From 1f91fc7f0a42ebfec8a0f4063516c61a2ec6e209 Mon Sep 17 00:00:00 2001 From: jeb228 Date: Tue, 23 Nov 2010 19:55:05 +0000 Subject: [PATCH] NIHVIVO-1207 Change SelfEditingIdentifierFactory to enable self-editing whether internal or external. Move the logic for associating users with Individuals to SelfEditingConfiguration bean. --- .../FakeSelfEditingIdentifierFactory.java | 6 +- .../SelfEditingIdentifierFactory.java | 74 +++++++----- .../beans/SelfEditingConfiguration.java | 114 ++++++++++++++++++ .../webapp/controller/EntityController.java | 5 +- .../authenticate/ExternalAuthHelper.java | 37 +----- .../authenticate/LoginExternalAuthReturn.java | 5 +- .../freemarker/IndividualController.java | 5 +- 7 files changed, 173 insertions(+), 73 deletions(-) create mode 100644 webapp/src/edu/cornell/mannlib/vitro/webapp/beans/SelfEditingConfiguration.java diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/FakeSelfEditingIdentifierFactory.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/FakeSelfEditingIdentifierFactory.java index de53351e2..29b35564f 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/FakeSelfEditingIdentifierFactory.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/FakeSelfEditingIdentifierFactory.java @@ -9,7 +9,7 @@ import javax.servlet.http.HttpSession; import edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory.NetId; import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy; import edu.cornell.mannlib.vitro.webapp.beans.Individual; -import edu.cornell.mannlib.vitro.webapp.controller.authenticate.ExternalAuthHelper; +import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration; import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory; /** @@ -35,8 +35,8 @@ public class FakeSelfEditingIdentifierFactory implements IdentifierBundleFactory NetId netIdToken = new NetId(netid); ib.add(netIdToken); - ExternalAuthHelper helper = ExternalAuthHelper.getHelper(request); - String uri = helper.getIndividualUriFromNetId(wdf.getIndividualDao(), netid); + SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(request); + String uri = sec.getIndividualUriFromUsername(wdf.getIndividualDao(), netid); if( uri != null ){ Individual ind = wdf.getIndividualDao().getIndividualByURI(uri); if( ind != null ){ diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/SelfEditingIdentifierFactory.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/SelfEditingIdentifierFactory.java index 903072b60..f5ca427f9 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/SelfEditingIdentifierFactory.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/SelfEditingIdentifierFactory.java @@ -27,27 +27,19 @@ import com.hp.hpl.jena.rdf.model.Model; import com.hp.hpl.jena.rdf.model.RDFNode; import com.hp.hpl.jena.rdf.model.Resource; -import edu.cornell.mannlib.vitro.webapp.ConfigurationProperties; +import edu.cornell.mannlib.vedit.beans.LoginStatusBean; import edu.cornell.mannlib.vitro.webapp.beans.Individual; -import edu.cornell.mannlib.vitro.webapp.controller.authenticate.ExternalAuthHelper; +import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration; import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao; import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory; /** * Attempts to pull a NetId and a SelfEditing identifier from the externally * authorized username. - * - * @author bdc34, trashed by jeb228 */ public class SelfEditingIdentifierFactory implements IdentifierBundleFactory { private static final Log log = LogFactory.getLog(SelfEditingIdentifierFactory.class); - /** - * The configuration property that names the HTTP header that will hold the - * username from the external authorization system. - */ - private static final String PROPERTY_EXTERNAL_AUTH_HEADER_NAME = "externalAuth.headerName"; - private static final int MAXIMUM_USERNAME_LENGTH = 100; public IdentifierBundle getIdentifierBundle(ServletRequest request, @@ -60,48 +52,64 @@ public class SelfEditingIdentifierFactory implements IdentifierBundleFactory { log.debug("request is for " + req.getRequestURI()); NetId netId = figureNetId(req); - SelfEditing selfId = figureSelfEditingId(req, netId); + SelfEditing selfId = figureSelfEditingId(req); return buildIdentifierBundle(netId, selfId); } /** - * Get the name of the externally authorized user and put it into a NetId. + * If the user is externally authorized, create a NetId identifier. */ private NetId figureNetId(HttpServletRequest req) { - String externalAuthHeaderName = ConfigurationProperties.getProperty(PROPERTY_EXTERNAL_AUTH_HEADER_NAME); - if (isEmpty(externalAuthHeaderName)) { - log.debug(PROPERTY_EXTERNAL_AUTH_HEADER_NAME + " property is not configured."); + LoginStatusBean bean = LoginStatusBean.getBean(req); + String username = bean.getUsername(); + + if (!bean.isLoggedIn()) { + log.debug("No NetId: not logged in."); return null; } - - String externalUsername = req.getHeader(externalAuthHeaderName); - if (isEmpty(externalUsername)) { - log.debug("The external username is empty."); + + if (isEmpty(username)) { + log.debug("No NetId: username is empty."); return null; } - if (externalUsername.length() > MAXIMUM_USERNAME_LENGTH) { + + if (!bean.hasExternalAuthentication()) { + log.debug("No NetId: user '" + bean.getUsername() + + "' did not use external authentication."); + return null; + } + + if (username.length() > MAXIMUM_USERNAME_LENGTH) { log.info("The external username is longer than " + MAXIMUM_USERNAME_LENGTH + " chars; this may be a malicious request"); return null; } - return new NetId(externalUsername); + return new NetId(username); } /** - * If the externally authorized username is associated with an Individual in - * the model, create a SelfEditing identifier. + * If the authorized username is associated with an Individual in the model, + * create a SelfEditing identifier. */ - private SelfEditing figureSelfEditingId(HttpServletRequest request, - NetId netId) { - if (netId == null) { + private SelfEditing figureSelfEditingId(HttpServletRequest req) { + LoginStatusBean bean = LoginStatusBean.getBean(req); + String username = bean.getUsername(); + + if (!bean.isLoggedIn()) { + log.debug("No SelfEditing: not logged in."); return null; } - String username = netId.getValue(); - HttpSession session = request.getSession(false); + if (isEmpty(username)) { + log.debug("No SelfEditing: username is empty."); + return null; + } + + HttpSession session = req.getSession(false); if (session == null) { + log.debug("No SelfEditing: session is null."); return null; } @@ -114,17 +122,17 @@ public class SelfEditingIdentifierFactory implements IdentifierBundleFactory { } IndividualDao indDao = wdf.getIndividualDao(); - - ExternalAuthHelper helper = ExternalAuthHelper.getHelper(request); - String uri = helper.getIndividualUriFromNetId(indDao, username); + + SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(req); + String uri = sec.getIndividualUriFromUsername(indDao, username); if (uri == null) { - log.debug("could not find an Individual with a netId of " + log.debug("Could not find an Individual with a netId of " + username); } Individual ind = indDao.getIndividualByURI(uri); if (ind == null) { - log.warn("found a URI for the netId " + username + log.warn("Found a URI for the netId " + username + " but could not build Individual"); return null; } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/beans/SelfEditingConfiguration.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/beans/SelfEditingConfiguration.java new file mode 100644 index 000000000..7168995ca --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/beans/SelfEditingConfiguration.java @@ -0,0 +1,114 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.beans; + +import javax.servlet.ServletRequest; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpSession; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import edu.cornell.mannlib.vitro.webapp.ConfigurationProperties; +import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao; + +/** + * Holds the configuration properties used in Self-Editing, and some commonly + * used methods on those properties. + */ +public class SelfEditingConfiguration { + private static final Log log = LogFactory + .getLog(SelfEditingConfiguration.class); + + private static final String BEAN_ATTRIBUTE = SelfEditingConfiguration.class + .getName(); + + /** + * This configuration property tells us which data property on the + * Individual is used to associate it with a net ID. + */ + private static final String PROPERTY_SELF_EDITING_ID_MATCHING_PROPERTY = "selfEditing.idMatchingProperty"; + + // ---------------------------------------------------------------------- + // static methods + // ---------------------------------------------------------------------- + + /** + * If there is no session, create a bean on the fly. If there is a session, + * get the existing bean, or create one and store it for re-use. + * + * Never returns null. + */ + public static SelfEditingConfiguration getBean(ServletRequest request) { + if (!(request instanceof HttpServletRequest)) { + log.trace("Not an HttpServletRequest: " + request); + return buildBean(); + } + + HttpSession session = ((HttpServletRequest) request).getSession(false); + if (session == null) { + log.trace("No session; no need to create one."); + return buildBean(); + } + + Object attr = session.getAttribute(BEAN_ATTRIBUTE); + if (attr instanceof SelfEditingConfiguration) { + log.trace("Found a bean: " + attr); + return (SelfEditingConfiguration) attr; + } + + SelfEditingConfiguration bean = buildBean(); + log.debug("Created a bean: " + bean); + session.setAttribute(BEAN_ATTRIBUTE, bean); + return bean; + } + + private static SelfEditingConfiguration buildBean() { + String selfEditingIdMatchingProperty = ConfigurationProperties + .getProperty(PROPERTY_SELF_EDITING_ID_MATCHING_PROPERTY); + return new SelfEditingConfiguration(selfEditingIdMatchingProperty); + } + + // ---------------------------------------------------------------------- + // the bean + // ---------------------------------------------------------------------- + + private final String selfEditingIdMatchingProperty; + + public SelfEditingConfiguration(String selfEditingIdMatchingProperty) { + this.selfEditingIdMatchingProperty = trimThis(selfEditingIdMatchingProperty); + } + + private String trimThis(String string) { + if (string == null) { + return null; + } else { + return string.trim(); + } + } + + public String getIndividualUriFromUsername(IndividualDao indDao, + String username) { + if (indDao == null) { + return null; + } + if (username == null) { + return null; + } + if (selfEditingIdMatchingProperty == null) { + return null; + } + + String uri = indDao.getIndividualURIFromNetId(username, + selfEditingIdMatchingProperty); + log.debug("Username=" + username + ", individual URI=" + uri); + return uri; + } + + @Override + public String toString() { + return "SelfEditingConfiguration[selfEditingIdMatchingProperty=" + + selfEditingIdMatchingProperty + "]"; + } + +} diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/EntityController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/EntityController.java index 999401170..d626dac26 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/EntityController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/EntityController.java @@ -38,8 +38,8 @@ import edu.cornell.mannlib.vitro.webapp.beans.Individual; import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty; import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement; import edu.cornell.mannlib.vitro.webapp.beans.Portal; +import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration; import edu.cornell.mannlib.vitro.webapp.beans.VClass; -import edu.cornell.mannlib.vitro.webapp.controller.authenticate.ExternalAuthHelper; import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao; import edu.cornell.mannlib.vitro.webapp.dao.ObjectPropertyDao; import edu.cornell.mannlib.vitro.webapp.filestorage.model.FileInfo; @@ -389,7 +389,8 @@ public class EntityController extends VitroHttpServlet { if (netIdStr==null || netIdStr.equals("")) netIdStr = vreq.getParameter("netid"); if ( netIdStr != null ){ - uri = ExternalAuthHelper.getHelper(vreq).getIndividualUriFromNetId(iwDao, netIdStr); + SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(vreq); + uri = sec.getIndividualUriFromUsername(iwDao, netIdStr); return iwDao.getIndividualByURI(uri); } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/ExternalAuthHelper.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/ExternalAuthHelper.java index 10b308aea..bd71e1a6b 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/ExternalAuthHelper.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/ExternalAuthHelper.java @@ -26,7 +26,7 @@ public class ExternalAuthHelper { private static final Log log = LogFactory.getLog(ExternalAuthHelper.class); private static final ExternalAuthHelper DUMMY_HELPER = new ExternalAuthHelper( - null, null, null); + null, null); private static final String BEAN_ATTRIBUTE = ExternalAuthHelper.class .getName(); @@ -34,9 +34,6 @@ public class ExternalAuthHelper { /** This configuration property points to the external authorization server. */ private static final String PROPERTY_EXTERNAL_AUTH_SERVER_URL = "externalAuth.serverUrl"; - /** This configuration property says what ties an Individual to a NetID */ - private static final String PROPERTY_NETID_MATCHING_RELATION = "externalAuth.netidMatchingProperty"; - /** This configuration property says which HTTP header holds the username. */ public static final String PROPERTY_EXTERNAL_AUTH_USERNAME_HEADER = "externalAuth.headerName"; @@ -75,28 +72,24 @@ public class ExternalAuthHelper { } private static ExternalAuthHelper buildBean() { - String netidMatchingPropertyUri = ConfigurationProperties - .getProperty(PROPERTY_NETID_MATCHING_RELATION); String externalAuthServerUrl = ConfigurationProperties .getProperty(PROPERTY_EXTERNAL_AUTH_SERVER_URL); String externalAuthHeaderName = ConfigurationProperties .getProperty(PROPERTY_EXTERNAL_AUTH_USERNAME_HEADER); - return new ExternalAuthHelper(netidMatchingPropertyUri, - externalAuthServerUrl, externalAuthHeaderName); + return new ExternalAuthHelper(externalAuthServerUrl, + externalAuthHeaderName); } // ---------------------------------------------------------------------- // the bean // ---------------------------------------------------------------------- - private final String netidMatchingPropertyUri; private final String externalAuthServerUrl; private final String externalAuthHeaderName; - private ExternalAuthHelper(String netidMatchingPropertyUri, - String externalAuthServerUrl, String externalAuthHeaderName) { - this.netidMatchingPropertyUri = trimThis(netidMatchingPropertyUri); + private ExternalAuthHelper(String externalAuthServerUrl, + String externalAuthHeaderName) { this.externalAuthServerUrl = trimThis(externalAuthServerUrl); this.externalAuthHeaderName = trimThis(externalAuthHeaderName); } @@ -109,23 +102,6 @@ public class ExternalAuthHelper { } } - public String getIndividualUriFromNetId(IndividualDao indDao, String netId) { - if (indDao == null) { - return null; - } - if (netId == null) { - return null; - } - if (netidMatchingPropertyUri == null) { - return null; - } - - String uri = indDao.getIndividualURIFromNetId(netId, - netidMatchingPropertyUri); - log.debug("Netid=" + netId + ", individual URI=" + uri); - return uri; - } - public String buildExternalAuthRedirectUrl(String returnUrl) { if (returnUrl == null) { log.error("returnUrl is null."); @@ -170,8 +146,7 @@ public class ExternalAuthHelper { @Override public String toString() { - return "ExternalAuthHelper[netidMatchingPropertyUri=" - + netidMatchingPropertyUri + ", externalAuthServerUrl=" + return "ExternalAuthHelper[externalAuthServerUrl=" + externalAuthServerUrl + ", externalAuthHeaderName=" + externalAuthHeaderName + "]"; } diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java index 9be375c59..4ebd6b96b 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java @@ -14,6 +14,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource; +import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean; import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao; @@ -78,8 +79,8 @@ public class LoginExternalAuthReturn extends BaseLoginServlet { } IndividualDao indDao = new VitroRequest(req).getWebappDaoFactory() .getIndividualDao(); - return ExternalAuthHelper.getHelper(req).getIndividualUriFromNetId( - indDao, username); + return SelfEditingConfiguration.getBean(req) + .getIndividualUriFromUsername(indDao, username); } private void removeLoginProcessArtifacts(HttpServletRequest req) { diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/IndividualController.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/IndividualController.java index 8f067feca..fd17b01ed 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/IndividualController.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/IndividualController.java @@ -37,9 +37,9 @@ import edu.cornell.mannlib.vitro.webapp.beans.Individual; import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty; import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement; import edu.cornell.mannlib.vitro.webapp.beans.Portal; +import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration; import edu.cornell.mannlib.vitro.webapp.beans.VClass; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; -import edu.cornell.mannlib.vitro.webapp.controller.authenticate.ExternalAuthHelper; import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao; import edu.cornell.mannlib.vitro.webapp.dao.ObjectPropertyDao; import edu.cornell.mannlib.vitro.webapp.edit.n3editing.EditConfiguration; @@ -366,7 +366,8 @@ public class IndividualController extends FreemarkerHttpServlet { if (netIdStr==null || netIdStr.equals("")) netIdStr = vreq.getParameter("netid"); if ( netIdStr != null ){ - uri = ExternalAuthHelper.getHelper(vreq).getIndividualUriFromNetId(iwDao, netIdStr); + SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(vreq); + uri = sec.getIndividualUriFromUsername(iwDao, netIdStr); return iwDao.getIndividualByURI(uri); }