@Override
public List<UserRecord> findUsers(List<String> users) {
List<UserRecord> userRecords = new ArrayList<>();
Set<String> userSet = new HashSet<>(users);
// load config
Ini ini = new Ini();
try (InputStream in = new FileInputStream(FileSystemManager.getConfig("shiro.ini"))) {
ini.load(in);
Section section = ini.getSection("users");
for (String user : section.keySet()) {
if (userSet.contains(user)) {
UserRecord userRecord = new UserRecord();
userRecord.setUsername(user);
userRecords.add(userRecord);
}
}
} catch (IOException ex) {
throw new OpenStorefrontRuntimeException(
"Unable to read shiro.ini file.", "Check config path and permissions", ex);
}
return userRecords;
}
protected void configureShiro() {
final Ini config = new Ini();
config.addSection("users");
config.getSection("users").put("EntitlementUser", "password, entitlement");
config.addSection("roles");
config
.getSection("roles")
.put(
"entitlement",
Permission.ACCOUNT_CAN_CREATE.toString()
+ ","
+ Permission.ENTITLEMENT_CAN_CREATE.toString()
+ ","
+ Permission.ENTITLEMENT_CAN_CHANGE_PLAN.toString()
+ ","
+ Permission.ENTITLEMENT_CAN_PAUSE_RESUME.toString()
+ ","
+ Permission.ENTITLEMENT_CAN_TRANSFER.toString()
+ ","
+ Permission.ENTITLEMENT_CAN_CANCEL.toString());
// Reset the security manager
ThreadContext.unbindSecurityManager();
final Factory<SecurityManager> factory = new IniSecurityManagerFactory(config);
final SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
}
@Before
public void setup() {
sm = new DefaultSecurityManager();
Ini ini = new Ini();
Ini.Section section = ini.addSection(IniRealm.USERS_SECTION_NAME);
section.put("guest", "guest, guest");
section.put("lonestarr", "vespa, goodguy");
sm.setRealm(new IniRealm(ini));
SecurityUtils.setSecurityManager(sm);
}
private ImmutableSetMultimap<String, String> parseIni(String database, Ini ini) {
Ini.Section privilegesSection = ini.getSection(ROLES);
boolean invalidConfiguration = false;
if (privilegesSection == null) {
LOGGER.warn("Section {} empty for {}", ROLES, resourcePath);
invalidConfiguration = true;
}
Ini.Section groupsSection = ini.getSection(GROUPS);
if (groupsSection == null) {
LOGGER.warn("Section {} empty for {}", GROUPS, resourcePath);
invalidConfiguration = true;
}
if (!invalidConfiguration) {
return parsePermissions(database, privilegesSection, groupsSection);
}
return ImmutableSetMultimap.of();
}
/** Parse the resource. Should not be used in the normal course */
protected void parse() {
LOGGER.info("Parsing " + resourcePath);
Roles roles = new Roles();
try {
perDbResources.clear();
Ini ini = PolicyFiles.loadFromPath(fileSystem, resourcePath);
if (LOGGER.isDebugEnabled()) {
for (String sectionName : ini.getSectionNames()) {
LOGGER.debug("Section: " + sectionName);
Ini.Section section = ini.get(sectionName);
for (String key : section.keySet()) {
String value = section.get(key);
LOGGER.debug(key + " = " + value);
}
}
}
ImmutableSetMultimap<String, String> globalRoles;
Map<String, ImmutableSetMultimap<String, String>> perDatabaseRoles = Maps.newHashMap();
globalRoles = parseIni(null, ini);
Ini.Section filesSection = ini.getSection(DATABASES);
if (filesSection == null) {
LOGGER.info("Section " + DATABASES + " needs no further processing");
} else {
for (Map.Entry<String, String> entry : filesSection.entrySet()) {
String database = Strings.nullToEmpty(entry.getKey()).trim().toLowerCase();
Path perDbPolicy = new Path(Strings.nullToEmpty(entry.getValue()).trim());
if (isRelative(perDbPolicy)) {
perDbPolicy = new Path(resourcePath.getParent(), perDbPolicy);
}
try {
LOGGER.info("Parsing " + perDbPolicy);
Ini perDbIni = PolicyFiles.loadFromPath(fileSystem, perDbPolicy);
if (perDbIni.containsKey(USERS)) {
throw new ConfigurationException(
"Per-db policy files cannot contain " + USERS + " section");
}
if (perDbIni.containsKey(DATABASES)) {
throw new ConfigurationException(
"Per-db policy files cannot contain " + DATABASES + " section");
}
ImmutableSetMultimap<String, String> currentDbRoles = parseIni(database, perDbIni);
perDatabaseRoles.put(database, currentDbRoles);
perDbResources.add(perDbPolicy);
} catch (Exception e) {
LOGGER.error(
"Error processing key " + entry.getKey() + ", skipping " + entry.getValue(), e);
}
}
}
roles = new Roles(globalRoles, ImmutableMap.copyOf(perDatabaseRoles));
} catch (Exception e) {
LOGGER.error("Error processing file, ignoring " + resourcePath, e);
}
rolesReference.set(roles);
}
