Пример #1
0
  private void deleteFromAllAuthorities(
      Predicate<RoleGrantedAuthority> predicate, String commitMessage, User currentUser)
      throws IOException, GitAPIException {

    ILockedRepository repo = null;
    try {
      List<String> users = listUsers();
      users.add(ANONYMOUS_USER_LOGIN_NAME);
      repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false);
      boolean anyChanged = false;
      for (String loginName : users) {
        Set<RoleGrantedAuthority> authorities =
            Sets.newHashSet(getUserAuthorities(loginName, repo));
        Set<RoleGrantedAuthority> newAuthorities =
            Sets.newHashSet(Sets.filter(authorities, predicate));
        if (!newAuthorities.equals(authorities)) {
          saveUserAuthorities(loginName, newAuthorities, repo, currentUser, false);
          anyChanged = true;
        }
      }

      if (anyChanged) {
        PersonIdent ident = new PersonIdent(currentUser.getLoginName(), currentUser.getEmail());
        Git.wrap(repo.r())
            .commit()
            .setAuthor(ident)
            .setCommitter(ident)
            .setMessage(commitMessage)
            .call();
      }
    } finally {
      Util.closeQuietly(repo);
    }
  }
Пример #2
0
  public void renameRole(String roleName, String newRoleName, User currentUser) throws IOException {
    Assert.hasLength(roleName);
    Assert.hasLength(newRoleName);
    Assert.notNull(currentUser);
    // check that role exists by trying to load it
    getRole(roleName);
    // check that new role does not exist by trying to load it
    try {
      getRole(newRoleName);
      throw new IllegalArgumentException("role already exists: " + newRoleName); // $NON-NLS-1$
    } catch (RoleNotFoundException e) {
      // okay
    }

    log.info("renaming role: {} -> {}", roleName, newRoleName); // $NON-NLS-1$

    ILockedRepository repo = null;
    try {
      repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false);

      File workingDir = RepositoryUtil.getWorkingDir(repo.r());

      File file = new File(workingDir, roleName + ROLE_SUFFIX);
      File newFile = new File(workingDir, newRoleName + ROLE_SUFFIX);
      FileUtils.copyFile(file, newFile);
      Git git = Git.wrap(repo.r());
      git.rm().addFilepattern(roleName + ROLE_SUFFIX).call();
      git.add().addFilepattern(newRoleName + ROLE_SUFFIX).call();

      List<String> users = listUsers(repo);
      users.add(ANONYMOUS_USER_LOGIN_NAME);
      for (String user : users) {
        List<RoleGrantedAuthority> authorities = getUserAuthorities(user, repo);
        Set<RoleGrantedAuthority> newAuthorities = Sets.newHashSet();
        for (Iterator<RoleGrantedAuthority> iter = authorities.iterator(); iter.hasNext(); ) {
          RoleGrantedAuthority rga = iter.next();
          if (rga.getRoleName().equals(roleName)) {
            RoleGrantedAuthority newRga = new RoleGrantedAuthority(rga.getTarget(), newRoleName);
            newAuthorities.add(newRga);
            iter.remove();
          }
        }
        if (!newAuthorities.isEmpty()) {
          authorities.addAll(newAuthorities);
          saveUserAuthorities(user, Sets.newHashSet(authorities), repo, currentUser, false);
        }
      }

      PersonIdent ident = new PersonIdent(currentUser.getLoginName(), currentUser.getEmail());
      git.commit()
          .setAuthor(ident)
          .setCommitter(ident)
          .setMessage("rename role " + roleName + " to " + newRoleName) // $NON-NLS-1$ //$NON-NLS-2$
          .call();
    } catch (GitAPIException e) {
      throw new IOException(e);
    } finally {
      Util.closeQuietly(repo);
    }
  }
Пример #3
0
  /**
   * Returns the role that has the specified name.
   *
   * @throws RoleNotFoundException when the role could not be found
   */
  public Role getRole(String roleName) throws IOException {
    Assert.hasLength(roleName);

    ILockedRepository repo = null;
    try {
      repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false);
      String json = BlobUtils.getHeadContent(repo.r(), roleName + ROLE_SUFFIX);
      if (json == null) {
        throw new RoleNotFoundException(roleName);
      }

      Gson gson = new GsonBuilder().enableComplexMapKeySerialization().create();
      Map<String, Object> roleMap =
          gson.fromJson(json, new TypeToken<Map<String, Object>>() {}.getType());
      @SuppressWarnings("unchecked")
      Collection<String> permissions =
          (Collection<String>) roleMap.get("permissions"); // $NON-NLS-1$
      EnumSet<Permission> rolePermissions = EnumSet.noneOf(Permission.class);
      for (String permission : permissions) {
        rolePermissions.add(Permission.valueOf(permission));
      }
      Role role = new Role(roleName, rolePermissions);
      return role;
    } finally {
      Util.closeQuietly(repo);
    }
  }
Пример #4
0
  /**
   * Returns the user that has an OpenID whose real ID is equal to the specified OpenID.
   *
   * @throws UserNotFoundException when the user could not be found
   */
  public User getUserByOpenId(String openId) throws IOException {
    ILockedRepository repo = null;
    try {
      repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false);
      File workingDir = RepositoryUtil.getWorkingDir(repo.r());
      FileFilter filter =
          new FileFilter() {
            @Override
            public boolean accept(File file) {
              return file.isFile() && file.getName().endsWith(USER_SUFFIX);
            }
          };
      for (File file : workingDir.listFiles(filter)) {
        String loginName = StringUtils.substringBeforeLast(file.getName(), USER_SUFFIX);
        String json = FileUtils.readFileToString(file, Charsets.UTF_8);
        User user = getUser(loginName, json);
        for (OpenId id : user.getOpenIds()) {
          if (id.getRealId().equals(openId)) {
            return user;
          }
        }
      }

      throw new OpenIdNotFoundException(openId);
    } finally {
      Util.closeQuietly(repo);
    }
  }
Пример #5
0
 /** Returns all known role names. */
 public List<String> listRoles() throws IOException {
   ILockedRepository repo = null;
   try {
     repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false);
     File workingDir = RepositoryUtil.getWorkingDir(repo.r());
     FileFilter filter =
         new FileFilter() {
           @Override
           public boolean accept(File file) {
             return file.isFile() && file.getName().endsWith(ROLE_SUFFIX);
           }
         };
     List<File> files = Lists.newArrayList(workingDir.listFiles(filter));
     Function<File, String> function =
         new Function<File, String>() {
           @Override
           public String apply(File file) {
             return StringUtils.substringBeforeLast(file.getName(), ROLE_SUFFIX);
           }
         };
     List<String> users = Lists.newArrayList(Lists.transform(files, function));
     Collections.sort(users);
     return users;
   } finally {
     Util.closeQuietly(repo);
   }
 }
Пример #6
0
  /**
   * Saves a role.
   *
   * @param role the role to save
   * @param currentUser the user performing the save operation
   */
  public void saveRole(Role role, User currentUser) throws IOException {
    Assert.notNull(role);
    Assert.notNull(currentUser);

    ILockedRepository repo = null;
    try {
      repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false);

      Map<String, Object> roleMap = new HashMap<String, Object>();
      roleMap.put("name", role.getName()); // $NON-NLS-1$
      Set<String> permissions = Sets.newHashSet();
      for (Permission permission : role.getPermissions()) {
        permissions.add(permission.name());
      }
      roleMap.put("permissions", permissions); // $NON-NLS-1$

      Gson gson = new GsonBuilder().enableComplexMapKeySerialization().create();
      String json = gson.toJson(roleMap);
      File workingDir = RepositoryUtil.getWorkingDir(repo.r());
      File workingFile = new File(workingDir, role.getName() + ROLE_SUFFIX);
      FileUtils.write(workingFile, json, Charsets.UTF_8);

      Git git = Git.wrap(repo.r());
      git.add().addFilepattern(role.getName() + ROLE_SUFFIX).call();
      PersonIdent ident = new PersonIdent(currentUser.getLoginName(), currentUser.getEmail());
      git.commit().setAuthor(ident).setCommitter(ident).setMessage(role.getName()).call();
    } catch (GitAPIException e) {
      throw new IOException(e);
    } finally {
      Util.closeQuietly(repo);
    }
  }
Пример #7
0
  /**
   * Saves a user.
   *
   * @param user the user to save
   * @param currentUser the user performing the save operation
   */
  public void saveUser(User user, User currentUser) throws IOException {
    Assert.notNull(user);
    Assert.notNull(currentUser);

    ILockedRepository repo = null;
    try {
      repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false);
      Map<String, Object> userMap = new HashMap<String, Object>();
      userMap.put("loginName", user.getLoginName()); // $NON-NLS-1$
      userMap.put("password", user.getPassword()); // $NON-NLS-1$
      userMap.put("email", user.getEmail()); // $NON-NLS-1$
      userMap.put("disabled", Boolean.valueOf(user.isDisabled())); // $NON-NLS-1$
      if (!user.getOpenIds().isEmpty()) {
        userMap.put("openIds", user.getOpenIds()); // $NON-NLS-1$
      }

      Gson gson = new GsonBuilder().enableComplexMapKeySerialization().create();
      String json = gson.toJson(userMap);
      File workingDir = RepositoryUtil.getWorkingDir(repo.r());
      File workingFile = new File(workingDir, user.getLoginName() + USER_SUFFIX);
      FileUtils.write(workingFile, json, Charsets.UTF_8);

      Git git = Git.wrap(repo.r());
      git.add().addFilepattern(user.getLoginName() + USER_SUFFIX).call();
      PersonIdent ident = new PersonIdent(currentUser.getLoginName(), currentUser.getEmail());
      git.commit().setAuthor(ident).setCommitter(ident).setMessage(user.getLoginName()).call();
    } catch (GitAPIException e) {
      throw new IOException(e);
    } finally {
      Util.closeQuietly(repo);
    }
  }
Пример #8
0
 /** Returns all known user login names. */
 public List<String> listUsers() throws IOException {
   ILockedRepository repo = null;
   try {
     repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false);
     return listUsers(repo);
   } finally {
     Util.closeQuietly(repo);
   }
 }
Пример #9
0
  /**
   * Returns a user's authorities.
   *
   * @param loginName the login name of the user
   * @throws UserNotFoundException when the user does not exist
   */
  public List<RoleGrantedAuthority> getUserAuthorities(String loginName) throws IOException {
    Assert.hasLength(loginName);

    ILockedRepository repo = null;
    try {
      repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false);
      return getUserAuthorities(loginName, repo);
    } finally {
      Util.closeQuietly(repo);
    }
  }
Пример #10
0
  /**
   * Returns the user that has the specified login name.
   *
   * @throws UserNotFoundException when the user could not be found
   */
  public User getUser(String loginName) throws IOException {
    Assert.hasLength(loginName);

    ILockedRepository repo = null;
    try {
      repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false);
      String json = BlobUtils.getHeadContent(repo.r(), loginName + USER_SUFFIX);
      if (json == null) {
        throw new UserNotFoundException(loginName);
      }

      return getUser(loginName, json);
    } finally {
      Util.closeQuietly(repo);
    }
  }
Пример #11
0
  public void renameUser(String loginName, String newLoginName, User currentUser)
      throws IOException {
    Assert.hasLength(loginName);
    Assert.hasLength(newLoginName);
    Assert.notNull(currentUser);
    // check that user exists by trying to load it
    getUser(loginName);
    // check that new user does not exist by trying to load it
    try {
      getUser(newLoginName);
      throw new IllegalArgumentException("user already exists: " + newLoginName); // $NON-NLS-1$
    } catch (UserNotFoundException e) {
      // okay
    }

    ILockedRepository repo = null;
    try {
      repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false);

      File workingDir = RepositoryUtil.getWorkingDir(repo.r());
      File file = new File(workingDir, loginName + USER_SUFFIX);
      File newFile = new File(workingDir, newLoginName + USER_SUFFIX);
      FileUtils.copyFile(file, newFile);
      file = new File(workingDir, loginName + AUTHORITIES_SUFFIX);
      newFile = new File(workingDir, newLoginName + AUTHORITIES_SUFFIX);
      FileUtils.copyFile(file, newFile);
      Git git = Git.wrap(repo.r());
      git.rm().addFilepattern(loginName + USER_SUFFIX).call();
      git.rm().addFilepattern(loginName + AUTHORITIES_SUFFIX).call();
      git.add().addFilepattern(newLoginName + USER_SUFFIX).call();
      git.add().addFilepattern(newLoginName + AUTHORITIES_SUFFIX).call();
      PersonIdent ident = new PersonIdent(currentUser.getLoginName(), currentUser.getEmail());
      git.commit()
          .setAuthor(ident)
          .setCommitter(ident)
          .setMessage(
              "rename user " + loginName + " to " + newLoginName) // $NON-NLS-1$ //$NON-NLS-2$
          .call();
    } catch (GitAPIException e) {
      throw new IOException(e);
    } finally {
      Util.closeQuietly(repo);
    }
  }
Пример #12
0
  public void deleteRole(String roleName, User currentUser) throws IOException {
    Assert.hasLength(roleName);
    Assert.notNull(currentUser);
    // check that role exists by trying to load it
    getRole(roleName);

    ILockedRepository repo = null;
    try {
      repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false);
      Git git = Git.wrap(repo.r());

      git.rm().addFilepattern(roleName + ROLE_SUFFIX).call();

      // remove role from all users
      List<String> users = listUsers(repo);
      users.add(ANONYMOUS_USER_LOGIN_NAME);
      for (String user : users) {
        List<RoleGrantedAuthority> authorities = getUserAuthorities(user, repo);
        boolean changed = false;
        for (Iterator<RoleGrantedAuthority> iter = authorities.iterator(); iter.hasNext(); ) {
          RoleGrantedAuthority rga = iter.next();
          if (rga.getRoleName().equals(roleName)) {
            iter.remove();
            changed = true;
          }
        }
        if (changed) {
          saveUserAuthorities(user, Sets.newHashSet(authorities), repo, currentUser, false);
        }
      }

      PersonIdent ident = new PersonIdent(currentUser.getLoginName(), currentUser.getEmail());
      git.commit()
          .setAuthor(ident)
          .setCommitter(ident)
          .setMessage("delete role " + roleName) // $NON-NLS-1$
          .call();
    } catch (GitAPIException e) {
      throw new IOException(e);
    } finally {
      Util.closeQuietly(repo);
    }
  }
Пример #13
0
  public void deleteUser(String loginName, User currentUser) throws IOException {
    Assert.hasLength(loginName);
    Assert.notNull(currentUser);

    ILockedRepository repo = null;
    try {
      repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false);
      Git git = Git.wrap(repo.r());
      git.rm().addFilepattern(loginName + USER_SUFFIX).call();
      git.rm().addFilepattern(loginName + AUTHORITIES_SUFFIX).call();
      PersonIdent ident = new PersonIdent(currentUser.getLoginName(), currentUser.getEmail());
      git.commit()
          .setAuthor(ident)
          .setCommitter(ident)
          .setMessage("delete user " + loginName) // $NON-NLS-1$
          .call();
    } catch (GitAPIException e) {
      throw new IOException(e);
    } finally {
      Util.closeQuietly(repo);
    }
  }
Пример #14
0
  /**
   * Saves a user's authorities
   *
   * @param loginName the login name of the user whose authorities are to be saved
   * @param authorities the user's authorities to be saved
   * @param currentUser the user performing the save operation
   * @throws UserNotFoundException when the user does not exist
   */
  public void saveUserAuthorities(
      String loginName, Set<RoleGrantedAuthority> authorities, User currentUser)
      throws IOException {

    Assert.hasLength(loginName);
    Assert.notNull(authorities);
    Assert.notNull(currentUser);
    if (!loginName.equals(ANONYMOUS_USER_LOGIN_NAME)) {
      // check that user exists by trying to load it
      getUser(loginName);
    }

    ILockedRepository repo = null;
    try {
      repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false);
      saveUserAuthorities(loginName, authorities, repo, currentUser, true);
    } catch (GitAPIException e) {
      throw new IOException(e);
    } finally {
      Util.closeQuietly(repo);
    }
  }
Пример #15
0
  @PostConstruct
  public void init() throws IOException, GitAPIException {
    String passwordHash = passwordEncoder.encode("admin"); // $NON-NLS-1$
    User adminUser =
        new User("admin", passwordHash, "*****@*****.**", false); // $NON-NLS-1$ //$NON-NLS-2$

    ILockedRepository repo = null;
    boolean created = false;
    try {
      repo =
          globalRepositoryManager.createProjectCentralRepository(REPOSITORY_NAME, false, adminUser);
      created = true;
    } catch (IllegalStateException e) {
      // okay
    } finally {
      Util.closeQuietly(repo);
    }

    if (created) {
      createInitialAdmin(adminUser);
      createInitialRoles(adminUser);
    }
  }