Stuff

6f140f2c · Matija Obreza · d2298412 · 6f140f2c · 6f140f2c · 6f140f2c
Commit 6f140f2c authored Aug 29, 2013 by Matija Obreza
--- a/src/main/java/org/crophub/rest/common/listener/sample/CreateAdminListener.java
+++ b/src/main/java/org/crophub/rest/common/listener/sample/CreateAdminListener.java
+/**
+ * Copyright 2013 Global Crop Diversity Trust
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ **/
+
+
+package org.crophub.rest.common.listener.sample;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import org.crophub.rest.common.listener.RunAsAdminListener;
+import org.crophub.rest.common.model.UserRole;
+import org.crophub.rest.common.model.impl.User;
+import org.crophub.rest.common.service.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+@Service("createAdminListener")
+public class CreateAdminListener extends RunAsAdminListener {
+
+    @Autowired
+    private UserService userService;
+
+
+    @Override
+    public void init() throws Exception {
+        _logger.info("Start adding sample admin");
+        if(!userService.exists("admin@example.com")){
+            User user = new User();
+            user.setEmail("admin@example.com");
+            user.setPassword("admin");
+            user.setName("Sample Admin");
+            Set<UserRole> userRoles = new HashSet<UserRole>();
+            userRoles.add(UserRole.ADMINISTRATOR);
+            user.setRoles(userRoles);
+//            user.setUserGroups(userGroupService.getUserGroupList());
+
+            userService.addUser(user);
+        }
+
+        _logger.info("Sample admin has been added successfully");
+
+    }
+}
--- a/src/main/java/org/crophub/rest/servlet/controller/HtmlController.java
+++ b/src/main/java/org/crophub/rest/servlet/controller/HtmlController.java
@@ -72,18 +72,18 @@ public class HtmlController extends BaseController {
 		return "/index";
 	}

-	@RequestMapping(value = "login.html")
+	@RequestMapping(value = "login")
 	public String login() {
 		return "/login";
 	}

-	@RequestMapping(value = "registration.html")
+	@RequestMapping(value = "registration")
 	public String registration(ModelMap model) {
 		model.addAttribute("captchaPublicKey", captchaPublicKey);
 		return "/registration";
 	}

-	@RequestMapping(value = "new-user.html")
+	@RequestMapping(value = "new-user")
 	@AsAdmin
 	public String addUser(@ModelAttribute User user, BindingResult bindingResult, HttpServletRequest req,
 			@RequestParam("recaptcha_challenge_field") String challenge, @RequestParam("recaptcha_response_field") String response) {
@@ -123,7 +123,7 @@ public class HtmlController extends BaseController {
 		return "redirect:/registration.html?error=true";
 	}

-	@RequestMapping(value = "forgot-password.html")
+	@RequestMapping(value = "forgot-password")
 	public String forgotPassword() {
 		return "/forgot-password";
 	}

--- a/src/main/java/org/crophub/spring/AddStuffInterceptor.java
+++ b/src/main/java/org/crophub/spring/AddStuffInterceptor.java
+package org.crophub.spring;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.web.servlet.HandlerInterceptor;
+import org.springframework.web.servlet.ModelAndView;
+
+public class AddStuffInterceptor implements HandlerInterceptor {
+
+	@Override
+	public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3) throws Exception {
+
+	}
+
+	@Override
+	public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView modelAndView) throws Exception {
+//		Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+//		if (auth.isAuthenticated())
+//			modelAndView.addObject("userPrincipal", auth.getPrincipal());
+	}
+
+	@Override
+	public boolean preHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2) throws Exception {
+		return true;
+	}
+
+}
--- a/src/main/resources/servlet/auth-servlet.xml
+++ b/src/main/resources/servlet/auth-servlet.xml
@@ -86,6 +86,8 @@
        <bean class="org.springframework.web.servlet.i18n.LocaleChangeInterceptor">
            <property name="paramName" value="lang"/>
        </bean>
+        <!-- Stick user to view -->
+        <bean class="org.crophub.spring.AddStuffInterceptor" />
    </mvc:interceptors>

    <!--Locale resolver-->

--- a/src/main/resources/spring/spring-security.xml
+++ b/src/main/resources/spring/spring-security.xml
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
-  Copyright 2013 Global Crop Diversity Trust
-  
-  Licensed under the Apache License, Version 2.0 (the "License");
-  you may not use this file except in compliance with the License.
-  You may obtain a copy of the License at
-  
-    http://www.apache.org/licenses/LICENSE-2.0
-  
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
+	Copyright 2013 Global Crop Diversity Trust
+
+	Licensed under the Apache License, Version 2.0 (the "License");
+	you may not use this file except in compliance with the License.
+	You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
+	Unless required by applicable law or agreed to in writing, software
+	distributed under the License is distributed on an "AS IS" BASIS,
+	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+	See the License for the specific language governing permissions and
+	limitations under the License.
 -->
-<beans:beans xmlns="http://www.springframework.org/schema/security"
-             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-             xmlns:beans="http://www.springframework.org/schema/beans"
-             xsi:schemaLocation="http://www.springframework.org/schema/beans
+<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
+	xsi:schemaLocation="http://www.springframework.org/schema/beans
                           http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
                           http://www.springframework.org/schema/security
                           http://www.springframework.org/schema/security/spring-security-3.1.xsd">


-    <beans:bean name="securityExpressionHandler"
-                class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler">
-        <beans:property name="permissionEvaluator" ref="permissionEvaluator"/>
-    </beans:bean>
+	<beans:bean name="securityExpressionHandler" class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler">
+		<beans:property name="permissionEvaluator" ref="permissionEvaluator" />
+	</beans:bean>
+
+	<beans:bean name="organizationUserDetailsService" class="org.crophub.rest.common.security.AuthUserDetailsService" />
+
+	<global-method-security secured-annotations="enabled" pre-post-annotations="enabled">
+		<expression-handler ref="securityExpressionHandler" />
+	</global-method-security>

-    <beans:bean name="organizationUserDetailsService"
-                class="org.crophub.rest.common.security.AuthUserDetailsService"/>
+	<!--Do not filter static resources -->
+	<http pattern="/html/**" security="none" />

-    <global-method-security secured-annotations="enabled" pre-post-annotations="enabled">
-        <expression-handler ref="securityExpressionHandler"/>
-    </global-method-security>
+	<!-- Closed page and Authentication filter -->
+	<http auto-config="true" use-expressions="true">

-    <!--Do not filter static resources-->
-    <http pattern="/html/**" security="none"/>
+		<intercept-url pattern="/data" access="isAuthenticated()" />
+		
+		<!--Override default login and logout pages -->
+		<form-login login-page="/login" login-processing-url="/login-attempt" authentication-failure-url="/login?error=1" default-target-url="/" />

-    <!-- Closed page and Authentication filter -->
-    <http auto-config="true" use-expressions="true">
-        <access-denied-handler error-page="/login.html?error=1"/>
-    </http>
+		<logout logout-url="/logout" logout-success-url="/" />
+		
+		<access-denied-handler error-page="/access-denied?error=1" />
+	</http>

-    <!-- Authentication manager -->
-    <beans:bean name="passwordEncoder"
-                class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
+	<!-- Authentication manager -->
+	<beans:bean name="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder" />

-    <authentication-manager>
-        <authentication-provider user-service-ref="organizationUserDetailsService">
-            <password-encoder ref="passwordEncoder"/>
-        </authentication-provider>
-    </authentication-manager>
+	<authentication-manager>
+		<authentication-provider user-service-ref="organizationUserDetailsService">
+			<password-encoder ref="passwordEncoder" />
+		</authentication-provider>
+	</authentication-manager>


 </beans:beans>
--- a/src/main/webapp/WEB-INF/decorator/main.jsp
+++ b/src/main/webapp/WEB-INF/decorator/main.jsp
 <%@include file="/WEB-INF/jsp/init.jsp"%>
+<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>

 <html>
 <head>
@@ -37,11 +38,13 @@
 </head>

 <body>
+	<sec:authentication var="user" property="principal" />
+    
    <div class="container">
    <div id="header">
        <div class="page-header clearfix">

-            <h4 class="pull-left"><spring:message code="sample.message.welcome"/></h4>
+            <h4 class="pull-left"><spring:message code="sample.message.welcome"/></h4>       

            <div class="navbar pull-right">
            <div class="nav-collapse">
@@ -66,6 +69,10 @@
        <div class="page-header">
 			<a href="<c:url value="/" />">Home</a>
 			<a href="<c:url value="/data" />">Datasets</a>
+			
+			<sec:authorize access="isAuthenticated()">
+				<div class="pull-right">You are <b>${user.username}</b></div>
+			</sec:authorize>
        </div>

        <div id="dialog"></div>

--- a/src/main/webapp/WEB-INF/jsp/login.jsp
+++ b/src/main/webapp/WEB-INF/jsp/login.jsp
+<!DOCTYPE html>
+
+<%@include file="/WEB-INF/jsp/init.jsp"%>
+
+<html>
+<head>
+    <title><spring:message code="sample.message.index.title"/></title>
+</head>
+<body>
+
+    <c:if test="${param['error'] ne null}">
+        <div class="alert alert-error"><spring:message code="sample.error.wrong.credentials"/></div>
+    </c:if>
+    <form method="POST" action="/login-attempt" class="form-horizontal">
+        <div class="control-group">
+            <label for="j_username" class="control-label"><spring:message code="sample.message.username"/></label>
+            <div class="controls">
+                <input type="text" id="j_username" name="j_username" class="span3" />
+            </div>
+        </div>
+
+        <div class="control-group">
+            <label for="j_password"  class="control-label"><spring:message code="sample.message.password"/></label>
+            <div class="controls">
+                <input type="password" id="j_password" name="j_password" class="span3" />
+            </div>
+        </div>
+
+        <div class="control-group">
+            <div class="controls">
+            <label class="forCheckbox checkbox inline" for='_spring_security_remember_me'>
+                <input type='checkbox' name='_spring_security_remember_me'  id='_spring_security_remember_me'/>
+                Remember me
+            </label>
+            </div>
+        </div>
+        <div class="form-actions clearfix">
+            <input type="submit" value="Login" class="btn btn-primary" />
+            <a href="registration" id="registration" class="btn"><spring:message code="sample.message.registration"/></a>
+            <%--<a href="forgot-password" id="forgot-password" class="btn pull-right">Forgot password</a>--%>
+        </div>
+    </form>
+</body>
+</html>
\ No newline at end of file
--- a/src/main/webapp/WEB-INF/jsp/registration.jsp
+++ b/src/main/webapp/WEB-INF/jsp/registration.jsp
+<!DOCTYPE html>
+
+<%@include file="init.jsp"%>
+
+<html>
+<head>
+    <title><spring:message code="sample.message.registration"/></title>
+    <%@include file="head-init.jsp"%>
+
+    <script type="text/javascript" src="/html/js/login.js"></script>
+</head>
+<body>
+<div class="container">
+    <div class="page-header"><h3><spring:message code="sample.message.registration"/></h3></div>
+    <c:if test="${param['error'] ne null}">
+        <div class="alert alert-error"><spring:message code="sample.error.wrong.credentials"/></div>
+    </c:if>
+    <c:if test="${param['exist'] ne null}">
+        <div class="alert alert-error"><spring:message code="sample.error.user.exist"/></div>
+    </c:if>
+    <form method="POST" action="new-user.html" class="form-horizontal validate">
+        <div class="control-group">
+            <label for="email" class="control-label"><spring:message code="sample.message.email"/></label>
+            <div class="controls">
+                <input type="text" id="email" name="email" class="span3 required email" />
+            </div>
+        </div>
+        <div class="control-group">
+            <label for="password" class="control-label"><spring:message code="sample.message.password"/></label>
+            <div class="controls">
+                <input type="password" id="password" name="password" class="span3 required" />
+            </div>
+        </div>
+        <div class="control-group">
+            <label for="confirm_password" class="control-label"><spring:message code="sample.message.confirm.password"/></label>
+            <div class="controls">
+                <input type="password" id="confirm_password" name="confirm_password" class="span3 required" equalTo="#password" />
+            </div>
+        </div>
+        <div class="control-group">
+            <label for="name" class="control-label"><spring:message code="sample.message.name"/></label>
+            <div class="controls">
+                <input type="text" id="name" name="name" class="span3 required" />
+            </div>
+        </div>
+        <div class="control-group">
+            <div class="controls">
+            <script type="text/javascript"
+                    src="http://api.recaptcha.net/challenge?k=6LdwDuESAAAAAMTjkOI5OIDX9PfR5FY3jsVElvHT">
+            </script>
+            <noscript>
+                <iframe src="http://api.recaptcha.net/noscript?k=6LdwDuESAAAAAMTjkOI5OIDX9PfR5FY3jsVElvHT"
+                        height="300" width="500" frameborder="0"></iframe><br>
+                <textarea name="recaptcha_challenge_field" rows="3" cols="40">
+                </textarea>
+                <input type="hidden" name="recaptcha_response_field"
+                       value="manual_challenge">
+            </noscript>
+            </div>
+        </div>
+        <div class="form-actions clearfix">
+            <input type="submit" value="<spring:message code="sample.message.registration"/>" class="btn btn-primary" />
+            <a href="login_page" id="registration" class="btn">Back</a>
+        </div>
+    </form>
+</div>
+</body>
+</html>
\ No newline at end of file