Example 1 with UserService
use of org.eclipse.kapua.service.user.UserService in project kapua by eclipse.
the class KapuaAuthenticatingRealm method doGetAuthenticationInfo.
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
//
// Extract credentials
UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
String tokenUsername = token.getUsername();
// char[] tokenPassword = token.getPassword();
//
// Get Services
KapuaLocator locator;
UserService userService;
AccountService accountService;
CredentialService credentialService;
try {
locator = KapuaLocator.getInstance();
userService = locator.getService(UserService.class);
accountService = locator.getService(AccountService.class);
credentialService = locator.getService(CredentialService.class);
} catch (KapuaRuntimeException kre) {
throw new ShiroException("Error while getting services!", kre);
}
//
// Get the associated user by name
final User user;
try {
user = KapuaSecurityUtils.doPriviledge(new Callable<User>() {
@Override
public User call() throws Exception {
return userService.findByName(tokenUsername);
}
});
} catch (Exception e) {
// to preserve the original exception message (if possible)
if (e instanceof AuthenticationException) {
throw (AuthenticationException) e;
} else {
throw new ShiroException("Error while find user!", e);
}
}
// Check existence
if (user == null) {
throw new UnknownAccountException();
}
// Check disabled
if (UserStatus.DISABLED.equals(user.getStatus())) {
throw new DisabledAccountException();
}
//
// Find account
final Account account;
try {
account = KapuaSecurityUtils.doPriviledge(new Callable<Account>() {
@Override
public Account call() throws Exception {
return accountService.find(user.getScopeId());
}
});
} catch (Exception e) {
// to preserve the original exception message (if possible)
if (e instanceof AuthenticationException) {
throw (AuthenticationException) e;
} else {
throw new ShiroException("Error while find account!", e);
}
}
// Check existence
if (account == null) {
throw new UnknownAccountException();
}
//
// Find credentials
// FIXME: manage multiple credentials and multiple credentials type
Credential credential = null;
try {
credential = KapuaSecurityUtils.doPriviledge(new Callable<Credential>() {
@Override
public Credential call() throws Exception {
CredentialListResult credentialList = credentialService.findByUserId(user.getScopeId(), user.getId());
// TODO may be better to filter by credential type?
if (credentialList != null && !credentialList.isEmpty()) {
return credentialList.getItem(0);
} else {
throw new UnknownAccountException();
}
}
});
} catch (Exception e) {
if (e instanceof AuthenticationException) {
throw (AuthenticationException) e;
} else {
throw new ShiroException("Error while find credentials!", e);
}
}
//
// BuildAuthenticationInfo8
KapuaSimpleAuthenticationInfo info = new KapuaSimpleAuthenticationInfo(user, credential, account, getName());
return info;
}
Also used :
DisabledAccountException(org.apache.shiro.authc.DisabledAccountException)
KapuaLocator(org.eclipse.kapua.locator.KapuaLocator)
Account(org.eclipse.kapua.service.account.Account)
Credential(org.eclipse.kapua.service.authentication.credential.Credential)
User(org.eclipse.kapua.service.user.User)
UserService(org.eclipse.kapua.service.user.UserService)
AuthenticationException(org.apache.shiro.authc.AuthenticationException)
KapuaRuntimeException(org.eclipse.kapua.KapuaRuntimeException)
UnknownAccountException(org.apache.shiro.authc.UnknownAccountException)
Callable(java.util.concurrent.Callable)
ShiroException(org.apache.shiro.ShiroException)
DisabledAccountException(org.apache.shiro.authc.DisabledAccountException)
KapuaRuntimeException(org.eclipse.kapua.KapuaRuntimeException)
AuthenticationException(org.apache.shiro.authc.AuthenticationException)
UnknownAccountException(org.apache.shiro.authc.UnknownAccountException)
KapuaException(org.eclipse.kapua.KapuaException)
UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)
ShiroException(org.apache.shiro.ShiroException)
KapuaSimpleAuthenticationInfo(org.eclipse.kapua.service.authentication.shiro.credential.KapuaSimpleAuthenticationInfo)
CredentialService(org.eclipse.kapua.service.authentication.credential.CredentialService)
CredentialListResult(org.eclipse.kapua.service.authentication.credential.CredentialListResult)
AccountService(org.eclipse.kapua.service.account.AccountService)
Example 2 with UserService
use of org.eclipse.kapua.service.user.UserService in project kapua by eclipse.
the class KapuaAuthorizingRealm method doGetAuthorizationInfo.
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) throws AuthenticationException {
//
// Extract principal
String username = (String) principals.getPrimaryPrincipal();
logger.debug("Getting authorization info for: {}", username);
//
// Get Services
KapuaLocator locator = KapuaLocator.getInstance();
UserService userService = locator.getService(UserService.class);
UserPermissionService userPermissionService = locator.getService(UserPermissionService.class);
UserPermissionFactory userPermissionFactory = locator.getFactory(UserPermissionFactory.class);
PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
//
// Get the associated user by name
final User user;
try {
user = KapuaSecurityUtils.doPriviledge(new Callable<User>() {
@Override
public User call() throws Exception {
return userService.findByName(username);
}
});
} catch (Exception e) {
// to preserve the original exception message (if possible)
if (e instanceof AuthenticationException) {
throw (AuthenticationException) e;
} else {
throw new ShiroException("Error while find user!", e);
}
}
// Check existence
if (user == null) {
throw new UnknownAccountException();
}
//
// Get user permissions set
UserPermissionQuery query = userPermissionFactory.newQuery(user.getScopeId());
KapuaPredicate predicate = new AttributePredicate<KapuaId>(UserPermissionPredicates.USER_ID, user.getId());
query.setPredicate(predicate);
final KapuaListResult<UserPermission> userPermissions;
try {
userPermissions = KapuaSecurityUtils.doPriviledge(new Callable<KapuaListResult<UserPermission>>() {
@Override
public KapuaListResult<UserPermission> call() throws Exception {
return userPermissionService.query(query);
}
});
} catch (Exception e) {
// to preserve the original exception message (if possible)
if (e instanceof AuthenticationException) {
throw (AuthenticationException) e;
} else {
throw new ShiroException("Error while find permissions!", e);
}
}
//
// Create SimpleAuthorizationInfo with principals permissions
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
for (UserPermission userPermission : userPermissions.getItems()) {
Permission p = permissionFactory.newPermission(userPermission.getPermission().getDomain(), userPermission.getPermission().getAction(), userPermission.getPermission().getTargetScopeId());
logger.trace("Username: {} has permission: {}", username, p);
info.addStringPermission(p.toString());
}
return info;
}
Also used :
KapuaLocator(org.eclipse.kapua.locator.KapuaLocator)
User(org.eclipse.kapua.service.user.User)
SimpleAuthorizationInfo(org.apache.shiro.authz.SimpleAuthorizationInfo)
UserService(org.eclipse.kapua.service.user.UserService)
AuthenticationException(org.apache.shiro.authc.AuthenticationException)
PermissionFactory(org.eclipse.kapua.service.authorization.permission.PermissionFactory)
UserPermissionFactory(org.eclipse.kapua.service.authorization.user.permission.UserPermissionFactory)
UnknownAccountException(org.apache.shiro.authc.UnknownAccountException)
Callable(java.util.concurrent.Callable)
ShiroException(org.apache.shiro.ShiroException)
AuthenticationException(org.apache.shiro.authc.AuthenticationException)
UnknownAccountException(org.apache.shiro.authc.UnknownAccountException)
KapuaException(org.eclipse.kapua.KapuaException)
AttributePredicate(org.eclipse.kapua.commons.model.query.predicate.AttributePredicate)
ShiroException(org.apache.shiro.ShiroException)
UserPermissionQuery(org.eclipse.kapua.service.authorization.user.permission.UserPermissionQuery)
UserPermission(org.eclipse.kapua.service.authorization.user.permission.UserPermission)
Permission(org.eclipse.kapua.service.authorization.permission.Permission)
UserPermissionService(org.eclipse.kapua.service.authorization.user.permission.UserPermissionService)
UserPermissionFactory(org.eclipse.kapua.service.authorization.user.permission.UserPermissionFactory)
KapuaPredicate(org.eclipse.kapua.model.query.predicate.KapuaPredicate)
UserPermission(org.eclipse.kapua.service.authorization.user.permission.UserPermission)
Example 3 with UserService
use of org.eclipse.kapua.service.user.UserService in project kapua by eclipse.
the class UserServiceTest method testCreate.
/**
* We should ignore this test until we have build fixed.
*/
@Test
public void testCreate() throws Exception {
// prepare the UserCreator
long now = (new Date()).getTime();
String username = MessageFormat.format("aaa_test_username_{0,number,#}", now);
String userEmail = MessageFormat.format("testuser_{0,number,#}@organization.com", now);
String displayName = MessageFormat.format("User Display Name {0}", now);
// KapuaPeid accountPeid = KapuaEidGenerator.generate();//
KapuaLocator locator = KapuaLocator.getInstance();
IdGeneratorService idGeneratorService = locator.getService(IdGeneratorService.class);
KapuaId scopeId = idGeneratorService.generate();
KapuaLocator serviceLocator = KapuaLocator.getInstance();
UserFactory kapuaEntityCreatorFactory = serviceLocator.getFactory(UserFactory.class);
UserCreator userCreator = kapuaEntityCreatorFactory.newCreator(scopeId, username);
userCreator.setDisplayName(displayName);
userCreator.setEmail(userEmail);
userCreator.setPhoneNumber("+1 555 123 4567");
// create the User
UserService userService = serviceLocator.getService(UserService.class);
User user = userService.create(userCreator);
user = userService.find(user.getScopeId(), user.getId());
//
// User asserts
assertNotNull(user.getId());
assertNotNull(user.getId().getId());
assertTrue(user.getOptlock() >= 0);
assertEquals(scopeId, user.getScopeId());
assertEquals(userCreator.getName(), user.getName());
assertNotNull(user.getCreatedOn());
assertNotNull(user.getCreatedBy());
assertNotNull(user.getModifiedOn());
assertNotNull(user.getModifiedBy());
assertEquals(userCreator.getDisplayName(), user.getDisplayName());
assertEquals(userCreator.getEmail(), user.getEmail());
assertEquals(userCreator.getPhoneNumber(), user.getPhoneNumber());
assertEquals(UserStatus.ENABLED, user.getStatus());
}
Also used :
KapuaLocator(org.eclipse.kapua.locator.KapuaLocator)
User(org.eclipse.kapua.service.user.User)
UserService(org.eclipse.kapua.service.user.UserService)
UserFactory(org.eclipse.kapua.service.user.UserFactory)
KapuaId(org.eclipse.kapua.model.id.KapuaId)
UserCreator(org.eclipse.kapua.service.user.UserCreator)
IdGeneratorService(org.eclipse.kapua.service.generator.id.IdGeneratorService)
Date(java.util.Date)
Test(org.junit.Test)
Example 4 with UserService
use of org.eclipse.kapua.service.user.UserService in project kapua by eclipse.
the class AuthenticationServiceMock method login.
@Override
public AccessToken login(AuthenticationCredentials authenticationToken) throws KapuaException {
if (!(authenticationToken instanceof UsernamePasswordTokenMock))
throw KapuaException.internalError("Unmanaged credentials type");
UsernamePasswordTokenMock usrPwdTokenMock = (UsernamePasswordTokenMock) authenticationToken;
KapuaLocator serviceLocator = KapuaLocator.getInstance();
UserService userService = serviceLocator.getService(UserService.class);
User user = userService.findByName(usrPwdTokenMock.getUsername());
KapuaSession kapuaSession = new KapuaSession(null, null, user.getScopeId(), user.getId(), user.getName());
KapuaSecurityUtils.setSession(kapuaSession);
// TODO Auto-generated method stub
return null;
}
Also used :
KapuaLocator(org.eclipse.kapua.locator.KapuaLocator)
User(org.eclipse.kapua.service.user.User)
UserService(org.eclipse.kapua.service.user.UserService)
KapuaSession(org.eclipse.kapua.commons.security.KapuaSession)
Example 5 with UserService
use of org.eclipse.kapua.service.user.UserService in project kapua by eclipse.
the class GwtAuthorizationServiceImpl method establishSession.
private GwtSession establishSession() throws KapuaException {
KapuaLocator locator = KapuaLocator.getInstance();
//
// Get info from session
KapuaSession kapuaSession = KapuaSecurityUtils.getSession();
//
// Get user info
UserService userService = locator.getService(UserService.class);
User user = userService.find(kapuaSession.getScopeId(), kapuaSession.getUserId());
//
// Get permission info
AuthorizationService authorizationService = locator.getService(AuthorizationService.class);
PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
boolean hasAccountCreate = authorizationService.isPermitted(permissionFactory.newPermission(AccountDomain.ACCOUNT, Actions.write, kapuaSession.getScopeId()));
boolean hasAccountRead = authorizationService.isPermitted(permissionFactory.newPermission(AccountDomain.ACCOUNT, Actions.read, kapuaSession.getScopeId()));
boolean hasAccountUpdate = authorizationService.isPermitted(permissionFactory.newPermission(AccountDomain.ACCOUNT, Actions.write, kapuaSession.getScopeId()));
boolean hasAccountDelete = authorizationService.isPermitted(permissionFactory.newPermission(AccountDomain.ACCOUNT, Actions.delete, kapuaSession.getScopeId()));
boolean hasAccountAll = authorizationService.isPermitted(permissionFactory.newPermission(AccountDomain.ACCOUNT, null, null));
boolean hasDeviceCreate = authorizationService.isPermitted(permissionFactory.newPermission(DeviceDomain.DEVICE, Actions.write, kapuaSession.getScopeId()));
boolean hasDeviceRead = authorizationService.isPermitted(permissionFactory.newPermission(DeviceDomain.DEVICE, Actions.read, kapuaSession.getScopeId()));
boolean hasDeviceUpdate = authorizationService.isPermitted(permissionFactory.newPermission(DeviceDomain.DEVICE, Actions.write, kapuaSession.getScopeId()));
boolean hasDeviceDelete = authorizationService.isPermitted(permissionFactory.newPermission(DeviceDomain.DEVICE, Actions.delete, kapuaSession.getScopeId()));
boolean hasDeviceManage = authorizationService.isPermitted(permissionFactory.newPermission(DeviceLifecycleDomain.DEVICE_LIFECYCLE, Actions.write, kapuaSession.getScopeId()));
boolean hasDataRead = authorizationService.isPermitted(permissionFactory.newPermission("data", Actions.read, kapuaSession.getScopeId()));
boolean hasUserCreate = authorizationService.isPermitted(permissionFactory.newPermission("user", Actions.write, kapuaSession.getScopeId()));
boolean hasUserRead = authorizationService.isPermitted(permissionFactory.newPermission("user", Actions.read, kapuaSession.getScopeId()));
boolean hasUserUpdate = authorizationService.isPermitted(permissionFactory.newPermission("user", Actions.write, kapuaSession.getScopeId()));
boolean hasUserDelete = authorizationService.isPermitted(permissionFactory.newPermission("user", Actions.delete, kapuaSession.getScopeId()));
//
// Get account info
AccountService accountService = locator.getService(AccountService.class);
Account account = accountService.find(kapuaSession.getScopeId());
//
// Convert entities
GwtUser gwtUser = KapuaGwtConverter.convert(user);
GwtAccount gwtAccount = KapuaGwtConverter.convert(account);
//
// Build the session
GwtSession gwtSession = new GwtSession();
// Console info
SystemSetting commonsConfig = SystemSetting.getInstance();
gwtSession.setVersion(commonsConfig.getString(SystemSettingKey.VERSION));
gwtSession.setBuildVersion(commonsConfig.getString(SystemSettingKey.BUILD_VERSION));
gwtSession.setBuildNumber(commonsConfig.getString(SystemSettingKey.BUILD_NUMBER));
// User info
gwtSession.setGwtUser(gwtUser);
gwtSession.setGwtAccount(gwtAccount);
gwtSession.setRootAccount(gwtAccount);
gwtSession.setSelectedAccount(gwtAccount);
// Permission info
gwtSession.setAccountCreatePermission(hasAccountCreate);
gwtSession.setAccountReadPermission(hasAccountRead);
gwtSession.setAccountUpdatePermission(hasAccountUpdate);
gwtSession.setAccountDeletePermission(hasAccountDelete);
gwtSession.setAccountAllPermission(hasAccountAll);
gwtSession.setDeviceCreatePermission(hasDeviceCreate);
gwtSession.setDeviceReadPermission(hasDeviceRead);
gwtSession.setDeviceUpdatePermission(hasDeviceUpdate);
gwtSession.setDeviceDeletePermission(hasDeviceDelete);
gwtSession.setDeviceManagePermission(hasDeviceManage);
gwtSession.setDataReadPermission(hasDataRead);
gwtSession.setUserCreatePermission(hasUserCreate);
gwtSession.setUserReadPermission(hasUserRead);
gwtSession.setUserUpdatePermission(hasUserUpdate);
gwtSession.setUserDeletePermission(hasUserDelete);
return gwtSession;
}
Also used :
KapuaLocator(org.eclipse.kapua.locator.KapuaLocator)
Account(org.eclipse.kapua.service.account.Account)
GwtAccount(org.eclipse.kapua.app.console.shared.model.GwtAccount)
GwtUser(org.eclipse.kapua.app.console.shared.model.GwtUser)
User(org.eclipse.kapua.service.user.User)
UserService(org.eclipse.kapua.service.user.UserService)
KapuaSession(org.eclipse.kapua.commons.security.KapuaSession)
PermissionFactory(org.eclipse.kapua.service.authorization.permission.PermissionFactory)
GwtAccount(org.eclipse.kapua.app.console.shared.model.GwtAccount)
SystemSetting(org.eclipse.kapua.commons.setting.system.SystemSetting)
GwtSession(org.eclipse.kapua.app.console.shared.model.GwtSession)
GwtAuthorizationService(org.eclipse.kapua.app.console.shared.service.GwtAuthorizationService)
AuthorizationService(org.eclipse.kapua.service.authorization.AuthorizationService)
GwtUser(org.eclipse.kapua.app.console.shared.model.GwtUser)
AccountService(org.eclipse.kapua.service.account.AccountService)
Aggregations
UserService (org.eclipse.kapua.service.user.UserService)12
KapuaLocator (org.eclipse.kapua.locator.KapuaLocator)11
User (org.eclipse.kapua.service.user.User)11
GwtUser (org.eclipse.kapua.app.console.shared.model.GwtUser)7
KapuaId (org.eclipse.kapua.model.id.KapuaId)6
GwtUserService (org.eclipse.kapua.app.console.shared.service.GwtUserService)5
PermissionFactory (org.eclipse.kapua.service.authorization.permission.PermissionFactory)5
CredentialService (org.eclipse.kapua.service.authentication.credential.CredentialService)4
UserPermissionFactory (org.eclipse.kapua.service.authorization.user.permission.UserPermissionFactory)4
UserPermissionService (org.eclipse.kapua.service.authorization.user.permission.UserPermissionService)4
UserFactory (org.eclipse.kapua.service.user.UserFactory)4
KapuaSession (org.eclipse.kapua.commons.security.KapuaSession)3
CredentialCreator (org.eclipse.kapua.service.authentication.credential.CredentialCreator)3
CredentialFactory (org.eclipse.kapua.service.authentication.credential.CredentialFactory)3
Permission (org.eclipse.kapua.service.authorization.permission.Permission)3
Date (java.util.Date)2
HashSet (java.util.HashSet)2
Callable (java.util.concurrent.Callable)2
ShiroException (org.apache.shiro.ShiroException)2
AuthenticationException (org.apache.shiro.authc.AuthenticationException)2
