use of io.vertigo.dynamo.criteria.Criteria in project vertigo by KleeGroup.
the class StoreAuthenticationPlugin method authenticateAccount.
/**
* {@inheritDoc}
*/
@Override
public Optional<String> authenticateAccount(final AuthenticationToken token) {
final Criteria criteriaByLogin = Criterions.isEqualTo(() -> userLoginField, token.getPrincipal());
final DtList<DtObject> results = storeManager.getDataStore().find(userCredentialDefinition, criteriaByLogin);
// may ensure, that valid or invalid login took the same time, so we don't assert no result here
Assertion.checkState(results.size() <= 1, "Too many matching credentials for {0}", token.getPrincipal());
final AuthenticationToken trustedAuthenticationToken;
if (token instanceof UsernamePasswordAuthenticationToken) {
if (results.isEmpty()) {
trustedAuthenticationToken = defaultUserTrustedCredential;
} else {
final String trustedEncodedPassword = (String) userCredentialDefinition.getField(userPasswordField).getDataAccessor().getValue(results.get(0));
trustedAuthenticationToken = new UsernamePasswordAuthenticationToken(token.getPrincipal(), trustedEncodedPassword);
}
} else {
if (results.isEmpty()) {
trustedAuthenticationToken = defaultUserTrustedCredential;
} else {
trustedAuthenticationToken = new UsernameAuthenticationToken(token.getPrincipal());
}
}
// may ensure, that valid or invalid login took the same time, so we don't assert no result here
if (// tokens match
token.match(trustedAuthenticationToken) && !results.isEmpty()) {
// and Username exists (after)
final String userTokenId = (String) userCredentialDefinition.getField(userTokenIdField).getDataAccessor().getValue(results.get(0));
return Optional.of(userTokenId);
}
return Optional.empty();
}
use of io.vertigo.dynamo.criteria.Criteria in project vertigo by KleeGroup.
the class AuthorizationManagerImpl method getCriteriaSecurity.
/**
* {@inheritDoc}
*/
@Override
public <K extends KeyConcept> Criteria<K> getCriteriaSecurity(final Class<K> keyConceptClass, final OperationName<K> operation) {
Assertion.checkNotNull(keyConceptClass);
Assertion.checkNotNull(operation);
// ---
final Optional<UserAuthorizations> userPermissionsOpt = getUserPermissionsOpt();
if (!userPermissionsOpt.isPresent()) {
// Si il n'y a pas de session alors pas d'autorisation.
return Criterions.alwaysFalse();
}
final UserAuthorizations userPermissions = userPermissionsOpt.get();
final DtDefinition dtDefinition = DtObjectUtil.findDtDefinition(keyConceptClass);
final SecuredEntity securedEntity = findSecuredEntity(dtDefinition);
final List<Criteria<K>> criterions = userPermissions.getEntityAuthorizations(dtDefinition).stream().filter(permission -> permission.getOperation().get().equals(operation.name()) || permission.getOverrides().contains(operation.name())).flatMap(permission -> permission.getRules().stream()).map(rule -> new CriteriaSecurityRuleTranslator<K>().on(securedEntity).withRule(rule).withCriteria(userPermissions.getSecurityKeys()).toCriteria()).collect(Collectors.toList());
if (criterions.isEmpty()) {
// Si il n'y a pas de droits alors pas d'autorisation.
return Criterions.alwaysFalse();
}
Criteria<K> securityCriteria = null;
for (final Criteria<K> ruleCriteria : criterions) {
if (securityCriteria == null) {
securityCriteria = ruleCriteria;
} else {
securityCriteria = securityCriteria.or(ruleCriteria);
}
}
return securityCriteria;
}
Aggregations