From 0f45542cc9701aba2bdaa3ee3602b203821f4a21 Mon Sep 17 00:00:00 2001
From: David Estes <davydotcom@gmail.com>
Date: Wed, 29 Jan 2014 09:16:08 -0500
Subject: [PATCH] Added security bridge implementation

---
 .gitignore                                    |  3 +
 README.md                                     |  8 ++
 .../SharedSecurityService.groovy              |  4 +-
 src/docs/guide/configuration.gdoc             | 85 +++++++++++++++++++
 src/docs/guide/introduction.gdoc              |  3 +
 src/docs/guide/toc.yml                        |  3 +
 src/docs/guide/usage.gdoc                     | 16 ++++
 7 files changed, 120 insertions(+), 2 deletions(-)
 create mode 100644 .gitignore
 create mode 100644 README.md
 create mode 100644 src/docs/guide/configuration.gdoc
 create mode 100644 src/docs/guide/introduction.gdoc
 create mode 100644 src/docs/guide/toc.yml
 create mode 100644 src/docs/guide/usage.gdoc

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..082f3b2
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+.DS_Store
+target/
+log/
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..db88bae
--- /dev/null
+++ b/README.md
@@ -0,0 +1,8 @@
+Grails Security Bridge
+======================
+
+The Grails Security Bridge plugin is used for providing a decoupled, cross-plugin security interface. This allows you to keep the majority of authentication logic in one plugin, while other plugins can reference a public API interface to retrieve the information needed.
+
+Documentation
+-------------
+http://bertramdev.github.io/grails-security-bridge
diff --git a/grails-app/services/org/grails/plugin/securitybridge/SharedSecurityService.groovy b/grails-app/services/org/grails/plugin/securitybridge/SharedSecurityService.groovy
index 2faee71..056f17a 100644
--- a/grails-app/services/org/grails/plugin/securitybridge/SharedSecurityService.groovy
+++ b/grails-app/services/org/grails/plugin/securitybridge/SharedSecurityService.groovy
@@ -58,7 +58,7 @@ class SharedSecurityService implements SecurityBridge {
   /**
 	 * Check if the user is currently logged in.
 	 */
-  def isLoggedIn() {
+  boolean isLoggedIn() {
   	securityBridge.isLoggedIn
   }
 
@@ -101,7 +101,7 @@ class SharedSecurityService implements SecurityBridge {
    * @return Must return a Map of arguments to pass to g:link to create the link
    */
   Map createLink(String action) {
-    securityBridge(failOnError: true).createLink(action)
+    getSecurityBridge(failOnError: true).createLink(action)
   }
 
   def ifAuthorized(object, action, Closure code) {
diff --git a/src/docs/guide/configuration.gdoc b/src/docs/guide/configuration.gdoc
new file mode 100644
index 0000000..0c3bc82
--- /dev/null
+++ b/src/docs/guide/configuration.gdoc
@@ -0,0 +1,85 @@
+The Security-Bridge is kept relatively simple so as to not overcreep on scope. All that needs to be done is to define a security bridge and register this as a spring bean.
+
+The interface is as follows:
+
+{code}
+package org.grails.plugin.securitybridge
+
+interface SecurityBridge {
+
+	/**
+	 * Returns the current user object if they are logged in
+	 * @return the implementation's user object or null if nobody is logged in
+	 */
+	def getCurrentUser()
+
+	/**
+	 * Get the user Identifier.
+	 * @return the user identity or null if nobody is logged in
+	 */
+	def getUserIdentity()
+
+	/**
+	 * Returns the current account object of the logged in user
+	 * @return the implementation's account (for basic auth can just be the user object) object or null if nobody is logged in
+	 */
+	def getCurrentAccount()
+
+	/**
+	 * Returns the current users account identity. (Useful if multiple users are tied to one account)
+	 * @return the account name or identity, null if nobody is logged in.
+	 */
+	def getAccountIdentity()
+
+	/**
+	 * Return the current users display name.
+	 */
+	def getCurrentUserDisplayName()
+
+	/**
+	 * Check if the user is currently logged in.
+	 */
+	boolean isLoggedIn()
+
+	/**
+	 * Check if the currently logged in user is authorized to perform an action on the passed object
+	 * @param object The object with which we are dealing with.
+	 * @param action The action you would like to perform
+	 */
+	boolean isAuthorized(object, action)
+
+	/**
+   * Check if the currently logged in user has the specified role
+   * @param role
+   */
+	boolean hasRole(role)
+
+	/**
+	 * Store the request location for the security service to redirect to upon login success
+	 * @param request The request object
+	 */
+	def storeLocation(request)
+
+	/**
+	 * Execute code masquerading as the specified user, for the duration of the Closure block
+	 * @return Whatever the closure returns
+	 */
+	def withUser(identity, Closure code)
+
+	/**
+   * Create a link to the specified security action
+   * @param action One of "login", "logout", "signup"
+   * @return Must return a Map of arguments to pass to g:link to create the link
+   */
+  Map createLink(String action)
+}
+{code}
+
+Simply implementing a class that defines all these methods will create a legitimate securityBridge. Next we need to register this bridge with spring. This can be done in your application's @resources.groovy@ file or in a plugins @doWithSpring@ method.
+
+{code}
+sharedSecurityBridge(com.mycompany.MySecurityBridge) {
+	//Add any other spring injected references you may need
+  springSecurityService = ref('springSecurityService')
+}
+{code}
diff --git a/src/docs/guide/introduction.gdoc b/src/docs/guide/introduction.gdoc
new file mode 100644
index 0000000..471b974
--- /dev/null
+++ b/src/docs/guide/introduction.gdoc
@@ -0,0 +1,3 @@
+The Grails Security Bridge plugin is used for providing a decoupled, cross-plugin security interface. This allows you to keep the majority of authentication logic in one plugin, while other plugins can reference a public API interface to retrieve the information needed.
+
+This guide documents how to configure and setup a @sharedSecurityBridge@ for use throughout other plugins.
diff --git a/src/docs/guide/toc.yml b/src/docs/guide/toc.yml
new file mode 100644
index 0000000..f209997
--- /dev/null
+++ b/src/docs/guide/toc.yml
@@ -0,0 +1,3 @@
+introduction: Introduction
+configuration: Configuration
+usage: Usage
diff --git a/src/docs/guide/usage.gdoc b/src/docs/guide/usage.gdoc
new file mode 100644
index 0000000..8224641
--- /dev/null
+++ b/src/docs/guide/usage.gdoc
@@ -0,0 +1,16 @@
+Now that the security bridge is configured, The spring security bridge can be used anywhere throughout your app by simply defining the @sharedSecurityService@.
+
+The @sharedSecurityService@ provides access to all methods created in the bridge, as well as some additional methods to make things a bit easier.
+
+* @getCurrentUser()@
+* @getCurrentAccount()@
+* @getUserIdentity()@
+* @getAccountIdentity()@
+* @getCurrentUserDisplayName()@
+* @isAuthorized(object,action)@
+* @isLoggedIn()@
+* @hasAnyRole(role)@
+* @ifAuthorized(object,action,Closure code)@
+
+For More methods please take a look at your SecurityBridge interface.
+