Added creation of new admin user

git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/information-system/resource-registry@146256 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
Luca Frosini 2017-03-22 08:49:16 +00:00
parent ecff48a91a
commit 1647e73e8d
5 changed files with 56 additions and 21 deletions

View File

@ -25,9 +25,11 @@ public abstract class SecurityContextMapper {
private static Logger logger = LoggerFactory private static Logger logger = LoggerFactory
.getLogger(SecurityContextMapper.class); .getLogger(SecurityContextMapper.class);
// Used to persist Schemas
public static final String ADMIN_SECURITY_CONTEXT = "00000000-0000-0000-0000-000000000000"; public static final String ADMIN_SECURITY_CONTEXT = "00000000-0000-0000-0000-000000000000";
public static final UUID ADMIN_SECURITY_CONTEXT_UUID = UUID.fromString(ADMIN_SECURITY_CONTEXT); public static final UUID ADMIN_SECURITY_CONTEXT_UUID = UUID.fromString(ADMIN_SECURITY_CONTEXT);
// Used to Persist Context and thei relations
public static final String MANAGEMENT_SECURITY_CONTEXT = "ffffffff-ffff-ffff-ffff-ffffffffffff"; public static final String MANAGEMENT_SECURITY_CONTEXT = "ffffffff-ffff-ffff-ffff-ffffffffffff";
public static final UUID MANAGEMENT_SECURITY_CONTEXT_UUID = UUID.fromString(MANAGEMENT_SECURITY_CONTEXT); public static final UUID MANAGEMENT_SECURITY_CONTEXT_UUID = UUID.fromString(MANAGEMENT_SECURITY_CONTEXT);
@ -39,13 +41,13 @@ public abstract class SecurityContextMapper {
logger.trace("Creating factory for {} connecting as {}", logger.trace("Creating factory for {} connecting as {}",
DatabaseEnvironment.DB_URI, DatabaseEnvironment.DB_URI,
DatabaseEnvironment.DEFAULT_ADMIN_USERNAME); DatabaseEnvironment.CHANGED_ADMIN_USERNAME);
securityContextFactories = new HashMap<>(); securityContextFactories = new HashMap<>();
OrientGraphFactory factory = new OrientGraphFactory( OrientGraphFactory factory = new OrientGraphFactory(
DatabaseEnvironment.DB_URI, DatabaseEnvironment.DB_URI,
DatabaseEnvironment.DEFAULT_ADMIN_USERNAME, DatabaseEnvironment.CHANGED_ADMIN_USERNAME,
DatabaseEnvironment.CHANGED_ADMIN_PASSWORD) DatabaseEnvironment.CHANGED_ADMIN_PASSWORD)
.setupPool(1, 10); .setupPool(1, 10);
@ -55,7 +57,7 @@ public abstract class SecurityContextMapper {
for (PermissionMode p : PermissionMode.values()) { for (PermissionMode p : PermissionMode.values()) {
OrientGraphFactory f = new OrientGraphFactory( OrientGraphFactory f = new OrientGraphFactory(
DatabaseEnvironment.DB_URI, DatabaseEnvironment.DB_URI,
DatabaseEnvironment.DEFAULT_ADMIN_USERNAME, DatabaseEnvironment.CHANGED_ADMIN_USERNAME,
DatabaseEnvironment.CHANGED_ADMIN_PASSWORD) DatabaseEnvironment.CHANGED_ADMIN_PASSWORD)
.setupPool(1, 10); .setupPool(1, 10);

View File

@ -38,11 +38,22 @@ public class DatabaseEnvironment {
public static final String DB; public static final String DB;
protected static final String DB_VARNAME = "DB"; protected static final String DB_VARNAME = "DB";
protected static final String USERNAME; protected static final String ROOT_USERNAME;
protected static final String USERNAME_VARNAME = "USERNAME"; protected static final String ROOT_USERNAME_VARNAME = "ROOT_USERNAME";
protected static final String PASSWORD; protected static final String ROOT_PASSWORD;
protected static final String PASSWORD_VARNAME = "PASSWORD"; protected static final String ROOT_PASSWORD_VARNAME = "ROOT_PASSWORD";
protected static final String DEFAULT_ADMIN_USERNAME;
protected static final String DEFAULT_ADMIN_USERNAME_VARNAME = "DEFAULT_ADMIN_USERNAME";
protected static final String DEFAULT_ADMIN_ROLE = "admin";
public static final String CHANGED_ADMIN_USERNAME;
protected static final String CHANGED_ADMIN_USERNAME_VARNAME = "CHANGED_ADMIN_USERNAME";
protected static final String DEFAULT_ADMIN_PASSWORD;
protected static final String DEFAULT_ADMIN_PASSWORD_VARNAME = "DEFAULT_ADMIN_PASSWORD";
public static final String CHANGED_ADMIN_PASSWORD; public static final String CHANGED_ADMIN_PASSWORD;
protected static final String CHANGED_ADMIN_PASSWORD_VARNAME = "CHANGED_ADMIN_PASSWORD"; protected static final String CHANGED_ADMIN_PASSWORD_VARNAME = "CHANGED_ADMIN_PASSWORD";
@ -53,12 +64,6 @@ public class DatabaseEnvironment {
protected static final String DEFAULT_CREATED_READER_USER_PASSWORD; protected static final String DEFAULT_CREATED_READER_USER_PASSWORD;
protected static final String DEFAULT_CREATED_READER_USER_PASSWORD_VARNAME = "DEFAULT_CREATED_READER_USER_PASSWORD"; protected static final String DEFAULT_CREATED_READER_USER_PASSWORD_VARNAME = "DEFAULT_CREATED_READER_USER_PASSWORD";
public static final String DEFAULT_ADMIN_USERNAME;
protected static final String DEFAULT_ADMIN_USERNAME_VARNAME = "DEFAULT_ADMIN_USERNAME";
protected static final String DEFAULT_ADMIN_PASSWORD;
protected static final String DEFAULT_ADMIN_PASSWORD_VARNAME = "DEFAULT_ADMIN_PASSWORD";
public static final Map<PermissionMode, String> DEFAULT_PASSWORDS; public static final Map<PermissionMode, String> DEFAULT_PASSWORDS;
@ -93,11 +98,29 @@ public class DatabaseEnvironment {
SERVER_URI = REMOTE_PROTOCOL + HOSTS; SERVER_URI = REMOTE_PROTOCOL + HOSTS;
DB_URI = SERVER_URI + "/" + DB; DB_URI = SERVER_URI + "/" + DB;
USERNAME = properties.getProperty(USERNAME_VARNAME); ROOT_USERNAME = properties.getProperty(ROOT_USERNAME_VARNAME);
PASSWORD = properties.getProperty(PASSWORD_VARNAME); ROOT_PASSWORD = properties.getProperty(ROOT_PASSWORD_VARNAME);
String changedAdminUsername = null;
try {
changedAdminUsername = properties.getProperty(CHANGED_ADMIN_USERNAME_VARNAME);
if(changedAdminUsername==null){
// To be compliant with old configuration.properties which does not have
// CHANGED_ADMIN_USERNAME property we use the db name as admin username
changedAdminUsername = DB;
}
}catch (Exception e) {
// To be compliant with old configuration.properties which does not have
// CHANGED_ADMIN_USERNAME property we use the db name as admin username
changedAdminUsername = DB;
}
CHANGED_ADMIN_USERNAME = changedAdminUsername;
CHANGED_ADMIN_PASSWORD = properties.getProperty(CHANGED_ADMIN_PASSWORD_VARNAME); CHANGED_ADMIN_PASSWORD = properties.getProperty(CHANGED_ADMIN_PASSWORD_VARNAME);
DEFAULT_CREATED_WRITER_USER_PASSWORD = properties.getProperty(DEFAULT_CREATED_WRITER_USER_PASSWORD_VARNAME); DEFAULT_CREATED_WRITER_USER_PASSWORD = properties.getProperty(DEFAULT_CREATED_WRITER_USER_PASSWORD_VARNAME);
DEFAULT_CREATED_READER_USER_PASSWORD = properties.getProperty(DEFAULT_CREATED_READER_USER_PASSWORD_VARNAME); DEFAULT_CREATED_READER_USER_PASSWORD = properties.getProperty(DEFAULT_CREATED_READER_USER_PASSWORD_VARNAME);

View File

@ -16,6 +16,7 @@ import com.orientechnologies.orient.client.remote.OServerAdmin;
import com.orientechnologies.orient.core.metadata.OMetadata; import com.orientechnologies.orient.core.metadata.OMetadata;
import com.orientechnologies.orient.core.metadata.schema.OClass; import com.orientechnologies.orient.core.metadata.schema.OClass;
import com.orientechnologies.orient.core.metadata.schema.OSchema; import com.orientechnologies.orient.core.metadata.schema.OSchema;
import com.orientechnologies.orient.core.metadata.security.ORole;
import com.orientechnologies.orient.core.metadata.security.OSecurity; import com.orientechnologies.orient.core.metadata.security.OSecurity;
import com.orientechnologies.orient.core.metadata.security.OUser; import com.orientechnologies.orient.core.metadata.security.OUser;
import com.tinkerpop.blueprints.impls.orient.OrientEdgeType; import com.tinkerpop.blueprints.impls.orient.OrientEdgeType;
@ -45,10 +46,10 @@ public class DatabaseIntializator {
OLogManager.instance().setDebugEnabled(false); OLogManager.instance().setDebugEnabled(false);
logger.trace("Connecting to {} as {} to create new DB", logger.trace("Connecting to {} as {} to create new DB",
DatabaseEnvironment.SERVER_URI, DatabaseEnvironment.USERNAME); DatabaseEnvironment.SERVER_URI, DatabaseEnvironment.ROOT_USERNAME);
OServerAdmin serverAdmin = new OServerAdmin(DatabaseEnvironment.SERVER_URI) OServerAdmin serverAdmin = new OServerAdmin(DatabaseEnvironment.SERVER_URI)
.connect(DatabaseEnvironment.USERNAME, .connect(DatabaseEnvironment.ROOT_USERNAME,
DatabaseEnvironment.PASSWORD); DatabaseEnvironment.ROOT_PASSWORD);
if (!serverAdmin.existsDatabase(DatabaseEnvironment.DB, STORAGE_MODE)) { if (!serverAdmin.existsDatabase(DatabaseEnvironment.DB, STORAGE_MODE)) {
@ -74,10 +75,19 @@ public class DatabaseIntializator {
logger.trace("Changing {} password", logger.trace("Changing {} password",
DatabaseEnvironment.DEFAULT_ADMIN_USERNAME); DatabaseEnvironment.DEFAULT_ADMIN_USERNAME);
OUser admin = oSecurity OUser admin = oSecurity
.getUser(DatabaseEnvironment.DEFAULT_ADMIN_USERNAME); .getUser(DatabaseEnvironment.DEFAULT_ADMIN_USERNAME);
admin.setPassword(DatabaseEnvironment.CHANGED_ADMIN_PASSWORD); admin.setPassword(DatabaseEnvironment.CHANGED_ADMIN_PASSWORD);
admin.save(); admin.save();
logger.trace("Creating new admin named '{}'",
DatabaseEnvironment.CHANGED_ADMIN_USERNAME);
ORole adminRole = oSecurity.getRole(DatabaseEnvironment.DEFAULT_ADMIN_ROLE);
OUser newAdminUser = oSecurity.createUser(DatabaseEnvironment.CHANGED_ADMIN_USERNAME,
DatabaseEnvironment.CHANGED_ADMIN_PASSWORD, adminRole);
newAdminUser.save();
for (PermissionMode permissionMode : DatabaseEnvironment.DEFAULT_PASSWORDS for (PermissionMode permissionMode : DatabaseEnvironment.DEFAULT_PASSWORDS
.keySet()) { .keySet()) {
@ -103,7 +113,7 @@ public class DatabaseIntializator {
orientGraphNoTx.shutdown(); orientGraphNoTx.shutdown();
factory.close(); factory.close();
return true; return true;
} }

View File

@ -194,7 +194,7 @@ public class ContextManagementImplTest {
logger.debug("The DB should be now clean"); logger.debug("The DB should be now clean");
} }
// @Test @Test
public void createDevContext() throws Exception { public void createDevContext() throws Exception {
String gcubeJson = contextManagementImpl.create(null, "gcube"); String gcubeJson = contextManagementImpl.create(null, "gcube");
Context gcubeContext = ISMapper.unmarshal(Context.class, gcubeJson); Context gcubeContext = ISMapper.unmarshal(Context.class, gcubeJson);

View File

@ -10,7 +10,7 @@
<logger name="org.gcube" level="INFO" /> <logger name="org.gcube" level="INFO" />
<logger name="org.gcube.informationsystem" level="DEBUG" /> <logger name="org.gcube.informationsystem" level="TRACE" />
<root level="WARN"> <root level="WARN">
<appender-ref ref="STDOUT" /> <appender-ref ref="STDOUT" />