Merge pull request #824 from dickschoeller/security

Security
dickschoeller · Feb 8, 2019 · bac1a60 · bac1a60
2 parents 6f57b45 + a1f33e1
commit bac1a60
Show file tree

Hide file tree

Showing 177 changed files with 8,029 additions and 2,582 deletions.
diff --git a/.codeclimate.yml b/.codeclimate.yml
@@ -21,7 +21,6 @@ engines:
       - NOPMD
   checkstyle:
     enabled: true
-    channel: "beta"
     config: config/checkstyle.xml
   pmd:
     enabled: true

diff --git a/gedbrowser-datamodel/src/main/java/org/schoellerfamily/gedbrowser/datamodel/users/User.java b/gedbrowser-datamodel/src/main/java/org/schoellerfamily/gedbrowser/datamodel/users/User.java
@@ -0,0 +1,76 @@
+package org.schoellerfamily.gedbrowser.datamodel.users;
+
+/**
+ * @author Dick Schoeller
+ */
+public interface User {
+    /**
+     * @return the user name
+     */
+    String getUsername();
+
+    /**
+     * @param username the user name
+     */
+    void setUsername(String username);
+
+    /**
+     * @return the user's first name
+     */
+    String getFirstname();
+
+    /**
+     * @param firstname the first name
+     */
+    void setFirstname(String firstname);
+
+    /**
+     * @return the user's last name
+     */
+    String getLastname();
+
+    /**
+     * @param lastname the last name
+     */
+    void setLastname(String lastname);
+
+    /**
+     * @return the user's email address
+     */
+    String getEmail();
+
+    /**
+     * @param email the email address
+     */
+    void setEmail(String email);
+
+    /**
+     * @return the user's password
+     */
+    String getPassword();
+
+    /**
+     * @param password the password
+     */
+    void setPassword(String password);
+
+    /**
+     * The roles supported are user and admin.
+     *
+     * @return the set of roles for this user
+     */
+    UserRoleName[] getRoles();
+
+    /**
+     * @param role the role to add to the role set
+     */
+    void addRole(String role);
+
+    /**
+     * Check if the user has a particular role.
+     *
+     * @param role role that we are looking for
+     * @return true if the user has the role
+     */
+    boolean hasRole(UserRoleName role);
+}
diff --git a/.../gedbrowser/renderer/user/UserFacade.java → ...edbrowser/datamodel/users/UserFacade.java b/.../gedbrowser/renderer/user/UserFacade.java → ...edbrowser/datamodel/users/UserFacade.java
@@ -1,4 +1,4 @@
-package org.schoellerfamily.gedbrowser.renderer.user;
+package org.schoellerfamily.gedbrowser.datamodel.users;
 
 /**
  * @author Dick Schoeller
@@ -22,6 +22,17 @@ default String getUsername() {
         return getUser().getUsername();
     }
 
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    default void setUsername(final String username) {
+        if (getUser() == null) {
+            return;
+        }
+        getUser().setUsername(username);
+    }
+
     /**
      * {@inheritDoc}
      */
@@ -33,6 +44,17 @@ default String getFirstname() {
         return getUser().getFirstname();
     }
 
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    default void setFirstname(final String firstname) {
+        if (getUser() == null) {
+            return;
+        }
+        getUser().setFirstname(firstname);
+    }
+
     /**
      * {@inheritDoc}
      */
@@ -44,6 +66,17 @@ default String getLastname() {
         return getUser().getLastname();
     }
 
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    default void setLastname(final String lastname) {
+        if (getUser() == null) {
+            return;
+        }
+        getUser().setLastname(lastname);
+    }
+
     /**
      * {@inheritDoc}
      */
@@ -55,6 +88,17 @@ default String getEmail() {
         return getUser().getEmail();
     }
 
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    default void setEmail(final String email) {
+        if (getUser() == null) {
+            return;
+        }
+        getUser().setEmail(email);
+    }
+
     /**
      * {@inheritDoc}
      */
@@ -70,9 +114,9 @@ default String getPassword() {
      * {@inheritDoc}
      */
     @Override
-    default String[] getRoles() {
+    default UserRoleName[] getRoles() {
         if (getUser() == null) {
-            return new String[0];
+            return new UserRoleName[0];
         }
         return getUser().getRoles();
     }
@@ -81,7 +125,29 @@ default String[] getRoles() {
      * {@inheritDoc}
      */
     @Override
-    default boolean hasRole(String role) {
+    default void setPassword(final String password) {
+        if (getUser() == null) {
+            return;
+        }
+        getUser().setPassword(password);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    default void addRole(final String role) {
+        if (getUser() == null) {
+            return;
+        }
+        getUser().addRole(role);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    default boolean hasRole(UserRoleName role) {
         if (getUser() == null) {
             return false;
         }

diff --git a/...-datamodel/src/main/java/org/schoellerfamily/gedbrowser/datamodel/users/UserRoleName.java b/...-datamodel/src/main/java/org/schoellerfamily/gedbrowser/datamodel/users/UserRoleName.java
@@ -0,0 +1,18 @@
+package org.schoellerfamily.gedbrowser.datamodel.users;
+
+/**
+ * Roles. Any access without roles is read-only and limited data
+ * visibility.
+ *
+ * @author Dick Schoeller
+ */
+public enum UserRoleName {
+    /**
+     * The role associated with logged in user capabilities.
+     */
+    USER,
+    /**
+     * The role associated with administrator capabilities.
+     */
+    ADMIN
+}
diff --git a/gedbrowser-datamodel/src/main/java/org/schoellerfamily/gedbrowser/datamodel/users/Users.java b/gedbrowser-datamodel/src/main/java/org/schoellerfamily/gedbrowser/datamodel/users/Users.java
@@ -0,0 +1,43 @@
+package org.schoellerfamily.gedbrowser.datamodel.users;
+
+import java.util.Iterator;
+
+/**
+ * @author Dick Schoeller
+ *
+ * @param <T> the contained type
+ */
+public interface Users<T extends User> extends Iterable<T> {
+    /**
+     * @param user the user to add
+     * @return that user
+     */
+    T add(T user);
+
+    /**
+     * @param user the user to remove
+     * @return that user
+     */
+    T remove(T user);
+
+    /**
+     * @param username the username of the user we are getting
+     * @return that user
+     */
+    T get(String username);
+
+    /**
+     * Resets to an empty set.
+     */
+    void clear();
+
+    /**
+     * @return the iterator for the value collection
+     */
+    Iterator<T> iterator();
+
+    /**
+     * @return the iterator for the value collection
+     */
+    int size();
+}
diff --git a/...ser-datamodel/src/main/java/org/schoellerfamily/gedbrowser/datamodel/users/UsersImpl.java b/...ser-datamodel/src/main/java/org/schoellerfamily/gedbrowser/datamodel/users/UsersImpl.java
@@ -0,0 +1,63 @@
+package org.schoellerfamily.gedbrowser.datamodel.users;
+
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+
+/**
+ * @author Dick Schoeller
+ *
+ * @param <T> the contained type
+ */
+public final class UsersImpl<T extends User> implements Users<T> {
+    /** Holds the known users. */
+    private final Map<String, T> users = new HashMap<>();
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public T add(final T user) {
+        return users.put(user.getUsername(), user);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public T remove(final User user) {
+        return users.remove(user.getUsername());
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public T get(final String username) {
+        return users.get(username);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public void clear() {
+        users.clear();
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public Iterator<T> iterator() {
+        return users.values().iterator();
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public int size() {
+        return users.values().size();
+    }
+}
diff --git a/...-datamodel/src/main/java/org/schoellerfamily/gedbrowser/datamodel/users/package-info.java b/...-datamodel/src/main/java/org/schoellerfamily/gedbrowser/datamodel/users/package-info.java
@@ -0,0 +1,5 @@
+/**
+ * Copyright 2019 Richard Schoeller
+ * Data model to describe users.
+ */
+package org.schoellerfamily.gedbrowser.datamodel.users;
diff --git a/gedbrowser-reader/src/main/java/org/schoellerfamily/gedbrowser/users/UserFactory.java b/gedbrowser-reader/src/main/java/org/schoellerfamily/gedbrowser/users/UserFactory.java
@@ -0,0 +1,18 @@
+package org.schoellerfamily.gedbrowser.users;
+
+import org.schoellerfamily.gedbrowser.datamodel.users.User;
+
+/**
+ * Factory interface for creating User objects. Implementations will generally
+ * be injected to situations that need to create them as a lambda.
+ *
+ * @author Dick Schoeller
+ *
+ * @param <T> the created type
+ */
+public interface UserFactory<T extends User> {
+    /**
+     * @return the built user
+     */
+    T createUser();
+}
diff --git a/gedbrowser-reader/src/main/java/org/schoellerfamily/gedbrowser/users/UsersFactory.java b/gedbrowser-reader/src/main/java/org/schoellerfamily/gedbrowser/users/UsersFactory.java
@@ -0,0 +1,18 @@
+package org.schoellerfamily.gedbrowser.users;
+
+import org.schoellerfamily.gedbrowser.datamodel.users.Users;
+
+/**
+ * Factory interface for creating Users objects. Implementations will
+ * generally be injected to situations that need to create them as a lambda.
+ *
+ * @author Dick Schoeller
+ *
+ * @param <T> the created type
+ */
+public interface UsersFactory<T extends Users<?>> {
+    /**
+     * @return the object that manages a collection of users
+     */
+    T createUsers();
+}