Extend API and config to support auth services per role

src/main/java/de/thm/arsnova/controller/LoginController.java

@@ -59,6 +59,7 @@ import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.text.MessageFormat;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collection;
 import java.util.List;
 
@@ -75,39 +76,46 @@ public class LoginController extends AbstractController {
 	@Value("${customization.path}") private String customizationPath;
 
 	@Value("${security.guest.enabled}") private String guestEnabled;
-	@Value("${security.guest.lecturer.enabled}") private String guestLecturerEnabled;
+	@Value("${security.guest.allowed-roles:speaker,student}") private String[] guestRoles;
 	@Value("${security.guest.order}") private int guestOrder;
 
 	@Value("${security.custom-login.enabled}") private String customLoginEnabled;
+	@Value("${security.custom-login.allowed-roles:speaker,student}") private String[] customLoginRoles;
 	@Value("${security.custom-login.title:University}") private String customLoginTitle;
 	@Value("${security.custom-login.login-dialog-path}") private String customLoginDialog;
 	@Value("${security.custom-login.image:}") private String customLoginImage;
 	@Value("${security.custom-login.order}") private int customLoginOrder;
 
 	@Value("${security.user-db.enabled}") private String dbAuthEnabled;
+	@Value("${security.user-db.allowed-roles:speaker,student}") private String[] dbAuthRoles;
 	@Value("${security.user-db.title:ARSnova}") private String dbAuthTitle;
 	@Value("${security.user-db.login-dialog-path}") private String dbAuthDialog;
 	@Value("${security.user-db.image:}") private String dbAuthImage;
 	@Value("${security.user-db.order}") private int dbAuthOrder;
 
 	@Value("${security.ldap.enabled}") private String ldapEnabled;
+	@Value("${security.ldap.allowed-roles:speaker,student}") private String[] ldapRoles;
 	@Value("${security.ldap.title:LDAP}") private String ldapTitle;
 	@Value("${security.ldap.login-dialog-path}") private String ldapDialog;
 	@Value("${security.ldap.image:}") private String ldapImage;
 	@Value("${security.ldap.order}") private int ldapOrder;
 
 	@Value("${security.cas.enabled}") private String casEnabled;
+	@Value("${security.cas.allowed-roles:speaker,student}") private String[] casRoles;
 	@Value("${security.cas.title:CAS}") private String casTitle;
 	@Value("${security.cas.image:}") private String casImage;
 	@Value("${security.cas.order}") private int casOrder;
 
 	@Value("${security.facebook.enabled}") private String facebookEnabled;
+	@Value("${security.facebook.enabled-roles:speaker,student}") private String[] facebookRoles;
 	@Value("${security.facebook.order}") private int facebookOrder;
 
 	@Value("${security.google.enabled}") private String googleEnabled;
+	@Value("${security.google.allowed-roles:speaker,student}") private String[] googleRoles;
 	@Value("${security.google.order}") private int googleOrder;
 
 	@Value("${security.twitter.enabled}") private String twitterEnabled;
+	@Value("${security.twitter.allowed-roles:speaker,student}") private String[] twitterRoles;
 	@Value("${security.twitter.order}") private int twitterOrder;
 
 	@Autowired(required = false)
@@ -309,12 +317,10 @@ public class LoginController extends AbstractController {
 			ServiceDescription sdesc = new ServiceDescription(
 				"guest",
 				"Guest",
-				null
+				null,
+				guestRoles
 			);
 			sdesc.setOrder(guestOrder);
-			if (!"true".equals(guestLecturerEnabled)) {
-				sdesc.setAllowLecturer(false);
-			}
 			services.add(sdesc);
 		}
 
@@ -323,6 +329,7 @@ public class LoginController extends AbstractController {
 				"custom",
 				customLoginTitle,
 				customizationPath + "/" + customLoginDialog + "?redirect={0}",
+				customLoginRoles,
 				customLoginImage
 			);
 			sdesc.setOrder(customLoginOrder);
@@ -334,6 +341,7 @@ public class LoginController extends AbstractController {
 				"arsnova",
 				dbAuthTitle,
 				customizationPath + "/" + dbAuthDialog + "?redirect={0}",
+				dbAuthRoles,
 				dbAuthImage
 			);
 			sdesc.setOrder(dbAuthOrder);
@@ -345,6 +353,7 @@ public class LoginController extends AbstractController {
 				"ldap",
 				ldapTitle,
 				customizationPath + "/" + ldapDialog + "?redirect={0}",
+				ldapRoles,
 				ldapImage
 			);
 			sdesc.setOrder(ldapOrder);
@@ -355,7 +364,8 @@ public class LoginController extends AbstractController {
 			ServiceDescription sdesc = new ServiceDescription(
 				"cas",
 				casTitle,
-				MessageFormat.format(dialogUrl, "cas")
+				MessageFormat.format(dialogUrl, "cas"),
+				casRoles
 			);
 			sdesc.setOrder(casOrder);
 			services.add(sdesc);
@@ -365,7 +375,8 @@ public class LoginController extends AbstractController {
 			ServiceDescription sdesc = new ServiceDescription(
 				"facebook",
 				"Facebook",
-				MessageFormat.format(dialogUrl, "facebook")
+				MessageFormat.format(dialogUrl, "facebook"),
+				facebookRoles
 			);
 			sdesc.setOrder(facebookOrder);
 			services.add(sdesc);
@@ -375,7 +386,8 @@ public class LoginController extends AbstractController {
 			ServiceDescription sdesc = new ServiceDescription(
 				"google",
 				"Google",
-				MessageFormat.format(dialogUrl, "google")
+				MessageFormat.format(dialogUrl, "google"),
+				googleRoles
 			);
 			sdesc.setOrder(googleOrder);
 			services.add(sdesc);
@@ -385,7 +397,8 @@ public class LoginController extends AbstractController {
 			ServiceDescription sdesc = new ServiceDescription(
 				"twitter",
 				"Twitter",
-				MessageFormat.format(dialogUrl, "twitter")
+				MessageFormat.format(dialogUrl, "twitter"),
+				twitterRoles
 			);
 			sdesc.setOrder(twitterOrder);
 			services.add(sdesc);

src/main/java/de/thm/arsnova/entities/ServiceDescription.java

@@ -26,7 +26,7 @@ public class ServiceDescription {
 	private String dialogUrl;
 	private String image;
 	private int order = 0;
-	private boolean allowLecturer = true;
+	private String[] allowedRoles;
 
 	public ServiceDescription(String id, String name, String dialogUrl) {
 		this.id = id;
@@ -34,20 +34,21 @@ public class ServiceDescription {
 		this.dialogUrl = dialogUrl;
 	}
 
-	public ServiceDescription(String id, String name, String dialogUrl, String image) {
+	public ServiceDescription(String id, String name, String dialogUrl, String[] allowedRoles) {
 		this.id = id;
 		this.name = name;
 		this.dialogUrl = dialogUrl;
-		if (!"".equals(image)) {
-			this.image = image;
-		}
+		this.allowedRoles = allowedRoles;
 	}
 
-	public ServiceDescription(String id, String name, String dialogUrl, boolean allowLecturer) {
+	public ServiceDescription(String id, String name, String dialogUrl, String[] allowedRoles, String image) {
 		this.id = id;
 		this.name = name;
 		this.dialogUrl = dialogUrl;
-		this.allowLecturer = allowLecturer;
+		this.allowedRoles = allowedRoles;
+		if (!"".equals(image)) {
+			this.image = image;
+		}
 	}
 
 	public String getId() {
@@ -90,11 +91,11 @@ public class ServiceDescription {
 		this.order = order;
 	}
 
-	public boolean isAllowLecturer() {
-		return allowLecturer;
+	public String[] getAllowedRoles() {
+		return allowedRoles;
 	}
 
-	public void setAllowLecturer(boolean allowLecturer) {
-		this.allowLecturer = allowLecturer;
+	public void setAllowedRoles(String[] roles) {
+		this.allowedRoles = allowedRoles;
 	}
 }

src/main/resources/arsnova.properties.example

@@ -64,13 +64,14 @@ security.authentication.login-try-limit=50
 # Guest authentication
 #
 security.guest.enabled=true
+security.guest.allowed-roles=speaker,student
 security.guest.order=0
-security.guest.lecturer.enabled=true
 
 # Setup combined login if you want to use a single, customized login page
 # which is used for multiple authentication services.
 #
 security.custom-login.enabled=false
+security.custom-login.allowed-roles=speaker,student
 security.custom-login.title=University
 security.custom-login.login-dialog-path=
 security.custom-login.image=
@@ -88,6 +89,7 @@ security.custom-login.order=0
 #     replaced by the value of activation-path.
 #
 security.user-db.enabled=true
+security.user-db.allowed-roles=speaker,student
 security.user-db.title=ARSnova
 security.user-db.login-dialog-path=account.html
 security.user-db.activation-path=account.html
@@ -111,6 +113,7 @@ security.user-db.reset-password-mail.body=You requested to reset your \
 #     server. {0} will be replaced with the user ID by ARSnova.
 #
 security.ldap.enabled=false
+security.ldap.allowed-roles=speaker,student
 security.ldap.title=LDAP
 security.ldap.login-dialog-path=login-ldap.html
 security.ldap.image=
@@ -128,6 +131,7 @@ security.ldap.user-dn-pattern=uid={0},ou=arsnova
 # CAS authentication
 #
 security.cas.enabled=false
+security.cas.allowed-roles=speaker,student
 security.cas.title=CAS
 security.cas.image=
 security.cas.order=0
@@ -141,6 +145,7 @@ security.cas-server-url=https://example.com/cas
 # Facebook
 #
 security.facebook.enabled=false
+security.facebook.allowed-roles=speaker,student
 security.facebook.order=0
 security.facebook.key=
 security.facebook.secret=
@@ -148,6 +153,7 @@ security.facebook.secret=
 # Twitter
 #
 security.twitter.enabled=false
+security.twitter.allowed-roles=speaker,student
 security.twitter.order=0
 security.twitter.key=
 security.twitter.secret=
@@ -155,6 +161,7 @@ security.twitter.secret=
 # Google
 #
 security.google.enabled=false
+security.google.allowed-roles=speaker,student
 security.google.order=0
 security.google.key=
 security.google.secret=