nosu
/
taskana
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

TSK-713 make users correspondation between cache LDAP and testModuleSample

This commit is contained in:
Martin Rojas Miguel Angel 2018-09-18 13:52:26 +02:00 committed by Holger Hagen
parent 5628fd8ebb
commit bf38e98f1c
4 changed files with 53 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
rest/taskana-rest-spring-example/src/main/java/pro/taskana/ldap/LdapCacheTestImpl.java
View File

@ -7,6 +7,8 @@ import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import org.springframework.stereotype.Component;
import pro.taskana.rest.resource.AccessIdResource;
/**
@ -14,6 +16,7 @@ import pro.taskana.rest.resource.AccessIdResource;
*
* @author bbr
*/
@Component
public class LdapCacheTestImpl implements LdapCache {
/**
@ -23,31 +26,31 @@ public class LdapCacheTestImpl implements LdapCache {
private static Map<AccessIdResource, List<AccessIdResource>> users;
private static List<AccessIdResource> accessIds = new ArrayList<>(Arrays.asList(
new AccessIdResource("Martin, Rojas Miguel Angel", "user_1_1"),
new AccessIdResource("Lengl, Marcel", "user_1_2"),
new AccessIdResource("Zorgati, Mustapha", "user_2_1"),
new AccessIdResource("Breier, Bernd", "user_2_2"),
new AccessIdResource("Meyer, Dominik", "teamlead_1"),
new AccessIdResource("Hagen, Holger", "teamlead_2"),
new AccessIdResource("Behrendt, Maximilian", "max"),
new AccessIdResource("Bert, Ali", "teamlead_5"),
new AccessIdResource("Hagen, Holger", "teamlead_3"),
new AccessIdResource("Breier, Bernd", "user_2_2"),
new AccessIdResource("Fielmalz, Anke", "user017"),
new AccessIdResource("Behrendt, Maximilian", "max"),
new AccessIdResource("Breier, Bernd", "user_2_2"),
new AccessIdResource("Ferrante, Elena", "elena"),
new AccessIdResource("Mueller, Simone", "simone"),
new AccessIdResource("Sirup, Aaron", "user001"),
new AccessIdResource("Kahn, Ada", "user002"),
new AccessIdResource("Nacho, recuerda", "user_1_2"),
new AccessIdResource("Lass, Ada", "user003"),
new AccessIdResource("Tion, Addi", "user004"),
new AccessIdResource("Lette, Adi", "user005"),
new AccessIdResource("Admin", "teamlead_2"),
new AccessIdResource("Native, Alter", "user006"),
new AccessIdResource("Herum, Albert", "user007"),
new AccessIdResource("Bert, Ali", "user008"),
new AccessIdResource("Meyer, Dominik", "teamlead_1"),
new AccessIdResource("Mente, Ali", "user009"),
new AccessIdResource("Mater, Alma", "user010"),
new AccessIdResource("Nach, Alma", "user011"),
new AccessIdResource("Gehzauch, Anders", "user012"),
new AccessIdResource("Theke, Andi", "user013"),
new AccessIdResource("Kreuz, Andreas", "user014"),
new AccessIdResource("Kette, Anka", "user015"),
new AccessIdResource("Tiefsee, Anka", "user016"),
new AccessIdResource("Fielmalz, Anke", "user017"),
new AccessIdResource("Fassen, Ann", "user018"),
new AccessIdResource("Probe, Ann", "user019"),
new AccessIdResource("Bolika, Anna", "user020"),
@ -263,38 +266,41 @@ public class LdapCacheTestImpl implements LdapCache {
new AccessIdResource("Hausver, Walter", "user230"),
new AccessIdResource("Schuh, Wanda", "user231"),
new AccessIdResource("Rahm, Wolf", "user232"),
new AccessIdResource("DevelopersGroup", "cn=DevelopersGroup,ou=groups,o=TaskanaTest"),
new AccessIdResource("businessadmin", "cn=businessadmin,ou=groups,o=TaskanaTest"),
new AccessIdResource("UsersGroup", "cn=UsersGroup,ou=groups,o=TaskanaTest"),
new AccessIdResource("sachbearbeiter", "cn=sachbearbeiter,ou=groups,o=TaskanaTest"),
new AccessIdResource("leben", "cn=leben,ou=groups,o=TaskanaTest"),
new AccessIdResource("chirurgie", "cn=chirurgie,ou=groups,o=TaskanaTest"),
new AccessIdResource("zahn", "cn=zahn,ou=groups,o=TaskanaTest"),
new AccessIdResource("knie", "cn=knie,ou=groups,o=TaskanaTest"),
new AccessIdResource("schaden", "cn=schaden,ou=groups,o=TaskanaTest"),
new AccessIdResource("kapital", "cn=kapital,ou=groups,o=TaskanaTest"),
new AccessIdResource("ausland", "cn=ausland,ou=groups,o=TaskanaTest"),
new AccessIdResource("teamlead", "cn=teamlead,ou=groups,o=TaskanaTest"),
new AccessIdResource("gesundheit", "cn=gesundheit,ou=groups,o=TaskanaTest"),
new AccessIdResource("vip", "cn=vip,ou=groups,o=TaskanaTest"),
new AccessIdResource("manager", "cn=manager,ou=groups,o=TaskanaTest"),
new AccessIdResource("kfz", "cn=kfz,ou=groups,o=TaskanaTest"),
new AccessIdResource("haftpflicht", "cn=haftpflicht,ou=groups,o=TaskanaTest"),
new AccessIdResource("bauspar", "cn=bauspar,ou=groups,o=TaskanaTest")));
new AccessIdResource("DevelopersGroup", "cn=DevelopersGroup,ou=groups,o=TaskanaTest"),
new AccessIdResource("businessadmin", "cn=CustomersGroup,ou=groups,o=TaskanaTest"),
new AccessIdResource("user_domain_A", "cn=user_domain_A,ou=groups,o=TaskanaTest"),
new AccessIdResource("monitor", "cn=monitor,ou=groups,o=TaskanaTest"),
new AccessIdResource("user_domain_C", "cn=user_domain_C,ou=groups,o=TaskanaTest"),
new AccessIdResource("user_domain_D", "cn=user_domain_D,ou=groups,o=TaskanaTest"),
new AccessIdResource("admin", "cn=admin,ou=groups,o=TaskanaTest"),
new AccessIdResource("manager_domain_B", "cn=manager_domain_B,ou=groups,o=TaskanaTest"),
new AccessIdResource("manager_domain_C", "cn=manager_domain_C,ou=groups,o=TaskanaTest"),
new AccessIdResource("manager_domain_D", "cn=manager_domain_D,ou=groups,o=TaskanaTest"),
new AccessIdResource("teamlead_2", "cn=teamlead_2" + ",ou=groups,o=TaskanaTest"),
new AccessIdResource("teamlead_4", "cn=teamlead_4" + ",ou=groups,o=TaskanaTest"),
new AccessIdResource("team_3", "cn=team_3" + ",ou=groups,o=TaskanaTest"),
new AccessIdResource("team_4", "cn=team_4" + ",ou=groups,o=TaskanaTest")));
@Override
public List<AccessIdResource> findMatchingAccessId(String searchFor, int maxNumerOfReturnedAccessIds) {
return findAcessIdResource(searchFor, maxNumerOfReturnedAccessIds, false);
return findAccessIdResource(searchFor, maxNumerOfReturnedAccessIds, false);
}
@Override
public List<AccessIdResource> findGroupsOfUser(String searchFor, int maxNumerOfReturnedAccessIds) {
public List<AccessIdResource> findGroupsOfUser(String searchFor, int maxNumberOfReturnedAccessIds) {
if (users == null) {
addUsersToGroups();
}
return findAcessIdResource(searchFor, maxNumerOfReturnedAccessIds, true);
return findAccessIdResource(searchFor, maxNumberOfReturnedAccessIds, true);
}
private List<AccessIdResource> findAcessIdResource(String searchFor, int maxNumerOfReturnedAccessIds,
private List<AccessIdResource> findAccessIdResource(String searchFor, int maxNumerOfReturnedAccessIds,
boolean groupMember) {
List<AccessIdResource> usersAndGroups = accessIds.stream()
.filter(t -> (t.getName().toLowerCase().contains(searchFor.toLowerCase())
@ -371,7 +377,7 @@ public class LdapCacheTestImpl implements LdapCache {
break;
}
}
groupNumber = (groupNumber + 1) % 4;
countUser = (countUser + 1) % 4;
}
}

4
rest/taskana-rest-spring-example/src/main/java/pro/taskana/rest/ExampleRestApplication.java
View File

@ -41,6 +41,8 @@ public class ExampleRestApplication {
@Autowired
private LdapClient ldapClient;
@Autowired private LdapCacheTestImpl ldapCacheTest;
public static void main(String[] args) {
SpringApplication.run(ExampleRestApplication.class, args);
}
@ -75,7 +77,7 @@ public class ExampleRestApplication {
@PostConstruct
private void init() {
if (!ldapClient.useLdap()) {
AccessIdController.setLdapCache(new LdapCacheTestImpl());
AccessIdController.setLdapCache(ldapCacheTest);
}
}
}

32
rest/taskana-rest-spring-example/src/main/java/pro/taskana/rest/security/SampleLoginModule.java
View File

@ -1,5 +1,6 @@
package pro.taskana.rest.security;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
@ -9,8 +10,12 @@ import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.spi.LoginModule;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.stereotype.Component;
import pro.taskana.ldap.LdapCacheTestImpl;
import pro.taskana.rest.resource.AccessIdResource;
import pro.taskana.security.GroupPrincipal;
import pro.taskana.security.UserPrincipal;
@ -38,27 +43,14 @@ public class SampleLoginModule extends UsernamePasswordAuthenticationFilter impl
}
private void addGroupSubjectsDerivedFromUsername() {
LdapCacheTestImpl ldapCacheTest = new LdapCacheTestImpl();
String username = nameCallback.getName().toLowerCase();
char role = username.charAt(1);
switch (role) {
case 'u':
subject.getPrincipals()
.add(new GroupPrincipal("user" + "_domain_" + username.charAt(0)));
break;
case 'm':
subject.getPrincipals()
.add(new GroupPrincipal("manager" + "_domain_" + username.charAt(0)));
break;
case 'e':
subject.getPrincipals()
.add(new GroupPrincipal("businessadmin"));
break;
default:
// necessary for checkstyle
}
if (username.length() > 6) {
subject.getPrincipals().add(new GroupPrincipal("team_" + username.substring(2, 6)));
}
List<AccessIdResource> groups = ldapCacheTest.findGroupsOfUser(username, Integer.MAX_VALUE);
groups.forEach((AccessIdResource group) -> {
if (group.getAccessId().contains("ou=groups")) {
subject.getPrincipals().add(new GroupPrincipal(group.getName()));
}
});
}
private void addUserPrincipalToSubject() {

4
rest/taskana-rest-spring/src/main/java/pro/taskana/rest/resource/AccessIdResource.java
View File

@ -7,8 +7,8 @@ package pro.taskana.rest.resource;
*/
public class AccessIdResource {
public String name;
public String accessId;
private String name;
private String accessId;
public AccessIdResource() {