Seam SVN: r13403 - in modules/security/trunk: examples/idmconsole/src/main/webapp and 4 other directories.
2:25 p.m.
Author: shane.bryzak(a)jboss.com
Date: 2010-07-15 08:25:53 -0400 (Thu, 15 Jul 2010)
New Revision: 13403
Modified:
modules/security/trunk/examples/idmconsole/src/main/resources/import.sql
modules/security/trunk/examples/idmconsole/src/main/webapp/WEB-INF/security-rules.drl
modules/security/trunk/examples/idmconsole/src/main/webapp/manageusers.xhtml
modules/security/trunk/examples/idmconsole/src/main/webapp/userdetail.xhtml
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/JpaIdentityStore.java
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/action/UserAction.java
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/picketlink/IdentitySessionProducer.java
Log:
implement more identity store methods
Modified: modules/security/trunk/examples/idmconsole/src/main/resources/import.sql
===================================================================
--- modules/security/trunk/examples/idmconsole/src/main/resources/import.sql 2010-07-15
04:17:18 UTC (rev 13402)
+++ modules/security/trunk/examples/idmconsole/src/main/resources/import.sql 2010-07-15
12:25:53 UTC (rev 13403)
@@ -1,3 +1,6 @@
+insert into RelationshipName(id, name) values (1, 'admin');
+insert into RelationshipName(id, name) values (2, 'manager');
+
insert into IdentityObjectType(id, name) values (1, 'USER');
insert into IdentityObjectType(id, name) values (2, 'GROUP');
@@ -10,7 +13,7 @@
insert into IdentityObjectCredential (id, identity_object_id, credential_type_id, value)
values (1, 1, 1, 'password');
insert into IdentityObjectCredential (id, identity_object_id, credential_type_id, value)
values (2, 2, 1, 'demo');
-insert into IdentityObjectRelationshipType (id, name) values (1, 'MEMBER_OF');
-insert into IdentityObjectRelationshipType (id, name) values (2, 'ROLE');
+insert into IdentityObjectRelationshipType (id, name) values (1,
'JBOSS_IDENTITY_MEMBERSHIP');
+insert into IdentityObjectRelationshipType (id, name) values (2,
'JBOSS_IDENTITY_ROLE');
insert into IdentityObjectRelationship (id, name, relationship_type_id, from_identity_id,
to_identity_id) values (1, 'admin', 2, 1, 3);
Modified:
modules/security/trunk/examples/idmconsole/src/main/webapp/WEB-INF/security-rules.drl
===================================================================
---
modules/security/trunk/examples/idmconsole/src/main/webapp/WEB-INF/security-rules.drl 2010-07-15
04:17:18 UTC (rev 13402)
+++
modules/security/trunk/examples/idmconsole/src/main/webapp/WEB-INF/security-rules.drl 2010-07-15
12:25:53 UTC (rev 13403)
@@ -43,3 +43,11 @@
check.grant();
end
+rule ManageRelationships
+ no-loop
+ activation-group "permissions"
+when
+ check: PermissionCheck(resource == "seam.relationship", granted == false)
+then
+ check.grant();
+end
Modified: modules/security/trunk/examples/idmconsole/src/main/webapp/manageusers.xhtml
===================================================================
---
modules/security/trunk/examples/idmconsole/src/main/webapp/manageusers.xhtml 2010-07-15
04:17:18 UTC (rev 13402)
+++
modules/security/trunk/examples/idmconsole/src/main/webapp/manageusers.xhtml 2010-07-15
12:25:53 UTC (rev 13403)
@@ -43,12 +43,12 @@
Action
</f:facet>
- <ui:fragment rendered="#{identity.hasPermission('seam.user',
'update')}">
+ <ui:fragment
rendered="#{identity.hasPermission('seam.identity',
'update')}">
<h:commandLink id="edit" value="Edit"
action="#{userAction.editUser(user.username)}"/>
<span> | </span>
</ui:fragment>
<h:link id="delete" value="Delete"
action="#{userAction.deleteUser(user.username)}"
- rendered="#{identity.hasPermission('seam.user',
'delete')}"
+ rendered="#{identity.hasPermission('seam.identity',
'delete')}"
onclick="return confirmDelete()"/>
</h:column>
</h:dataTable>
Modified: modules/security/trunk/examples/idmconsole/src/main/webapp/userdetail.xhtml
===================================================================
--- modules/security/trunk/examples/idmconsole/src/main/webapp/userdetail.xhtml 2010-07-15
04:17:18 UTC (rev 13402)
+++ modules/security/trunk/examples/idmconsole/src/main/webapp/userdetail.xhtml 2010-07-15
12:25:53 UTC (rev 13403)
@@ -49,13 +49,11 @@
</div>
<div class="formRow">
- <h:outputLabel for="roles" value="Member of"
styleClass="formLabel"/>
- <div class="selectMany">
- <h:selectManyCheckbox id="roles"
value="#{userAction.roles}" layout="pageDirection"
styleClass="roles">
- <!--s:selectItems
value="#{identityManager.listGrantableRoles}" var="role"
label="#{role}"/-->
- </h:selectManyCheckbox>
- </div>
- <div class="validationError"><h:message
for="roles"/></div>
+ <h:outputLabel value="Member of"
styleClass="formLabel"/>
+ <ui:repeat value="#{userAction.roles}" var="role">
+ #{role.roleType.name}<span> in group
</span>#{role.group.name}<br/>
+ </ui:repeat>
+
</div>
<div class="formRow">
Modified:
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/JpaIdentityStore.java
===================================================================
---
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/JpaIdentityStore.java 2010-07-15
04:17:18 UTC (rev 13402)
+++
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/JpaIdentityStore.java 2010-07-15
12:25:53 UTC (rev 13403)
@@ -29,6 +29,7 @@
import org.jboss.weld.extensions.util.properties.query.PropertyQueries;
import org.jboss.weld.extensions.util.properties.query.TypedPropertyCriteria;
import org.picketlink.idm.common.exception.IdentityException;
+import org.picketlink.idm.impl.store.FeaturesMetaDataImpl;
import org.picketlink.idm.spi.configuration.IdentityStoreConfigurationContext;
import org.picketlink.idm.spi.configuration.metadata.IdentityObjectAttributeMetaData;
import org.picketlink.idm.spi.exception.OperationNotSupportedException;
@@ -40,6 +41,7 @@
import org.picketlink.idm.spi.model.IdentityObjectType;
import org.picketlink.idm.spi.search.IdentityObjectSearchCriteria;
import org.picketlink.idm.spi.store.FeaturesMetaData;
+import org.picketlink.idm.spi.store.IdentityObjectSearchCriteriaType;
import org.picketlink.idm.spi.store.IdentityStoreInvocationContext;
import org.picketlink.idm.spi.store.IdentityStoreSession;
/*import org.slf4j.Logger;
@@ -60,6 +62,7 @@
public static final String OPTION_IDENTITY_CLASS_NAME =
"identityEntityClassName";
public static final String OPTION_CREDENTIAL_CLASS_NAME =
"credentialEntityClassName";
public static final String OPTION_RELATIONSHIP_CLASS_NAME =
"relationshipEntityClassName";
+ public static final String OPTION_RELATIONSHIP_NAME_CLASS_NAME =
"relationshipNameEntityClassName";
private static final String DEFAULT_USER_IDENTITY_TYPE = "USER";
private static final String DEFAULT_ROLE_IDENTITY_TYPE = "ROLE";
@@ -83,11 +86,13 @@
private static final String PROPERTY_RELATIONSHIP_TYPE =
"RELATIONSHIP_TYPE";
private static final String PROPERTY_RELATIONSHIP_TYPE_NAME =
"RELATIONSHIP_TYPE_NAME";
private static final String PROPERTY_RELATIONSHIP_NAME =
"RELATIONSHIP_NAME";
+
+ // Distinct from PROPERTY_RELATIONSHIP NAME - this property refers to the name field
in the RELATIONSHIP_NAME entity
+ private static final String PROPERTY_RELATIONSHIP_NAME_NAME =
"RELATIONSHIP_NAME_NAME";
private static final String PROPERTY_ATTRIBUTE_NAME = "ATTRIBUTE_NAME";
private static final String PROPERTY_ATTRIBUTE_VALUE = "ATTRIBUTE_VALUE";
- private static final String PROPERTY_ROLE_TYPE_NAME = "ROLE_TYPE_NAME";
+ private static final String PROPERTY_ROLE_TYPE_NAME = "ROLE_TYPE_NAME";
-
private class EntityToSpiConverter
{
private static final String IDENTITY_TYPE_CACHE_PREFIX =
"identity_type:";
@@ -115,8 +120,8 @@
else
{
IdentityObject obj = new IdentityObjectImpl(
- (String) identityIdProperty.getValue(entity),
- (String) identityNameProperty.getValue(entity),
+ identityIdProperty.getValue(entity).toString(),
+ identityNameProperty.getValue(entity).toString(),
convertToIdentityObjectType(identityTypeProperty.getValue(entity)));
cache.put(entity, obj);
@@ -176,6 +181,7 @@
private Class<?> relationshipClass;
private Class<?> attributeClass;
private Class<?> roleTypeClass;
+ private Class<?> relationshipNameClass;
private String userIdentityType = DEFAULT_USER_IDENTITY_TYPE;
private String roleIdentityType = DEFAULT_ROLE_IDENTITY_TYPE;
@@ -194,6 +200,8 @@
*/
private Map<String,Property<Object>> attributeProperties = new
HashMap<String,Property<Object>>();
+ private FeaturesMetaData featuresMetaData;
+
private class PropertyTypeCriteria implements PropertyCriteria
{
private PropertyType pt;
@@ -223,7 +231,7 @@
public void bootstrap(IdentityStoreConfigurationContext configurationContext)
throws IdentityException
- {
+ {
String clsName = configurationContext.getStoreConfigurationMetaData()
.getOptionSingleValue(OPTION_IDENTITY_CLASS_NAME);
@@ -233,7 +241,7 @@
}
catch (ClassNotFoundException e)
{
- throw new IdentityException("Error bootstrapping JpaIdentityStore - no
identity entity class found: " + clsName);
+ throw new IdentityException("Error bootstrapping JpaIdentityStore - invalid
identity entity class: " + clsName);
}
if (identityClass == null)
@@ -253,7 +261,7 @@
}
catch (ClassNotFoundException e)
{
- throw new IdentityException("Error bootstrapping JpaIdentityStore - no
credential entity class found: " + clsName);
+ throw new IdentityException("Error bootstrapping JpaIdentityStore -
invalid credential entity class: " + clsName);
}
}
@@ -266,9 +274,27 @@
}
catch (ClassNotFoundException e)
{
- throw new IdentityException("Error bootstrapping JpaIdentityStore - no
relationship entity class found: " + clsName);
+ throw new IdentityException("Error bootstrapping JpaIdentityStore - invalid
relationship entity class: " + clsName);
}
+ boolean namedRelationshipsSupported = false;
+
+ clsName = configurationContext.getStoreConfigurationMetaData()
+ .getOptionSingleValue(OPTION_RELATIONSHIP_NAME_CLASS_NAME);
+
+ if (clsName != null)
+ {
+ try
+ {
+ relationshipNameClass = Class.forName(clsName);
+ namedRelationshipsSupported = true;
+ }
+ catch (ClassNotFoundException e)
+ {
+ throw new IdentityException("Error bootstrapping JpaIdentityStore -
invalid relationship name entity class: " + clsName);
+ }
+ }
+
configureIdentityId();
configureIdentityName();
configureIdentityType();
@@ -277,6 +303,19 @@
configureRelationships();
configureAttributes();
configureRoleTypeNames();
+
+ if (namedRelationshipsSupported)
+ {
+ configureRelationshipNames();
+ }
+
+ featuresMetaData = new FeaturesMetaDataImpl(
+ configurationContext.getStoreConfigurationMetaData(),
+ new HashSet<IdentityObjectSearchCriteriaType>(),
+ false,
+ namedRelationshipsSupported,
+ new HashSet<String>()
+ );
}
protected void configureIdentityId() throws IdentityException
@@ -911,6 +950,15 @@
}
}
+ protected void configureRelationshipNames()
+ {
+ Property<Object> relationshipNameProp =
findNamedProperty(relationshipNameClass, "name");
+ if (relationshipNameProp != null)
+ {
+ modelProperties.put(PROPERTY_RELATIONSHIP_NAME_NAME, relationshipNameProp);
+ }
+ }
+
public String getUserIdentityType()
{
return userIdentityType;
@@ -1120,8 +1168,24 @@
protected Object lookupRelationshipType(IdentityObjectRelationshipType
relationshipType, EntityManager em)
{
- // TODO implement
- return null;
+ Property<?> relationshipTypeNameProp =
modelProperties.get(PROPERTY_RELATIONSHIP_TYPE_NAME);
+
+ if (relationshipTypeNameProp != null)
+ {
+ CriteriaBuilder builder = em.getCriteriaBuilder();
+ CriteriaQuery<?> criteria =
builder.createQuery(relationshipTypeNameProp.getDeclaringClass());
+ Root<?> root =
criteria.from(relationshipTypeNameProp.getDeclaringClass());
+
+ List<Predicate> predicates = new ArrayList<Predicate>();
+ predicates.add(builder.equal(root.get(relationshipTypeNameProp.getName()),
relationshipType.getName()));
+ criteria.where(predicates.toArray(new Predicate[0]));
+
+ return em.createQuery(criteria).getSingleResult();
+ }
+ else
+ {
+ return relationshipType.getName();
+ }
}
public String createRelationshipName(IdentityStoreInvocationContext ctx,
@@ -1287,12 +1351,35 @@
}
public Set<String> getRelationshipNames(IdentityStoreInvocationContext ctx,
- IdentityObject identity, IdentityObjectSearchCriteria criteria)
+ IdentityObject identity, IdentityObjectSearchCriteria searchCriteria)
throws IdentityException, OperationNotSupportedException
{
- System.out.println("*** Invoked unimplemented method
getRelationshipNames()");
- // TODO Auto-generated method stub
- return null;
+ Set<String> names = new HashSet<String>();
+
+ if (!featuresMetaData.isNamedRelationshipsSupported()) return names;
+
+ EntityManager em = getEntityManager(ctx);
+
+ CriteriaBuilder builder = em.getCriteriaBuilder();
+ CriteriaQuery<?> criteria = builder.createQuery(relationshipClass);
+ Root<?> root = criteria.from(relationshipClass);
+
+ Property<?> identityFromProperty =
modelProperties.get(PROPERTY_RELATIONSHIP_FROM);
+ Property<?> relationshipNameProperty =
modelProperties.get(PROPERTY_RELATIONSHIP_NAME);
+
+ List<Predicate> predicates = new ArrayList<Predicate>();
+ predicates.add(builder.equal(root.get(identityFromProperty.getName()),
+ lookupIdentity(identity, em)));
+
+ criteria.where(predicates.toArray(new Predicate[0]));
+
+ List<?> results = em.createQuery(criteria).getResultList();
+ for (Object result : results)
+ {
+ names.add((String) relationshipNameProperty.getValue(result));
+ }
+
+ return names;
}
public Map<String, String> getRelationshipProperties(
@@ -1306,10 +1393,8 @@
}
public FeaturesMetaData getSupportedFeatures()
- {
- System.out.println("*** Invoked unimplemented method
getSupportedFeatures()");
- // TODO Auto-generated method stub
- return null;
+ {
+ return featuresMetaData;
}
public void removeIdentityObject(
@@ -1461,13 +1546,74 @@
}
public Set<IdentityObjectRelationship> resolveRelationships(
- IdentityStoreInvocationContext invocationCxt, IdentityObject identity,
+ IdentityStoreInvocationContext ctx, IdentityObject identity,
IdentityObjectRelationshipType relationshipType, boolean parent,
boolean named, String name) throws IdentityException
{
- // TODO Auto-generated method stub
- System.out.println("*** Invoked unimplemented method
resolveRelationships()");
- return null;
+ Set<IdentityObjectRelationship> relationships = new
HashSet<IdentityObjectRelationship>();
+
+ EntityManager em = getEntityManager(ctx);
+
+ CriteriaBuilder builder = em.getCriteriaBuilder();
+ CriteriaQuery<?> criteria = builder.createQuery(relationshipClass);
+ Root<?> root = criteria.from(relationshipClass);
+
+ Property<?> relationshipFromProp =
modelProperties.get(PROPERTY_RELATIONSHIP_FROM);
+ Property<?> relationshipToProp =
modelProperties.get(PROPERTY_RELATIONSHIP_TO);
+ Property<?> relationshipTypeProp =
modelProperties.get(PROPERTY_RELATIONSHIP_TYPE);
+ Property<?> relationshipNameProp =
modelProperties.get(PROPERTY_RELATIONSHIP_NAME);
+
+ List<Predicate> predicates = new ArrayList<Predicate>();
+
+ if (parent)
+ {
+ predicates.add(builder.equal(root.get(relationshipToProp.getName()),
+ lookupIdentity(identity, em)));
+ }
+ else
+ {
+ predicates.add(builder.equal(root.get(relationshipFromProp.getName()),
+ lookupIdentity(identity, em)));
+ }
+
+ if (relationshipType != null)
+ {
+ predicates.add(builder.equal(root.get(relationshipTypeProp.getName()),
+ lookupRelationshipType(relationshipType, em)));
+ }
+
+ if (named)
+ {
+ if (name != null)
+ {
+ predicates.add(builder.equal(root.get(relationshipNameProp.getName()),
+ name));
+ }
+ else
+ {
+ predicates.add(builder.isNotNull(root.get(relationshipNameProp.getName())));
+ }
+ }
+
+ criteria.where(predicates.toArray(new Predicate[0]));
+
+ List<?> results = em.createQuery(criteria).getResultList();
+
+ EntityToSpiConverter converter = new EntityToSpiConverter();
+
+ for (Object result : results)
+ {
+ IdentityObjectRelationship relationship = new IdentityObjectRelationshipImpl(
+ converter.convertToIdentityObject(relationshipFromProp.getValue(result)),
+ converter.convertToIdentityObject(relationshipToProp.getValue(result)),
+ (String) relationshipNameProp.getValue(result),
+ converter.convertToRelationshipType(relationshipTypeProp.getValue(result))
+ );
+
+ relationships.add(relationship);
+ }
+
+ return relationships;
}
public void setRelationshipNameProperties(
Modified:
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/action/UserAction.java
===================================================================
---
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/action/UserAction.java 2010-07-15
04:17:18 UTC (rev 13402)
+++
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/action/UserAction.java 2010-07-15
12:25:53 UTC (rev 13403)
@@ -30,7 +30,7 @@
private String username;
private String password;
private String confirm;
- private List<Role> roles;
+ private Collection<Role> roles;
private boolean enabled;
private boolean newUserFlag;
@@ -49,7 +49,7 @@
{
conversation.begin();
this.username = username;
- //roles = identityManager.getGrantedRoles(username);
+ roles = identityManager.getGrantedRoles(username);
enabled = identityManager.isUserEnabled(username);
newUserFlag = false;
}
@@ -203,7 +203,7 @@
this.confirm = confirm;
}
- public List<Role> getRoles()
+ public Collection<Role> getRoles()
{
return roles;
}
Modified:
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/picketlink/IdentitySessionProducer.java
===================================================================
---
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/picketlink/IdentitySessionProducer.java 2010-07-15
04:17:18 UTC (rev 13402)
+++
modules/security/trunk/impl/src/main/java/org/jboss/seam/security/management/picketlink/IdentitySessionProducer.java 2010-07-15
12:25:53 UTC (rev 13403)
@@ -66,6 +66,9 @@
options.put(JpaIdentityStore.OPTION_RELATIONSHIP_CLASS_NAME,
createOptionList("org.jboss.seam.security.examples.idmconsole.model.IdentityObjectRelationship"));
+ options.put(JpaIdentityStore.OPTION_RELATIONSHIP_NAME_CLASS_NAME,
+
createOptionList("org.jboss.seam.security.examples.idmconsole.model.RelationshipName"));
+
store.setOptions(options);
stores.add(store);
metadata.setIdentityStores(stores);
5285
days inactive
5285
days old
0 comments
1 participants
participants (1)
-
seam-commits@lists.jboss.org