Skip to content
This repository has been archived by the owner on Aug 20, 2021. It is now read-only.

Commit

Permalink
Browse files Browse the repository at this point in the history
feat(roles): implementation of custom roles
  • Loading branch information
NicolasGeraud committed Jul 16, 2017
1 parent 9d23b1f commit d13d1a2
Show file tree
Hide file tree
Showing 179 changed files with 4,760 additions and 1,318 deletions.
2 changes: 1 addition & 1 deletion gravitee-management-api-fetcher/pom.xml
Expand Up @@ -23,7 +23,7 @@
<parent>
<groupId>io.gravitee.management</groupId>
<artifactId>gravitee-management-api</artifactId>
<version>1.9.0-SNAPSHOT</version>
<version>1.8.1-SNAPSHOT</version>
</parent>

<artifactId>gravitee-management-api-fetcher</artifactId>
Expand Down
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>io.gravitee.management.idp</groupId>
<artifactId>gravitee-management-api-idp</artifactId>
<version>1.9.0-SNAPSHOT</version>
<version>1.8.1-SNAPSHOT</version>
</parent>

<artifactId>gravitee-management-api-idp-api</artifactId>
Expand Down
@@ -0,0 +1,50 @@
/**
* Copyright (C) 2015 The Gravitee team (http://gravitee.io)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.gravitee.management.idp.api.authentication;

import java.util.Map;

/**
* @author Nicolas GERAUD (nicolas.geraud at graviteesource.com)
* @author GraviteeSource Team
*/
public class UserDetailRole {
private String scope;
private String name;
private Map<String, char[]> permissions;

public String getScope() {
return scope;
}
public void setScope(String scope) {
this.scope = scope;
}

public String getName() {
return name;
}

public void setName(String name) {
this.name = name;
}

public Map<String, char[]> getPermissions() {
return permissions;
}
public void setPermissions(Map<String, char[]> permissions) {
this.permissions = permissions;
}
}
Expand Up @@ -19,9 +19,11 @@
import org.springframework.security.core.userdetails.User;

import java.util.Collection;
import java.util.List;

/**
* @author Azize Elamrani (azize at gravitee.io)
* @author Azize ELAMRANI (azize.elamrani at graviteesource.com)
* @author Nicolas GERAUD (nicolas.geraud at graviteesource.com)
* @author GraviteeSource Team
*/
public class UserDetails extends User {
Expand All @@ -31,6 +33,7 @@ public class UserDetails extends User {
private String lastname;
private String source;
private String sourceId;
private List<UserDetailRole> roles;

public UserDetails(String username, String password, Collection<? extends GrantedAuthority> authorities) {
super(username, password, authorities);
Expand Down Expand Up @@ -76,6 +79,14 @@ public void setSourceId(String sourceId) {
this.sourceId = sourceId;
}

public List<UserDetailRole> getRoles() {
return roles;
}

public void setRoles(List<UserDetailRole> roles) {
this.roles = roles;
}

@Override
public String toString() {
return super.toString() +
Expand Down
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>io.gravitee.management.idp</groupId>
<artifactId>gravitee-management-api-idp</artifactId>
<version>1.9.0-SNAPSHOT</version>
<version>1.8.1-SNAPSHOT</version>
</parent>

<artifactId>gravitee-management-api-idp-core</artifactId>
Expand Down
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>io.gravitee.management.idp</groupId>
<artifactId>gravitee-management-api-idp</artifactId>
<version>1.9.0-SNAPSHOT</version>
<version>1.8.1-SNAPSHOT</version>
</parent>

<artifactId>gravitee-management-api-idp-ldap</artifactId>
Expand Down
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>io.gravitee.management.idp</groupId>
<artifactId>gravitee-management-api-idp</artifactId>
<version>1.9.0-SNAPSHOT</version>
<version>1.8.1-SNAPSHOT</version>
</parent>

<artifactId>gravitee-management-api-idp-memory</artifactId>
Expand Down
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>io.gravitee.management.idp</groupId>
<artifactId>gravitee-management-api-idp</artifactId>
<version>1.9.0-SNAPSHOT</version>
<version>1.8.1-SNAPSHOT</version>
</parent>

<artifactId>gravitee-management-api-idp-repository</artifactId>
Expand Down
Expand Up @@ -40,7 +40,8 @@
import java.util.stream.Collectors;

/**
* @author David BRASSELY (david at gravitee.io)
* @author David BRASSELY (david.brassely at graviteesource.com)
* @author Nicolas GERAUD (nicolas.geraud at graviteesource.com)
* @author GraviteeSource Team
*/
@Import(RepositoryAuthenticationProviderConfiguration.class)
Expand Down Expand Up @@ -73,7 +74,7 @@ protected void additionalAuthenticationChecks(UserDetails userDetails, UsernameP
@Override
protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
try {
UserEntity user = userService.findByName(username);
UserEntity user = userService.findByName(username, true);
if (RepositoryIdentityProvider.PROVIDER_TYPE.equals(user.getSource())) {
return mapUserEntityToUserDetails(user);
} else {
Expand All @@ -92,7 +93,7 @@ private UserDetails mapUserEntityToUserDetails(UserEntity userEntity) {
if (userEntity.getRoles() != null && userEntity.getRoles().size() > 0) {

authorities = AuthorityUtils.commaSeparatedStringToAuthorityList(
userEntity.getRoles().stream().collect(Collectors.joining(","))
userEntity.getRoles().stream().map(r -> r.getScope().name()+":"+r.getName()).collect(Collectors.joining(","))
);
}

Expand Down
2 changes: 1 addition & 1 deletion gravitee-management-api-idp/pom.xml
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>io.gravitee.management</groupId>
<artifactId>gravitee-management-api</artifactId>
<version>1.9.0-SNAPSHOT</version>
<version>1.8.1-SNAPSHOT</version>
</parent>

<groupId>io.gravitee.management.idp</groupId>
Expand Down
2 changes: 1 addition & 1 deletion gravitee-management-api-model/pom.xml
Expand Up @@ -23,7 +23,7 @@
<parent>
<groupId>io.gravitee.management</groupId>
<artifactId>gravitee-management-api</artifactId>
<version>1.9.0-SNAPSHOT</version>
<version>1.8.1-SNAPSHOT</version>
</parent>

<artifactId>gravitee-management-api-model</artifactId>
Expand Down
Expand Up @@ -45,12 +45,10 @@ public class ApiEntity {

@NotNull
@DeploymentRequired
@MembershipTypesAllowed({"PRIMARY_OWNER", "OWNER"})
@JsonProperty(value = "proxy", required = true)
private Proxy proxy;

@DeploymentRequired
@MembershipTypesAllowed({"PRIMARY_OWNER", "OWNER"})
@JsonProperty(value = "paths", required = true)
private Map<String, Path> paths = new HashMap<>();

Expand All @@ -71,19 +69,16 @@ public class ApiEntity {
private PrimaryOwnerEntity primaryOwner;

@DeploymentRequired
@MembershipTypesAllowed({"PRIMARY_OWNER", "OWNER"})
@JsonProperty(value = "properties")
private io.gravitee.definition.model.Properties properties;

private MembershipType permission;
private String role;

@DeploymentRequired
@MembershipTypesAllowed({"PRIMARY_OWNER", "OWNER"})
@JsonProperty(value = "services")
private Services services;

@DeploymentRequired
@MembershipTypesAllowed({"PRIMARY_OWNER", "OWNER"})
private Set<String> tags;

private String picture;
Expand All @@ -92,7 +87,6 @@ public class ApiEntity {
private String pictureUrl;

@DeploymentRequired
@MembershipTypesAllowed({"PRIMARY_OWNER", "OWNER"})
@JsonProperty(value = "resources")
private List<Resource> resources = new ArrayList<>();

Expand Down Expand Up @@ -180,12 +174,12 @@ public void setPaths(Map<String, Path> paths) {
this.paths = paths;
}

public MembershipType getPermission() {
return permission;
public String getRole() {
return role;
}

public void setPermission(MembershipType permission) {
this.permission = permission;
public void setRole(String role) {
this.role = role;
}

public PrimaryOwnerEntity getPrimaryOwner() {
Expand Down Expand Up @@ -311,7 +305,7 @@ public String toString() {
", visibility=" + visibility +
", state=" + state +
", primaryOwner=" + primaryOwner +
", permission=" + permission +
", role=" + role +
", tags=" + tags +
", view=" + views +
", group=" + group +
Expand Down
Expand Up @@ -25,6 +25,7 @@

/**
* @author David BRASSELY (david.brassely at graviteesource.com)
* @author Nicolas GERAUD (nicolas.geraud at graviteesource.com)
* @author GraviteeSource Team
*/
public class ApiListItem {
Expand All @@ -50,7 +51,7 @@ public class ApiListItem {
@JsonProperty("owner")
private PrimaryOwnerEntity primaryOwner;

private MembershipType permission;
private String role;

@JsonProperty(value = "picture_url")
private String pictureUrl;
Expand All @@ -62,6 +63,8 @@ public class ApiListItem {

private List<String> labels;

private boolean manageable;

public String getId() {
return id;
}
Expand Down Expand Up @@ -134,12 +137,12 @@ public void setPrimaryOwner(PrimaryOwnerEntity primaryOwner) {
this.primaryOwner = primaryOwner;
}

public MembershipType getPermission() {
return permission;
public String getRole() {
return role;
}

public void setPermission(MembershipType permission) {
this.permission = permission;
public void setRole(String role) {
this.role = role;
}

public String getPictureUrl() {
Expand Down Expand Up @@ -174,6 +177,14 @@ public void setLabels(List<String> labels) {
this.labels = labels;
}

public boolean isManageable() {
return manageable;
}

public void setManageable(boolean manageable) {
this.manageable = manageable;
}

@Override
public boolean equals(Object o) {
if (this == o) return true;
Expand All @@ -199,7 +210,8 @@ public String toString() {
", visibility=" + visibility +
", state=" + state +
", primaryOwner=" + primaryOwner +
", permission=" + permission +
", role=" + role +
", manageable=" + manageable +
'}';
}
}
Expand Up @@ -25,7 +25,8 @@
import java.util.*;

/**
* @author Azize ELAMRANI (azize at graviteesource.com)
* @author Azize ELAMRANI (azize.elamrani at graviteesource.com)
* @author Nicolas GERAUD (nicolas.geraud at graviteesource.com)
* @author GraviteeSource Team
*/
public class ApiModelEntity {
Expand All @@ -44,7 +45,7 @@ public class ApiModelEntity {
private Lifecycle.State state;
private PrimaryOwnerEntity primaryOwner;
private Properties properties;
private MembershipType permission;
private String role;
private Services services;
private Set<String> tags;
private String picture;
Expand Down Expand Up @@ -133,12 +134,12 @@ public void setPaths(Map<String, Path> paths) {
this.paths = paths;
}

public MembershipType getPermission() {
return permission;
public String getRole() {
return role;
}

public void setPermission(MembershipType permission) {
this.permission = permission;
public void setRole(String role) {
this.role = role;
}

public PrimaryOwnerEntity getPrimaryOwner() {
Expand Down Expand Up @@ -256,7 +257,7 @@ public String toString() {
", visibility=" + visibility +
", state=" + state +
", primaryOwner=" + primaryOwner +
", permission=" + permission +
", role=" + role +
", tags=" + tags +
", view=" + views +
", group=" + group +
Expand Down
Expand Up @@ -13,24 +13,22 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.gravitee.management.rest.security;
package io.gravitee.management.model;

import io.gravitee.management.model.permissions.ApiPermission;

import javax.ws.rs.NameBinding;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

/**
* @author David BRASSELY (david.brassely at graviteesource.com)
* @author Nicolas GERAUD (nicolas.geraud at graviteesource.com)
* @author GraviteeSource Team
*/
@NameBinding
@Target({ElementType.METHOD, ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
public @interface ApiPermissionsRequired {

ApiPermission value() default ApiPermission.READ;
@Target(ElementType.FIELD)
public @interface ApiPermissionsAllowed {
ApiPermission[] value();
}

0 comments on commit d13d1a2

Please sign in to comment.