Search in sources :

Example 1 with UserService

use of org.craftercms.studio.api.v2.service.security.UserService in project studio by craftercms.

the class SecurityServiceImpl method getUserRoles.

@Override
@ValidateParams
public Set<String> getUserRoles(@ValidateStringParam(name = "site") final String site, @ValidateStringParam(name = "user") String user, boolean includeGlobal) {
    try {
        // TODO: We should replace this with userService.getUserSiteRoles, but that one is protected by permissions.
        // TODO: When the UserService is refactored to use UserServiceInternal, we could use that method and
        // TODO: remove this one
        List<Group> groups = userServiceInternal.getUserGroups(-1, user);
        if (groups != null && groups.size() > 0) {
            logger.debug("Groups for " + user + " in " + site + ": " + groups);
            PermissionsConfigTO rolesConfig = loadConfiguration(site, getRoleMappingsFileName());
            Set<String> userRoles = new HashSet<String>();
            if (rolesConfig != null) {
                Map<String, List<String>> rolesMap = rolesConfig.getRoles();
                for (Group group : groups) {
                    String groupName = group.getGroupName();
                    if (StringUtils.equals(groupName, SYSTEM_ADMIN_GROUP)) {
                        Collection<List<String>> mapValues = rolesMap.values();
                        mapValues.forEach(valueList -> {
                            userRoles.addAll(valueList);
                        });
                        break;
                    } else {
                        List<String> roles = rolesMap.get(groupName);
                        if (roles != null) {
                            userRoles.addAll(roles);
                        }
                    }
                }
            }
            if (includeGlobal) {
                PermissionsConfigTO globalRolesConfig = loadGlobalRolesConfiguration();
                addGlobalUserRoles(user, userRoles, globalRolesConfig);
                List<String> groupNames = groups.stream().map(x -> x.getGroupName()).collect(Collectors.toList());
                addGlobalGroupRoles(userRoles, groupNames, globalRolesConfig);
            }
            return userRoles;
        } else {
            logger.debug("No groups found for " + user + " in " + site);
        }
    } catch (ServiceLayerException | UserNotFoundException e) {
        logger.error("Error while getting groups for user {0}", e);
    }
    return new HashSet<>(0);
}
Also used : ValidateSecurePathParam(org.craftercms.commons.validation.annotations.param.ValidateSecurePathParam) UserServiceInternal(org.craftercms.studio.api.v2.service.security.internal.UserServiceInternal) ZonedDateTime(java.time.ZonedDateTime) SecretKeySpec(javax.crypto.spec.SecretKeySpec) StringUtils(org.apache.commons.lang3.StringUtils) User(org.craftercms.studio.api.v2.dal.User) UserDetailsManager(org.craftercms.studio.api.v1.service.security.UserDetailsManager) KEY_EXTERNALLY_MANAGED(org.craftercms.studio.api.v1.constant.SecurityConstants.KEY_EXTERNALLY_MANAGED) Map(java.util.Map) CONFIGURATION_SITE_ROLE_MAPPINGS_FILE_NAME(org.craftercms.studio.api.v2.utils.StudioConfiguration.CONFIGURATION_SITE_ROLE_MAPPINGS_FILE_NAME) ZoneOffset(java.time.ZoneOffset) CronJobContext(org.craftercms.studio.api.v1.job.CronJobContext) CONFIGURATION_GLOBAL_PERMISSION_MAPPINGS_FILE_NAME(org.craftercms.studio.api.v2.utils.StudioConfiguration.CONFIGURATION_GLOBAL_PERMISSION_MAPPINGS_FILE_NAME) MODULE_STUDIO(org.craftercms.studio.api.v1.constant.StudioConstants.MODULE_STUDIO) SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed) Set(java.util.Set) SiteService(org.craftercms.studio.api.v1.service.site.SiteService) JavaMailSender(org.springframework.mail.javamail.JavaMailSender) SECURITY_AUTHENTICATION_TYPE(org.craftercms.studio.api.v1.constant.StudioConstants.SECURITY_AUTHENTICATION_TYPE) KEY_EMAIL(org.craftercms.studio.api.v1.constant.SecurityConstants.KEY_EMAIL) StandardCharsets(java.nio.charset.StandardCharsets) ContentTypeConfigTO(org.craftercms.studio.api.v1.to.ContentTypeConfigTO) FILE_SEPARATOR(org.craftercms.studio.api.v1.constant.StudioConstants.FILE_SEPARATOR) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException) SECURITY_CIPHER_KEY(org.craftercms.studio.api.v2.utils.StudioConfiguration.SECURITY_CIPHER_KEY) InvalidKeyException(java.security.InvalidKeyException) KEY_LASTNAME(org.craftercms.studio.api.v1.constant.SecurityConstants.KEY_LASTNAME) SYSTEM_ADMIN_GROUP(org.craftercms.studio.api.v1.constant.StudioConstants.SYSTEM_ADMIN_GROUP) PasswordDoesNotMatchException(org.craftercms.studio.api.v1.exception.security.PasswordDoesNotMatchException) Document(org.dom4j.Document) SECURITY_TYPE(org.craftercms.studio.api.v2.utils.StudioConfiguration.SECURITY_TYPE) ADMIN_ROLE(org.craftercms.studio.api.v1.constant.StudioConstants.ADMIN_ROLE) CONFIGURATION_SITE_PERMISSION_MAPPINGS_FILE_NAME(org.craftercms.studio.api.v2.utils.StudioConfiguration.CONFIGURATION_SITE_PERMISSION_MAPPINGS_FILE_NAME) CollectionUtils(org.apache.commons.collections4.CollectionUtils) AuthenticationChain(org.craftercms.studio.api.v2.service.security.AuthenticationChain) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) ArrayList(java.util.ArrayList) SECURITY_CIPHER_ALGORITHM(org.craftercms.studio.api.v2.utils.StudioConfiguration.SECURITY_CIPHER_ALGORITHM) HttpServletRequest(javax.servlet.http.HttpServletRequest) IvParameterSpec(javax.crypto.spec.IvParameterSpec) ContentTypeService(org.craftercms.studio.api.v1.service.content.ContentTypeService) StringTokenizer(java.util.StringTokenizer) PermissionsConfigTO(org.craftercms.studio.api.v1.to.PermissionsConfigTO) RepositoryEventContext(org.craftercms.studio.api.v1.ebus.RepositoryEventContext) SECURITY_CIPHER_TYPE(org.craftercms.studio.api.v2.utils.StudioConfiguration.SECURITY_CIPHER_TYPE) UserExternallyManagedException(org.craftercms.studio.api.v1.exception.security.UserExternallyManagedException) ConfigurationService(org.craftercms.studio.api.v2.service.config.ConfigurationService) StudioConstants(org.craftercms.studio.api.v1.constant.StudioConstants) IOException(java.io.IOException) ObjectFactory(org.springframework.beans.factory.ObjectFactory) Group(org.craftercms.studio.api.v2.dal.Group) SecurityService(org.craftercms.studio.api.v1.service.security.SecurityService) SessionTokenUtils(org.craftercms.studio.impl.v1.util.SessionTokenUtils) MAIL_FROM_DEFAULT(org.craftercms.studio.api.v2.utils.StudioConfiguration.MAIL_FROM_DEFAULT) MAIL_SMTP_AUTH(org.craftercms.studio.api.v2.utils.StudioConfiguration.MAIL_SMTP_AUTH) ValidateStringParam(org.craftercms.commons.validation.annotations.param.ValidateStringParam) Node(org.dom4j.Node) FreeMarkerConfig(org.springframework.web.servlet.view.freemarker.FreeMarkerConfig) UserNotFoundException(org.craftercms.studio.api.v1.exception.security.UserNotFoundException) AuditServiceInternal(org.craftercms.studio.api.v2.service.audit.internal.AuditServiceInternal) ValidateParams(org.craftercms.commons.validation.annotations.param.ValidateParams) AuditLog(org.craftercms.studio.api.v2.dal.AuditLog) HTTP_SESSION_ATTRIBUTE_AUTHENTICATION(org.craftercms.studio.api.v1.constant.StudioConstants.HTTP_SESSION_ATTRIBUTE_AUTHENTICATION) HttpSession(javax.servlet.http.HttpSession) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) Collection(java.util.Collection) GroupService(org.craftercms.studio.api.v2.service.security.GroupService) CONFIGURATION_GLOBAL_SYSTEM_SITE(org.craftercms.studio.api.v2.utils.StudioConfiguration.CONFIGURATION_GLOBAL_SYSTEM_SITE) Collectors(java.util.stream.Collectors) SECURITY_SESSION_TIMEOUT(org.craftercms.studio.api.v2.utils.StudioConfiguration.SECURITY_SESSION_TIMEOUT) Base64(java.util.Base64) List(java.util.List) StudioConfiguration(org.craftercms.studio.api.v2.utils.StudioConfiguration) TARGET_TYPE_USER(org.craftercms.studio.api.v2.dal.AuditLogConstants.TARGET_TYPE_USER) RequestContext(org.craftercms.commons.http.RequestContext) Logger(org.craftercms.studio.api.v1.log.Logger) HashMap(java.util.HashMap) Cipher(javax.crypto.Cipher) HashSet(java.util.HashSet) DocumentException(org.dom4j.DocumentException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) LoggerFactory(org.craftercms.studio.api.v1.log.LoggerFactory) UserDetails(org.springframework.security.core.userdetails.UserDetails) StudioXmlConstants(org.craftercms.studio.api.v1.constant.StudioXmlConstants) MapUtils(org.apache.commons.collections4.MapUtils) ContentService(org.craftercms.studio.api.v1.service.content.ContentService) HttpServletResponse(javax.servlet.http.HttpServletResponse) CONFIGURATION_GLOBAL_ROLE_MAPPINGS_FILE_NAME(org.craftercms.studio.api.v2.utils.StudioConfiguration.CONFIGURATION_GLOBAL_ROLE_MAPPINGS_FILE_NAME) SiteNotFoundException(org.craftercms.studio.api.v1.exception.SiteNotFoundException) KEY_USERNAME(org.craftercms.studio.api.v1.constant.SecurityConstants.KEY_USERNAME) BadPaddingException(javax.crypto.BadPaddingException) OPERATION_LOGOUT(org.craftercms.studio.api.v2.dal.AuditLogConstants.OPERATION_LOGOUT) GeneralLockService(org.craftercms.studio.api.v1.service.GeneralLockService) CONFIGURATION_GLOBAL_CONFIG_BASE_PATH(org.craftercms.studio.api.v2.utils.StudioConfiguration.CONFIGURATION_GLOBAL_CONFIG_BASE_PATH) Element(org.dom4j.Element) KEY_FIRSTNAME(org.craftercms.studio.api.v1.constant.SecurityConstants.KEY_FIRSTNAME) Authentication(org.craftercms.studio.impl.v2.service.security.Authentication) CONFIGURATION_ENVIRONMENT_ACTIVE(org.craftercms.studio.api.v2.utils.StudioConfiguration.CONFIGURATION_ENVIRONMENT_ACTIVE) UserNotFoundException(org.craftercms.studio.api.v1.exception.security.UserNotFoundException) Group(org.craftercms.studio.api.v2.dal.Group) PermissionsConfigTO(org.craftercms.studio.api.v1.to.PermissionsConfigTO) ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException) ArrayList(java.util.ArrayList) List(java.util.List) HashSet(java.util.HashSet) ValidateParams(org.craftercms.commons.validation.annotations.param.ValidateParams)

Aggregations

IOException (java.io.IOException)1 StandardCharsets (java.nio.charset.StandardCharsets)1 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)1 InvalidKeyException (java.security.InvalidKeyException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 ZoneOffset (java.time.ZoneOffset)1 ZonedDateTime (java.time.ZonedDateTime)1 ArrayList (java.util.ArrayList)1 Base64 (java.util.Base64)1 Collection (java.util.Collection)1 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 List (java.util.List)1 Map (java.util.Map)1 Set (java.util.Set)1 StringTokenizer (java.util.StringTokenizer)1 Collectors (java.util.stream.Collectors)1 BadPaddingException (javax.crypto.BadPaddingException)1 Cipher (javax.crypto.Cipher)1 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)1