Commit 66d1cf3e authored by Brian Major's avatar Brian Major
Browse files

s1885 - Removed service URI from AC.java

parents 326bef5d 1637be8e
......@@ -115,6 +115,9 @@
<mkdir dir="${user.home}/config" />
<copy overwrite="true" file="test/LdapConfig.test.properties"
todir="${user.home}/config/"/>
<copy overwrite="true"
file="${env.CADC_PREFIX}/etc/LocalAuthority.properties"
tofile="${build}/class/LocalAuthority.properties"/>
</target>
<!-- JAR files needed to run the test suite -->
......
......@@ -86,7 +86,6 @@ import javax.security.auth.x500.X500Principal;
import org.apache.log4j.Logger;
import ca.nrc.cadc.ac.AC;
import ca.nrc.cadc.ac.Group;
import ca.nrc.cadc.ac.InternalID;
import ca.nrc.cadc.ac.PersonalDetails;
......@@ -101,6 +100,7 @@ import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.auth.NumericPrincipal;
import ca.nrc.cadc.net.TransientException;
import ca.nrc.cadc.profiler.Profiler;
import ca.nrc.cadc.reg.client.LocalAuthority;
import ca.nrc.cadc.util.ObjectUtil;
import ca.nrc.cadc.util.StringUtil;
......@@ -140,8 +140,6 @@ public class LdapUserDAO extends LdapDAO
private static final Logger logger = Logger.getLogger(LdapUserDAO.class);
private String internalIdUriPrefix = AC.USER_URI;
// Map of identity type to LDAP attribute
private final Map<Class<?>, String> userLdapAttrib = new HashMap<Class<?>, String>();
......@@ -740,7 +738,10 @@ public class LdapUserDAO extends LdapDAO
user.getIdentities().add(new DNPrincipal(searchResult.getAttributeValue(LDAP_ENTRYDN)));
// cache memberOf values in the user
GroupMemberships gms = new GroupMemberships(userID);
LocalAuthority localAuthority = new LocalAuthority();
URI gmsServiceURI = localAuthority.getServiceURI("gms");
GroupMemberships gms = new GroupMemberships(gmsServiceURI.toString(), userID);
user.appData = gms; // add even if empty
String[] mems = searchResult.getAttributeValues(LDAP_MEMBEROF);
if (mems != null && mems.length > 0)
......@@ -926,8 +927,6 @@ public class LdapUserDAO extends LdapDAO
public User modifyUser(final User user)
throws UserNotFoundException, TransientException, AccessControlException
{
// Will we always have a HttpPrincipal?
User existingUser = getUser(user.getHttpPrincipal());
List<Modification> mods = new ArrayList<Modification>();
......@@ -1274,15 +1273,12 @@ public class LdapUserDAO extends LdapDAO
return uuid.getLeastSignificantBits();
}
protected void setInternalIdUriPrefix(String internalIdUriPrefix)
{
this.internalIdUriPrefix = internalIdUriPrefix;
}
protected InternalID getInternalID(String numericID)
{
UUID uuid = new UUID(0L, Long.parseLong(numericID));
String uriString = internalIdUriPrefix + "?" + uuid.toString();
LocalAuthority localAuthority = new LocalAuthority();
URI umsServiceURI = localAuthority.getServiceURI("ums");
String uriString = umsServiceURI.toString() + "?" + uuid.toString();
URI uri;
try
{
......
......@@ -121,7 +121,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
userDAO = getLdapUserDao(conns);
userDAO = new LdapUserDAO(conns);
userDAO.addUser(user);
}
finally
......@@ -146,7 +146,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
userDAO = getLdapUserDao(conns);
userDAO = new LdapUserDAO(conns);
userDAO.addUserRequest(userRequest);
}
finally
......@@ -177,7 +177,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
userDAO = getLdapUserDao(conns);
userDAO = new LdapUserDAO(conns);
return userDAO.getUser(userID);
}
finally
......@@ -205,7 +205,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
LdapUserDAO userDAO = getLdapUserDao(conns);
LdapUserDAO userDAO = new LdapUserDAO(conns);
return userDAO.getUserByEmailAddress(emailAddress);
}
finally
......@@ -234,7 +234,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
userDAO = getLdapUserDao(conns);
userDAO = new LdapUserDAO(conns);
return userDAO.getUserRequest(userID);
}
finally
......@@ -243,8 +243,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
}
}
/**<<<<<<< HEAD
/**
* Get the user specified by userID with all of the users identities.
*
* @param userID The userID.
......@@ -264,7 +263,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
try
{
Profiler profiler = new Profiler(LdapUserPersistence.class);
userDAO = getLdapUserDao(conns);
userDAO = new LdapUserDAO(conns);
profiler.checkpoint("Create LdapUserDAO");
User user = userDAO.getAugmentedUser(userID);
profiler.checkpoint("getAugmentedUser");
......@@ -299,7 +298,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
userDAO = getLdapUserDao(conns);
userDAO = new LdapUserDAO(conns);
return userDAO.getUsers();
}
finally
......@@ -323,7 +322,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
userDAO = getLdapUserDao(conns);
userDAO = new LdapUserDAO(conns);
return userDAO.getUserRequests();
}
finally
......@@ -353,7 +352,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
userDAO = getLdapUserDao(conns);
userDAO = new LdapUserDAO(conns);
return userDAO.approveUserRequest(userID);
}
finally
......@@ -385,7 +384,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
userDAO = getLdapUserDao(conns);
userDAO = new LdapUserDAO(conns);
return userDAO.modifyUser(user);
}
finally
......@@ -415,7 +414,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
userDAO = getLdapUserDao(conns);
userDAO = new LdapUserDAO(conns);
userDAO.deleteUser(userID, true);
}
finally
......@@ -444,7 +443,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
userDAO = getLdapUserDao(conns);
userDAO = new LdapUserDAO(conns);
userDAO.deleteUser(userID, false);
}
finally
......@@ -471,7 +470,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
userDAO = getLdapUserDao(conns);
userDAO = new LdapUserDAO(conns);
userDAO.deleteUserRequest(userID);
}
finally
......@@ -498,7 +497,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
userDAO = getLdapUserDao(conns);
userDAO = new LdapUserDAO(conns);
return userDAO.doLogin(userID, password);
}
finally
......@@ -510,11 +509,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
/**
* Update a user's password. The given user and authenticating user must match.
*
<<<<<<< HEAD
* @param userID the user.
=======
* @param userID
>>>>>>> efc84b5d25584bd3014fc6cbc820c5acf0d90a2a
* @param oldPassword current password.
* @param newPassword new password.
* @throws UserNotFoundException If the given user does not exist.
......@@ -532,7 +527,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
userDAO = getLdapUserDao(conns);
userDAO = new LdapUserDAO(conns);
if (userDAO.doLogin(userID.getName(), oldPassword))
{
// oldPassword is correct
......@@ -548,11 +543,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
/**
* Reset a user's password. The given user and authenticating user must match.
*
<<<<<<< HEAD
* @param userID The user.
=======
* @param userID
>>>>>>> efc84b5d25584bd3014fc6cbc820c5acf0d90a2a
* @param newPassword new password.
* @throws UserNotFoundException If the given user does not exist.
* @throws TransientException If an temporary, unexpected problem occurred.
......@@ -569,7 +560,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
LdapConnections conns = new LdapConnections(this);
try
{
userDAO = getLdapUserDao(conns);
userDAO = new LdapUserDAO(conns);
User user = getUser(userID);
if (user != null)
......@@ -613,23 +604,4 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
return false;
}
private LdapUserDAO getLdapUserDao(LdapConnections conn)
{
LdapUserDAO dao = new LdapUserDAO(conn);
if (getInternalIdUriPrefix() != null)
dao.setInternalIdUriPrefix(getInternalIdUriPrefix());
return dao;
}
/**
* Web services can override this method to change
* the user prefix used in the internal ID.
*
* By default the LdapUserDAO will use AC.USER_URI;
*/
protected String getInternalIdUriPrefix()
{
return null;
}
}
......@@ -81,10 +81,10 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import ca.nrc.cadc.ac.AC;
import ca.nrc.cadc.auth.AuthenticationUtil;
import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.log.ServletLogInfo;
import ca.nrc.cadc.reg.client.LocalAuthority;
import ca.nrc.cadc.reg.client.RegistryClient;
/**
......@@ -164,9 +164,15 @@ public class WhoAmIServlet extends HttpServlet
final String scheme) throws IOException
{
final RegistryClient registryClient = getRegistryClient();
LocalAuthority localAuthority = new LocalAuthority();
URI umsServiceURI = localAuthority.getServiceURI("ums");
log.debug("ums service uri: " + umsServiceURI);
final URL redirectURL =
registryClient.getServiceURL(
URI.create(AC.UMS_SERVICE_URI + "#users"), scheme, USER_GET_PATH);
URI.create(umsServiceURI.toString() + "#users"), scheme, USER_GET_PATH);
// Take the first one.
final String redirectUrl =
......
......@@ -84,8 +84,8 @@ import javax.servlet.http.HttpServletResponse;
import org.junit.Test;
import ca.nrc.cadc.ac.AC;
import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.reg.client.LocalAuthority;
import ca.nrc.cadc.reg.client.RegistryClient;
......@@ -132,7 +132,10 @@ public class WhoAmIServletTest
mockResponse.sendRedirect("/ac/users/CADCtest?idType=HTTP");
expectLastCall().once();
expect(mockRegistry.getServiceURL(URI.create(AC.UMS_SERVICE_URI + "#users"),
LocalAuthority localAuthority = new LocalAuthority();
URI umsServiceURI = localAuthority.getServiceURI("ums");
expect(mockRegistry.getServiceURL(URI.create(umsServiceURI.toString() + "#users"),
"http", "/%s?idType=HTTP")).
andReturn(new URL("http://mysite.com/ac/users/CADCtest?idType=HTTP")).once();
......
......@@ -77,10 +77,6 @@ import java.util.UUID;
import javax.security.auth.x500.X500Principal;
import ca.nrc.cadc.ac.AC;
import ca.nrc.cadc.ac.InternalID;
import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.util.ObjectUtil;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;
import org.easymock.EasyMock;
......@@ -88,13 +84,17 @@ import org.junit.BeforeClass;
import org.junit.Test;
import ca.nrc.cadc.ac.Group;
import ca.nrc.cadc.ac.InternalID;
import ca.nrc.cadc.ac.MemberNotFoundException;
import ca.nrc.cadc.ac.User;
import ca.nrc.cadc.ac.server.GroupPersistence;
import ca.nrc.cadc.ac.server.UserPersistence;
import ca.nrc.cadc.auth.AuthenticationUtil;
import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.auth.IdentityType;
import ca.nrc.cadc.reg.client.LocalAuthority;
import ca.nrc.cadc.util.Log4jInit;
import ca.nrc.cadc.util.ObjectUtil;
/**
*
......@@ -117,7 +117,9 @@ public class RemoveUserMemberActionTest
try
{
User user = new User();
InternalID internalID = new InternalID(new URI(AC.USER_URI + "?" + UUID.randomUUID()));
LocalAuthority localAuthority = new LocalAuthority();
URI umsServiceURI = localAuthority.getServiceURI("ums");
InternalID internalID = new InternalID(new URI(umsServiceURI.toASCIIString() + "?" + UUID.randomUUID()));
ObjectUtil.setField(user, internalID, "id");
String userID = "cn=foo,c=ca";
......@@ -169,7 +171,9 @@ public class RemoveUserMemberActionTest
try
{
User user = new User();
InternalID internalID = new InternalID(new URI(AC.USER_URI + "?" + UUID.randomUUID()));
LocalAuthority localAuthority = new LocalAuthority();
URI umsServiceURI = localAuthority.getServiceURI("ums");
InternalID internalID = new InternalID(new URI(umsServiceURI.toString() + "?" + UUID.randomUUID()));
ObjectUtil.setField(user, internalID, "id");
String userID = "cn=foo,c=ca";
......
......@@ -112,8 +112,14 @@
<property name="junit" value="${ext.dev}/junit.jar" />
<property name="objenesis" value="${ext.dev}/objenesis.jar" />
<property name="jsonassert" value="${ext.dev}/jsonassert.jar" />
<property name="mail" value="${ext.dev}/mail.jar" />
<property name="testingJars" value="${build}/class:${xerces}:${jsonassert}:${jars}:${asm}:${cglib}:${easymock}:${junit}:${objenesis}:${mail}" />
<property name="testingJars" value="${build}/class:${jsonassert}:${jars}:${xerces}:${asm}:${cglib}:${easymock}:${junit}:${objenesis}" />
<target name="setup-test">
<copy overwrite="true"
file="${env.CADC_PREFIX}/etc/LocalAuthority.properties"
tofile="${build}/class/LocalAuthority.properties"/>
</target>
<target name="single-test" depends="compile,compile-test">
<echo message="Running test suite..." />
......
......@@ -85,13 +85,4 @@ public class AC
// Denotes a group readable by public
public static final String PROPERTY_PUBLIC = "ivo://ivoa.net/gms#public";
public static final String UMS_SERVICE_URI = "ivo://canfar.net/ums";
public static final String GMS_SERVICE_URI = "ivo://canfar.net/gms";
// Group URI attribute once the group name is appended
public static final String GROUP_URI = "ivo://cadc.nrc.ca/gms#";
// User URI with appended UUID represents a unique user
public static final String USER_URI = "ivo://cadc.nrc.ca/user";
}
......@@ -133,6 +133,7 @@ public class GMSClient implements TransferListener
private RegistryClient registryClient;
private URI gmsServiceURI;
private URI groupsURI;
private URI searchURI;
......@@ -159,6 +160,7 @@ public class GMSClient implements TransferListener
try
{
this.gmsServiceURI = serviceURI;
this.groupsURI = new URI(serviceURI.toASCIIString() + "#" + GROUPS);
this.searchURI = new URI(serviceURI.toASCIIString() + "#" + SEARCH);
}
......@@ -1100,11 +1102,20 @@ public class GMSClient implements TransferListener
Set<GroupMemberships> gset = subject.getPrivateCredentials(GroupMemberships.class);
if (gset == null || gset.isEmpty())
{
GroupMemberships mems = new GroupMemberships(userID);
GroupMemberships mems = new GroupMemberships(gmsServiceURI.toString(), userID);
subject.getPrivateCredentials().add(mems);
return mems;
}
GroupMemberships mems = gset.iterator().next();
// check to ensure they have the same service URI
if (!gmsServiceURI.toString().equals(mems.getServiceURI()))
{
log.debug("Not using cache because of differing service URIs: " +
"[" + gmsServiceURI.toString() + "][" + mems.getServiceURI() + "]");
return null;
}
return mems;
}
return null; // no cache
......
......@@ -69,47 +69,55 @@
package ca.nrc.cadc.ac.client;
import ca.nrc.cadc.ac.Group;
import ca.nrc.cadc.ac.Role;
import org.apache.log4j.Logger;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.log4j.Logger;
import ca.nrc.cadc.ac.Group;
import ca.nrc.cadc.ac.Role;
/**
* Class used to hold list of groups in which a user is known to be a member.
*
*
* @author pdowler
*/
public class GroupMemberships implements Comparable
{
private static final Logger log = Logger.getLogger(GroupMemberships.class);
private String serviceURI;
private Principal userID;
private Map<Role, List<Group>> memberships = new HashMap<Role, List<Group>>();
private Map<Role, Boolean> complete = new HashMap<Role, Boolean>();
public GroupMemberships() { init(); }
public GroupMemberships(Principal userID)
public GroupMemberships(String serviceURI, Principal userID)
{
this.serviceURI = serviceURI;
this.userID = userID;
init();
}
public boolean isComplete(Role role)
{
return complete.get(role);
}
public String getServiceURI()
{
return serviceURI;
}
public List<Group> getMemberships(Role role)
{
return memberships.get(role);
}
private void init()
{
for (Role role : Role.values())
......@@ -123,14 +131,14 @@ public class GroupMemberships implements Comparable
{
return userID;
}
public void add(Group group, Role role)
{
List<Group> groups = memberships.get(role);
if (!groups.contains(group))
groups.add(group);
}
public void add(List<Group> groups, Role role)
{
List<Group> cur = memberships.get(role);
......@@ -141,7 +149,7 @@ public class GroupMemberships implements Comparable
complete.put(role, Boolean.TRUE);
}
}
// only allow one in a set - makes clearCache simple too
public boolean equals(Object rhs)
{
......
......@@ -69,7 +69,26 @@
package ca.nrc.cadc.ac.xml;
import ca.nrc.cadc.ac.AC;
import java.io.IOException;
import java.io.Writer;
import java.lang.reflect.Field;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.Principal;
import java.text.DateFormat;
import java.text.ParseException;
import java.util.List;
import java.util.Set;
import java.util.UUID;
import javax.security.auth.x500.X500Principal;
import org.jdom2.Attribute;
import org.jdom2.Document;
import org.jdom2.Element;
import org.jdom2.output.Format;
import org.jdom2.output.XMLOutputter;
import ca.nrc.cadc.ac.Group;
import ca.nrc.cadc.ac.GroupProperty;
import ca.nrc.cadc.ac.InternalID;
......@@ -85,24 +104,7 @@ import ca.nrc.cadc.auth.IdentityType;
import ca.nrc.cadc.auth.NumericPrincipal;
import ca.nrc.cadc.auth.OpenIdPrincipal;
import ca.nrc.cadc.date.DateUtil;
import org.jdom2.Attribute;
import org.jdom2.Document;
import org.jdom2.Element;
import org.jdom2.output.Format;
import org.jdom2.output.XMLOutputter;
import javax.security.auth.x500.X500Principal;
import java.io.IOException;
import java.io.Writer;
import java.lang.reflect.Field;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.Principal;
import java.text.DateFormat;
import java.text.ParseException;
import java.util.List;
import java.util.Set;
import java.util.UUID;
import ca.nrc.cadc.reg.client.LocalAuthority;
/**
* AbstractReaderWriter TODO describe class
......@@ -149,6 +151,15 @@ public abstract class AbstractReaderWriter
public static final String USER_MEMBERS = "userMembers";
public static final String USER_REQUEST = "userRequest";
private String gmsServiceURI;