Hi Georg,
I am making some good progress. I don't know if you remember the old
flux library for user management, but I have started to re-write that to
work with Turbine 4.0. I am having some troubles however with the
grant/revoke roles with casting the user object incorrectly from the
TurbineWrapper class. Can you help me with the issue I am having
below? I looked at the unit tests in the Turbine source for inspiration
on migrating, but it isn't recognizing the user class properly. I even
tried to manually downcast (see my code below), and still cannot make it
work.
If I can get this all working, I thought it might be useful to publish a
new flux library compatible with Turbine-4.0 for user management as a
guide to others on how to get started.
My logs show the following error when calling the grant/revoke method on
the security service when trying to add the "inventory" role to a user:
2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG
com.jivecast.smartorder.modules.actions.admin.UserAction - Adding new
role to user: inventory
2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG avalon - Located
the service 'org.apache.fulcrum.security.RoleManager' in the local container
2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG avalon.peerManager
- get cached
PeerInstance():com.jivecast.smartorder.om.TurbineRolePeerImpl@71897a2b
2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG avalon - Located
the service 'org.apache.fulcrum.security.UserManager' in the local container
2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG avalon.peerManager
- get cached
PeerInstance():com.jivecast.smartorder.om.TurbineUserPeerImpl@448e6624
2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG avalon - Located
the service 'org.apache.fulcrum.security.GroupManager' in the local
container
2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG avalon.peerManager
- get cached
PeerInstance():com.jivecast.smartorder.om.TurbineGroupPeerImpl@151d470d
2017-11-16 16:49:26,919 [http-nio-8080-exec-13] ERROR
com.jivecast.smartorder.modules.actions.admin.UserAction - Error setting
roles: java.lang.ClassCastException:
com.jivecast.smartorder.wrapper.TurbineUserWrapper cannot be cast to
org.apache.fulcrum.security.torque.security.TorqueAbstractSecurityEntity
Here is the relevant code in my doRoles() method to make the new
assignment... it is modeled after the old flux methods:
I have the following import:
import org.apache.turbine.services.security.SecurityService;
and in the body of the class, I use the injection to get the instance mapped
/** Injected service instance */
@TurbineService
private SecurityService security;
.... then my action class method is called doRoles() which does the role
assignment and fails
/**
* Update the roles that are to assigned to a user for a project.
*/
public void doRoles(PipelineData pipelineData, Context context)
throws Exception {
try {
RunData data = getRunData(pipelineData);
// Get the Turbine ACL implementation for our current user,
only admin can update user roles
TurbineAccessControlList adminAcl = getRunData(data).getACL();
if (adminAcl.hasRole("administrator")) {
// Username of the account we are updating
String username =
data.getParameters().getString("username");
if (security.accountExists(username)) {
// Try to downcast for the security grant function
org.apache.turbine.om.security.User user =
(org.apache.turbine.om.security.User) security.getUser(username);
// Get the Turbine ACL implementation
TurbineAccessControlList acl = security.getACL(user);
/*
* Grab all the Groups and Roles in the system.
*/
GroupSet groups = security.getAllGroups();
RoleSet roles = security.getAllRoles();
for (Group group : groups) {
String groupName = group.getName();
for (Role role : roles) {
String roleName = role.getName();
/*
* In the UserRoleForm.vm we made a
checkbox for every possible Group/Role
* combination so we will compare every
possible combination with the values
* that were checked off in the form. If we
have a match then we will grant the
* user the role in the group.
*/
String groupRole = groupName + roleName;
String formGroupRole =
data.getParameters().getString(groupRole);
if (formGroupRole != null &&
!acl.hasRole(role, group)) {
// add the role for this user
if (acl.hasRole(role) == false) {
log.debug("Adding new role to user:
" + role.getName());
security.grant(user, group, role);
}
} else if (formGroupRole == null &&
acl.hasRole(role, group)) {
// revoke the role for this user
log.debug("Revoke role: " +
role.getName());
security.revoke(user, group, role);
}
}
}
} else {
log.error("User does not exist!");
}
} else {
data.setMessage("You do not have access to perform this
action.");
}
} catch (Exception e) {
log.error("Error setting roles: " + e.toString());
}
}
--
Jeff Painter
CEO and Founder of JiveCast
Software and analytics, made together
http://jivecast.com
301 Fayetteville St. Unit 2301, Raleigh, NC 27601
(919) 533-9024
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
