From 64b130c973aee4c5034474694783555965d0179c Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Tue, 22 Jan 2019 09:23:18 -0700 Subject: [PATCH] [SHIBUI-1058] Renamed UserRoleService to UserService. Moved getCurrentUser to UserService. Updated UsersController to use UserService to get the currently logged in user. --- .../CoreShibUiConfiguration.java | 7 ++-- .../EntityDescriptorController.java | 37 ++++++++----------- .../security/controller/UsersController.java | 20 +++++----- ...{UserRoleService.java => UserService.java} | 23 ++++++++++-- 4 files changed, 50 insertions(+), 37 deletions(-) rename backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/{UserRoleService.java => UserService.java} (64%) diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/CoreShibUiConfiguration.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/CoreShibUiConfiguration.java index b9679866d..07a183e7f 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/CoreShibUiConfiguration.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/CoreShibUiConfiguration.java @@ -8,7 +8,8 @@ import edu.internet2.tier.shibboleth.admin.ui.scheduled.EntityDescriptorFilesScheduledTasks; import edu.internet2.tier.shibboleth.admin.ui.scheduled.MetadataProvidersScheduledTasks; import edu.internet2.tier.shibboleth.admin.ui.security.repository.RoleRepository; -import edu.internet2.tier.shibboleth.admin.ui.security.service.UserRoleService; +import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository; +import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService; import edu.internet2.tier.shibboleth.admin.ui.service.DefaultMetadataResolversPositionOrderContainerService; import edu.internet2.tier.shibboleth.admin.ui.service.DirectoryService; import edu.internet2.tier.shibboleth.admin.ui.service.DirectoryServiceImpl; @@ -198,7 +199,7 @@ public ModelRepresentationConversions modelRepresentationConversions() { } @Bean - public UserRoleService userRoleService(RoleRepository roleRepository) { - return new UserRoleService(roleRepository); + public UserService userService(RoleRepository roleRepository, UserRepository userRepository) { + return new UserService(roleRepository, userRepository); } } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java index 23d89849c..e76749c06 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorController.java @@ -5,9 +5,10 @@ import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects; import edu.internet2.tier.shibboleth.admin.ui.repository.EntityDescriptorRepository; import edu.internet2.tier.shibboleth.admin.ui.security.model.User; +import edu.internet2.tier.shibboleth.admin.ui.security.repository.RoleRepository; import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository; +import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService; import edu.internet2.tier.shibboleth.admin.ui.service.EntityDescriptorService; -import org.apache.commons.lang.StringUtils; import org.opensaml.core.xml.io.MarshallingException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -16,7 +17,6 @@ import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; -import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.transaction.annotation.Transactional; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; @@ -31,7 +31,6 @@ import javax.annotation.PostConstruct; import java.net.URI; -import java.util.Optional; import java.util.stream.Collectors; @RestController @@ -50,13 +49,22 @@ public class EntityDescriptorController { @Autowired RestTemplateBuilder restTemplateBuilder; - @Autowired private UserRepository userRepository; + private RoleRepository roleRepository; + + private UserService userService; + private RestTemplate restTemplate; private static Logger LOGGER = LoggerFactory.getLogger(EntityDescriptorController.class); + public EntityDescriptorController(UserRepository userRepository, RoleRepository roleRepository, UserService userService) { + this.userRepository = userRepository; + this.roleRepository = roleRepository; + this.userService = userService; + } + @PostConstruct public void initRestTemplate() { this.restTemplate = restTemplateBuilder.build(); @@ -100,7 +108,7 @@ public ResponseEntity upload(@RequestParam String metadataUrl, @RequestParam @PutMapping("/EntityDescriptor/{resourceId}") public ResponseEntity update(@RequestBody EntityDescriptorRepresentation edRepresentation, @PathVariable String resourceId) { - User currentUser = getCurrentUser(); + User currentUser = userService.getCurrentUser(); EntityDescriptor existingEd = entityDescriptorRepository.findByResourceId(resourceId); if (existingEd == null) { return ResponseEntity.notFound().build(); @@ -131,7 +139,7 @@ public ResponseEntity update(@RequestBody EntityDescriptorRepresentation edRe @GetMapping("/EntityDescriptors") @Transactional(readOnly = true) public ResponseEntity getAll() { - User currentUser = getCurrentUser(); + User currentUser = userService.getCurrentUser(); if (currentUser != null) { if (currentUser.getRole().equals("ROLE_ADMIN")) { return ResponseEntity.ok(entityDescriptorRepository.findAllByCustomQueryAndStream() @@ -150,7 +158,7 @@ public ResponseEntity getAll() { @GetMapping("/EntityDescriptor/{resourceId}") public ResponseEntity getOne(@PathVariable String resourceId) { - User currentUser = getCurrentUser(); + User currentUser = userService.getCurrentUser(); EntityDescriptor ed = entityDescriptorRepository.findByResourceId(resourceId); if (ed == null) { return ResponseEntity.notFound().build(); @@ -167,7 +175,7 @@ public ResponseEntity getOne(@PathVariable String resourceId) { @GetMapping(value = "/EntityDescriptor/{resourceId}", produces = "application/xml") public ResponseEntity getOneXml(@PathVariable String resourceId) throws MarshallingException { - User currentUser = getCurrentUser(); + User currentUser = userService.getCurrentUser(); EntityDescriptor ed = entityDescriptorRepository.findByResourceId(resourceId); if (ed == null) { return ResponseEntity.notFound().build(); @@ -217,17 +225,4 @@ private ResponseEntity handleUploadingEntityDescriptorXml(byte[] rawXmlBytes, .body(entityDescriptorService.createRepresentationFromDescriptor(persistedEd)); } - private User getCurrentUser() { - User user = null; - if (SecurityContextHolder.getContext() != null && SecurityContextHolder.getContext().getAuthentication() != null) { - String principal = (String) SecurityContextHolder.getContext().getAuthentication().getPrincipal(); - if (StringUtils.isNotBlank(principal)) { - Optional persistedUser = userRepository.findByUsername(principal); - if (persistedUser.isPresent()) { - user = persistedUser.get(); - } - } - } - return user; - } } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/UsersController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/UsersController.java index de676a557..8532d3d26 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/UsersController.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/controller/UsersController.java @@ -4,7 +4,7 @@ import edu.internet2.tier.shibboleth.admin.ui.security.model.User; import edu.internet2.tier.shibboleth.admin.ui.security.repository.RoleRepository; import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository; -import edu.internet2.tier.shibboleth.admin.ui.security.service.UserRoleService; +import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService; import org.apache.commons.lang.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -22,7 +22,6 @@ import org.springframework.web.bind.annotation.RestController; import org.springframework.web.client.HttpClientErrorException; -import java.security.Principal; import java.util.List; import java.util.Optional; @@ -41,12 +40,12 @@ public class UsersController { private UserRepository userRepository; private RoleRepository roleRepository; - private UserRoleService userRoleService; + private UserService userService; - public UsersController(UserRepository userRepository, RoleRepository roleRepository, UserRoleService userRoleService) { + public UsersController(UserRepository userRepository, RoleRepository roleRepository, UserService userService) { this.userRepository = userRepository; this.roleRepository = roleRepository; - this.userRoleService = userRoleService; + this.userService = userService; } @Transactional(readOnly = true) @@ -57,9 +56,10 @@ public List getAll() { @Transactional(readOnly = true) @GetMapping("/current") - public ResponseEntity getCurrentUser(Principal principal) { - if (principal != null && principal.getName() != null) { - return ResponseEntity.ok(userRepository.findByUsername(principal.getName())); + public ResponseEntity getCurrentUser() { + User user = userService.getCurrentUser(); + if (user != null) { + return ResponseEntity.ok(user); } else { return ResponseEntity.notFound().build(); } @@ -91,7 +91,7 @@ ResponseEntity saveOne(@RequestBody User user) { } //TODO: modify this such that additional encoders can be used user.setPassword(BCrypt.hashpw(user.getPassword(), BCrypt.gensalt())); - userRoleService.updateUserRole(user); + userService.updateUserRole(user); User savedUser = userRepository.save(user); return ResponseEntity.ok(savedUser); } @@ -114,7 +114,7 @@ ResponseEntity updateOne(@PathVariable(value = "username") String username, @ } if (StringUtils.isNotBlank(user.getRole())) { persistedUser.setRole(user.getRole()); - userRoleService.updateUserRole(persistedUser); + userService.updateUserRole(persistedUser); } User savedUser = userRepository.save(persistedUser); return ResponseEntity.ok(savedUser); diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserRoleService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserService.java similarity index 64% rename from backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserRoleService.java rename to backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserService.java index 87a6431d0..ced3fe133 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserRoleService.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/UserService.java @@ -3,8 +3,9 @@ import edu.internet2.tier.shibboleth.admin.ui.security.model.Role; import edu.internet2.tier.shibboleth.admin.ui.security.model.User; import edu.internet2.tier.shibboleth.admin.ui.security.repository.RoleRepository; +import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository; import org.apache.commons.lang.StringUtils; -import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.core.context.SecurityContextHolder; import java.util.HashSet; import java.util.Optional; @@ -13,12 +14,14 @@ /** * @author Bill Smith (wsmith@unicon.net) */ -public class UserRoleService { +public class UserService { private RoleRepository roleRepository; + private UserRepository userRepository; - public UserRoleService(RoleRepository roleRepository) { + public UserService(RoleRepository roleRepository, UserRepository userRepository) { this.roleRepository = roleRepository; + this.userRepository = userRepository; } /** @@ -43,4 +46,18 @@ public void updateUserRole(User user) { throw new RuntimeException(String.format("User with username [%s] has no role defined and therefor cannot be updated!", user.getUsername())); } } + + public User getCurrentUser() { + User user = null; + if (SecurityContextHolder.getContext() != null && SecurityContextHolder.getContext().getAuthentication() != null) { + String principal = (String) SecurityContextHolder.getContext().getAuthentication().getPrincipal(); + if (StringUtils.isNotBlank(principal)) { + Optional persistedUser = userRepository.findByUsername(principal); + if (persistedUser.isPresent()) { + user = persistedUser.get(); + } + } + } + return user; + } }