CCM NG:

- Some updates caused by the integration of the UUID field in CcmObject
- Better integration for Shiro (inspired by https://issues.apache.org/jira/browse/SHIRO-337).)


git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@3855 8810af33-2d31-482b-a856-94f89814c4df

ccm-core/src/main/java/com/arsdigita/ui/admin/AdminApplicationSetup.java

@@ -18,6 +18,7 @@
  */
 package com.arsdigita.ui.admin;
 
+import java.util.UUID;
 import org.libreccm.modules.InstallEvent;
 import org.libreccm.web.CcmApplication;
 import org.libreccm.web.AbstractCcmApplicationSetup;
@@ -39,6 +40,7 @@ public class AdminApplicationSetup extends AbstractCcmApplicationSetup {
     @Override
     public void setup() {
         final CcmApplication admin = new CcmApplication();
+        admin.setUuid(UUID.randomUUID().toString());
         admin.setApplicationType(ADMIN_APP_NAME);
         admin.setPrimaryUrl(AdminConstants.ADMIN_PAGE_URL);
         

ccm-core/src/main/java/com/arsdigita/ui/login/LoginApplicationSetup.java

@@ -18,6 +18,7 @@
  */
 package com.arsdigita.ui.login;
 
+import java.util.UUID;
 import org.libreccm.modules.InstallEvent;
 import org.libreccm.web.AbstractCcmApplicationSetup;
 import org.libreccm.web.CcmApplication;
@@ -38,6 +39,7 @@ public class LoginApplicationSetup extends AbstractCcmApplicationSetup {
     @Override
     public void setup() {
         final CcmApplication login = new CcmApplication();
+        login.setUuid(UUID.randomUUID().toString());
         login.setApplicationType(LOGIN_APP_NAME);
         login.setPrimaryUrl(LoginConstants.LOGIN_PAGE_URL);
 

ccm-core/src/main/java/com/arsdigita/web/URL.java

@@ -914,7 +914,7 @@ public class URL {
     static URL login(final HttpServletRequest sreq) {
         //Replace register eventuelly...
         return URL.excursion(sreq, 
-                             "/register",
+                             "/register/",
                              (ParameterMap) s_empty.get());
     }
 

ccm-core/src/main/java/org/libreccm/categorization/RegistrySetup.java

@@ -18,6 +18,7 @@
  */
 package org.libreccm.categorization;
 
+import java.util.UUID;
 import org.libreccm.configuration.ConfigurationConstants;
 import org.libreccm.modules.InstallEvent;
 
@@ -39,9 +40,11 @@ public class RegistrySetup {
         final Domain registry = new Domain();
         registry.setDomainKey(ConfigurationConstants.REGISTRY_DOMAIN);
         registry.setVersion("1.0");
+        registry.setUuid(UUID.randomUUID().toString());
         registry.setDisplayName(ConfigurationConstants.REGISTRY_DOMAIN);
         
         final Category root = new Category();
+        root.setUuid(UUID.randomUUID().toString());
         root.setName(ConfigurationConstants.REGISTRY_DOMAIN + "-root");
         root.setDisplayName(ConfigurationConstants.REGISTRY_DOMAIN + "-root");
         

ccm-core/src/main/java/org/libreccm/security/Shiro.java

@@ -19,27 +19,21 @@
 package org.libreccm.security;
 
 import com.arsdigita.kernel.KernelConfig;
+import java.lang.reflect.InvocationHandler;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.lang.reflect.Proxy;
 
-import javax.annotation.PostConstruct;
 import javax.enterprise.context.ApplicationScoped;
-import javax.enterprise.context.RequestScoped;
-import javax.enterprise.inject.Default;
 import javax.enterprise.inject.Produces;
 import javax.inject.Inject;
 import javax.inject.Named;
-import javax.inject.Singleton;
-import javax.servlet.ServletContext;
-
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
 import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.config.IniSecurityManagerFactory;
 import org.apache.shiro.mgt.SecurityManager;
+import org.apache.shiro.session.Session;
 import org.apache.shiro.subject.PrincipalCollection;
 import org.apache.shiro.subject.SimplePrincipalCollection;
 import org.apache.shiro.subject.Subject;
-import org.apache.shiro.web.env.EnvironmentLoader;
-import org.apache.shiro.web.env.WebEnvironment;
 
 /**
  * This application scoped CDI bean acts as bridge between CDI and Shiro. It
@@ -47,53 +41,19 @@ import org.apache.shiro.web.env.WebEnvironment;
  * {@link SecurityManager} and the current Shiro {@link Subject} via CDI
  * producer methods.
  * 
+ * This class is based on the implementation for the upcoming CDI integration
+ * of Shiro discussed at https://issues.apache.org/jira/browse/SHIRO-337 and
+ * the implementation which can be found at https://github.com/hwellmann/shiro 
+ * (commit 8a40df0).
+ *
  * @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
  */
 @ApplicationScoped
-//@Singleton
 public class Shiro {
 
-    private static final Logger LOGGER = LogManager.getLogger(
-            Shiro.class);
-
-    @Inject
-    private ServletContext servletContext;
-
     @Inject
     private UserRepository userRepository;
 
-    /**
-     * Path to the Shiro INI file.
-     */
-    private static final String INI_FILE = "classpath:shiro.ini";
-
-    /**
-     * The Shiro {@code SecurityManager}.
-     */
-    private SecurityManager securityManager;
-
-    /**
-     * Initialises Shiro. The CDI container will call this method after creating
-     * an instance of this bean.
-     */
-    @PostConstruct
-    public void init() {
-//        LOGGER.debug("Shiro initialising...");
-//        securityManager = new IniSecurityManagerFactory(
-//                INI_FILE)
-//                .createInstance();
-//        LOGGER.debug("Shiro SecurityManager created sucessfully.");
-//        SecurityUtils.setSecurityManager(securityManager);
-//        LOGGER.debug("Shiro initialised successfully.");
-        //securityManager = SecurityUtils.getSecurityManager();
-
-        final WebEnvironment environment = (WebEnvironment) servletContext.
-                getAttribute(EnvironmentLoader.ENVIRONMENT_ATTRIBUTE_KEY);
-
-        securityManager = environment.getSecurityManager();
-        SecurityUtils.setSecurityManager(securityManager);
-    }
-
     /**
      * Provides access Shiro's {@link SecurityManager}.
      *
@@ -102,12 +62,7 @@ public class Shiro {
     @Produces
     @Named("securityManager")
     public SecurityManager getSecurityManager() {
-        return securityManager;
+        return proxy(SecurityManager.class, new SubjectInvocationHandler());
-//        return SecurityUtils.getSecurityManager();
-//        final WebEnvironment environment = (WebEnvironment) servletContext.
-//                getAttribute(EnvironmentLoader.ENVIRONMENT_ATTRIBUTE_KEY);
-//
-//        return environment.getSecurityManager();
     }
 
     /**
@@ -118,7 +73,12 @@ public class Shiro {
      */
     @Produces
     public Subject getSubject() {
-        return SecurityUtils.getSubject();
+        return proxy(Subject.class, new SubjectInvocationHandler());
+    }
+
+    @Produces
+    public Session getSession() {
+        return proxy(Session.class, new SessionInvocationHandler());
     }
 
     public Subject getPublicUser() {
@@ -155,4 +115,59 @@ public class Shiro {
         return publicUser;
     }
 
+    private <T> T proxy(final Class<T> clazz, final InvocationHandler handler) {
+        return (T) Proxy.newProxyInstance(getClass().getClassLoader(),
+                                          new Class<?>[]{clazz},
+                                          handler);
+    }
+
+    private static abstract class Handler implements InvocationHandler {
+
+        public abstract Object handlerInvoke(Object proxy,
+                                             Method method,
+                                             Object[] args) throws Throwable;
+
+        @Override
+        public Object invoke(final Object proxy,
+                             final Method method,
+                             Object[] args) throws Throwable {
+            try {
+                return handlerInvoke(proxy, method, args);
+            } catch (InvocationTargetException ex) {
+                throw ex.getTargetException();
+            }
+        }
+    }
+
+    private static class SubjectInvocationHandler extends Handler {
+
+        @Override
+        public Object handlerInvoke(final Object proxy,
+                                    final Method method,
+                                    final Object[] args) throws Throwable {
+            return method.invoke(SecurityUtils.getSubject(), args);
+        }
+    }
+
+    private static class SecurityManagerInvocationHandler extends Handler {
+
+        @Override
+        public Object handlerInvoke(final Object proxy,
+                                    final Method method,
+                                    final Object[] args) throws Throwable {
+            return method.invoke(SecurityUtils.getSecurityManager(), args);
+        }
+
+    }
+
+    private class SessionInvocationHandler extends Handler {
+
+        @Override
+        public Object handlerInvoke(final Object proxy,
+                                    final Method method,
+                                    final Object[] args) throws Throwable {
+            return method.invoke(SecurityUtils.getSubject().getSession(), args);
+        }
+    }
+
 }

ccm-core/src/main/java/org/libreccm/security/SystemUsersSetup.java

@@ -64,7 +64,7 @@ public class SystemUsersSetup {
         admin.setFamilyName("LibreCCM");
         admin.setGivenName("System Administrator");
         final EmailAddress adminEmail = new EmailAddress();
-        adminEmail.setAddress("admin@localhost");
+        adminEmail.setAddress("admin@libreccm.example");
         admin.setPrimaryEmailAddress(adminEmail);
 
         String adminPassword = DEFAULT_ADMIN_PW;

ccm-core/src/main/resources/db/migrations/org/libreccm/ccm_core/h2/V7_0_0_0__create_tables.sql

@@ -64,7 +64,7 @@
     create table CCM_CORE.CCM_OBJECTS (
         OBJECT_ID bigint not null,
         DISPLAY_NAME varchar(255),
-        UUID varchar(255) not null;
+        UUID varchar(255) not null,
         primary key (OBJECT_ID)
     );
 

ccm-core/src/main/resources/db/migrations/org/libreccm/ccm_core/pgsql/V7_0_0_0__create_tables.sql

@@ -65,7 +65,7 @@
     create table CCM_CORE.CCM_OBJECTS (
         OBJECT_ID int8 not null,
         DISPLAY_NAME varchar(255),
-        UUID varchar(255) not null;
+        UUID varchar(255) not null,
         primary key (OBJECT_ID)
     );
 

ccm-core/src/test/resources-wildfly8-managed-h2-mem/scripts/create_ccm_core_schema.sql

@@ -82,6 +82,7 @@ CREATE SCHEMA ccm_core;
     create table ccm_core.ccm_objects (
         object_id bigint not null,
         display_name varchar(255),
+        uuid varchar(255) not null,
         primary key (object_id)
     );