Merge branch 'master' into SHIBUI-906

TIER · Oct 23, 2018 · 9e0aff2 · 9e0aff2
2 parents 8bacd89 + 42dff96
commit 9e0aff2
Show file tree

Hide file tree

Showing 18 changed files with 185 additions and 635 deletions.
diff --git a/...nternet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy b/...nternet2/tier/shibboleth/admin/ui/controller/MetadataSourcesUiDefinitionController.groovy
@@ -6,6 +6,7 @@ import edu.internet2.tier.shibboleth.admin.ui.jsonschema.MetadataSourcesJsonSche
 import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.http.ResponseEntity
 import org.springframework.web.bind.annotation.GetMapping
+import org.springframework.web.bind.annotation.RequestMapping
 import org.springframework.web.bind.annotation.RestController
 
 import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR
@@ -17,7 +18,8 @@ import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR
  * @author Dmitriy Kopylenko
  * @author Bill Smith (wsmith@unicon.net)
  */
-@RestController('/api/ui/MetadataSources')
+@RestController
+@RequestMapping('/api/ui/MetadataSources')
 class MetadataSourcesUiDefinitionController {
 
     @Autowired

diff --git a/...2/tier/shibboleth/admin/ui/configuration/JsonSchemaValidationComponentsConfiguration.java b/...2/tier/shibboleth/admin/ui/configuration/JsonSchemaValidationComponentsConfiguration.java
@@ -2,6 +2,7 @@
 
 import com.fasterxml.jackson.databind.ObjectMapper;
 import edu.internet2.tier.shibboleth.admin.ui.jsonschema.MetadataSourcesJsonSchemaResourceLocation;
+import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.io.ResourceLoader;
@@ -10,10 +11,20 @@
  * @author Dmitriy Kopylenko
  */
 @Configuration
+@ConfigurationProperties("shibui")
 public class JsonSchemaValidationComponentsConfiguration {
 
+    //Configured via @ConfigurationProperties (using setter method) with 'shibui.metadata-sources-ui-schema-location' property and default
+    //value set here if that property is not explicitly set in application.properties
+    private String metadataSourcesUiSchemaLocation ="classpath:metadata-sources-ui-schema.json";
+
+    //This setter is used by Boot's @ConfiguratonProperties binding machinery
+    public void setMetadataSourcesUiSchemaLocation(String metadataSourcesUiSchemaLocation) {
+        this.metadataSourcesUiSchemaLocation = metadataSourcesUiSchemaLocation;
+    }
+
     @Bean
     public MetadataSourcesJsonSchemaResourceLocation metadataSourcesJsonSchemaResourceLocation(ResourceLoader resourceLoader, ObjectMapper jacksonMapper) {
-        return new MetadataSourcesJsonSchemaResourceLocation(resourceLoader, jacksonMapper);
+        return new MetadataSourcesJsonSchemaResourceLocation(metadataSourcesUiSchemaLocation, resourceLoader, jacksonMapper);
     }
 }
diff --git a/...ain/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java b/...ain/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java
@@ -1,12 +1,14 @@
 package edu.internet2.tier.shibboleth.admin.ui.configuration.auto;
 
+import edu.internet2.tier.shibboleth.admin.ui.security.DefaultAuditorAware;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.AutoConfigureBefore;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.boot.autoconfigure.security.servlet.SpringBootWebSecurityConfiguration;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
+import org.springframework.data.domain.AuditorAware;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
@@ -77,6 +79,12 @@ public void configure(WebSecurity web) throws Exception {
         };
     }
 
+    @Bean
+    @Profile("!no-auth")
+    public AuditorAware<String> defaultAuditorAware() {
+        return new DefaultAuditorAware();
+    }
+
     @Bean
     @Profile("no-auth")
     public WebSecurityConfigurerAdapter noAuthUsedForEaseDevelopment() {

diff --git a/...ernet2/tier/shibboleth/admin/ui/jsonschema/MetadataSourcesJsonSchemaResourceLocation.java b/...ernet2/tier/shibboleth/admin/ui/jsonschema/MetadataSourcesJsonSchemaResourceLocation.java
@@ -1,16 +1,10 @@
 package edu.internet2.tier.shibboleth.admin.ui.jsonschema;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
-import org.springframework.beans.factory.BeanCreationException;
 import org.springframework.beans.factory.BeanInitializationException;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.context.properties.ConfigurationProperties;
-import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.core.io.ResourceLoader;
-import org.springframework.stereotype.Component;
 
 import javax.annotation.PostConstruct;
-import java.io.IOException;
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.net.URL;
@@ -21,28 +15,33 @@
  *
  * @author Dmitriy Kopylenko
  */
-@ConfigurationProperties("shibui")
 public class MetadataSourcesJsonSchemaResourceLocation {
 
-    //Configured via @ConfigurationProperties with 'shibui.metadata-sources-ui-schema-location' property and default
-    //value set here if that property is not explicitly set in application.properties
-    private String metadataSourcesUiSchemaLocation = "classpath:metadata-sources-ui-schema.json";
+    private final String metadataSourcesUiSchemaLocation;
 
     private URL jsonSchemaUrl;
 
-    private ResourceLoader resourceLoader;
+    private final ResourceLoader resourceLoader;
 
-    private ObjectMapper jacksonMapper;
+    private final ObjectMapper jacksonMapper;
 
+    private boolean detectMalformedJsonDuringInit = true;
 
-
-    public MetadataSourcesJsonSchemaResourceLocation(ResourceLoader resourceLoader, ObjectMapper jacksonMapper) {
+    public MetadataSourcesJsonSchemaResourceLocation(String metadataSourcesUiSchemaLocation, ResourceLoader resourceLoader, ObjectMapper jacksonMapper) {
+        this.metadataSourcesUiSchemaLocation = metadataSourcesUiSchemaLocation;
         this.resourceLoader = resourceLoader;
         this.jacksonMapper = jacksonMapper;
     }
 
-    public void setMetadataSourcesUiSchemaLocation(String metadataSourcesUiSchemaLocation) {
+    //This constructor is used in tests
+    public MetadataSourcesJsonSchemaResourceLocation(String metadataSourcesUiSchemaLocation,
+                                                     ResourceLoader resourceLoader,
+                                                     ObjectMapper jacksonMapper,
+                                                     boolean detectMalformedJsonDuringInit) {
         this.metadataSourcesUiSchemaLocation = metadataSourcesUiSchemaLocation;
+        this.resourceLoader = resourceLoader;
+        this.jacksonMapper = jacksonMapper;
+        this.detectMalformedJsonDuringInit = detectMalformedJsonDuringInit;
     }
 
     public URL getUrl() {
@@ -62,8 +61,10 @@ public URI getUri() {
     public void init() {
         try {
             this.jsonSchemaUrl = this.resourceLoader.getResource(this.metadataSourcesUiSchemaLocation).getURL();
-            //Detect malformed JSON schema early, during application start up and fail fast with useful exception message
-            this.jacksonMapper.readValue(this.jsonSchemaUrl, Map.class);
+            if(this.detectMalformedJsonDuringInit) {
+                //Detect malformed JSON schema early, during application start up and fail fast with useful exception message
+                this.jacksonMapper.readValue(this.jsonSchemaUrl, Map.class);
+            }
         }
         catch (Exception ex) {
             StringBuilder msg =

diff --git a/...nd/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/DefaultAuditorAware.java b/...nd/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/DefaultAuditorAware.java
@@ -0,0 +1,27 @@
+package edu.internet2.tier.shibboleth.admin.ui.security;
+
+import org.springframework.data.domain.AuditorAware;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
+
+import java.util.Optional;
+
+/**
+ * Default implementation of Spring Data's <code>AuditorAware</code> SPI to let Spring Data
+ * plug in authenticated principal's id to <code>@CreatedBy</code> and <code>@LastModifiedBy</code>
+ * fields of Auditable entities.
+ *
+ * @author Dmitriy Kopylenko
+ */
+public class DefaultAuditorAware implements AuditorAware<String> {
+
+    @Override
+    public Optional<String> getCurrentAuditor() {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        if (authentication == null || !authentication.isAuthenticated()) {
+            return Optional.empty();
+        }
+        return Optional.of(User.class.cast(authentication.getPrincipal()).getUsername());
+    }
+}
diff --git a/backend/src/main/resources/i18n/messages_en.properties b/backend/src/main/resources/i18n/messages_en.properties
@@ -407,7 +407,7 @@ tooltip.authentication-methods-to-use=Authentication Methods to Use
 tooltip.ignore-auth-method=Ignore any SP-Requested Authentication Method
 tooltip.omit-not-before-condition=Omit Not Before Condition
 tooltip.responder-id=ResponderId
-tooltip.instruction=Information icon - press spacebar to read additional information for this form field
+tooltip.instruction=Information icon
 tooltip.attribute-release-table=Attribute release table - select the attributes you want to release (default unchecked)
 tooltip.metadata-filter-name=Metadata Filter Name
 tooltip.metadata-filter-type=Metadata Filter Type

diff --git a/...h/admin/ui/controller/BadJSONMetadataSourcesUiDefinitionControllerIntegrationTests.groovy b/...h/admin/ui/controller/BadJSONMetadataSourcesUiDefinitionControllerIntegrationTests.groovy
@@ -0,0 +1,46 @@
+package edu.internet2.tier.shibboleth.admin.ui.controller
+
+import com.fasterxml.jackson.databind.ObjectMapper
+import edu.internet2.tier.shibboleth.admin.ui.jsonschema.MetadataSourcesJsonSchemaResourceLocation
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.boot.test.context.SpringBootTest
+import org.springframework.boot.test.context.TestConfiguration
+import org.springframework.boot.test.web.client.TestRestTemplate
+import org.springframework.context.annotation.Bean
+import org.springframework.core.io.ResourceLoader
+import org.springframework.test.context.ActiveProfiles
+import spock.lang.Specification
+
+/**
+ * @author Dmitriy Kopylenko
+ */
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
+@ActiveProfiles("no-auth")
+class BadJSONMetadataSourcesUiDefinitionControllerIntegrationTests extends Specification {
+
+    @Autowired
+    private TestRestTemplate restTemplate
+
+    static RESOURCE_URI = '/api/ui/MetadataSources'
+
+    def "GET Malformed Metadata Sources UI definition schema"() {
+        when: 'GET request is made for malformed metadata source UI definition schema'
+        def result = this.restTemplate.getForEntity(RESOURCE_URI, Object)
+
+        then: "Request results in HTTP 500"
+        result.statusCodeValue == 500
+        result.body.jsonParseError
+        result.body.sourceUiSchemaDefinitionFile
+    }
+
+    @TestConfiguration
+    static class Config {
+        @Bean
+        MetadataSourcesJsonSchemaResourceLocation metadataSourcesJsonSchemaResourceLocation(ResourceLoader resourceLoader,
+                                                                                            ObjectMapper jacksonMapper) {
+
+            new MetadataSourcesJsonSchemaResourceLocation('classpath:metadata-sources-ui-schema_MALFORMED.json',
+                    resourceLoader, jacksonMapper, false)
+        }
+    }
+}
diff --git a/.../admin/ui/controller/GoodJSONMetadataSourcesUiDefinitionControllerIntegrationTests.groovy b/.../admin/ui/controller/GoodJSONMetadataSourcesUiDefinitionControllerIntegrationTests.groovy
@@ -0,0 +1,29 @@
+package edu.internet2.tier.shibboleth.admin.ui.controller
+
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.boot.test.context.SpringBootTest
+import org.springframework.boot.test.web.client.TestRestTemplate
+import org.springframework.test.context.ActiveProfiles
+import spock.lang.Specification
+
+/**
+ * @author Dmitriy Kopylenko
+ */
+@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
+@ActiveProfiles("no-auth")
+class GoodJSONMetadataSourcesUiDefinitionControllerIntegrationTests extends Specification {
+
+    @Autowired
+    private TestRestTemplate restTemplate
+
+    static RESOURCE_URI = '/api/ui/MetadataSources'
+
+    def "GET Metadata Sources UI definition schema"() {
+        when: 'GET request is made for metadata source UI definition schema'
+        def result = this.restTemplate.getForEntity(RESOURCE_URI, Object)
+
+        then: "Request completed successfully"
+        result.statusCodeValue == 200
+        result.body.properties.entityId.title == 'label.entity-id'
+    }
+}
diff --git a/...ibboleth/admin/ui/controller/MetadataSourcesUiDefinitionControllerIntegrationTests.groovy b/...ibboleth/admin/ui/controller/MetadataSourcesUiDefinitionControllerIntegrationTests.groovy