Search in sources :

Example 1 with AdminRole

use of org.broadleafcommerce.openadmin.server.security.domain.AdminRole in project BroadleafCommerce by BroadleafCommerce.

the class AdminRoleDaoImpl method readAllAdminRoles.

@SuppressWarnings("unchecked")
public List<AdminRole> readAllAdminRoles() {
    Query query = em.createNamedQuery("BC_READ_ALL_ADMIN_ROLES");
    List<AdminRole> roles = query.getResultList();
    return roles;
}
Also used : Query(javax.persistence.Query) AdminRole(org.broadleafcommerce.openadmin.server.security.domain.AdminRole)

Example 2 with AdminRole

use of org.broadleafcommerce.openadmin.server.security.domain.AdminRole in project BroadleafCommerce by BroadleafCommerce.

the class AdminSecurityServiceRemote method getAdminUser.

@Override
public org.broadleafcommerce.openadmin.server.security.remote.AdminUser getAdminUser() throws ServiceException {
    AdminUser persistentAdminUser = getPersistentAdminUser();
    if (persistentAdminUser != null) {
        org.broadleafcommerce.openadmin.server.security.remote.AdminUser response = new org.broadleafcommerce.openadmin.server.security.remote.AdminUser();
        for (AdminRole role : persistentAdminUser.getAllRoles()) {
            response.getRoles().add(role.getName());
            for (AdminPermission permission : role.getAllPermissions()) {
                response.getPermissions().add(permission.getName());
            }
        }
        for (AdminPermission permission : persistentAdminUser.getAllPermissions()) {
            response.getPermissions().add(permission.getName());
        }
        response.setUserName(persistentAdminUser.getLogin());
        response.setCurrentSandBoxId(String.valueOf(SandBoxContext.getSandBoxContext().getSandBoxId()));
        response.setEmail(persistentAdminUser.getEmail());
        response.setName(persistentAdminUser.getName());
        response.setPhoneNumber(persistentAdminUser.getPhoneNumber());
        response.setId(persistentAdminUser.getId());
        return response;
    }
    return null;
}
Also used : AdminPermission(org.broadleafcommerce.openadmin.server.security.domain.AdminPermission) AdminUser(org.broadleafcommerce.openadmin.server.security.domain.AdminUser) AdminRole(org.broadleafcommerce.openadmin.server.security.domain.AdminRole)

Example 3 with AdminRole

use of org.broadleafcommerce.openadmin.server.security.domain.AdminRole in project BroadleafCommerce by BroadleafCommerce.

the class AdminRoleTest method testAdminRoleSave.

@Test(groups = { "testAdminRoleSave" }, dataProvider = "setupAdminRole", dataProviderClass = AdminRoleDataProvider.class)
@Rollback(true)
public void testAdminRoleSave(AdminRole role) throws Exception {
    AdminRole newRole = adminSecurityService.saveAdminRole(role);
    AdminRole roleFromDB = adminSecurityService.readAdminRoleById(newRole.getId());
    assert (roleFromDB != null);
}
Also used : AdminRole(org.broadleafcommerce.openadmin.server.security.domain.AdminRole) Test(org.testng.annotations.Test) Rollback(org.springframework.test.annotation.Rollback)

Example 4 with AdminRole

use of org.broadleafcommerce.openadmin.server.security.domain.AdminRole in project BroadleafCommerce by BroadleafCommerce.

the class AdminUserDetailsServiceImpl method buildDetails.

protected UserDetails buildDetails(String username, AdminUser adminUser) {
    List<SimpleGrantedAuthority> authorities = new ArrayList<>();
    for (AdminRole role : adminUser.getAllRoles()) {
        authorities.add(new SimpleGrantedAuthority(role.getName()));
        adminSecurityHelper.addAllPermissionsToAuthorities(authorities, role.getAllPermissions());
    }
    adminSecurityHelper.addAllPermissionsToAuthorities(authorities, adminUser.getAllPermissions());
    for (String perm : AdminSecurityService.DEFAULT_PERMISSIONS) {
        authorities.add(new SimpleGrantedAuthority(perm));
    }
    // Spring security expects everything to begin with ROLE_ for things like hasRole() expressions so this adds additional
    // authorities with those mappings, as well as new ones with ROLE_ instead of PERMISSION_.
    // At the end of this, given a permission set like:
    // PERMISSION_ALL_PRODUCT
    // The following authorities will appear in the final list to Spring security:
    // PERMISSION_ALL_PRODUCT, ROLE_PERMISSION_ALL_PRODUCT, ROLE_ALL_PRODUCT
    ListIterator<SimpleGrantedAuthority> it = authorities.listIterator();
    while (it.hasNext()) {
        SimpleGrantedAuthority auth = it.next();
        if (auth.getAuthority().startsWith(LEGACY_ROLE_PREFIX)) {
            it.add(new SimpleGrantedAuthority(DEFAULT_SPRING_SECURITY_ROLE_PREFIX + auth.getAuthority()));
            it.add(new SimpleGrantedAuthority(auth.getAuthority().replaceAll(LEGACY_ROLE_PREFIX, DEFAULT_SPRING_SECURITY_ROLE_PREFIX)));
        }
    }
    return new AdminUserDetails(adminUser.getId(), username, adminUser.getPassword(), true, true, true, true, authorities);
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) ArrayList(java.util.ArrayList) AdminRole(org.broadleafcommerce.openadmin.server.security.domain.AdminRole)

Example 5 with AdminRole

use of org.broadleafcommerce.openadmin.server.security.domain.AdminRole in project BroadleafCommerce by BroadleafCommerce.

the class AdminUserProvisioningServiceImpl method extractAdminUserAuthorities.

/**
 * Extracts the {@code SimpleGrantedAuthority}s for the given List of {@code AdminRole}s. In addition, this will handle
 * populating the default roles. This method returns a Set in order to avoid the duplication between the permissions of different roles.
 *
 * @param parsedRoles a List of AdminRole
 * @return a Set of unique authorities for the given roles
 */
protected Set<SimpleGrantedAuthority> extractAdminUserAuthorities(HashSet<AdminRole> parsedRoles) {
    List<SimpleGrantedAuthority> adminUserAuthorities = new ArrayList<>();
    for (String perm : AdminSecurityService.DEFAULT_PERMISSIONS) {
        adminUserAuthorities.add(new SimpleGrantedAuthority(perm));
    }
    for (AdminRole role : parsedRoles) {
        adminSecurityHelper.addAllPermissionsToAuthorities(adminUserAuthorities, role.getAllPermissions());
    }
    // Spring security expects everything to begin with ROLE_ for things like hasRole() expressions so this adds additional
    // authorities with those mappings, as well as new ones with ROLE_ instead of PERMISSION_.
    // At the end of this, given a permission set like:
    // PERMISSION_ALL_PRODUCT
    // The following authorities will appear in the final list to Spring security:
    // PERMISSION_ALL_PRODUCT, ROLE_PERMISSION_ALL_PRODUCT, ROLE_ALL_PRODUCT
    ListIterator<SimpleGrantedAuthority> it = adminUserAuthorities.listIterator();
    while (it.hasNext()) {
        SimpleGrantedAuthority auth = it.next();
        if (auth.getAuthority().startsWith(AdminUserDetailsServiceImpl.LEGACY_ROLE_PREFIX)) {
            it.add(new SimpleGrantedAuthority(AdminUserDetailsServiceImpl.DEFAULT_SPRING_SECURITY_ROLE_PREFIX + auth.getAuthority()));
            it.add(new SimpleGrantedAuthority(auth.getAuthority().replaceAll(AdminUserDetailsServiceImpl.LEGACY_ROLE_PREFIX, AdminUserDetailsServiceImpl.DEFAULT_SPRING_SECURITY_ROLE_PREFIX)));
        }
    }
    return new HashSet<>(adminUserAuthorities);
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) ArrayList(java.util.ArrayList) AdminRole(org.broadleafcommerce.openadmin.server.security.domain.AdminRole) HashSet(java.util.HashSet)

Aggregations

AdminRole (org.broadleafcommerce.openadmin.server.security.domain.AdminRole)9 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)3 ArrayList (java.util.ArrayList)2 HashSet (java.util.HashSet)2 AdminPermission (org.broadleafcommerce.openadmin.server.security.domain.AdminPermission)2 AdminUser (org.broadleafcommerce.openadmin.server.security.domain.AdminUser)2 HashMap (java.util.HashMap)1 Query (javax.persistence.Query)1 AdminRoleImpl (org.broadleafcommerce.openadmin.server.security.domain.AdminRoleImpl)1 AdminUserImpl (org.broadleafcommerce.openadmin.server.security.domain.AdminUserImpl)1 GrantedAuthority (org.springframework.security.core.GrantedAuthority)1 Rollback (org.springframework.test.annotation.Rollback)1 DataProvider (org.testng.annotations.DataProvider)1 Test (org.testng.annotations.Test)1