  
22
@Documented
23
@Retention(RUNTIME)
24
@Target(TYPE)
25
@Import(AnnotationBasedAccessControlConfiguration.class)
26
/**
27
 * @author a.kohlbecker
28
 * @since Apr 24, 2017
29
 *
30
 */
31
public @interface EnableAnnotationBasedAccessControl {
32

  
33
}
src/main/java/eu/etaxonomy/cdm/vaadin/permission/annotation/RequireAuthentication.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.permission.annotation;
10

  
11
import java.lang.annotation.Documented;
12
import java.lang.annotation.ElementType;
13
import java.lang.annotation.Retention;
14
import java.lang.annotation.RetentionPolicy;
15
import java.lang.annotation.Target;
16

  
17
/**
18
 * Annotate a Spring View with this to require users to authenticate.
19
 *
20
 * @author a.kohlbecker
21
 * @since Apr 24, 2017
22
 *
23
 */
24

  
25
@Target({ ElementType.TYPE})
26
@Retention(RetentionPolicy.RUNTIME)
27
@Documented
28
public @interface RequireAuthentication {
29

  
30
}
src/main/java/eu/etaxonomy/cdm/vaadin/security/AccessRestrictedView.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.security;
10

  
11
import java.util.Collection;
12

  
13
import org.springframework.security.core.GrantedAuthority;
14

  
15
/**
16
 * @author a.kohlbecker
17
 * @since Apr 25, 2017
18
 *
19
 */
20
public interface AccessRestrictedView extends ReleasableResourcesView {
21

  
22
    /**
23
     * @return
24
     */
25
    public boolean allowAnonymousAccess();
26

  
27
    /**
28
     * The collections of  {@link GrantedAuthority} objects returned by this method are
29
     * evaluated by the {@link AnnotationBasedAccessControlBean} to determine if the
30
     * current authentication is having sufficient grants to access the view.
31
     * <p>
32
     * The collections are alternative sets of GrantedAuthorities to check.
33
     * The GrantedAuthorities of each of the inner collections must instead all be satisfied.
34
     *
35
     * @return
36
     */
37
    public Collection<Collection<GrantedAuthority>> allowedGrantedAuthorities();
38

  
39
}
src/main/java/eu/etaxonomy/cdm/vaadin/security/AnnotationBasedAccessControlBean.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.security;
10

  
11
import java.io.Serializable;
12

  
13
import org.apache.log4j.Logger;
14
import org.springframework.security.authentication.AnonymousAuthenticationToken;
15
import org.springframework.security.core.Authentication;
16
import org.springframework.security.core.context.SecurityContext;
17
import org.springframework.security.core.context.SecurityContextHolder;
18

  
19
import com.vaadin.navigator.View;
20
import com.vaadin.spring.access.ViewInstanceAccessControl;
21
import com.vaadin.ui.UI;
22

  
23
/**
24
 * @author a.kohlbecker
25
 * @since Apr 24, 2017
26
 *
27
 *
28
 * FIMXE consider renaming this class and its interface, since it is no longer annotation based!!!!
29
 */
30
public class AnnotationBasedAccessControlBean implements ViewInstanceAccessControl, Serializable {
31

  
32
    private static final long serialVersionUID = -4232241572782673248L;
33

  
34
    private final static Logger logger = Logger.getLogger(AnnotationBasedAccessControlBean.class);
35

  
36
    /**
37
     * {@inheritDoc}
38
     */
39
    @Override
40
    public boolean isAccessGranted(UI ui, String beanName, View view) {
41

  
42
//        if(view.getClass().isAnnotationPresent(RequireAuthentication.class)){
43
//            return currentSecurityContext().getAuthentication().isAuthenticated();
44
//        }
45
        // no RequireAuthentication annotation => grant access
46

  
47
        if(AccessRestrictedView.class.isAssignableFrom(view.getClass())){
48
            AccessRestrictedView restricedView = (AccessRestrictedView)view;
49
            if(restricedView.allowAnonymousAccess()){
50
                if(logger.isTraceEnabled()){
51
                    logger.trace("anonymous access to " + view.getClass().getName() + " allowed");
52
                }
53
                return true;
54
            } else {
55
                Authentication authentication = currentSecurityContext().getAuthentication();
56
                if(authentication != null && authentication.isAuthenticated() && !(authentication instanceof AnonymousAuthenticationToken)) {
57
                    if(logger.isTraceEnabled()){
58
                        logger.trace("allowing authenticated user " + authentication.getName() + " to access " + view.getClass().getName() );
59
                    }
60
                    return true;
61
                }
62

  
63
                if(logger.isTraceEnabled()){
64
                    logger.trace("denying access to " + view.getClass().getName());
65
                }
66
                restricedView.releaseResourcesOnAccessDenied();
67
                return false;
68
                // FIMXE implement further checks
69
                // TODO use the UserHelperBean?
70
            }
71
        }
72

  
73
        return true;
74
    }
75

  
76
    /**
77
     * @return
78
     *
79
     * FIXME is it ok to use the SecurityContextHolder or do we need to hold the context in the vaadin session?
80
     */
81
    private SecurityContext currentSecurityContext() {
82
        return SecurityContextHolder.getContext();
83
    }
84

  
85

  
86

  
87

  
88
}
src/main/java/eu/etaxonomy/cdm/vaadin/security/AnnotationBasedAccessControlConfiguration.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.security;
10

  
11
import org.springframework.context.annotation.Bean;
12
import org.springframework.context.annotation.Configuration;
13

  
14
import com.vaadin.spring.annotation.UIScope;
15

  
16
/**
17
 * @author a.kohlbecker
18
 * @since Apr 24, 2017
19
 *
20
 */
21
@Configuration
22
public class AnnotationBasedAccessControlConfiguration {
23

  
24
    @Bean
25
    @UIScope
26
    public AnnotationBasedAccessControlBean annotationBasedAccessControlBean() {
27
        return new AnnotationBasedAccessControlBean();
28
    }
29

  
30
}
src/main/java/eu/etaxonomy/cdm/vaadin/security/CdmEditDeletePermissionTester.java
1
/**
2
* Copyright (C) 2018 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.security;
10

  
11
import eu.etaxonomy.cdm.model.common.CdmBase;
12
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;
13
import eu.etaxonomy.vaadin.permission.EditPermissionTester;
14

  
15
/**
16
 * To be used for {@link ToManyRelatedEntitiesComboboxSelect}
17
 *
18
 * @author a.kohlbecker
19
 * @since Apr 20, 2018
20
 *
21
 */
22
public class CdmEditDeletePermissionTester implements EditPermissionTester {
23
    @Override
24
    public boolean userHasEditPermission(Object bean) {
25
        return  UserHelper.fromSession().userHasPermission((CdmBase)bean, CRUD.UPDATE, CRUD.DELETE);
26
    }
27
}
src/main/java/eu/etaxonomy/cdm/vaadin/security/PermissionDebugUtils.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.security;
10

  
11
import java.io.Serializable;
12
import java.util.EnumSet;
13
import java.util.UUID;
14

  
15
import org.apache.log4j.Logger;
16
import org.springframework.context.annotation.Profile;
17

  
18
import com.vaadin.server.FontAwesome;
19
import com.vaadin.server.VaadinSession;
20
import com.vaadin.spring.annotation.SpringComponent;
21
import com.vaadin.spring.annotation.UIScope;
22
import com.vaadin.ui.AbstractComponentContainer;
23
import com.vaadin.ui.Button;
24
import com.vaadin.ui.themes.ValoTheme;
25

  
26
import eu.etaxonomy.cdm.model.common.CdmBase;
27
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;
28

  
29
/**
30
 * PermissionDebugUtils provide the following tools:
31
 * <ul>
32
 *   <li>{@link #addGainPerEntityPermissionButton(AbstractComponentContainer, Class, Integer, EnumSet)}:
33
 *   A button which gives a per entity authority to the current user.</li>
34
 * </ul>
35
 *
36
 *
37
 *
38
 * To enable the PermissionDebugUtils you need to activate the spring profile <code>debug</code>. You can add
39
 * <code>-Dspring.profiles.active=debug</code> to the command starting the jvm
40
 * or set this as an environment variable.
41
 *
42
 * @author a.kohlbecker
43
 * @since Oct 11, 2017
44
 *
45
 */
46
@SpringComponent
47
@UIScope
48
@Profile("debug")
49
public class PermissionDebugUtils implements Serializable {
50

  
51
    private static final long serialVersionUID = -210079304170235459L;
52

  
53
    private final static Logger logger = Logger.getLogger(PermissionDebugUtils.class);
54

  
55
    public static final String VADDIN_SESSION_KEY = "PERMISSION_DEBUG_UTILS";
56

  
57
    public static final String SYSTEM_PROP_KEY = "GainPerEntityPermissionButtons";
58

  
59

  
60
    public PermissionDebugUtils() {
61
        VaadinSession.getCurrent().setAttribute(VADDIN_SESSION_KEY, this);
62
    }
63

  
64
    public static PermissionDebugUtils fromSession() {
65
        return (PermissionDebugUtils)VaadinSession.getCurrent().getAttribute(VADDIN_SESSION_KEY);
66
     }
67

  
68
    public static Button addGainPerEntityPermissionButton(AbstractComponentContainer toContainer, Class<? extends CdmBase> cdmType,
69
            UUID entitiyUuid, EnumSet<CRUD> crud, String property){
70

  
71
        PermissionDebugUtils pu = PermissionDebugUtils.fromSession();
72
        if(pu != null){
73
            Button button = pu.gainPerEntityPermissionButton(cdmType, entitiyUuid, crud, property);
74
            if(button != null){
75
                toContainer.addComponent(button);
76
            }
77
            return button;
78
        }
79
        return null;
80
    }
81

  
82
    public Button gainPerEntityPermissionButton(Class<? extends CdmBase> cdmType, UUID entitiyUuid, EnumSet<CRUD> crud, String property){
83

  
84
       Button button = new Button(FontAwesome.BOLT);
85
       button.addClickListener(e -> UserHelper.fromSession().createAuthorityFor(UserHelper.fromSession().userName(), cdmType, entitiyUuid, crud, property));
86
       button.addStyleName(ValoTheme.BUTTON_DANGER);
87
       return button;
88

  
89
    }
90

  
91

  
92
}
src/main/java/eu/etaxonomy/cdm/vaadin/security/ReleasableResourcesView.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.security;
10

  
11
/**
12
 * @author a.kohlbecker
13
 * @since 25.10.2017
14
 *
15
 */
16
public interface ReleasableResourcesView {
17

  
18
    /**
19
     * Callback
20
     */
21
    public void releaseResourcesOnAccessDenied();
22

  
23
}
src/main/java/eu/etaxonomy/cdm/vaadin/security/RolesAndPermissions.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.security;
10

  
11
import java.util.UUID;
12

  
13
import eu.etaxonomy.cdm.persistence.hibernate.permission.Role;
14

  
15
/**
16
 * Provides the Roles required by the
17
 * vaadin applications.
18
 *
19
 * @author a.kohlbecker
20
 * @since May 8, 2017
21
 *
22
 */
23
public class RolesAndPermissions {
24

  
25
    public static final Role ROLE_CURATION = new Role(UUID.fromString("642d9ea7-f18c-4ac3-b437-ed05ce5461c3"), "ROLE_CURATION");
26

  
27

  
28
}
src/main/java/eu/etaxonomy/cdm/vaadin/security/UserHelper.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.security;
10

  
11
import java.util.EnumSet;
12
import java.util.UUID;
13

  
14
import com.vaadin.server.VaadinSession;
15

  
16
import eu.etaxonomy.cdm.model.common.CdmBase;
17
import eu.etaxonomy.cdm.model.common.User;
18
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;
19
import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmAuthority;
20

  
21
/**
22
 * UserHelper interface. Implementations should use the {@link #VADDIN_SESSION_KEY} to auto registers
23
 * in the VaadinSession.
24
 *
25
 * @author a.kohlbecker
26
 * @since May 23, 2017
27
 *
28
 */
29
public interface UserHelper {
30

  
31
    public static final String VADDIN_SESSION_KEY = "USER_HELPER";
32

  
33
    /**
34
     * Static accessor method to obtain the auto-registered UserHelper-Bean from the
35
     * VaadinSession.
36
     *
37
     * @return
38
     */
39
    public static UserHelper fromSession() {
40
       return (UserHelper)VaadinSession.getCurrent().getAttribute(VADDIN_SESSION_KEY);
41
    }
42

  
43
    boolean userHasPermission(Class<? extends CdmBase> cdmType, Integer entitiyId, Object ... args);
44

  
45
    boolean userHasPermission(Class<? extends CdmBase> cdmType, UUID entitiyUUID, Object ... args);
46

  
47
    boolean userHasPermission(Class<? extends CdmBase> cdmType, Object ... args);
48

  
49
    boolean userHasPermission(CdmBase entity, Object ... args);
50

  
51
    boolean userIsRegistrationCurator();
52

  
53
    boolean userIsAdmin();
54

  
55
    User user();
56

  
57
    String userName();
58

  
59
    boolean userIsAnnonymous();
60

  
61
    boolean userIsAutheticated();
62

  
63
    /**
64
     *
65
     * @param username
66
     * @param cdmEntity
67
     * @param crud
68
     * @param property
69
     * @return the newly created CdmAuthority only if a new CdmAuthority has been added to the user otherwise
70
     * <code>null</code> in case the operation failed of if the user was already granted with this authority.
71
     */
72
    public CdmAuthority createAuthorityFor(String username, CdmBase cdmEntity, EnumSet<CRUD> crud, String property);
73

  
74
    /**
75
     *
76
     * @param username
77
     * @param cdmType
78
     * @param entitiyId
79
     * @param crud
80
     * @param property
81
     * @return the newly created CdmAuthority only if a new CdmAuthority has been added to the user otherwise
82
     * <code>null</code> in case the operation failed of if the user was already granted with this authority.
83
     */
84
    public CdmAuthority createAuthorityFor(String username, Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud, String property);
85

  
86

  
87
    /**
88
    *
89
    * @param username
90
    * @param cdmType
91
    * @param entitiyUuid
92
    * @param crud
93
    * @param property
94
    * @return the newly created CdmAuthority only if a new CdmAuthority has been added to the user otherwise
95
    * <code>null</code> in case the operation failed of if the user was already granted with this authority.
96
    */
97
   public CdmAuthority createAuthorityFor(String username, Class<? extends CdmBase> cdmType, UUID entitiyUuid, EnumSet<CRUD> crud, String property);
98

  
99

  
100
    /**
101
     * @param cdmType
102
     * @param entitiyId
103
     * @param crud
104
     * @return the newly created CdmAuthority only if a new CdmAuthority has been added to the user otherwise
105
     * <code>null</code> in case the operation failed of if the user was already granted with this authority.
106
     */
107
    public CdmAuthority createAuthorityForCurrentUser(Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud, String property);
108

  
109
    /**
110
     * @param cdmType
111
     * @param entitiyUuid
112
     * @param crud
113
     * @return the newly created CdmAuthority only if a new CdmAuthority has been added to the user otherwise
114
     * <code>null</code> in case the operation failed of if the user was already granted with this authority.
115
     */
116
    public CdmAuthority createAuthorityForCurrentUser(Class<? extends CdmBase> cdmType, UUID entitiyUuid, EnumSet<CRUD> crud, String property);
117

  
118
    /**
119
     * @param cdmType
120
     * @param entitiyId
121
     * @param crud
122
     * @return the newly created CdmAuthority only if a new CdmAuthority has been added to the user otherwise
123
     * <code>null</code> in case the operation failed of if the user was already granted with this authority.
124
     */
125
    public CdmAuthority createAuthorityForCurrentUser(CdmBase cdmEntity, EnumSet<CRUD> crud, String property);
126

  
127
    /**
128
     * @param newAuthority
129
     */
130
    public void removeAuthorityForCurrentUser(CdmAuthority newAuthority);
131

  
132
    /**
133
     * @param username
134
     * @param newAuthority
135
     */
136
    public void removeAuthorityForCurrentUser(String username, CdmAuthority newAuthority);
137

  
138

  
139
}
src/main/java/eu/etaxonomy/cdm/vaadin/security/VaadinUserHelper.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.security;
10

  
11
import com.vaadin.server.VaadinSession;
12

  
13
/**
14
 * Abstract UserHelper which auto registers in the VaadinSession.
15
 *
16
 * @author a.kohlbecker
17
 * @since May 23, 2017
18
 *
19
 */
20
public abstract class VaadinUserHelper implements UserHelper {
21

  
22
    public VaadinUserHelper() {
23
        VaadinSession.getCurrent().setAttribute(VADDIN_SESSION_KEY, this);
24
    }
25

  
26
}
src/main/java/eu/etaxonomy/cdm/vaadin/security/annotation/EnableAnnotationBasedAccessControl.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.security.annotation;
10

  
11
import static java.lang.annotation.ElementType.TYPE;
12
import static java.lang.annotation.RetentionPolicy.RUNTIME;
13

  
14
import java.lang.annotation.Documented;
15
import java.lang.annotation.Retention;
16
import java.lang.annotation.Target;
17

  
18
import org.springframework.context.annotation.Import;
19

  
20
import eu.etaxonomy.cdm.vaadin.security.AnnotationBasedAccessControlConfiguration;
21

  
22
@Documented
23
@Retention(RUNTIME)
24
@Target(TYPE)
25
@Import(AnnotationBasedAccessControlConfiguration.class)
26
/**
27
 * @author a.kohlbecker
28
 * @since Apr 24, 2017
29
 *
30
 */
31
public @interface EnableAnnotationBasedAccessControl {
32

  
33
}
src/main/java/eu/etaxonomy/cdm/vaadin/security/annotation/RequireAuthentication.java
1
/**
2
* Copyright (C) 2017 EDIT
3
* European Distributed Institute of Taxonomy
4
* http://www.e-taxonomy.eu
5
*
6
* The contents of this file are subject to the Mozilla Public License Version 1.1
7
* See LICENSE.TXT at the top of this package for the full license terms.
8
*/
9
package eu.etaxonomy.cdm.vaadin.security.annotation;
10

  
11
import java.lang.annotation.Documented;
12
import java.lang.annotation.ElementType;
13
import java.lang.annotation.Retention;
14
import java.lang.annotation.RetentionPolicy;
15
import java.lang.annotation.Target;
16

  
17
/**
18
 * Annotate a Spring View with this to require users to authenticate.
19
 *
20
 * @author a.kohlbecker
21
 * @since Apr 24, 2017
22
 *
23
 */
24

  
25
@Target({ ElementType.TYPE})
26
@Retention(RetentionPolicy.RUNTIME)
27
@Documented
28
public @interface RequireAuthentication {
29

  
30
}
src/main/java/eu/etaxonomy/cdm/vaadin/ui/DistributionStatusUI.java
17 17
import com.vaadin.spring.navigator.SpringViewProvider;
18 18
import com.vaadin.ui.UI;
19 19

  
20
import eu.etaxonomy.cdm.vaadin.security.ReleasableResourcesView;
20
import eu.etaxonomy.cdm.vaadin.permission.ReleasableResourcesView;
21 21
import eu.etaxonomy.cdm.vaadin.view.RedirectToLoginView;
22 22
import eu.etaxonomy.cdm.vaadin.view.distributionStatus.DistributionTableViewBean;
23 23
import eu.etaxonomy.vaadin.ui.UIInitializedEvent;
src/main/java/eu/etaxonomy/cdm/vaadin/view/distributionStatus/DistributionTableViewBean.java
53 53
import eu.etaxonomy.cdm.vaadin.container.CdmSQLContainer;
54 54
import eu.etaxonomy.cdm.vaadin.event.error.DelegatingErrorHandler;
55 55
import eu.etaxonomy.cdm.vaadin.event.error.HibernateExceptionHandler;
56
import eu.etaxonomy.cdm.vaadin.security.AccessRestrictedView;
56
import eu.etaxonomy.cdm.vaadin.permission.AccessRestrictedView;
57 57
import eu.etaxonomy.cdm.vaadin.util.CdmQueryFactory;
58 58
import eu.etaxonomy.cdm.vaadin.util.CdmSpringContextHelper;
59 59
import eu.etaxonomy.cdm.vaadin.util.DistributionEditorUtil;
src/main/java/eu/etaxonomy/cdm/vaadin/view/name/NameTypeDesignationPopupEditor.java
21 21
import eu.etaxonomy.cdm.model.name.TaxonName;
22 22
import eu.etaxonomy.cdm.model.reference.Reference;
23 23
import eu.etaxonomy.cdm.vaadin.event.TaxonNameEditorAction;
24
import eu.etaxonomy.cdm.vaadin.security.CdmEditDeletePermissionTester;
24
import eu.etaxonomy.cdm.vaadin.permission.CdmEditDeletePermissionTester;
25 25
import eu.etaxonomy.cdm.vaadin.util.converter.SetToListConverter;
26 26
import eu.etaxonomy.vaadin.component.ToManyRelatedEntitiesComboboxSelect;
27 27
import eu.etaxonomy.vaadin.component.ToOneRelatedEntityCombobox;
src/main/java/eu/etaxonomy/cdm/vaadin/view/name/NameTypeDesignationPresenter.java
36 36
import eu.etaxonomy.cdm.vaadin.event.EditorActionTypeFilter;
37 37
import eu.etaxonomy.cdm.vaadin.event.EntityChangeEvent;
38 38
import eu.etaxonomy.cdm.vaadin.event.EntityChangeEvent.Type;
39
import eu.etaxonomy.cdm.vaadin.permission.UserHelper;
39 40
import eu.etaxonomy.cdm.vaadin.event.TaxonNameEditorAction;
40 41
import eu.etaxonomy.cdm.vaadin.event.ToOneRelatedEntityButtonUpdater;
41 42
import eu.etaxonomy.cdm.vaadin.event.ToOneRelatedEntityReloader;
42
import eu.etaxonomy.cdm.vaadin.security.UserHelper;
43 43
import eu.etaxonomy.cdm.vaadin.util.CdmTitleCacheCaptionGenerator;
44 44
import eu.etaxonomy.vaadin.mvp.AbstractCdmEditorPresenter;
45 45
import eu.etaxonomy.vaadin.mvp.AbstractView;
src/main/java/eu/etaxonomy/cdm/vaadin/view/name/SpecimenTypeDesignationWorkingsetEditorPresenter.java
48 48
import eu.etaxonomy.cdm.vaadin.model.registration.RegistrationTermLists;
49 49
import eu.etaxonomy.cdm.vaadin.model.registration.SpecimenTypeDesignationDTO;
50 50
import eu.etaxonomy.cdm.vaadin.model.registration.SpecimenTypeDesignationWorkingSetDTO;
51
import eu.etaxonomy.cdm.vaadin.security.UserHelper;
51
import eu.etaxonomy.cdm.vaadin.permission.UserHelper;
52 52
import eu.etaxonomy.cdm.vaadin.ui.RegistrationUIDefaults;
53 53
import eu.etaxonomy.cdm.vaadin.util.CdmTitleCacheCaptionGenerator;
54 54
import eu.etaxonomy.cdm.vaadin.view.occurrence.CollectionPopupEditor;
src/main/java/eu/etaxonomy/cdm/vaadin/view/name/SpecimenTypeDesignationWorkingsetPopupEditor.java
32 32
import eu.etaxonomy.cdm.vaadin.component.common.TeamOrPersonField;
33 33
import eu.etaxonomy.cdm.vaadin.model.registration.SpecimenTypeDesignationDTO;
34 34
import eu.etaxonomy.cdm.vaadin.model.registration.SpecimenTypeDesignationWorkingSetDTO;
35
import eu.etaxonomy.cdm.vaadin.security.AccessRestrictedView;
35
import eu.etaxonomy.cdm.vaadin.permission.AccessRestrictedView;
36 36
import eu.etaxonomy.cdm.vaadin.util.TeamOrPersonBaseCaptionGenerator;
37 37
import eu.etaxonomy.cdm.vaadin.util.converter.DoubleConverter;
38 38
import eu.etaxonomy.cdm.vaadin.util.converter.IntegerConverter;
src/main/java/eu/etaxonomy/cdm/vaadin/view/name/TaxonNameEditorPresenter.java
45 45
import eu.etaxonomy.cdm.vaadin.event.TaxonNameEditorAction;
46 46
import eu.etaxonomy.cdm.vaadin.event.ToOneRelatedEntityButtonUpdater;
47 47
import eu.etaxonomy.cdm.vaadin.event.ToOneRelatedEntityReloader;
48
import eu.etaxonomy.cdm.vaadin.security.UserHelper;
48
import eu.etaxonomy.cdm.vaadin.permission.UserHelper;
49 49
import eu.etaxonomy.cdm.vaadin.ui.RegistrationUIDefaults;
50 50
import eu.etaxonomy.cdm.vaadin.util.CdmTitleCacheCaptionGenerator;
51 51
import eu.etaxonomy.cdm.vaadin.view.reference.ReferencePopupEditor;
src/main/java/eu/etaxonomy/cdm/vaadin/view/name/TaxonNamePopupEditor.java
40 40
import eu.etaxonomy.cdm.vaadin.component.common.TeamOrPersonField;
41 41
import eu.etaxonomy.cdm.vaadin.event.ReferenceEditorAction;
42 42
import eu.etaxonomy.cdm.vaadin.event.TaxonNameEditorAction;
43
import eu.etaxonomy.cdm.vaadin.security.AccessRestrictedView;
44
import eu.etaxonomy.cdm.vaadin.security.CdmEditDeletePermissionTester;
43
import eu.etaxonomy.cdm.vaadin.permission.AccessRestrictedView;
44
import eu.etaxonomy.cdm.vaadin.permission.CdmEditDeletePermissionTester;
45 45
import eu.etaxonomy.cdm.vaadin.util.TeamOrPersonBaseCaptionGenerator;
46 46
import eu.etaxonomy.cdm.vaadin.util.converter.SetToListConverter;
47 47
import eu.etaxonomy.vaadin.component.ReloadableLazyComboBox;
src/main/java/eu/etaxonomy/cdm/vaadin/view/occurrence/CollectionEditorPresenter.java
24 24
import eu.etaxonomy.cdm.vaadin.event.EditorActionTypeFilter;
25 25
import eu.etaxonomy.cdm.vaadin.event.EntityChangeEvent;
26 26
import eu.etaxonomy.cdm.vaadin.event.ToOneRelatedEntityReloader;
27
import eu.etaxonomy.cdm.vaadin.security.UserHelper;
27
import eu.etaxonomy.cdm.vaadin.permission.UserHelper;
28 28
import eu.etaxonomy.vaadin.mvp.AbstractCdmEditorPresenter;
29 29

  
30 30
/**
... This diff was truncated because it exceeds the maximum size that can be displayed.

Also available in: Unified diff

Add picture from clipboard (Maximum size: 40 MB)