litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

NIHVIVO-1430 Fix the Login redirector and associated classes to recognize 2 types of association: by SelfEditingConfig and by MayEditAs

Browse source
This commit is contained in:
jeb228 2010-11-30 22:45:31 +00:00
parent 25edf03517
commit 49ff09b9d4
5 changed files with 108 additions and 52 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/Authenticator.java
View file

@ -67,15 +67,10 @@ public abstract class Authenticator {
public abstract User getUserByUsername(String username); public abstract User getUserByUsername(String username);
/** /**
* Get the URI of the individual associated with this user, or null if no * Get the URIs of all individuals associated with this user, whether by a
* such Individual exists. * self-editing property like cornellEmailNetid, or by mayEditAs.
*/ */
public abstract String getAssociatedIndividualUri(String username); public abstract List<String> getAssociatedIndividualUris(String username);
/**
* Get a list of URIs of the people that this user is allowed to edit.
*/
public abstract List<String> asWhomMayThisUserEdit(String username);
/** /**
* Record a new password for the user. * Record a new password for the user.

97
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java
View file

@ -2,6 +2,7 @@
package edu.cornell.mannlib.vitro.webapp.controller.authenticate; package edu.cornell.mannlib.vitro.webapp.controller.authenticate;
import java.util.ArrayList;
import java.util.Collections; import java.util.Collections;
import java.util.Date; import java.util.Date;
import java.util.List; import java.util.List;
@ -20,7 +21,6 @@ import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole; import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole;
import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration; import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
import edu.cornell.mannlib.vitro.webapp.beans.User; import edu.cornell.mannlib.vitro.webapp.beans.User;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.controller.edit.Authenticate; import edu.cornell.mannlib.vitro.webapp.controller.edit.Authenticate;
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao; import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
import edu.cornell.mannlib.vitro.webapp.dao.UserDao; import edu.cornell.mannlib.vitro.webapp.dao.UserDao;
@ -50,7 +50,7 @@ public class BasicAuthenticator extends Authenticator {
@Override @Override
public User getUserByUsername(String username) { public User getUserByUsername(String username) {
UserDao userDao = getUserDao(request); UserDao userDao = getUserDao();
if (userDao == null) { if (userDao == null) {
return null; return null;
} }
@ -59,7 +59,7 @@ public class BasicAuthenticator extends Authenticator {
@Override @Override
public boolean isCurrentPassword(String username, String clearTextPassword) { public boolean isCurrentPassword(String username, String clearTextPassword) {
User user = getUserDao(request).getUserByUsername(username); User user = getUserDao().getUserByUsername(username);
if (user == null) { if (user == null) {
log.trace("Checking password '" + clearTextPassword log.trace("Checking password '" + clearTextPassword
+ "' for user '" + username + "', but user doesn't exist."); + "' for user '" + username + "', but user doesn't exist.");
@ -81,7 +81,7 @@ public class BasicAuthenticator extends Authenticator {
} }
user.setOldPassword(user.getMd5password()); user.setOldPassword(user.getMd5password());
user.setMd5password(Authenticate.applyMd5Encoding(newClearTextPassword)); user.setMd5password(Authenticate.applyMd5Encoding(newClearTextPassword));
getUserDao(request).updateUser(user); getUserDao().updateUser(user);
} }
@Override @Override
@ -133,7 +133,7 @@ public class BasicAuthenticator extends Authenticator {
if (user.getFirstTime() == null) { // first login if (user.getFirstTime() == null) { // first login
user.setFirstTime(new Date()); user.setFirstTime(new Date());
} }
getUserDao(request).updateUser(user); getUserDao().updateUser(user);
} }
/** /**
@ -200,20 +200,38 @@ public class BasicAuthenticator extends Authenticator {
} }
@Override @Override
public String getAssociatedIndividualUri(String username) { public List<String> getAssociatedIndividualUris(String username) {
IndividualDao iDao = new VitroRequest(request).getWebappDaoFactory() List<String> uris = new ArrayList<String>();
.getIndividualDao(); uris.addAll(getUrisAssociatedBySelfEditorConfig(username));
return SelfEditingConfiguration.getBean(request) uris.addAll(getUrisAssociatedByMayEditAs(username));
.getIndividualUriFromUsername(iDao, username); return uris;
} }
@Override private List<String> getUrisAssociatedBySelfEditorConfig(String username) {
public List<String> asWhomMayThisUserEdit(String username) {
if (username == null) { if (username == null) {
return Collections.emptyList(); return Collections.emptyList();
} }
UserDao userDao = getUserDao(request); IndividualDao iDao = getIndividualDao();
if (iDao == null) {
return Collections.emptyList();
}
String selfEditorUri = SelfEditingConfiguration.getBean(request)
.getIndividualUriFromUsername(iDao, username);
if (selfEditorUri == null) {
return Collections.emptyList();
} else {
return Collections.singletonList(selfEditorUri);
}
}
private List<String> getUrisAssociatedByMayEditAs(String username) {
if (username == null) {
return Collections.emptyList();
}
UserDao userDao = getUserDao();
if (userDao == null) { if (userDao == null) {
return Collections.emptyList(); return Collections.emptyList();
} }
@ -244,7 +262,7 @@ public class BasicAuthenticator extends Authenticator {
return; return;
} }
UserDao userDao = getUserDao(request); UserDao userDao = getUserDao();
if (userDao == null) { if (userDao == null) {
return; return;
} }
@ -261,19 +279,11 @@ public class BasicAuthenticator extends Authenticator {
} }
/** /**
* Get a reference to the {@link UserDao}, or <code>null</code>. * Get a reference to the UserDao, or null.
*/ */
private UserDao getUserDao(HttpServletRequest request) { private UserDao getUserDao() {
HttpSession session = request.getSession(false); WebappDaoFactory wadf = getWebappDaoFactory();
if (session == null) {
return null;
}
ServletContext servletContext = session.getServletContext();
WebappDaoFactory wadf = (WebappDaoFactory) servletContext
.getAttribute("webappDaoFactory");
if (wadf == null) { if (wadf == null) {
log.error("getUserDao: no WebappDaoFactory");
return null; return null;
} }
@ -285,6 +295,43 @@ public class BasicAuthenticator extends Authenticator {
return userDao; return userDao;
} }
/**
* Get a reference to the IndividualDao, or null.
*/
private IndividualDao getIndividualDao() {
WebappDaoFactory wadf = getWebappDaoFactory();
if (wadf == null) {
return null;
}
IndividualDao individualDao = wadf.getIndividualDao();
if (individualDao == null) {
log.error("getIndividualDao: no IndividualDao");
}
return individualDao;
}
/**
* Get a reference to the WebappDaoFactory, or null.
*/
private WebappDaoFactory getWebappDaoFactory() {
HttpSession session = request.getSession(false);
if (session == null) {
return null;
}
ServletContext servletContext = session.getServletContext();
WebappDaoFactory wadf = (WebappDaoFactory) servletContext
.getAttribute("webappDaoFactory");
if (wadf == null) {
log.error("no WebappDaoFactory");
return null;
}
return wadf;
}
/** /**
* Parse the role URI from User. Don't crash if it is not valid. * Parse the role URI from User. Don't crash if it is not valid.
*/ */

11
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java
View file

@ -5,6 +5,7 @@ package edu.cornell.mannlib.vitro.webapp.controller.authenticate;
import static edu.cornell.mannlib.vitro.webapp.controller.authenticate.LoginExternalAuthSetup.ATTRIBUTE_REFERRER; import static edu.cornell.mannlib.vitro.webapp.controller.authenticate.LoginExternalAuthSetup.ATTRIBUTE_REFERRER;
import java.io.IOException; import java.io.IOException;
import java.util.List;
import javax.servlet.ServletException; import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
@ -42,7 +43,8 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
throws ServletException, IOException { throws ServletException, IOException {
String username = ExternalAuthHelper.getHelper(req) String username = ExternalAuthHelper.getHelper(req)
.getExternalUsername(req); .getExternalUsername(req);
String uri = getAuthenticator(req).getAssociatedIndividualUri(username); List<String> associatedUris = getAuthenticator(req)
.getAssociatedIndividualUris(username);
if (username == null) { if (username == null) {
log.debug("No username."); log.debug("No username.");
@ -54,8 +56,11 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
AuthenticationSource.EXTERNAL); AuthenticationSource.EXTERNAL);
removeLoginProcessArtifacts(req); removeLoginProcessArtifacts(req);
new LoginRedirector(req, resp).redirectLoggedInUser(); new LoginRedirector(req, resp).redirectLoggedInUser();
} else if (uri != null) { } else if (!associatedUris.isEmpty()) {
log.debug("Recognize '" + username + "' as self-editor for " + uri); log.debug("Recognize '" + username + "' as self-editor for "
+ associatedUris);
String uri = associatedUris.get(0);
getAuthenticator(req).recordLoginWithoutUserAccount(username, uri, getAuthenticator(req).recordLoginWithoutUserAccount(username, uri,
AuthenticationSource.EXTERNAL); AuthenticationSource.EXTERNAL);
removeLoginProcessArtifacts(req); removeLoginProcessArtifacts(req);

17
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java
View file

@ -5,6 +5,7 @@ package edu.cornell.mannlib.vitro.webapp.controller.authenticate;
import java.io.IOException; import java.io.IOException;
import java.io.UnsupportedEncodingException; import java.io.UnsupportedEncodingException;
import java.net.URLEncoder; import java.net.URLEncoder;
import java.util.List;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
@ -60,10 +61,18 @@ public class LoginRedirector {
return null; return null;
} }
String uri = Authenticator.getInstance(request) List<String> uris = Authenticator.getInstance(request)
.getAssociatedIndividualUri(username); .getAssociatedIndividualUris(username);
log.debug("URI of associated individual is " + uri); if (uris.isEmpty()) {
return uri; log.debug("'" + username
+ "' is not associated with an individual.");
return null;
} else {
String uri = uris.get(0);
log.debug("'" + username + "' is associated with an individual: "
+ uri);
return uri;
}
} }
public void redirectLoggedInUser() throws IOException { public void redirectLoggedInUser() throws IOException {

24
webapp/test/edu/cornell/mannlib/vitro/webapp/controller/authenticate/AuthenticatorStub.java
View file

@ -4,7 +4,6 @@ package edu.cornell.mannlib.vitro.webapp.controller.authenticate;
import java.lang.reflect.Field; import java.lang.reflect.Field;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap; import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
@ -119,8 +118,18 @@ public class AuthenticatorStub extends Authenticator {
} }
@Override @Override
public String getAssociatedIndividualUri(String username) { public List<String> getAssociatedIndividualUris(String username) {
return associatedUris.get(username); List<String> uris = new ArrayList<String>();
if (associatedUris.containsKey(username)) {
uris.add(associatedUris.get(username));
}
if (editingPermissions.containsKey(username)) {
uris.addAll(editingPermissions.get(username));
}
return uris;
} }
@Override @Override
@ -138,15 +147,6 @@ public class AuthenticatorStub extends Authenticator {
newPasswords.put(username, newClearTextPassword); newPasswords.put(username, newClearTextPassword);
} }
@Override
public List<String> asWhomMayThisUserEdit(String username) {
if (editingPermissions.containsKey(username)) {
return editingPermissions.get(username);
} else {
return Collections.emptyList();
}
}
@Override @Override
public void recordLoginAgainstUserAccount(String username, public void recordLoginAgainstUserAccount(String username,
AuthenticationSource authSource) { AuthenticationSource authSource) {