rhbz1021357 - Insert the authenticated person into the Security Rules…

…' context for asynchronous processes.
zanata · Oct 22, 2013 · 9154034 · seanf · Oct 22, 2013 · carlosmunoz
1 parent f1f4304
commit 9154034
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 3 deletions.
diff --git a/zanata-war/src/main/java/org/zanata/async/AsynchronousTaskExecutor.java b/zanata-war/src/main/java/org/zanata/async/AsynchronousTaskExecutor.java
@@ -24,12 +24,15 @@
 
 import javax.security.auth.Subject;
 
+import org.jboss.seam.Component;
 import org.jboss.seam.ScopeType;
 import org.jboss.seam.annotations.AutoCreate;
 import org.jboss.seam.annotations.Name;
 import org.jboss.seam.annotations.Scope;
 import org.jboss.seam.annotations.async.Asynchronous;
 import org.jboss.seam.security.RunAsOperation;
+import org.zanata.action.AuthenticationEvents;
+import org.zanata.dao.AccountDAO;
 
 import lombok.extern.slf4j.Slf4j;
 
@@ -51,13 +54,14 @@ public class AsynchronousTaskExecutor {
     @Asynchronous
     public <V, H extends AsyncTaskHandle<V>> void runAsynchronously(
             final AsyncTask<V, H> task, final Principal runAsPpal,
-            final Subject runAsSubject) {
+            final Subject runAsSubject, final String username) {
         AsyncUtils.outject(task.getHandle(), ScopeType.EVENT);
 
         RunAsOperation runAsOp = new RunAsOperation() {
             @Override
             public void execute() {
                 try {
+                    prepareSecurityContext(username);
                     V returnValue = task.call();
                     task.getHandle().set(returnValue);
                 } catch (Exception t) {
@@ -82,4 +86,21 @@ public Subject getSubject() {
         runAsOp.run();
     }
 
+    /**
+     * Prepares the Drools security context so that it contains all the
+     * necessary facts for security checking.
+     */
+    private static void prepareSecurityContext(String username) {
+        /*
+         * TODO This should be changed to not need the username. There should be
+         * a way to simulate a login for asyn tasks, or at least to inherit the
+         * caller's context
+         */
+        AccountDAO accountDAO =
+                (AccountDAO) Component.getInstance(AccountDAO.class);
+        AuthenticationEvents authEvts =
+                (AuthenticationEvents) Component
+                        .getInstance(AuthenticationEvents.class);
+        authEvts.loginSuccessful(accountDAO.getByUsername(username));
+    }
 }
diff --git a/zanata-war/src/main/java/org/zanata/async/TaskExecutor.java b/zanata-war/src/main/java/org/zanata/async/TaskExecutor.java
@@ -61,8 +61,9 @@ public <V, H extends AsyncTaskHandle<V>> AsyncTaskHandle<V> startTask(
         }
 
         Identity identity = Identity.instance();
-        asynchronousTaskExecutor.runAsynchronously(task,
-                identity.getPrincipal(), identity.getSubject());
+        asynchronousTaskExecutor.runAsynchronously(task, identity
+                .getPrincipal(), identity.getSubject(), identity
+                .getCredentials().getUsername());
         return handle;
     }