diff --git a/components/core/core-base/src/main/java/org/eclipse/dirigible/components/base/http/roles/Roles.java b/components/core/core-base/src/main/java/org/eclipse/dirigible/components/base/http/roles/Roles.java index 456cb07fa40..ab28fb8752a 100644 --- a/components/core/core-base/src/main/java/org/eclipse/dirigible/components/base/http/roles/Roles.java +++ b/components/core/core-base/src/main/java/org/eclipse/dirigible/components/base/http/roles/Roles.java @@ -15,11 +15,11 @@ public enum Roles { /** The administrator. */ - ADMINISTRATOR("ROLE_ADMINISTRATOR"), + ADMINISTRATOR("ADMINISTRATOR"), /** The developer. */ - DEVELOPER("ROLE_DEVELOPER"), + DEVELOPER("DEVELOPER"), /** The operator. */ - OPERATOR("ROLE_OPERATOR"); + OPERATOR("OPERATOR"); /** The role name. */ private final String roleName; diff --git a/components/core/core-tenants/src/main/java/org/eclipse/dirigible/components/tenants/security/AuthoritiesUtil.java b/components/core/core-tenants/src/main/java/org/eclipse/dirigible/components/tenants/security/AuthoritiesUtil.java new file mode 100644 index 00000000000..254e260c7a9 --- /dev/null +++ b/components/core/core-tenants/src/main/java/org/eclipse/dirigible/components/tenants/security/AuthoritiesUtil.java @@ -0,0 +1,29 @@ +package org.eclipse.dirigible.components.tenants.security; + +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; + +import java.util.Arrays; +import java.util.Collection; +import java.util.Set; +import java.util.stream.Collectors; +import java.util.stream.Stream; + +public class AuthoritiesUtil { + + private static final String ROLE_PREFIX = "ROLE_"; + + public static Set toAuthorities(String... roleNames) { + return toAuthorities(Arrays.stream(roleNames)); + } + + public static Set toAuthorities(Stream roleNames) { + return roleNames.map((r -> r.startsWith(ROLE_PREFIX) ? r : (ROLE_PREFIX + r))) + .map(r -> new SimpleGrantedAuthority(r)) + .collect(Collectors.toSet()); + } + + public static Set toAuthorities(Collection roleNames) { + return toAuthorities(roleNames.stream()); + } +} diff --git a/components/core/core-tenants/src/main/java/org/eclipse/dirigible/components/tenants/security/CustomUserDetailsService.java b/components/core/core-tenants/src/main/java/org/eclipse/dirigible/components/tenants/security/CustomUserDetailsService.java index b12016ba560..3463775a806 100644 --- a/components/core/core-tenants/src/main/java/org/eclipse/dirigible/components/tenants/security/CustomUserDetailsService.java +++ b/components/core/core-tenants/src/main/java/org/eclipse/dirigible/components/tenants/security/CustomUserDetailsService.java @@ -17,15 +17,12 @@ import org.slf4j.LoggerFactory; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.stereotype.Service; -import java.util.Collection; import java.util.Set; -import java.util.stream.Collectors; /** * The Class CustomUserDetailsService. @@ -37,8 +34,6 @@ public class CustomUserDetailsService implements UserDetailsService { /** The Constant LOGGER. */ private static final Logger LOGGER = LoggerFactory.getLogger(CustomUserDetailsService.class); - private static final String ROLE_PREFIX = "ROLE_"; - /** The user service. */ private final UserService userService; @@ -73,16 +68,9 @@ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundEx Set userRoles = userService.getUserRoleNames(user); LOGGER.debug("User [{}] has assigned roles [{}]", user, userRoles); - Set auths = toAuthorities(userRoles); + Set auths = AuthoritiesUtil.toAuthorities(userRoles); return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), auths); } - private Set toAuthorities(Collection roleNames) { - return roleNames.stream() - .map((r -> r.startsWith(ROLE_PREFIX) ? r : (ROLE_PREFIX + r))) - .map(r -> new SimpleGrantedAuthority(r)) - .collect(Collectors.toSet()); - } - } diff --git a/components/engine/engine-security/src/main/java/org/eclipse/dirigible/components/security/filter/SecurityFilter.java b/components/engine/engine-security/src/main/java/org/eclipse/dirigible/components/security/filter/SecurityFilter.java index 923d839e540..31f1f53d788 100644 --- a/components/engine/engine-security/src/main/java/org/eclipse/dirigible/components/security/filter/SecurityFilter.java +++ b/components/engine/engine-security/src/main/java/org/eclipse/dirigible/components/security/filter/SecurityFilter.java @@ -106,7 +106,8 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha HttpServletRequest httpServletRequest = (HttpServletRequest) request; HttpServletResponse httpServletResponse = (HttpServletResponse) response; - String path = httpServletRequest.getServletPath() != "" ? httpServletRequest.getServletPath() : IRepositoryStructure.SEPARATOR; + String path = + !"".equals(httpServletRequest.getServletPath()) ? httpServletRequest.getServletPath() : IRepositoryStructure.SEPARATOR; if (!path.startsWith(PATH_WEB_RESOURCES)) { for (String prefix : SECURED_PREFIXES) { if (path.startsWith(prefix)) { diff --git a/components/security/security-keycloak/src/main/java/org/eclipse/dirigible/components/security/keycloak/CustomOidcUserService.java b/components/security/security-keycloak/src/main/java/org/eclipse/dirigible/components/security/keycloak/CustomOidcUserService.java index 695f43d4427..d5f764d0186 100644 --- a/components/security/security-keycloak/src/main/java/org/eclipse/dirigible/components/security/keycloak/CustomOidcUserService.java +++ b/components/security/security-keycloak/src/main/java/org/eclipse/dirigible/components/security/keycloak/CustomOidcUserService.java @@ -13,12 +13,12 @@ import org.eclipse.dirigible.components.base.http.roles.Roles; import org.eclipse.dirigible.components.base.tenant.TenantContext; import org.eclipse.dirigible.components.tenants.domain.User; +import org.eclipse.dirigible.components.tenants.security.AuthoritiesUtil; import org.eclipse.dirigible.components.tenants.service.UserService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.context.annotation.Profile; import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest; import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService; import org.springframework.security.oauth2.core.OAuth2AuthenticationException; @@ -28,7 +28,6 @@ import org.springframework.util.StringUtils; import java.util.Arrays; -import java.util.Collection; import java.util.Set; import java.util.stream.Collectors; @@ -42,8 +41,6 @@ public class CustomOidcUserService extends OidcUserService { /** The Constant LOGGER. */ private static final Logger LOGGER = LoggerFactory.getLogger(CustomOidcUserService.class); - private static final String ROLE_PREFIX = "ROLE_"; - /** The Constant USER_NOT_IN_TENANT_ERR. */ private static final OAuth2Error USER_NOT_IN_TENANT_ERR = new OAuth2Error("user_not_registered_in_tenant"); @@ -77,7 +74,7 @@ public OidcUser loadUser(OidcUserRequest userRequest) throws OAuth2Authenticatio User user = getTenantUser(oidcUser); Set roleNames = getRoleNames(user); - Set roleAuthorities = toAuthorities(roleNames); + Set roleAuthorities = AuthoritiesUtil.toAuthorities(roleNames); return createOidcUser(userRequest, oidcUser, roleAuthorities); @@ -130,19 +127,6 @@ private Set getRoleNames(User user) { return userService.getUserRoleNames(user); } - /** - * To authorities. - * - * @param roleNames the role names - * @return the sets the - */ - private Set toAuthorities(Collection roleNames) { - return roleNames.stream() - .map((r -> r.startsWith(ROLE_PREFIX) ? r : (ROLE_PREFIX + r))) - .map(r -> new SimpleGrantedAuthority(r)) - .collect(Collectors.toSet()); - } - /** * Creates the oidc user. *