NIHVIVO-1207 Change SelfEditingIdentifierFactory to enable self-editing whether internal or external. Move the logic for associating users with Individuals to SelfEditingConfiguration bean.

webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/FakeSelfEditingIdentifierFactory.java

@@ -9,7 +9,7 @@ import javax.servlet.http.HttpSession;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory.NetId;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy;
 import edu.cornell.mannlib.vitro.webapp.beans.Individual;
-import edu.cornell.mannlib.vitro.webapp.controller.authenticate.ExternalAuthHelper;
+import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
 import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
 
 /** 
@@ -35,8 +35,8 @@ public class FakeSelfEditingIdentifierFactory implements IdentifierBundleFactory
             NetId netIdToken = new NetId(netid);
             ib.add(netIdToken);
             
-        	ExternalAuthHelper helper = ExternalAuthHelper.getHelper(request);
+    		SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(request);
-			String uri = helper.getIndividualUriFromNetId(wdf.getIndividualDao(), netid);
+    		String uri = sec.getIndividualUriFromUsername(wdf.getIndividualDao(), netid);
             if( uri != null ){        
                 Individual ind = wdf.getIndividualDao().getIndividualByURI(uri);
                 if( ind != null ){        

webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/SelfEditingIdentifierFactory.java

@@ -27,27 +27,19 @@ import com.hp.hpl.jena.rdf.model.Model;
 import com.hp.hpl.jena.rdf.model.RDFNode;
 import com.hp.hpl.jena.rdf.model.Resource;
 
-import edu.cornell.mannlib.vitro.webapp.ConfigurationProperties;
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
 import edu.cornell.mannlib.vitro.webapp.beans.Individual;
-import edu.cornell.mannlib.vitro.webapp.controller.authenticate.ExternalAuthHelper;
+import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
 import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
 import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
 
 /**
  * Attempts to pull a NetId and a SelfEditing identifier from the externally
  * authorized username.
- * 
- * @author bdc34, trashed by jeb228
  */
 public class SelfEditingIdentifierFactory implements IdentifierBundleFactory {
 	private static final Log log = LogFactory.getLog(SelfEditingIdentifierFactory.class);
 	
-	/**
-	 * The configuration property that names the HTTP header that will hold the
-	 * username from the external authorization system.
-	 */
-	private static final String PROPERTY_EXTERNAL_AUTH_HEADER_NAME = "externalAuth.headerName";
-
 	private static final int MAXIMUM_USERNAME_LENGTH = 100;
 	
 	public IdentifierBundle getIdentifierBundle(ServletRequest request,
@@ -60,48 +52,64 @@ public class SelfEditingIdentifierFactory implements IdentifierBundleFactory {
 		log.debug("request is for " + req.getRequestURI());
 		
 		NetId netId = figureNetId(req);
-		SelfEditing selfId = figureSelfEditingId(req, netId);
+		SelfEditing selfId = figureSelfEditingId(req);
 		
 		return buildIdentifierBundle(netId, selfId);
 	}
 
 	/**
-	 * Get the name of the externally authorized user and put it into a NetId.
+	 * If the user is externally authorized, create a NetId identifier.
 	 */
 	private NetId figureNetId(HttpServletRequest req) {
-		String externalAuthHeaderName = ConfigurationProperties.getProperty(PROPERTY_EXTERNAL_AUTH_HEADER_NAME);
+		LoginStatusBean bean = LoginStatusBean.getBean(req);
-		if (isEmpty(externalAuthHeaderName)) {
+		String username = bean.getUsername();
-			log.debug(PROPERTY_EXTERNAL_AUTH_HEADER_NAME + " property is not configured.");
+		
+		if (!bean.isLoggedIn()) {
+			log.debug("No NetId: not logged in.");
 			return null;
 		}
 		
-		String externalUsername = req.getHeader(externalAuthHeaderName);
+		if (isEmpty(username)) {
-		if (isEmpty(externalUsername)) {
+			log.debug("No NetId: username is empty.");
-			log.debug("The external username is empty.");
 			return null;
 		}
-		if (externalUsername.length() > MAXIMUM_USERNAME_LENGTH) {
+		
+		if (!bean.hasExternalAuthentication()) {
+			log.debug("No NetId: user '" + bean.getUsername() +
+			"' did not use external authentication.");
+			return null;
+		}
+		
+		if (username.length() > MAXIMUM_USERNAME_LENGTH) {
 			log.info("The external username is longer than " + MAXIMUM_USERNAME_LENGTH
 					+ " chars; this may be a malicious request");
 			return null;
 		}
 		
-		return new NetId(externalUsername);
+		return new NetId(username);
 	}
 
 	/**
-	 * If the externally authorized username is associated with an Individual in
+	 * If the authorized username is associated with an Individual in the model,
-	 * the model, create a SelfEditing identifier.
+	 * create a SelfEditing identifier.
 	 */
-	private SelfEditing figureSelfEditingId(HttpServletRequest request,
+	private SelfEditing figureSelfEditingId(HttpServletRequest req) {
-			NetId netId) {
+		LoginStatusBean bean = LoginStatusBean.getBean(req);
-		if (netId == null) {
+		String username = bean.getUsername();
+
+		if (!bean.isLoggedIn()) {
+			log.debug("No SelfEditing: not logged in.");
 			return null;
 		}
-		String username = netId.getValue();
 
-		HttpSession session = request.getSession(false);
+		if (isEmpty(username)) {
+			log.debug("No SelfEditing: username is empty.");
+			return null;
+		}
+
+		HttpSession session = req.getSession(false);
 		if (session == null) {
+			log.debug("No SelfEditing: session is null.");
 			return null;
 		}
 
@@ -115,16 +123,16 @@ public class SelfEditingIdentifierFactory implements IdentifierBundleFactory {
 
 		IndividualDao indDao = wdf.getIndividualDao();
 
-		ExternalAuthHelper helper = ExternalAuthHelper.getHelper(request);
+		SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(req);
-		String uri = helper.getIndividualUriFromNetId(indDao, username);
+		String uri = sec.getIndividualUriFromUsername(indDao, username);
 		if (uri == null) {
-			log.debug("could not find an Individual with a netId of "
+			log.debug("Could not find an Individual with a netId of "
 					+ username);
 		}
 
 		Individual ind = indDao.getIndividualByURI(uri);
 		if (ind == null) {
-			log.warn("found a URI for the netId " + username
+			log.warn("Found a URI for the netId " + username
 					+ " but could not build Individual");
 			return null;
 		}

webapp/src/edu/cornell/mannlib/vitro/webapp/beans/SelfEditingConfiguration.java

@@ -0,0 +1,114 @@
+/* $This file is distributed under the terms of the license in /doc/license.txt$ */
+
+package edu.cornell.mannlib.vitro.webapp.beans;
+
+import javax.servlet.ServletRequest;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import edu.cornell.mannlib.vitro.webapp.ConfigurationProperties;
+import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
+
+/**
+ * Holds the configuration properties used in Self-Editing, and some commonly
+ * used methods on those properties.
+ */
+public class SelfEditingConfiguration {
+	private static final Log log = LogFactory
+			.getLog(SelfEditingConfiguration.class);
+
+	private static final String BEAN_ATTRIBUTE = SelfEditingConfiguration.class
+			.getName();
+
+	/**
+	 * This configuration property tells us which data property on the
+	 * Individual is used to associate it with a net ID.
+	 */
+	private static final String PROPERTY_SELF_EDITING_ID_MATCHING_PROPERTY = "selfEditing.idMatchingProperty";
+
+	// ----------------------------------------------------------------------
+	// static methods
+	// ----------------------------------------------------------------------
+
+	/**
+	 * If there is no session, create a bean on the fly. If there is a session,
+	 * get the existing bean, or create one and store it for re-use.
+	 * 
+	 * Never returns null.
+	 */
+	public static SelfEditingConfiguration getBean(ServletRequest request) {
+		if (!(request instanceof HttpServletRequest)) {
+			log.trace("Not an HttpServletRequest: " + request);
+			return buildBean();
+		}
+
+		HttpSession session = ((HttpServletRequest) request).getSession(false);
+		if (session == null) {
+			log.trace("No session; no need to create one.");
+			return buildBean();
+		}
+
+		Object attr = session.getAttribute(BEAN_ATTRIBUTE);
+		if (attr instanceof SelfEditingConfiguration) {
+			log.trace("Found a bean: " + attr);
+			return (SelfEditingConfiguration) attr;
+		}
+
+		SelfEditingConfiguration bean = buildBean();
+		log.debug("Created a bean: " + bean);
+		session.setAttribute(BEAN_ATTRIBUTE, bean);
+		return bean;
+	}
+
+	private static SelfEditingConfiguration buildBean() {
+		String selfEditingIdMatchingProperty = ConfigurationProperties
+				.getProperty(PROPERTY_SELF_EDITING_ID_MATCHING_PROPERTY);
+		return new SelfEditingConfiguration(selfEditingIdMatchingProperty);
+	}
+
+	// ----------------------------------------------------------------------
+	// the bean
+	// ----------------------------------------------------------------------
+
+	private final String selfEditingIdMatchingProperty;
+
+	public SelfEditingConfiguration(String selfEditingIdMatchingProperty) {
+		this.selfEditingIdMatchingProperty = trimThis(selfEditingIdMatchingProperty);
+	}
+
+	private String trimThis(String string) {
+		if (string == null) {
+			return null;
+		} else {
+			return string.trim();
+		}
+	}
+
+	public String getIndividualUriFromUsername(IndividualDao indDao,
+			String username) {
+		if (indDao == null) {
+			return null;
+		}
+		if (username == null) {
+			return null;
+		}
+		if (selfEditingIdMatchingProperty == null) {
+			return null;
+		}
+
+		String uri = indDao.getIndividualURIFromNetId(username,
+				selfEditingIdMatchingProperty);
+		log.debug("Username=" + username + ", individual URI=" + uri);
+		return uri;
+	}
+
+	@Override
+	public String toString() {
+		return "SelfEditingConfiguration[selfEditingIdMatchingProperty="
+				+ selfEditingIdMatchingProperty + "]";
+	}
+
+}

webapp/src/edu/cornell/mannlib/vitro/webapp/controller/EntityController.java

@@ -38,8 +38,8 @@ import edu.cornell.mannlib.vitro.webapp.beans.Individual;
 import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
 import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement;
 import edu.cornell.mannlib.vitro.webapp.beans.Portal;
+import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
 import edu.cornell.mannlib.vitro.webapp.beans.VClass;
-import edu.cornell.mannlib.vitro.webapp.controller.authenticate.ExternalAuthHelper;
 import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
 import edu.cornell.mannlib.vitro.webapp.dao.ObjectPropertyDao;
 import edu.cornell.mannlib.vitro.webapp.filestorage.model.FileInfo;
@@ -389,7 +389,8 @@ public class EntityController extends VitroHttpServlet {
         if (netIdStr==null || netIdStr.equals(""))
             netIdStr = vreq.getParameter("netid");
         if ( netIdStr != null ){
-        	uri = ExternalAuthHelper.getHelper(vreq).getIndividualUriFromNetId(iwDao, netIdStr);
+    		SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(vreq);
+    		uri = sec.getIndividualUriFromUsername(iwDao, netIdStr);
         	return iwDao.getIndividualByURI(uri);
         }
 

webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/ExternalAuthHelper.java

@@ -26,7 +26,7 @@ public class ExternalAuthHelper {
 	private static final Log log = LogFactory.getLog(ExternalAuthHelper.class);
 
 	private static final ExternalAuthHelper DUMMY_HELPER = new ExternalAuthHelper(
-			null, null, null);
+			null, null);
 
 	private static final String BEAN_ATTRIBUTE = ExternalAuthHelper.class
 			.getName();
@@ -34,9 +34,6 @@ public class ExternalAuthHelper {
 	/** This configuration property points to the external authorization server. */
 	private static final String PROPERTY_EXTERNAL_AUTH_SERVER_URL = "externalAuth.serverUrl";
 
-	/** This configuration property says what ties an Individual to a NetID */
-	private static final String PROPERTY_NETID_MATCHING_RELATION = "externalAuth.netidMatchingProperty";
-
 	/** This configuration property says which HTTP header holds the username. */
 	public static final String PROPERTY_EXTERNAL_AUTH_USERNAME_HEADER = "externalAuth.headerName";
 
@@ -75,28 +72,24 @@ public class ExternalAuthHelper {
 	}
 
 	private static ExternalAuthHelper buildBean() {
-		String netidMatchingPropertyUri = ConfigurationProperties
-				.getProperty(PROPERTY_NETID_MATCHING_RELATION);
 		String externalAuthServerUrl = ConfigurationProperties
 				.getProperty(PROPERTY_EXTERNAL_AUTH_SERVER_URL);
 		String externalAuthHeaderName = ConfigurationProperties
 				.getProperty(PROPERTY_EXTERNAL_AUTH_USERNAME_HEADER);
 
-		return new ExternalAuthHelper(netidMatchingPropertyUri,
+		return new ExternalAuthHelper(externalAuthServerUrl,
-				externalAuthServerUrl, externalAuthHeaderName);
+				externalAuthHeaderName);
 	}
 
 	// ----------------------------------------------------------------------
 	// the bean
 	// ----------------------------------------------------------------------
 
-	private final String netidMatchingPropertyUri;
 	private final String externalAuthServerUrl;
 	private final String externalAuthHeaderName;
 
-	private ExternalAuthHelper(String netidMatchingPropertyUri,
+	private ExternalAuthHelper(String externalAuthServerUrl,
-			String externalAuthServerUrl, String externalAuthHeaderName) {
+			String externalAuthHeaderName) {
-		this.netidMatchingPropertyUri = trimThis(netidMatchingPropertyUri);
 		this.externalAuthServerUrl = trimThis(externalAuthServerUrl);
 		this.externalAuthHeaderName = trimThis(externalAuthHeaderName);
 	}
@@ -109,23 +102,6 @@ public class ExternalAuthHelper {
 		}
 	}
 
-	public String getIndividualUriFromNetId(IndividualDao indDao, String netId) {
-		if (indDao == null) {
-			return null;
-		}
-		if (netId == null) {
-			return null;
-		}
-		if (netidMatchingPropertyUri == null) {
-			return null;
-		}
-
-		String uri = indDao.getIndividualURIFromNetId(netId,
-				netidMatchingPropertyUri);
-		log.debug("Netid=" + netId + ", individual URI=" + uri);
-		return uri;
-	}
-
 	public String buildExternalAuthRedirectUrl(String returnUrl) {
 		if (returnUrl == null) {
 			log.error("returnUrl is null.");
@@ -170,8 +146,7 @@ public class ExternalAuthHelper {
 
 	@Override
 	public String toString() {
-		return "ExternalAuthHelper[netidMatchingPropertyUri="
+		return "ExternalAuthHelper[externalAuthServerUrl="
-				+ netidMatchingPropertyUri + ", externalAuthServerUrl="
 				+ externalAuthServerUrl + ", externalAuthHeaderName="
 				+ externalAuthHeaderName + "]";
 	}

webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java

@@ -14,6 +14,7 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
 import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
+import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
 import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean;
 import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
@@ -78,8 +79,8 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
 		}
 		IndividualDao indDao = new VitroRequest(req).getWebappDaoFactory()
 				.getIndividualDao();
-		return ExternalAuthHelper.getHelper(req).getIndividualUriFromNetId(
+		return SelfEditingConfiguration.getBean(req)
-				indDao, username);
+				.getIndividualUriFromUsername(indDao, username);
 	}
 
 	private void removeLoginProcessArtifacts(HttpServletRequest req) {

webapp/src/edu/cornell/mannlib/vitro/webapp/controller/freemarker/IndividualController.java

@@ -37,9 +37,9 @@ import edu.cornell.mannlib.vitro.webapp.beans.Individual;
 import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
 import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement;
 import edu.cornell.mannlib.vitro.webapp.beans.Portal;
+import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
 import edu.cornell.mannlib.vitro.webapp.beans.VClass;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
-import edu.cornell.mannlib.vitro.webapp.controller.authenticate.ExternalAuthHelper;
 import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
 import edu.cornell.mannlib.vitro.webapp.dao.ObjectPropertyDao;
 import edu.cornell.mannlib.vitro.webapp.edit.n3editing.EditConfiguration;
@@ -366,7 +366,8 @@ public class IndividualController extends FreemarkerHttpServlet {
         if (netIdStr==null || netIdStr.equals(""))
             netIdStr = vreq.getParameter("netid");
         if ( netIdStr != null ){
-        	uri = ExternalAuthHelper.getHelper(vreq).getIndividualUriFromNetId(iwDao, netIdStr);
+    		SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(vreq);
+    		uri = sec.getIndividualUriFromUsername(iwDao, netIdStr);
             return iwDao.getIndividualByURI(uri);
         }