[seam-commits] Seam SVN: r13403 - in modules/security/trunk: examples/idmconsole/src/main/webapp and 4 other directories.
seam-commits at lists.jboss.org
seam-commits at lists.jboss.org
Thu Jul 15 08:25:54 EDT 2010
Author: shane.bryzak at jboss.com
Date: 2010-07-15 08:25:53 -0400 (Thu, 15 Jul 2010)
New Revision: 13403
Modified:
modules/security/trunk/examples/idmconsole/src/main/resources/import.sql
modules/security/trunk/examples/idmconsole/src/main/webapp/WEB-INF/security-rules.drl
modules/security/trunk/examples/idmconsole/src/main/webapp/manageusers.xhtml
modules/security/trunk/examples/idmconsole/src/main/webapp/userdetail.xhtml
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/JpaIdentityStore.java
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/action/UserAction.java
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/picketlink/IdentitySessionProducer.java
Log:
implement more identity store methods
Modified: modules/security/trunk/examples/idmconsole/src/main/resources/import.sql
===================================================================
--- modules/security/trunk/examples/idmconsole/src/main/resources/import.sql 2010-07-15 04:17:18 UTC (rev 13402)
+++ modules/security/trunk/examples/idmconsole/src/main/resources/import.sql 2010-07-15 12:25:53 UTC (rev 13403)
@@ -1,3 +1,6 @@
+insert into RelationshipName(id, name) values (1, 'admin');
+insert into RelationshipName(id, name) values (2, 'manager');
+
insert into IdentityObjectType(id, name) values (1, 'USER');
insert into IdentityObjectType(id, name) values (2, 'GROUP');
@@ -10,7 +13,7 @@
insert into IdentityObjectCredential (id, identity_object_id, credential_type_id, value) values (1, 1, 1, 'password');
insert into IdentityObjectCredential (id, identity_object_id, credential_type_id, value) values (2, 2, 1, 'demo');
-insert into IdentityObjectRelationshipType (id, name) values (1, 'MEMBER_OF');
-insert into IdentityObjectRelationshipType (id, name) values (2, 'ROLE');
+insert into IdentityObjectRelationshipType (id, name) values (1, 'JBOSS_IDENTITY_MEMBERSHIP');
+insert into IdentityObjectRelationshipType (id, name) values (2, 'JBOSS_IDENTITY_ROLE');
insert into IdentityObjectRelationship (id, name, relationship_type_id, from_identity_id, to_identity_id) values (1, 'admin', 2, 1, 3);
Modified: modules/security/trunk/examples/idmconsole/src/main/webapp/WEB-INF/security-rules.drl
===================================================================
--- modules/security/trunk/examples/idmconsole/src/main/webapp/WEB-INF/security-rules.drl 2010-07-15 04:17:18 UTC (rev 13402)
+++ modules/security/trunk/examples/idmconsole/src/main/webapp/WEB-INF/security-rules.drl 2010-07-15 12:25:53 UTC (rev 13403)
@@ -43,3 +43,11 @@
check.grant();
end
+rule ManageRelationships
+ no-loop
+ activation-group "permissions"
+when
+ check: PermissionCheck(resource == "seam.relationship", granted == false)
+then
+ check.grant();
+end
Modified: modules/security/trunk/examples/idmconsole/src/main/webapp/manageusers.xhtml
===================================================================
--- modules/security/trunk/examples/idmconsole/src/main/webapp/manageusers.xhtml 2010-07-15 04:17:18 UTC (rev 13402)
+++ modules/security/trunk/examples/idmconsole/src/main/webapp/manageusers.xhtml 2010-07-15 12:25:53 UTC (rev 13403)
@@ -43,12 +43,12 @@
Action
</f:facet>
- <ui:fragment rendered="#{identity.hasPermission('seam.user', 'update')}">
+ <ui:fragment rendered="#{identity.hasPermission('seam.identity', 'update')}">
<h:commandLink id="edit" value="Edit" action="#{userAction.editUser(user.username)}"/>
<span> | </span>
</ui:fragment>
<h:link id="delete" value="Delete" action="#{userAction.deleteUser(user.username)}"
- rendered="#{identity.hasPermission('seam.user', 'delete')}"
+ rendered="#{identity.hasPermission('seam.identity', 'delete')}"
onclick="return confirmDelete()"/>
</h:column>
</h:dataTable>
Modified: modules/security/trunk/examples/idmconsole/src/main/webapp/userdetail.xhtml
===================================================================
--- modules/security/trunk/examples/idmconsole/src/main/webapp/userdetail.xhtml 2010-07-15 04:17:18 UTC (rev 13402)
+++ modules/security/trunk/examples/idmconsole/src/main/webapp/userdetail.xhtml 2010-07-15 12:25:53 UTC (rev 13403)
@@ -49,13 +49,11 @@
</div>
<div class="formRow">
- <h:outputLabel for="roles" value="Member of" styleClass="formLabel"/>
- <div class="selectMany">
- <h:selectManyCheckbox id="roles" value="#{userAction.roles}" layout="pageDirection" styleClass="roles">
- <!--s:selectItems value="#{identityManager.listGrantableRoles}" var="role" label="#{role}"/-->
- </h:selectManyCheckbox>
- </div>
- <div class="validationError"><h:message for="roles"/></div>
+ <h:outputLabel value="Member of" styleClass="formLabel"/>
+ <ui:repeat value="#{userAction.roles}" var="role">
+ #{role.roleType.name}<span> in group </span>#{role.group.name}<br/>
+ </ui:repeat>
+
</div>
<div class="formRow">
Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/JpaIdentityStore.java
===================================================================
--- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/JpaIdentityStore.java 2010-07-15 04:17:18 UTC (rev 13402)
+++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/JpaIdentityStore.java 2010-07-15 12:25:53 UTC (rev 13403)
@@ -29,6 +29,7 @@
import org.jboss.weld.extensions.util.properties.query.PropertyQueries;
import org.jboss.weld.extensions.util.properties.query.TypedPropertyCriteria;
import org.picketlink.idm.common.exception.IdentityException;
+import org.picketlink.idm.impl.store.FeaturesMetaDataImpl;
import org.picketlink.idm.spi.configuration.IdentityStoreConfigurationContext;
import org.picketlink.idm.spi.configuration.metadata.IdentityObjectAttributeMetaData;
import org.picketlink.idm.spi.exception.OperationNotSupportedException;
@@ -40,6 +41,7 @@
import org.picketlink.idm.spi.model.IdentityObjectType;
import org.picketlink.idm.spi.search.IdentityObjectSearchCriteria;
import org.picketlink.idm.spi.store.FeaturesMetaData;
+import org.picketlink.idm.spi.store.IdentityObjectSearchCriteriaType;
import org.picketlink.idm.spi.store.IdentityStoreInvocationContext;
import org.picketlink.idm.spi.store.IdentityStoreSession;
/*import org.slf4j.Logger;
@@ -60,6 +62,7 @@
public static final String OPTION_IDENTITY_CLASS_NAME = "identityEntityClassName";
public static final String OPTION_CREDENTIAL_CLASS_NAME = "credentialEntityClassName";
public static final String OPTION_RELATIONSHIP_CLASS_NAME = "relationshipEntityClassName";
+ public static final String OPTION_RELATIONSHIP_NAME_CLASS_NAME = "relationshipNameEntityClassName";
private static final String DEFAULT_USER_IDENTITY_TYPE = "USER";
private static final String DEFAULT_ROLE_IDENTITY_TYPE = "ROLE";
@@ -83,11 +86,13 @@
private static final String PROPERTY_RELATIONSHIP_TYPE = "RELATIONSHIP_TYPE";
private static final String PROPERTY_RELATIONSHIP_TYPE_NAME = "RELATIONSHIP_TYPE_NAME";
private static final String PROPERTY_RELATIONSHIP_NAME = "RELATIONSHIP_NAME";
+
+ // Distinct from PROPERTY_RELATIONSHIP NAME - this property refers to the name field in the RELATIONSHIP_NAME entity
+ private static final String PROPERTY_RELATIONSHIP_NAME_NAME = "RELATIONSHIP_NAME_NAME";
private static final String PROPERTY_ATTRIBUTE_NAME = "ATTRIBUTE_NAME";
private static final String PROPERTY_ATTRIBUTE_VALUE = "ATTRIBUTE_VALUE";
- private static final String PROPERTY_ROLE_TYPE_NAME = "ROLE_TYPE_NAME";
+ private static final String PROPERTY_ROLE_TYPE_NAME = "ROLE_TYPE_NAME";
-
private class EntityToSpiConverter
{
private static final String IDENTITY_TYPE_CACHE_PREFIX = "identity_type:";
@@ -115,8 +120,8 @@
else
{
IdentityObject obj = new IdentityObjectImpl(
- (String) identityIdProperty.getValue(entity),
- (String) identityNameProperty.getValue(entity),
+ identityIdProperty.getValue(entity).toString(),
+ identityNameProperty.getValue(entity).toString(),
convertToIdentityObjectType(identityTypeProperty.getValue(entity)));
cache.put(entity, obj);
@@ -176,6 +181,7 @@
private Class<?> relationshipClass;
private Class<?> attributeClass;
private Class<?> roleTypeClass;
+ private Class<?> relationshipNameClass;
private String userIdentityType = DEFAULT_USER_IDENTITY_TYPE;
private String roleIdentityType = DEFAULT_ROLE_IDENTITY_TYPE;
@@ -194,6 +200,8 @@
*/
private Map<String,Property<Object>> attributeProperties = new HashMap<String,Property<Object>>();
+ private FeaturesMetaData featuresMetaData;
+
private class PropertyTypeCriteria implements PropertyCriteria
{
private PropertyType pt;
@@ -223,7 +231,7 @@
public void bootstrap(IdentityStoreConfigurationContext configurationContext)
throws IdentityException
- {
+ {
String clsName = configurationContext.getStoreConfigurationMetaData()
.getOptionSingleValue(OPTION_IDENTITY_CLASS_NAME);
@@ -233,7 +241,7 @@
}
catch (ClassNotFoundException e)
{
- throw new IdentityException("Error bootstrapping JpaIdentityStore - no identity entity class found: " + clsName);
+ throw new IdentityException("Error bootstrapping JpaIdentityStore - invalid identity entity class: " + clsName);
}
if (identityClass == null)
@@ -253,7 +261,7 @@
}
catch (ClassNotFoundException e)
{
- throw new IdentityException("Error bootstrapping JpaIdentityStore - no credential entity class found: " + clsName);
+ throw new IdentityException("Error bootstrapping JpaIdentityStore - invalid credential entity class: " + clsName);
}
}
@@ -266,9 +274,27 @@
}
catch (ClassNotFoundException e)
{
- throw new IdentityException("Error bootstrapping JpaIdentityStore - no relationship entity class found: " + clsName);
+ throw new IdentityException("Error bootstrapping JpaIdentityStore - invalid relationship entity class: " + clsName);
}
+ boolean namedRelationshipsSupported = false;
+
+ clsName = configurationContext.getStoreConfigurationMetaData()
+ .getOptionSingleValue(OPTION_RELATIONSHIP_NAME_CLASS_NAME);
+
+ if (clsName != null)
+ {
+ try
+ {
+ relationshipNameClass = Class.forName(clsName);
+ namedRelationshipsSupported = true;
+ }
+ catch (ClassNotFoundException e)
+ {
+ throw new IdentityException("Error bootstrapping JpaIdentityStore - invalid relationship name entity class: " + clsName);
+ }
+ }
+
configureIdentityId();
configureIdentityName();
configureIdentityType();
@@ -277,6 +303,19 @@
configureRelationships();
configureAttributes();
configureRoleTypeNames();
+
+ if (namedRelationshipsSupported)
+ {
+ configureRelationshipNames();
+ }
+
+ featuresMetaData = new FeaturesMetaDataImpl(
+ configurationContext.getStoreConfigurationMetaData(),
+ new HashSet<IdentityObjectSearchCriteriaType>(),
+ false,
+ namedRelationshipsSupported,
+ new HashSet<String>()
+ );
}
protected void configureIdentityId() throws IdentityException
@@ -911,6 +950,15 @@
}
}
+ protected void configureRelationshipNames()
+ {
+ Property<Object> relationshipNameProp = findNamedProperty(relationshipNameClass, "name");
+ if (relationshipNameProp != null)
+ {
+ modelProperties.put(PROPERTY_RELATIONSHIP_NAME_NAME, relationshipNameProp);
+ }
+ }
+
public String getUserIdentityType()
{
return userIdentityType;
@@ -1120,8 +1168,24 @@
protected Object lookupRelationshipType(IdentityObjectRelationshipType relationshipType, EntityManager em)
{
- // TODO implement
- return null;
+ Property<?> relationshipTypeNameProp = modelProperties.get(PROPERTY_RELATIONSHIP_TYPE_NAME);
+
+ if (relationshipTypeNameProp != null)
+ {
+ CriteriaBuilder builder = em.getCriteriaBuilder();
+ CriteriaQuery<?> criteria = builder.createQuery(relationshipTypeNameProp.getDeclaringClass());
+ Root<?> root = criteria.from(relationshipTypeNameProp.getDeclaringClass());
+
+ List<Predicate> predicates = new ArrayList<Predicate>();
+ predicates.add(builder.equal(root.get(relationshipTypeNameProp.getName()), relationshipType.getName()));
+ criteria.where(predicates.toArray(new Predicate[0]));
+
+ return em.createQuery(criteria).getSingleResult();
+ }
+ else
+ {
+ return relationshipType.getName();
+ }
}
public String createRelationshipName(IdentityStoreInvocationContext ctx,
@@ -1287,12 +1351,35 @@
}
public Set<String> getRelationshipNames(IdentityStoreInvocationContext ctx,
- IdentityObject identity, IdentityObjectSearchCriteria criteria)
+ IdentityObject identity, IdentityObjectSearchCriteria searchCriteria)
throws IdentityException, OperationNotSupportedException
{
- System.out.println("*** Invoked unimplemented method getRelationshipNames()");
- // TODO Auto-generated method stub
- return null;
+ Set<String> names = new HashSet<String>();
+
+ if (!featuresMetaData.isNamedRelationshipsSupported()) return names;
+
+ EntityManager em = getEntityManager(ctx);
+
+ CriteriaBuilder builder = em.getCriteriaBuilder();
+ CriteriaQuery<?> criteria = builder.createQuery(relationshipClass);
+ Root<?> root = criteria.from(relationshipClass);
+
+ Property<?> identityFromProperty = modelProperties.get(PROPERTY_RELATIONSHIP_FROM);
+ Property<?> relationshipNameProperty = modelProperties.get(PROPERTY_RELATIONSHIP_NAME);
+
+ List<Predicate> predicates = new ArrayList<Predicate>();
+ predicates.add(builder.equal(root.get(identityFromProperty.getName()),
+ lookupIdentity(identity, em)));
+
+ criteria.where(predicates.toArray(new Predicate[0]));
+
+ List<?> results = em.createQuery(criteria).getResultList();
+ for (Object result : results)
+ {
+ names.add((String) relationshipNameProperty.getValue(result));
+ }
+
+ return names;
}
public Map<String, String> getRelationshipProperties(
@@ -1306,10 +1393,8 @@
}
public FeaturesMetaData getSupportedFeatures()
- {
- System.out.println("*** Invoked unimplemented method getSupportedFeatures()");
- // TODO Auto-generated method stub
- return null;
+ {
+ return featuresMetaData;
}
public void removeIdentityObject(
@@ -1461,13 +1546,74 @@
}
public Set<IdentityObjectRelationship> resolveRelationships(
- IdentityStoreInvocationContext invocationCxt, IdentityObject identity,
+ IdentityStoreInvocationContext ctx, IdentityObject identity,
IdentityObjectRelationshipType relationshipType, boolean parent,
boolean named, String name) throws IdentityException
{
- // TODO Auto-generated method stub
- System.out.println("*** Invoked unimplemented method resolveRelationships()");
- return null;
+ Set<IdentityObjectRelationship> relationships = new HashSet<IdentityObjectRelationship>();
+
+ EntityManager em = getEntityManager(ctx);
+
+ CriteriaBuilder builder = em.getCriteriaBuilder();
+ CriteriaQuery<?> criteria = builder.createQuery(relationshipClass);
+ Root<?> root = criteria.from(relationshipClass);
+
+ Property<?> relationshipFromProp = modelProperties.get(PROPERTY_RELATIONSHIP_FROM);
+ Property<?> relationshipToProp = modelProperties.get(PROPERTY_RELATIONSHIP_TO);
+ Property<?> relationshipTypeProp = modelProperties.get(PROPERTY_RELATIONSHIP_TYPE);
+ Property<?> relationshipNameProp = modelProperties.get(PROPERTY_RELATIONSHIP_NAME);
+
+ List<Predicate> predicates = new ArrayList<Predicate>();
+
+ if (parent)
+ {
+ predicates.add(builder.equal(root.get(relationshipToProp.getName()),
+ lookupIdentity(identity, em)));
+ }
+ else
+ {
+ predicates.add(builder.equal(root.get(relationshipFromProp.getName()),
+ lookupIdentity(identity, em)));
+ }
+
+ if (relationshipType != null)
+ {
+ predicates.add(builder.equal(root.get(relationshipTypeProp.getName()),
+ lookupRelationshipType(relationshipType, em)));
+ }
+
+ if (named)
+ {
+ if (name != null)
+ {
+ predicates.add(builder.equal(root.get(relationshipNameProp.getName()),
+ name));
+ }
+ else
+ {
+ predicates.add(builder.isNotNull(root.get(relationshipNameProp.getName())));
+ }
+ }
+
+ criteria.where(predicates.toArray(new Predicate[0]));
+
+ List<?> results = em.createQuery(criteria).getResultList();
+
+ EntityToSpiConverter converter = new EntityToSpiConverter();
+
+ for (Object result : results)
+ {
+ IdentityObjectRelationship relationship = new IdentityObjectRelationshipImpl(
+ converter.convertToIdentityObject(relationshipFromProp.getValue(result)),
+ converter.convertToIdentityObject(relationshipToProp.getValue(result)),
+ (String) relationshipNameProp.getValue(result),
+ converter.convertToRelationshipType(relationshipTypeProp.getValue(result))
+ );
+
+ relationships.add(relationship);
+ }
+
+ return relationships;
}
public void setRelationshipNameProperties(
Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/action/UserAction.java
===================================================================
--- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/action/UserAction.java 2010-07-15 04:17:18 UTC (rev 13402)
+++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/action/UserAction.java 2010-07-15 12:25:53 UTC (rev 13403)
@@ -30,7 +30,7 @@
private String username;
private String password;
private String confirm;
- private List<Role> roles;
+ private Collection<Role> roles;
private boolean enabled;
private boolean newUserFlag;
@@ -49,7 +49,7 @@
{
conversation.begin();
this.username = username;
- //roles = identityManager.getGrantedRoles(username);
+ roles = identityManager.getGrantedRoles(username);
enabled = identityManager.isUserEnabled(username);
newUserFlag = false;
}
@@ -203,7 +203,7 @@
this.confirm = confirm;
}
- public List<Role> getRoles()
+ public Collection<Role> getRoles()
{
return roles;
}
Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/picketlink/IdentitySessionProducer.java
===================================================================
--- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/picketlink/IdentitySessionProducer.java 2010-07-15 04:17:18 UTC (rev 13402)
+++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/picketlink/IdentitySessionProducer.java 2010-07-15 12:25:53 UTC (rev 13403)
@@ -66,6 +66,9 @@
options.put(JpaIdentityStore.OPTION_RELATIONSHIP_CLASS_NAME,
createOptionList("org.jboss.seam.security.examples.idmconsole.model.IdentityObjectRelationship"));
+ options.put(JpaIdentityStore.OPTION_RELATIONSHIP_NAME_CLASS_NAME,
+ createOptionList("org.jboss.seam.security.examples.idmconsole.model.RelationshipName"));
+
store.setOptions(options);
stores.add(store);
metadata.setIdentityStores(stores);
More information about the seam-commits
mailing list