Skip to content

Commit

Permalink
Basic envers verification
Browse files Browse the repository at this point in the history
  • Loading branch information
@dima767
dima767 committed May 13, 2019
1 parent f2e3416 commit f151bed
Show file tree
Hide file tree
Showing 6 changed files with 74 additions and 4 deletions.
5 changes: 5 additions & 0 deletions ...u/internet2/tier/shibboleth/admin/ui/domain/resolvers/FileBackedHttpMetadataResolver.java
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,12 @@
package edu.internet2.tier.shibboleth.admin.ui.domain.resolvers;

import edu.internet2.tier.shibboleth.admin.ui.domain.AbstractAuditable;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.Setter;
import lombok.ToString;
import org.hibernate.envers.AuditOverride;
import org.hibernate.envers.Audited;

import javax.persistence.Embedded;
import javax.persistence.Entity;
Expand All @@ -13,6 +16,8 @@
@Getter
@Setter
@ToString
@Audited
@AuditOverride(forClass = AbstractAuditable.class)
public class FileBackedHttpMetadataResolver extends MetadataResolver {
public FileBackedHttpMetadataResolver() {
type = "FileBackedHttpMetadataResolver";
Expand Down
2 changes: 0 additions & 2 deletions ...c/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataResolver.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@
import lombok.NoArgsConstructor;
import lombok.Setter;
import lombok.ToString;
import org.hibernate.envers.AuditOverride;
import org.hibernate.envers.Audited;

import javax.persistence.CascadeType;
Expand Down Expand Up @@ -40,7 +39,6 @@
@JsonSubTypes.Type(value = FilesystemMetadataResolver.class, name = "FilesystemMetadataResolver"),
@JsonSubTypes.Type(value = ResourceBackedMetadataResolver.class, name = "ResourceBackedMetadataResolver")})
@Audited
@AuditOverride(forClass = AbstractAuditable.class)
public class MetadataResolver extends AbstractAuditable {

@JsonProperty("@type")
Expand Down
20 changes: 20 additions & 0 deletions ...main/java/edu/internet2/tier/shibboleth/admin/ui/envers/PrincipalAwareRevisionEntity.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
package edu.internet2.tier.shibboleth.admin.ui.envers;

import lombok.Getter;
import lombok.Setter;
import org.hibernate.envers.DefaultRevisionEntity;
import org.hibernate.envers.RevisionEntity;

import javax.persistence.Entity;

/**
* Extension of the default envers revision entity to track authenticated principals
*/
@Entity
@RevisionEntity(PrincipalEnhancingRevisionListener.class)
@Getter
@Setter
public class PrincipalAwareRevisionEntity extends DefaultRevisionEntity {

private String principalUserName;
}
20 changes: 20 additions & 0 deletions ...ava/edu/internet2/tier/shibboleth/admin/ui/envers/PrincipalEnhancingRevisionListener.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
package edu.internet2.tier.shibboleth.admin.ui.envers;

import org.hibernate.envers.RevisionListener;

import static edu.internet2.tier.shibboleth.admin.ui.security.springsecurity.PrincipalAccessor.currentPrincipalIfLoggedIn;

/**
* Implementation of envers revision listener to enhance revision entity with authenticated principal username.
*/
public class PrincipalEnhancingRevisionListener implements RevisionListener {

private static final String ANONYMOUS = "anonymous";

@Override
public void newRevision(Object revisionEntity) {
PrincipalAwareRevisionEntity rev = (PrincipalAwareRevisionEntity) revisionEntity;
String user = currentPrincipalIfLoggedIn().orElse(ANONYMOUS);
rev.setPrincipalUserName(user);
}
}
21 changes: 21 additions & 0 deletions ...ava/edu/internet2/tier/shibboleth/admin/ui/security/springsecurity/PrincipalAccessor.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
package edu.internet2.tier.shibboleth.admin.ui.security.springsecurity;

import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

import java.util.Optional;

public final class PrincipalAccessor {

//Non-instantiable utility class
private PrincipalAccessor() {
}

public static Optional<String> currentPrincipalIfLoggedIn() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication == null) {
return Optional.empty();
}
return Optional.of(authentication.getName());
}
}
10 changes: 8 additions & 2 deletions ...boleth/admin/ui/repository/envers/MetadataResolverEntityBasicEnversVersioningTests.groovy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,13 @@ class MetadataResolverEntityBasicEnversVersioningTests extends Specification {
def metadataResolverHistory = resolverHistory()

then:
metadataResolverHistory
metadataResolverHistory.size() == 1

when:
def rev = metadataResolverHistory[0]

then:
rev[1].principalUserName == 'anonymous'

when:
mdr.name = 'Updated'
Expand All @@ -59,7 +65,7 @@ class MetadataResolverEntityBasicEnversVersioningTests extends Specification {
metadataResolverHistory = resolverHistory()

then:
metadataResolverHistory
metadataResolverHistory.size == 2
}

private resolverHistory() {
Expand Down

0 comments on commit f151bed

Please sign in to comment.