Commit 637b33e0 authored by Matija Obreza's avatar Matija Obreza
Browse files

BasicUser and OAuthClient extend AclSid

parent 54afbc25
......@@ -25,6 +25,7 @@ import java.util.stream.Collectors;
import javax.persistence.CollectionTable;
import javax.persistence.Column;
import javax.persistence.DiscriminatorValue;
import javax.persistence.ElementCollection;
import javax.persistence.Entity;
import javax.persistence.EnumType;
......@@ -41,9 +42,9 @@ import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonView;
import org.apache.commons.lang3.StringUtils;
import org.genesys.blocks.model.AuditedVersionedModel;
import org.genesys.blocks.model.Copyable;
import org.genesys.blocks.model.JsonViews;
import org.genesys.blocks.security.model.AclSid;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.provider.ClientDetails;
......@@ -54,7 +55,8 @@ import org.springframework.security.oauth2.provider.ClientDetails;
*/
@Entity
@Table(name = "oauthclient")
public class OAuthClient extends AuditedVersionedModel implements ClientDetails, Copyable<OAuthClient> {
@DiscriminatorValue(value = "2")
public class OAuthClient extends AclSid implements ClientDetails, Copyable<OAuthClient> {
/** The Constant serialVersionUID. */
private static final long serialVersionUID = -4204753722663196007L;
......@@ -149,10 +151,21 @@ public class OAuthClient extends AuditedVersionedModel implements ClientDetails,
@Lob
private String description;
public OAuthClient() {
setPrincipal(true);
}
@PrePersist
private void assignSid() {
flatten();
// Use clientId as SID name
setSid(clientId);
}
/**
* Flatten.
*/
@PrePersist
@PreUpdate
private void flatten() {
resource = resourceIds.stream().collect(Collectors.joining(";"));
......@@ -545,19 +558,19 @@ public class OAuthClient extends AuditedVersionedModel implements ClientDetails,
this.autoApproveScopes.clear();
this.autoApproveScopes.addAll(source.autoApproveScopes);
this.grantTypes.clear();
this.grantTypes.addAll(source.grantTypes);
this.redirectUris.clear();
this.redirectUris.addAll(source.redirectUris);
this.resourceIds.clear();
this.resourceIds.addAll(source.resourceIds);
this.roles.clear();
this.roles.addAll(source.roles);
this.scopes.clear();
this.scopes.addAll(source.scopes);
......
......@@ -16,6 +16,7 @@
package org.genesys.blocks.security;
import org.genesys.blocks.security.model.AclSid;
import org.genesys.blocks.security.model.BasicUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
......@@ -59,16 +60,16 @@ public class SecurityContextUtil {
}
/**
* Gets the current user.
* Gets the current principal (User or OAuthClient)
*
* @param <T> the generic type
* @return the current user
* @return the current security principal
*/
@SuppressWarnings("unchecked")
public static <T extends BasicUser<?>> T getCurrentUser() {
public static <T extends AclSid> T getCurrentUser() {
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if ((authentication != null) && (authentication.getPrincipal() instanceof BasicUser)) {
if ((authentication != null) && (authentication.getPrincipal() instanceof AclSid)) {
return (T) authentication.getPrincipal();
}
......
......@@ -17,7 +17,7 @@ package org.genesys.blocks.security;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.genesys.blocks.security.model.BasicUser;
import org.genesys.blocks.security.model.AclSid;
import org.springframework.data.domain.AuditorAware;
import org.springframework.stereotype.Component;
......@@ -36,13 +36,13 @@ public class SpringSecurityAuditorAware implements AuditorAware<Long> {
*/
@Override
public Long getCurrentAuditor() {
final BasicUser<?> user = SecurityContextUtil.getCurrentUser();
final AclSid sid = SecurityContextUtil.getCurrentUser();
if (user == null) {
SpringSecurityAuditorAware.LOG.trace("No User in security context, can't specify createdBy/lastUpdatedBy");
if (sid == null) {
SpringSecurityAuditorAware.LOG.trace("No AclSid in security context, can't specify createdBy/lastUpdatedBy");
}
return user == null ? null : user.getId();
return sid == null ? null : sid.getId();
}
}
......@@ -19,14 +19,18 @@ import java.util.List;
import javax.persistence.CascadeType;
import javax.persistence.Column;
import javax.persistence.DiscriminatorColumn;
import javax.persistence.DiscriminatorType;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.Inheritance;
import javax.persistence.InheritanceType;
import javax.persistence.OneToMany;
import javax.persistence.Table;
import com.fasterxml.jackson.annotation.JsonIgnore;
import org.genesys.blocks.model.BasicModel;
import org.genesys.blocks.model.AuditedVersionedModel;
/**
* ACL SID uniquely identifies any principal or authority in the system ("SID"
......@@ -34,7 +38,14 @@ import org.genesys.blocks.model.BasicModel;
*/
@Entity
@Table(name = "acl_sid")
public class AclSid extends BasicModel {
/// User and OAuthClient are both SID entities and we need a way to pull them
/// together. Using AclSid seems like the best approach.
/// JOINED inheritance must be used because we need to be able to query acl_sid
/// table with JDBC.
@Inheritance(strategy = InheritanceType.JOINED)
@DiscriminatorColumn(name = "type", discriminatorType = DiscriminatorType.INTEGER)
public class AclSid extends AuditedVersionedModel {
/** The Constant serialVersionUID. */
private static final long serialVersionUID = -8665345718313672678L;
......@@ -49,12 +60,12 @@ public class AclSid extends BasicModel {
/** The object identities. */
@JsonIgnore
@OneToMany(mappedBy = "ownerSid", fetch = FetchType.LAZY, cascade = CascadeType.REMOVE, orphanRemoval = true)
@OneToMany(mappedBy = "ownerSid", fetch = FetchType.LAZY, cascade = CascadeType.REMOVE)
private List<AclObjectIdentity> objectIdentities;
/** The acl entries. */
@JsonIgnore
@OneToMany(mappedBy = "aclSid", fetch = FetchType.LAZY, cascade = CascadeType.REMOVE, orphanRemoval = true)
@OneToMany(mappedBy = "aclSid", fetch = FetchType.LAZY, cascade = CascadeType.REMOVE)
private List<AclEntry> aclEntries;
/**
......
......@@ -25,6 +25,7 @@ import java.util.stream.Collectors;
import javax.persistence.CollectionTable;
import javax.persistence.Column;
import javax.persistence.DiscriminatorValue;
import javax.persistence.ElementCollection;
import javax.persistence.EnumType;
import javax.persistence.Enumerated;
......@@ -39,7 +40,6 @@ import javax.persistence.Transient;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonView;
import org.genesys.blocks.model.AuditedVersionedModel;
import org.genesys.blocks.model.JsonViews;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
......@@ -51,7 +51,8 @@ import org.springframework.security.core.userdetails.UserDetails;
* @param <R> the generic type
*/
@MappedSuperclass
public abstract class BasicUser<R extends GrantedAuthority> extends AuditedVersionedModel implements UserDetails {
@DiscriminatorValue(value = "1")
public abstract class BasicUser<R extends GrantedAuthority> extends AclSid implements UserDetails {
/** The Constant serialVersionUID. */
private static final long serialVersionUID = -5318892732608111516L;
......@@ -124,6 +125,10 @@ public abstract class BasicUser<R extends GrantedAuthority> extends AuditedVersi
@Column(length = 20)
private AccountType accountType = AccountType.LOCAL;
public BasicUser() {
setPrincipal(true);
}
/**
* Ensure UUID.
*/
......@@ -132,6 +137,8 @@ public abstract class BasicUser<R extends GrantedAuthority> extends AuditedVersi
if (this.uuid == null) {
this.uuid = UUID.randomUUID().toString();
}
// Use #uuid as SID name
setSid(this.uuid.toString());
}
/**
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment