CCM NG:

- Some updates caused by the integration of the UUID field in CcmObject - Better integration for Shiro (inspired by https://issues.apache.org/jira/browse/SHIRO-337).) git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@3855 8810af33-2d31-482b-a856-94f89814c4df
2016-02-11 14:05:29 +00:00 · 2016-02-11 14:05:29 +00:00 · 5bb5bf7ac6
parent 5b1055c485
commit 5bb5bf7ac6
9 changed files with 84 additions and 61 deletions
--- a/ccm-core/src/main/java/com/arsdigita/ui/admin/AdminApplicationSetup.java
+++ b/ccm-core/src/main/java/com/arsdigita/ui/admin/AdminApplicationSetup.java
@ -18,6 +18,7 @@
 */
 package com.arsdigita.ui.admin;

+import java.util.UUID;
 import org.libreccm.modules.InstallEvent;
 import org.libreccm.web.CcmApplication;
 import org.libreccm.web.AbstractCcmApplicationSetup;
@ -39,6 +40,7 @@ public class AdminApplicationSetup extends AbstractCcmApplicationSetup {
    @Override
    public void setup() {
        final CcmApplication admin = new CcmApplication();
+        admin.setUuid(UUID.randomUUID().toString());
        admin.setApplicationType(ADMIN_APP_NAME);
        admin.setPrimaryUrl(AdminConstants.ADMIN_PAGE_URL);
        
--- a/ccm-core/src/main/java/com/arsdigita/ui/login/LoginApplicationSetup.java
+++ b/ccm-core/src/main/java/com/arsdigita/ui/login/LoginApplicationSetup.java
@ -18,6 +18,7 @@
 */
 package com.arsdigita.ui.login;

+import java.util.UUID;
 import org.libreccm.modules.InstallEvent;
 import org.libreccm.web.AbstractCcmApplicationSetup;
 import org.libreccm.web.CcmApplication;
@ -38,6 +39,7 @@ public class LoginApplicationSetup extends AbstractCcmApplicationSetup {
    @Override
    public void setup() {
        final CcmApplication login = new CcmApplication();
+        login.setUuid(UUID.randomUUID().toString());
        login.setApplicationType(LOGIN_APP_NAME);
        login.setPrimaryUrl(LoginConstants.LOGIN_PAGE_URL);

--- a/ccm-core/src/main/java/com/arsdigita/web/URL.java
+++ b/ccm-core/src/main/java/com/arsdigita/web/URL.java
@ -914,7 +914,7 @@ public class URL {
    static URL login(final HttpServletRequest sreq) {
        //Replace register eventuelly...
        return URL.excursion(sreq, 
-                             "/register",
+                             "/register/",
                             (ParameterMap) s_empty.get());
    }

--- a/ccm-core/src/main/java/org/libreccm/categorization/RegistrySetup.java
+++ b/ccm-core/src/main/java/org/libreccm/categorization/RegistrySetup.java
@ -18,6 +18,7 @@
 */
 package org.libreccm.categorization;

+import java.util.UUID;
 import org.libreccm.configuration.ConfigurationConstants;
 import org.libreccm.modules.InstallEvent;

@ -39,9 +40,11 @@ public class RegistrySetup {
        final Domain registry = new Domain();
        registry.setDomainKey(ConfigurationConstants.REGISTRY_DOMAIN);
        registry.setVersion("1.0");
+        registry.setUuid(UUID.randomUUID().toString());
        registry.setDisplayName(ConfigurationConstants.REGISTRY_DOMAIN);
        
        final Category root = new Category();
+        root.setUuid(UUID.randomUUID().toString());
        root.setName(ConfigurationConstants.REGISTRY_DOMAIN + "-root");
        root.setDisplayName(ConfigurationConstants.REGISTRY_DOMAIN + "-root");
        
--- a/ccm-core/src/main/java/org/libreccm/security/Shiro.java
+++ b/ccm-core/src/main/java/org/libreccm/security/Shiro.java
@ -19,81 +19,41 @@
 package org.libreccm.security;

 import com.arsdigita.kernel.KernelConfig;
+import java.lang.reflect.InvocationHandler;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.lang.reflect.Proxy;

-import javax.annotation.PostConstruct;
 import javax.enterprise.context.ApplicationScoped;
-import javax.enterprise.context.RequestScoped;
-import javax.enterprise.inject.Default;
 import javax.enterprise.inject.Produces;
 import javax.inject.Inject;
 import javax.inject.Named;
-import javax.inject.Singleton;
-import javax.servlet.ServletContext;
-
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
 import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.config.IniSecurityManagerFactory;
 import org.apache.shiro.mgt.SecurityManager;
+import org.apache.shiro.session.Session;
 import org.apache.shiro.subject.PrincipalCollection;
 import org.apache.shiro.subject.SimplePrincipalCollection;
 import org.apache.shiro.subject.Subject;
-import org.apache.shiro.web.env.EnvironmentLoader;
-import org.apache.shiro.web.env.WebEnvironment;

 /**
 * This application scoped CDI bean acts as bridge between CDI and Shiro. It
 * initialises the Shiro environment and provides the Shiro
 * {@link SecurityManager} and the current Shiro {@link Subject} via CDI
 * producer methods.
+ * 
+ * This class is based on the implementation for the upcoming CDI integration
+ * of Shiro discussed at https://issues.apache.org/jira/browse/SHIRO-337 and
+ * the implementation which can be found at https://github.com/hwellmann/shiro 
+ * (commit 8a40df0).
 *
 * @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
 */
@ApplicationScoped
-//@Singleton
 public class Shiro {

-    private static final Logger LOGGER = LogManager.getLogger(
-            Shiro.class);
-
-    @Inject
-    private ServletContext servletContext;
-
    @Inject
    private UserRepository userRepository;

-    /**
-     * Path to the Shiro INI file.
-     */
-    private static final String INI_FILE = "classpath:shiro.ini";
-
-    /**
-     * The Shiro {@code SecurityManager}.
-     */
-    private SecurityManager securityManager;
-
-    /**
-     * Initialises Shiro. The CDI container will call this method after creating
-     * an instance of this bean.
-     */
-    @PostConstruct
-    public void init() {
-//        LOGGER.debug("Shiro initialising...");
-//        securityManager = new IniSecurityManagerFactory(
-//                INI_FILE)
-//                .createInstance();
-//        LOGGER.debug("Shiro SecurityManager created sucessfully.");
-//        SecurityUtils.setSecurityManager(securityManager);
-//        LOGGER.debug("Shiro initialised successfully.");
-        //securityManager = SecurityUtils.getSecurityManager();
-
-        final WebEnvironment environment = (WebEnvironment) servletContext.
-                getAttribute(EnvironmentLoader.ENVIRONMENT_ATTRIBUTE_KEY);
-
-        securityManager = environment.getSecurityManager();
-        SecurityUtils.setSecurityManager(securityManager);
-    }
-
    /**
     * Provides access Shiro's {@link SecurityManager}.
     *
@ -102,12 +62,7 @@ public class Shiro {
    @Produces
    @Named("securityManager")
    public SecurityManager getSecurityManager() {
-        return securityManager;
-//        return SecurityUtils.getSecurityManager();
-//        final WebEnvironment environment = (WebEnvironment) servletContext.
-//                getAttribute(EnvironmentLoader.ENVIRONMENT_ATTRIBUTE_KEY);
-//
-//        return environment.getSecurityManager();
+        return proxy(SecurityManager.class, new SubjectInvocationHandler());
    }

    /**
@ -118,7 +73,12 @@ public class Shiro {
     */
    @Produces
    public Subject getSubject() {
-        return SecurityUtils.getSubject();
+        return proxy(Subject.class, new SubjectInvocationHandler());
+    }
+
+    @Produces
+    public Session getSession() {
+        return proxy(Session.class, new SessionInvocationHandler());
    }

    public Subject getPublicUser() {
@ -155,4 +115,59 @@ public class Shiro {
        return publicUser;
    }

+    private <T> T proxy(final Class<T> clazz, final InvocationHandler handler) {
+        return (T) Proxy.newProxyInstance(getClass().getClassLoader(),
+                                          new Class<?>[]{clazz},
+                                          handler);
+    }
+
+    private static abstract class Handler implements InvocationHandler {
+
+        public abstract Object handlerInvoke(Object proxy,
+                                             Method method,
+                                             Object[] args) throws Throwable;
+
+        @Override
+        public Object invoke(final Object proxy,
+                             final Method method,
+                             Object[] args) throws Throwable {
+            try {
+                return handlerInvoke(proxy, method, args);
+            } catch (InvocationTargetException ex) {
+                throw ex.getTargetException();
+            }
+        }
+    }
+
+    private static class SubjectInvocationHandler extends Handler {
+
+        @Override
+        public Object handlerInvoke(final Object proxy,
+                                    final Method method,
+                                    final Object[] args) throws Throwable {
+            return method.invoke(SecurityUtils.getSubject(), args);
+        }
+    }
+
+    private static class SecurityManagerInvocationHandler extends Handler {
+
+        @Override
+        public Object handlerInvoke(final Object proxy,
+                                    final Method method,
+                                    final Object[] args) throws Throwable {
+            return method.invoke(SecurityUtils.getSecurityManager(), args);
+        }
+
+    }
+
+    private class SessionInvocationHandler extends Handler {
+
+        @Override
+        public Object handlerInvoke(final Object proxy,
+                                    final Method method,
+                                    final Object[] args) throws Throwable {
+            return method.invoke(SecurityUtils.getSubject().getSession(), args);
+        }
+    }
+
 }
--- a/ccm-core/src/main/java/org/libreccm/security/SystemUsersSetup.java
+++ b/ccm-core/src/main/java/org/libreccm/security/SystemUsersSetup.java
@ -64,7 +64,7 @@ public class SystemUsersSetup {
        admin.setFamilyName("LibreCCM");
        admin.setGivenName("System Administrator");
        final EmailAddress adminEmail = new EmailAddress();
-        adminEmail.setAddress("admin@localhost");
+        adminEmail.setAddress("admin@libreccm.example");
        admin.setPrimaryEmailAddress(adminEmail);

        String adminPassword = DEFAULT_ADMIN_PW;
--- a/ccm-core/src/main/resources/db/migrations/org/libreccm/ccm_core/h2/V7_0_0_0__create_tables.sql
+++ b/ccm-core/src/main/resources/db/migrations/org/libreccm/ccm_core/h2/V7_0_0_0__create_tables.sql
@ -64,7 +64,7 @@
    create table CCM_CORE.CCM_OBJECTS (
        OBJECT_ID bigint not null,
        DISPLAY_NAME varchar(255),
-        UUID varchar(255) not null;
+        UUID varchar(255) not null,
        primary key (OBJECT_ID)
    );

--- a/ccm-core/src/main/resources/db/migrations/org/libreccm/ccm_core/pgsql/V7_0_0_0__create_tables.sql
+++ b/ccm-core/src/main/resources/db/migrations/org/libreccm/ccm_core/pgsql/V7_0_0_0__create_tables.sql
@ -65,7 +65,7 @@
    create table CCM_CORE.CCM_OBJECTS (
        OBJECT_ID int8 not null,
        DISPLAY_NAME varchar(255),
-        UUID varchar(255) not null;
+        UUID varchar(255) not null,
        primary key (OBJECT_ID)
    );

--- a/ccm-core/src/test/resources-wildfly8-managed-h2-mem/scripts/create_ccm_core_schema.sql
+++ b/ccm-core/src/test/resources-wildfly8-managed-h2-mem/scripts/create_ccm_core_schema.sql
@ -82,6 +82,7 @@ CREATE SCHEMA ccm_core;
    create table ccm_core.ccm_objects (
        object_id bigint not null,
        display_name varchar(255),
+        uuid varchar(255) not null,
        primary key (object_id)
    );