Remove CustomTargetUrlResolver
It's not necessary, the standard strategy redirect to the original URL and if it's the default one, IndexController will redirect to the user default location.
This commit is contained in:
Oscar Gonzalez Fernandez
parent
368cbb7fa0
commit
64a630255c
5 changed files with 19 additions and 167 deletions
|
|
@ -21,7 +21,6 @@ package org.libreplan.web.common;
|
|||
|
||||
import org.libreplan.business.users.entities.UserRole;
|
||||
import org.libreplan.web.security.SecurityUtils;
|
||||
import org.libreplan.web.users.services.CustomTargetUrlResolver;
|
||||
import org.zkoss.zk.ui.Component;
|
||||
import org.zkoss.zk.ui.Executions;
|
||||
import org.zkoss.zk.ui.util.GenericForwardComposer;
|
||||
|
|
@ -34,6 +33,12 @@ import org.zkoss.zk.ui.util.GenericForwardComposer;
|
|||
@SuppressWarnings("serial")
|
||||
public class IndexController extends GenericForwardComposer {
|
||||
|
||||
public final static String USER_DASHBOARD_URL = "/myaccount/userDashboard.zul";
|
||||
|
||||
public static final String PLANNING_URL = "/planner/index.zul";
|
||||
|
||||
public static final String SETTINGS_URL = "/myaccount/settings.zul";
|
||||
|
||||
@Override
|
||||
public void doAfterCompose(Component comp) throws Exception {
|
||||
super.doAfterCompose(comp);
|
||||
|
|
@ -44,18 +49,18 @@ public class IndexController extends GenericForwardComposer {
|
|||
|
||||
private String getInitialPageURL() {
|
||||
if (SecurityUtils.isUserInRole(UserRole.ROLE_SUPERUSER)) {
|
||||
return CustomTargetUrlResolver.PLANNING_URL;
|
||||
return PLANNING_URL;
|
||||
}
|
||||
|
||||
if (SecurityUtils.isUserInRole(UserRole.ROLE_BOUND_USER)) {
|
||||
return CustomTargetUrlResolver.USER_DASHBOARD_URL;
|
||||
return USER_DASHBOARD_URL;
|
||||
}
|
||||
|
||||
if (SecurityUtils.isSuperuserOrRolePlanningOrHasAnyAuthorization()) {
|
||||
return CustomTargetUrlResolver.PLANNING_URL;
|
||||
return PLANNING_URL;
|
||||
}
|
||||
|
||||
return CustomTargetUrlResolver.SETTINGS_URL;
|
||||
return SETTINGS_URL;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -41,13 +41,13 @@ import org.libreplan.business.orders.entities.OrderElement;
|
|||
import org.libreplan.business.resources.entities.Resource;
|
||||
import org.libreplan.business.users.entities.UserRole;
|
||||
import org.libreplan.web.common.BaseCRUDController;
|
||||
import org.libreplan.web.common.IndexController;
|
||||
import org.libreplan.web.common.Level;
|
||||
import org.libreplan.web.common.Util;
|
||||
import org.libreplan.web.common.components.bandboxsearch.BandboxSearch;
|
||||
import org.libreplan.web.common.entrypoints.IURLHandlerRegistry;
|
||||
import org.libreplan.web.common.entrypoints.MatrixParameters;
|
||||
import org.libreplan.web.security.SecurityUtils;
|
||||
import org.libreplan.web.users.services.CustomTargetUrlResolver;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.zkoss.zk.ui.Component;
|
||||
import org.zkoss.zk.ui.Executions;
|
||||
|
|
@ -638,7 +638,7 @@ public class ExpenseSheetCRUDController extends
|
|||
@Override
|
||||
protected void showListWindow() {
|
||||
if (fromUserDashboard) {
|
||||
String url = CustomTargetUrlResolver.USER_DASHBOARD_URL;
|
||||
String url = IndexController.USER_DASHBOARD_URL;
|
||||
if (!cancel) {
|
||||
url += "?expense_sheet_saved="
|
||||
+ expenseSheetModel.getExpenseSheet().getCode();
|
||||
|
|
|
|||
|
|
@ -37,6 +37,7 @@ import org.libreplan.business.orders.entities.OrderElement;
|
|||
import org.libreplan.business.users.entities.UserRole;
|
||||
import org.libreplan.business.workingday.EffortDuration;
|
||||
import org.libreplan.web.common.IMessagesForUser;
|
||||
import org.libreplan.web.common.IndexController;
|
||||
import org.libreplan.web.common.Level;
|
||||
import org.libreplan.web.common.MessagesForUser;
|
||||
import org.libreplan.web.common.Util;
|
||||
|
|
@ -46,7 +47,6 @@ import org.libreplan.web.common.entrypoints.EntryPointsHandler.ICapture;
|
|||
import org.libreplan.web.common.entrypoints.IURLHandlerRegistry;
|
||||
import org.libreplan.web.common.entrypoints.MatrixParameters;
|
||||
import org.libreplan.web.security.SecurityUtils;
|
||||
import org.libreplan.web.users.services.CustomTargetUrlResolver;
|
||||
import org.springframework.util.Assert;
|
||||
import org.zkoss.util.Locales;
|
||||
import org.zkoss.zk.ui.Component;
|
||||
|
|
@ -729,7 +729,7 @@ public class PersonalTimesheetController extends GenericForwardComposer
|
|||
|
||||
public void save() {
|
||||
personalTimesheetModel.save();
|
||||
String url = CustomTargetUrlResolver.USER_DASHBOARD_URL
|
||||
String url = IndexController.USER_DASHBOARD_URL
|
||||
+ "?timesheet_saved=" + personalTimesheetModel.getDate();
|
||||
if (!personalTimesheetModel.isCurrentUser()) {
|
||||
url = WORK_REPORTS_URL + "?timesheet_saved=true";
|
||||
|
|
@ -751,7 +751,7 @@ public class PersonalTimesheetController extends GenericForwardComposer
|
|||
|
||||
public void cancel() {
|
||||
personalTimesheetModel.cancel();
|
||||
String url = CustomTargetUrlResolver.USER_DASHBOARD_URL;
|
||||
String url = IndexController.USER_DASHBOARD_URL;
|
||||
if (!personalTimesheetModel.isCurrentUser()) {
|
||||
url = WORK_REPORTS_URL;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,153 +0,0 @@
|
|||
/*
|
||||
* This file is part of LibrePlan
|
||||
*
|
||||
* Copyright (C) 2012 Igalia, S.L.
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package org.libreplan.web.users.services;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.libreplan.business.common.IAdHocTransactionService;
|
||||
import org.libreplan.business.common.IOnTransaction;
|
||||
import org.libreplan.business.common.exceptions.InstanceNotFoundException;
|
||||
import org.libreplan.business.users.daos.IOrderAuthorizationDAO;
|
||||
import org.libreplan.business.users.daos.IUserDAO;
|
||||
import org.libreplan.business.users.entities.User;
|
||||
import org.libreplan.business.users.entities.UserRole;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
|
||||
|
||||
/**
|
||||
* Determines the URL for authenticated users depending on if user is bound or
|
||||
* not to any resource.<br />
|
||||
*
|
||||
* If the user is bound to a resource then the target URL will be the user
|
||||
* dashboard.
|
||||
*
|
||||
* @author Manuel Rego Casasnovas <mrego@igalia.com>
|
||||
*/
|
||||
public class CustomTargetUrlResolver extends
|
||||
SavedRequestAwareAuthenticationSuccessHandler {
|
||||
|
||||
public final static String USER_DASHBOARD_URL = "/myaccount/userDashboard.zul";
|
||||
|
||||
public static final String PLANNING_URL = "/planner/index.zul";
|
||||
|
||||
public static final String SETTINGS_URL = "/myaccount/settings.zul";
|
||||
|
||||
@Autowired
|
||||
private IUserDAO userDAO;
|
||||
|
||||
@Autowired
|
||||
private IOrderAuthorizationDAO orderAuthorizationDAO;
|
||||
|
||||
@Autowired
|
||||
private IAdHocTransactionService transactionServiceDAO;
|
||||
|
||||
private ThreadLocal<Authentication> currentAuth = new ThreadLocal<Authentication>();
|
||||
|
||||
@Override
|
||||
public void onAuthenticationSuccess(HttpServletRequest request,
|
||||
HttpServletResponse response, Authentication auth)
|
||||
throws ServletException, IOException {
|
||||
|
||||
try {
|
||||
currentAuth.set(auth);
|
||||
super.onAuthenticationSuccess(request, response, auth);
|
||||
} finally {
|
||||
currentAuth.remove();
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
protected String determineTargetUrl(HttpServletRequest request,
|
||||
HttpServletResponse response) {
|
||||
|
||||
String targetURL = super.determineTargetUrl(request, response);
|
||||
// if using default URL, we may want to use one based on the current
|
||||
// user
|
||||
if (targetURL.equals(getDefaultTargetUrl())) {
|
||||
return calculatePreferedForUser(currentAuth.get());
|
||||
}
|
||||
return targetURL;
|
||||
}
|
||||
|
||||
private String calculatePreferedForUser(final Authentication auth) {
|
||||
if (isUserInSomeRole(auth, roles(UserRole.ROLE_BOUND_USER))) {
|
||||
return USER_DASHBOARD_URL;
|
||||
}
|
||||
|
||||
if (isUserInSomeRole(auth,
|
||||
roles(UserRole.ROLE_SUPERUSER, UserRole.ROLE_PLANNING))) {
|
||||
return getDefaultTargetUrl();
|
||||
}
|
||||
|
||||
if (!hasAnyAuthorization(auth)) {
|
||||
return SETTINGS_URL;
|
||||
}
|
||||
return getDefaultTargetUrl();
|
||||
}
|
||||
|
||||
private boolean hasAnyAuthorization(final Authentication auth) {
|
||||
return transactionServiceDAO
|
||||
.runOnReadOnlyTransaction(new IOnTransaction<Boolean>() {
|
||||
@Override
|
||||
public Boolean execute() {
|
||||
try {
|
||||
UserDetails userDetails = (UserDetails) auth.getPrincipal();
|
||||
User user = userDAO.findByLoginName(userDetails.getUsername());
|
||||
user.getProfiles().size();
|
||||
return orderAuthorizationDAO.userOrItsProfilesHaveAnyAuthorization(user);
|
||||
} catch (InstanceNotFoundException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static Set<String> roles(UserRole... roles) {
|
||||
Set<String> result = new HashSet<String>();
|
||||
for (UserRole each : roles) {
|
||||
result.add(each.name());
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
private boolean isUserInSomeRole(Authentication auth, Set<String> roles) {
|
||||
if ((auth == null) || (auth.getPrincipal() == null)
|
||||
|| (auth.getAuthorities() == null)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
for (GrantedAuthority authority : auth.getAuthorities()) {
|
||||
if (roles.contains(authority.getAuthority())) {
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
@ -217,16 +217,16 @@
|
|||
<beans:property name="authenticationManager" ref="authenticationManager" />
|
||||
<beans:property name="authenticationFailureHandler" ref="urlAuthenticationFailureHandler" />
|
||||
<beans:property name="allowSessionCreation" value="true" />
|
||||
<beans:property name="authenticationSuccessHandler" ref="customTargetUrlResolver" />
|
||||
<beans:property name="authenticationSuccessHandler" ref="targetUrlResolver" />
|
||||
</beans:bean>
|
||||
|
||||
<beans:bean id="urlAuthenticationFailureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
|
||||
<beans:property name="defaultFailureUrl" value="/common/layout/login.zul?login_error=true" />
|
||||
</beans:bean>
|
||||
|
||||
<beans:bean id="customTargetUrlResolver"
|
||||
class="org.libreplan.web.users.services.CustomTargetUrlResolver" >
|
||||
<beans:property name="defaultTargetUrl" value="/planner/index.zul" />
|
||||
<beans:bean id="targetUrlResolver"
|
||||
class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler" >
|
||||
<beans:property name="defaultTargetUrl" value="/common/index.zul" />
|
||||
</beans:bean>
|
||||
|
||||
</beans:beans>
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue