forked from Archives/Athou_commafeed
add a disabled state to users
This commit is contained in:
Athou
@@ -78,6 +78,20 @@ public abstract class GenericDAO<T, K> implements Serializable {
|
|||||||
return criteria.getResultList();
|
return criteria.getResultList();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public List<T> findAll(int startIndex, int count, String orderBy,
|
||||||
|
boolean asc) {
|
||||||
|
EasyCriteria<T> criteria = EasyCriteriaFactory.createQueryCriteria(em,
|
||||||
|
getType());
|
||||||
|
criteria.setMaxResults(count);
|
||||||
|
criteria.setFirstResult(startIndex);
|
||||||
|
if (asc) {
|
||||||
|
criteria.orderByAsc(orderBy);
|
||||||
|
} else {
|
||||||
|
criteria.orderByDesc(orderBy);
|
||||||
|
}
|
||||||
|
return criteria.getResultList();
|
||||||
|
}
|
||||||
|
|
||||||
public long getCount() {
|
public long getCount() {
|
||||||
CriteriaBuilder builder = em.getCriteriaBuilder();
|
CriteriaBuilder builder = em.getCriteriaBuilder();
|
||||||
CriteriaQuery<Long> query = builder.createQuery(Long.class);
|
CriteriaQuery<Long> query = builder.createQuery(Long.class);
|
||||||
|
|||||||
@@ -1,20 +1,20 @@
|
|||||||
package com.commafeed.backend.dao;
|
package com.commafeed.backend.dao;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.Set;
|
||||||
|
|
||||||
import javax.ejb.Stateless;
|
import javax.ejb.Stateless;
|
||||||
|
|
||||||
import com.commafeed.backend.model.User;
|
import com.commafeed.backend.model.User;
|
||||||
import com.commafeed.backend.model.UserRole;
|
import com.commafeed.backend.model.UserRole;
|
||||||
import com.commafeed.frontend.utils.ModelFactory.MF;
|
import com.commafeed.frontend.utils.ModelFactory.MF;
|
||||||
import com.google.common.collect.Lists;
|
import com.google.common.collect.Sets;
|
||||||
|
|
||||||
@SuppressWarnings("serial")
|
@SuppressWarnings("serial")
|
||||||
@Stateless
|
@Stateless
|
||||||
public class UserRoleService extends GenericDAO<UserRole, Long> {
|
public class UserRoleService extends GenericDAO<UserRole, Long> {
|
||||||
|
|
||||||
public List<String> getRoles(User user) {
|
public Set<String> getRoles(User user) {
|
||||||
List<String> list = Lists.newArrayList();
|
Set<String> list = Sets.newHashSet();
|
||||||
for (UserRole role : findByField(MF.i(proxy().getUser()), user)) {
|
for (UserRole role : findByField(MF.i(proxy().getUser()), user)) {
|
||||||
list.add(role.getRole());
|
list.add(role.getRole());
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -20,7 +20,7 @@ public class UserService extends GenericDAO<User, Long> {
|
|||||||
public User login(String name, String password) {
|
public User login(String name, String password) {
|
||||||
List<User> users = findByField(MF.i(MF.p(User.class).getName()), name);
|
List<User> users = findByField(MF.i(MF.p(User.class).getName()), name);
|
||||||
User user = Iterables.getFirst(users, null);
|
User user = Iterables.getFirst(users, null);
|
||||||
if (user != null) {
|
if (user != null && !user.isDisabled()) {
|
||||||
boolean authenticated = encryptionService.authenticate(password,
|
boolean authenticated = encryptionService.authenticate(password,
|
||||||
user.getPassword(), user.getSalt());
|
user.getPassword(), user.getSalt());
|
||||||
if (authenticated) {
|
if (authenticated) {
|
||||||
|
|||||||
@@ -5,6 +5,7 @@ import java.util.Set;
|
|||||||
import javax.persistence.CascadeType;
|
import javax.persistence.CascadeType;
|
||||||
import javax.persistence.Column;
|
import javax.persistence.Column;
|
||||||
import javax.persistence.Entity;
|
import javax.persistence.Entity;
|
||||||
|
import javax.persistence.FetchType;
|
||||||
import javax.persistence.OneToMany;
|
import javax.persistence.OneToMany;
|
||||||
import javax.persistence.Table;
|
import javax.persistence.Table;
|
||||||
|
|
||||||
@@ -27,7 +28,10 @@ public class User extends AbstractModel {
|
|||||||
@Column(length = 8, nullable = false)
|
@Column(length = 8, nullable = false)
|
||||||
private byte[] salt;
|
private byte[] salt;
|
||||||
|
|
||||||
@OneToMany(mappedBy = "user", cascade = CascadeType.PERSIST)
|
@Column(nullable = false)
|
||||||
|
private boolean disabled;
|
||||||
|
|
||||||
|
@OneToMany(mappedBy = "user", cascade = CascadeType.PERSIST, fetch = FetchType.EAGER)
|
||||||
private Set<UserRole> roles = Sets.newHashSet();
|
private Set<UserRole> roles = Sets.newHashSet();
|
||||||
|
|
||||||
public String getName() {
|
public String getName() {
|
||||||
@@ -62,4 +66,12 @@ public class User extends AbstractModel {
|
|||||||
this.roles = roles;
|
this.roles = roles;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public boolean isDisabled() {
|
||||||
|
return disabled;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setDisabled(boolean disabled) {
|
||||||
|
this.disabled = disabled;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -7,9 +7,9 @@ import org.apache.wicket.authroles.authentication.AuthenticatedWebSession;
|
|||||||
import org.apache.wicket.authroles.authorization.strategies.role.Roles;
|
import org.apache.wicket.authroles.authorization.strategies.role.Roles;
|
||||||
import org.apache.wicket.request.Request;
|
import org.apache.wicket.request.Request;
|
||||||
|
|
||||||
|
import com.commafeed.backend.dao.UserRoleService;
|
||||||
import com.commafeed.backend.dao.UserService;
|
import com.commafeed.backend.dao.UserService;
|
||||||
import com.commafeed.backend.model.User;
|
import com.commafeed.backend.model.User;
|
||||||
import com.commafeed.backend.security.Role;
|
|
||||||
|
|
||||||
@SuppressWarnings("serial")
|
@SuppressWarnings("serial")
|
||||||
public class CommaFeedSession extends AuthenticatedWebSession {
|
public class CommaFeedSession extends AuthenticatedWebSession {
|
||||||
@@ -17,7 +17,11 @@ public class CommaFeedSession extends AuthenticatedWebSession {
|
|||||||
@Inject
|
@Inject
|
||||||
UserService userService;
|
UserService userService;
|
||||||
|
|
||||||
|
@Inject
|
||||||
|
UserRoleService userRoleService;
|
||||||
|
|
||||||
private User user;
|
private User user;
|
||||||
|
private Roles roles = new Roles();
|
||||||
|
|
||||||
public CommaFeedSession(Request request) {
|
public CommaFeedSession(Request request) {
|
||||||
super(request);
|
super(request);
|
||||||
@@ -37,15 +41,20 @@ public class CommaFeedSession extends AuthenticatedWebSession {
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public Roles getRoles() {
|
public Roles getRoles() {
|
||||||
// TODO change this
|
return roles;
|
||||||
return isSignedIn() ? new Roles(new String[] { Role.USER, Role.ADMIN })
|
|
||||||
: new Roles();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean authenticate(String userName, String password) {
|
public boolean authenticate(String userName, String password) {
|
||||||
User user = userService.login(userName, password);
|
User user = userService.login(userName, password);
|
||||||
this.user = user;
|
if (user == null) {
|
||||||
|
this.user = null;
|
||||||
|
this.roles = new Roles();
|
||||||
|
} else {
|
||||||
|
this.user = user;
|
||||||
|
this.roles = new Roles(userRoleService.getRoles(user).toArray(
|
||||||
|
new String[0]));
|
||||||
|
}
|
||||||
return user != null;
|
return user != null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -1,13 +1,48 @@
|
|||||||
package com.commafeed.frontend.pages;
|
package com.commafeed.frontend.pages;
|
||||||
|
|
||||||
|
import javax.inject.Inject;
|
||||||
|
|
||||||
import org.apache.wicket.markup.head.IHeaderResponse;
|
import org.apache.wicket.markup.head.IHeaderResponse;
|
||||||
import org.apache.wicket.markup.html.WebPage;
|
import org.apache.wicket.markup.html.WebPage;
|
||||||
|
|
||||||
|
import com.commafeed.backend.dao.FeedCategoryService;
|
||||||
|
import com.commafeed.backend.dao.FeedEntryService;
|
||||||
|
import com.commafeed.backend.dao.FeedEntryStatusService;
|
||||||
|
import com.commafeed.backend.dao.FeedService;
|
||||||
|
import com.commafeed.backend.dao.FeedSubscriptionService;
|
||||||
|
import com.commafeed.backend.dao.UserRoleService;
|
||||||
|
import com.commafeed.backend.dao.UserService;
|
||||||
|
import com.commafeed.backend.dao.UserSettingsService;
|
||||||
|
|
||||||
import de.agilecoders.wicket.Bootstrap;
|
import de.agilecoders.wicket.Bootstrap;
|
||||||
|
|
||||||
@SuppressWarnings("serial")
|
@SuppressWarnings("serial")
|
||||||
public class BasePage extends WebPage {
|
public class BasePage extends WebPage {
|
||||||
|
|
||||||
|
@Inject
|
||||||
|
protected FeedService feedService;
|
||||||
|
|
||||||
|
@Inject
|
||||||
|
protected FeedSubscriptionService feedSubscriptionService;
|
||||||
|
|
||||||
|
@Inject
|
||||||
|
protected FeedCategoryService feedCategoryService;
|
||||||
|
|
||||||
|
@Inject
|
||||||
|
protected FeedEntryService feedEntryService;
|
||||||
|
|
||||||
|
@Inject
|
||||||
|
protected FeedEntryStatusService feedEntryStatusService;
|
||||||
|
|
||||||
|
@Inject
|
||||||
|
protected UserService userService;
|
||||||
|
|
||||||
|
@Inject
|
||||||
|
protected UserSettingsService userSettingsService;
|
||||||
|
|
||||||
|
@Inject
|
||||||
|
protected UserRoleService userRoleService;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void renderHead(IHeaderResponse response) {
|
public void renderHead(IHeaderResponse response) {
|
||||||
super.renderHead(response);
|
super.renderHead(response);
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
package com.commafeed.frontend.rest.resources;
|
package com.commafeed.frontend.rest.resources;
|
||||||
|
|
||||||
import java.lang.reflect.Method;
|
import java.lang.reflect.Method;
|
||||||
import java.util.List;
|
import java.util.Set;
|
||||||
|
|
||||||
import javax.annotation.PostConstruct;
|
import javax.annotation.PostConstruct;
|
||||||
import javax.inject.Inject;
|
import javax.inject.Inject;
|
||||||
@@ -129,7 +129,7 @@ public abstract class AbstractREST {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private boolean checkRole(User user, SecurityCheck annotation) {
|
private boolean checkRole(User user, SecurityCheck annotation) {
|
||||||
List<String> roles = userRoleService.getRoles(user);
|
Set<String> roles = userRoleService.getRoles(user);
|
||||||
for (String role : annotation.value()) {
|
for (String role : annotation.value()) {
|
||||||
if (!roles.contains(role)) {
|
if (!roles.contains(role)) {
|
||||||
return false;
|
return false;
|
||||||
|
|||||||
Reference in New Issue
Block a user