From 64a630255cb00acf8fa1d0e33853ea596bccc78e Mon Sep 17 00:00:00 2001 From: Oscar Gonzalez Fernandez Date: Wed, 30 Apr 2014 18:34:03 +0200 Subject: [PATCH] Remove CustomTargetUrlResolver It's not necessary, the standard strategy redirect to the original URL and if it's the default one, IndexController will redirect to the user default location. --- .../libreplan/web/common/IndexController.java | 15 +- .../ExpenseSheetCRUDController.java | 4 +- .../PersonalTimesheetController.java | 6 +- .../services/CustomTargetUrlResolver.java | 153 ------------------ ...ibreplan-webapp-spring-security-config.xml | 8 +- 5 files changed, 19 insertions(+), 167 deletions(-) delete mode 100644 libreplan-webapp/src/main/java/org/libreplan/web/users/services/CustomTargetUrlResolver.java diff --git a/libreplan-webapp/src/main/java/org/libreplan/web/common/IndexController.java b/libreplan-webapp/src/main/java/org/libreplan/web/common/IndexController.java index 33e48c783..e3cb43dd1 100644 --- a/libreplan-webapp/src/main/java/org/libreplan/web/common/IndexController.java +++ b/libreplan-webapp/src/main/java/org/libreplan/web/common/IndexController.java @@ -21,7 +21,6 @@ package org.libreplan.web.common; import org.libreplan.business.users.entities.UserRole; import org.libreplan.web.security.SecurityUtils; -import org.libreplan.web.users.services.CustomTargetUrlResolver; import org.zkoss.zk.ui.Component; import org.zkoss.zk.ui.Executions; import org.zkoss.zk.ui.util.GenericForwardComposer; @@ -34,6 +33,12 @@ import org.zkoss.zk.ui.util.GenericForwardComposer; @SuppressWarnings("serial") public class IndexController extends GenericForwardComposer { + public final static String USER_DASHBOARD_URL = "/myaccount/userDashboard.zul"; + + public static final String PLANNING_URL = "/planner/index.zul"; + + public static final String SETTINGS_URL = "/myaccount/settings.zul"; + @Override public void doAfterCompose(Component comp) throws Exception { super.doAfterCompose(comp); @@ -44,18 +49,18 @@ public class IndexController extends GenericForwardComposer { private String getInitialPageURL() { if (SecurityUtils.isUserInRole(UserRole.ROLE_SUPERUSER)) { - return CustomTargetUrlResolver.PLANNING_URL; + return PLANNING_URL; } if (SecurityUtils.isUserInRole(UserRole.ROLE_BOUND_USER)) { - return CustomTargetUrlResolver.USER_DASHBOARD_URL; + return USER_DASHBOARD_URL; } if (SecurityUtils.isSuperuserOrRolePlanningOrHasAnyAuthorization()) { - return CustomTargetUrlResolver.PLANNING_URL; + return PLANNING_URL; } - return CustomTargetUrlResolver.SETTINGS_URL; + return SETTINGS_URL; } } diff --git a/libreplan-webapp/src/main/java/org/libreplan/web/expensesheet/ExpenseSheetCRUDController.java b/libreplan-webapp/src/main/java/org/libreplan/web/expensesheet/ExpenseSheetCRUDController.java index 22208094c..cd7abfe3b 100644 --- a/libreplan-webapp/src/main/java/org/libreplan/web/expensesheet/ExpenseSheetCRUDController.java +++ b/libreplan-webapp/src/main/java/org/libreplan/web/expensesheet/ExpenseSheetCRUDController.java @@ -41,13 +41,13 @@ import org.libreplan.business.orders.entities.OrderElement; import org.libreplan.business.resources.entities.Resource; import org.libreplan.business.users.entities.UserRole; import org.libreplan.web.common.BaseCRUDController; +import org.libreplan.web.common.IndexController; import org.libreplan.web.common.Level; import org.libreplan.web.common.Util; import org.libreplan.web.common.components.bandboxsearch.BandboxSearch; import org.libreplan.web.common.entrypoints.IURLHandlerRegistry; import org.libreplan.web.common.entrypoints.MatrixParameters; import org.libreplan.web.security.SecurityUtils; -import org.libreplan.web.users.services.CustomTargetUrlResolver; import org.springframework.beans.factory.annotation.Autowired; import org.zkoss.zk.ui.Component; import org.zkoss.zk.ui.Executions; @@ -638,7 +638,7 @@ public class ExpenseSheetCRUDController extends @Override protected void showListWindow() { if (fromUserDashboard) { - String url = CustomTargetUrlResolver.USER_DASHBOARD_URL; + String url = IndexController.USER_DASHBOARD_URL; if (!cancel) { url += "?expense_sheet_saved=" + expenseSheetModel.getExpenseSheet().getCode(); diff --git a/libreplan-webapp/src/main/java/org/libreplan/web/users/dashboard/PersonalTimesheetController.java b/libreplan-webapp/src/main/java/org/libreplan/web/users/dashboard/PersonalTimesheetController.java index 7f4a69ab5..fc05c07e6 100644 --- a/libreplan-webapp/src/main/java/org/libreplan/web/users/dashboard/PersonalTimesheetController.java +++ b/libreplan-webapp/src/main/java/org/libreplan/web/users/dashboard/PersonalTimesheetController.java @@ -37,6 +37,7 @@ import org.libreplan.business.orders.entities.OrderElement; import org.libreplan.business.users.entities.UserRole; import org.libreplan.business.workingday.EffortDuration; import org.libreplan.web.common.IMessagesForUser; +import org.libreplan.web.common.IndexController; import org.libreplan.web.common.Level; import org.libreplan.web.common.MessagesForUser; import org.libreplan.web.common.Util; @@ -46,7 +47,6 @@ import org.libreplan.web.common.entrypoints.EntryPointsHandler.ICapture; import org.libreplan.web.common.entrypoints.IURLHandlerRegistry; import org.libreplan.web.common.entrypoints.MatrixParameters; import org.libreplan.web.security.SecurityUtils; -import org.libreplan.web.users.services.CustomTargetUrlResolver; import org.springframework.util.Assert; import org.zkoss.util.Locales; import org.zkoss.zk.ui.Component; @@ -729,7 +729,7 @@ public class PersonalTimesheetController extends GenericForwardComposer public void save() { personalTimesheetModel.save(); - String url = CustomTargetUrlResolver.USER_DASHBOARD_URL + String url = IndexController.USER_DASHBOARD_URL + "?timesheet_saved=" + personalTimesheetModel.getDate(); if (!personalTimesheetModel.isCurrentUser()) { url = WORK_REPORTS_URL + "?timesheet_saved=true"; @@ -751,7 +751,7 @@ public class PersonalTimesheetController extends GenericForwardComposer public void cancel() { personalTimesheetModel.cancel(); - String url = CustomTargetUrlResolver.USER_DASHBOARD_URL; + String url = IndexController.USER_DASHBOARD_URL; if (!personalTimesheetModel.isCurrentUser()) { url = WORK_REPORTS_URL; } diff --git a/libreplan-webapp/src/main/java/org/libreplan/web/users/services/CustomTargetUrlResolver.java b/libreplan-webapp/src/main/java/org/libreplan/web/users/services/CustomTargetUrlResolver.java deleted file mode 100644 index 7237e39e9..000000000 --- a/libreplan-webapp/src/main/java/org/libreplan/web/users/services/CustomTargetUrlResolver.java +++ /dev/null @@ -1,153 +0,0 @@ -/* - * This file is part of LibrePlan - * - * Copyright (C) 2012 Igalia, S.L. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -package org.libreplan.web.users.services; - -import java.io.IOException; -import java.util.HashSet; -import java.util.Set; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.libreplan.business.common.IAdHocTransactionService; -import org.libreplan.business.common.IOnTransaction; -import org.libreplan.business.common.exceptions.InstanceNotFoundException; -import org.libreplan.business.users.daos.IOrderAuthorizationDAO; -import org.libreplan.business.users.daos.IUserDAO; -import org.libreplan.business.users.entities.User; -import org.libreplan.business.users.entities.UserRole; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; - -/** - * Determines the URL for authenticated users depending on if user is bound or - * not to any resource.
- * - * If the user is bound to a resource then the target URL will be the user - * dashboard. - * - * @author Manuel Rego Casasnovas - */ -public class CustomTargetUrlResolver extends - SavedRequestAwareAuthenticationSuccessHandler { - - public final static String USER_DASHBOARD_URL = "/myaccount/userDashboard.zul"; - - public static final String PLANNING_URL = "/planner/index.zul"; - - public static final String SETTINGS_URL = "/myaccount/settings.zul"; - - @Autowired - private IUserDAO userDAO; - - @Autowired - private IOrderAuthorizationDAO orderAuthorizationDAO; - - @Autowired - private IAdHocTransactionService transactionServiceDAO; - - private ThreadLocal currentAuth = new ThreadLocal(); - - @Override - public void onAuthenticationSuccess(HttpServletRequest request, - HttpServletResponse response, Authentication auth) - throws ServletException, IOException { - - try { - currentAuth.set(auth); - super.onAuthenticationSuccess(request, response, auth); - } finally { - currentAuth.remove(); - } - } - - @Override - protected String determineTargetUrl(HttpServletRequest request, - HttpServletResponse response) { - - String targetURL = super.determineTargetUrl(request, response); - // if using default URL, we may want to use one based on the current - // user - if (targetURL.equals(getDefaultTargetUrl())) { - return calculatePreferedForUser(currentAuth.get()); - } - return targetURL; - } - - private String calculatePreferedForUser(final Authentication auth) { - if (isUserInSomeRole(auth, roles(UserRole.ROLE_BOUND_USER))) { - return USER_DASHBOARD_URL; - } - - if (isUserInSomeRole(auth, - roles(UserRole.ROLE_SUPERUSER, UserRole.ROLE_PLANNING))) { - return getDefaultTargetUrl(); - } - - if (!hasAnyAuthorization(auth)) { - return SETTINGS_URL; - } - return getDefaultTargetUrl(); - } - - private boolean hasAnyAuthorization(final Authentication auth) { - return transactionServiceDAO - .runOnReadOnlyTransaction(new IOnTransaction() { - @Override - public Boolean execute() { - try { - UserDetails userDetails = (UserDetails) auth.getPrincipal(); - User user = userDAO.findByLoginName(userDetails.getUsername()); - user.getProfiles().size(); - return orderAuthorizationDAO.userOrItsProfilesHaveAnyAuthorization(user); - } catch (InstanceNotFoundException e) { - throw new RuntimeException(e); - } - } - }); - } - - private static Set roles(UserRole... roles) { - Set result = new HashSet(); - for (UserRole each : roles) { - result.add(each.name()); - } - return result; - } - - private boolean isUserInSomeRole(Authentication auth, Set roles) { - if ((auth == null) || (auth.getPrincipal() == null) - || (auth.getAuthorities() == null)) { - return false; - } - - for (GrantedAuthority authority : auth.getAuthorities()) { - if (roles.contains(authority.getAuthority())) { - return true; - } - - } - return false; - } -} diff --git a/libreplan-webapp/src/main/resources/libreplan-webapp-spring-security-config.xml b/libreplan-webapp/src/main/resources/libreplan-webapp-spring-security-config.xml index d3bfef2cb..f375a15be 100644 --- a/libreplan-webapp/src/main/resources/libreplan-webapp-spring-security-config.xml +++ b/libreplan-webapp/src/main/resources/libreplan-webapp-spring-security-config.xml @@ -217,16 +217,16 @@ - + - - + +