View Javadoc
1   package fr.ifremer.quadrige3.synchro.server.security;
2   
3   /*-
4    * #%L
5    * Quadrige3 Core :: Quadrige3 Synchro server
6    * $Id:$
7    * $HeadURL:$
8    * %%
9    * Copyright (C) 2017 Ifremer
10   * %%
11   * This program is free software: you can redistribute it and/or modify
12   * it under the terms of the GNU Affero General Public License as published by
13   * the Free Software Foundation, either version 3 of the License, or
14   * (at your option) any later version.
15   * 
16   * This program is distributed in the hope that it will be useful,
17   * but WITHOUT ANY WARRANTY; without even the implied warranty of
18   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
19   * GNU General Public License for more details.
20   * 
21   * You should have received a copy of the GNU Affero General Public License
22   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
23   * #L%
24   */
25  
26  
27  
28  import com.google.common.collect.Lists;
29  import com.google.common.collect.Sets;
30  import fr.ifremer.quadrige3.core.dao.administration.user.PrivilegeCode;
31  import fr.ifremer.quadrige3.core.vo.administration.user.PrivilegeVO;
32  import org.apache.commons.collections4.CollectionUtils;
33  import org.springframework.security.core.GrantedAuthority;
34  import org.springframework.security.core.authority.SimpleGrantedAuthority;
35  
36  import java.util.Collection;
37  import java.util.List;
38  import java.util.Set;
39  
40  /**
41   * <p>QuadrigeUserDetailsImpl class.</p>
42   *
43   * @author Ludovic Pecquot <ludovic.pecquot@e-is.pro>
44   * @since 1.0
45   */
46  public class QuadrigeUserDetailsImpl implements QuadrigeUserDetails {
47  
48      private static final long serialVersionUID = 1L;
49      
50      private final int userId;
51      
52      private String password;
53  
54      private final Collection<? extends GrantedAuthority> authorities;
55  
56      /**
57       * <p>Constructor for QuadrigeUserDetailsImpl.</p>
58       *
59       * @param userId a int.
60       */
61      public QuadrigeUserDetailsImpl(int userId) {
62          this.userId = userId;
63          this.password = "";
64          this.authorities = createAllAuthorities();
65      }
66  
67      /**
68       * <p>Constructor for QuadrigeUserDetailsImpl.</p>
69       *
70       * @param userId a int.
71       * @param privileges a {@link java.util.List} object.
72       */
73      public QuadrigeUserDetailsImpl(int userId, List<PrivilegeVO> privileges) {
74          this.userId = userId;
75          this.password = "";
76          this.authorities = createAuthoritiesFromPrivileges(privileges);
77      }
78  
79      /**
80       * <p>Constructor for QuadrigeUserDetailsImpl.</p>
81       *
82       * @param userId a int.
83       * @param password a {@link java.lang.String} object.
84       */
85      public QuadrigeUserDetailsImpl(int userId, String password) {
86          this.userId = userId;
87          this.password = password;
88          this.authorities = createAllAuthorities();
89      }
90  
91      /** {@inheritDoc} */
92      @Override
93      public int getUserId() {
94          return userId;
95      }
96  
97      @Override
98      public boolean isAdmin() {
99          return authorities.stream().anyMatch(grantedAuthority -> QuadrigeGrantedAuthority.ROLE_ADMIN.name().equals(grantedAuthority.getAuthority()));
100     }
101 
102     /** {@inheritDoc} */
103     @Override
104     public Collection<? extends GrantedAuthority> getAuthorities() {
105         return authorities;
106     }
107 
108     /** {@inheritDoc} */
109     @Override
110     public String getPassword() {
111         return password;
112     }
113 
114     /** {@inheritDoc} */
115     @Override
116     public String getUsername() {
117         return "Ldap User";
118     }
119 
120     /** {@inheritDoc} */
121     @Override
122     public boolean isAccountNonExpired() {
123         return true;
124     }
125 
126     /** {@inheritDoc} */
127     @Override
128     public boolean isAccountNonLocked() {
129         return true;
130     }
131 
132     /** {@inheritDoc} */
133     @Override
134     public boolean isCredentialsNonExpired() {
135         return true;
136     }
137 
138     /** {@inheritDoc} */
139     @Override
140     public boolean isEnabled() {
141         return true;
142     }
143 
144     /* -- Internal methods -- */
145 
146     /**
147      * <p>createAllAuthorities.</p>
148      *
149      * @return a {@link java.util.Collection} object.
150      */
151     protected Collection<? extends GrantedAuthority> createAllAuthorities() {
152         return Lists.newArrayList(
153                 new SimpleGrantedAuthority(QuadrigeGrantedAuthority.ROLE_ADMIN.name()),
154                 new SimpleGrantedAuthority(QuadrigeGrantedAuthority.ROLE_USER.name())
155         );
156 
157     }
158 
159     /**
160      * <p>createAuthorities.</p>
161      *
162      * @param roles a {@link java.util.Set} object.
163      * @return a {@link java.util.Collection} object.
164      */
165     protected Collection<? extends GrantedAuthority> createAuthorities(Set<String> roles) {
166         List<SimpleGrantedAuthority> authorities = Lists.newArrayListWithExpectedSize(roles.size());
167         for (String role: roles) {
168             authorities.add(new SimpleGrantedAuthority(role));
169         }
170         return authorities;
171     }
172 
173     /**
174      * <p>createAuthoritiesFromPrivileges.</p>
175      *
176      * @param privileges a {@link java.util.List} object.
177      * @return a {@link java.util.Collection} object.
178      */
179     protected Collection<? extends GrantedAuthority> createAuthoritiesFromPrivileges(List<PrivilegeVO> privileges) {
180         Set<String> roles = Sets.newHashSet();
181 
182         if (CollectionUtils.isNotEmpty(privileges)) {
183             // If has privilege "referential administrator": add the ADMIN role
184             for (PrivilegeVO privilege : privileges) {
185                 if (PrivilegeCode.REFERENTIAL_ADMINISTRATOR.getValue().equalsIgnoreCase(privilege.getPrivilegeCd())) {
186                     roles.add(QuadrigeGrantedAuthority.ROLE_ADMIN.name());
187                     break;
188                 }
189             }
190         }
191 
192         // Always add the USER role
193         roles.add(QuadrigeGrantedAuthority.ROLE_USER.name());
194 
195         return createAuthorities(roles);
196     }
197 }