Example 56 with JaxbUser
use of org.opencastproject.security.api.JaxbUser in project opencast by opencast.
the class OpencastLdapAuthoritiesPopulator method getGrantedAuthorities.
@Override
public Collection<? extends GrantedAuthority> getGrantedAuthorities(DirContextOperations userData, String username) {
Set<GrantedAuthority> authorities = new HashSet<>();
for (String attributeName : attributeNames) {
try {
String[] attributeValues = userData.getStringAttributes(attributeName);
// Should the attribute not be defined, the returned array is null
if (attributeValues != null) {
for (String attributeValue : attributeValues) {
// The attribute value may be a single authority (a single role) or a list of roles
addAuthorities(authorities, attributeValue.split(","));
}
} else {
debug("({}) Could not find any attribute named '{}' in user '{}'", attributeName, userData.getDn());
}
} catch (ClassCastException e) {
error("Specified attribute containing user roles ('{}') was not of expected type String: {}", attributeName, e);
}
}
// Add the list of additional roles
addAuthorities(authorities, additionalAuthorities);
if (logger.isDebugEnabled()) {
debug("Returning user {} with authorities:", username);
for (GrantedAuthority authority : authorities) {
logger.error("\t{}", authority);
}
}
// Update the user in the security service if it matches the user whose authorities are being returned
if ((securityService.getOrganization().equals(organization)) && ((securityService.getUser() == null) || (securityService.getUser().getUsername().equals(username)))) {
Set<JaxbRole> roles = new HashSet<>();
// Get the current roles
for (Role existingRole : securityService.getUser().getRoles()) {
authorities.add(new SimpleGrantedAuthority(existingRole.getName()));
}
// Convert GrantedAuthority's into JaxbRole's
for (GrantedAuthority authority : authorities) roles.add(new JaxbRole(authority.getAuthority(), JaxbOrganization.fromOrganization(organization)));
JaxbUser user = new JaxbUser(username, LdapUserProviderInstance.PROVIDER_NAME, JaxbOrganization.fromOrganization(organization), roles.toArray(new JaxbRole[0]));
securityService.setUser(user);
}
return authorities;
}
Also used :
Role(org.opencastproject.security.api.Role)
JaxbRole(org.opencastproject.security.api.JaxbRole)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
JaxbRole(org.opencastproject.security.api.JaxbRole)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
JaxbUser(org.opencastproject.security.api.JaxbUser)
HashSet(java.util.HashSet)
Example 57 with JaxbUser
use of org.opencastproject.security.api.JaxbUser in project opencast by opencast.
the class SakaiUserProviderInstance method findUsers.
@Override
public Iterator<User> findUsers(String query, int offset, int limit) {
if (query == null)
throw new IllegalArgumentException("Query must be set");
if (query.endsWith("%")) {
query = query.substring(0, query.length() - 1);
}
if (query.isEmpty()) {
return Collections.emptyIterator();
}
// Verify if a user exists (non-wildcard searches only)
if (!verifySakaiUser(query)) {
return Collections.emptyIterator();
}
List<User> users = new LinkedList<User>();
JaxbOrganization jaxbOrganization = JaxbOrganization.fromOrganization(organization);
JaxbUser queryUser = new JaxbUser(query, PROVIDER_NAME, jaxbOrganization, new HashSet<JaxbRole>());
users.add(queryUser);
return users.iterator();
}
Also used :
User(org.opencastproject.security.api.User)
JaxbUser(org.opencastproject.security.api.JaxbUser)
JaxbRole(org.opencastproject.security.api.JaxbRole)
JaxbOrganization(org.opencastproject.security.api.JaxbOrganization)
JaxbUser(org.opencastproject.security.api.JaxbUser)
LinkedList(java.util.LinkedList)
Example 58 with JaxbUser
use of org.opencastproject.security.api.JaxbUser in project opencast by opencast.
the class InMemoryUserAndRoleProvider method createSystemUsers.
/**
* Creates the system digest user.
*/
private void createSystemUsers() {
for (Organization organization : orgDirectoryService.getOrganizations()) {
JaxbOrganization jaxbOrganization = JaxbOrganization.fromOrganization(organization);
// Create the digest auth user with a clear text password
Set<JaxbRole> roleList = new HashSet<JaxbRole>();
for (String roleName : SecurityConstants.GLOBAL_SYSTEM_ROLES) {
roleList.add(new JaxbRole(roleName, jaxbOrganization));
}
// Create the digest user
if (digestUsername != null && digestUserPass != null) {
logger.info("Creating the system digest user");
User digestUser = new JaxbUser(digestUsername, digestUserPass, DIGEST_USER_NAME, null, getName(), true, jaxbOrganization, roleList);
inMemoryUsers.add(digestUser);
}
}
}
Also used :
Organization(org.opencastproject.security.api.Organization)
JaxbOrganization(org.opencastproject.security.api.JaxbOrganization)
JaxbRole(org.opencastproject.security.api.JaxbRole)
User(org.opencastproject.security.api.User)
JaxbUser(org.opencastproject.security.api.JaxbUser)
JaxbOrganization(org.opencastproject.security.api.JaxbOrganization)
JaxbUser(org.opencastproject.security.api.JaxbUser)
HashSet(java.util.HashSet)
Example 59 with JaxbUser
use of org.opencastproject.security.api.JaxbUser in project opencast by opencast.
the class UserAndRoleDirectoryServiceImplTest method testUserMerge.
@Test
public void testUserMerge() throws Exception {
User mergedUser = directory.loadUser(userName);
Set<Role> roles = mergedUser.getRoles();
assertTrue(roles.contains(role1));
assertTrue(roles.contains(role2));
assertTrue(roles.contains(role3));
assertNotNull(mergedUser.getPassword());
assertEquals(org.getId(), mergedUser.getOrganization().getId());
assertEquals(userName, mergedUser.getUsername());
assertEquals("matterhorn,test", mergedUser.getProvider());
assertTrue(mergedUser.isManageable());
assertTrue(((JaxbUser) mergedUser).isManageable());
}Example 60 with JaxbUser
use of org.opencastproject.security.api.JaxbUser in project opencast by opencast.
the class SchedulerServiceImplTest method beforeClass.
@BeforeClass
public static void beforeClass() throws Exception {
wfProperties.put("test", "true");
wfProperties.put("clear", "all");
wfPropertiesUpdated.put("test", "false");
wfPropertiesUpdated.put("skip", "true");
SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
EasyMock.expect(securityService.getUser()).andReturn(new JaxbUser("admin", "provider", new DefaultOrganization(), new JaxbRole("admin", new DefaultOrganization(), "test"))).anyTimes();
EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
schedulerDatabase = new SchedulerServiceDatabaseImpl();
schedulerDatabase.setEntityManagerFactory(mkEntityManagerFactory(SchedulerServiceDatabaseImpl.PERSISTENCE_UNIT));
schedulerDatabase.setSecurityService(securityService);
schedulerDatabase.activate(null);
workspace = new UnitTestWorkspace();
MessageSender messageSender = EasyMock.createNiceMock(MessageSender.class);
final BaseMessage baseMessageMock = EasyMock.createNiceMock(BaseMessage.class);
MessageReceiver messageReceiver = EasyMock.createNiceMock(MessageReceiver.class);
EasyMock.expect(messageReceiver.receiveSerializable(EasyMock.anyString(), EasyMock.anyObject(MessageSender.DestinationType.class))).andStubReturn(new FutureTask<>(new Callable<Serializable>() {
@Override
public Serializable call() throws Exception {
return baseMessageMock;
}
}));
AuthorizationService authorizationService = EasyMock.createNiceMock(AuthorizationService.class);
acl = new AccessControlList(new AccessControlEntry("ROLE_ADMIN", "write", true), new AccessControlEntry("ROLE_ADMIN", "read", true), new AccessControlEntry("ROLE_USER", "read", true));
EasyMock.expect(authorizationService.getAcl(EasyMock.anyObject(MediaPackage.class), EasyMock.anyObject(AclScope.class))).andReturn(Option.some(acl)).anyTimes();
OrganizationDirectoryService orgDirectoryService = EasyMock.createNiceMock(OrganizationDirectoryService.class);
EasyMock.expect(orgDirectoryService.getOrganizations()).andReturn(Arrays.asList((Organization) new DefaultOrganization())).anyTimes();
EventCatalogUIAdapter episodeAdapter = EasyMock.createMock(EventCatalogUIAdapter.class);
EasyMock.expect(episodeAdapter.getFlavor()).andReturn(new MediaPackageElementFlavor("dublincore", "episode")).anyTimes();
EasyMock.expect(episodeAdapter.getOrganization()).andReturn(new DefaultOrganization().getId()).anyTimes();
EventCatalogUIAdapter extendedAdapter = EasyMock.createMock(EventCatalogUIAdapter.class);
EasyMock.expect(extendedAdapter.getFlavor()).andReturn(new MediaPackageElementFlavor("extended", "episode")).anyTimes();
EasyMock.expect(extendedAdapter.getOrganization()).andReturn(new DefaultOrganization().getId()).anyTimes();
BundleContext bundleContext = EasyMock.createNiceMock(BundleContext.class);
EasyMock.expect(bundleContext.getProperty(EasyMock.anyString())).andReturn("adminuser").anyTimes();
ComponentContext componentContext = EasyMock.createNiceMock(ComponentContext.class);
EasyMock.expect(componentContext.getBundleContext()).andReturn(bundleContext).anyTimes();
EasyMock.replay(messageSender, baseMessageMock, messageReceiver, authorizationService, securityService, extendedAdapter, episodeAdapter, orgDirectoryService, componentContext, bundleContext);
testConflictHandler = new TestConflictHandler();
schedSvc = new SchedulerServiceImpl();
schedSvc.setAuthorizationService(authorizationService);
schedSvc.setSecurityService(securityService);
schedSvc.setPersistence(schedulerDatabase);
schedSvc.setWorkspace(workspace);
schedSvc.setMessageSender(messageSender);
schedSvc.setMessageReceiver(messageReceiver);
schedSvc.setConflictHandler(testConflictHandler);
schedSvc.addCatalogUIAdapter(episodeAdapter);
schedSvc.addCatalogUIAdapter(extendedAdapter);
schedSvc.setOrgDirectoryService(orgDirectoryService);
schedSvc.activate(componentContext);
}
Also used :
AccessControlList(org.opencastproject.security.api.AccessControlList)
ComponentContext(org.osgi.service.component.ComponentContext)
MessageSender(org.opencastproject.message.broker.api.MessageSender)
AccessControlEntry(org.opencastproject.security.api.AccessControlEntry)
JaxbUser(org.opencastproject.security.api.JaxbUser)
MediaPackageElementFlavor(org.opencastproject.mediapackage.MediaPackageElementFlavor)
Callable(java.util.concurrent.Callable)
JaxbRole(org.opencastproject.security.api.JaxbRole)
SchedulerServiceDatabaseImpl(org.opencastproject.scheduler.impl.persistence.SchedulerServiceDatabaseImpl)
BaseMessage(org.opencastproject.message.broker.api.BaseMessage)
MessageReceiver(org.opencastproject.message.broker.api.MessageReceiver)
AuthorizationService(org.opencastproject.security.api.AuthorizationService)
SecurityService(org.opencastproject.security.api.SecurityService)
EventCatalogUIAdapter(org.opencastproject.metadata.dublincore.EventCatalogUIAdapter)
DefaultOrganization(org.opencastproject.security.api.DefaultOrganization)
OrganizationDirectoryService(org.opencastproject.security.api.OrganizationDirectoryService)
BundleContext(org.osgi.framework.BundleContext)
BeforeClass(org.junit.BeforeClass)
Aggregations
JaxbUser (org.opencastproject.security.api.JaxbUser)63
JaxbRole (org.opencastproject.security.api.JaxbRole)54
User (org.opencastproject.security.api.User)47
DefaultOrganization (org.opencastproject.security.api.DefaultOrganization)46
SecurityService (org.opencastproject.security.api.SecurityService)44
Before (org.junit.Before)34
JaxbOrganization (org.opencastproject.security.api.JaxbOrganization)21
OrganizationDirectoryService (org.opencastproject.security.api.OrganizationDirectoryService)19
UserDirectoryService (org.opencastproject.security.api.UserDirectoryService)19
Test (org.junit.Test)15
Organization (org.opencastproject.security.api.Organization)15
Workspace (org.opencastproject.workspace.api.Workspace)15
HashSet (java.util.HashSet)14
URI (java.net.URI)12
BundleContext (org.osgi.framework.BundleContext)12
ComponentContext (org.osgi.service.component.ComponentContext)12
ServiceRegistryInMemoryImpl (org.opencastproject.serviceregistry.api.ServiceRegistryInMemoryImpl)11
File (java.io.File)10
Job (org.opencastproject.job.api.Job)8
InputStream (java.io.InputStream)7
