Commit 2e81bce0 authored by Gradl, Tobias's avatar Gradl, Tobias
Browse files

374: Reflect user role in schema editor

Task-Url: https://home.tgradl.de/mantisbt/view.php?id=374
parent f2086d8e
......@@ -12,6 +12,10 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xs
<name>dariah-aai-web</name>
<url>http://maven.apache.org</url>
<packaging>jar</packaging>
<properties>
<eu.dariah.de.minfba.core-web.version>1.0.2-SNAPSHOT</eu.dariah.de.minfba.core-web.version>
</properties>
<dependencies>
<dependency>
......@@ -25,6 +29,12 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xs
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>eu.dariah.de.minfba.core</groupId>
<artifactId>core-web</artifactId>
<version>${eu.dariah.de.minfba.core-web.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
......
package de.dariah.aai.javasp.web.controller;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Hashtable;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.WebAuthenticationDetails;
import org.springframework.web.bind.annotation.ModelAttribute;
import de.dariah.aai.javasp.base.Role;
import de.dariah.aai.javasp.base.SimpleUserDetails;
import de.dariah.samlsp.model.pojo.AuthPojo;
import eu.dariah.de.minfba.core.web.controller.BaseTranslationController;
public abstract class BaseSecurityController extends BaseTranslationController {
public BaseSecurityController(String mainNavId) {
super(mainNavId);
}
@ModelAttribute("_auth")
public AuthPojo getAuth(HttpServletRequest request) {
return this.getCurrentUserDetails(request);
}
public int getUserId(HttpServletRequest request) {
AuthPojo user = getCurrentUserDetails(request);
if (user!=null) {
return user.getUserId();
} else {
return -1;
}
}
protected AuthPojo getCurrentUserDetails(HttpServletRequest request) {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth!=null && auth.isAuthenticated()==true) {
if (auth.getDetails()!=null && auth.getDetails() instanceof UserDetails) {
return this.getAuthFromUserDetails((UserDetails)auth.getDetails());
} else if (auth.getPrincipal()!=null && auth.getPrincipal() instanceof User) {
return this.handleLocalUser((User)auth.getPrincipal());
} else {
return this.handleAnonymousLocalUser(auth);
}
}
return new AuthPojo();
}
private AuthPojo getAuthFromUserDetails(UserDetails user) {
AuthPojo pojo = null;
if (user != null) {
pojo = new AuthPojo();
pojo.setAuth(true);
pojo.setDisplayName(user.getUsername());
pojo.setRoles(new ArrayList<String>());
if (user.getAuthorities()!=null) {
for (GrantedAuthority authority : user.getAuthorities()) {
pojo.getRoles().add(authority.getAuthority());
}
}
if (user instanceof SimpleUserDetails) {
pojo.setLevel(((SimpleUserDetails)user).getMaxAuthorityLevel());
pojo.setUserId(((SimpleUserDetails)user).getId());
}
}
return pojo;
}
private AuthPojo handleLocalUser(User user) {
AuthPojo pojo = null;
if (user!=null) {
pojo = new AuthPojo();
pojo.setAuth(true);
pojo.setDisplayName(user.getUsername());
pojo.setRoles(new ArrayList<String>());
if (user.getAuthorities()!=null) {
for (GrantedAuthority authority : user.getAuthorities()) {
pojo.getRoles().add(authority.getAuthority());
}
}
}
return pojo;
}
private AuthPojo handleAnonymousLocalUser(Authentication auth) {
AuthPojo pojo = new AuthPojo();
pojo.setAuth(true);
pojo.setDisplayName("Anonymous local user");
pojo.setRoles(new ArrayList<String>());
if (auth.getAuthorities()!=null) {
for (GrantedAuthority authority : auth.getAuthorities()) {
pojo.getRoles().add(authority.getAuthority());
}
}
return pojo;
}
}
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment