Author: bblfish
Date: Sun May 22 00:40:42 2011
New Revision: 1125851
URL: http://svn.apache.org/viewvc?rev=1125851&view=rev
Log:
CLEREZZA-515: ugly account name when logging in. This allows remote foaf name
to be displayed, making use of information from the WebID take from remote
users. It also does not force the creation of a local account name.
Added:
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/auth/WebIdPrincipal.java
- copied, changed from r1125850,
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/auth/PrincipalImpl.java
Modified:
incubator/clerezza/trunk/parent/platform.dashboard/platform.dashboard.core/src/main/java/org/apache/clerezza/platform/dashboard/UserLoginNode.java
incubator/clerezza/trunk/parent/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/FoafSslAuthentication.scala
incubator/clerezza/trunk/parent/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/WebIDClaim.scala
incubator/clerezza/trunk/parent/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/WebIDTester.scala
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/UserAwarePolicy.java
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/UserUnregisteredException.java
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/UserUtil.java
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/auth/PrincipalImpl.java
incubator/clerezza/trunk/parent/platform.usermanager/pom.xml
incubator/clerezza/trunk/parent/platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManager.java
incubator/clerezza/trunk/parent/platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManagerImpl.java
incubator/clerezza/trunk/parent/rdf.scala.utils/src/main/scala/org/apache/clerezza/rdf/scala/utils/EasyGraph.scala
incubator/clerezza/trunk/parent/web.resources.style/src/main/resources/org/apache/clerezza/web/resources/style/globalmenu-naked.ssp
Modified:
incubator/clerezza/trunk/parent/platform.dashboard/platform.dashboard.core/src/main/java/org/apache/clerezza/platform/dashboard/UserLoginNode.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/parent/platform.dashboard/platform.dashboard.core/src/main/java/org/apache/clerezza/platform/dashboard/UserLoginNode.java?rev=1125851&r1=1125850&r2=1125851&view=diff
==============================================================================
---
incubator/clerezza/trunk/parent/platform.dashboard/platform.dashboard.core/src/main/java/org/apache/clerezza/platform/dashboard/UserLoginNode.java
(original)
+++
incubator/clerezza/trunk/parent/platform.dashboard/platform.dashboard.core/src/main/java/org/apache/clerezza/platform/dashboard/UserLoginNode.java
Sun May 22 00:40:42 2011
@@ -37,6 +37,8 @@ import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Iterator;
+import javax.security.auth.Subject;
+
/**
* The login name is added to the user context node. The name is accessable via
* ssp template by using the context node
@@ -59,11 +61,11 @@ public class UserLoginNode implements Us
GraphNode agent = AccessController.doPrivileged(new
PrivilegedAction<GraphNode>() {
@Override
public GraphNode run() {
- final String userName =
UserUtil.getUserName(context);
- if (userName == null) {
+ final Subject subject =
UserUtil.getSubject(context);
+ if (subject == null) {
return null;
}
- return userManager.getUserGraphNode(userName);
+ return userManager.getUserGraphNode(subject);
}
});
if (agent != null) {
Modified:
incubator/clerezza/trunk/parent/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/FoafSslAuthentication.scala
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/parent/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/FoafSslAuthentication.scala?rev=1125851&r1=1125850&r2=1125851&view=diff
==============================================================================
---
incubator/clerezza/trunk/parent/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/FoafSslAuthentication.scala
(original)
+++
incubator/clerezza/trunk/parent/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/FoafSslAuthentication.scala
Sun May 22 00:40:42 2011
@@ -32,6 +32,7 @@ import org.apache.clerezza.platform.user
import org.slf4j.LoggerFactory
import java.util.Collections
import org.apache.clerezza.platform.security.UserUtil
+import org.apache.clerezza.rdf.scala.utils.EasyGraph
object FoafSslAuthentication {
@@ -40,11 +41,10 @@ object FoafSslAuthentication {
final val ANONYMOUS: String = "anonymous"
def createSystemUserDescription(claim: WebIDClaim): MGraph = {
- val result = new SimpleMGraph()
- result.add(new TripleImpl(claim.webId, PLATFORM.userName,
- new PlainLiteralImpl(claim.principal.getName)))
- result.add(new TripleImpl(claim.webId, RDF.`type`,
- FOAF.Agent))
+ val result = new EasyGraph()
+ import org.apache.clerezza.rdf.scala.utils.EasyGraph._
+ result.addType(claim.webId, FOAF.Agent)
+ //add(claim.webId, PLATFORM.userName,new
String(claim.webId.hashCode())).
result
}
@@ -84,7 +84,7 @@ class FoafSslAuthentication extends Weig
return true
} else {
return false
- }
+ }
}
def addAgentToSystem(id: WebIDClaim) {
Modified:
incubator/clerezza/trunk/parent/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/WebIDClaim.scala
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/parent/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/WebIDClaim.scala?rev=1125851&r1=1125850&r2=1125851&view=diff
==============================================================================
---
incubator/clerezza/trunk/parent/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/WebIDClaim.scala
(original)
+++
incubator/clerezza/trunk/parent/platform.security.foafssl/core/src/main/scala/org/apache/clerezza/foafssl/auth/WebIDClaim.scala
Sun May 22 00:40:42 2011
@@ -29,8 +29,8 @@ import java.util.LinkedList
import org.apache.clerezza.rdf.core._
import org.apache.clerezza.rdf.scala.utils.Preamble._
import java.security.PublicKey
-import org.apache.clerezza.platform.security.auth.PrincipalImpl
import scala.None
+import org.apache.clerezza.platform.security.auth.WebIdPrincipal
/**
* An X509 Claim maintains information about the proofs associated with claims
@@ -173,20 +173,7 @@ class WebIDVerificationError(msg: String
}
-object WebIdPrincipal {
- //todo: not at all a satisfactory username method. Find something
better.
- def userName(webId: UriRef) = for (c <- webId.getUnicodeString) yield
- c match {
- case ':' => '_';
- case '#' => '_';
- case '/' => '_';
- case _ => c
- }
-}
-class WebIdPrincipal(val webId: UriRef) extends
PrincipalImpl(WebIdPrincipal.userName(webId)) {
-
-}
object Verification extends Enumeration {
Modified:
incubator/clerezza/trunk/parent/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/WebIDTester.scala
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/parent/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/WebIDTester.scala?rev=1125851&r1=1125850&r2=1125851&view=diff
==============================================================================
---
incubator/clerezza/trunk/parent/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/WebIDTester.scala
(original)
+++
incubator/clerezza/trunk/parent/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/WebIDTester.scala
Sun May 22 00:40:42 2011
@@ -31,7 +31,8 @@ import org.apache.clerezza.rdf.core._
import access.NoSuchEntityException
import impl.{PlainLiteralImpl, TypedLiteralImpl, SimpleMGraph}
import org.apache.clerezza.foafssl.ontologies._
-import org.apache.clerezza.foafssl.auth.{WebIDClaim, Verification,
WebIdPrincipal, X509Claim}
+import org.apache.clerezza.platform.security.auth.WebIdPrincipal
+import org.apache.clerezza.foafssl.auth.{WebIDClaim, Verification, X509Claim}
import java.util.Date
import org.apache.clerezza.rdf.scala.utils.Preamble._
import org.apache.clerezza.rdf.scala.utils.{CollectedIter, EasyGraphNode,
EasyGraph, RichGraphNode}
@@ -212,7 +213,7 @@ class CertTester(subj: Subject, webIdGra
â EARL.result ⶠ(g.bnode â EARL.TestResult
â DC.description ⶠ{"found
" + principals.size + " valid principals"}
â EARL.outcome ⶠ{if
(principals.size > 0) EARL.passed else EARL.failed}
- â EARL.pointer â¶*
principals.map(p => p.webId)
+ â EARL.pointer â¶*
principals.map(p => p.getWebId)
)
â EARL.subject â¶* x509claimRefs.map(p => p._1)
)
Modified:
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/UserAwarePolicy.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/UserAwarePolicy.java?rev=1125851&r1=1125850&r2=1125851&view=diff
==============================================================================
---
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/UserAwarePolicy.java
(original)
+++
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/UserAwarePolicy.java
Sun May 22 00:40:42 2011
@@ -27,17 +27,13 @@ import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.ProtectionDomain;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
+import java.util.*;
+
import org.apache.clerezza.platform.config.SystemConfig;
+import org.apache.clerezza.platform.security.auth.PrincipalImpl;
+import org.apache.clerezza.platform.security.auth.WebIdPrincipal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -97,18 +93,21 @@ public class UserAwarePolicy extends Pol
@Override
public PermissionCollection getPermissions(final ProtectionDomain
domain) {
- PermissionCollection result;
+ PermissionCollection result=null;
Principal[] principals = domain.getPrincipals();
if (principals.length > 0) {
- final Principal user = domain.getPrincipals()[0];
-
- result = cache.getCachedUserPermissions(user);
- if (result != null) {
- return result;
- } else {
- result =
getUserPermissionsFromSystemGraph(user);
- cache.cacheUserPermissions(user, result);
+ for (Principal user : domain.getPrincipals()) {
+ PermissionCollection res =
cache.getCachedUserPermissions(user);
+ if (null == res) {
+ res =
getUserPermissionsFromSystemGraph(user);
+ cache.cacheUserPermissions(user, res);
+ }
+ if (null == result) {
+ result = res;
+ } else for (Enumeration<Permission> pnum =
res.elements(); pnum.hasMoreElements(); ) {
+ result.add(pnum.nextElement());
+ }
}
} else {
result = originalPolicy.getPermissions(domain);
@@ -140,8 +139,7 @@ public class UserAwarePolicy extends Pol
public Object run() {
logger.debug("Get permissions for user " +
user.getName());
- List<String> permissions =
getAllPermissionsOfAUserByName(user
- .getName());
+ List<String> permissions =
getAllPermissionsOfAUser(user);
for (String permissionStr : permissions) {
logger.debug("Add permission {}",
permissionStr);
Permission perm =
permissionMap.get(permissionStr);
@@ -172,39 +170,46 @@ public class UserAwarePolicy extends Pol
* are his/her own permissions and the permissions of his roles
*
*/
- private List<String> getAllPermissionsOfAUserByName(String userName)
+ private List<String> getAllPermissionsOfAUser(Principal principal)
throws UserUnregisteredException {
- NonLiteral user = getUserByName(userName);
+ NonLiteral user = getUser(principal);
- List<String> result = getPermissionEntriesOfAUser(user,
userName);
+ List<String> result = getPermissionEntriesOfAUser(user,
principal);
Iterator<Triple> roleTriples = systemGraph.filter(user,
SIOC.has_function, null);
while (roleTriples.hasNext()) {
NonLiteral anotherRole = (NonLiteral) roleTriples.next()
.getObject();
- result.addAll(getPermissionEntriesOfARole(anotherRole,
userName, user));
+ result.addAll(getPermissionEntriesOfARole(anotherRole,
principal, user));
}
Iterator<NonLiteral> baseRoles =
getResourcesOfType(PERMISSION.BaseRole);
while(baseRoles.hasNext()) {
-
result.addAll(getPermissionEntriesOfARole(baseRoles.next(), userName, user));
+
result.addAll(getPermissionEntriesOfARole(baseRoles.next(), principal, user));
}
return result;
}
- private NonLiteral getUserByName(String userName)
+ private NonLiteral getUser(Principal principal)
throws UserUnregisteredException {
- Iterator<Triple> triples = systemGraph.filter(null,
PLATFORM.userName,
- new PlainLiteralImpl(userName));
- if (triples.hasNext()) {
- return triples.next().getSubject();
+ if (principal instanceof WebIdPrincipal) {
+ return ((WebIdPrincipal)principal).getWebId();
+ } else {
+ Iterator<Triple> triples = systemGraph.filter(
+ null,
+ PLATFORM.userName,
+ new
PlainLiteralImpl(principal.getName()));
+
+ if (triples.hasNext()) {
+ return triples.next().getSubject();
+ }
}
- throw new UserUnregisteredException(userName);
+ throw new UserUnregisteredException(principal);
}
- private List<String> getPermissionEntriesOfAUser(NonLiteral user,
String userName) {
+ private List<String> getPermissionEntriesOfAUser(NonLiteral user,
Principal userName) {
List<String> result = getPermissionEntriesOfARole(user,
userName, user);
if (user instanceof UriRef) {
synchronized(permissionProviders) {
@@ -216,7 +221,7 @@ public class UserAwarePolicy extends Pol
return result;
}
//note that users are roles too
- private List<String> getPermissionEntriesOfARole(NonLiteral role,
String userName, NonLiteral user) {
+ private List<String> getPermissionEntriesOfARole(NonLiteral role,
Principal principal, NonLiteral user) {
List<String> result = new ArrayList<String>();
Iterator<Triple> permsForRole = systemGraph.filter(role,
PERMISSION.hasPermission, null);
@@ -229,8 +234,10 @@ public class UserAwarePolicy extends Pol
PlainLiteralImpl permissionEntry =
(PlainLiteralImpl) javaPermForRole
.next().getObject();
String permission =
permissionEntry.getLexicalForm();
- if(permission.contains("{username}")) {
- permission =
permission.replace("{username}",userName);
+ if(principal instanceof PrincipalImpl) {
+ if(permission.contains("{username}")) {
+ permission =
permission.replace("{username}",principal.getName());
+ }
}
result.add(permission);
}
Modified:
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/UserUnregisteredException.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/UserUnregisteredException.java?rev=1125851&r1=1125850&r2=1125851&view=diff
==============================================================================
---
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/UserUnregisteredException.java
(original)
+++
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/UserUnregisteredException.java
Sun May 22 00:40:42 2011
@@ -18,6 +18,8 @@
*/
package org.apache.clerezza.platform.security;
+import java.security.Principal;
+
/**
* Thrown if a user with the specified name is supposed to be but not
registered
* in the system graph
@@ -26,7 +28,7 @@ package org.apache.clerezza.platform.sec
*/
public class UserUnregisteredException extends RuntimeException {
- public UserUnregisteredException(String name) {
- super("User " + name + " does not exist in the system graph");
+ public UserUnregisteredException(Principal name) {
+ super("User with principal " + name + " does not exist in the
system graph");
}
}
Modified:
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/UserUtil.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/UserUtil.java?rev=1125851&r1=1125850&r2=1125851&view=diff
==============================================================================
---
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/UserUtil.java
(original)
+++
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/UserUtil.java
Sun May 22 00:40:42 2011
@@ -72,7 +72,13 @@ public class UserUtil {
Iterator<Principal> iter = principals.iterator();
String name = null;
if (iter.hasNext()) {
+ Principal p = iter.next();
+ if (p instanceof PrincipalImpl)
name = iter.next().getName();
+ else {
+ //one could find the username by searching the
RDB, but that would have to be
+ //a service.
+ }
}
return name;
}
Modified:
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/auth/PrincipalImpl.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/auth/PrincipalImpl.java?rev=1125851&r1=1125850&r2=1125851&view=diff
==============================================================================
---
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/auth/PrincipalImpl.java
(original)
+++
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/auth/PrincipalImpl.java
Sun May 22 00:40:42 2011
@@ -45,6 +45,12 @@ public class PrincipalImpl implements Pr
}
@Override
+ public String toString() {
+ return "Username Principal: '"+name+"'";
+ }
+
+
+ @Override
public int hashCode() {
return getName().hashCode();
}
Copied:
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/auth/WebIdPrincipal.java
(from r1125850,
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/auth/PrincipalImpl.java)
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/auth/WebIdPrincipal.java?p2=incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/auth/WebIdPrincipal.java&p1=incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/auth/PrincipalImpl.java&r1=1125850&r2=1125851&rev=1125851&view=diff
==============================================================================
---
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/auth/PrincipalImpl.java
(original)
+++
incubator/clerezza/trunk/parent/platform.security/src/main/java/org/apache/clerezza/platform/security/auth/WebIdPrincipal.java
Sun May 22 00:40:42 2011
@@ -7,7 +7,7 @@
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
@@ -16,37 +16,49 @@
* specific language governing permissions and limitations
* under the License.
*/
+
package org.apache.clerezza.platform.security.auth;
+import org.apache.clerezza.rdf.core.UriRef;
+
import java.security.Principal;
/**
+ * A Principal for WebIDs
+ * (as there can be some for Social Security numbers,...)
*
- * @author clemens
+ * @author bblfish
+ * @created: 21/05/2011
*/
-public class PrincipalImpl implements Principal {
- private String name;
+public class WebIdPrincipal implements Principal {
+ protected UriRef webid;
- public PrincipalImpl(String name){
- this.name = name;
- }
-
- @Override
- public String getName() {
- return name;
+ public WebIdPrincipal(UriRef webid) {
+ this.webid = webid;
}
- @Override
+ public UriRef getWebId() { return webid; }
+
+ @Override
public boolean equals(Object obj) {
- if (!(obj instanceof PrincipalImpl)) {
+ if (!(obj instanceof WebIdPrincipal)) {
return false;
}
- return getName().equals(((PrincipalImpl)obj).getName());
+ return webid.equals(((WebIdPrincipal)obj).webid);
+ }
+
+ @Override
+ public String toString() {
+ return "WebId Principal: '"+getName()+"'";
}
@Override
public int hashCode() {
- return getName().hashCode();
+ return webid.hashCode();
}
+ @Override
+ public String getName() {
+ return webid.getUnicodeString();
+ }
}
Modified: incubator/clerezza/trunk/parent/platform.usermanager/pom.xml
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/parent/platform.usermanager/pom.xml?rev=1125851&r1=1125850&r2=1125851&view=diff
==============================================================================
--- incubator/clerezza/trunk/parent/platform.usermanager/pom.xml (original)
+++ incubator/clerezza/trunk/parent/platform.usermanager/pom.xml Sun May 22
00:40:42 2011
@@ -49,7 +49,11 @@
<groupId>org.apache.clerezza</groupId>
<artifactId>platform.security</artifactId>
</dependency>
- </dependencies>
+ <dependency>
+ <groupId>org.apache.clerezza</groupId>
+ <artifactId>platform.users.core</artifactId>
+ </dependency>
+ </dependencies>
<build>
<plugins>
<plugin>
Modified:
incubator/clerezza/trunk/parent/platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManager.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/parent/platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManager.java?rev=1125851&r1=1125850&r2=1125851&view=diff
==============================================================================
---
incubator/clerezza/trunk/parent/platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManager.java
(original)
+++
incubator/clerezza/trunk/parent/platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManager.java
Sun May 22 00:40:42 2011
@@ -25,6 +25,8 @@ import java.util.List;
import org.apache.clerezza.rdf.core.NonLiteral;
import org.apache.clerezza.rdf.utils.GraphNode;
+import javax.security.auth.Subject;
+
/**
* An implementation of this interface provides methods to manage data about
* users and their roles.
@@ -187,7 +189,7 @@ public interface UserManager {
* @param name The username of the user
* @return GraphNode representing the user (WebID or blank node) with
some context in a dedicated MGraph
*/
- public GraphNode getUserGraphNode(String name);
+ public GraphNode getUserGraphNode(Subject name);
/**
* Returns the <code>GraphNode</code> pointing to the user with the
Modified:
incubator/clerezza/trunk/parent/platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManagerImpl.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/parent/platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManagerImpl.java?rev=1125851&r1=1125850&r2=1125851&view=diff
==============================================================================
---
incubator/clerezza/trunk/parent/platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManagerImpl.java
(original)
+++
incubator/clerezza/trunk/parent/platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManagerImpl.java
Sun May 22 00:40:42 2011
@@ -19,12 +19,7 @@
package org.apache.clerezza.platform.usermanager;
import java.io.UnsupportedEncodingException;
-import java.security.AccessController;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.Policy;
-import java.security.PrivilegedAction;
-import java.security.SecurityPermission;
+import java.security.*;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
@@ -32,19 +27,17 @@ import java.util.List;
import java.util.Set;
import java.util.concurrent.locks.Lock;
import org.apache.clerezza.platform.config.SystemConfig;
+import org.apache.clerezza.platform.security.auth.WebIdPrincipal;
+import org.apache.clerezza.platform.users.WebIdGraphsService;
+import org.apache.clerezza.platform.users.WebIdInfo;
+import org.apache.clerezza.rdf.core.*;
+import org.apache.clerezza.rdf.utils.UnionMGraph;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.Service;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.apache.clerezza.platform.graphprovider.content.ContentGraphProvider;
-import org.apache.clerezza.rdf.core.BNode;
-import org.apache.clerezza.rdf.core.MGraph;
-import org.apache.clerezza.rdf.core.NonLiteral;
-import org.apache.clerezza.rdf.core.PlainLiteral;
-import org.apache.clerezza.rdf.core.Resource;
-import org.apache.clerezza.rdf.core.Triple;
-import org.apache.clerezza.rdf.core.UriRef;
import org.apache.clerezza.rdf.core.access.LockableMGraph;
import org.apache.clerezza.rdf.core.access.SecuredMGraph;
import org.apache.clerezza.rdf.core.access.TcManager;
@@ -60,6 +53,8 @@ import org.apache.clerezza.rdf.ontologie
import org.apache.clerezza.rdf.ontologies.SIOC;
import org.apache.clerezza.rdf.utils.GraphNode;
+import javax.security.auth.Subject;
+
/**
* @author hasan, tio
*/
@@ -73,6 +68,9 @@ public class UserManagerImpl implements
@Reference
TcManager tcManager;
+ @Reference
+ WebIdGraphsService webIdGraphsService;
+
private final Logger logger = LoggerFactory.getLogger(getClass());
@Reference(target = SystemConfig.SYSTEM_GRAPH_FILTER)
@@ -702,21 +700,44 @@ public class UserManagerImpl implements
}
@Override
- public GraphNode getUserGraphNode(final String name) {
+ public GraphNode getUserGraphNode(final Subject subject) {
LockableMGraph systemGraph = getSystemGraph();
- NonLiteral user = getUserByUserName(name);
+ NonLiteral user = getUserBySubject(subject);
+
if (user != null) {
- GraphNode userNodeInSystemGraph =
- new GraphNode(getUserByUserName(name),
systemGraph);
+ GraphNode userNodeInSystemGraph = new GraphNode(user,
systemGraph);
MGraph copiedUserContext = new
SimpleMGraph(userNodeInSystemGraph.getNodeContext());
- return new GraphNode(userNodeInSystemGraph.getNode(),
- copiedUserContext);
+ if (user instanceof UriRef) {
+ WebIdInfo webIdInfo =
webIdGraphsService.getWebIdInfo((UriRef) user);
+ Graph graph = new GraphNode(user,
webIdInfo.publicProfile()).getNodeContext();
+ copiedUserContext.addAll(graph);
+ }
+ return new GraphNode(user,copiedUserContext);
} else {
return null;
}
}
- private NonLiteral getUserByUserName(String name) {
+ private NonLiteral getUserBySubject(final Subject subject) {
+ LockableMGraph systemGraph = getSystemGraph();
+ Lock readLock = systemGraph.getLock().readLock();
+ readLock.lock();
+ try {
+ for (Principal principal : subject.getPrincipals()) {
+ //here we can verify that all principals point
to the same subject
+ //but currently we just take the first. Also
the method could return a list of resources
+ if (principal instanceof WebIdPrincipal) {
+ return ((WebIdPrincipal)
principal).getWebId();
+ } else return
getUserByName(principal.getName());
+ }
+ } finally {
+ readLock.unlock();
+ }
+ return null;
+ }
+
+
+ private NonLiteral getUserByUserName(final String name) {
LockableMGraph systemGraph = getSystemGraph();
Lock readLock = systemGraph.getLock().readLock();
readLock.lock();
Modified:
incubator/clerezza/trunk/parent/rdf.scala.utils/src/main/scala/org/apache/clerezza/rdf/scala/utils/EasyGraph.scala
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/parent/rdf.scala.utils/src/main/scala/org/apache/clerezza/rdf/scala/utils/EasyGraph.scala?rev=1125851&r1=1125850&r2=1125851&view=diff
==============================================================================
---
incubator/clerezza/trunk/parent/rdf.scala.utils/src/main/scala/org/apache/clerezza/rdf/scala/utils/EasyGraph.scala
(original)
+++
incubator/clerezza/trunk/parent/rdf.scala.utils/src/main/scala/org/apache/clerezza/rdf/scala/utils/EasyGraph.scala
Sun May 22 00:40:42 2011
@@ -162,7 +162,7 @@ class EasyGraph(val graph: TripleCollect
*/
def add(subj: NonLiteral, relation: UriRef, obj: Resource ) = {
graph.add(new TripleImpl(subj,relation,obj))
- graph
+ this
}
/**
@@ -173,7 +173,7 @@ class EasyGraph(val graph: TripleCollect
*/
def addType(subj: NonLiteral, clazz: UriRef) = {
graph.add(new TripleImpl(subj,RDF.`type`,clazz))
- graph
+ this
}
//note one could have an apply for a Literal that would return a
InversePredicate
Modified:
incubator/clerezza/trunk/parent/web.resources.style/src/main/resources/org/apache/clerezza/web/resources/style/globalmenu-naked.ssp
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/parent/web.resources.style/src/main/resources/org/apache/clerezza/web/resources/style/globalmenu-naked.ssp?rev=1125851&r1=1125850&r2=1125851&view=diff
==============================================================================
---
incubator/clerezza/trunk/parent/web.resources.style/src/main/resources/org/apache/clerezza/web/resources/style/globalmenu-naked.ssp
(original)
+++
incubator/clerezza/trunk/parent/web.resources.style/src/main/resources/org/apache/clerezza/web/resources/style/globalmenu-naked.ssp
Sun May 22 00:40:42 2011
@@ -2,6 +2,7 @@ def menu(s: Any) = new UriRef("http://cl
def rdfs(s: Any) = new UriRef("http://www.w3.org/2000/01/rdf-schema#"+s)
def platform(s: Any) = new UriRef("http://clerezza.org/2009/08/platform#"+s)
def dct(s: Any) = new UriRef("http://purl.org/dc/terms/"+s)
+import org.apache.clerezza.rdf.ontologies.FOAF
resultDocModifier.addScriptReference("/style/scripts/login.js");
@@ -15,16 +16,23 @@ resultDocModifier.addScriptReference("/s
</div>
<div id="tx-login">
- {
- val username =
(context/platform("user")/platform("userName")*)
- if((username).equals("anonymous")) {
- <span>
- <a href="#"
id="tx-login-button">login</a>
- </span>
- } else {
- <span><a href={"/user/" +
username + "/control-panel"}>{username}</a>|<a href="/logout">logout</a></span>
- }
- }
+ {
+ val user = context/platform("user")
+ val username = (user/platform("userName")*)
+
+ <span>{
+ if("anonymous" == username) <a href="#"
id="tx-login-button">login</a>
+ else <span>
+ <a href={
+ if (""!=username) { "/user/" + username +
"/control-panel"}
+ else {
"/browse/person?uri="+java.net.URLEncoder.encode(user*)}
+ }>{
+ if (""!=username) { username } else { user/FOAF.name }
+ }</a>
+ <a href="/logout">logout</a>
+ </span>
+ }</span>
+ }
</div>
<div id="tx-logo"><a href=""></a></div>
