software.coolstuff.springframework.owncloud.service.api.OwncloudGrantedAuthoritiesMapper Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of owncloud-spring-boot-starter Show documentation
Show all versions of owncloud-spring-boot-starter Show documentation
Spring Boot Owncloud Service and Authentication Provider
/*-
* #%L
* owncloud-spring-boot-starter
* %%
* Copyright (C) 2016 - 2017 by the original Authors
* %%
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public
* License along with this program. If not, see
* .
* #L%
*/
package software.coolstuff.springframework.owncloud.service.api;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
import software.coolstuff.springframework.owncloud.model.OwncloudUserDetails;
import software.coolstuff.springframework.owncloud.service.impl.rest.OwncloudRestUserDetailsServiceImpl;
import java.util.Collection;
/**
* An Implementation of this Interface can be seen as an Alternative to {@link GrantedAuthoritiesMapper}.
*
* If you want to implement any {@link GrantedAuthority} based on the User then any Implementation of {@link GrantedAuthoritiesMapper}
* will be of no use because {@link GrantedAuthoritiesMapper#mapAuthorities(Collection)} only gets a Collection of {@link GrantedAuthority}.
*
* By implementing this Interface you also get the Username of the authenticated Owncloud User as a Decision Base for the granted Authorities.
* So you can implement the following Authentication-Structure (based on Spring Security JDBC):
*
* +-------------+ +--------------+
* | Users | | Authorities |
* +-------------+ +--------------+
* | PK username | | PK authority |
* +-------------+ +--------------+
* | |
* +--------+-------+ +--------+-------+
* /|\ /|\ /|\ /|\
* +-----------------+ +-----------------+ +------------------+
* | Memberships | | UserAuthorities | | GroupAuthorities |
* +-----------------+ +-----------------+ +------------------+
* | PK FK username | | PK FK username | | PK FK groupname |
* | PK FK groupname | | PK FK authority | | PK FK authority |
* +-----------------+ +-----------------+ +------------------+
* \|/ \|/
* +---------------------+---------------------+
* |
* +--------------+
* | Groups |
* +--------------+
* | PK groupname |
* +--------------+
*
* Whereas the Tables Users, Groups and Memberships are implemented by Owncloud.
*
* So, in simple Words, by implementing this Interface as a Service you can put the Authorities of your own Application into the
* {@link OwncloudUserDetails} Object returned by the {@link OwncloudRestUserDetailsServiceImpl#loadUserByUsername(String)}
*
* @author mufasa1976
* @see GrantedAuthoritiesMapper
* @since 1.0.0
*/
@FunctionalInterface
public interface OwncloudGrantedAuthoritiesMapper {
Collection mapAuthorities(String username, Collection grantedAuthorities);
}