| /** |
| * |
| * Copyright (c) 2011, 2016 - Loetz GmbH&Co.KG (69115 Heidelberg, Germany) |
| * |
| * All rights reserved. This program and the accompanying materials |
| * are made available under the terms of the Eclipse Public License v1.0 |
| * which accompanies this distribution, and is available at |
| * http://www.eclipse.org/legal/epl-v10.html |
| * |
| * Contributors: |
| * Christophe Loetz (Loetz GmbH&Co.KG) - initial implementation |
| */ |
| package org.eclipse.osbp.authentication.shiro.extensionsimpl; |
| |
| import java.util.Collection; |
| import java.util.Map; |
| import java.util.Set; |
| |
| import org.apache.shiro.authc.AuthenticationException; |
| import org.apache.shiro.authc.AuthenticationInfo; |
| import org.apache.shiro.authc.AuthenticationToken; |
| import org.apache.shiro.authz.AuthorizationInfo; |
| import org.apache.shiro.realm.AuthorizingRealm; |
| import org.apache.shiro.subject.PrincipalCollection; |
| import org.eclipse.osbp.authentication.ServiceListener; |
| import org.eclipse.osbp.authentication.account.dtos.UserAccountDto; |
| import org.eclipse.osbp.authentication.shiro.extensions.IUserAccess; |
| import org.eclipse.osbp.preferences.ProductConfiguration; |
| import org.eclipse.osbp.ui.api.useraccess.AbstractPosition; |
| import org.eclipse.osbp.ui.api.useraccess.IOrganizationService; |
| import org.eclipse.osbp.ui.api.useraccess.IPermissionList; |
| import org.eclipse.osbp.ui.api.useraccess.IPosition; |
| import org.eclipse.osbp.ui.api.useraccess.ISubOrganization; |
| import org.slf4j.Logger; |
| import org.slf4j.LoggerFactory; |
| |
| // TODO: Auto-generated Javadoc |
| /** |
| * The Class UserAccessAuthorizationRealm. |
| * |
| * some useful hints upon integration vaadin / shiro |
| * https://github.com/davidsowerby/krail/tree/master/src/main/java/uk/q3c |
| * https://vaadin.com/forum/#!/thread/2009907/3349290 |
| * https://vaadin.com/forum#!/thread/8644145 |
| * http://mikepilone.blogspot.de/2013/07/vaadin-shiro-and-push.html |
| * https://github.com/vaadin-kim/shiro-example |
| */ |
| public abstract class UserAccessAuthorizationRealm extends AuthorizingRealm implements IUserAccess { |
| |
| /** The Constant LOGGER. */ |
| private static final Logger LOGGER = LoggerFactory.getLogger(UserAccessAuthorizationRealm.class); |
| |
| /** The portal id. */ |
| private String portalId = ""; |
| |
| // private static final Logger LOGGER = |
| // LoggerFactory.getLogger(UserAccessAuthorizationRealm.class); |
| |
| /** |
| * Instantiates a new user access authorization realm. |
| */ |
| public UserAccessAuthorizationRealm() { |
| } |
| |
| /* |
| * (non-Javadoc) |
| * |
| * @see |
| * org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#getAllUsers |
| * () |
| */ |
| @Override |
| public abstract Set<String> getAllUsers(); |
| |
| /* |
| * (non-Javadoc) |
| * |
| * @see org.eclipse.osbp.authentication.shiro.extensions.IUserAccess# |
| * getAllUsersPositions() |
| */ |
| @Override |
| public abstract Map<String, String> getAllUsersPositions(); |
| |
| /* |
| * (non-Javadoc) |
| * |
| * @see |
| * org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#findUserAccount |
| * (java.lang.String) |
| */ |
| @Override |
| public abstract UserAccountDto findUserAccount(String username); |
| |
| /* |
| * (non-Javadoc) |
| * |
| * @see org.eclipse.osbp.authentication.shiro.extensions.IUserAccess# |
| * findUsersForPosition(java.lang.String) |
| */ |
| @Override |
| public abstract Set<String> findUsersForPosition(String positionName); |
| |
| /* |
| * (non-Javadoc) |
| * |
| * @see org.eclipse.osbp.authentication.shiro.extensions.IUserAccess# |
| * findPositionForUser(java.lang.String) |
| */ |
| @Override |
| public AbstractPosition findPositionForUser(String username) { |
| UserAccountDto user = findUserAccount(username); |
| if (user != null) { |
| return findPositionForPositionName(user.getPosition()); |
| } |
| return null; |
| } |
| |
| /* |
| * (non-Javadoc) |
| * |
| * @see org.eclipse.osbp.authentication.shiro.extensions.IUserAccess# |
| * findPositionForPositionName(java.lang.String) |
| */ |
| @Override |
| public AbstractPosition findPositionForPositionName(String positionName) { |
| if (positionName != null) { |
| // as positions in organization are not allowed to have spaces |
| String pos = positionName.replace(" ", "_"); |
| for (IOrganizationService organizationService : ServiceListener.getOrganizationServices()) { |
| String organizationID = ProductConfiguration.getAuthenticationOrganizationId(); |
| ISubOrganization organization = organizationService.getOrganization(organizationID); |
| if (organization != null) { |
| IPosition position = (organization != null) ? organization.getPosition(pos) : null; |
| if (position != null && position instanceof AbstractPosition) { |
| return (AbstractPosition) position; |
| } |
| } |
| } |
| } |
| return null; |
| } |
| |
| /* |
| * (non-Javadoc) |
| * |
| * @see |
| * org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#findRolesForUser |
| * (java.lang.String) |
| */ |
| @Override |
| public Collection<String> findRolesForUser(String username) { |
| AbstractPosition position = findPositionForUser(username); |
| if (position != null) { |
| return position.getRoles(); |
| } |
| return null; |
| } |
| |
| /* |
| * (non-Javadoc) |
| * |
| * @see org.eclipse.osbp.authentication.shiro.extensions.IUserAccess# |
| * findPermissionsForUser(java.lang.String) |
| */ |
| @Override |
| public IPermissionList findPermissionsForUser(String username) { |
| AbstractPosition position = findPositionForUser(username); |
| if (position != null) { |
| return position.getPermissionList(); |
| } |
| return null; |
| } |
| |
| /* |
| * (non-Javadoc) |
| * |
| * @see |
| * org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#getPortalId |
| * () |
| */ |
| @Override |
| public String getPortalId() { |
| return portalId; |
| } |
| |
| /* |
| * (non-Javadoc) |
| * |
| * @see |
| * org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#setPortalId |
| * (java.lang.String) |
| */ |
| @Override |
| public void setPortalId(String portalId) { |
| this.portalId = portalId; |
| } |
| |
| /* |
| * (non-Javadoc) |
| * |
| * @see |
| * org.apache.shiro.realm.AuthorizingRealm#doGetAuthorizationInfo(org.apache |
| * .shiro.subject.PrincipalCollection) |
| */ |
| @Override |
| protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { |
| return null; |
| } |
| |
| /* |
| * (non-Javadoc) |
| * |
| * @see |
| * org.apache.shiro.realm.AuthenticatingRealm#doGetAuthenticationInfo(org |
| * .apache.shiro.authc.AuthenticationToken) |
| */ |
| @Override |
| protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { |
| return null; |
| } |
| |
| /* |
| * (non-Javadoc) |
| * |
| * @see org.eclipse.osbp.authentication.shiro.extensions.IUserAccess# |
| * checkUsernameUniqueness(java.lang.String) |
| */ |
| @Override |
| public boolean checkUsernameExists(String username) { |
| return getAllUsers().contains(username); |
| } |
| |
| /* |
| * (non-Javadoc) |
| * |
| * @see org.eclipse.osbp.authentication.shiro.extensions.IUserAccess# |
| * checkEmailUniqueness(java.lang.String) |
| */ |
| @Override |
| public boolean checkEmailExists(String email) { |
| return getAllEmails().contains(email); |
| } |
| } |