nosu
/
taskana
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

TSK-59 ACCESS_ID should always be treated as lowercase

This commit is contained in:
BerndBreier 2017-12-18 12:41:39 +01:00 committed by Holger Hagen
parent 5f64242714
commit 1952807123
7 changed files with 43 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lib/taskana-core/src/main/java/pro/taskana/impl/WorkbasketQueryImpl.java
View File

@ -117,6 +117,13 @@ public class WorkbasketQueryImpl implements WorkbasketQuery {
}
this.authorization = permission;
this.accessId = accessIds;
for (int i = 0; i < accessIds.length; i++) {
String id = accessIds[i];
if (id != null) {
accessIds[i] = id.toLowerCase();
}
}
return this;
}

4
lib/taskana-core/src/main/java/pro/taskana/model/WorkbasketAccessItem.java
View File

@ -39,11 +39,11 @@ public class WorkbasketAccessItem {
}
public String getAccessId() {
return accessId;
return accessId != null ? accessId.toLowerCase() : null;
}
public void setAccessId(String accessId) {
this.accessId = accessId;
this.accessId = accessId != null ? accessId.toLowerCase() : null;
}
public boolean isPermRead() {

41
lib/taskana-core/src/main/java/pro/taskana/security/CurrentUserContext.java
View File

@ -1,9 +1,5 @@
package pro.taskana.security;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.security.auth.Subject;
import java.lang.reflect.Method;
import java.security.AccessController;
import java.security.Principal;
@ -12,9 +8,14 @@ import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import javax.security.auth.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* Provides the context information about the current (calling) user. The
* context is gathered from the JAAS subject.
* Provides the context information about the current (calling) user. The context is gathered from the JAAS subject.
*
* @author Holger Hagen
*/
public final class CurrentUserContext {
@ -32,6 +33,7 @@ public final class CurrentUserContext {
/**
* Returns the userid of the current user.
*
* @return String the userid. null if there is no JAAS subject.
*/
public static String getUserid() {
@ -43,10 +45,9 @@ public final class CurrentUserContext {
}
/**
* Returns the unique security name of the first public credentials found in the
* WSSubject as userid.
* @return the userid of the caller. If the userid could not be obtained, null
* is returned.
* Returns the unique security name of the first public credentials found in the WSSubject as userid.
*
* @return the userid of the caller. If the userid could not be obtained, null is returned.
*/
private static String getUseridFromWSSubject() {
try {
@ -59,9 +60,12 @@ public final class CurrentUserContext {
LOGGER.debug("Public credentials of caller: {}", publicCredentials);
for (Object pC : publicCredentials) {
Object o = pC.getClass().getMethod(GET_UNIQUE_SECURITY_NAME_METHOD, (Class<?>[]) null).invoke(pC,
(Object[]) null);
(Object[]) null);
LOGGER.debug("Returning the unique security name of first public credential: {}", o);
return o.toString();
String userIdFound = o.toString();
String userIdUsed = userIdFound != null ? userIdFound.toLowerCase() : null;
LOGGER.trace("Found User id {}. Returning User id {} ", userIdFound, userIdUsed);
return userIdUsed;
}
}
} catch (Exception e) {
@ -72,6 +76,7 @@ public final class CurrentUserContext {
/**
* Checks, whether Taskana is running on IBM WebSphere.
*
* @return true, if it is running on IBM WebSphere
*/
private static boolean runningOnWebSphere() {
@ -96,8 +101,10 @@ public final class CurrentUserContext {
LOGGER.trace("Public principals of caller: {}", principals);
for (Principal pC : principals) {
if (!(pC instanceof Group)) {
LOGGER.trace("Returning the first principal that is no group: {}", pC.getName());
return pC.getName();
String userIdFound = pC.getName();
String userIdUsed = userIdFound != null ? userIdFound.toLowerCase() : null;
LOGGER.trace("Found User id {}. Returning User id {} ", userIdFound, userIdUsed);
return userIdUsed;
}
}
}
@ -113,8 +120,10 @@ public final class CurrentUserContext {
Set<Group> groups = subject.getPrincipals(Group.class);
LOGGER.trace("Public groups of caller: {}", groups);
for (Principal group : groups) {
LOGGER.trace("Returning the groupId: {}", group.getName());
groupIds.add(group.getName());
String groupNameFound = group.getName();
String groupNameReturned = groupNameFound != null ? groupNameFound.toLowerCase() : null;
LOGGER.trace("Found group id {}. Returning group Id: {}", groupNameFound, groupNameReturned);
groupIds.add(groupNameReturned);
}
return groupIds;
}

2
lib/taskana-core/src/test/java/pro/taskana/impl/WorkbasketServiceImplTest.java
View File

@ -335,7 +335,7 @@ public class WorkbasketServiceImplTest {
accessItem.setAccessId("Zaphod Beeblebrox");
workbasketServiceImpl.updateWorkbasketAuthorization(accessItem);
Assert.assertEquals("Zaphod Beeblebrox", accessItem.getAccessId());
Assert.assertEquals("zaphod beeblebrox", accessItem.getAccessId());
}
@Test(expected = NotAuthorizedException.class)

2
lib/taskana-core/src/test/java/pro/taskana/impl/integration/WorkbasketServiceImplIntAutocommitTest.java
View File

@ -299,7 +299,7 @@ public class WorkbasketServiceImplIntAutocommitTest {
accessItem.setAccessId("Zaphod Beeblebrox");
workBasketService.updateWorkbasketAuthorization(accessItem);
Assert.assertEquals("Zaphod Beeblebrox",
Assert.assertEquals("zaphod beeblebrox",
workBasketService.getWorkbasketAuthorization(accessItem.getId()).getAccessId());
}

4
lib/taskana-core/src/test/java/pro/taskana/impl/integration/WorkbasketServiceImplIntExplicitTest.java
View File

@ -271,6 +271,8 @@ public class WorkbasketServiceImplIntExplicitTest {
workBasketService.getWorkbasket(id2).getModified());
Assert.assertEquals(workBasketService.getWorkbasket(id1).getCreated(),
workBasketService.getWorkbasket(id1).getModified());
Assert.assertEquals(workBasketService.getWorkbasket(id3).getCreated(),
workBasketService.getWorkbasket(id3).getModified());
connection.commit();
}
@ -307,7 +309,7 @@ public class WorkbasketServiceImplIntExplicitTest {
accessItem.setAccessId("Zaphod Beeblebrox");
workBasketService.updateWorkbasketAuthorization(accessItem);
Assert.assertEquals("Zaphod Beeblebrox",
Assert.assertEquals("zaphod beeblebrox",
workBasketService.getWorkbasketAuthorization(accessItem.getId()).getAccessId());
connection.commit();
}

7
rest/src/main/resources/sql/sample-data/workbasket-access-list.sql
View File

@ -1,4 +1,5 @@
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('1', 'key1', 'Elena', true, true, true, true, true, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('2', 'key2', 'Max', true, true, true, true, true, true, true, true, true, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('3', 'key3', 'Simone', true, true, true, true, true, true, true, true, true, true, true, true, true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('1', 'key1', 'elena', true, true, true, true, true, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('2', 'key2', 'max', true, true, true, true, true, true, true, true, true, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('3', 'key3', 'simone', true, true, true, true, true, true, true, true, true, true, true, true, true);