Commit 66305db0 authored by Matija Obreza's avatar Matija Obreza
Browse files

Updated to latest app-blocks

parent 435bf7e5
...@@ -20,6 +20,7 @@ import java.util.HashSet; ...@@ -20,6 +20,7 @@ import java.util.HashSet;
import java.util.Set; import java.util.Set;
import org.genesys.blocks.security.UserException; import org.genesys.blocks.security.UserException;
import org.genesys.blocks.security.model.BasicUser.AccountType;
import org.genesys.blocks.security.service.PasswordPolicy.PasswordPolicyException; import org.genesys.blocks.security.service.PasswordPolicy.PasswordPolicyException;
import org.genesys2.server.listener.RunAsAdminListener; import org.genesys2.server.listener.RunAsAdminListener;
import org.genesys2.server.model.UserRole; import org.genesys2.server.model.UserRole;
...@@ -44,21 +45,18 @@ public class CreateAdminListener extends RunAsAdminListener { ...@@ -44,21 +45,18 @@ public class CreateAdminListener extends RunAsAdminListener {
} }
if (userService.getSystemUser("SYSTEM") == null) { if (userService.getSystemUser("SYSTEM") == null) {
createAdmin(true, "SYSTEM", null, "SYSTEM"); createAdmin("SYSTEM", "SYSTEM", null, AccountType.SYSTEM);
} }
} }
private void createDefaultAccounts() throws UserException, PasswordPolicyException { private void createDefaultAccounts() throws UserException, PasswordPolicyException {
createAdmin(true, "SYSTEM", null, "SYSTEM"); createAdmin("SYSTEM", "SYSTEM", null, AccountType.SYSTEM);
createAdmin(false, "admin@example.com", "Admin123!", "First Admin"); createAdmin("admin@example.com", "First Admin", "Admin123!", AccountType.LOCAL);
} }
private void createAdmin(boolean systemAccount, String email, String passwd, String name) throws UserException, PasswordPolicyException { private void createAdmin(String email, String fullName, String password, AccountType accountType) throws UserException, PasswordPolicyException {
final User user = new User();
user.setSystemAccount(systemAccount); final User user = userService.createUser(email, fullName, password, accountType);
user.setEmail(email);
user.setPassword(passwd);
user.setFullName(name);
final Set<UserRole> userRoles = new HashSet<UserRole>(); final Set<UserRole> userRoles = new HashSet<UserRole>();
userRoles.add(UserRole.ADMINISTRATOR); userRoles.add(UserRole.ADMINISTRATOR);
user.setRoles(userRoles); user.setRoles(userRoles);
......
...@@ -17,12 +17,9 @@ ...@@ -17,12 +17,9 @@
package org.genesys2.server.model.impl; package org.genesys2.server.model.impl;
import java.beans.Transient; import java.beans.Transient;
import java.util.UUID;
import javax.persistence.Cacheable; import javax.persistence.Cacheable;
import javax.persistence.Column;
import javax.persistence.Entity; import javax.persistence.Entity;
import javax.persistence.PrePersist;
import javax.persistence.Table; import javax.persistence.Table;
import com.fasterxml.jackson.databind.annotation.JsonSerialize; import com.fasterxml.jackson.databind.annotation.JsonSerialize;
...@@ -39,44 +36,11 @@ public class User extends BasicUser<UserRole> { ...@@ -39,44 +36,11 @@ public class User extends BasicUser<UserRole> {
private static final long serialVersionUID = 4564013753931115445L; private static final long serialVersionUID = 4564013753931115445L;
@Column(length = 36, unique = true)
private String uuid;
/**
* System accounts cannot log in through web or otherwise.
*/
@Column(nullable = false, updatable = false, name = "sys")
private boolean systemAccount = false;
@PrePersist
void ensureUUID() {
if (this.uuid == null) {
this.uuid = UUID.nameUUIDFromBytes(getEmail().getBytes()).toString();
}
}
@Override @Override
public String toString() { public String toString() {
return "User id=" + getId() + " email=" + getEmail(); return "User id=" + getId() + " email=" + getEmail();
} }
public String getUuid() {
return uuid;
}
public void setUuid(String uuid) {
this.uuid = uuid;
}
public void setSystemAccount(boolean systemAccount) {
this.systemAccount = systemAccount;
}
public boolean isSystemAccount() {
// TODO move to app-blocks model
return systemAccount;
}
public boolean isAccountExpired() { public boolean isAccountExpired() {
// We don't support account expiration // We don't support account expiration
return false; return false;
...@@ -88,15 +52,6 @@ public class User extends BasicUser<UserRole> { ...@@ -88,15 +52,6 @@ public class User extends BasicUser<UserRole> {
return false; return false;
} }
/**
* This is used by Spring Security (as ACL SID)
*/
@Override
public String getUsername() {
// TODO update app-blocks model
return uuid;
}
public boolean hasRole(String roleName) { public boolean hasRole(String roleName) {
for (final UserRole userRole : getRoles()) { for (final UserRole userRole : getRoles()) {
if (userRole.getName().equalsIgnoreCase(roleName)) { if (userRole.getName().equalsIgnoreCase(roleName)) {
......
...@@ -27,15 +27,15 @@ import org.springframework.transaction.annotation.Transactional; ...@@ -27,15 +27,15 @@ import org.springframework.transaction.annotation.Transactional;
@Transactional @Transactional
public interface UserRepository extends JpaRepository<User, Long> { public interface UserRepository extends JpaRepository<User, Long> {
@Query("select u from User u where u.email = ?1 and u.systemAccount = false") @Query("select u from User u where u.email = ?1 and u.accountType != 'SYSTEM'")
User findByEmail(String email); User findByEmail(String email);
@Query("select u from User u where u.email = ?1 and u.systemAccount = true") @Query("select u from User u where u.email = ?1 and u.accountType = 'SYSTEM'")
User findSystemUser(String username); User findSystemUser(String username);
User findByUuid(String uuid); User findByUuid(String uuid);
@Query("select u from User u where u.email like ?1 and u.systemAccount = false") @Query("select u from User u where u.email like ?1 and u.accountType != 'SYSTEM'")
List<User> autocompleteByEmail(String email, Pageable pageable); List<User> autocompleteByEmail(String email, Pageable pageable);
} }
...@@ -37,10 +37,10 @@ public interface UserService extends BasicUserService<UserRole, User> { ...@@ -37,10 +37,10 @@ public interface UserService extends BasicUserService<UserRole, User> {
@PreAuthorize("hasRole('ADMINISTRATOR')") @PreAuthorize("hasRole('ADMINISTRATOR')")
void addUser(User user) throws UserException, PasswordPolicyException; void addUser(User user) throws UserException, PasswordPolicyException;
@PreAuthorize("hasRole('ADMINISTRATOR') || hasPermission(#user, 'WRITE')") @PreAuthorize("hasRole('ADMINISTRATOR')")
void updateUser(User user) throws UserException; void updateUser(User user) throws UserException;
@PreAuthorize("hasRole('ADMINISTRATOR') || hasPermission(#user, 'WRITE')") @PreAuthorize("hasRole('ADMINISTRATOR')")
void removeUserById(long userId) throws UserException; void removeUserById(long userId) throws UserException;
@PreAuthorize("isAuthenticated()") @PreAuthorize("isAuthenticated()")
......
...@@ -182,9 +182,7 @@ public class UserServiceImpl extends BasicUserServiceImpl<UserRole, User> implem ...@@ -182,9 +182,7 @@ public class UserServiceImpl extends BasicUserServiceImpl<UserRole, User> implem
@Transactional(readOnly = false, rollbackFor = NotUniqueUserException.class) @Transactional(readOnly = false, rollbackFor = NotUniqueUserException.class)
public void addUser(User user) throws UserException, PasswordPolicyException { public void addUser(User user) throws UserException, PasswordPolicyException {
try { try {
if (user.isSystemAccount()) { if (user.getAccountType()==AccountType.LOCAL) {
user.setPassword(THIS_IS_NOT_A_PASSWORD);
} else {
changePassword(user, user.getPassword()); changePassword(user, user.getPassword());
} }
// save user // save user
......
databaseChangeLog: databaseChangeLog:
# Application Blocks: upgrade user to BasicUser # Application Blocks: upgrade user to BasicUser
- changeSet: - changeSet:
id: 1495959628118-1 id: 1495959628118-1
author: matijaobreza (generated) author: matijaobreza (generated)
changes: changes:
- renameTable: - renameTable:
newTableName: userrole newTableName: userrole
oldTableName: user_role oldTableName: user_role
- changeSet: - changeSet:
id: 1495959628118-3 id: 1495959628118-3
author: matijaobreza (generated) author: matijaobreza (generated)
changes: changes:
- renameColumn: - renameColumn:
columnDataType: varchar(255) columnDataType: varchar(255)
newColumnName: fullName newColumnName: fullName
oldColumnName: name oldColumnName: name
remarks: Full name of user remarks: Full name of user
tableName: user tableName: user
- changeSet: - changeSet:
id: 1495959628118-5 id: 1495959628118-5
author: matijaobreza (generated) author: matijaobreza (generated)
changes: changes:
- addColumn: - addColumn:
tableName: user tableName: user
columns: columns:
- column: - column:
constraints: constraints:
nullable: false nullable: false
name: active name: active
type: bit type: bit
- column: - column:
name: createdBy name: createdBy
type: bigint type: bigint
- column: - column:
name: lastModifiedBy name: lastModifiedBy
type: bigint type: bigint
- column: - column:
name: lastModifiedDate name: lastModifiedDate
type: datetime type: datetime
- column: - column:
name: passwordExpires name: passwordExpires
type: datetime type: datetime
- column: - column:
name: shortName name: shortName
type: varchar(20) type: varchar(20)
- column: - column:
name: version name: version
type: integer type: integer
- changeSet: - changeSet:
id: 1495959628118-6 id: 1495959628118-6
author: mobreza author: mobreza
changes: changes:
- sql: - sql:
comment: Migrate user.enabled to user.active = user.enabled; comment: Migrate user.enabled to user.active = user.enabled;
sql: update user set active = enabled; sql: update user set active = enabled;
- changeSet: - changeSet:
id: 1495959628118-7 id: 1495959628118-7
author: matijaobreza (generated) author: matijaobreza (generated)
changes: changes:
- renameColumn: - renameColumn:
columnDataType: varchar(20) columnDataType: varchar(20)
newColumnName: accountType newColumnName: accountType
oldColumnName: loginType oldColumnName: loginType
remarks: Account type remarks: Account type
tableName: user tableName: user
- sql: - sql:
comment: loginType#PASSWORD is changed to accountType#LOCAL comment: loginType#PASSWORD is changed to accountType#LOCAL
sql: update user set accountType = 'LOCAL' where accountType = 'PASSWORD'; sql: update user set accountType = 'LOCAL' where accountType = 'PASSWORD';
- changeSet: - changeSet:
id: 1495959628118-8 id: 1495959628118-8
author: mobreza author: mobreza
changes: changes:
- sql: - sql:
comment: Assign user.version comment: Assign user.version
sql: update user set version = 1 where version is null; sql: update user set version = 1 where version is null;
- changeSet: - changeSet:
id: 1495959628118-9 id: 1495959628118-9
author: matijaobreza (generated) author: matijaobreza (generated)
changes: changes:
- addColumn: - addColumn:
tableName: user tableName: user
columns: columns:
- column: - column:
name: createdDate name: createdDate
type: datetime type: datetime
- column: - column:
name: accountExpires name: accountExpires
type: datetime type: datetime
- changeSet: - changeSet:
id: 1495959628118-10 id: 1495959628118-10
author: matijaobreza (generated) author: matijaobreza (generated)
changes: changes:
- addUniqueConstraint: - addUniqueConstraint:
columnNames: shortName columnNames: shortName
constraintName: UC_USERSHORTNAME_COL constraintName: UC_USERSHORTNAME_COL
tableName: user tableName: user
- changeSet: - changeSet:
id: 1495959628118-11 id: 1495959628118-11
author: matijaobreza (generated) author: matijaobreza (generated)
changes: changes:
- renameColumn: - renameColumn:
columnDataType: bigint columnDataType: bigint
oldColumnName: user_id oldColumnName: user_id
newColumnName: userId newColumnName: userId
tableName: userrole tableName: userrole
- renameColumn: - renameColumn:
columnDataType: varchar(50) columnDataType: varchar(50)
oldColumnName: user_role oldColumnName: user_role
newColumnName: role newColumnName: role
tableName: userrole tableName: userrole
# ClassPK # ClassPK
- changeSet: - changeSet:
id: 1496418311575-1 id: 1496418311575-1
author: matijaobreza author: matijaobreza
changes: changes:
- renameTable: - renameTable:
newTableName: classpk newTableName: classpk
oldTableName: classname oldTableName: classname
- changeSet: - changeSet:
id: 1496418311575-2 id: 1496418311575-2
author: matijaobreza (generated) author: matijaobreza (generated)
changes: changes:
- renameColumn: - renameColumn:
columnDataType: varchar(250) columnDataType: varchar(250)
oldColumnName: className oldColumnName: className
newColumnName: classname newColumnName: classname
tableName: classpk tableName: classpk
# Country Boundingbox # Country Boundingbox
- changeSet: - changeSet:
id: 1496779094288-1 id: 1496779094288-1
author: matijaobreza (generated) author: matijaobreza (generated)
changes: changes:
- addColumn: - addColumn:
tableName: country tableName: country
columns: columns:
- column: - column:
name: minLongitude name: minLongitude
type: double type: double
- column: - column:
name: maxLongitude name: maxLongitude
type: double type: double
- column: - column:
name: minLatitude name: minLatitude
type: double type: double
- column: - column:
name: maxLatitude name: maxLatitude
type: double type: double
# System accounts
- changeSet:
id: 1497558768000-1
author: matijaobreza (generated)
changes:
- sql:
comment: if user#sys==1 convert to accountType#SYSTEM
sql: update user set accountType = 'SYSTEM' where sys = 1;
- dropColumn:
tableName: user
columnName: sys
rollback:
- addColumn:
tableName: user
columnName: sys
type: boolean
- sql:
comment: accountType#SYSTEM to user#sys==1
sql: update user set sys = 1 where accountType = 'SYSTEM';
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment