Added creation of new admin user
git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/information-system/resource-registry@146256 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
ecff48a91a
commit
1647e73e8d
|
@ -25,9 +25,11 @@ public abstract class SecurityContextMapper {
|
||||||
private static Logger logger = LoggerFactory
|
private static Logger logger = LoggerFactory
|
||||||
.getLogger(SecurityContextMapper.class);
|
.getLogger(SecurityContextMapper.class);
|
||||||
|
|
||||||
|
// Used to persist Schemas
|
||||||
public static final String ADMIN_SECURITY_CONTEXT = "00000000-0000-0000-0000-000000000000";
|
public static final String ADMIN_SECURITY_CONTEXT = "00000000-0000-0000-0000-000000000000";
|
||||||
public static final UUID ADMIN_SECURITY_CONTEXT_UUID = UUID.fromString(ADMIN_SECURITY_CONTEXT);
|
public static final UUID ADMIN_SECURITY_CONTEXT_UUID = UUID.fromString(ADMIN_SECURITY_CONTEXT);
|
||||||
|
|
||||||
|
// Used to Persist Context and thei relations
|
||||||
public static final String MANAGEMENT_SECURITY_CONTEXT = "ffffffff-ffff-ffff-ffff-ffffffffffff";
|
public static final String MANAGEMENT_SECURITY_CONTEXT = "ffffffff-ffff-ffff-ffff-ffffffffffff";
|
||||||
public static final UUID MANAGEMENT_SECURITY_CONTEXT_UUID = UUID.fromString(MANAGEMENT_SECURITY_CONTEXT);
|
public static final UUID MANAGEMENT_SECURITY_CONTEXT_UUID = UUID.fromString(MANAGEMENT_SECURITY_CONTEXT);
|
||||||
|
|
||||||
|
@ -39,13 +41,13 @@ public abstract class SecurityContextMapper {
|
||||||
|
|
||||||
logger.trace("Creating factory for {} connecting as {}",
|
logger.trace("Creating factory for {} connecting as {}",
|
||||||
DatabaseEnvironment.DB_URI,
|
DatabaseEnvironment.DB_URI,
|
||||||
DatabaseEnvironment.DEFAULT_ADMIN_USERNAME);
|
DatabaseEnvironment.CHANGED_ADMIN_USERNAME);
|
||||||
|
|
||||||
securityContextFactories = new HashMap<>();
|
securityContextFactories = new HashMap<>();
|
||||||
|
|
||||||
OrientGraphFactory factory = new OrientGraphFactory(
|
OrientGraphFactory factory = new OrientGraphFactory(
|
||||||
DatabaseEnvironment.DB_URI,
|
DatabaseEnvironment.DB_URI,
|
||||||
DatabaseEnvironment.DEFAULT_ADMIN_USERNAME,
|
DatabaseEnvironment.CHANGED_ADMIN_USERNAME,
|
||||||
DatabaseEnvironment.CHANGED_ADMIN_PASSWORD)
|
DatabaseEnvironment.CHANGED_ADMIN_PASSWORD)
|
||||||
.setupPool(1, 10);
|
.setupPool(1, 10);
|
||||||
|
|
||||||
|
@ -55,7 +57,7 @@ public abstract class SecurityContextMapper {
|
||||||
for (PermissionMode p : PermissionMode.values()) {
|
for (PermissionMode p : PermissionMode.values()) {
|
||||||
OrientGraphFactory f = new OrientGraphFactory(
|
OrientGraphFactory f = new OrientGraphFactory(
|
||||||
DatabaseEnvironment.DB_URI,
|
DatabaseEnvironment.DB_URI,
|
||||||
DatabaseEnvironment.DEFAULT_ADMIN_USERNAME,
|
DatabaseEnvironment.CHANGED_ADMIN_USERNAME,
|
||||||
DatabaseEnvironment.CHANGED_ADMIN_PASSWORD)
|
DatabaseEnvironment.CHANGED_ADMIN_PASSWORD)
|
||||||
.setupPool(1, 10);
|
.setupPool(1, 10);
|
||||||
|
|
||||||
|
|
|
@ -38,11 +38,22 @@ public class DatabaseEnvironment {
|
||||||
public static final String DB;
|
public static final String DB;
|
||||||
protected static final String DB_VARNAME = "DB";
|
protected static final String DB_VARNAME = "DB";
|
||||||
|
|
||||||
protected static final String USERNAME;
|
protected static final String ROOT_USERNAME;
|
||||||
protected static final String USERNAME_VARNAME = "USERNAME";
|
protected static final String ROOT_USERNAME_VARNAME = "ROOT_USERNAME";
|
||||||
|
|
||||||
protected static final String PASSWORD;
|
protected static final String ROOT_PASSWORD;
|
||||||
protected static final String PASSWORD_VARNAME = "PASSWORD";
|
protected static final String ROOT_PASSWORD_VARNAME = "ROOT_PASSWORD";
|
||||||
|
|
||||||
|
protected static final String DEFAULT_ADMIN_USERNAME;
|
||||||
|
protected static final String DEFAULT_ADMIN_USERNAME_VARNAME = "DEFAULT_ADMIN_USERNAME";
|
||||||
|
|
||||||
|
protected static final String DEFAULT_ADMIN_ROLE = "admin";
|
||||||
|
|
||||||
|
public static final String CHANGED_ADMIN_USERNAME;
|
||||||
|
protected static final String CHANGED_ADMIN_USERNAME_VARNAME = "CHANGED_ADMIN_USERNAME";
|
||||||
|
|
||||||
|
protected static final String DEFAULT_ADMIN_PASSWORD;
|
||||||
|
protected static final String DEFAULT_ADMIN_PASSWORD_VARNAME = "DEFAULT_ADMIN_PASSWORD";
|
||||||
|
|
||||||
public static final String CHANGED_ADMIN_PASSWORD;
|
public static final String CHANGED_ADMIN_PASSWORD;
|
||||||
protected static final String CHANGED_ADMIN_PASSWORD_VARNAME = "CHANGED_ADMIN_PASSWORD";
|
protected static final String CHANGED_ADMIN_PASSWORD_VARNAME = "CHANGED_ADMIN_PASSWORD";
|
||||||
|
@ -53,12 +64,6 @@ public class DatabaseEnvironment {
|
||||||
protected static final String DEFAULT_CREATED_READER_USER_PASSWORD;
|
protected static final String DEFAULT_CREATED_READER_USER_PASSWORD;
|
||||||
protected static final String DEFAULT_CREATED_READER_USER_PASSWORD_VARNAME = "DEFAULT_CREATED_READER_USER_PASSWORD";
|
protected static final String DEFAULT_CREATED_READER_USER_PASSWORD_VARNAME = "DEFAULT_CREATED_READER_USER_PASSWORD";
|
||||||
|
|
||||||
public static final String DEFAULT_ADMIN_USERNAME;
|
|
||||||
protected static final String DEFAULT_ADMIN_USERNAME_VARNAME = "DEFAULT_ADMIN_USERNAME";
|
|
||||||
|
|
||||||
protected static final String DEFAULT_ADMIN_PASSWORD;
|
|
||||||
protected static final String DEFAULT_ADMIN_PASSWORD_VARNAME = "DEFAULT_ADMIN_PASSWORD";
|
|
||||||
|
|
||||||
public static final Map<PermissionMode, String> DEFAULT_PASSWORDS;
|
public static final Map<PermissionMode, String> DEFAULT_PASSWORDS;
|
||||||
|
|
||||||
|
|
||||||
|
@ -93,11 +98,29 @@ public class DatabaseEnvironment {
|
||||||
SERVER_URI = REMOTE_PROTOCOL + HOSTS;
|
SERVER_URI = REMOTE_PROTOCOL + HOSTS;
|
||||||
DB_URI = SERVER_URI + "/" + DB;
|
DB_URI = SERVER_URI + "/" + DB;
|
||||||
|
|
||||||
USERNAME = properties.getProperty(USERNAME_VARNAME);
|
ROOT_USERNAME = properties.getProperty(ROOT_USERNAME_VARNAME);
|
||||||
PASSWORD = properties.getProperty(PASSWORD_VARNAME);
|
ROOT_PASSWORD = properties.getProperty(ROOT_PASSWORD_VARNAME);
|
||||||
|
|
||||||
|
|
||||||
|
String changedAdminUsername = null;
|
||||||
|
try {
|
||||||
|
changedAdminUsername = properties.getProperty(CHANGED_ADMIN_USERNAME_VARNAME);
|
||||||
|
if(changedAdminUsername==null){
|
||||||
|
// To be compliant with old configuration.properties which does not have
|
||||||
|
// CHANGED_ADMIN_USERNAME property we use the db name as admin username
|
||||||
|
changedAdminUsername = DB;
|
||||||
|
}
|
||||||
|
}catch (Exception e) {
|
||||||
|
// To be compliant with old configuration.properties which does not have
|
||||||
|
// CHANGED_ADMIN_USERNAME property we use the db name as admin username
|
||||||
|
changedAdminUsername = DB;
|
||||||
|
}
|
||||||
|
CHANGED_ADMIN_USERNAME = changedAdminUsername;
|
||||||
|
|
||||||
|
|
||||||
CHANGED_ADMIN_PASSWORD = properties.getProperty(CHANGED_ADMIN_PASSWORD_VARNAME);
|
CHANGED_ADMIN_PASSWORD = properties.getProperty(CHANGED_ADMIN_PASSWORD_VARNAME);
|
||||||
|
|
||||||
|
|
||||||
DEFAULT_CREATED_WRITER_USER_PASSWORD = properties.getProperty(DEFAULT_CREATED_WRITER_USER_PASSWORD_VARNAME);
|
DEFAULT_CREATED_WRITER_USER_PASSWORD = properties.getProperty(DEFAULT_CREATED_WRITER_USER_PASSWORD_VARNAME);
|
||||||
DEFAULT_CREATED_READER_USER_PASSWORD = properties.getProperty(DEFAULT_CREATED_READER_USER_PASSWORD_VARNAME);
|
DEFAULT_CREATED_READER_USER_PASSWORD = properties.getProperty(DEFAULT_CREATED_READER_USER_PASSWORD_VARNAME);
|
||||||
|
|
||||||
|
|
|
@ -16,6 +16,7 @@ import com.orientechnologies.orient.client.remote.OServerAdmin;
|
||||||
import com.orientechnologies.orient.core.metadata.OMetadata;
|
import com.orientechnologies.orient.core.metadata.OMetadata;
|
||||||
import com.orientechnologies.orient.core.metadata.schema.OClass;
|
import com.orientechnologies.orient.core.metadata.schema.OClass;
|
||||||
import com.orientechnologies.orient.core.metadata.schema.OSchema;
|
import com.orientechnologies.orient.core.metadata.schema.OSchema;
|
||||||
|
import com.orientechnologies.orient.core.metadata.security.ORole;
|
||||||
import com.orientechnologies.orient.core.metadata.security.OSecurity;
|
import com.orientechnologies.orient.core.metadata.security.OSecurity;
|
||||||
import com.orientechnologies.orient.core.metadata.security.OUser;
|
import com.orientechnologies.orient.core.metadata.security.OUser;
|
||||||
import com.tinkerpop.blueprints.impls.orient.OrientEdgeType;
|
import com.tinkerpop.blueprints.impls.orient.OrientEdgeType;
|
||||||
|
@ -45,10 +46,10 @@ public class DatabaseIntializator {
|
||||||
OLogManager.instance().setDebugEnabled(false);
|
OLogManager.instance().setDebugEnabled(false);
|
||||||
|
|
||||||
logger.trace("Connecting to {} as {} to create new DB",
|
logger.trace("Connecting to {} as {} to create new DB",
|
||||||
DatabaseEnvironment.SERVER_URI, DatabaseEnvironment.USERNAME);
|
DatabaseEnvironment.SERVER_URI, DatabaseEnvironment.ROOT_USERNAME);
|
||||||
OServerAdmin serverAdmin = new OServerAdmin(DatabaseEnvironment.SERVER_URI)
|
OServerAdmin serverAdmin = new OServerAdmin(DatabaseEnvironment.SERVER_URI)
|
||||||
.connect(DatabaseEnvironment.USERNAME,
|
.connect(DatabaseEnvironment.ROOT_USERNAME,
|
||||||
DatabaseEnvironment.PASSWORD);
|
DatabaseEnvironment.ROOT_PASSWORD);
|
||||||
|
|
||||||
if (!serverAdmin.existsDatabase(DatabaseEnvironment.DB, STORAGE_MODE)) {
|
if (!serverAdmin.existsDatabase(DatabaseEnvironment.DB, STORAGE_MODE)) {
|
||||||
|
|
||||||
|
@ -74,10 +75,19 @@ public class DatabaseIntializator {
|
||||||
|
|
||||||
logger.trace("Changing {} password",
|
logger.trace("Changing {} password",
|
||||||
DatabaseEnvironment.DEFAULT_ADMIN_USERNAME);
|
DatabaseEnvironment.DEFAULT_ADMIN_USERNAME);
|
||||||
|
|
||||||
OUser admin = oSecurity
|
OUser admin = oSecurity
|
||||||
.getUser(DatabaseEnvironment.DEFAULT_ADMIN_USERNAME);
|
.getUser(DatabaseEnvironment.DEFAULT_ADMIN_USERNAME);
|
||||||
admin.setPassword(DatabaseEnvironment.CHANGED_ADMIN_PASSWORD);
|
admin.setPassword(DatabaseEnvironment.CHANGED_ADMIN_PASSWORD);
|
||||||
admin.save();
|
admin.save();
|
||||||
|
|
||||||
|
|
||||||
|
logger.trace("Creating new admin named '{}'",
|
||||||
|
DatabaseEnvironment.CHANGED_ADMIN_USERNAME);
|
||||||
|
ORole adminRole = oSecurity.getRole(DatabaseEnvironment.DEFAULT_ADMIN_ROLE);
|
||||||
|
OUser newAdminUser = oSecurity.createUser(DatabaseEnvironment.CHANGED_ADMIN_USERNAME,
|
||||||
|
DatabaseEnvironment.CHANGED_ADMIN_PASSWORD, adminRole);
|
||||||
|
newAdminUser.save();
|
||||||
|
|
||||||
for (PermissionMode permissionMode : DatabaseEnvironment.DEFAULT_PASSWORDS
|
for (PermissionMode permissionMode : DatabaseEnvironment.DEFAULT_PASSWORDS
|
||||||
.keySet()) {
|
.keySet()) {
|
||||||
|
@ -103,7 +113,7 @@ public class DatabaseIntializator {
|
||||||
orientGraphNoTx.shutdown();
|
orientGraphNoTx.shutdown();
|
||||||
|
|
||||||
factory.close();
|
factory.close();
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -194,7 +194,7 @@ public class ContextManagementImplTest {
|
||||||
logger.debug("The DB should be now clean");
|
logger.debug("The DB should be now clean");
|
||||||
}
|
}
|
||||||
|
|
||||||
// @Test
|
@Test
|
||||||
public void createDevContext() throws Exception {
|
public void createDevContext() throws Exception {
|
||||||
String gcubeJson = contextManagementImpl.create(null, "gcube");
|
String gcubeJson = contextManagementImpl.create(null, "gcube");
|
||||||
Context gcubeContext = ISMapper.unmarshal(Context.class, gcubeJson);
|
Context gcubeContext = ISMapper.unmarshal(Context.class, gcubeJson);
|
||||||
|
|
|
@ -10,7 +10,7 @@
|
||||||
|
|
||||||
|
|
||||||
<logger name="org.gcube" level="INFO" />
|
<logger name="org.gcube" level="INFO" />
|
||||||
<logger name="org.gcube.informationsystem" level="DEBUG" />
|
<logger name="org.gcube.informationsystem" level="TRACE" />
|
||||||
|
|
||||||
<root level="WARN">
|
<root level="WARN">
|
||||||
<appender-ref ref="STDOUT" />
|
<appender-ref ref="STDOUT" />
|
||||||
|
|
Loading…
Reference in New Issue