litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

NIHVIVO-1430 Fix the Login redirector and associated classes to recognize 2 types of association: by SelfEditingConfig and by MayEditAs

Browse source
This commit is contained in:
jeb228 2010-11-30 22:45:31 +00:00
parent 25edf03517
commit 49ff09b9d4
5 changed files with 108 additions and 52 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/Authenticator.java
View file

@ -67,15 +67,10 @@ public abstract class Authenticator {
public abstract User getUserByUsername(String username);
/**
* Get the URI of the individual associated with this user, or null if no
* such Individual exists.
* Get the URIs of all individuals associated with this user, whether by a
* self-editing property like cornellEmailNetid, or by mayEditAs.
*/
public abstract String getAssociatedIndividualUri(String username);
/**
* Get a list of URIs of the people that this user is allowed to edit.
*/
public abstract List<String> asWhomMayThisUserEdit(String username);
public abstract List<String> getAssociatedIndividualUris(String username);
/**
* Record a new password for the user.

97
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/BasicAuthenticator.java
View file

@ -2,6 +2,7 @@
package edu.cornell.mannlib.vitro.webapp.controller.authenticate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.List;
@ -20,7 +21,6 @@ import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy.AuthRole;
import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
import edu.cornell.mannlib.vitro.webapp.beans.User;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.controller.edit.Authenticate;
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
import edu.cornell.mannlib.vitro.webapp.dao.UserDao;
@ -50,7 +50,7 @@ public class BasicAuthenticator extends Authenticator {
@Override
public User getUserByUsername(String username) {
UserDao userDao = getUserDao(request);
UserDao userDao = getUserDao();
if (userDao == null) {
return null;
}
@ -59,7 +59,7 @@ public class BasicAuthenticator extends Authenticator {
@Override
public boolean isCurrentPassword(String username, String clearTextPassword) {
User user = getUserDao(request).getUserByUsername(username);
User user = getUserDao().getUserByUsername(username);
if (user == null) {
log.trace("Checking password '" + clearTextPassword
+ "' for user '" + username + "', but user doesn't exist.");
@ -81,7 +81,7 @@ public class BasicAuthenticator extends Authenticator {
}
user.setOldPassword(user.getMd5password());
user.setMd5password(Authenticate.applyMd5Encoding(newClearTextPassword));
getUserDao(request).updateUser(user);
getUserDao().updateUser(user);
}
@Override
@ -133,7 +133,7 @@ public class BasicAuthenticator extends Authenticator {
if (user.getFirstTime() == null) { // first login
user.setFirstTime(new Date());
}
getUserDao(request).updateUser(user);
getUserDao().updateUser(user);
}
/**
@ -200,20 +200,38 @@ public class BasicAuthenticator extends Authenticator {
}
@Override
public String getAssociatedIndividualUri(String username) {
IndividualDao iDao = new VitroRequest(request).getWebappDaoFactory()
.getIndividualDao();
return SelfEditingConfiguration.getBean(request)
.getIndividualUriFromUsername(iDao, username);
public List<String> getAssociatedIndividualUris(String username) {
List<String> uris = new ArrayList<String>();
uris.addAll(getUrisAssociatedBySelfEditorConfig(username));
uris.addAll(getUrisAssociatedByMayEditAs(username));
return uris;
}
@Override
public List<String> asWhomMayThisUserEdit(String username) {
private List<String> getUrisAssociatedBySelfEditorConfig(String username) {
if (username == null) {
return Collections.emptyList();
}
UserDao userDao = getUserDao(request);
IndividualDao iDao = getIndividualDao();
if (iDao == null) {
return Collections.emptyList();
}
String selfEditorUri = SelfEditingConfiguration.getBean(request)
.getIndividualUriFromUsername(iDao, username);
if (selfEditorUri == null) {
return Collections.emptyList();
} else {
return Collections.singletonList(selfEditorUri);
}
}
private List<String> getUrisAssociatedByMayEditAs(String username) {
if (username == null) {
return Collections.emptyList();
}
UserDao userDao = getUserDao();
if (userDao == null) {
return Collections.emptyList();
}
@ -244,7 +262,7 @@ public class BasicAuthenticator extends Authenticator {
return;
}
UserDao userDao = getUserDao(request);
UserDao userDao = getUserDao();
if (userDao == null) {
return;
}
@ -261,19 +279,11 @@ public class BasicAuthenticator extends Authenticator {
}
/**
* Get a reference to the {@link UserDao}, or <code>null</code>.
* Get a reference to the UserDao, or null.
*/
private UserDao getUserDao(HttpServletRequest request) {
HttpSession session = request.getSession(false);
if (session == null) {
return null;
}
ServletContext servletContext = session.getServletContext();
WebappDaoFactory wadf = (WebappDaoFactory) servletContext
.getAttribute("webappDaoFactory");
private UserDao getUserDao() {
WebappDaoFactory wadf = getWebappDaoFactory();
if (wadf == null) {
log.error("getUserDao: no WebappDaoFactory");
return null;
}
@ -285,6 +295,43 @@ public class BasicAuthenticator extends Authenticator {
return userDao;
}
/**
* Get a reference to the IndividualDao, or null.
*/
private IndividualDao getIndividualDao() {
WebappDaoFactory wadf = getWebappDaoFactory();
if (wadf == null) {
return null;
}
IndividualDao individualDao = wadf.getIndividualDao();
if (individualDao == null) {
log.error("getIndividualDao: no IndividualDao");
}
return individualDao;
}
/**
* Get a reference to the WebappDaoFactory, or null.
*/
private WebappDaoFactory getWebappDaoFactory() {
HttpSession session = request.getSession(false);
if (session == null) {
return null;
}
ServletContext servletContext = session.getServletContext();
WebappDaoFactory wadf = (WebappDaoFactory) servletContext
.getAttribute("webappDaoFactory");
if (wadf == null) {
log.error("no WebappDaoFactory");
return null;
}
return wadf;
}
/**
* Parse the role URI from User. Don't crash if it is not valid.
*/

11
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginExternalAuthReturn.java
View file

@ -5,6 +5,7 @@ package edu.cornell.mannlib.vitro.webapp.controller.authenticate;
import static edu.cornell.mannlib.vitro.webapp.controller.authenticate.LoginExternalAuthSetup.ATTRIBUTE_REFERRER;
import java.io.IOException;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
@ -42,7 +43,8 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
throws ServletException, IOException {
String username = ExternalAuthHelper.getHelper(req)
.getExternalUsername(req);
String uri = getAuthenticator(req).getAssociatedIndividualUri(username);
List<String> associatedUris = getAuthenticator(req)
.getAssociatedIndividualUris(username);
if (username == null) {
log.debug("No username.");
@ -54,8 +56,11 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
AuthenticationSource.EXTERNAL);
removeLoginProcessArtifacts(req);
new LoginRedirector(req, resp).redirectLoggedInUser();
} else if (uri != null) {
log.debug("Recognize '" + username + "' as self-editor for " + uri);
} else if (!associatedUris.isEmpty()) {
log.debug("Recognize '" + username + "' as self-editor for "
+ associatedUris);
String uri = associatedUris.get(0);
getAuthenticator(req).recordLoginWithoutUserAccount(username, uri,
AuthenticationSource.EXTERNAL);
removeLoginProcessArtifacts(req);

17
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/LoginRedirector.java
View file

@ -5,6 +5,7 @@ package edu.cornell.mannlib.vitro.webapp.controller.authenticate;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@ -60,10 +61,18 @@ public class LoginRedirector {
return null;
}
String uri = Authenticator.getInstance(request)
.getAssociatedIndividualUri(username);
log.debug("URI of associated individual is " + uri);
return uri;
List<String> uris = Authenticator.getInstance(request)
.getAssociatedIndividualUris(username);
if (uris.isEmpty()) {
log.debug("'" + username
+ "' is not associated with an individual.");
return null;
} else {
String uri = uris.get(0);
log.debug("'" + username + "' is associated with an individual: "
+ uri);
return uri;
}
}
public void redirectLoggedInUser() throws IOException {

24
webapp/test/edu/cornell/mannlib/vitro/webapp/controller/authenticate/AuthenticatorStub.java
View file

@ -4,7 +4,6 @@ package edu.cornell.mannlib.vitro.webapp.controller.authenticate;
import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@ -119,8 +118,18 @@ public class AuthenticatorStub extends Authenticator {
}
@Override
public String getAssociatedIndividualUri(String username) {
return associatedUris.get(username);
public List<String> getAssociatedIndividualUris(String username) {
List<String> uris = new ArrayList<String>();
if (associatedUris.containsKey(username)) {
uris.add(associatedUris.get(username));
}
if (editingPermissions.containsKey(username)) {
uris.addAll(editingPermissions.get(username));
}
return uris;
}
@Override
@ -138,15 +147,6 @@ public class AuthenticatorStub extends Authenticator {
newPasswords.put(username, newClearTextPassword);
}
@Override
public List<String> asWhomMayThisUserEdit(String username) {
if (editingPermissions.containsKey(username)) {
return editingPermissions.get(username);
} else {
return Collections.emptyList();
}
}
@Override
public void recordLoginAgainstUserAccount(String username,
AuthenticationSource authSource) {