/** * Gets the existing user Id. * * @return the existing user Id, session Id, or null if no existing user is present. */ protected String getExistingUserId() { String existingUserId = null; ApplicationUser applicationUser = getExistingUser(); if (applicationUser != null) { existingUserId = applicationUser.getUserId(); } return existingUserId; }
/** * Sets the security context per last updater of the current process instance's job definition. * * @param applicationUser the application user */ protected void setSecurityContext(ApplicationUser applicationUser) { userNamespaceAuthorizationHelper.buildNamespaceAuthorizations(applicationUser); SecurityContextHolder.getContext().setAuthentication(new PreAuthenticatedAuthenticationToken( new SecurityUserWrapper(applicationUser.getUserId(), "", true, true, true, true, Collections.emptyList(), applicationUser), null)); }
/** * Sets the security context per last updater of the current process instance's job definition. * * @param applicationUser the application user */ protected void setSecurityContext(ApplicationUser applicationUser) { userNamespaceAuthorizationHelper.buildNamespaceAuthorizations(applicationUser); SecurityContextHolder.getContext().setAuthentication(new PreAuthenticatedAuthenticationToken( new SecurityUserWrapper(applicationUser.getUserId(), "", true, true, true, true, Collections.emptyList(), applicationUser), null)); }
@Override public UserDetails loadUserDetails(PreAuthenticatedAuthenticationToken token) throws UsernameNotFoundException { ApplicationUser user = (ApplicationUser) token.getPrincipal(); Set<GrantedAuthority> authorities = new HashSet<>(); // Add all functional points per given collection of user roles. authorities.addAll(securityHelper.mapRolesToFunctions(user.getRoles())); // Add all function points that are not mapped to any roles in the system. authorities.addAll(securityHelper.getUnrestrictedFunctions()); SecurityUserWrapper result = new SecurityUserWrapper(user.getUserId(), "N/A", true, true, true, true, authorities, user); LOGGER.debug("Loaded User: " + result); return result; } }
/** * Returns a Mockito matcher which matches when the ApplicationUser's user ID equals the given user ID. * * @param userId The user ID to match * * @return Mockito proxy matcher of ApplicationUser */ private ApplicationUser applicationUserUserIdEq(String userId) { return argThat(applicationUser -> Objects.equal(userId, applicationUser.getUserId())); }
.format("User \"%s\" does not have \"%s\" permission(s) to the namespace \"%s\"", applicationUser.getUserId(), permissionsString, namespaceTrimmed));
.format("User \"%s\" does not have \"%s\" permission(s) to the namespace \"%s\"", applicationUser.getUserId(), permissionsString, namespaceTrimmed));
@Override public UserAuthorizations getCurrentUser() { // Create the user authorizations. UserAuthorizations userAuthorizations = new UserAuthorizations(); // Get the application user. Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null) { SecurityUserWrapper securityUserWrapper = (SecurityUserWrapper) authentication.getPrincipal(); ApplicationUser applicationUser = securityUserWrapper.getApplicationUser(); userAuthorizations.setUserId(applicationUser.getUserId()); // If roles are present on the application user then filter the herd-specific security roles and add that information to the Current user. if (CollectionUtils.isNotEmpty(applicationUser.getRoles())) { userAuthorizations.setSecurityRoles(new ArrayList<>(getValidSecurityRoles(applicationUser.getRoles()))); } // Get all granted authorities for this user. Collection<GrantedAuthority> grantedAuthorities = securityUserWrapper.getAuthorities(); // Add relative security functions as per granted authorities, if any are present. if (CollectionUtils.isNotEmpty(grantedAuthorities)) { userAuthorizations.setSecurityFunctions( grantedAuthorities.stream().map(grantedAuthority -> new String(grantedAuthority.getAuthority())).collect(Collectors.toList())); } userAuthorizations.setNamespaceAuthorizations(new ArrayList<>(applicationUser.getNamespaceAuthorizations())); } return userAuthorizations; }
@Override public UserAuthorizations getCurrentUser() { // Create the user authorizations. UserAuthorizations userAuthorizations = new UserAuthorizations(); // Get the application user. Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null) { SecurityUserWrapper securityUserWrapper = (SecurityUserWrapper) authentication.getPrincipal(); ApplicationUser applicationUser = securityUserWrapper.getApplicationUser(); userAuthorizations.setUserId(applicationUser.getUserId()); // If roles are present on the application user then filter the herd-specific security roles and add that information to the Current user. if (CollectionUtils.isNotEmpty(applicationUser.getRoles())) { userAuthorizations.setSecurityRoles(new ArrayList<>(getValidSecurityRoles(applicationUser.getRoles()))); } // Get all granted authorities for this user. Collection<GrantedAuthority> grantedAuthorities = securityUserWrapper.getAuthorities(); // Add relative security functions as per granted authorities, if any are present. if (CollectionUtils.isNotEmpty(grantedAuthorities)) { userAuthorizations.setSecurityFunctions( grantedAuthorities.stream().map(grantedAuthority -> new String(grantedAuthority.getAuthority())).collect(Collectors.toList())); } userAuthorizations.setNamespaceAuthorizations(new ArrayList<>(applicationUser.getNamespaceAuthorizations())); } return userAuthorizations; }
LOGGER.debug("Current user Id: " + applicationUserNoRoles.getUserId() + ", Session Init Time: " + applicationUserNoRoles.getSessionInitTime()); LOGGER.debug("User is logged in."); invalidateUser(servletRequest, false);
String userId = applicationUser.getUserId();
String userId = applicationUser.getUserId();
/** * Asserts the given actual authentication's user ID is equal to the given expected user ID * * @param expectedUserId Expected user ID * @param actualAuthentication Actual authentication object */ private void assertAuthenticationUserIdEquals(String expectedUserId, Authentication actualAuthentication) { assertNotNull(actualAuthentication); assertEquals(PreAuthenticatedAuthenticationToken.class, actualAuthentication.getClass()); PreAuthenticatedAuthenticationToken preAuthenticatedAuthenticationToken = (PreAuthenticatedAuthenticationToken) actualAuthentication; Object principal = preAuthenticatedAuthenticationToken.getPrincipal(); assertNotNull(principal); assertEquals(SecurityUserWrapper.class, principal.getClass()); SecurityUserWrapper securityUserWrapper = (SecurityUserWrapper) principal; assertEquals(expectedUserId, securityUserWrapper.getUsername()); assertNotNull(securityUserWrapper.getApplicationUser()); assertEquals(expectedUserId, securityUserWrapper.getApplicationUser().getUserId()); } }