/ - Diff - EDIT - EDIT Project Management

.gitattributes
1268	1268	eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/preference/wizard/VocabularyTermWizardPage.java -text
1269	1269	eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/security/PermissionPropertyTester.java -text
1270	1270	eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/security/RequiredPermissions.java -text
	1271	eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/security/RolesSourceProvider.java -text
1271	1272	eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/store/CdmStore.java -text
1272	1273	eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/store/CdmStoreConnector.java -text
1273	1274	eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/store/ContextManager.java -text

eu.etaxonomy.taxeditor.cdmlib/META-INF/MANIFEST.MF
346	346	org.springframework.orm.hibernate4,
347	347	org.springframework.security.access,
348	348	org.springframework.security.authentication,
	349	org.springframework.security.authentication.event,
349	350	org.springframework.security.core,
350	351	org.springframework.security.core.context,
351	352	org.springframework.security.core.userdetails,

eu.etaxonomy.taxeditor.store/META-INF/MANIFEST.MF
46	46	eu.etaxonomy.taxeditor.ui.section.supplemental,
47	47	eu.etaxonomy.taxeditor.ui.section.taxon,
48	48	eu.etaxonomy.taxeditor.ui.selection,
	49	eu.etaxonomy.taxeditor.utility,
49	50	eu.etaxonomy.taxeditor.view,
50	51	eu.etaxonomy.taxeditor.view.datasource,
51	52	eu.etaxonomy.taxeditor.view.datasource.handler,

           </definition>
           <definition
                 id="hasROLE_USER_MANAGER">
                 <test
                       args="ROLE_USER_MANAGER"
                       property="eu.etaxonomy.taxeditor.security.permissionTester.hasRole">
                 </test>
                 <with
                    variable="eu.etaxonomy.taxeditor.security.userRoles">
                 <iterate
                       ifEmpty="false"
                       operator="or">
                    <or>
                       <equals
                             value="ROLE_ADMIN">
                       </equals>
                       <equals
                             value="ROLE_USER_MANAGER">
                       </equals>
                    </or>
                 </iterate>
              </with>
           </definition>
           <definition
                 id="hasROLE_PROJECT_MANAGER">
              <with
                    variable="eu.etaxonomy.taxeditor.security.userRoles">
                 <iterate
                       ifEmpty="false"
                       operator="or">
                    <or>
                       <equals
                             value="ROLE_ADMIN">
                       </equals>
                       <equals
                             value="ROLE_PROJECT_MANAGER">
                       </equals>
                    </or>
                 </iterate>
              </with>
           </definition>
     </extension>
     <extension
-...
              activityId="eu.etaxonomy.taxeditor.store.activityUserManagement"
              pattern="eu\.etaxonomy\.taxeditor\..*/.*.UserManagement">
        </activityPatternBinding>
        <activityPatternBinding
              activityId="eu.etaxonomy.taxeditor.store.activityUserManagement"
              pattern="eu\.etaxonomy\.taxeditor\..*/bulkeditor\.input\.group">
        </activityPatternBinding>
        <activity
              description="ROLE_PROJECT_MANAGER dependent ui contributions"
              id="eu.etaxonomy.taxeditor.store.activityProjectManagement"
              name="ProjectManagement">
           <enabledWhen>
              <reference
                    definitionId="hasROLE_PROJECT_MANAGER">
              </reference>
           </enabledWhen>
        </activity>
        <activityPatternBinding
              activityId="eu.etaxonomy.taxeditor.store.activityProjectManagement"
              pattern="eu\.etaxonomy\.taxeditor\..*/eu\.etaxonomy\.taxeditor\..*\.definedTerm.*">
        </activityPatternBinding>
        <activityPatternBinding
              activityId="eu.etaxonomy.taxeditor.store.activityProjectManagement"
              pattern="eu.etaxonomy.taxeditor.bulkeditor/bulkeditor.menus.openmenu"
              isEqualityPattern="true">
        </activityPatternBinding>
     </extension>
     <extension
           point="org.eclipse.ui.services">
        <sourceProvider
              provider="eu.etaxonomy.taxeditor.security.RolesSourceProvider">
           <variable
                 name="eu.etaxonomy.taxeditor.security.userRoles"
                 priorityLevel="workbench">
           </variable>
        </sourceProvider>
     </extension>
     </plugin>

     package eu.etaxonomy.taxeditor.security;
     import java.util.ArrayList;
     import java.util.EnumSet;
     import java.util.Iterator;
     import java.util.List;
     import javax.management.relation.Role;
     import org.apache.commons.lang.StringUtils;
     import org.eclipse.core.expressions.PropertyTester;
     import org.eclipse.jface.viewers.IStructuredSelection;
     import eu.etaxonomy.cdm.model.common.CdmBase;
     import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;
     import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmAuthority;
     import eu.etaxonomy.taxeditor.store.CdmStore;
     /**
      * Checks if the currently authenticated user for {@link CdmAuthority} assignments.
+     *
      * @author andreas
+     *
      */
     public class PermissionPropertyTester extends PropertyTester {
     	private static final String HAS_ROLES = "hasRoles";
     	private static final String HAS_PERMISSIONS = "hasPermissions";
     	private static final String CREATE = CRUD.CREATE.toString();
-...
     	public boolean test(Object receiver, String property, Object[] args,
     			Object expectedValue) {
     		if(property.equals(HAS_PERMISSIONS)){
     			return checkHasPermission(receiver, args);
+    		}
     		if(property.equals(HAS_ROLES)){
     			return checkHasRoles(property, args);
+    		}
     		return false;
+    	}
     	private boolean checkHasRoles(String property, Object[] args) {
     			List<Role> roles = new ArrayList<Role>();
     			for(int i = 0; i < args.length; i++){
     				roles.add((Role)args[i]);
+    			}
     //			return CdmStore.currentAuthentiationHasOneOfRoles(roles.get(0)); // FIXME
     			return false;
+    	}
     	private boolean checkHasPermission(Object receiver, Object[] args) {
     		EnumSet<CRUD> crudSet = crudSetFromArgs(args);

     package eu.etaxonomy.taxeditor.security;
     import java.util.ArrayList;
     import java.util.Collection;
     import java.util.HashMap;
     import java.util.List;
     import java.util.Map;
     import java.util.Observable;
     import java.util.Observer;
     import org.eclipse.ui.AbstractSourceProvider;
     import org.eclipse.ui.ISources;
     import org.springframework.security.core.Authentication;
     import org.springframework.security.core.GrantedAuthority;
     import eu.etaxonomy.cdm.persistence.hibernate.permission.Role;
     import eu.etaxonomy.taxeditor.store.CdmStore;
     import eu.etaxonomy.taxeditor.store.LoginManager;
     /**
      * Provides the Roles assigned to the currently authenticated principal as the
      * variable {@code eu.etaxonomy.taxeditor.security.userRoles}
+     *
      * @author a.kohlbecker
+     *
      */
     public class RolesSourceProvider extends AbstractSourceProvider implements Observer {
     	public final static String RIGHTS_VARIABLE = "eu.etaxonomy.taxeditor.security.userRoles";
     	private final static String[] PROVIDED_SOURCE_NAMES = new String[] { RIGHTS_VARIABLE };
     	private final static Map<String, List<String>> stateMap = new HashMap<String, List<String>>();
     	public RolesSourceProvider() {
     		super();
     		initialize();
+    	}
     	private void initialize() {
     		CdmStore.getLoginManager().addObserver(this);
+    	}
     	@Override
     	public void dispose() {
     		CdmStore.getLoginManager().deleteObserver(this);
+    	}
     	@Override
     	public Map getCurrentState() {
     		// SecurityContextHolder.getContext().
     		List<Role> roles = getCurrentAuthenticationsRoles();
     		List<String> rolesStr = new ArrayList<String>(roles.size());
     		for(Role r : roles){
     			rolesStr.add(r.getAuthority());
+    		}
     		stateMap.put(RIGHTS_VARIABLE, rolesStr);
     		return stateMap;
+    	}
     	/*
     	 * TODO refactor into User once Role is a model class
     	 */
     	private List<Role> getCurrentAuthenticationsRoles() {
     		List<Role> roles = new ArrayList<Role>();
     		Authentication authentication = CdmStore.getCurrentAuthentiation();
     		if (authentication == null) {
     			return roles;
+    		}
     		Collection<? extends GrantedAuthority> authorities = authentication
     				.getAuthorities();
     		if (authorities == null) {
     			return roles;
+    		}
     		Role role = null;
     		for (GrantedAuthority ga : authorities) {
     			try {
     				// check if it is a valid role
     				role = Role.fromString(ga.getAuthority());
     				if (role != null) {
     					roles.add(role);
+    				}
     			} catch (Exception e) {
     				/* IGNORE */
+    			}
+    		}
     		return roles;
+    	}
     	public String[] getProvidedSourceNames() {
     		return PROVIDED_SOURCE_NAMES;
+    	}
     	@Override
     	public void update(Observable o, Object arg) {
     		if(o instanceof LoginManager){
     			/*
     			 * This triggers an update of the variable state, and will update also
     			 * all listeners to the evaluation service. So that every menu point,
     			 * which is also expression controlled, gets updated too.
     			 */
     			fireSourceChanged(ISources.WORKBENCH, getCurrentState());
+    		}
+    	}
+    }

     import org.springframework.core.io.Resource;
     import org.springframework.security.access.PermissionEvaluator;
     import org.springframework.security.authentication.ProviderManager;
     import org.springframework.security.core.Authentication;
     import org.springframework.security.core.context.SecurityContext;
     import org.springframework.security.core.context.SecurityContextHolder;
-...
     	 * @return
     	 */
     	public static boolean currentAuthentiationHasPermission(Class<? extends CdmBase> targetType, EnumSet<CRUD> permission){
     		SecurityContext context = SecurityContextHolder.getContext();
     		return getPermissionEvaluator().hasPermission(context.getAuthentication(), null, targetType.getName(), permission);
     		return getPermissionEvaluator().hasPermission(getCurrentAuthentiation(), null, targetType.getName(), permission);
+    	}
     	public static boolean currentAuthentiationHasOneOfRoles(Role ... roles){
     		return getPermissionEvaluator().hasOneOfRoles(getCurrentAuthentiation(), roles);
+    	}
     	public static Authentication getCurrentAuthentiation() {
     		SecurityContext context = SecurityContextHolder.getContext();
     		return getPermissionEvaluator().hasOneOfRoles(context.getAuthentication(), roles);
     		return context.getAuthentication();
+    	}
     	/*

     	 * <p>authenticate</p>
+    	 *
     	 * @param token a {@link org.springframework.security.authentication.UsernamePasswordAuthenticationToken} object.
     	 * @return true if the login attempt was successful even if the authentication has changed or not
     	 */
     	public boolean authenticate(String username, String password){
-...
     			SecurityContextHolder.clearContext();
     			Authentication lastAuthentication = CdmStore.getCurrentAuthentiation();
     			UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
     			Authentication authentication = CdmStore.getAuthenticationManager().authenticate(token);
-...
     			SecurityContextHolder.getContext().setAuthentication(authentication);
     			this.setChanged();
     			this.notifyObservers();
     			if(!authentication.equals(lastAuthentication)){
     				this.setChanged();
     				this.notifyObservers();
+    			}
     			return true;
+    		}
     		catch(BadCredentialsException e){

Project

General

Profile

EDIT

Revision 45716169

Added by Andreas Kohlbecker about 10 years ago