You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by ah...@apache.org on 2021/02/22 19:42:18 UTC
[isis] branch master updated: ISIS-2541: fixes seeding algorithm to
always add admin roles to admin user
This is an automated email from the ASF dual-hosted git repository.
ahuber pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/isis.git
The following commit(s) were added to refs/heads/master by this push:
new c18d4a1 ISIS-2541: fixes seeding algorithm to always add admin roles to admin user
c18d4a1 is described below
commit c18d4a12e6d61686d820e2f8b6be19e240c02928
Author: Andi Huber <ah...@apache.org>
AuthorDate: Mon Feb 22 20:42:00 2021 +0100
ISIS-2541: fixes seeding algorithm to always add admin roles to admin
user
---
.../scripts/AbstractUserAndRolesFixtureScript.java | 40 ++++++++--------------
.../jdo/seed/scripts/IsisExtSecmanAdminUser.java | 5 ++-
.../scripts/AbstractUserAndRolesFixtureScript.java | 35 ++++++++-----------
.../jpa/seed/scripts/IsisExtSecmanAdminUser.java | 5 ++-
4 files changed, 33 insertions(+), 52 deletions(-)
diff --git a/extensions/security/secman/persistence-jdo/src/main/java/org/apache/isis/extensions/secman/jdo/seed/scripts/AbstractUserAndRolesFixtureScript.java b/extensions/security/secman/persistence-jdo/src/main/java/org/apache/isis/extensions/secman/jdo/seed/scripts/AbstractUserAndRolesFixtureScript.java
index 493b68e..a30d474 100644
--- a/extensions/security/secman/persistence-jdo/src/main/java/org/apache/isis/extensions/secman/jdo/seed/scripts/AbstractUserAndRolesFixtureScript.java
+++ b/extensions/security/secman/persistence-jdo/src/main/java/org/apache/isis/extensions/secman/jdo/seed/scripts/AbstractUserAndRolesFixtureScript.java
@@ -18,17 +18,13 @@
*/
package org.apache.isis.extensions.secman.jdo.seed.scripts;
-import java.util.Collections;
-import java.util.List;
-
import javax.inject.Inject;
import org.apache.isis.applib.value.Password;
-import org.apache.isis.commons.internal.collections._Lists;
+import org.apache.isis.commons.collections.Can;
import org.apache.isis.commons.internal.exceptions._Exceptions;
import org.apache.isis.extensions.secman.api.user.AccountType;
import org.apache.isis.extensions.secman.api.user.ApplicationUserStatus;
-import org.apache.isis.extensions.secman.jdo.dom.role.ApplicationRole;
import org.apache.isis.extensions.secman.jdo.dom.role.ApplicationRoleRepository;
import org.apache.isis.extensions.secman.jdo.dom.user.ApplicationUser;
import org.apache.isis.extensions.secman.jdo.dom.user.ApplicationUserRepository;
@@ -46,7 +42,7 @@ public class AbstractUserAndRolesFixtureScript extends FixtureScript {
private final String emailAddress;
private final String tenancyPath;
private final AccountType accountType;
- private final List<String> roleNames;
+ private final Can<String> roleNames;
/**
* The {@link org.apache.isis.extensions.secman.jdo.dom.user.ApplicationUser}
@@ -58,7 +54,7 @@ public class AbstractUserAndRolesFixtureScript extends FixtureScript {
final String username,
final String password,
final AccountType accountType,
- final List<String> roleNames) {
+ final Can<String> roleNames) {
this(username, password, null, null, accountType, roleNames);
}
@@ -68,14 +64,14 @@ public class AbstractUserAndRolesFixtureScript extends FixtureScript {
final String emailAddress,
final String tenancyPath,
final AccountType accountType,
- final List<String> roleNames) {
+ final Can<String> roleNames) {
this.username = username;
this.password = password;
this.emailAddress = emailAddress;
this.tenancyPath = tenancyPath;
this.accountType = accountType;
- this.roleNames = Collections.unmodifiableList(_Lists.newArrayList(roleNames));
+ this.roleNames = roleNames;
}
@Override
@@ -104,23 +100,17 @@ public class AbstractUserAndRolesFixtureScript extends FixtureScript {
// update tenancy (repository checks for null)
applicationUser.setAtPath(tenancyPath);
-
- for (final String roleName : roleNames) {
- final ApplicationRole securityRole = applicationRoleRepository.findByName(roleName)
- .orElse(null);
-
- if(securityRole!=null) {
- applicationRoleRepository.addRoleToUser(securityRole, applicationUser);
- } else {
- throw _Exceptions.unrecoverable("role not found by name: "+roleName);
- }
-
- }
-
}
+
+ for (final String roleName : roleNames) {
+ applicationRoleRepository.findByName(roleName)
+ .map(securityRole->{
+ applicationRoleRepository.addRoleToUser(securityRole, applicationUser);
+ return Boolean.TRUE;
+ })
+ .orElseThrow(()->_Exceptions.unrecoverable("role not found by name: "+roleName));
+ }
+
}
-
-
-
}
diff --git a/extensions/security/secman/persistence-jdo/src/main/java/org/apache/isis/extensions/secman/jdo/seed/scripts/IsisExtSecmanAdminUser.java b/extensions/security/secman/persistence-jdo/src/main/java/org/apache/isis/extensions/secman/jdo/seed/scripts/IsisExtSecmanAdminUser.java
index 73f5ddb..8f486c7 100644
--- a/extensions/security/secman/persistence-jdo/src/main/java/org/apache/isis/extensions/secman/jdo/seed/scripts/IsisExtSecmanAdminUser.java
+++ b/extensions/security/secman/persistence-jdo/src/main/java/org/apache/isis/extensions/secman/jdo/seed/scripts/IsisExtSecmanAdminUser.java
@@ -18,8 +18,7 @@
*/
package org.apache.isis.extensions.secman.jdo.seed.scripts;
-import java.util.Arrays;
-
+import org.apache.isis.commons.collections.Can;
import org.apache.isis.extensions.secman.api.SecmanConfiguration;
import org.apache.isis.extensions.secman.api.user.AccountType;
@@ -35,6 +34,6 @@ public class IsisExtSecmanAdminUser extends AbstractUserAndRolesFixtureScript {
null,
GlobalTenancy.TENANCY_PATH,
AccountType.LOCAL,
- Arrays.asList(configBean.getAdminRoleName()));
+ Can.of(configBean.getAdminRoleName()));
}
}
diff --git a/extensions/security/secman/persistence-jpa/src/main/java/org/apache/isis/extensions/secman/jpa/seed/scripts/AbstractUserAndRolesFixtureScript.java b/extensions/security/secman/persistence-jpa/src/main/java/org/apache/isis/extensions/secman/jpa/seed/scripts/AbstractUserAndRolesFixtureScript.java
index 9568473..8e92292 100644
--- a/extensions/security/secman/persistence-jpa/src/main/java/org/apache/isis/extensions/secman/jpa/seed/scripts/AbstractUserAndRolesFixtureScript.java
+++ b/extensions/security/secman/persistence-jpa/src/main/java/org/apache/isis/extensions/secman/jpa/seed/scripts/AbstractUserAndRolesFixtureScript.java
@@ -18,17 +18,13 @@
*/
package org.apache.isis.extensions.secman.jpa.seed.scripts;
-import java.util.Collections;
-import java.util.List;
-
import javax.inject.Inject;
import org.apache.isis.applib.value.Password;
-import org.apache.isis.commons.internal.collections._Lists;
+import org.apache.isis.commons.collections.Can;
import org.apache.isis.commons.internal.exceptions._Exceptions;
import org.apache.isis.extensions.secman.api.user.AccountType;
import org.apache.isis.extensions.secman.api.user.ApplicationUserStatus;
-import org.apache.isis.extensions.secman.jpa.dom.role.ApplicationRole;
import org.apache.isis.extensions.secman.jpa.dom.role.ApplicationRoleRepository;
import org.apache.isis.extensions.secman.jpa.dom.user.ApplicationUser;
import org.apache.isis.extensions.secman.jpa.dom.user.ApplicationUserRepository;
@@ -46,7 +42,7 @@ public class AbstractUserAndRolesFixtureScript extends FixtureScript {
private final String emailAddress;
private final String tenancyPath;
private final AccountType accountType;
- private final List<String> roleNames;
+ private final Can<String> roleNames;
/**
* The {@link org.apache.isis.extensions.secman.jpa.dom.user.ApplicationUser}
@@ -58,7 +54,7 @@ public class AbstractUserAndRolesFixtureScript extends FixtureScript {
final String username,
final String password,
final AccountType accountType,
- final List<String> roleNames) {
+ final Can<String> roleNames) {
this(username, password, null, null, accountType, roleNames);
}
@@ -68,14 +64,14 @@ public class AbstractUserAndRolesFixtureScript extends FixtureScript {
final String emailAddress,
final String tenancyPath,
final AccountType accountType,
- final List<String> roleNames) {
+ final Can<String> roleNames) {
this.username = username;
this.password = password;
this.emailAddress = emailAddress;
this.tenancyPath = tenancyPath;
this.accountType = accountType;
- this.roleNames = Collections.unmodifiableList(_Lists.newArrayList(roleNames));
+ this.roleNames = roleNames;
}
@Override
@@ -104,20 +100,17 @@ public class AbstractUserAndRolesFixtureScript extends FixtureScript {
// update tenancy (repository checks for null)
applicationUser.setAtPath(tenancyPath);
+ }
- for (final String roleName : roleNames) {
- final ApplicationRole securityRole = applicationRoleRepository.findByName(roleName)
- .orElse(null);
-
- if(securityRole!=null) {
- applicationRoleRepository.addRoleToUser(securityRole, applicationUser);
- } else {
- throw _Exceptions.unrecoverable("role not found by name: "+roleName);
- }
-
- }
-
+ for (final String roleName : roleNames) {
+ applicationRoleRepository.findByName(roleName)
+ .map(securityRole->{
+ applicationRoleRepository.addRoleToUser(securityRole, applicationUser);
+ return Boolean.TRUE;
+ })
+ .orElseThrow(()->_Exceptions.unrecoverable("role not found by name: "+roleName));
}
+
}
diff --git a/extensions/security/secman/persistence-jpa/src/main/java/org/apache/isis/extensions/secman/jpa/seed/scripts/IsisExtSecmanAdminUser.java b/extensions/security/secman/persistence-jpa/src/main/java/org/apache/isis/extensions/secman/jpa/seed/scripts/IsisExtSecmanAdminUser.java
index 2fdcf6c..44e8888 100644
--- a/extensions/security/secman/persistence-jpa/src/main/java/org/apache/isis/extensions/secman/jpa/seed/scripts/IsisExtSecmanAdminUser.java
+++ b/extensions/security/secman/persistence-jpa/src/main/java/org/apache/isis/extensions/secman/jpa/seed/scripts/IsisExtSecmanAdminUser.java
@@ -18,8 +18,7 @@
*/
package org.apache.isis.extensions.secman.jpa.seed.scripts;
-import java.util.Arrays;
-
+import org.apache.isis.commons.collections.Can;
import org.apache.isis.extensions.secman.api.SecmanConfiguration;
import org.apache.isis.extensions.secman.api.user.AccountType;
@@ -35,6 +34,6 @@ public class IsisExtSecmanAdminUser extends AbstractUserAndRolesFixtureScript {
null,
GlobalTenancy.TENANCY_PATH,
AccountType.LOCAL,
- Arrays.asList(configBean.getAdminRoleName()));
+ Can.of(configBean.getAdminRoleName()));
}
}