Coverage Report

Coverage Report - org.kuali.student.security.spring.KSDefaultUserDetailsService

Classes in this File

Line Coverage

Branch Coverage

Complexity

KSDefaultUserDetailsService

0/48

0/18

2.222

 /**
  * Copyright 2010 The Kuali Foundation Licensed under the
  * Educational Community License, Version 2.0 (the "License"); you may
  * not use this file except in compliance with the License. You may
  * obtain a copy of the License at
  *
  * http://www.osedu.org/licenses/ECL-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an "AS IS"
  * BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
  * or implied. See the License for the specific language governing
  * permissions and limitations under the License.
  */
 
 package org.kuali.student.security.spring;
 
 import java.util.ArrayList;
 
 import org.kuali.rice.core.config.Config;
 import org.kuali.rice.core.config.ConfigContext;
 import org.kuali.rice.kim.bo.entity.dto.KimPrincipalInfo;
 import org.kuali.rice.kim.bo.role.dto.KimRoleInfo;
 import org.kuali.rice.kim.service.IdentityService;
 import org.kuali.rice.kim.service.RoleService;
 import org.kuali.student.common.rice.StudentIdentityConstants;
 import org.kuali.student.common.util.security.UserWithId;
 import org.springframework.security.GrantedAuthority;
 import org.springframework.security.userdetails.UserDetails;
 import org.springframework.security.userdetails.UserDetailsService;
 import org.springframework.security.userdetails.UsernameNotFoundException;
 import org.springframework.security.util.AuthorityUtils;
 import org.springframework.util.StringUtils;
 
 
 /**
  * This is a description of what this class does - Rich don't forget to fill this in. 
  * 
  * @author Kuali Student Team
  *
  */
 public class KSDefaultUserDetailsService implements UserDetailsService{
 
    
     protected boolean enabled = true;
     protected boolean nonlocked = true;
     
     protected Config config = null;
     
     protected IdentityService identityService = null; // This is added so we can get the correct principal ID
     protected RoleService roleService = null;  // needed for future client overrides.
     
     
    
 
         public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
         String password;
         
         if(username==null || username.equals("")){
             throw new UsernameNotFoundException("Username cannot be null or empty");
         }
         
         // This is for the dummy KS Login
         password = username;        
         
         KimPrincipalInfo kimPrincipalInfo = null;
         kimPrincipalInfo = identityService.getPrincipalByPrincipalName(username);                
         
         String userId;
         if (null != kimPrincipalInfo) {
             username = kimPrincipalInfo.getPrincipalName();
             userId = kimPrincipalInfo.getPrincipalId();
         } else {
         // When a UsernameNotFoundException is thrown, spring security will proceed to the next AuthenticationProvider on the list.
         // When Rice is running and username is not found in KIM, we want authentication to stop and allow the user to enter the correct username.
         // to do this we need to throw a AccountStatusException and not UsernameNotFoundException.
             //System.out.println("kimPrincipalInfo is null ");
             throw new KimUserNotFoundException("Invalid username or password");  
         }
         UserWithId ksuser = new UserWithId(username, password, enabled, true, true, nonlocked, getGrantedAuthority(userId));
         ksuser.setUserId(userId);                     
         
         return ksuser;
     }
     
     protected GrantedAuthority[] getGrantedAuthority(String principalId){
             
             String springRoles = "";
             
             // KS Administrator
             ArrayList<String> adminRoleIdList = new ArrayList<String>();
              KimRoleInfo adminRole = roleService.getRoleByName(StudentIdentityConstants.KS_NAMESPACE_CD, StudentIdentityConstants.KSCM_ADMIN_ROLE_NAME);
             if(adminRole != null) {
                     adminRoleIdList.add(adminRole.getRoleId());
             }
 
             // KS User
         ArrayList<String> ksUserRoleIdList = new ArrayList<String>();
         KimRoleInfo ksUserRole = roleService.getRoleByName(StudentIdentityConstants.KS_NAMESPACE_CD, StudentIdentityConstants.KSCM_USER_ROLE_NAME);
         if(ksUserRole != null) {
                 ksUserRoleIdList.add(ksUserRole.getRoleId());
         }            
         
         ArrayList<String> ksSpringRolesList = new ArrayList<String>();
        
         if(roleService.principalHasRole(principalId, adminRoleIdList, null)){
                 ksSpringRolesList.add("ROLE_KS_ADMIN");
         }
         if(roleService.principalHasRole(principalId, ksUserRoleIdList, null)){
                 ksSpringRolesList.add("ROLE_KS_USER");
         }  
          
         // Enable backdoor login. The LUMMain.jsp has will actually display the login. 
         if (enableBackdoorLogin()) {
                 ksSpringRolesList.add("ROLE_KS_BACKDOOR");
         }
         
         springRoles = StringUtils.collectionToCommaDelimitedString(ksSpringRolesList);
         return AuthorityUtils.commaSeparatedStringToAuthorityArray(springRoles);                
         
     }
     
     public Config getConfig() {
             if(this.config == null){
                     this.config = ConfigContext.getCurrentContextConfig();
             }
                 return config;
         }
 
         public void setConfig(Config config) {
                 this.config = config;
         }
         
          public void setIdentityService(IdentityService identityService) {
                 this.identityService = identityService;
          }
             
          protected boolean enableBackdoorLogin() {
              return "true".equalsIgnoreCase(getConfig().getProperty("enableKSBackdoorLogin"));
          }
                 
          public RoleService getRoleService() {            
                  return roleService;
          }
 
         public void setRoleService(RoleService roleService) {
                 this.roleService = roleService;
         }
         
         public IdentityService getIdentityService() {
                 return identityService;
         }
 }

1		/**
2		* Copyright 2010 The Kuali Foundation Licensed under the
3		* Educational Community License, Version 2.0 (the "License"); you may
4		* not use this file except in compliance with the License. You may
5		* obtain a copy of the License at
6		*
7		* http://www.osedu.org/licenses/ECL-2.0
8		*
9		* Unless required by applicable law or agreed to in writing,
10		* software distributed under the License is distributed on an "AS IS"
11		* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
12		* or implied. See the License for the specific language governing
13		* permissions and limitations under the License.
14		*/
15
16		package org.kuali.student.security.spring;
17
18		import java.util.ArrayList;
19
20		import org.kuali.rice.core.config.Config;
21		import org.kuali.rice.core.config.ConfigContext;
22		import org.kuali.rice.kim.bo.entity.dto.KimPrincipalInfo;
23		import org.kuali.rice.kim.bo.role.dto.KimRoleInfo;
24		import org.kuali.rice.kim.service.IdentityService;
25		import org.kuali.rice.kim.service.RoleService;
26		import org.kuali.student.common.rice.StudentIdentityConstants;
27		import org.kuali.student.common.util.security.UserWithId;
28		import org.springframework.security.GrantedAuthority;
29		import org.springframework.security.userdetails.UserDetails;
30		import org.springframework.security.userdetails.UserDetailsService;
31		import org.springframework.security.userdetails.UsernameNotFoundException;
32		import org.springframework.security.util.AuthorityUtils;
33		import org.springframework.util.StringUtils;
34
35
36		/**
37		* This is a description of what this class does - Rich don't forget to fill this in.
38		*
39		* @author Kuali Student Team
40		*
41		*/
42	0	public class KSDefaultUserDetailsService implements UserDetailsService{
43
44
45	0	protected boolean enabled = true;
46	0	protected boolean nonlocked = true;
47
48	0	protected Config config = null;
49
50	0	protected IdentityService identityService = null; // This is added so we can get the correct principal ID
51	0	protected RoleService roleService = null; // needed for future client overrides.
52
53
54
55
56		public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
57		String password;
58
59	0	if(username==null \|\| username.equals("")){
60	0	throw new UsernameNotFoundException("Username cannot be null or empty");
61		}
62
63		// This is for the dummy KS Login
64	0	password = username;
65
66	0	KimPrincipalInfo kimPrincipalInfo = null;
67	0	kimPrincipalInfo = identityService.getPrincipalByPrincipalName(username);
68
69		String userId;
70	0	if (null != kimPrincipalInfo) {
71	0	username = kimPrincipalInfo.getPrincipalName();
72	0	userId = kimPrincipalInfo.getPrincipalId();
73		} else {
74		// When a UsernameNotFoundException is thrown, spring security will proceed to the next AuthenticationProvider on the list.
75		// When Rice is running and username is not found in KIM, we want authentication to stop and allow the user to enter the correct username.
76		// to do this we need to throw a AccountStatusException and not UsernameNotFoundException.
77		//System.out.println("kimPrincipalInfo is null ");
78	0	throw new KimUserNotFoundException("Invalid username or password");
79		}
80	0	UserWithId ksuser = new UserWithId(username, password, enabled, true, true, nonlocked, getGrantedAuthority(userId));
81	0	ksuser.setUserId(userId);
82
83	0	return ksuser;
84		}
85
86		protected GrantedAuthority[] getGrantedAuthority(String principalId){
87
88	0	String springRoles = "";
89
90		// KS Administrator
91	0	ArrayList<String> adminRoleIdList = new ArrayList<String>();
92	0	KimRoleInfo adminRole = roleService.getRoleByName(StudentIdentityConstants.KS_NAMESPACE_CD, StudentIdentityConstants.KSCM_ADMIN_ROLE_NAME);
93	0	if(adminRole != null) {
94	0	adminRoleIdList.add(adminRole.getRoleId());
95		}
96
97		// KS User
98	0	ArrayList<String> ksUserRoleIdList = new ArrayList<String>();
99	0	KimRoleInfo ksUserRole = roleService.getRoleByName(StudentIdentityConstants.KS_NAMESPACE_CD, StudentIdentityConstants.KSCM_USER_ROLE_NAME);
100	0	if(ksUserRole != null) {
101	0	ksUserRoleIdList.add(ksUserRole.getRoleId());
102		}
103
104	0	ArrayList<String> ksSpringRolesList = new ArrayList<String>();
105
106	0	if(roleService.principalHasRole(principalId, adminRoleIdList, null)){
107	0	ksSpringRolesList.add("ROLE_KS_ADMIN");
108		}
109	0	if(roleService.principalHasRole(principalId, ksUserRoleIdList, null)){
110	0	ksSpringRolesList.add("ROLE_KS_USER");
111		}
112
113		// Enable backdoor login. The LUMMain.jsp has will actually display the login.
114	0	if (enableBackdoorLogin()) {
115	0	ksSpringRolesList.add("ROLE_KS_BACKDOOR");
116		}
117
118	0	springRoles = StringUtils.collectionToCommaDelimitedString(ksSpringRolesList);
119	0	return AuthorityUtils.commaSeparatedStringToAuthorityArray(springRoles);
120
121		}
122
123		public Config getConfig() {
124	0	if(this.config == null){
125	0	this.config = ConfigContext.getCurrentContextConfig();
126		}
127	0	return config;
128		}
129
130		public void setConfig(Config config) {
131	0	this.config = config;
132	0	}
133
134		public void setIdentityService(IdentityService identityService) {
135	0	this.identityService = identityService;
136	0	}
137
138		protected boolean enableBackdoorLogin() {
139	0	return "true".equalsIgnoreCase(getConfig().getProperty("enableKSBackdoorLogin"));
140		}
141
142		public RoleService getRoleService() {
143	0	return roleService;
144		}
145
146		public void setRoleService(RoleService roleService) {
147	0	this.roleService = roleService;
148	0	}
149
150		public IdentityService getIdentityService() {
151	0	return identityService;
152		}
153		}