gCubeSystem
/
auth-portlet-manager
16
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/portlets/admin/auth-portlet-manager@134167 82a268e6-3cf1-43bd-a215-b396298e98cf

This commit is contained in:
Alessandro Pieve 2016-11-15 11:11:54 +00:00
parent fd008e69fe
commit 1a7c9fe623
2 changed files with 44 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pom.xml
View File

@ -43,12 +43,9 @@
<webappDirectory>${project.build.directory}/${project.build.finalName}</webappDirectory> <webappDirectory>${project.build.directory}/${project.build.finalName}</webappDirectory>
<distroDirectory>distro</distroDirectory> <distroDirectory>distro</distroDirectory>
<configDirectory>config</configDirectory> <configDirectory>config</configDirectory>
<!-- GWT configuration --> <!-- GWT configuration -->
<gwtVersion>2.7.0</gwtVersion> <gwtVersion>2.7.0</gwtVersion>
<gwtLogVersion></gwtLogVersion> <gwtLogVersion></gwtLogVersion>
<KEYS>${env.KEYS}</KEYS> <KEYS>${env.KEYS}</KEYS>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@ -176,6 +173,12 @@
<!-- <scope> compile</scope> --> <!-- <scope> compile</scope> -->
</dependency> </dependency>
<!-- End Authorization Client --> <!-- End Authorization Client -->
<dependency>
<groupId>com.liferay.portal</groupId>
<artifactId>portal-service</artifactId>
<scope>provided</scope>
</dependency>
</dependencies> </dependencies>
<build> <build>
<!-- Generate compiled stuff in the folder used for developing mode --> <!-- Generate compiled stuff in the folder used for developing mode -->

64
src/main/java/org/gcube/portlets/admin/authportletmanager/server/AuthServiceImpl.java
View File

@ -16,7 +16,6 @@ import java.util.Map;
import javax.servlet.ServletException; import javax.servlet.ServletException;
import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSession;
import org.gcube.application.framework.core.session.ASLSession; import org.gcube.application.framework.core.session.ASLSession;
import org.gcube.common.authorization.library.policies.Action; import org.gcube.common.authorization.library.policies.Action;
import org.gcube.common.authorization.library.policies.Policy; import org.gcube.common.authorization.library.policies.Policy;
@ -39,7 +38,6 @@ import org.gcube.portlets.admin.authportletmanager.shared.ConstantsSharing;
import org.gcube.portlets.admin.authportletmanager.shared.PolicyAuth; import org.gcube.portlets.admin.authportletmanager.shared.PolicyAuth;
import org.gcube.portlets.admin.authportletmanager.shared.Quote; import org.gcube.portlets.admin.authportletmanager.shared.Quote;
import org.gcube.portlets.admin.authportletmanager.shared.Service; import org.gcube.portlets.admin.authportletmanager.shared.Service;
import org.gcube.portlets.admin.authportletmanager.shared.exceptions.ContextException;
import org.gcube.portlets.admin.authportletmanager.shared.exceptions.ServiceException; import org.gcube.portlets.admin.authportletmanager.shared.exceptions.ServiceException;
import org.gcube.portlets.admin.authportletmanager.shared.exceptions.TypeCallerException; import org.gcube.portlets.admin.authportletmanager.shared.exceptions.TypeCallerException;
import org.gcube.resources.discovery.client.api.DiscoveryClient; import org.gcube.resources.discovery.client.api.DiscoveryClient;
@ -47,19 +45,18 @@ import org.gcube.resources.discovery.client.queries.api.SimpleQuery;
import org.gcube.vomanagement.usermanagement.GroupManager; import org.gcube.vomanagement.usermanagement.GroupManager;
import org.gcube.vomanagement.usermanagement.RoleManager; import org.gcube.vomanagement.usermanagement.RoleManager;
import org.gcube.vomanagement.usermanagement.UserManager; import org.gcube.vomanagement.usermanagement.UserManager;
import org.gcube.vomanagement.usermanagement.exception.GroupRetrievalFault;
import org.gcube.vomanagement.usermanagement.exception.UserManagementSystemException;
import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager; import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager;
import org.gcube.vomanagement.usermanagement.impl.LiferayRoleManager; import org.gcube.vomanagement.usermanagement.impl.LiferayRoleManager;
import org.gcube.vomanagement.usermanagement.impl.LiferayUserManager; import org.gcube.vomanagement.usermanagement.impl.LiferayUserManager;
import org.gcube.vomanagement.usermanagement.model.GCubeGroup; import org.gcube.vomanagement.usermanagement.model.GCubeGroup;
import org.gcube.vomanagement.usermanagement.model.GCubeRole; import org.gcube.vomanagement.usermanagement.model.GCubeRole;
import org.gcube.vomanagement.usermanagement.model.GCubeUser; import org.gcube.vomanagement.usermanagement.model.GCubeUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.google.gwt.user.server.rpc.RemoteServiceServlet; import com.google.gwt.user.server.rpc.RemoteServiceServlet;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
/** /**
* AuthServiceImpl * AuthServiceImpl
* *
@ -72,9 +69,7 @@ import com.google.gwt.user.server.rpc.RemoteServiceServlet;
@SuppressWarnings({ "serial", "deprecation" }) @SuppressWarnings({ "serial", "deprecation" })
public class AuthServiceImpl extends RemoteServiceServlet public class AuthServiceImpl extends RemoteServiceServlet
implements AuthManagerService { implements AuthManagerService {
private static final Log logger = LogFactoryUtil.getLog(AuthServiceImpl.class);
private static Logger logger = LoggerFactory
.getLogger(AuthServiceImpl.class);
/** /**
* {@inheritDoc} * {@inheritDoc}
@ -89,44 +84,48 @@ implements AuthManagerService {
} }
/** /**
* Load all list policy * Load all list policy
*/ */
@Override @Override
public ArrayList<PolicyAuth> loadListPolicy(String context) throws ServiceException { public ArrayList<PolicyAuth> loadListPolicy(String context) throws ServiceException {
try { try {
HttpSession session = this.getThreadLocalRequest().getSession(); HttpSession session = this.getThreadLocalRequest().getSession();
ArrayList<PolicyAuth> policyList =new ArrayList<PolicyAuth>(); ArrayList<PolicyAuth> policyList =new ArrayList<PolicyAuth>();
ASLSession aslSession = SessionUtil.getASLSession(session); ASLSession aslSession = SessionUtil.getASLSession(session);
String username = aslSession.getUsername(); String username = aslSession.getUsername();
//String scope=aslSession.getScope(); //String scope=aslSession.getScope();
//String token =aslSession.getSecurityToken(); //String token =aslSession.getSecurityToken();
if (context==null) if (context==null){
logger.debug("loadListPolicy found context:"+null);
context=aslSession.getScope(); context=aslSession.getScope();
String token = authorizationService().generateUserToken(new UserInfo(username, new ArrayList<String>()), context); }
String token= authorizationService().resolveTokenByUserAndContext(username, context);
if (token==null)
token = authorizationService().generateUserToken(new UserInfo(username, new ArrayList<String>()), context);
if (ConstantsSharing.DEBUG_MODE) { if (ConstantsSharing.DEBUG_MODE) {
token=ConstantsSharing.DEBUG_TOKEN; token=ConstantsSharing.DEBUG_TOKEN;
context="/gcube/devNext"; context="/gcube/devNext";
logger.debug("load list policy in scope:"+context); logger.debug("Debug load list policy in scope:"+context);
} }
aslSession.setSecurityToken(token);
aslSession.setScope(context);
logger.debug("load list policy in scope:"+context+"-token:"+token+"-username:"+username);
SecurityTokenProvider.instance.set(token); SecurityTokenProvider.instance.set(token);
List<Policy> policies = authorizationService().getPolicies(context); List<Policy> policies = authorizationService().getPolicies(context);
if (policies!=null){ if (policies!=null){
logger.info("Load List Policy Find:"+policies.size()); logger.debug("Load List Policy Find:"+policies.size());
if (policies.size()>0){ if (policies.size()>0){
for (Policy policy : policies){ for (Policy policy : policies){
logger.debug("retrieve a policy service object"+policy);
ArrayList<Caller> callers =new ArrayList<Caller>(); ArrayList<Caller> callers =new ArrayList<Caller>();
boolean excludeCallers=false; boolean excludeCallers=false;
if (policy.getPolicyType()==PolicyType.USER){ if (policy.getPolicyType()==PolicyType.USER){
//retrive caller type user or role //retrive caller type user or role
List<String> callerExcludes=((User2ServicePolicy) policy).getEntity().getExcludes(); List<String> callerExcludes=((User2ServicePolicy) policy).getEntity().getExcludes();
TypeCaller typecaller=TypeCaller.valueOf(((User2ServicePolicy) policy).getEntity().getType().toString().toLowerCase()); TypeCaller typecaller=TypeCaller.valueOf(((User2ServicePolicy) policy).getEntity().getType().toString().toLowerCase());
logger.debug("callerExcludes:"+callerExcludes +" and size:"+callerExcludes.size()); //logger.debug("callerExcludes:"+callerExcludes +" and size:"+callerExcludes.size());
if (callerExcludes.size()>0){ if (callerExcludes.size()>0){
//condition with all excepiton //condition with all excepiton
for (String callerExclude: callerExcludes){ for (String callerExclude: callerExcludes){
@ -144,7 +143,7 @@ implements AuthManagerService {
} }
else{ else{
//retrive caller type service //retrive caller type service
logger.debug("retrieve a policy service"+policy.toString()); //logger.debug("retrieve a policy service"+policy.toString());
String callerIdentifier=((Service2ServicePolicy) policy).getClient().getService().getName().toString()+ String callerIdentifier=((Service2ServicePolicy) policy).getClient().getService().getName().toString()+
":"+((Service2ServicePolicy) policy).getClient().getService().getServiceClass()+ ":"+((Service2ServicePolicy) policy).getClient().getService().getServiceClass()+
":"+((Service2ServicePolicy) policy).getClient().getService().getServiceId().toString(); ":"+((Service2ServicePolicy) policy).getClient().getService().getServiceId().toString();
@ -203,13 +202,17 @@ implements AuthManagerService {
//String token =aslSession.getSecurityToken(); //String token =aslSession.getSecurityToken();
if (context==null) if (context==null)
context=aslSession.getScope(); context=aslSession.getScope();
String token = authorizationService().generateUserToken(new UserInfo(username, new ArrayList<String>()), context);
String token= authorizationService().resolveTokenByUserAndContext(username, context);
if (token==null)
token = authorizationService().generateUserToken(new UserInfo(username, new ArrayList<String>()), context);
//String token = authorizationService().generateUserToken(new UserInfo(username, new ArrayList<String>()), context);
if (ConstantsSharing.DEBUG_MODE) { if (ConstantsSharing.DEBUG_MODE) {
token=ConstantsSharing.DEBUG_TOKEN; token=ConstantsSharing.DEBUG_TOKEN;
} }
SecurityTokenProvider.instance.set(token); SecurityTokenProvider.instance.set(token);
if (ConstantsSharing.MOCK_UP) { if (ConstantsSharing.MOCK_UP) {
logger.trace("List Caller on debug mode"); logger.debug("List Caller on debug mode");
callers.add(new Caller(TypeCaller.role,"administrator")); callers.add(new Caller(TypeCaller.role,"administrator"));
callers.add(new Caller(TypeCaller.user,"lucio.lelii")); callers.add(new Caller(TypeCaller.user,"lucio.lelii"));
callers.add(new Caller(TypeCaller.role,"agent")); callers.add(new Caller(TypeCaller.role,"agent"));
@ -283,7 +286,10 @@ implements AuthManagerService {
else{ else{
//Get List service //Get List service
String username = aslSession.getUsername(); String username = aslSession.getUsername();
String token = authorizationService().generateUserToken(new UserInfo(username, new ArrayList<String>()), context); String token= authorizationService().resolveTokenByUserAndContext(username, context);
if (token==null)
token = authorizationService().generateUserToken(new UserInfo(username, new ArrayList<String>()), context);
//String token = authorizationService().generateUserToken(new UserInfo(username, new ArrayList<String>()), context);
SecurityTokenProvider.instance.set(token); SecurityTokenProvider.instance.set(token);
SimpleQuery query = queryFor(GCoreEndpoint.class); SimpleQuery query = queryFor(GCoreEndpoint.class);
@ -411,7 +417,10 @@ implements AuthManagerService {
List<Policy> policies = new ArrayList<Policy>(); List<Policy> policies = new ArrayList<Policy>();
//String token =aslSession.getSecurityToken(); //String token =aslSession.getSecurityToken();
String username = aslSession.getUsername(); String username = aslSession.getUsername();
String token = authorizationService().generateUserToken(new UserInfo(username, new ArrayList<String>()), context); String token= authorizationService().resolveTokenByUserAndContext(username, context);
if (token==null)
token = authorizationService().generateUserToken(new UserInfo(username, new ArrayList<String>()), context);
//String token = authorizationService().generateUserToken(new UserInfo(username, new ArrayList<String>()), context);
if (ConstantsSharing.DEBUG_MODE) { if (ConstantsSharing.DEBUG_MODE) {
token=ConstantsSharing.DEBUG_TOKEN; token=ConstantsSharing.DEBUG_TOKEN;
@ -490,7 +499,10 @@ implements AuthManagerService {
if (context==null) if (context==null)
context=aslSession.getScope(); context=aslSession.getScope();
String username = aslSession.getUsername(); String username = aslSession.getUsername();
String token = authorizationService().generateUserToken(new UserInfo(username, new ArrayList<String>()), context); String token= authorizationService().resolveTokenByUserAndContext(username, context);
if (token==null)
token = authorizationService().generateUserToken(new UserInfo(username, new ArrayList<String>()), context);
//String token = authorizationService().generateUserToken(new UserInfo(username, new ArrayList<String>()), context);
//String token =aslSession.getSecurityToken(); //String token =aslSession.getSecurityToken();