Hello everyone,
I have published a test app with my updates for flux user management on
github. It should import easily into Eclipse or just use mvn to build.
https://github.com/jlpainter/turbine-flux
I used the maven archetype to generate the app and made minimal updates
to get the sample app up and running. I then started to import my flux
code. The security service seems to be the main problem I am having as
it cannot make any updates to users/groups/roles.
If you can take a look and let me know how to fix it, that would be
great! This is the only thing preventing me from switching over to
Turbine 4.0 at the moment :-(
You will need to update the default username/password for the database.
I had a dummy account in there "ipsys"/"ip2002" which you should be able
to just do a search and replace on.
If we can get this working, I think it would be nice to push this code
back up as the old turbine flux doesn't seem to exist in SVN anymore...
luckily I had an old copy of the code on my machine from the jakarta days.
I am leaving for vacation tomorrow, so I won't be able to do any more
for another week or so.
Thanks,
Jeff
On 11/16/2017 05:29 PM, Jeffery Painter wrote:
I looked a little more at the test cases, and got my code setup enough
to try and call the fulcrum security service directly...
// try using fulcrum service
((TurbineModelManager)fulcrumSecurityService.getModelManager()).grant(fulcrumUser,
group, role);
The error logs are still reporting problems:
I verified that this loaded the user "dean" from the database as a
fulcrumUser and it came through with a class type of
com.jivecast.smartorder.om.TurbineUser rather than the wrapper that
the turbine security service provided. and now I get a
DataBackendException error on the grant call...
2017-11-16 17:24:43,722 [http-nio-8080-exec-3] DEBUG avalon - Located
the service 'org.apache.fulcrum.security.UserManager' in the local
container
2017-11-16 17:24:47,895 [http-nio-8080-exec-3] DEBUG
com.jivecast.smartorder.modules.actions.admin.UserAction -
fulcrumUser: com.jivecast.smartorder.om.TurbineUser
2017-11-16 17:24:54,147 [http-nio-8080-exec-3] DEBUG
avalon.peerManager - get cached
PeerInstance():com.jivecast.smartorder.om.TurbineGroupPeerImpl@3ccc32c
2017-11-16 17:24:55,750 [http-nio-8080-exec-3] DEBUG
avalon.peerManager - get cached
PeerInstance():com.jivecast.smartorder.om.TurbineRolePeerImpl@1f7f807
2017-11-16 17:24:56,031 [http-nio-8080-exec-3] DEBUG
avalon.peerManager - get cached
PeerInstance():com.jivecast.smartorder.om.TurbineRolePeerImpl@1f7f807
2017-11-16 17:24:56,315 [http-nio-8080-exec-3] DEBUG
avalon.peerManager - get cached
PeerInstance():com.jivecast.smartorder.om.TurbineRolePeerImpl@1f7f807
2017-11-16 17:24:56,599 [http-nio-8080-exec-3] DEBUG
avalon.peerManager - get cached
PeerInstance():com.jivecast.smartorder.om.TurbineGroupPeerImpl@3ccc32c
2017-11-16 17:25:03,129 [http-nio-8080-exec-3] DEBUG
avalon.peerManager - get cached
PeerInstance():com.jivecast.smartorder.om.TurbineGroupPeerImpl@3ccc32c
2017-11-16 17:25:03,143 [http-nio-8080-exec-3] DEBUG
avalon.peerManager - get cached
PeerInstance():com.jivecast.smartorder.om.TurbineRolePeerImpl@1f7f807
2017-11-16 17:25:09,097 [http-nio-8080-exec-3] DEBUG
com.jivecast.smartorder.modules.actions.admin.UserAction - Adding new
role to user: inventory
2017-11-16 17:25:10,535 [http-nio-8080-exec-3] DEBUG avalon - Located
the service 'org.apache.fulcrum.security.ModelManager' in the local
container
2017-11-16 17:25:10,545 [http-nio-8080-exec-3] DEBUG avalon - Located
the service 'org.apache.fulcrum.security.RoleManager' in the local
container
2017-11-16 17:25:10,547 [http-nio-8080-exec-3] DEBUG
avalon.peerManager - get cached
PeerInstance():com.jivecast.smartorder.om.TurbineRolePeerImpl@1f7f807
2017-11-16 17:25:10,560 [http-nio-8080-exec-3] DEBUG avalon - Located
the service 'org.apache.fulcrum.security.UserManager' in the local
container
2017-11-16 17:25:10,561 [http-nio-8080-exec-3] DEBUG
avalon.peerManager - get cached
PeerInstance():com.jivecast.smartorder.om.TurbineUserPeerImpl@86cedb4
2017-11-16 17:25:10,598 [http-nio-8080-exec-3] DEBUG avalon - Located
the service 'org.apache.fulcrum.security.GroupManager' in the local
container
2017-11-16 17:25:10,599 [http-nio-8080-exec-3] DEBUG
avalon.peerManager - get cached
PeerInstance():com.jivecast.smartorder.om.TurbineGroupPeerImpl@3ccc32c
2017-11-16 17:25:25,202 [http-nio-8080-exec-3] ERROR
com.jivecast.smartorder.modules.actions.admin.UserAction - Error
setting roles: org.apache.fulcrum.security.util.DataBackendException:
grant('dean', 'global', 'inventory') failed
any ideas?
--
Jeff
On 11/16/2017 05:00 PM, Jeffery Painter wrote:
Hi Georg,
I am making some good progress. I don't know if you remember the old
flux library for user management, but I have started to re-write that
to work with Turbine 4.0. I am having some troubles however with the
grant/revoke roles with casting the user object incorrectly from the
TurbineWrapper class. Can you help me with the issue I am having
below? I looked at the unit tests in the Turbine source for
inspiration on migrating, but it isn't recognizing the user class
properly. I even tried to manually downcast (see my code below), and
still cannot make it work.
If I can get this all working, I thought it might be useful to
publish a new flux library compatible with Turbine-4.0 for user
management as a guide to others on how to get started.
My logs show the following error when calling the grant/revoke method
on the security service when trying to add the "inventory" role to a
user:
2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG
com.jivecast.smartorder.modules.actions.admin.UserAction - Adding new
role to user: inventory
2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG avalon -
Located the service 'org.apache.fulcrum.security.RoleManager' in the
local container
2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG
avalon.peerManager - get cached
PeerInstance():com.jivecast.smartorder.om.TurbineRolePeerImpl@71897a2b
2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG avalon -
Located the service 'org.apache.fulcrum.security.UserManager' in the
local container
2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG
avalon.peerManager - get cached
PeerInstance():com.jivecast.smartorder.om.TurbineUserPeerImpl@448e6624
2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG avalon -
Located the service 'org.apache.fulcrum.security.GroupManager' in the
local container
2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG
avalon.peerManager - get cached
PeerInstance():com.jivecast.smartorder.om.TurbineGroupPeerImpl@151d470d
2017-11-16 16:49:26,919 [http-nio-8080-exec-13] ERROR
com.jivecast.smartorder.modules.actions.admin.UserAction - Error
setting roles: java.lang.ClassCastException:
com.jivecast.smartorder.wrapper.TurbineUserWrapper cannot be cast to
org.apache.fulcrum.security.torque.security.TorqueAbstractSecurityEntity
Here is the relevant code in my doRoles() method to make the new
assignment... it is modeled after the old flux methods:
I have the following import:
import org.apache.turbine.services.security.SecurityService;
and in the body of the class, I use the injection to get the instance
mapped
/** Injected service instance */
@TurbineService
private SecurityService security;
.... then my action class method is called doRoles() which does the
role assignment and fails
/**
* Update the roles that are to assigned to a user for a project.
*/
public void doRoles(PipelineData pipelineData, Context context)
throws Exception {
try {
RunData data = getRunData(pipelineData);
// Get the Turbine ACL implementation for our current
user, only admin can update user roles
TurbineAccessControlList adminAcl =
getRunData(data).getACL();
if (adminAcl.hasRole("administrator")) {
// Username of the account we are updating
String username =
data.getParameters().getString("username");
if (security.accountExists(username)) {
// Try to downcast for the security grant function
org.apache.turbine.om.security.User user =
(org.apache.turbine.om.security.User) security.getUser(username);
// Get the Turbine ACL implementation
TurbineAccessControlList acl =
security.getACL(user);
/*
* Grab all the Groups and Roles in the system.
*/
GroupSet groups = security.getAllGroups();
RoleSet roles = security.getAllRoles();
for (Group group : groups) {
String groupName = group.getName();
for (Role role : roles) {
String roleName = role.getName();
/*
* In the UserRoleForm.vm we made a
checkbox for every possible Group/Role
* combination so we will compare every
possible combination with the values
* that were checked off in the form. If
we have a match then we will grant the
* user the role in the group.
*/
String groupRole = groupName + roleName;
String formGroupRole =
data.getParameters().getString(groupRole);
if (formGroupRole != null &&
!acl.hasRole(role, group)) {
// add the role for this user
if (acl.hasRole(role) == false) {
log.debug("Adding new role to
user: " + role.getName());
security.grant(user, group, role);
}
} else if (formGroupRole == null &&
acl.hasRole(role, group)) {
// revoke the role for this user
log.debug("Revoke role: " +
role.getName());
security.revoke(user, group, role);
}
}
}
} else {
log.error("User does not exist!");
}
} else {
data.setMessage("You do not have access to perform
this action.");
}
} catch (Exception e) {
log.error("Error setting roles: " + e.toString());
}
}
--
Jeff Painter
CEO and Founder of JiveCast
Software and analytics, made together
http://jivecast.com
301 Fayetteville St. Unit 2301, Raleigh, NC 27601
(919) 533-9024
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
