Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-09 15:05:44 +01:00
Code Issues Packages Projects Releases Activity

cleanup authenticate method

Browse Source
This commit is contained in:
Sebastian Sdorra
2012-05-24 21:48:05 +02:00
parent 78ddc082dc
commit 94c7f96eeb
1 changed files with 94 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

141
scm-webapp/src/main/java/sonia/scm/web/security/BasicSecurityContext.java
View File

@@ -35,6 +35,7 @@ package sonia.scm.web.security;
//~--- non-JDK imports -------------------------------------------------------- //~--- non-JDK imports --------------------------------------------------------
import com.google.common.collect.Sets;
import com.google.inject.Inject; import com.google.inject.Inject;
import com.google.inject.servlet.SessionScoped; import com.google.inject.servlet.SessionScoped;
@@ -46,11 +47,14 @@ import sonia.scm.group.Group;
import sonia.scm.group.GroupManager; import sonia.scm.group.GroupManager;
import sonia.scm.security.CipherUtil; import sonia.scm.security.CipherUtil;
import sonia.scm.user.User; import sonia.scm.user.User;
import sonia.scm.user.UserException;
import sonia.scm.user.UserManager; import sonia.scm.user.UserManager;
import sonia.scm.util.Util; import sonia.scm.util.Util;
//~--- JDK imports ------------------------------------------------------------ //~--- JDK imports ------------------------------------------------------------
import java.io.IOException;
import java.util.Collection; import java.util.Collection;
import java.util.HashSet; import java.util.HashSet;
import java.util.Iterator; import java.util.Iterator;
@@ -129,64 +133,21 @@ public class BasicSecurityContext implements WebSecurityContext
try try
{ {
Set<String> groupSet = new HashSet<String>(); Set<String> groupSet = createGroupSet(ar);
// load external groups
Collection<String> extGroups = ar.getGroups();
if (extGroups != null)
{
groupSet.addAll(extGroups);
}
// load internal groups
loadGroups(groupSet);
// check for admin user // check for admin user
if (!user.isAdmin()) checkForAuthenticatedAdmin(user, groupSet);
{
user.setAdmin(isAdmin(groupSet));
if (logger.isDebugEnabled() && user.isAdmin())
{
logger.debug("user '{}' is marked as admin by configuration",
user.getName());
}
}
else if (logger.isDebugEnabled())
{
logger.debug("authenticator {} marked user '{}' as admin",
user.getType(), user.getName());
}
// store user // store user
User dbUser = userManager.get(user.getName()); User dbUser = userManager.get(user.getName());
if (dbUser != null) if (dbUser != null)
{ {
checkForDBAdmin(user, dbUser);
// if database user is an admin, set admin for the current user
if (dbUser.isAdmin())
{
if (logger.isDebugEnabled())
{
logger.debug(
"user '{}' of type '{}' is marked as admin by local database",
user.getName(), user.getType());
}
user.setAdmin(true);
}
// modify existing user, copy properties except password and admin
if (user.copyProperties(dbUser, false))
{
userManager.modify(dbUser);
}
} }
// create new user // create new user
else if (dbUser == null) else
{ {
userManager.create(user); userManager.create(user);
} }
@@ -296,6 +257,92 @@ public class BasicSecurityContext implements WebSecurityContext
//~--- methods -------------------------------------------------------------- //~--- methods --------------------------------------------------------------
/**
* Method description
*
*
* @param user
* @param groupSet
*/
private void checkForAuthenticatedAdmin(User user, Set<String> groupSet)
{
if (!user.isAdmin())
{
user.setAdmin(isAdmin(groupSet));
if (logger.isDebugEnabled() && user.isAdmin())
{
logger.debug("user '{}' is marked as admin by configuration",
user.getName());
}
}
else if (logger.isDebugEnabled())
{
logger.debug("authenticator {} marked user '{}' as admin",
user.getType(), user.getName());
}
}
/**
* Method description
*
*
* @param user
* @param dbUser
*
* @throws IOException
* @throws UserException
*/
private void checkForDBAdmin(User user, User dbUser)
throws UserException, IOException
{
// if database user is an admin, set admin for the current user
if (dbUser.isAdmin())
{
if (logger.isDebugEnabled())
{
logger.debug(
"user '{}' of type '{}' is marked as admin by local database",
user.getName(), user.getType());
}
user.setAdmin(true);
}
// modify existing user, copy properties except password and admin
if (user.copyProperties(dbUser, false))
{
userManager.modify(dbUser);
}
}
/**
* Method description
*
*
* @param ar
*
* @return
*/
private Set<String> createGroupSet(AuthenticationResult ar)
{
Set<String> groupSet = Sets.newHashSet();
// load external groups
Collection<String> extGroups = ar.getGroups();
if (extGroups != null)
{
groupSet.addAll(extGroups);
}
// load internal groups
loadGroups(groupSet);
return groupSet;
}
/** /**
* Method description * Method description
* *