-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge Hub Access Meeds-io/MIPs#63 (#653)
- Loading branch information
Showing
16 changed files
with
658 additions
and
149 deletions.
There are no files selected for viewing
26 changes: 26 additions & 0 deletions
26
component/portal/src/main/java/io/meeds/portal/security/constant/UserRegistrationType.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
/** | ||
* This file is part of the Meeds project (https://meeds.io/). | ||
* | ||
* Copyright (C) 2020 - 2023 Meeds Association [email protected] | ||
* | ||
* This program is free software; you can redistribute it and/or | ||
* modify it under the terms of the GNU Lesser General Public | ||
* License as published by the Free Software Foundation; either | ||
* version 3 of the License, or (at your option) any later version. | ||
* This program is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
* Lesser General Public License for more details. | ||
* | ||
* You should have received a copy of the GNU Lesser General Public License | ||
* along with this program; if not, write to the Free Software Foundation, | ||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | ||
*/ | ||
|
||
package io.meeds.portal.security.constant; | ||
|
||
public enum UserRegistrationType { | ||
|
||
OPEN, RESTRICTED; | ||
|
||
} |
39 changes: 39 additions & 0 deletions
39
component/portal/src/main/java/io/meeds/portal/security/model/RegistrationSetting.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
/** | ||
* This file is part of the Meeds project (https://meeds.io/). | ||
* | ||
* Copyright (C) 2020 - 2023 Meeds Association [email protected] | ||
* | ||
* This program is free software; you can redistribute it and/or | ||
* modify it under the terms of the GNU Lesser General Public | ||
* License as published by the Free Software Foundation; either | ||
* version 3 of the License, or (at your option) any later version. | ||
* This program is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
* Lesser General Public License for more details. | ||
* | ||
* You should have received a copy of the GNU Lesser General Public License | ||
* along with this program; if not, write to the Free Software Foundation, | ||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | ||
*/ | ||
|
||
package io.meeds.portal.security.model; | ||
|
||
import io.meeds.portal.security.constant.UserRegistrationType; | ||
|
||
import lombok.AllArgsConstructor; | ||
import lombok.Data; | ||
import lombok.NoArgsConstructor; | ||
|
||
@Data | ||
@NoArgsConstructor | ||
@AllArgsConstructor | ||
public class RegistrationSetting { | ||
|
||
private UserRegistrationType type; | ||
|
||
private boolean externalUser; | ||
|
||
private String[] extraGroupIds; | ||
|
||
} |
71 changes: 71 additions & 0 deletions
71
component/portal/src/main/java/io/meeds/portal/security/rest/RegistrationSettingRest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
/** | ||
* This file is part of the Meeds project (https://meeds.io/). | ||
* | ||
* Copyright (C) 2020 - 2023 Meeds Association [email protected] | ||
* | ||
* This program is free software; you can redistribute it and/or | ||
* modify it under the terms of the GNU Lesser General Public | ||
* License as published by the Free Software Foundation; either | ||
* version 3 of the License, or (at your option) any later version. | ||
* This program is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
* Lesser General Public License for more details. | ||
* | ||
* You should have received a copy of the GNU Lesser General Public License | ||
* along with this program; if not, write to the Free Software Foundation, | ||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | ||
*/ | ||
|
||
package io.meeds.portal.security.rest; | ||
|
||
import javax.annotation.security.RolesAllowed; | ||
import javax.ws.rs.Consumes; | ||
import javax.ws.rs.GET; | ||
import javax.ws.rs.PUT; | ||
import javax.ws.rs.Path; | ||
import javax.ws.rs.Produces; | ||
import javax.ws.rs.core.MediaType; | ||
import javax.ws.rs.core.Response; | ||
|
||
import org.exoplatform.services.rest.resource.ResourceContainer; | ||
|
||
import io.meeds.portal.security.model.RegistrationSetting; | ||
import io.meeds.portal.security.service.SecuritySettingService; | ||
|
||
import io.swagger.v3.oas.annotations.Operation; | ||
import io.swagger.v3.oas.annotations.responses.ApiResponse; | ||
import io.swagger.v3.oas.annotations.responses.ApiResponses; | ||
import io.swagger.v3.oas.annotations.tags.Tag; | ||
|
||
@Path("/registration/settings") | ||
@Tag(name = "/registration/settings", description = "Managing user registraion settings and flow") | ||
public class RegistrationSettingRest implements ResourceContainer { | ||
|
||
private SecuritySettingService securitySettingService; | ||
|
||
public RegistrationSettingRest(SecuritySettingService securitySettingService) { | ||
this.securitySettingService = securitySettingService; | ||
} | ||
|
||
@GET | ||
@Produces(MediaType.APPLICATION_JSON) | ||
@RolesAllowed("administrators") | ||
@Operation(summary = "Get user registraion settings", description = "Get user registraion settings", method = "GET") | ||
@ApiResponses(value = { @ApiResponse(responseCode = "200", description = "Request fulfilled") }) | ||
public Response getRegistrationSetting() { | ||
RegistrationSetting registrationSetting = securitySettingService.getRegistrationSetting(); | ||
return Response.ok(registrationSetting).build(); | ||
} | ||
|
||
@PUT | ||
@RolesAllowed("administrators") | ||
@Consumes(MediaType.APPLICATION_JSON) | ||
@Operation(summary = "Update user registraion settings and flow", description = "Update user registraion settings and flow", method = "PUT") | ||
@ApiResponses(value = { @ApiResponse(responseCode = "204", description = "Request fulfilled") }) | ||
public Response updateRegistrationSetting(RegistrationSetting registrationSetting) { | ||
securitySettingService.saveRegistrationSetting(registrationSetting); | ||
return Response.noContent().build(); | ||
} | ||
|
||
} |
165 changes: 165 additions & 0 deletions
165
component/portal/src/main/java/io/meeds/portal/security/service/SecuritySettingService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,165 @@ | ||
/** | ||
* This file is part of the Meeds project (https://meeds.io/). | ||
* | ||
* Copyright (C) 2020 - 2023 Meeds Association [email protected] | ||
* | ||
* This program is free software; you can redistribute it and/or | ||
* modify it under the terms of the GNU Lesser General Public | ||
* License as published by the Free Software Foundation; either | ||
* version 3 of the License, or (at your option) any later version. | ||
* This program is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
* Lesser General Public License for more details. | ||
* | ||
* You should have received a copy of the GNU Lesser General Public License | ||
* along with this program; if not, write to the Free Software Foundation, | ||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | ||
*/ | ||
package io.meeds.portal.security.service; | ||
|
||
import static io.meeds.portal.security.constant.UserRegistrationType.OPEN; | ||
|
||
import java.util.ArrayList; | ||
import java.util.Arrays; | ||
import java.util.List; | ||
|
||
import org.apache.commons.lang.StringUtils; | ||
|
||
import org.exoplatform.commons.api.settings.SettingService; | ||
import org.exoplatform.commons.api.settings.SettingValue; | ||
import org.exoplatform.commons.api.settings.data.Context; | ||
import org.exoplatform.commons.api.settings.data.Scope; | ||
|
||
import io.meeds.portal.security.constant.UserRegistrationType; | ||
import io.meeds.portal.security.model.RegistrationSetting; | ||
|
||
public class SecuritySettingService { | ||
|
||
protected static final String INTERNAL_USERS_GROUP = "/platform/users"; | ||
|
||
protected static final String EXTERNAL_USERS_GROUP = "/platform/externals"; | ||
|
||
protected static final Context SECURITY_CONTEXT = Context.GLOBAL.id("SECURITY"); | ||
|
||
protected static final Scope SECURITY_SCOPE = Scope.APPLICATION.id("SECURITY"); | ||
|
||
protected static final String REGISTRATION_TYPE_PARAM = "REGISTRATION_TYPE"; | ||
|
||
protected static final String REGISTRATION_EXTERNAL_USER_PARAM = "REGISTRATION_EXTERNAL_USER"; | ||
|
||
protected static final String REGISTRATION_EXTRA_GROUPS_PARAM = "REGISTRATION_EXTRA_GROUPS"; | ||
|
||
protected static final String EXTRA_GROUPS_SEPARATOR = ","; | ||
|
||
protected static final UserRegistrationType DEFAULT_REGISTRATION_TYPE = | ||
UserRegistrationType.valueOf(System.getProperty("meeds.settings.access.type.default", | ||
OPEN.name()).toUpperCase()); | ||
|
||
protected static final boolean DEFAULT_REGISTRATION_EXTERNAL_USER = | ||
Boolean.parseBoolean(System.getProperty("meeds.settings.access.externalUsers", | ||
"false").toLowerCase()); | ||
|
||
private RegistrationSetting registrationSetting; | ||
|
||
private SettingService settingService; | ||
|
||
public SecuritySettingService(SettingService settingService) { | ||
this.settingService = settingService; | ||
} | ||
|
||
public RegistrationSetting getRegistrationSetting() { | ||
if (registrationSetting == null) { | ||
registrationSetting = new RegistrationSetting(getRegistrationType(), | ||
isRegistrationExternalUser(), | ||
getRegistrationExtraGroupIds()); | ||
} | ||
return registrationSetting; | ||
} | ||
|
||
public void saveRegistrationSetting(RegistrationSetting registrationSetting) { | ||
saveRegistrationType(registrationSetting.getType()); | ||
saveRegistrationExternalUser(registrationSetting.isExternalUser()); | ||
saveRegistrationExtraGroupIds(registrationSetting.getExtraGroupIds()); | ||
} | ||
|
||
public String[] getRegistrationGroupIds() { | ||
List<String> registrationExtraGroupIds = new ArrayList<>(Arrays.asList(getRegistrationExtraGroupIds())); | ||
if (isRegistrationExternalUser()) { | ||
registrationExtraGroupIds.add(EXTERNAL_USERS_GROUP); | ||
} else { | ||
registrationExtraGroupIds.add(INTERNAL_USERS_GROUP); | ||
} | ||
return registrationExtraGroupIds.stream().filter(StringUtils::isNotBlank).distinct().toList().toArray(new String[0]); | ||
} | ||
|
||
public UserRegistrationType getRegistrationType() { | ||
SettingValue<?> settingValue = settingService.get(SECURITY_CONTEXT, SECURITY_SCOPE, REGISTRATION_TYPE_PARAM); | ||
if (settingValue == null || settingValue.getValue() == null) { | ||
return DEFAULT_REGISTRATION_TYPE; | ||
} else { | ||
return UserRegistrationType.valueOf(settingValue.getValue().toString()); | ||
} | ||
} | ||
|
||
public void saveRegistrationType(UserRegistrationType registrationType) { | ||
try { | ||
if (registrationType == null) { | ||
registrationType = DEFAULT_REGISTRATION_TYPE; | ||
} | ||
settingService.set(SECURITY_CONTEXT, | ||
SECURITY_SCOPE, | ||
REGISTRATION_TYPE_PARAM, | ||
SettingValue.create(registrationType.toString())); | ||
} finally { | ||
registrationSetting = null; | ||
} | ||
} | ||
|
||
public boolean isRegistrationExternalUser() { | ||
SettingValue<?> settingValue = settingService.get(SECURITY_CONTEXT, SECURITY_SCOPE, REGISTRATION_EXTERNAL_USER_PARAM); | ||
if (settingValue == null || settingValue.getValue() == null) { | ||
return DEFAULT_REGISTRATION_EXTERNAL_USER; | ||
} else { | ||
return Boolean.parseBoolean(settingValue.getValue().toString()); | ||
} | ||
} | ||
|
||
public void saveRegistrationExternalUser(boolean externalUser) { | ||
try { | ||
settingService.set(SECURITY_CONTEXT, | ||
SECURITY_SCOPE, | ||
REGISTRATION_EXTERNAL_USER_PARAM, | ||
SettingValue.create(String.valueOf(externalUser))); | ||
} finally { | ||
registrationSetting = null; | ||
} | ||
} | ||
|
||
public String[] getRegistrationExtraGroupIds() { | ||
SettingValue<?> settingValue = settingService.get(SECURITY_CONTEXT, SECURITY_SCOPE, REGISTRATION_EXTRA_GROUPS_PARAM); | ||
if (settingValue == null || settingValue.getValue() == null) { | ||
return new String[0]; | ||
} else { | ||
return Arrays.stream(settingValue.getValue().toString().split(EXTRA_GROUPS_SEPARATOR)) | ||
.filter(StringUtils::isNotBlank) | ||
.distinct() | ||
.toArray(String[]::new); | ||
} | ||
} | ||
|
||
public void saveRegistrationExtraGroupIds(String[] groupIds) { | ||
try { | ||
if (groupIds == null) { | ||
groupIds = new String[0]; | ||
} | ||
settingService.set(SECURITY_CONTEXT, | ||
SECURITY_SCOPE, | ||
REGISTRATION_EXTRA_GROUPS_PARAM, | ||
SettingValue.create(StringUtils.join(groupIds, EXTRA_GROUPS_SEPARATOR))); | ||
} finally { | ||
registrationSetting = null; | ||
} | ||
} | ||
|
||
} |
Oops, something went wrong.