Merge pull request #16 from indigo-dc/cmdb-authorities

Adding a way to recognize role of administration of the service by CMDB owner field in provider
indigo-dc · Sep 18, 2017 · 1d883d1 · 1d883d1
2 parents ba39650 + 0c87ce6
commit 1d883d1
Show file tree

Hide file tree

Showing 14 changed files with 436 additions and 211 deletions.
diff --git a/docker/indigo-slam.sh b/docker/indigo-slam.sh
@@ -16,7 +16,7 @@ java -Dserver.address=0.0.0.0 \
      -Dunity.server.clientId=$IAM_CLIENT_ID \
      -Dunity.server.clientSecret=$IAM_CLIENT_SECRET \
      -Dcmdb.url=$CMDB_URL \
-     -Dprovider.email=$PROVIDER_EMAIL \
+     -Dprovider.emails=$PROVIDER_EMAIL \
      -Djdbc.url=$JDBC_URL \
      -Djdbc.username=$MYSQL_USER \
      -Djdbc.password=$MYSQL_PASSWORD \

diff --git a/.../java/pl/cyfronet/bazaar/engine/extension/constraint/action/impl/HasAnyOfMetricsImpl.java b/.../java/pl/cyfronet/bazaar/engine/extension/constraint/action/impl/HasAnyOfMetricsImpl.java
@@ -1,11 +1,9 @@
 package pl.cyfronet.bazaar.engine.extension.constraint.action.impl;
 
 import com.agreemount.bean.document.Document;
-import com.agreemount.bean.identity.provider.IdentityProvider;
 import com.agreemount.slaneg.action.ActionContext;
 import com.agreemount.slaneg.constraint.action.impl.QualifierImpl;
 import com.google.common.base.Preconditions;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Scope;
 import org.springframework.stereotype.Component;
 import org.springframework.util.CollectionUtils;
@@ -21,9 +19,6 @@
 @Scope("prototype")
 public class HasAnyOfMetricsImpl extends QualifierImpl<HasAnyOfMetrics,ActionContext> {
 
-    @Autowired
-    private IdentityProvider identityProvider;
-
     @Override
     public boolean isAvailable() {
         String alias = getConstraintDefinition().getDocumentAlias();
@@ -46,4 +41,4 @@ public boolean isAvailable() {
 
         return result;
     }
-}
+}
diff --git a/src/main/java/pl/cyfronet/ltos/controller/LegacyMethods.java b/src/main/java/pl/cyfronet/ltos/controller/LegacyMethods.java
@@ -1,8 +1,6 @@
 package pl.cyfronet.ltos.controller;
 
-import com.agreemount.bean.identity.provider.IdentityProvider;
 import lombok.extern.log4j.Log4j;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.core.context.SecurityContextHolder;
@@ -12,7 +10,6 @@
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.servlet.view.RedirectView;
 import pl.cyfronet.ltos.bean.User;
-import pl.cyfronet.ltos.repository.UserRepository;
 import pl.cyfronet.ltos.security.UserInfo;
 
 import javax.servlet.http.HttpSession;
@@ -22,12 +19,6 @@
 @Log4j
 public class LegacyMethods {
 
-    @Autowired
-    private UserRepository userRepository;
-
-    @Autowired
-    private IdentityProvider identityProvider;
-
     @RequestMapping(value = "user/get", method = RequestMethod.GET)
     @Transactional
     public ResponseEntity<User> getUser() throws IOException {

diff --git a/src/main/java/pl/cyfronet/ltos/repository/CmdbRepository.java b/src/main/java/pl/cyfronet/ltos/repository/CmdbRepository.java
@@ -1,32 +1,37 @@
 package pl.cyfronet.ltos.repository;
 
-import java.util.Map;
-
-import javax.annotation.PostConstruct;
-
 import org.json.JSONObject;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.oauth2.client.OAuth2RestOperations;
 import org.springframework.stereotype.Component;
-
 import pl.cyfronet.bazaar.engine.extension.metric.SiteSelectMetric;
 
+import javax.annotation.PostConstruct;
+import java.util.Map;
+
 @Component
 public class CmdbRepository {
     @Value("${cmdb.url}")
     private String cmdbUrl;
 
+    @Value("${cmdb.url.prefix:/cmdb}")
+    private String prefix;
+
     @Autowired
     private OAuth2RestOperations restTemplate;
 
     public JSONObject get(String type, String fieldName, String fieldValue) {
         return new JSONObject(restTemplate
-                .getForObject(cmdbUrl + "/cmdb/" + type + "/filters/" + fieldName + "/" + fieldValue, Map.class));
+                .getForObject(cmdbUrl + prefix + type + "/filters/" + fieldName + "/" + fieldValue, Map.class));
     }
 
     public JSONObject get(String type) {
-        return new JSONObject(restTemplate.getForObject(cmdbUrl + "/cmdb/" + type + "/list", Map.class));
+        return new JSONObject(restTemplate.getForObject(cmdbUrl + prefix + type + "/list", Map.class));
+    }
+
+    public JSONObject getById(String type, String id) {
+        return new JSONObject(restTemplate.getForObject(cmdbUrl + prefix + type + "/id/" + id, Map.class));
     }
 
     @PostConstruct

diff --git a/src/main/java/pl/cyfronet/ltos/security/AuthenticationProviderDev.java b/src/main/java/pl/cyfronet/ltos/security/AuthenticationProviderDev.java
@@ -4,10 +4,8 @@
 import com.agreemount.bean.identity.TeamMember;
 import com.agreemount.bean.identity.provider.IdentityProvider;
 import com.google.common.base.Preconditions;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.authentication.TestingAuthenticationToken;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
@@ -22,7 +20,6 @@
 import pl.cyfronet.ltos.bean.Team;
 import pl.cyfronet.ltos.bean.User;
 import pl.cyfronet.ltos.repository.TeamRepository;
-import pl.cyfronet.ltos.security.PortalUser.PortalUserBuilder;
 
 import javax.persistence.EntityManager;
 import javax.persistence.PersistenceContext;
@@ -35,19 +32,20 @@
 import java.util.List;
 import java.util.stream.Collectors;
 
+@Slf4j
 public class AuthenticationProviderDev implements AuthenticationProvider {
 
-    static Logger log = LoggerFactory
-            .getLogger(AuthenticationProviderDev.class);
+    @Autowired
+    private UserOperations operations;
 
     @Autowired
-    UserOperations operations;
+    private IdentityProvider identityProvider;
 
     @Autowired
-    IdentityProvider identityProvider;
+    private TeamRepository teamRepository;
 
     @Autowired
-    TeamRepository teamRepository;
+    private PortalUserFactory portalUserFactory;
 
     @Override
     public Authentication authenticate(Authentication authentication)
@@ -60,7 +58,7 @@ public Authentication authenticate(Authentication authentication)
                     + authentication.getAuthorities().toString());
             log.debug("LOGGING: details = " + operations);
             log.debug("LOGGING:  creation = " +  operations );
-            PortalUserBuilder builder = PortalUser.builder();
+            PortalUserImpl.Data.DataBuilder builder = PortalUserImpl.Data.builder();
             builder.credentials(authentication.getCredentials());
             return shouldAuthenticateAgainstThirdPartySystem(name, password, builder);
         } else if (authentication.getClass().isAssignableFrom(TestingAuthenticationToken.class)) {
@@ -91,8 +89,10 @@ public Identity getIdentity(User user) {
         return identity;
     }
 
-    private PortalUser shouldAuthenticateAgainstThirdPartySystem(String name,
-            String password, PortalUserBuilder builder) {
+    private PortalUser shouldAuthenticateAgainstThirdPartySystem(
+            String name,
+            String password,
+            PortalUserImpl.Data.DataBuilder builder) {
         if (name.equals("admin") && password.equals("admin")) {
             User user = operations.loadUserByUnityIdentity("admin");
             UserInfo info = UserInfo.fromUser(user);
@@ -116,20 +116,18 @@ private PortalUser shouldAuthenticateAgainstThirdPartySystem(String name,
             }
             builder.user(user);
             builder.principal(info);
-            builder.authorities(Arrays.asList(
-                    new SimpleGrantedAuthority("ROLE_ADMIN"),
-                    new SimpleGrantedAuthority("ROLE_PROVIDER"),
-                    new SimpleGrantedAuthority("ROLE_USER"))
-            );
-            builder.isAuthenticated(true);
+            builder.authority(new SimpleGrantedAuthority("ROLE_ADMIN"));
+            builder.authority(new SimpleGrantedAuthority("ROLE_PROVIDER"));
+            builder.authority(new SimpleGrantedAuthority("ROLE_USER"));
+            builder.authenticated(true);
 
             Identity identity = getIdentity(user);
             Preconditions.checkNotNull(identity, "Identity [%s] was not found", name);
             identityProvider.setIdentity(identity);
 
             log.debug("LOGGING:  identity for  engine set = " +  identity );
 
-            return builder.build();
+            return portalUserFactory.createPortalUser(builder.build());
         }
         if (name.equals("user") && password.equals("user")) {
             User user = operations.loadUserByUnityIdentity("user");
@@ -152,27 +150,26 @@ private PortalUser shouldAuthenticateAgainstThirdPartySystem(String name,
                     new SimpleGrantedAuthority("ROLE_USER"),
                     new SimpleGrantedAuthority("ROLE_MANAGER")
             ));
-            builder.isAuthenticated(true);
+            builder.authenticated(true);
 
             Identity identity = getIdentity(user);
             Preconditions.checkNotNull(identity, "Identity [%s] was not found", name);
             identityProvider.setIdentity(identity);
 
             log.debug("LOGGING:  identity for  engine set = " +  identity );
 
-            return builder.build();
+            return portalUserFactory.createPortalUser(builder.build());
         }
         if (name.equals("noreg")) {
             UserInfo info = createNoregInfo();
             builder.principal(info);
-            builder.isAuthenticated(true);
-
+            builder.authenticated(true);
 
-            return builder.build();
+            return portalUserFactory.createPortalUser(builder.build());
         }
         return null;
     }
-    
+
     private UserInfo createAdminInfo() {
         UserInfo info = UserInfo.builder()
             .unityPersistentIdentity("admin")
@@ -182,7 +179,7 @@ private UserInfo createAdminInfo() {
             .email("[email protected]").build();
         return info;
     }
-    
+
     private UserInfo createUserInfo() {
         UserInfo info = UserInfo.builder()
             .unityPersistentIdentity("user")
@@ -192,7 +189,7 @@ private UserInfo createUserInfo() {
             .email("[email protected]").build();
         return info;
     }
-    
+
     private UserInfo createNoregInfo() {
         UserInfo info = UserInfo.builder()
             .unityPersistentIdentity("user")
@@ -221,7 +218,7 @@ public User saveUser(User user) {
             em.flush();
             return user;
         }
-        
+
         @Transactional
         public Role saveRole(Role role) {
             em.persist(role);
@@ -230,7 +227,7 @@ public Role saveRole(Role role) {
         }
 
         /*
-         * Consider new version of spring data rest - such 
+         * Consider new version of spring data rest - such
          * searches are probably implemented by repositories
          */
         @Transactional
@@ -247,7 +244,7 @@ public User loadUserByUnityIdentity(String username)
             }
             return principal;
         }
-        
+
         @Transactional
         public Role loadOrCreateRoleByName(String roleName)
                 throws UsernameNotFoundException {
@@ -267,7 +264,7 @@ public Role loadOrCreateRoleByName(String roleName)
             }
             return theRole;
         }
-        
+
     }
 
-}
+}