Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
A
App Blocks
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Packages & Registries
Packages & Registries
Container Registry
Analytics
Analytics
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Commits
Open sidebar
Genesys PGR
App Blocks
Commits
a3c4dfd2
Commit
a3c4dfd2
authored
Dec 05, 2018
by
Matija Obreza
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
SpringSecurityAuditorAware fetches AclSid#id directly with getSidId()
parent
bd408e8a
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
55 additions
and
14 deletions
+55
-14
security/src/main/java/org/genesys/blocks/security/SecurityContextUtil.java
...java/org/genesys/blocks/security/SecurityContextUtil.java
+8
-5
security/src/main/java/org/genesys/blocks/security/SpringSecurityAuditorAware.java
...g/genesys/blocks/security/SpringSecurityAuditorAware.java
+23
-8
security/src/main/java/org/genesys/blocks/security/persistence/AclSidPersistence.java
...enesys/blocks/security/persistence/AclSidPersistence.java
+8
-0
security/src/main/java/org/genesys/blocks/security/service/CustomAclService.java
...org/genesys/blocks/security/service/CustomAclService.java
+8
-0
security/src/main/java/org/genesys/blocks/security/service/impl/CustomAclServiceImpl.java
...ys/blocks/security/service/impl/CustomAclServiceImpl.java
+8
-1
No files found.
security/src/main/java/org/genesys/blocks/security/SecurityContextUtil.java
View file @
a3c4dfd2
...
...
@@ -56,18 +56,21 @@ public class SecurityContextUtil {
* @return true if obtained, false if not obtained.
*/
private
static
synchronized
boolean
updatePermissionEvaluator
()
{
return
(
permissionEvaluator
=
updateBean
(
PermissionEvaluator
.
class
))
!=
null
;
}
static
final
<
T
>
T
updateBean
(
Class
<
T
>
clazz
)
{
ApplicationContext
context
=
CurrentApplicationContext
.
getContext
();
if
(
context
!=
null
)
{
try
{
permissionEvaluator
=
context
.
getBean
(
PermissionEvaluator
.
class
);
return
true
;
return
context
.
getBean
(
clazz
);
}
catch
(
BeansException
e
)
{
LOG
.
warn
(
"Could not find
PermissionEvaluator instance in your context"
);
LOG
.
warn
(
"Could not find
{} instance in your context: {}"
,
clazz
,
e
.
getMessage
()
);
}
}
else
{
LOG
.
warn
(
"You should initialize a bean instance of org.genesys.blocks.util.CurrentApplicationContext in your context"
);
}
return
false
;
return
null
;
}
/**
...
...
@@ -122,7 +125,7 @@ public class SecurityContextUtil {
if
(
principal
instanceof
AclSid
)
{
return
(
T
)
principal
;
}
else
{
LOG
.
warn
(
"Principal {} is not AclSid, but type {}
"
,
principal
,
principal
.
getClass
());
LOG
.
warn
(
"Principal {} is not AclSid, but type {}
. Auth of type {}"
,
principal
,
principal
.
getClass
(),
authentication
.
getClass
());
}
}
...
...
security/src/main/java/org/genesys/blocks/security/SpringSecurityAuditorAware.java
View file @
a3c4dfd2
...
...
@@ -15,10 +15,14 @@
*/
package
org.genesys.blocks.security
;
import
org.apache.commons.logging.Log
;
import
org.apache.commons.logging.LogFactory
;
import
org.genesys.blocks.security.model.AclSid
;
import
org.genesys.blocks.security.service.CustomAclService
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.data.domain.AuditorAware
;
import
org.springframework.security.core.Authentication
;
import
org.springframework.security.core.context.SecurityContextHolder
;
import
org.springframework.stereotype.Component
;
/**
...
...
@@ -28,7 +32,10 @@ import org.springframework.stereotype.Component;
public
class
SpringSecurityAuditorAware
implements
AuditorAware
<
Long
>
{
/** The Constant LOG. */
public
static
final
Log
LOG
=
LogFactory
.
getLog
(
SpringSecurityAuditorAware
.
class
);
private
static
final
Logger
LOG
=
LoggerFactory
.
getLogger
(
SpringSecurityAuditorAware
.
class
);
@Autowired
private
CustomAclService
aclService
;
/*
* (non-Javadoc)
...
...
@@ -36,13 +43,21 @@ public class SpringSecurityAuditorAware implements AuditorAware<Long> {
*/
@Override
public
Long
getCurrentAuditor
()
{
final
A
clSid
sid
=
SecurityContextUtil
.
getCurrentUser
();
final
A
uthentication
authentication
=
SecurityContextHolder
.
getContext
().
getAuthentication
();
if
(
sid
==
null
)
{
SpringSecurityAuditorAware
.
LOG
.
trace
(
"No AclSid in security context, can't specify createdBy/lastUpdatedBy"
);
if
(
authentication
!=
null
)
{
Object
principal
=
authentication
.
getPrincipal
();
if
(
principal
instanceof
AclSid
)
{
return
((
AclSid
)
principal
).
getId
();
}
else
if
(
principal
instanceof
String
)
{
return
aclService
.
getSidId
((
String
)
principal
);
}
else
{
LOG
.
warn
(
"Principal {} is not AclSid, but type {}. Auth of type {}"
,
principal
,
principal
.
getClass
(),
authentication
.
getClass
());
}
}
return
sid
==
null
?
null
:
sid
.
getId
();
LOG
.
warn
(
"No security principal available."
);
return
null
;
}
}
security/src/main/java/org/genesys/blocks/security/persistence/AclSidPersistence.java
View file @
a3c4dfd2
...
...
@@ -53,4 +53,12 @@ public interface AclSidPersistence extends JpaRepository<AclSid, Long> {
@Query
(
"select sid from AclSid sid where sid.principal = false"
)
List
<
AclSid
>
listAuthoritySids
();
/**
* Gets the sid id.
*
* @param sid the sid
* @return the sid id
*/
@Query
(
"select sid.id from AclSid sid where sid.sid = :sid"
)
Long
getSidId
(
@Param
(
"sid"
)
String
sid
);
}
security/src/main/java/org/genesys/blocks/security/service/CustomAclService.java
View file @
a3c4dfd2
...
...
@@ -228,4 +228,12 @@ public interface CustomAclService {
* missing ACL-aware entities, remove obsolete {@link AclClass}.
*/
void
cleanupAcl
();
/**
* Gets the sid id.
*
* @param sid the sid
* @return the sid id
*/
Long
getSidId
(
String
sid
);
}
security/src/main/java/org/genesys/blocks/security/service/impl/CustomAclServiceImpl.java
View file @
a3c4dfd2
...
...
@@ -44,6 +44,7 @@ import org.springframework.security.access.prepost.PreAuthorize;
import
org.springframework.security.acls.domain.BasePermission
;
import
org.springframework.security.acls.model.Permission
;
import
org.springframework.stereotype.Service
;
import
org.springframework.transaction.annotation.Isolation
;
import
org.springframework.transaction.annotation.Propagation
;
import
org.springframework.transaction.annotation.Transactional
;
...
...
@@ -93,7 +94,13 @@ public class CustomAclServiceImpl implements CustomAclService {
public
AclSid
getSid
(
Long
id
)
{
return
aclSidPersistence
.
findOne
(
id
);
}
@Override
@Transactional
(
readOnly
=
true
,
propagation
=
Propagation
.
REQUIRES_NEW
,
isolation
=
Isolation
.
READ_UNCOMMITTED
)
public
Long
getSidId
(
String
sid
)
{
return
aclSidPersistence
.
getSidId
(
sid
);
}
@Override
@Transactional
(
propagation
=
Propagation
.
REQUIRED
)
public
AclSid
getAuthoritySid
(
String
authority
)
{
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment