Commit 477f0630 authored by Matija Obreza's avatar Matija Obreza
Browse files

BasicUser#username must return the username used by UserDetailsService#loadUserByUsername

parent 551d23d3
......@@ -18,6 +18,8 @@ package org.genesys.blocks.security;
import org.genesys.blocks.security.model.AclSid;
import org.genesys.blocks.security.model.BasicUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
......@@ -26,6 +28,7 @@ import org.springframework.security.core.userdetails.UserDetails;
* The Class SecurityContextUtil.
*/
public class SecurityContextUtil {
public static final Logger LOG = LoggerFactory.getLogger(SecurityContextUtil.class);
/**
* Gets the username.
......@@ -52,11 +55,16 @@ public class SecurityContextUtil {
public static <T extends BasicUser<?>> T getMe() {
final Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if ((auth != null) && (auth.getPrincipal() instanceof BasicUser)) {
return (T) auth.getPrincipal();
} else {
return null;
}
if (auth != null) {
Object principal = auth.getPrincipal();
if (principal instanceof BasicUser) {
return (T) principal;
} else {
LOG.warn("Principal {} is not BasicUser, but type {}", principal, principal.getClass());
}
}
return null;
}
/**
......@@ -69,8 +77,13 @@ public class SecurityContextUtil {
public static <T extends AclSid> T getCurrentUser() {
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if ((authentication != null) && (authentication.getPrincipal() instanceof AclSid)) {
return (T) authentication.getPrincipal();
if (authentication != null) {
Object principal = authentication.getPrincipal();
if (principal instanceof AclSid) {
return (T) principal;
} else {
LOG.warn("Principal {} is not AclSid, but type {}", principal, principal.getClass());
}
}
return null;
......
......@@ -328,13 +328,14 @@ public abstract class BasicUser<R extends GrantedAuthority> extends AclSid imple
return password;
}
/*
* (non-Javadoc)
/**
* {@link #getUsername()} must return the name used by UserDetailService in the {@link org.springframework.security.core.userdetails.UserDetailsService#loadUserByUsername(String)}
*
* @see org.springframework.security.core.userdetails.UserDetails#getUsername()
*/
@Override
public String getUsername() {
return uuid;
return email;
}
/*
......
......@@ -17,6 +17,8 @@ package org.genesys.blocks.security.tests;
import static org.hamcrest.Matchers.contains;
import static org.hamcrest.Matchers.containsInAnyOrder;
import static org.hamcrest.Matchers.equalTo;
import static org.hamcrest.Matchers.instanceOf;
import static org.hamcrest.Matchers.is;
import static org.hamcrest.Matchers.not;
import static org.hamcrest.Matchers.notNullValue;
......@@ -27,11 +29,13 @@ import com.google.common.collect.Sets;
import org.genesys.blocks.security.NotUniqueUserException;
import org.genesys.blocks.security.UserException;
import org.genesys.blocks.security.model.AclSid;
import org.genesys.blocks.security.model.BasicUser.AccountType;
import org.genesys.blocks.security.model.TestUser;
import org.genesys.blocks.security.model.UserRole;
import org.genesys.blocks.security.service.PasswordPolicy.PasswordPolicyException;
import org.junit.Test;
import org.springframework.security.core.userdetails.UserDetails;
/**
* @author Matija Obreza
......@@ -47,6 +51,30 @@ public class BasicUserServiceTest extends ServiceTest {
testUserService.changePassword(user, "newPassword2#");
}
@Test
public void testUserUsername() throws UserException {
final TestUser user = testUserService.createUser(USER_EMAIL, USER_FULLNAME, "password1!", AccountType.LOCAL);
UserDetails userDetails = testUserService.loadUserByUsername(USER_EMAIL);
assertThat(userDetails, not(nullValue()));
assertThat(userDetails.getUsername(), equalTo(user.getUsername()));
assertThat(userDetails.getUsername(), equalTo(user.getEmail()));
assertThat(userDetails, instanceOf(TestUser.class));
// Test type && id
TestUser userUser=(TestUser) userDetails;
assertThat(userUser.getId(), equalTo(user.getId()));
}
@Test
public void testUserIsAclSid() throws UserException {
final TestUser user = testUserService.createUser(USER_EMAIL, USER_FULLNAME, "password1!", AccountType.LOCAL);
assertThat(user, instanceOf(AclSid.class));
UserDetails userDetails = testUserService.loadUserByUsername(USER_EMAIL);
assertThat(userDetails, instanceOf(TestUser.class));
assertThat(userDetails, instanceOf(AclSid.class));
}
@Test(expected = PasswordPolicyException.class)
public void testChangePasswordFail() throws UserException {
final TestUser user = testUserService.createUser(USER_EMAIL, USER_FULLNAME, "password", AccountType.SYSTEM);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment