Java tutorial
/******************************************************************************* * Educational Online Test Delivery System * Copyright (c) 2014 American Institutes for Research * * Distributed under the AIR Open Source License, Version 1.0 * See accompanying file AIR-License-1_0.txt or at * https://bitbucket.org/sbacoss/eotds/wiki/AIR_Open_Source_License ******************************************************************************/ package org.opentestsystem.shared.security.domain; import java.util.ArrayList; import java.util.Collection; import java.util.HashMap; import java.util.List; import java.util.Map; import org.apache.commons.lang.StringUtils; import org.opentestsystem.shared.security.service.RolesAndPermissionsServiceImpl; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; import com.google.common.base.Predicates; import com.google.common.collect.ArrayListMultimap; import com.google.common.collect.ImmutableMap; import com.google.common.collect.Iterables; import com.google.common.collect.Multimap; public class SbacUser implements UserDetails { private static final long serialVersionUID = 4002982336796256051L; private static final Map<String, Collection<SbacRole>> EMPTY_MAP = new HashMap<>(); private static final List<GrantedAuthority> EMPTY_LIST = new ArrayList<>(); public static final String EMAIL_KEY = "email"; public static final String FIRST_NAME_KEY = "firstName"; public static final String LAST_NAME_KEY = "lastName"; public static final String FULL_NAME_KEY = "fullName"; public static final String USER_UNIQUE_ID_KEY = "uniqueIdentifier"; public static final String PHONE_KEY = "phone"; public static final Map<String, String> BLANK_USER_ATTRIBS = new HashMap<String, String>() { private static final long serialVersionUID = -891830990010358498L; { this.put(EMAIL_KEY, "unknown"); this.put(FIRST_NAME_KEY, "unknown"); this.put(LAST_NAME_KEY, "unknown"); this.put(FULL_NAME_KEY, "unknown"); this.put(USER_UNIQUE_ID_KEY, "unknown"); this.put(PHONE_KEY, "unknown"); } }; // a User may have multiple roles (same role name related to different entities) // key=Role Name, Value=Collection<SbacRole> private final Map<String, Collection<SbacRole>> sbacRolesMap; private final Collection<GrantedAuthority> authorities; private final String firstName; private final String lastName; private final String fullName; private final String email; private final String uniqueId; private final String phoneNumber; private final Map<String, Collection<GrantedAuthority>> authoritesByTenantId; public Collection<SbacRole> getRoles() { Collection<SbacRole> roles = new ArrayList<>(); for (Collection<SbacRole> sbacRoles : sbacRolesMap.values()) { Iterables.addAll(roles, Iterables.filter(sbacRoles, RolesAndPermissionsServiceImpl.ROLE_APPLICABLE_TO_COMPONENT_FILTER)); } return roles; } public Collection<SbacRole> getNonEffectiveRoles() { Collection<SbacRole> roles = new ArrayList<>(); for (Collection<SbacRole> sbacRoles : sbacRolesMap.values()) { Iterables.addAll(roles, Iterables.filter(sbacRoles, Predicates.not(RolesAndPermissionsServiceImpl.ROLE_APPLICABLE_TO_COMPONENT_FILTER))); } return roles; } public SbacUser(final Multimap<String, SbacRole> inUserRoles, final Map<String, String> userAttributes) { this.sbacRolesMap = inUserRoles == null ? EMPTY_MAP : ImmutableMap.copyOf(inUserRoles.asMap()); this.authorities = inUserRoles == null ? EMPTY_LIST : SbacRole.calculateGrantedAuthority(inUserRoles.values()); this.authoritesByTenantId = calculateAuthoritiesByTenantId(inUserRoles); Map<String, String> userAttribsToUse = userAttributes; if (userAttributes == null) { userAttribsToUse = BLANK_USER_ATTRIBS; } firstName = userAttribsToUse.get(FIRST_NAME_KEY); lastName = userAttribsToUse.get(LAST_NAME_KEY); fullName = userAttribsToUse.get(FULL_NAME_KEY); email = userAttribsToUse.get(EMAIL_KEY); uniqueId = userAttribsToUse.get(USER_UNIQUE_ID_KEY); phoneNumber = userAttribsToUse.get(PHONE_KEY); } private Map<String, Collection<GrantedAuthority>> calculateAuthoritiesByTenantId( final Multimap<String, SbacRole> inUserRoles) { Multimap<String, GrantedAuthority> ret = ArrayListMultimap.create(); if (inUserRoles != null) { for (SbacRole role : inUserRoles.values()) { if (role.isApplicableToComponent() && role.getEffectiveTenant() != null && role.getPermissions() != null && role.getPermissions().size() > 0) { ret.putAll(role.getEffectiveTenant().getId(), role.getPermissions()); } } } return ret.asMap(); } public String getFirstName() { return this.firstName; } public String getLastName() { return this.lastName; } public String getFullName() { return this.fullName; } public String getEmail() { return this.email; } public String getPhoneNumber() { return phoneNumber; } public Collection<SbacRole> getSbacRole(final String role) { return this.sbacRolesMap.get(role); } @Override public Collection<? extends GrantedAuthority> getAuthorities() { return this.authorities; } @Override public String getPassword() { return "donno"; } @Override public String getUsername() { return this.email; } public String getUniqueId() { return uniqueId; } @Override public boolean isAccountNonExpired() { return false; } @Override public boolean isAccountNonLocked() { return false; } @Override public boolean isCredentialsNonExpired() { return false; } @Override public boolean isEnabled() { return false; } public boolean hasPermissionForComponent() { return !getAuthorities().isEmpty(); } public boolean hasPermission(final String inPermission) { boolean ret = false; if (!StringUtils.isBlank(inPermission) && getAuthorities() != null) { for (GrantedAuthority permission : getAuthorities()) { ret = inPermission.equals(permission.getAuthority()); if (ret) { break; } } } return ret; } public boolean hasPermissionForTenant(final String inPermission, final String tenantId) { boolean ret = false; if (!StringUtils.isBlank(inPermission) && !StringUtils.isBlank(tenantId) && authoritesByTenantId.get(tenantId) != null) { for (GrantedAuthority permission : authoritesByTenantId.get(tenantId)) { ret = inPermission.equals(permission.getAuthority()); if (ret) { break; } } } return ret; } }