[seam-commits] Seam SVN: r12754 - in modules/security/trunk: impl/src/main/java/org/jboss/seam/security and 1 other directory.

Tue May 18 20:55:10 EDT 2010

Author: shane.bryzak at jboss.com
Date: 2010-05-18 20:55:10 -0400 (Tue, 18 May 2010)
New Revision: 12754

Modified:
   modules/security/trunk/api/src/main/java/org/jboss/seam/security/Identity.java
   modules/security/trunk/impl/src/main/java/org/jboss/seam/security/IdentityImpl.java
Log:
added identity group operations


Modified: modules/security/trunk/api/src/main/java/org/jboss/seam/security/Identity.java
===================================================================

--- modules/security/trunk/api/src/main/java/org/jboss/seam/security/Identity.java	2010-05-18 20:51:05 UTC (rev 12753)
+++ modules/security/trunk/api/src/main/java/org/jboss/seam/security/Identity.java	2010-05-19 00:55:10 UTC (rev 12754)
@@ -97,6 +97,33 @@
     */
    boolean addRole(String role, String group, String groupType);
    
+   /**
+    * Checks if the authenticated user is a member of the specified group
+    * 
+    * @param name The name of the group
+    * @param groupType The type of the group, e.g. "office", "department", "global role", etc
+    * @return true if the user is a member of the group
+    */
+   boolean inGroup(String name, String groupType);
+   
+   /**
+    * Adds the user to the specified group. See hasRole() for semantics in 
+    * relationship to the authenticated status of the user.
+    * 
+    * @param name The name of the group
+    * @param groupType The type of the group
+    * @return true if the group was successfully added
+    */
+   boolean addGroup(String name, String groupType);
+   
+   /**
+    * Removes the currently authenticated user from the specified group
+    *  
+    * @param name The name of the group
+    * @param groupType The type of the group
+    */
+   void removeGroup(String name, String groupType);
+   
    /**   
     * Removes a role from the authenticated user
     * 

Modified: modules/security/trunk/impl/src/main/java/org/jboss/seam/security/IdentityImpl.java
===================================================================
--- modules/security/trunk/impl/src/main/java/org/jboss/seam/security/IdentityImpl.java	2010-05-18 20:51:05 UTC (rev 12753)
+++ modules/security/trunk/impl/src/main/java/org/jboss/seam/security/IdentityImpl.java	2010-05-19 00:55:10 UTC (rev 12754)
@@ -60,10 +60,10 @@
    
    public static final String ROLES_GROUP = "Roles";
    
-   Logger log = LoggerFactory.getLogger(Identity.class);
+   Logger log = LoggerFactory.getLogger(IdentityImpl.class);
 
    @Inject private BeanManager manager;
-   @Inject private CredentialsImpl credentials;
+   @Inject private Credentials credentials;
    @Inject private PermissionMapper permissionMapper;
    
    @Inject private IdentityManager identityManager;
@@ -74,12 +74,30 @@
    private Subject subject;
    private String jaasConfigName = null;
 
-   // Contains a group name to group type:role list mapping of roles assigned during the authentication process
+   /**
+    * Contains a group name to group type:role list mapping of roles assigned 
+    * during the authentication process
+    */
    private Map<String,Map<String,List<String>>> preAuthenticationRoles = new HashMap<String,Map<String,List<String>>>();
 
-   // Contains a group name to group type:role list mapping of roles granted after the authentication process has completed   
+   /**
+    * Contains a group name to group type:role list mapping of roles granted 
+    * after the authentication process has completed   
+    */
    private Map<String,Map<String,List<String>>> activeRoles = new HashMap<String,Map<String,List<String>>>();
    
+   /**
+    * Map of group name:group type group memberships assigned during the 
+    * authentication process
+    */
+   private Map<String,List<String>> preAuthenticationGroups = new HashMap<String,List<String>>();
+   
+   /**
+    * Map of group name:group type group memberships granted after the 
+    * authentication process has completed
+    */
+   private Map<String,List<String>> activeGroups = new HashMap<String,List<String>>();
+   
    private transient ThreadLocal<Boolean> systemOp;
    
    /**
@@ -295,8 +313,8 @@
       }
       finally
       {
-         // Set password to null whether authentication is successful or not
-         credentials.setPassword(null);
+         // Set credential to null whether authentication is successful or not
+         credentials.setCredential(null);
          authenticating = false;
       }
    }
@@ -332,23 +350,35 @@
          }
       }
       
-      if (!preAuthenticationRoles.isEmpty() && isLoggedIn())
+      if (isLoggedIn())
       {
-         for (String group : preAuthenticationRoles.keySet())
+         if (!preAuthenticationRoles.isEmpty())
          {
-            Map<String,List<String>> groupTypeRoles = preAuthenticationRoles.get(group);
-            for (String groupType : groupTypeRoles.keySet())
+            for (String group : preAuthenticationRoles.keySet())
             {
-               for (String roleType : groupTypeRoles.get(groupType))
+               Map<String,List<String>> groupTypeRoles = preAuthenticationRoles.get(group);
+               for (String groupType : groupTypeRoles.keySet())
                {
-                  addRole(roleType, group, groupType);
+                  for (String roleType : groupTypeRoles.get(groupType))
+                  {
+                     addRole(roleType, group, groupType);
+                  }
                }
             }
+            preAuthenticationRoles.clear();
          }
-         preAuthenticationRoles.clear();
+         
+         if (!preAuthenticationGroups.isEmpty())
+         {
+            for (String group : preAuthenticationGroups.keySet())
+            {
+               activeGroups.put(group, preAuthenticationGroups.get(group));
+            }
+            preAuthenticationGroups.clear();
+         }         
       }
 
-      credentials.setPassword(null);
+      credentials.setCredential(null);
       
       manager.fireEvent(new PostAuthenticateEvent());
    }
@@ -420,8 +450,12 @@
                }
                else if (callbacks[i] instanceof PasswordCallback)
                {
-                  ( (PasswordCallback) callbacks[i] ).setPassword( credentials.getPassword() != null ?
-                           credentials.getPassword().toCharArray() : null );
+                  if (credentials.getCredential() instanceof PasswordCredential)
+                  {
+                     PasswordCredential credential = (PasswordCredential) credentials.getCredential();
+                     ( (PasswordCallback) callbacks[i] ).setPassword( credential.getPassword() != null ?
+                           credential.getPassword().toCharArray() : null );                     
+                  }
                }
                else if (callbacks[i] instanceof IdentityCallback)
                {
@@ -501,6 +535,42 @@
       
       return roleTypes.add(roleType);
    }
+   
+   public boolean inGroup(String name, String groupType)
+   {
+      return activeGroups.containsKey(name) && activeGroups.get(name).contains(groupType);
+   }
+   
+   public boolean addGroup(String name, String groupType)
+   {
+      if (name == null || "".equals(name) || groupType == null || "".equals(groupType))
+      {
+         return false;
+      }
+      
+      Map<String,List<String>> groupMap = isLoggedIn() ? activeGroups : preAuthenticationGroups;
+      
+      List<String> groupTypes = null;
+      if (groupMap.containsKey(name))
+      {
+         groupTypes = groupMap.get(name);
+      }
+      else
+      {
+         groupTypes = new ArrayList<String>();
+         groupMap.put(name, groupTypes);
+      }
+      
+      return groupTypes.add(groupType);
+   }
+   
+   public void removeGroup(String name, String groupType)
+   {
+      if (activeGroups.containsKey(name))
+      {
+         activeGroups.get(name).remove(groupType);
+      }
+   }
 
    /**
     * Removes a role from the authenticated user

