From 49ff09b9d41d82f7e2e6eb46aa917cba552b7993 Mon Sep 17 00:00:00 2001 From: jeb228 Date: Tue, 30 Nov 2010 22:45:31 +0000 Subject: [PATCH] NIHVIVO-1430 Fix the Login redirector and associated classes to recognize 2 types of association: by SelfEditingConfig and by MayEditAs --- .../authenticate/Authenticator.java | 11 +-- .../authenticate/BasicAuthenticator.java | 97 ++++++++++++++----- .../authenticate/LoginExternalAuthReturn.java | 11 ++- .../authenticate/LoginRedirector.java | 17 +++- .../authenticate/AuthenticatorStub.java | 24 ++--- 5 files changed, 108 insertions(+), 52 deletions(-) diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/Authenticator.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/Authenticator.java index 03b434180..9cb52a7c5 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/Authenticator.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/Authenticator.java @@ -67,15 +67,10 @@ public abstract class Authenticator { public abstract User getUserByUsername(String username); /** - * Get the URI of the individual associated with this user, or null if no - * such Individual exists. + * Get the URIs of all individuals associated with this user, whether by a + * self-editing property like cornellEmailNetid, or by mayEditAs. */ - public abstract String getAssociatedIndividualUri(String username); - - /** - * Get a list of URIs of the people that this user is allowed to edit. - */ - public abstract List asWhomMayThisUserEdit(String username); + public abstract List getAssociatedIndividualUris(String username); /** * Record a new password for the user. diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java index ebf7f1a49..d31525acb 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java @@ -2,6 +2,7 @@ package edu.cornell.mannlib.vitro.webapp.controller.authenticate; +import java.util.ArrayList; import java.util.Collections; import java.util.Date; import java.util.List; @@ -20,7 +21,6 @@ import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource; import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole; import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration; import edu.cornell.mannlib.vitro.webapp.beans.User; -import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; import edu.cornell.mannlib.vitro.webapp.controller.edit.Authenticate; import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao; import edu.cornell.mannlib.vitro.webapp.dao.UserDao; @@ -50,7 +50,7 @@ public class BasicAuthenticator extends Authenticator { @Override public User getUserByUsername(String username) { - UserDao userDao = getUserDao(request); + UserDao userDao = getUserDao(); if (userDao == null) { return null; } @@ -59,7 +59,7 @@ public class BasicAuthenticator extends Authenticator { @Override public boolean isCurrentPassword(String username, String clearTextPassword) { - User user = getUserDao(request).getUserByUsername(username); + User user = getUserDao().getUserByUsername(username); if (user == null) { log.trace("Checking password '" + clearTextPassword + "' for user '" + username + "', but user doesn't exist."); @@ -81,7 +81,7 @@ public class BasicAuthenticator extends Authenticator { } user.setOldPassword(user.getMd5password()); user.setMd5password(Authenticate.applyMd5Encoding(newClearTextPassword)); - getUserDao(request).updateUser(user); + getUserDao().updateUser(user); } @Override @@ -133,7 +133,7 @@ public class BasicAuthenticator extends Authenticator { if (user.getFirstTime() == null) { // first login user.setFirstTime(new Date()); } - getUserDao(request).updateUser(user); + getUserDao().updateUser(user); } /** @@ -200,20 +200,38 @@ public class BasicAuthenticator extends Authenticator { } @Override - public String getAssociatedIndividualUri(String username) { - IndividualDao iDao = new VitroRequest(request).getWebappDaoFactory() - .getIndividualDao(); - return SelfEditingConfiguration.getBean(request) - .getIndividualUriFromUsername(iDao, username); + public List getAssociatedIndividualUris(String username) { + List uris = new ArrayList(); + uris.addAll(getUrisAssociatedBySelfEditorConfig(username)); + uris.addAll(getUrisAssociatedByMayEditAs(username)); + return uris; } - @Override - public List asWhomMayThisUserEdit(String username) { + private List getUrisAssociatedBySelfEditorConfig(String username) { if (username == null) { return Collections.emptyList(); } - UserDao userDao = getUserDao(request); + IndividualDao iDao = getIndividualDao(); + if (iDao == null) { + return Collections.emptyList(); + } + + String selfEditorUri = SelfEditingConfiguration.getBean(request) + .getIndividualUriFromUsername(iDao, username); + if (selfEditorUri == null) { + return Collections.emptyList(); + } else { + return Collections.singletonList(selfEditorUri); + } + } + + private List getUrisAssociatedByMayEditAs(String username) { + if (username == null) { + return Collections.emptyList(); + } + + UserDao userDao = getUserDao(); if (userDao == null) { return Collections.emptyList(); } @@ -244,7 +262,7 @@ public class BasicAuthenticator extends Authenticator { return; } - UserDao userDao = getUserDao(request); + UserDao userDao = getUserDao(); if (userDao == null) { return; } @@ -261,19 +279,11 @@ public class BasicAuthenticator extends Authenticator { } /** - * Get a reference to the {@link UserDao}, or null. + * Get a reference to the UserDao, or null. */ - private UserDao getUserDao(HttpServletRequest request) { - HttpSession session = request.getSession(false); - if (session == null) { - return null; - } - - ServletContext servletContext = session.getServletContext(); - WebappDaoFactory wadf = (WebappDaoFactory) servletContext - .getAttribute("webappDaoFactory"); + private UserDao getUserDao() { + WebappDaoFactory wadf = getWebappDaoFactory(); if (wadf == null) { - log.error("getUserDao: no WebappDaoFactory"); return null; } @@ -285,6 +295,43 @@ public class BasicAuthenticator extends Authenticator { return userDao; } + /** + * Get a reference to the IndividualDao, or null. + */ + private IndividualDao getIndividualDao() { + WebappDaoFactory wadf = getWebappDaoFactory(); + if (wadf == null) { + return null; + } + + IndividualDao individualDao = wadf.getIndividualDao(); + if (individualDao == null) { + log.error("getIndividualDao: no IndividualDao"); + } + + return individualDao; + } + + /** + * Get a reference to the WebappDaoFactory, or null. + */ + private WebappDaoFactory getWebappDaoFactory() { + HttpSession session = request.getSession(false); + if (session == null) { + return null; + } + + ServletContext servletContext = session.getServletContext(); + WebappDaoFactory wadf = (WebappDaoFactory) servletContext + .getAttribute("webappDaoFactory"); + if (wadf == null) { + log.error("no WebappDaoFactory"); + return null; + } + + return wadf; + } + /** * Parse the role URI from User. Don't crash if it is not valid. */ diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java index 0db63a2b0..17287384d 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java @@ -5,6 +5,7 @@ package edu.cornell.mannlib.vitro.webapp.controller.authenticate; import static edu.cornell.mannlib.vitro.webapp.controller.authenticate.LoginExternalAuthSetup.ATTRIBUTE_REFERRER; import java.io.IOException; +import java.util.List; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; @@ -42,7 +43,8 @@ public class LoginExternalAuthReturn extends BaseLoginServlet { throws ServletException, IOException { String username = ExternalAuthHelper.getHelper(req) .getExternalUsername(req); - String uri = getAuthenticator(req).getAssociatedIndividualUri(username); + List associatedUris = getAuthenticator(req) + .getAssociatedIndividualUris(username); if (username == null) { log.debug("No username."); @@ -54,8 +56,11 @@ public class LoginExternalAuthReturn extends BaseLoginServlet { AuthenticationSource.EXTERNAL); removeLoginProcessArtifacts(req); new LoginRedirector(req, resp).redirectLoggedInUser(); - } else if (uri != null) { - log.debug("Recognize '" + username + "' as self-editor for " + uri); + } else if (!associatedUris.isEmpty()) { + log.debug("Recognize '" + username + "' as self-editor for " + + associatedUris); + String uri = associatedUris.get(0); + getAuthenticator(req).recordLoginWithoutUserAccount(username, uri, AuthenticationSource.EXTERNAL); removeLoginProcessArtifacts(req); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java index 28c1fb52a..6f0ee3cf9 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java @@ -5,6 +5,7 @@ package edu.cornell.mannlib.vitro.webapp.controller.authenticate; import java.io.IOException; import java.io.UnsupportedEncodingException; import java.net.URLEncoder; +import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -60,10 +61,18 @@ public class LoginRedirector { return null; } - String uri = Authenticator.getInstance(request) - .getAssociatedIndividualUri(username); - log.debug("URI of associated individual is " + uri); - return uri; + List uris = Authenticator.getInstance(request) + .getAssociatedIndividualUris(username); + if (uris.isEmpty()) { + log.debug("'" + username + + "' is not associated with an individual."); + return null; + } else { + String uri = uris.get(0); + log.debug("'" + username + "' is associated with an individual: " + + uri); + return uri; + } } public void redirectLoggedInUser() throws IOException { diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/authenticate/AuthenticatorStub.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/authenticate/AuthenticatorStub.java index 2d144d7b1..dd4afa011 100644 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/authenticate/AuthenticatorStub.java +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/controller/authenticate/AuthenticatorStub.java @@ -4,7 +4,6 @@ package edu.cornell.mannlib.vitro.webapp.controller.authenticate; import java.lang.reflect.Field; import java.util.ArrayList; -import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -119,8 +118,18 @@ public class AuthenticatorStub extends Authenticator { } @Override - public String getAssociatedIndividualUri(String username) { - return associatedUris.get(username); + public List getAssociatedIndividualUris(String username) { + List uris = new ArrayList(); + + if (associatedUris.containsKey(username)) { + uris.add(associatedUris.get(username)); + } + + if (editingPermissions.containsKey(username)) { + uris.addAll(editingPermissions.get(username)); + } + + return uris; } @Override @@ -138,15 +147,6 @@ public class AuthenticatorStub extends Authenticator { newPasswords.put(username, newClearTextPassword); } - @Override - public List asWhomMayThisUserEdit(String username) { - if (editingPermissions.containsKey(username)) { - return editingPermissions.get(username); - } else { - return Collections.emptyList(); - } - } - @Override public void recordLoginAgainstUserAccount(String username, AuthenticationSource authSource) {