Example 1 with AdminRole
use of org.broadleafcommerce.openadmin.server.security.domain.AdminRole in project BroadleafCommerce by BroadleafCommerce.
the class AdminRoleDaoImpl method readAllAdminRoles.
@SuppressWarnings("unchecked")
public List<AdminRole> readAllAdminRoles() {
Query query = em.createNamedQuery("BC_READ_ALL_ADMIN_ROLES");
List<AdminRole> roles = query.getResultList();
return roles;
}Example 2 with AdminRole
use of org.broadleafcommerce.openadmin.server.security.domain.AdminRole in project BroadleafCommerce by BroadleafCommerce.
the class AdminSecurityServiceRemote method getAdminUser.
@Override
public org.broadleafcommerce.openadmin.server.security.remote.AdminUser getAdminUser() throws ServiceException {
AdminUser persistentAdminUser = getPersistentAdminUser();
if (persistentAdminUser != null) {
org.broadleafcommerce.openadmin.server.security.remote.AdminUser response = new org.broadleafcommerce.openadmin.server.security.remote.AdminUser();
for (AdminRole role : persistentAdminUser.getAllRoles()) {
response.getRoles().add(role.getName());
for (AdminPermission permission : role.getAllPermissions()) {
response.getPermissions().add(permission.getName());
}
}
for (AdminPermission permission : persistentAdminUser.getAllPermissions()) {
response.getPermissions().add(permission.getName());
}
response.setUserName(persistentAdminUser.getLogin());
response.setCurrentSandBoxId(String.valueOf(SandBoxContext.getSandBoxContext().getSandBoxId()));
response.setEmail(persistentAdminUser.getEmail());
response.setName(persistentAdminUser.getName());
response.setPhoneNumber(persistentAdminUser.getPhoneNumber());
response.setId(persistentAdminUser.getId());
return response;
}
return null;
}
Also used :
AdminPermission(org.broadleafcommerce.openadmin.server.security.domain.AdminPermission)
AdminUser(org.broadleafcommerce.openadmin.server.security.domain.AdminUser)
AdminRole(org.broadleafcommerce.openadmin.server.security.domain.AdminRole)
Example 3 with AdminRole
use of org.broadleafcommerce.openadmin.server.security.domain.AdminRole in project BroadleafCommerce by BroadleafCommerce.
the class AdminRoleTest method testAdminRoleSave.
@Test(groups = { "testAdminRoleSave" }, dataProvider = "setupAdminRole", dataProviderClass = AdminRoleDataProvider.class)
@Rollback(true)
public void testAdminRoleSave(AdminRole role) throws Exception {
AdminRole newRole = adminSecurityService.saveAdminRole(role);
AdminRole roleFromDB = adminSecurityService.readAdminRoleById(newRole.getId());
assert (roleFromDB != null);
}Example 4 with AdminRole
use of org.broadleafcommerce.openadmin.server.security.domain.AdminRole in project BroadleafCommerce by BroadleafCommerce.
the class AdminUserDetailsServiceImpl method buildDetails.
protected UserDetails buildDetails(String username, AdminUser adminUser) {
List<SimpleGrantedAuthority> authorities = new ArrayList<>();
for (AdminRole role : adminUser.getAllRoles()) {
authorities.add(new SimpleGrantedAuthority(role.getName()));
adminSecurityHelper.addAllPermissionsToAuthorities(authorities, role.getAllPermissions());
}
adminSecurityHelper.addAllPermissionsToAuthorities(authorities, adminUser.getAllPermissions());
for (String perm : AdminSecurityService.DEFAULT_PERMISSIONS) {
authorities.add(new SimpleGrantedAuthority(perm));
}
// Spring security expects everything to begin with ROLE_ for things like hasRole() expressions so this adds additional
// authorities with those mappings, as well as new ones with ROLE_ instead of PERMISSION_.
// At the end of this, given a permission set like:
// PERMISSION_ALL_PRODUCT
// The following authorities will appear in the final list to Spring security:
// PERMISSION_ALL_PRODUCT, ROLE_PERMISSION_ALL_PRODUCT, ROLE_ALL_PRODUCT
ListIterator<SimpleGrantedAuthority> it = authorities.listIterator();
while (it.hasNext()) {
SimpleGrantedAuthority auth = it.next();
if (auth.getAuthority().startsWith(LEGACY_ROLE_PREFIX)) {
it.add(new SimpleGrantedAuthority(DEFAULT_SPRING_SECURITY_ROLE_PREFIX + auth.getAuthority()));
it.add(new SimpleGrantedAuthority(auth.getAuthority().replaceAll(LEGACY_ROLE_PREFIX, DEFAULT_SPRING_SECURITY_ROLE_PREFIX)));
}
}
return new AdminUserDetails(adminUser.getId(), username, adminUser.getPassword(), true, true, true, true, authorities);
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
ArrayList(java.util.ArrayList)
AdminRole(org.broadleafcommerce.openadmin.server.security.domain.AdminRole)
Example 5 with AdminRole
use of org.broadleafcommerce.openadmin.server.security.domain.AdminRole in project BroadleafCommerce by BroadleafCommerce.
the class AdminUserProvisioningServiceImpl method extractAdminUserAuthorities.
/**
* Extracts the {@code SimpleGrantedAuthority}s for the given List of {@code AdminRole}s. In addition, this will handle
* populating the default roles. This method returns a Set in order to avoid the duplication between the permissions of different roles.
*
* @param parsedRoles a List of AdminRole
* @return a Set of unique authorities for the given roles
*/
protected Set<SimpleGrantedAuthority> extractAdminUserAuthorities(HashSet<AdminRole> parsedRoles) {
List<SimpleGrantedAuthority> adminUserAuthorities = new ArrayList<>();
for (String perm : AdminSecurityService.DEFAULT_PERMISSIONS) {
adminUserAuthorities.add(new SimpleGrantedAuthority(perm));
}
for (AdminRole role : parsedRoles) {
adminSecurityHelper.addAllPermissionsToAuthorities(adminUserAuthorities, role.getAllPermissions());
}
// Spring security expects everything to begin with ROLE_ for things like hasRole() expressions so this adds additional
// authorities with those mappings, as well as new ones with ROLE_ instead of PERMISSION_.
// At the end of this, given a permission set like:
// PERMISSION_ALL_PRODUCT
// The following authorities will appear in the final list to Spring security:
// PERMISSION_ALL_PRODUCT, ROLE_PERMISSION_ALL_PRODUCT, ROLE_ALL_PRODUCT
ListIterator<SimpleGrantedAuthority> it = adminUserAuthorities.listIterator();
while (it.hasNext()) {
SimpleGrantedAuthority auth = it.next();
if (auth.getAuthority().startsWith(AdminUserDetailsServiceImpl.LEGACY_ROLE_PREFIX)) {
it.add(new SimpleGrantedAuthority(AdminUserDetailsServiceImpl.DEFAULT_SPRING_SECURITY_ROLE_PREFIX + auth.getAuthority()));
it.add(new SimpleGrantedAuthority(auth.getAuthority().replaceAll(AdminUserDetailsServiceImpl.LEGACY_ROLE_PREFIX, AdminUserDetailsServiceImpl.DEFAULT_SPRING_SECURITY_ROLE_PREFIX)));
}
}
return new HashSet<>(adminUserAuthorities);
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
ArrayList(java.util.ArrayList)
AdminRole(org.broadleafcommerce.openadmin.server.security.domain.AdminRole)
HashSet(java.util.HashSet)
Aggregations
AdminRole (org.broadleafcommerce.openadmin.server.security.domain.AdminRole)9
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)3
ArrayList (java.util.ArrayList)2
HashSet (java.util.HashSet)2
AdminPermission (org.broadleafcommerce.openadmin.server.security.domain.AdminPermission)2
AdminUser (org.broadleafcommerce.openadmin.server.security.domain.AdminUser)2
HashMap (java.util.HashMap)1
Query (javax.persistence.Query)1
AdminRoleImpl (org.broadleafcommerce.openadmin.server.security.domain.AdminRoleImpl)1
AdminUserImpl (org.broadleafcommerce.openadmin.server.security.domain.AdminUserImpl)1
GrantedAuthority (org.springframework.security.core.GrantedAuthority)1
Rollback (org.springframework.test.annotation.Rollback)1
DataProvider (org.testng.annotations.DataProvider)1
Test (org.testng.annotations.Test)1
