change role to enum

src/main/java/com/commafeed/backend/StartupBean.java

@@ -18,8 +18,8 @@ import com.commafeed.backend.model.Feed;
 import com.commafeed.backend.model.FeedCategory;
 import com.commafeed.backend.model.FeedSubscription;
 import com.commafeed.backend.model.User;
+import com.commafeed.backend.model.UserRole.Role;
 import com.commafeed.backend.security.PasswordEncryptionService;
-import com.commafeed.backend.security.Role;
 
 @Startup
 @Singleton

src/main/java/com/commafeed/backend/dao/UserRoleService.java

@@ -7,6 +7,7 @@ import javax.ejb.Stateless;
 
 import com.commafeed.backend.model.User;
 import com.commafeed.backend.model.UserRole;
+import com.commafeed.backend.model.UserRole.Role;
 import com.commafeed.frontend.utils.ModelFactory.MF;
 import com.google.common.collect.Sets;
 
@@ -18,8 +19,8 @@ public class UserRoleService extends GenericDAO<UserRole> {
 		return findByField(MF.i(MF.p(UserRole.class).getUser()), user);
 	}
 
-	public Set<String> getRoles(User user) {
-		Set<String> list = Sets.newHashSet();
+	public Set<Role> getRoles(User user) {
+		Set<Role> list = Sets.newHashSet();
 		for (UserRole role : findByField(MF.i(proxy().getUser()), user)) {
 			list.add(role.getRole());
 		}

src/main/java/com/commafeed/backend/dao/UserService.java

@@ -8,8 +8,8 @@ import javax.inject.Inject;
 
 import com.commafeed.backend.model.User;
 import com.commafeed.backend.model.UserRole;
+import com.commafeed.backend.model.UserRole.Role;
 import com.commafeed.backend.security.PasswordEncryptionService;
-import com.commafeed.backend.security.Role;
 import com.commafeed.frontend.utils.ModelFactory.MF;
 import com.google.common.collect.Iterables;
 
@@ -34,7 +34,7 @@ public class UserService extends GenericDAO<User> {
 		return null;
 	}
 
-	public User register(String name, String password, Collection<String> roles) {
+	public User register(String name, String password, Collection<Role> roles) {
 		List<User> users = findByField(MF.i(proxy().getName()), name);
 		if (!users.isEmpty()) {
 			return null;
@@ -45,7 +45,7 @@ public class UserService extends GenericDAO<User> {
 		user.setSalt(salt);
 		user.setPassword(encryptionService.getEncryptedPassword(password, salt));
 		user.getRoles().add(new UserRole(user, Role.USER));
-		for (String role : roles) {
+		for (Role role : roles) {
 			user.getRoles().add(new UserRole(user, role));
 			user.getRoles().add(new UserRole(user, role));
 		}

src/main/java/com/commafeed/backend/model/UserRole.java

@@ -2,6 +2,8 @@ package com.commafeed.backend.model;
 
 import javax.persistence.Column;
 import javax.persistence.Entity;
+import javax.persistence.EnumType;
+import javax.persistence.Enumerated;
 import javax.persistence.JoinColumn;
 import javax.persistence.OneToOne;
 import javax.persistence.Table;
@@ -11,18 +13,23 @@ import javax.persistence.Table;
 @SuppressWarnings("serial")
 public class UserRole extends AbstractModel {
 
+	public static enum Role {
+		USER, ADMIN
+	}
+
 	@OneToOne
 	@JoinColumn(name = "user_id", nullable = false)
 	private User user;
 
 	@Column(name = "roleName", nullable = false)
-	private String role;
+	@Enumerated(EnumType.STRING)
+	private Role role;
 
 	public UserRole() {
 
 	}
 
-	public UserRole(User user, String role) {
+	public UserRole(User user, Role role) {
 		this.user = user;
 		this.role = role;
 	}
@@ -35,11 +42,11 @@ public class UserRole extends AbstractModel {
 		this.user = user;
 	}
 
-	public String getRole() {
+	public Role getRole() {
 		return role;
 	}
 
-	public void setRole(String role) {
+	public void setRole(Role role) {
 		this.role = role;
 	}
 

src/main/java/com/commafeed/backend/security/Role.java

@@ -1,6 +0,0 @@
-package com.commafeed.backend.security;
-
-public class Role {
-	public static final String USER = "user";
-	public static final String ADMIN = "admin";
-}

src/main/java/com/commafeed/frontend/CommaFeedApplication.java

@@ -9,14 +9,15 @@ import javax.naming.InitialContext;
 import javax.naming.NamingException;
 
 import org.apache.wicket.Application;
+import org.apache.wicket.Component;
 import org.apache.wicket.Page;
 import org.apache.wicket.Session;
 import org.apache.wicket.ajax.AjaxRequestTarget;
+import org.apache.wicket.authorization.Action;
+import org.apache.wicket.authorization.IAuthorizationStrategy;
 import org.apache.wicket.authroles.authentication.AbstractAuthenticatedWebSession;
 import org.apache.wicket.authroles.authentication.AuthenticatedWebApplication;
-import org.apache.wicket.authroles.authorization.strategies.role.IRoleCheckingStrategy;
 import org.apache.wicket.authroles.authorization.strategies.role.Roles;
-import org.apache.wicket.authroles.authorization.strategies.role.annotations.AnnotationsRoleAuthorizationStrategy;
 import org.apache.wicket.cdi.CdiConfiguration;
 import org.apache.wicket.cdi.ConversationPropagation;
 import org.apache.wicket.core.request.handler.PageProvider;
@@ -26,6 +27,7 @@ import org.apache.wicket.markup.html.WebPage;
 import org.apache.wicket.request.IRequestHandler;
 import org.apache.wicket.request.Request;
 import org.apache.wicket.request.Response;
+import org.apache.wicket.request.component.IRequestableComponent;
 import org.apache.wicket.request.cycle.AbstractRequestCycleListener;
 import org.apache.wicket.request.cycle.RequestCycle;
 import org.jboss.vfs.VirtualFile;
@@ -39,7 +41,6 @@ import org.slf4j.LoggerFactory;
 import com.commafeed.frontend.pages.HomePage;
 import com.commafeed.frontend.pages.LoginPage;
 import com.commafeed.frontend.pages.LogoutPage;
-import com.commafeed.frontend.pages.SettingsPage;
 import com.commafeed.frontend.utils.exception.DisplayExceptionPage;
 
 import de.agilecoders.wicket.Bootstrap;
@@ -56,7 +57,6 @@ public class CommaFeedApplication extends AuthenticatedWebApplication {
 		mountPage("login", LoginPage.class);
 		mountPage("logout", LogoutPage.class);
 		mountPage("error", DisplayExceptionPage.class);
-		mountPage("settings", SettingsPage.class);
 
 		setupInjection();
 
@@ -65,14 +65,31 @@ public class CommaFeedApplication extends AuthenticatedWebApplication {
 		getMarkupSettings().setDefaultMarkupEncoding("UTF-8");
 
 		getSecuritySettings().setAuthorizationStrategy(
-				new AnnotationsRoleAuthorizationStrategy(
-						new IRoleCheckingStrategy() {
-							@Override
-							public boolean hasAnyRole(Roles roles) {
-								return CommaFeedSession.get().getRoles()
-										.hasAnyRole(roles);
-							}
-						}));
+				new IAuthorizationStrategy() {
+
+					@Override
+					public <T extends IRequestableComponent> boolean isInstantiationAuthorized(
+							Class<T> componentClass) {
+						boolean authorized = true;
+
+						boolean restricted = componentClass
+								.isAnnotationPresent(SecurityCheck.class);
+						if (restricted) {
+							SecurityCheck annotation = componentClass
+									.getAnnotation(SecurityCheck.class);
+							Roles roles = CommaFeedSession.get().getRoles();
+							authorized = roles.hasAnyRole(new Roles(annotation
+									.value().name()));
+						}
+						return authorized;
+					}
+
+					@Override
+					public boolean isActionAuthorized(Component component,
+							Action action) {
+						return true;
+					}
+				});
 
 		getRequestCycleListeners().add(new AbstractRequestCycleListener() {
 			@Override

src/main/java/com/commafeed/frontend/CommaFeedSession.java

@@ -1,5 +1,7 @@
 package com.commafeed.frontend;
 
+import java.util.Set;
+
 import javax.inject.Inject;
 
 import org.apache.wicket.Session;
@@ -10,6 +12,8 @@ import org.apache.wicket.request.Request;
 import com.commafeed.backend.dao.UserRoleService;
 import com.commafeed.backend.dao.UserService;
 import com.commafeed.backend.model.User;
+import com.commafeed.backend.model.UserRole.Role;
+import com.google.common.collect.Sets;
 
 @SuppressWarnings("serial")
 public class CommaFeedSession extends AuthenticatedWebSession {
@@ -51,9 +55,13 @@ public class CommaFeedSession extends AuthenticatedWebSession {
 			this.user = null;
 			this.roles = new Roles();
 		} else {
+
+			Set<String> roleSet = Sets.newHashSet();
+			for (Role role : userRoleService.getRoles(user)) {
+				roleSet.add(role.name());
+			}
 			this.user = user;
-			this.roles = new Roles(userRoleService.getRoles(user).toArray(
-					new String[0]));
+			this.roles = new Roles(roleSet.toArray(new String[0]));
 		}
 		return user != null;
 	}

src/main/java/com/commafeed/frontend/SecurityCheck.java

@@ -1,4 +1,4 @@
-package com.commafeed.frontend.rest;
+package com.commafeed.frontend;
 
 import java.lang.annotation.ElementType;
 import java.lang.annotation.Inherited;
@@ -9,6 +9,8 @@ import java.lang.annotation.Target;
 import javax.enterprise.util.Nonbinding;
 import javax.interceptor.InterceptorBinding;
 
+import com.commafeed.backend.model.UserRole.Role;
+
 @Inherited
 @InterceptorBinding
 @Target({ ElementType.TYPE, ElementType.METHOD })
@@ -19,5 +21,5 @@ public @interface SecurityCheck {
 	 * Roles needed.
 	 */
 	@Nonbinding
-	String[] value() default {};
+	Role value() default Role.USER;
 }

src/main/java/com/commafeed/frontend/pages/HomePage.java

@@ -1,11 +1,11 @@
 package com.commafeed.frontend.pages;
 
-import org.apache.wicket.authroles.authorization.strategies.role.annotations.AuthorizeInstantiation;
 import org.apache.wicket.markup.head.CssHeaderItem;
 import org.apache.wicket.markup.head.IHeaderResponse;
 import org.apache.wicket.markup.head.JavaScriptHeaderItem;
 
-import com.commafeed.backend.security.Role;
+import com.commafeed.backend.model.UserRole.Role;
+import com.commafeed.frontend.SecurityCheck;
 import com.commafeed.frontend.references.angular.AngularReference;
 import com.commafeed.frontend.references.angular.AngularResourceReference;
 import com.commafeed.frontend.references.angular.AngularSanitizeReference;
@@ -21,7 +21,7 @@ import com.commafeed.frontend.references.select2.Select2Reference;
 import com.commafeed.frontend.references.spinjs.SpinJSReference;
 
 @SuppressWarnings("serial")
-@AuthorizeInstantiation(Role.USER)
+@SecurityCheck(Role.USER)
 public class HomePage extends BasePage {
 
 	@Override

src/main/java/com/commafeed/frontend/pages/LoginPage.html

@@ -1,8 +1,6 @@
 <!DOCTYPE html>
 <html xmlns:wicket="http://wicket.apache.org">
 <head>
-<link href="vendor/bootstrap/css/bootstrap.min.css" rel="stylesheet">
-<link href="vendor/bootstrap/css/bootstrap-responsive.min.css" rel="stylesheet">
 <meta charset="utf-8">
 </head>
 <body>
@@ -14,6 +12,5 @@
 			<span wicket:id="login"></span>
 		</div>
 	</div>
-	<script src="vendor/bootstrap/js/bootstrap.min.js"></script>
 </body>
 </html>

src/main/java/com/commafeed/frontend/pages/SettingsPage.html

@@ -1,25 +0,0 @@
-<!DOCTYPE html>
-<html xmlns:wicket="http://wicket.apache.org">
-<head>
-	<link href="vendor/bootstrap/css/bootstrap.min.css" rel="stylesheet">
-	<link href="vendor/bootstrap/css/bootstrap-responsive.min.css" rel="stylesheet">
-	<link href="vendor/angular-ui/angular-ui.min.css" rel="stylesheet">
-	<link href="vendor/csstreeview/css3-treeview.css" rel="stylesheet">
-	<link href="vendor/select2/select2.css" rel="stylesheet">
-	<link href="css/app.css" rel="stylesheet">
-</head>
-<body>
-	
-	 Placeholder
-	 <script src="vendor/jquery/jquery-1.9.1.min.js"></script>
-	 <script src="vendor/bootstrap/js/bootstrap.min.js"></script>
-	 <script src="vendor/select2/select2.min.js"></script>
-	 <script src="vendor/angular/angular.min.js"></script>
-	 <script src="vendor/angular/angular-resource.min.js"></script>
-	 <script src="vendor/angular/angular-sanitize.min.js"></script>
-	 <script src="vendor/angular-upload/ng-upload.min.js"></script>
-	 <script src="vendor/angular-infinite-scroll/ng-infinite-scroll.min.js"></script>
-	 <script src="vendor/angular-ui/angular-ui.min.js"></script>
-	 <script src="vendor/angular-ui-bootstrap/ui-bootstrap-tpls-0.2.0.min.js"></script>
-</body>
-</html>

src/main/java/com/commafeed/frontend/pages/SettingsPage.java

@@ -1,8 +0,0 @@
-package com.commafeed.frontend.pages;
-
-import org.apache.wicket.markup.html.WebPage;
-
-@SuppressWarnings("serial")
-public class SettingsPage extends WebPage {
-
-}

src/main/java/com/commafeed/frontend/rest/resources/AbstractREST.java

@@ -33,11 +33,11 @@ import com.commafeed.backend.dao.UserService;
 import com.commafeed.backend.dao.UserSettingsService;
 import com.commafeed.backend.feeds.OPMLImporter;
 import com.commafeed.backend.model.User;
+import com.commafeed.backend.model.UserRole.Role;
 import com.commafeed.backend.security.PasswordEncryptionService;
-import com.commafeed.backend.security.Role;
 import com.commafeed.frontend.CommaFeedApplication;
 import com.commafeed.frontend.CommaFeedSession;
-import com.commafeed.frontend.rest.SecurityCheck;
+import com.commafeed.frontend.SecurityCheck;
 
 @Produces(MediaType.APPLICATION_JSON)
 @Consumes(MediaType.APPLICATION_JSON)
@@ -133,11 +133,9 @@ public abstract class AbstractREST {
 	}
 
 	private boolean checkRole(User user, SecurityCheck annotation) {
-		Set<String> roles = userRoleService.getRoles(user);
-		for (String role : annotation.value()) {
-			if (!roles.contains(role)) {
-				return false;
-			}
+		Set<Role> roles = userRoleService.getRoles(user);
+		if (!roles.contains(annotation.value())) {
+			return false;
 		}
 		return true;
 	}

src/main/java/com/commafeed/frontend/rest/resources/AdminUsersREST.java

@@ -16,9 +16,9 @@ import org.apache.commons.lang.StringUtils;
 import com.commafeed.backend.StartupBean;
 import com.commafeed.backend.model.User;
 import com.commafeed.backend.model.UserRole;
-import com.commafeed.backend.security.Role;
+import com.commafeed.backend.model.UserRole.Role;
+import com.commafeed.frontend.SecurityCheck;
 import com.commafeed.frontend.model.UserModel;
-import com.commafeed.frontend.rest.SecurityCheck;
 import com.google.common.base.Preconditions;
 import com.google.common.collect.Maps;
 import com.google.common.collect.Sets;
@@ -37,7 +37,7 @@ public class AdminUsersREST extends AbstractREST {
 		if (id == null) {
 			Preconditions.checkNotNull(userModel.getPassword());
 
-			Set<String> roles = Sets.newHashSet(Role.USER);
+			Set<Role> roles = Sets.newHashSet(Role.USER);
 			if (userModel.isAdmin()) {
 				roles.add(Role.ADMIN);
 			}
@@ -63,12 +63,12 @@ public class AdminUsersREST extends AbstractREST {
 			user.setDisabled(!userModel.isEnabled());
 			userService.update(user);
 
-			Set<String> roles = userRoleService.getRoles(user);
+			Set<Role> roles = userRoleService.getRoles(user);
 			if (userModel.isAdmin() && !roles.contains(Role.ADMIN)) {
 				userRoleService.save(new UserRole(user, Role.ADMIN));
 			} else if (!userModel.isAdmin() && roles.contains(Role.ADMIN)) {
 				for (UserRole userRole : userRoleService.findAll(user)) {
-					if (Role.ADMIN.equals(userRole.getRole())) {
+					if (userRole.getRole() == Role.ADMIN) {
 						userRoleService.delete(userRole);
 					}
 				}
@@ -88,7 +88,7 @@ public class AdminUsersREST extends AbstractREST {
 		userModel.setName(user.getName());
 		userModel.setEnabled(!user.isDisabled());
 		for (UserRole role : userRoleService.findAll(user)) {
-			if (Role.ADMIN.equals(role.getRole())) {
+			if (role.getRole() == Role.ADMIN) {
 				userModel.setAdmin(true);
 			}
 		}
@@ -110,7 +110,7 @@ public class AdminUsersREST extends AbstractREST {
 				userModel.setEnabled(!user.isDisabled());
 				users.put(key, userModel);
 			}
-			if (Role.ADMIN.equals(role.getRole())) {
+			if (role.getRole() == Role.ADMIN) {
 				userModel.setAdmin(true);
 			}
 		}