remove ROLE_ from system roles + refactoring (#4126)

Signed-off-by: Iliyan Velichkov <[email protected]>
eclipse-dirigible · Jul 9, 2024 · f1be555 · f1be555
1 parent 1d9f33b
commit f1be555
Show file tree

Hide file tree

Showing 5 changed files with 37 additions and 35 deletions.
diff --git a/.../core/core-base/src/main/java/org/eclipse/dirigible/components/base/http/roles/Roles.java b/.../core/core-base/src/main/java/org/eclipse/dirigible/components/base/http/roles/Roles.java
@@ -15,11 +15,11 @@
 public enum Roles {
 
     /** The administrator. */
-    ADMINISTRATOR("ROLE_ADMINISTRATOR"),
+    ADMINISTRATOR("ADMINISTRATOR"),
     /** The developer. */
-    DEVELOPER("ROLE_DEVELOPER"),
+    DEVELOPER("DEVELOPER"),
     /** The operator. */
-    OPERATOR("ROLE_OPERATOR");
+    OPERATOR("OPERATOR");
 
     /** The role name. */
     private final String roleName;

diff --git a/...ants/src/main/java/org/eclipse/dirigible/components/tenants/security/AuthoritiesUtil.java b/...ants/src/main/java/org/eclipse/dirigible/components/tenants/security/AuthoritiesUtil.java
@@ -0,0 +1,29 @@
+package org.eclipse.dirigible.components.tenants.security;
+
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Set;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+
+public class AuthoritiesUtil {
+
+    private static final String ROLE_PREFIX = "ROLE_";
+
+    public static Set<GrantedAuthority> toAuthorities(String... roleNames) {
+        return toAuthorities(Arrays.stream(roleNames));
+    }
+
+    public static Set<GrantedAuthority> toAuthorities(Stream<String> roleNames) {
+        return roleNames.map((r -> r.startsWith(ROLE_PREFIX) ? r : (ROLE_PREFIX + r)))
+                        .map(r -> new SimpleGrantedAuthority(r))
+                        .collect(Collectors.toSet());
+    }
+
+    public static Set<GrantedAuthority> toAuthorities(Collection<String> roleNames) {
+        return toAuthorities(roleNames.stream());
+    }
+}
diff --git a/...main/java/org/eclipse/dirigible/components/tenants/security/CustomUserDetailsService.java b/...main/java/org/eclipse/dirigible/components/tenants/security/CustomUserDetailsService.java
@@ -17,15 +17,12 @@
 import org.slf4j.LoggerFactory;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;
 
-import java.util.Collection;
 import java.util.Set;
-import java.util.stream.Collectors;
 
 /**
  * The Class CustomUserDetailsService.
@@ -37,8 +34,6 @@ public class CustomUserDetailsService implements UserDetailsService {
     /** The Constant LOGGER. */
     private static final Logger LOGGER = LoggerFactory.getLogger(CustomUserDetailsService.class);
 
-    private static final String ROLE_PREFIX = "ROLE_";
-
     /** The user service. */
     private final UserService userService;
 
@@ -73,16 +68,9 @@ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundEx
 
         Set<String> userRoles = userService.getUserRoleNames(user);
         LOGGER.debug("User [{}] has assigned roles [{}]", user, userRoles);
-        Set<GrantedAuthority> auths = toAuthorities(userRoles);
+        Set<GrantedAuthority> auths = AuthoritiesUtil.toAuthorities(userRoles);
 
         return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), auths);
     }
 
-    private Set<GrantedAuthority> toAuthorities(Collection<String> roleNames) {
-        return roleNames.stream()
-                        .map((r -> r.startsWith(ROLE_PREFIX) ? r : (ROLE_PREFIX + r)))
-                        .map(r -> new SimpleGrantedAuthority(r))
-                        .collect(Collectors.toSet());
-    }
-
 }
diff --git a/...curity/src/main/java/org/eclipse/dirigible/components/security/filter/SecurityFilter.java b/...curity/src/main/java/org/eclipse/dirigible/components/security/filter/SecurityFilter.java
@@ -106,7 +106,8 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
         HttpServletRequest httpServletRequest = (HttpServletRequest) request;
         HttpServletResponse httpServletResponse = (HttpServletResponse) response;
 
-        String path = httpServletRequest.getServletPath() != "" ? httpServletRequest.getServletPath() : IRepositoryStructure.SEPARATOR;
+        String path =
+                !"".equals(httpServletRequest.getServletPath()) ? httpServletRequest.getServletPath() : IRepositoryStructure.SEPARATOR;
         if (!path.startsWith(PATH_WEB_RESOURCES)) {
             for (String prefix : SECURED_PREFIXES) {
                 if (path.startsWith(prefix)) {

diff --git a/...c/main/java/org/eclipse/dirigible/components/security/keycloak/CustomOidcUserService.java b/...c/main/java/org/eclipse/dirigible/components/security/keycloak/CustomOidcUserService.java
@@ -13,12 +13,12 @@
 import org.eclipse.dirigible.components.base.http.roles.Roles;
 import org.eclipse.dirigible.components.base.tenant.TenantContext;
 import org.eclipse.dirigible.components.tenants.domain.User;
+import org.eclipse.dirigible.components.tenants.security.AuthoritiesUtil;
 import org.eclipse.dirigible.components.tenants.service.UserService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.context.annotation.Profile;
 import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest;
 import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService;
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
@@ -28,7 +28,6 @@
 import org.springframework.util.StringUtils;
 
 import java.util.Arrays;
-import java.util.Collection;
 import java.util.Set;
 import java.util.stream.Collectors;
 
@@ -42,8 +41,6 @@ public class CustomOidcUserService extends OidcUserService {
     /** The Constant LOGGER. */
     private static final Logger LOGGER = LoggerFactory.getLogger(CustomOidcUserService.class);
 
-    private static final String ROLE_PREFIX = "ROLE_";
-
     /** The Constant USER_NOT_IN_TENANT_ERR. */
     private static final OAuth2Error USER_NOT_IN_TENANT_ERR = new OAuth2Error("user_not_registered_in_tenant");
 
@@ -77,7 +74,7 @@ public OidcUser loadUser(OidcUserRequest userRequest) throws OAuth2Authenticatio
 
         User user = getTenantUser(oidcUser);
         Set<String> roleNames = getRoleNames(user);
-        Set<GrantedAuthority> roleAuthorities = toAuthorities(roleNames);
+        Set<GrantedAuthority> roleAuthorities = AuthoritiesUtil.toAuthorities(roleNames);
 
         return createOidcUser(userRequest, oidcUser, roleAuthorities);
 
@@ -130,19 +127,6 @@ private Set<String> getRoleNames(User user) {
         return userService.getUserRoleNames(user);
     }
 
-    /**
-     * To authorities.
-     *
-     * @param roleNames the role names
-     * @return the sets the
-     */
-    private Set<GrantedAuthority> toAuthorities(Collection<String> roleNames) {
-        return roleNames.stream()
-                        .map((r -> r.startsWith(ROLE_PREFIX) ? r : (ROLE_PREFIX + r)))
-                        .map(r -> new SimpleGrantedAuthority(r))
-                        .collect(Collectors.toSet());
-    }
-
     /**
      * Creates the oidc user.
      *