mirror of
https://github.com/Athou/commafeed.git
synced 2026-03-21 21:37:29 +00:00
add a disabled state to users
This commit is contained in:
Athou
@@ -78,6 +78,20 @@ public abstract class GenericDAO<T, K> implements Serializable {
|
||||
return criteria.getResultList();
|
||||
}
|
||||
|
||||
public List<T> findAll(int startIndex, int count, String orderBy,
|
||||
boolean asc) {
|
||||
EasyCriteria<T> criteria = EasyCriteriaFactory.createQueryCriteria(em,
|
||||
getType());
|
||||
criteria.setMaxResults(count);
|
||||
criteria.setFirstResult(startIndex);
|
||||
if (asc) {
|
||||
criteria.orderByAsc(orderBy);
|
||||
} else {
|
||||
criteria.orderByDesc(orderBy);
|
||||
}
|
||||
return criteria.getResultList();
|
||||
}
|
||||
|
||||
public long getCount() {
|
||||
CriteriaBuilder builder = em.getCriteriaBuilder();
|
||||
CriteriaQuery<Long> query = builder.createQuery(Long.class);
|
||||
|
||||
@@ -1,20 +1,20 @@
|
||||
package com.commafeed.backend.dao;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.ejb.Stateless;
|
||||
|
||||
import com.commafeed.backend.model.User;
|
||||
import com.commafeed.backend.model.UserRole;
|
||||
import com.commafeed.frontend.utils.ModelFactory.MF;
|
||||
import com.google.common.collect.Lists;
|
||||
import com.google.common.collect.Sets;
|
||||
|
||||
@SuppressWarnings("serial")
|
||||
@Stateless
|
||||
public class UserRoleService extends GenericDAO<UserRole, Long> {
|
||||
|
||||
public List<String> getRoles(User user) {
|
||||
List<String> list = Lists.newArrayList();
|
||||
public Set<String> getRoles(User user) {
|
||||
Set<String> list = Sets.newHashSet();
|
||||
for (UserRole role : findByField(MF.i(proxy().getUser()), user)) {
|
||||
list.add(role.getRole());
|
||||
}
|
||||
|
||||
@@ -20,7 +20,7 @@ public class UserService extends GenericDAO<User, Long> {
|
||||
public User login(String name, String password) {
|
||||
List<User> users = findByField(MF.i(MF.p(User.class).getName()), name);
|
||||
User user = Iterables.getFirst(users, null);
|
||||
if (user != null) {
|
||||
if (user != null && !user.isDisabled()) {
|
||||
boolean authenticated = encryptionService.authenticate(password,
|
||||
user.getPassword(), user.getSalt());
|
||||
if (authenticated) {
|
||||
|
||||
@@ -5,6 +5,7 @@ import java.util.Set;
|
||||
import javax.persistence.CascadeType;
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Entity;
|
||||
import javax.persistence.FetchType;
|
||||
import javax.persistence.OneToMany;
|
||||
import javax.persistence.Table;
|
||||
|
||||
@@ -27,7 +28,10 @@ public class User extends AbstractModel {
|
||||
@Column(length = 8, nullable = false)
|
||||
private byte[] salt;
|
||||
|
||||
@OneToMany(mappedBy = "user", cascade = CascadeType.PERSIST)
|
||||
@Column(nullable = false)
|
||||
private boolean disabled;
|
||||
|
||||
@OneToMany(mappedBy = "user", cascade = CascadeType.PERSIST, fetch = FetchType.EAGER)
|
||||
private Set<UserRole> roles = Sets.newHashSet();
|
||||
|
||||
public String getName() {
|
||||
@@ -62,4 +66,12 @@ public class User extends AbstractModel {
|
||||
this.roles = roles;
|
||||
}
|
||||
|
||||
public boolean isDisabled() {
|
||||
return disabled;
|
||||
}
|
||||
|
||||
public void setDisabled(boolean disabled) {
|
||||
this.disabled = disabled;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -7,9 +7,9 @@ import org.apache.wicket.authroles.authentication.AuthenticatedWebSession;
|
||||
import org.apache.wicket.authroles.authorization.strategies.role.Roles;
|
||||
import org.apache.wicket.request.Request;
|
||||
|
||||
import com.commafeed.backend.dao.UserRoleService;
|
||||
import com.commafeed.backend.dao.UserService;
|
||||
import com.commafeed.backend.model.User;
|
||||
import com.commafeed.backend.security.Role;
|
||||
|
||||
@SuppressWarnings("serial")
|
||||
public class CommaFeedSession extends AuthenticatedWebSession {
|
||||
@@ -17,7 +17,11 @@ public class CommaFeedSession extends AuthenticatedWebSession {
|
||||
@Inject
|
||||
UserService userService;
|
||||
|
||||
@Inject
|
||||
UserRoleService userRoleService;
|
||||
|
||||
private User user;
|
||||
private Roles roles = new Roles();
|
||||
|
||||
public CommaFeedSession(Request request) {
|
||||
super(request);
|
||||
@@ -37,15 +41,20 @@ public class CommaFeedSession extends AuthenticatedWebSession {
|
||||
|
||||
@Override
|
||||
public Roles getRoles() {
|
||||
// TODO change this
|
||||
return isSignedIn() ? new Roles(new String[] { Role.USER, Role.ADMIN })
|
||||
: new Roles();
|
||||
return roles;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean authenticate(String userName, String password) {
|
||||
User user = userService.login(userName, password);
|
||||
this.user = user;
|
||||
if (user == null) {
|
||||
this.user = null;
|
||||
this.roles = new Roles();
|
||||
} else {
|
||||
this.user = user;
|
||||
this.roles = new Roles(userRoleService.getRoles(user).toArray(
|
||||
new String[0]));
|
||||
}
|
||||
return user != null;
|
||||
}
|
||||
|
||||
|
||||
@@ -1,13 +1,48 @@
|
||||
package com.commafeed.frontend.pages;
|
||||
|
||||
import javax.inject.Inject;
|
||||
|
||||
import org.apache.wicket.markup.head.IHeaderResponse;
|
||||
import org.apache.wicket.markup.html.WebPage;
|
||||
|
||||
import com.commafeed.backend.dao.FeedCategoryService;
|
||||
import com.commafeed.backend.dao.FeedEntryService;
|
||||
import com.commafeed.backend.dao.FeedEntryStatusService;
|
||||
import com.commafeed.backend.dao.FeedService;
|
||||
import com.commafeed.backend.dao.FeedSubscriptionService;
|
||||
import com.commafeed.backend.dao.UserRoleService;
|
||||
import com.commafeed.backend.dao.UserService;
|
||||
import com.commafeed.backend.dao.UserSettingsService;
|
||||
|
||||
import de.agilecoders.wicket.Bootstrap;
|
||||
|
||||
@SuppressWarnings("serial")
|
||||
public class BasePage extends WebPage {
|
||||
|
||||
@Inject
|
||||
protected FeedService feedService;
|
||||
|
||||
@Inject
|
||||
protected FeedSubscriptionService feedSubscriptionService;
|
||||
|
||||
@Inject
|
||||
protected FeedCategoryService feedCategoryService;
|
||||
|
||||
@Inject
|
||||
protected FeedEntryService feedEntryService;
|
||||
|
||||
@Inject
|
||||
protected FeedEntryStatusService feedEntryStatusService;
|
||||
|
||||
@Inject
|
||||
protected UserService userService;
|
||||
|
||||
@Inject
|
||||
protected UserSettingsService userSettingsService;
|
||||
|
||||
@Inject
|
||||
protected UserRoleService userRoleService;
|
||||
|
||||
@Override
|
||||
public void renderHead(IHeaderResponse response) {
|
||||
super.renderHead(response);
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package com.commafeed.frontend.rest.resources;
|
||||
|
||||
import java.lang.reflect.Method;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.annotation.PostConstruct;
|
||||
import javax.inject.Inject;
|
||||
@@ -129,7 +129,7 @@ public abstract class AbstractREST {
|
||||
}
|
||||
|
||||
private boolean checkRole(User user, SecurityCheck annotation) {
|
||||
List<String> roles = userRoleService.getRoles(user);
|
||||
Set<String> roles = userRoleService.getRoles(user);
|
||||
for (String role : annotation.value()) {
|
||||
if (!roles.contains(role)) {
|
||||
return false;
|
||||
|
||||
Reference in New Issue
Block a user