Examples with UserDetails com.agiletec.aps.system.services.user.UserDetails used on opensource projects

Example 6 with UserDetails

use of com.agiletec.aps.system.services.user.UserDetails in project entando-core by entando.

the class SearcherTagHelper method executeSearch.

/**
 * Carica una lista di identificativi di contenuto in base ad una ricerca
 * effettuata in funzione ad una parila chiave specificata.
 * @param word La parola con cui effettuare la ricerca.
 * @param reqCtx Il contesto della richiesta.
 * @return La lista di identificativi di contenuto.
 * @throws ApsSystemException
 */
public List<String> executeSearch(String word, RequestContext reqCtx) throws ApsSystemException {
    List<String> result = new ArrayList<String>();
    if (null != word && word.trim().length() > 0) {
        UserDetails currentUser = (UserDetails) reqCtx.getRequest().getSession().getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER);
        ICmsSearchEngineManager searchEngine = (ICmsSearchEngineManager) ApsWebApplicationUtils.getBean(JacmsSystemConstants.SEARCH_ENGINE_MANAGER, reqCtx.getRequest());
        IAuthorizationManager authManager = (IAuthorizationManager) ApsWebApplicationUtils.getBean(SystemConstants.AUTHORIZATION_SERVICE, reqCtx.getRequest());
        List<Group> groups = authManager.getUserGroups(currentUser);
        Set<String> userGroups = new HashSet<String>();
        Iterator<Group> iter = groups.iterator();
        while (iter.hasNext()) {
            Group group = iter.next();
            userGroups.add(group.getName());
        }
        Lang currentLang = (Lang) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_LANG);
        result = searchEngine.searchEntityId(currentLang.getCode(), word, userGroups);
    }
    return result;
}

Example 7 with UserDetails

use of com.agiletec.aps.system.services.user.UserDetails in project entando-core by entando.

the class TokenEndpointServlet method validateClientWithAuthorizationCode.

private OAuthResponse validateClientWithAuthorizationCode(HttpServletRequest request) throws Throwable {
    try {
        final OAuthTokenRequest oauthRequest = new OAuthTokenRequest(request);
        IOAuthConsumerManager consumerManager = (IOAuthConsumerManager) ApsWebApplicationUtils.getBean(SystemConstants.OAUTH_CONSUMER_MANAGER, request);
        IApiOAuthorizationCodeManager codeManager = (IApiOAuthorizationCodeManager) ApsWebApplicationUtils.getBean(SystemConstants.OAUTH2_AUTHORIZATION_CODE_MANAGER, request);
        if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.AUTHORIZATION_CODE.toString()) || oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.REFRESH_TOKEN.toString())) {
            final String clientId = oauthRequest.getClientId();
            final String oauthType = GrantType.AUTHORIZATION_CODE.toString();
            final String authCode = oauthRequest.getParam(OAuth.OAUTH_CODE);
            final String clientSecret = oauthRequest.getClientSecret();
            boolean checkVerifyAccess = codeManager.verifyAccess(clientId, clientSecret, consumerManager);
            if (!checkVerifyAccess) {
                _logger.error(ERROR_AUTHENTICATION_FAILED);
                return null;
            } else if (!codeManager.verifyCode(authCode, request.getRemoteAddr())) {
                _logger.error("OAuth2 authcode does not match or the source of client is different");
                return null;
            }
            return this.registerToken(request, clientId, oauthType, null);
        } else if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.PASSWORD.toString())) {
            final String username = oauthRequest.getUsername();
            final String password = oauthRequest.getPassword();
            final String oauthType = GrantType.PASSWORD.toString();
            IUserManager userManager = (IUserManager) ApsWebApplicationUtils.getBean(SystemConstants.USER_MANAGER, request);
            UserDetails user = userManager.getUser(username, password);
            if (user == null) {
                _logger.error(ERROR_AUTHENTICATION_FAILED);
                return null;
            }
            return this.registerToken(request, username, oauthType, null);
        } else {
            return null;
        }
    } catch (OAuthSystemException e) {
        _logger.error("OAuthSystemException - {} ", e);
        return null;
    } catch (OAuthProblemException e) {
        _logger.error("OAuthProblemException - {} ", e.getError().concat(" ").concat(e.getDescription()));
        _logger.debug("OAuthProblemException - {} ", e);
        return null;
    }
}

Example 8 with UserDetails

use of com.agiletec.aps.system.services.user.UserDetails in project entando-core by entando.

the class BaseTestCase method getUser.

/**
 * Return a user (with his autority) by username.
 *
 * @param username The username
 * @param password The password
 * @return The required user.
 * @throws Exception In case of error.
 */
protected UserDetails getUser(String username, String password) throws Exception {
    IAuthenticationProviderManager provider = (IAuthenticationProviderManager) this.getService(SystemConstants.AUTHENTICATION_PROVIDER_MANAGER);
    IUserManager userManager = (IUserManager) this.getService(SystemConstants.USER_MANAGER);
    UserDetails user = null;
    if (username.equals(SystemConstants.GUEST_USER_NAME)) {
        user = userManager.getGuestUser();
    } else {
        user = provider.getUser(username, password);
    }
    return user;
}

Example 9 with UserDetails

use of com.agiletec.aps.system.services.user.UserDetails in project entando-core by entando.

the class TestAuthorizationManager method testCheckAdminUser.

public void testCheckAdminUser() throws Throwable {
    // nel database di test, username e password sono uguali
    UserDetails adminUser = this._authenticationProvider.getUser("admin", "admin");
    assertNotNull(adminUser);
    assertEquals("admin", adminUser.getUsername());
    assertEquals(1, adminUser.getAuthorizations().size());
    List<Group> groups = this._groupManager.getGroups();
    for (int i = 0; i < groups.size(); i++) {
        Group group = groups.get(i);
        boolean check = this._authorizationManager.isAuth(adminUser, group);
        assertTrue(check);
        check = this._authorizationManager.isAuthOnGroup(adminUser, group.getName());
        assertTrue(check);
    }
    List<Permission> permissions = new ArrayList<Permission>(this._roleManager.getPermissions());
    for (int i = 0; i < permissions.size(); i++) {
        Permission perm = permissions.get(i);
        boolean check = this._authorizationManager.isAuth(adminUser, perm);
        assertTrue(check);
        check = this._authorizationManager.isAuthOnPermission(adminUser, perm.getName());
        assertTrue(check);
    }
}

Example 10 with UserDetails

use of com.agiletec.aps.system.services.user.UserDetails in project entando-core by entando.

the class TestAuthorizationManager method testGroupsByPermission_2.

public void testGroupsByPermission_2() throws Throwable {
    int allGroupSize = this._groupManager.getGroups().size();
    String username = "admin";
    UserDetails user = this._authenticationProvider.getUser(username);
    List<Group> autorities = this._authorizationManager.getGroupsByPermission(user, Permission.MANAGE_PAGES);
    assertNotNull(autorities);
    assertEquals(allGroupSize, autorities.size());
    autorities = this._authorizationManager.getGroupsByPermission(user, Permission.SUPERUSER);
    assertNotNull(autorities);
    assertEquals(allGroupSize, autorities.size());
    autorities = this._authorizationManager.getGroupsByPermission(user, "wrong_permission");
    assertNotNull(autorities);
    assertEquals(allGroupSize, autorities.size());
}