added first draft of mapplication support
This commit is contained in:
@ -45,12 +45,35 @@ public class AccountControl implements Serializable {
|
||||
@Inject
|
||||
EntityManager em;
|
||||
|
||||
public List<AccountEntity> getAccounts() {
|
||||
/**
|
||||
* returns a list of active accounts
|
||||
*
|
||||
* @return a list of active accounts
|
||||
*/
|
||||
public List<AccountEntity> getActiveAccounts() {
|
||||
Query query = em.createQuery("SELECT a FROM AccountEntity a WHERE a.status <> :status", AccountEntity.class);
|
||||
query.setParameter("status", AccountStatus.DISABLED.name());
|
||||
return query.getResultList();
|
||||
}
|
||||
|
||||
/**
|
||||
* returns a list of active accounts
|
||||
*
|
||||
* @return a list of active accounts
|
||||
*/
|
||||
public List<AccountEntity> getAllAccounts() {
|
||||
Query query = em.createNamedQuery("AccountEntity.findAll");
|
||||
return query.getResultList();
|
||||
}
|
||||
|
||||
public List<AccountEntity> getAccounts(boolean includeDisabled) {
|
||||
if (includeDisabled) {
|
||||
return getAllAccounts();
|
||||
} else {
|
||||
return getActiveAccounts();
|
||||
}
|
||||
}
|
||||
|
||||
public AccountEntity getAccountEntity(String userName, boolean loadRoles) {
|
||||
StringBuilder queryBuilder = new StringBuilder();
|
||||
queryBuilder.append("SELECT a FROM AccountEntity a ");
|
||||
@ -68,8 +91,7 @@ public class AccountControl implements Serializable {
|
||||
}
|
||||
|
||||
@Transactional
|
||||
// TODO add role names from application because only application can know how its roles are named
|
||||
public AccountEntity saveAccount(AccountEntity account, boolean isAdmin) {
|
||||
public AccountEntity saveAccount(AccountEntity account, List<ApplicationRoleEntity> applicationRoles) {
|
||||
Date now = new Date(); // Todo now in UTC
|
||||
Subject currentUser = SecurityUtils.getSubject();
|
||||
String currentLoggedInUser = currentUser.getPrincipal().toString();
|
||||
@ -96,41 +118,42 @@ public class AccountControl implements Serializable {
|
||||
account = getAccountEntity(account.getUsername(), true);
|
||||
}
|
||||
|
||||
// load Admin or User role from database
|
||||
String roleName = (isAdmin ? "Admin" : "User");
|
||||
Query roleQuery = em.createNamedQuery("ApplicationRoleEntity.findByRoleName");
|
||||
roleQuery.setParameter("roleName", roleName);
|
||||
ApplicationRoleEntity role = (ApplicationRoleEntity) roleQuery.getSingleResult();
|
||||
|
||||
if (role != null) {
|
||||
// add new user add required role
|
||||
// do not request based on newUser variable; this way existing users with missing role (for whatever reason)
|
||||
// will be fixed automatically
|
||||
if (account.getApplicationRoleList() == null || account.getApplicationRoleList().isEmpty()) {
|
||||
account.setApplicationRoleList(new ArrayList<>());
|
||||
account.getApplicationRoleList().add(role);
|
||||
em.merge(account);
|
||||
LOGGER.info("Added role " + roleName + " to user " + account.getUsername());
|
||||
|
||||
} else if (!account.getApplicationRoleList().get(0).equals(role)) {
|
||||
// change role from User to Admin and vice versa
|
||||
// user already exists, has existing role
|
||||
// check if existing role is different from current role and change it
|
||||
// be carefull: this only works as long as a user has exactly one role!
|
||||
// he is either User or Admin
|
||||
// TODO add "UserRole" to every user, make this default Role configurable
|
||||
// TODO add AdminRole in addtion if needed
|
||||
account.getApplicationRoleList().remove(0);
|
||||
account.getApplicationRoleList().add(role);
|
||||
em.merge(account);
|
||||
LOGGER.info("Switched role of user " + account.getUsername() + " to " + roleName);
|
||||
// assign roles to account
|
||||
if (account.getApplicationRoleList() == null) {
|
||||
account.setApplicationRoleList(new ArrayList<>());
|
||||
}
|
||||
|
||||
boolean roleSetupChanged = false;
|
||||
// remove roles which are no longer listed
|
||||
for (ApplicationRoleEntity currentlyAssignedRole : account.getApplicationRoleList()) {
|
||||
if (!applicationRoles.contains (currentlyAssignedRole)) {
|
||||
account.getApplicationRoleList().remove(currentlyAssignedRole);
|
||||
roleSetupChanged = true;
|
||||
if (LOGGER.isDebugEnabled()) {
|
||||
LOGGER.debug("Removed role {} from user {}", currentlyAssignedRole.getRoleName(), account.getUsername());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// add newly added roles to role list
|
||||
for (ApplicationRoleEntity applicationRole : applicationRoles) {
|
||||
if (!account.getApplicationRoleList().contains(applicationRole)) {
|
||||
account.addApplicationRole (applicationRole);
|
||||
roleSetupChanged = true;
|
||||
if (LOGGER.isDebugEnabled()) {
|
||||
LOGGER.debug("Added role {} to account {}", applicationRole.getRoleName(), account.getUsername());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// update account in database if roles changed
|
||||
if (roleSetupChanged) {
|
||||
em.merge(account);
|
||||
}
|
||||
return account;
|
||||
}
|
||||
|
||||
@Transactional
|
||||
public void deleteAccount(AccountEntity account) throws AccountException {
|
||||
Date now = new Date(); // Todo now in UTC
|
||||
Subject currentUser = SecurityUtils.getSubject();
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
package de.muehlencord.shared.account.business.account.entity;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
import java.util.UUID;
|
||||
@ -35,11 +36,11 @@ import org.hibernate.annotations.Type;
|
||||
@Table(name = "account")
|
||||
@XmlRootElement
|
||||
@NamedQueries({
|
||||
@NamedQuery(name = "AccountEntity.findAll", query = "SELECT a FROM AccountEntity a"),
|
||||
@NamedQuery(name = "AccountEntity.findAll", query = "SELECT a FROM AccountEntity a ORDER by a.username"),
|
||||
@NamedQuery(name = "AccountEntity.findByUsername", query = "SELECT a FROM AccountEntity a WHERE a.username = :username"),
|
||||
@NamedQuery(name = "AccountEntity.findByEmailaddress", query = "SELECT a FROM AccountEntity a WHERE a.emailaddress = :emailaddress"),
|
||||
@NamedQuery(name = "AccountEntity.findByFirstname", query = "SELECT a FROM AccountEntity a WHERE a.firstname = :firstname"),
|
||||
@NamedQuery(name = "AccountEntity.findByLastname", query = "SELECT a FROM AccountEntity a WHERE a.lastname = :lastname"),
|
||||
@NamedQuery(name = "AccountEntity.findByEmailaddress", query = "SELECT a FROM AccountEntity a WHERE a.emailaddress = :emailaddress ORDER BY a.username"),
|
||||
@NamedQuery(name = "AccountEntity.findByFirstname", query = "SELECT a FROM AccountEntity a WHERE a.firstname = :firstname ORDER BY a.username"),
|
||||
@NamedQuery(name = "AccountEntity.findByLastname", query = "SELECT a FROM AccountEntity a WHERE a.lastname = :lastname ORDER BY a.username"),
|
||||
@NamedQuery(name = "AccountEntity.findByAccountPassword", query = "SELECT a FROM AccountEntity a WHERE a.accountPassword = :accountPassword"),
|
||||
@NamedQuery(name = "AccountEntity.findByLastLogin", query = "SELECT a FROM AccountEntity a WHERE a.lastLogin = :lastLogin"),
|
||||
@NamedQuery(name = "AccountEntity.findByLastFailedLogin", query = "SELECT a FROM AccountEntity a WHERE a.lastFailedLogin = :lastFailedLogin"),
|
||||
@ -169,6 +170,15 @@ public class AccountEntity implements Serializable, Account {
|
||||
this.lastUpdatedBy = lastUpdatedBy;
|
||||
}
|
||||
|
||||
public void addApplicationRole(ApplicationRoleEntity applicationRole) {
|
||||
if (applicationRoleList == null) {
|
||||
applicationRoleList = new ArrayList<>();
|
||||
}
|
||||
applicationRoleList.add (applicationRole);
|
||||
}
|
||||
|
||||
/* **** getter / setter **** */
|
||||
|
||||
public UUID getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
@ -1,5 +1,8 @@
|
||||
package de.muehlencord.shared.account.business.account.entity;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author joern.muehlencord
|
||||
@ -11,5 +14,13 @@ public enum AccountStatus {
|
||||
BLOCKED, // account is blocked after too many login failures or other security related events
|
||||
DISABLED; // account is disabled and cannot be used anymore
|
||||
|
||||
public static List<String> getAllStatusNames() {
|
||||
List<String> statusNames = new ArrayList<>();
|
||||
for (AccountStatus currentStatus : AccountStatus.values()) {
|
||||
statusNames.add (currentStatus.name());
|
||||
}
|
||||
return statusNames;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package de.muehlencord.shared.account.business.account.entity;
|
||||
|
||||
import de.muehlencord.shared.account.business.application.entity.ApplicationEntity;
|
||||
import java.io.Serializable;
|
||||
import java.util.List;
|
||||
import java.util.UUID;
|
||||
@ -11,6 +12,7 @@ import javax.persistence.Id;
|
||||
import javax.persistence.JoinColumn;
|
||||
import javax.persistence.JoinTable;
|
||||
import javax.persistence.ManyToMany;
|
||||
import javax.persistence.ManyToOne;
|
||||
import javax.persistence.NamedQueries;
|
||||
import javax.persistence.NamedQuery;
|
||||
import javax.persistence.Table;
|
||||
@ -62,6 +64,9 @@ public class ApplicationRoleEntity implements Serializable {
|
||||
@JoinColumn(name = "role_permission", referencedColumnName = "id")})
|
||||
@ManyToMany
|
||||
private List<ApplicationPermissionEntity> applicationPermissionList;
|
||||
@JoinColumn(name = "application", referencedColumnName = "id")
|
||||
@ManyToOne(optional = false)
|
||||
private ApplicationEntity application;
|
||||
|
||||
public ApplicationRoleEntity() {
|
||||
}
|
||||
@ -124,6 +129,14 @@ public class ApplicationRoleEntity implements Serializable {
|
||||
this.applicationPermissionList = applicationPermissionList;
|
||||
}
|
||||
|
||||
public ApplicationEntity getApplication() {
|
||||
return application;
|
||||
}
|
||||
|
||||
public void setApplication(ApplicationEntity application) {
|
||||
this.application = application;
|
||||
}
|
||||
|
||||
@Override
|
||||
public int hashCode() {
|
||||
int hash = 0;
|
||||
|
||||
@ -0,0 +1,73 @@
|
||||
package de.muehlencord.shared.account.business.application.boundary;
|
||||
|
||||
import de.muehlencord.shared.account.business.application.entity.ApplicationEntity;
|
||||
import java.io.Serializable;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import javax.ejb.Stateless;
|
||||
import javax.inject.Inject;
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.Query;
|
||||
import javax.transaction.Transactional;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author Joern Muehlencord <joern at muehlencord.de>
|
||||
*/
|
||||
@Stateless
|
||||
public class ApplicationService implements Serializable {
|
||||
|
||||
private static final long serialVersionUID = 4262608935325326191L;
|
||||
private static final Logger LOGGER = LoggerFactory.getLogger(ApplicationService.class);
|
||||
|
||||
@Inject
|
||||
EntityManager em;
|
||||
|
||||
public List<ApplicationEntity> getAllApplications() {
|
||||
Query query = em.createNamedQuery("ApplicationEntity.findAll");
|
||||
List<ApplicationEntity> resultList = query.getResultList();
|
||||
if (resultList == null) {
|
||||
return new ArrayList<>();
|
||||
} else {
|
||||
return resultList;
|
||||
}
|
||||
}
|
||||
|
||||
@Transactional
|
||||
public ApplicationEntity createOrUpdate(ApplicationEntity app) {
|
||||
if (app == null) {
|
||||
// TODO add error handling
|
||||
return null;
|
||||
} else {
|
||||
if (app.getId() == null) {
|
||||
em.persist(app);
|
||||
ApplicationEntity returnValue = findByApplicationName(app.getApplicationName());
|
||||
if (LOGGER.isDebugEnabled()) {
|
||||
LOGGER.debug("Application {} created", app.getApplicationName());
|
||||
}
|
||||
|
||||
return returnValue;
|
||||
} else {
|
||||
ApplicationEntity returnValue = em.merge(app);
|
||||
if (LOGGER.isDebugEnabled()) {
|
||||
LOGGER.debug("Applicateion {} updated", app.getApplicationName());
|
||||
}
|
||||
return returnValue;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public ApplicationEntity findByApplicationName(String applicationName) {
|
||||
Query query = em.createNamedQuery("ApplicationEntity.findByApplicationName");
|
||||
query.setParameter("applicationName", applicationName);
|
||||
List<ApplicationEntity> resultList = query.getResultList();
|
||||
if ((resultList == null) || (resultList.isEmpty())) {
|
||||
return null;
|
||||
} else {
|
||||
return resultList.get(0);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,107 @@
|
||||
package de.muehlencord.shared.account.business.application.entity;
|
||||
|
||||
import de.muehlencord.shared.account.business.account.entity.ApplicationRoleEntity;
|
||||
import java.io.Serializable;
|
||||
import java.util.List;
|
||||
import java.util.UUID;
|
||||
import javax.persistence.Basic;
|
||||
import javax.persistence.CascadeType;
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Entity;
|
||||
import javax.persistence.GeneratedValue;
|
||||
import javax.persistence.Id;
|
||||
import javax.persistence.NamedQueries;
|
||||
import javax.persistence.NamedQuery;
|
||||
import javax.persistence.OneToMany;
|
||||
import javax.persistence.Table;
|
||||
import javax.validation.constraints.NotNull;
|
||||
import javax.validation.constraints.Size;
|
||||
import javax.xml.bind.annotation.XmlRootElement;
|
||||
import javax.xml.bind.annotation.XmlTransient;
|
||||
import org.hibernate.annotations.GenericGenerator;
|
||||
import org.hibernate.annotations.Type;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author Joern Muehlencord <joern at muehlencord.de>
|
||||
*/
|
||||
@Entity
|
||||
@Table(name = "application")
|
||||
@XmlRootElement
|
||||
@NamedQueries({
|
||||
@NamedQuery(name = "ApplicationEntity.findAll", query = "SELECT a FROM ApplicationEntity a"),
|
||||
@NamedQuery(name = "ApplicationEntity.findByApplicationName", query = "SELECT a FROM ApplicationEntity a WHERE a.applicationName = :applicationName")})
|
||||
public class ApplicationEntity implements Serializable {
|
||||
|
||||
private static final long serialVersionUID = -6407525020014743727L;
|
||||
|
||||
@Id
|
||||
@Basic(optional = false)
|
||||
@NotNull
|
||||
@Column(name = "id")
|
||||
@GeneratedValue(generator = "uuid2")
|
||||
@GenericGenerator(name = "uuid2", strategy = "uuid2")
|
||||
@Type(type = "pg-uuid")
|
||||
private UUID id;
|
||||
@Basic(optional = false)
|
||||
@NotNull
|
||||
@Size(min = 1, max = 200)
|
||||
@Column(name = "application_name", unique = true)
|
||||
private String applicationName;
|
||||
@OneToMany(cascade = CascadeType.ALL, mappedBy = "application")
|
||||
private List<ApplicationRoleEntity> applicationRoleEntityList;
|
||||
|
||||
public ApplicationEntity() {
|
||||
}
|
||||
|
||||
public UUID getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public void setId(UUID id) {
|
||||
this.id = id;
|
||||
}
|
||||
|
||||
public String getApplicationName() {
|
||||
return applicationName;
|
||||
}
|
||||
|
||||
public void setApplicationName(String applicationName) {
|
||||
this.applicationName = applicationName;
|
||||
}
|
||||
|
||||
@XmlTransient
|
||||
public List<ApplicationRoleEntity> getApplicationRoleEntityList() {
|
||||
return applicationRoleEntityList;
|
||||
}
|
||||
|
||||
public void setApplicationRoleEntityList(List<ApplicationRoleEntity> applicationRoleEntityList) {
|
||||
this.applicationRoleEntityList = applicationRoleEntityList;
|
||||
}
|
||||
|
||||
@Override
|
||||
public int hashCode() {
|
||||
int hash = 0;
|
||||
hash += (id != null ? id.hashCode() : 0);
|
||||
return hash;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean equals(Object object) {
|
||||
// TODO: Warning - this method won't work in the case the id fields are not set
|
||||
if (!(object instanceof ApplicationEntity)) {
|
||||
return false;
|
||||
}
|
||||
ApplicationEntity other = (ApplicationEntity) object;
|
||||
if ((this.id == null && other.id != null) || (this.id != null && !this.id.equals(other.id))) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "de.muehlencord.shared.account.business.application.entity.ApplicationEntity[ id=" + id + " ]";
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user