• Home
• com.manydesigns
• portofino-pageactions
• 4.2.5
• source code
• AbstractPortofinoRealm.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.manydesigns.portofino.shiro.AbstractPortofinoRealm Maven / Gradle / Ivy

/*
 * Copyright (C) 2005-2017 ManyDesigns srl.  All rights reserved.
 * http://www.manydesigns.com/
 *
 * This is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as
 * published by the Free Software Foundation; either version 3 of
 * the License, or (at your option) any later version.
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this software; if not, write to the Free
 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
 */

package com.manydesigns.portofino.shiro;

import com.manydesigns.elements.reflection.ClassAccessor;
import com.manydesigns.elements.reflection.JavaClassAccessor;
import com.manydesigns.portofino.di.Inject;
import com.manydesigns.portofino.logic.SecurityLogic;
import com.manydesigns.portofino.modules.BaseModule;
import org.apache.commons.configuration.Configuration;
import org.apache.shiro.authc.credential.PasswordMatcher;
import org.apache.shiro.authc.credential.PasswordService;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.HashService;
import org.apache.shiro.crypto.hash.format.HashFormat;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import java.io.Serializable;
import java.util.*;

/**
 * Default implementation of PortofinoRealm. Provides convenient implementations of the interface methods.
 *
 * @author Paolo Predonzani     - [email protected]
 * @author Angelo Lupo          - [email protected]
 * @author Giampiero Granatella - [email protected]
 * @author Alessio Stalla       - [email protected]
 */
public abstract class AbstractPortofinoRealm extends AuthorizingRealm implements PortofinoRealm {
    public static final String copyright =
            "Copyright (C) 2005-2017 ManyDesigns srl";

    @Inject(BaseModule.PORTOFINO_CONFIGURATION)
    protected Configuration portofinoConfiguration;

    protected PasswordService passwordService;

    protected AbstractPortofinoRealm() {
        //Legacy - let the actual implementation handle hashing
        setup(new PlaintextHashService(), new PlaintextHashFormat());
    }

    //--------------------------------------------------------------------------
    // Authorization
    //--------------------------------------------------------------------------

    /**
     * {@inheritDoc}
     * 
This default implementation handles built-in groups (all, anonymous, registered, etc.), delegating
     * to loadAuthorizationInfo method the actual loading of application-specific groups.
     *
     * @return
     */
    public AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        Object principal = principals.getPrimaryPrincipal();
        Set groups = new HashSet();
        groups.add(SecurityLogic.getAllGroup(portofinoConfiguration));
        if (principal == null) {
            groups.add(SecurityLogic.getAnonymousGroup(portofinoConfiguration));
        } else if (principal instanceof Serializable) {
            groups.add(SecurityLogic.getRegisteredGroup(portofinoConfiguration));
            groups.addAll(loadAuthorizationInfo((Serializable) principal));
        } else {
            throw new AuthorizationException("Invalid principal: " + principal);
        }

        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(groups);
        if(groups.contains(SecurityLogic.getAdministratorsGroup(portofinoConfiguration))) {
            info.addStringPermission("*");
        }
        Permission permission = new GroupPermission(groups);
        info.setObjectPermissions(Collections.singleton(permission));
        return info;
    }

    /**
     * Loads the groups associated to a given user.
     * @param principal the user object.
     * @return the groups as a collection of strings.
     */
    protected Collection loadAuthorizationInfo(Serializable principal) {
        return Collections.emptySet();
    }

    //--------------------------------------------------------------------------
    // Groups CRUD
    //--------------------------------------------------------------------------

    /**
     * {@inheritDoc}
     * 
This default implementation returns the built-in groups
     * (all, anonymous, registered, administrators).
     * You can override it to add custom groups for your application.
     * @return
     */
    public Set getGroups() {
        Set groups = new LinkedHashSet();
        groups.add(SecurityLogic.getAllGroup(portofinoConfiguration));
        groups.add(SecurityLogic.getAnonymousGroup(portofinoConfiguration));
        groups.add(SecurityLogic.getRegisteredGroup(portofinoConfiguration));
        groups.add(SecurityLogic.getAdministratorsGroup(portofinoConfiguration));
        return groups;
    }

    //--------------------------------------------------------------------------
    // Users CRUD
    //--------------------------------------------------------------------------

    @Override
    public Serializable getUserById(String encodedUserId) {
        throw new UnsupportedOperationException();
    }

    @Override
    public Serializable getUserByEmail(String email) {
        throw new UnsupportedOperationException();
    }

    @Override
    public ClassAccessor getSelfRegisteredUserClassAccessor() {
        return JavaClassAccessor.getClassAccessor(User.class);
    }

    @Override
    public String getUserPrettyName(Serializable user) {
        return user.toString();
    }

    //--------------------------------------------------------------------------
    // User workflow
    //--------------------------------------------------------------------------

    @Override
    public void verifyUser(Serializable user) {
        throw new UnsupportedOperationException();
    }

    //--------------------------------------------------------------------------
    // User password management
    //--------------------------------------------------------------------------

    @Override
    public void changePassword(Serializable user, String oldPassword, String newPassword) {
        throw new UnsupportedOperationException();
    }

    @Override
    public String generateOneTimeToken(Serializable user) {
        throw new UnsupportedOperationException();
    }

    @Override
    public String saveSelfRegisteredUser(Object user) {
        throw new UnsupportedOperationException();
    }

    protected void setup(HashService hashService, HashFormat hashFormat) {
        PortofinoPasswordService passwordService = new PortofinoPasswordService();
        passwordService.setHashService(hashService);
        passwordService.setHashFormat(hashFormat);
        PasswordMatcher passwordMatcher = new PasswordMatcher();
        passwordMatcher.setPasswordService(passwordService);
        setCredentialsMatcher(passwordMatcher);
        this.passwordService = passwordService;
    }
}