added routes to explore web socket security (#2602)

* added simple test-case

* ajax logout working now

* worked

* cleaned out

* removed println

Dockerfile

@@ -1,6 +1,6 @@
 # Apollo2.X
 FROM ubuntu:18.04
-MAINTAINER Nathan Dunn <nathandunn@lbl.gov>
+MAINTAINER Nathan Dunn GH @nathandunn
 ENV DEBIAN_FRONTEND noninteractive
 
 

apollo

@@ -189,7 +189,6 @@ function check_configs(){
 
     check_node
     check_java
-    check_grails
 }
 
 function copy_configs(){

grails-app/controllers/org/bbop/apollo/AnnotationEditorController.groovy

@@ -1275,12 +1275,17 @@ class AnnotationEditorController extends AbstractApolloController implements Ann
         JSONObject rootElement = (JSONObject) JSON.parse(inputString)
         rootElement.put(FeatureStringEnum.USERNAME.value, principal.name)
 
+
         String operation = ((JSONObject) rootElement).get(REST_OPERATION)
 
         String operationName = underscoreToCamelCase(operation)
         log.debug "operationName: ${operationName}"
         def p = task {
             switch (operationName) {
+                case "currentUser":
+                    User user = permissionService.getCurrentUser(rootElement)
+                    return user as JSON
+            // test case for websocket
                 case "ping":
                     return "pong"
                     break

grails-app/controllers/org/bbop/apollo/LoginController.groovy

@@ -25,7 +25,7 @@ class LoginController extends AbstractApolloController {
     def index() {}
 
 
-    def handleOperation(String track, String operation) {
+    def handleOperation(String operation) {
         JSONObject postObject = findPost()
         if(postObject?.containsKey(REST_OPERATION)){
             operation = postObject.get(REST_OPERATION)
@@ -200,8 +200,8 @@ class LoginController extends AbstractApolloController {
         log.debug "LOGOUT SESSION ${SecurityUtils?.subject?.getSession(false)?.id}"
         log.debug "logging out with params: ${params}"
         // have to retrive the username first
-        String username = SecurityUtils.subject.principal
-        log.debug "sending logout"
+        String username = SecurityUtils.subject.principal ?: params.username
+        log.debug "sending logout for username ${username}"
         sendLogout(username,params.get(FeatureStringEnum.CLIENT_TOKEN.value).toString())
         log.debug "sent logout"
         sleep(1000)