Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge remote-tracking branch 'origin/master' into gui-devel
- Loading branch information
Showing
4 changed files
with
489 additions
and
70 deletions.
There are no files selected for viewing
119 changes: 119 additions & 0 deletions
119
...common/src/main/java/com/evolveum/midpoint/model/common/util/AbstractModelWebService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,119 @@ | ||
/** | ||
* Copyright (c) 2014 Evolveum | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
package com.evolveum.midpoint.model.common.util; | ||
|
||
import org.springframework.beans.factory.annotation.Autowired; | ||
import org.springframework.security.core.Authentication; | ||
import org.springframework.security.core.context.SecurityContextHolder; | ||
|
||
import com.evolveum.midpoint.audit.api.AuditEventRecord; | ||
import com.evolveum.midpoint.audit.api.AuditEventStage; | ||
import com.evolveum.midpoint.audit.api.AuditEventType; | ||
import com.evolveum.midpoint.audit.api.AuditService; | ||
import com.evolveum.midpoint.model.api.ModelService; | ||
import com.evolveum.midpoint.prism.PrismContext; | ||
import com.evolveum.midpoint.prism.PrismObject; | ||
import com.evolveum.midpoint.schema.constants.SchemaConstants; | ||
import com.evolveum.midpoint.schema.result.OperationResultStatus; | ||
import com.evolveum.midpoint.security.api.MidPointPrincipal; | ||
import com.evolveum.midpoint.task.api.Task; | ||
import com.evolveum.midpoint.task.api.TaskManager; | ||
import com.evolveum.midpoint.util.exception.SystemException; | ||
import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType; | ||
import com.evolveum.prism.xml.ns._public.types_3.PolyStringType; | ||
|
||
/** | ||
* Abstract superclass that provides methods common to all web service implementations that | ||
* use ModelService. | ||
* | ||
* @author Radovan Semancik | ||
* | ||
*/ | ||
public abstract class AbstractModelWebService { | ||
|
||
@Autowired(required = true) | ||
protected ModelService modelService; | ||
|
||
@Autowired(required = true) | ||
protected TaskManager taskManager; | ||
|
||
@Autowired(required = true) | ||
protected AuditService auditService; | ||
|
||
@Autowired(required = true) | ||
protected PrismContext prismContext; | ||
|
||
protected void setTaskOwner(Task task) { | ||
Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); | ||
if (authentication == null) { | ||
throw new SystemException("Failed to get authentication object"); | ||
} | ||
UserType userType = (UserType) ((MidPointPrincipal)(SecurityContextHolder.getContext().getAuthentication().getPrincipal())).getUser(); | ||
if (userType == null) { | ||
throw new SystemException("Failed to get user from authentication object"); | ||
} | ||
task.setOwner(userType.asPrismObject()); | ||
} | ||
|
||
protected Task createTaskInstance(String operationName) { | ||
// TODO: better task initialization | ||
Task task = taskManager.createTaskInstance(operationName); | ||
setTaskOwner(task); | ||
task.setChannel(SchemaConstants.CHANNEL_WEB_SERVICE_URI); | ||
return task; | ||
} | ||
|
||
protected void auditLogin(Task task) { | ||
AuditEventRecord record = new AuditEventRecord(AuditEventType.CREATE_SESSION, AuditEventStage.REQUEST); | ||
PrismObject<UserType> owner = task.getOwner(); | ||
if (owner != null) { | ||
record.setInitiator(owner); | ||
PolyStringType name = owner.asObjectable().getName(); | ||
if (name != null) { | ||
record.setParameter(name.getOrig()); | ||
} | ||
} | ||
|
||
record.setChannel(SchemaConstants.CHANNEL_WEB_SERVICE_URI); | ||
record.setTimestamp(System.currentTimeMillis()); | ||
record.setSessionIdentifier(task.getTaskIdentifier()); | ||
|
||
record.setOutcome(OperationResultStatus.SUCCESS); | ||
|
||
auditService.audit(record, task); | ||
} | ||
|
||
protected void auditLogout(Task task) { | ||
AuditEventRecord record = new AuditEventRecord(AuditEventType.TERMINATE_SESSION, AuditEventStage.REQUEST); | ||
PrismObject<UserType> owner = task.getOwner(); | ||
if (owner != null) { | ||
record.setInitiator(owner); | ||
PolyStringType name = owner.asObjectable().getName(); | ||
if (name != null) { | ||
record.setParameter(name.getOrig()); | ||
} | ||
} | ||
|
||
record.setChannel(SchemaConstants.CHANNEL_WEB_SERVICE_URI); | ||
record.setTimestamp(System.currentTimeMillis()); | ||
record.setSessionIdentifier(task.getTaskIdentifier()); | ||
|
||
record.setOutcome(OperationResultStatus.SUCCESS); | ||
|
||
auditService.audit(record, task); | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,97 @@ | ||
# | ||
# Copyright (c) 2014 Evolveum | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
# | ||
|
||
# | ||
# This is an import LDIF file intended to create a some structure | ||
# for "example" organization including few users. It is used as an example. | ||
# | ||
# This sample is intended for Novell/NetIQ eDirectory | ||
# it assumes context "example" which translates to LDAP as "o=example" | ||
# | ||
|
||
dn: ou=People,o=example | ||
objectclass: top | ||
objectclass: organizationalunit | ||
ou: People | ||
|
||
dn: uid=cptjack,ou=People,o=example | ||
cn: cpt. Jack Sparrow | ||
sn: Sparrow | ||
givenname: Jack | ||
objectclass: top | ||
objectclass: person | ||
objectclass: organizationalPerson | ||
objectclass: inetOrgPerson | ||
ou: Operations | ||
ou: People | ||
l: Caribbean | ||
uid: cptjack | ||
mail: jack@example.com | ||
telephonenumber: +421 910 123456 | ||
facsimiletelephonenumber: +1 408 555 1111 | ||
roomnumber: 666 | ||
userpassword: d3adM3nT3llN0Tal3s | ||
|
||
dn: uid=will,ou=People,o=example | ||
cn: Will Turner | ||
sn: Turner | ||
givenname: William | ||
objectclass: top | ||
objectclass: person | ||
objectclass: organizationalPerson | ||
objectclass: inetOrgPerson | ||
ou: Operations | ||
ou: People | ||
l: Caribbean | ||
uid: will | ||
mail: will@example.com | ||
telephonenumber: +421 910 654321 | ||
facsimiletelephonenumber: +1 408 555 1111 | ||
roomnumber: 555 | ||
userpassword: elizAb3th | ||
|
||
dn: uid=barbossa,ou=People,o=example | ||
cn: Hector Barbossa | ||
sn: Barbossa | ||
givenname: Hector | ||
objectclass: top | ||
objectclass: person | ||
objectclass: organizationalPerson | ||
objectclass: inetOrgPerson | ||
ou: Operations | ||
ou: People | ||
l: Caribbean | ||
uid: barbossa | ||
mail: captain.barbossa@example.com | ||
telephonenumber: +421 910 382734 | ||
facsimiletelephonenumber: +1 408 555 1111 | ||
roomnumber: 111 | ||
userpassword: jack | ||
|
||
dn: ou=Groups,o=example | ||
objectclass: top | ||
objectclass: organizationalunit | ||
ou: Groups | ||
|
||
dn: cn=Pirates,ou=groups,o=example | ||
objectclass: top | ||
objectclass: groupOfNames | ||
cn: Pirates | ||
ou: groups | ||
member: uid=cptjack,ou=People,o=example | ||
member: uid=will,ou=People,o=example | ||
description: Arrrrr! | ||
|
Oops, something went wrong.