Merged in feature/SHIBUI-1044 (pull request #261)

[SHIBUI-1044]

Approved-by: Jonathan Johnson <jj@scaldingspoon.com>
Approved-by: Dmitriy Kopylenko <dkopylenko@unicon.net>
Approved-by: Bill Smith <wsmith@unicon.net>

backend/build.gradle

@@ -139,6 +139,9 @@ dependencies {
 
     //JSON schema validator
     compile 'org.sharegov:mjson:1.4.1'
+
+    // CSV file support
+    compile 'com.opencsv:opencsv:4.4'
 }
 
 def generatedSrcDir = new File(buildDir, 'generated/src/main/java')

backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/UserBootstrap.groovy

@@ -0,0 +1,48 @@
+package edu.internet2.tier.shibboleth.admin.ui.service
+
+import com.opencsv.CSVReader
+import edu.internet2.tier.shibboleth.admin.ui.configuration.ShibUIConfiguration
+import edu.internet2.tier.shibboleth.admin.ui.security.model.Role
+import edu.internet2.tier.shibboleth.admin.ui.security.model.User
+import edu.internet2.tier.shibboleth.admin.ui.security.repository.RoleRepository
+import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository
+import groovy.util.logging.Slf4j
+import org.springframework.boot.context.event.ApplicationStartedEvent
+import org.springframework.context.event.EventListener
+import org.springframework.stereotype.Component
+
+import javax.transaction.Transactional
+
+@Component
+@Slf4j
+class UserBootstrap {
+    private final ShibUIConfiguration shibUIConfiguration
+    private final UserRepository userRepository
+    private final RoleRepository roleRepository
+
+    UserBootstrap(ShibUIConfiguration shibUIConfiguration, UserRepository userRepository, RoleRepository roleRepository) {
+        this.shibUIConfiguration = shibUIConfiguration
+        this.userRepository = userRepository
+        this.roleRepository = roleRepository
+    }
+
+    @Transactional
+    @EventListener
+    void bootstrapUsersAndRoles(ApplicationStartedEvent e) {
+        if (shibUIConfiguration.userBootstrapResource) {
+            log.info("configuring users from ${shibUIConfiguration.userBootstrapResource.URI}")
+            new CSVReader(new InputStreamReader(shibUIConfiguration.userBootstrapResource.inputStream)).each { it ->
+                def (username, password, firstName, lastName, roleName) = it
+                def role = roleRepository.findByName(roleName).orElse(roleRepository.save(new Role(name: roleName)))
+                def user = userRepository.findByUsername(username).orElse(new User(username: username)).with {
+                    it.password = password
+                    it.firstName = firstName
+                    it.lastName = lastName
+                    it.roles.add(role)
+                    it
+                }
+                userRepository.save(user)
+            }
+        }
+    }
+}

backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/ShibUIConfiguration.java

@@ -4,8 +4,10 @@
 import lombok.Setter;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.core.io.Resource;
 
 import java.util.List;
+import java.util.Optional;
 
 @Configuration
 @ConfigurationProperties(prefix = "shibui")
@@ -17,4 +19,19 @@ public class ShibUIConfiguration {
      * sources from using attributes that they might not have the rights to use.
      */
     private List<String> protectedAttributeNamespaces;
+
+    /**
+     * A Resource containing a CSV of users to bootstrap into the system. Currently, this must be in format
+     *
+     * <code>
+     * username,password,firstName,lastName,role
+     * </code>
+     *
+     * Note that the password must be encrypted in the file. Ensure that you prepend the encoder to the value, e.g.
+     *
+     * <code>
+     * {bcrypt}$2a$10$ssM2LpFqceRQ/ta0JehGcu0BawFQDbxjQGSyVmKS6qa09hHLigtAO
+     * </code>
+     */
+    private Resource userBootstrapResource;
 }

backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/UserBootstrapTests.groovy

@@ -0,0 +1,47 @@
+package edu.internet2.tier.shibboleth.admin.ui.service
+
+import edu.internet2.tier.shibboleth.admin.ui.configuration.CoreShibUiConfiguration
+import edu.internet2.tier.shibboleth.admin.ui.configuration.InternationalizationConfiguration
+import edu.internet2.tier.shibboleth.admin.ui.configuration.SearchConfiguration
+import edu.internet2.tier.shibboleth.admin.ui.configuration.ShibUIConfiguration
+import edu.internet2.tier.shibboleth.admin.ui.configuration.TestConfiguration
+import edu.internet2.tier.shibboleth.admin.ui.security.repository.RoleRepository
+import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.boot.autoconfigure.domain.EntityScan
+import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest
+import org.springframework.core.io.ClassPathResource
+import org.springframework.data.jpa.repository.config.EnableJpaRepositories
+import org.springframework.test.annotation.DirtiesContext
+import org.springframework.test.context.ContextConfiguration
+import spock.lang.Specification
+
+@DataJpaTest
+@ContextConfiguration(classes=[CoreShibUiConfiguration, SearchConfiguration, TestConfiguration, InternationalizationConfiguration, ShibUIConfiguration])
+@EnableJpaRepositories(basePackages = ["edu.internet2.tier.shibboleth.admin.ui"])
+@EntityScan(["edu.internet2.tier.shibboleth.admin.ui", "edu.internet2.tier.shibboleth.admin.ui.security.model"])
+@DirtiesContext(methodMode = DirtiesContext.MethodMode.AFTER_METHOD)
+class UserBootstrapTests extends Specification {
+    @Autowired
+    ShibUIConfiguration shibUIConfiguration
+
+    @Autowired
+    UserRepository userRepository
+
+    @Autowired
+    RoleRepository roleRepository
+
+    def "simple test"() {
+        setup:
+        shibUIConfiguration.userBootstrapResource = new ClassPathResource('/conf/1044.csv')
+        def userBootstrap = new UserBootstrap(shibUIConfiguration, userRepository, roleRepository)
+
+        when:
+        userBootstrap.bootstrapUsersAndRoles(null)
+
+        then:
+        noExceptionThrown()
+        assert userRepository.findAll().size() == 2
+        assert roleRepository.findAll().size() == 2
+    }
+}

backend/src/test/resources/conf/1044.csv

@@ -0,0 +1,2 @@
+"user1","password1","firstName1","lastName1","ROLE_ADMIN"
+"user2","password2","firstName2","lastName2","ROLE_USER"