From 1a3e9582c474fd17f802cf530266b773c0a10eb1 Mon Sep 17 00:00:00 2001
From: Daniel Gerhardt <code@dgerhardt.net>
Date: Fri, 19 Feb 2016 13:05:17 +0100
Subject: [PATCH] Extend API and config to support auth services per role
---
.../arsnova/controller/LoginController.java | 31 +++++++++++++------
.../arsnova/entities/ServiceDescription.java | 23 +++++++-------
src/main/resources/arsnova.properties.example | 9 +++++-
3 files changed, 42 insertions(+), 21 deletions(-)
diff --git a/src/main/java/de/thm/arsnova/controller/LoginController.java b/src/main/java/de/thm/arsnova/controller/LoginController.java
index 92cf3257..c27b9909 100644
--- a/src/main/java/de/thm/arsnova/controller/LoginController.java
+++ b/src/main/java/de/thm/arsnova/controller/LoginController.java
@@ -59,6 +59,7 @@ import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.text.MessageFormat;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Collection;
import java.util.List;
@@ -75,39 +76,46 @@ public class LoginController extends AbstractController {
@Value("${customization.path}") private String customizationPath;
@Value("${security.guest.enabled}") private String guestEnabled;
- @Value("${security.guest.lecturer.enabled}") private String guestLecturerEnabled;
+ @Value("${security.guest.allowed-roles:speaker,student}") private String[] guestRoles;
@Value("${security.guest.order}") private int guestOrder;
@Value("${security.custom-login.enabled}") private String customLoginEnabled;
+ @Value("${security.custom-login.allowed-roles:speaker,student}") private String[] customLoginRoles;
@Value("${security.custom-login.title:University}") private String customLoginTitle;
@Value("${security.custom-login.login-dialog-path}") private String customLoginDialog;
@Value("${security.custom-login.image:}") private String customLoginImage;
@Value("${security.custom-login.order}") private int customLoginOrder;
@Value("${security.user-db.enabled}") private String dbAuthEnabled;
+ @Value("${security.user-db.allowed-roles:speaker,student}") private String[] dbAuthRoles;
@Value("${security.user-db.title:ARSnova}") private String dbAuthTitle;
@Value("${security.user-db.login-dialog-path}") private String dbAuthDialog;
@Value("${security.user-db.image:}") private String dbAuthImage;
@Value("${security.user-db.order}") private int dbAuthOrder;
@Value("${security.ldap.enabled}") private String ldapEnabled;
+ @Value("${security.ldap.allowed-roles:speaker,student}") private String[] ldapRoles;
@Value("${security.ldap.title:LDAP}") private String ldapTitle;
@Value("${security.ldap.login-dialog-path}") private String ldapDialog;
@Value("${security.ldap.image:}") private String ldapImage;
@Value("${security.ldap.order}") private int ldapOrder;
@Value("${security.cas.enabled}") private String casEnabled;
+ @Value("${security.cas.allowed-roles:speaker,student}") private String[] casRoles;
@Value("${security.cas.title:CAS}") private String casTitle;
@Value("${security.cas.image:}") private String casImage;
@Value("${security.cas.order}") private int casOrder;
@Value("${security.facebook.enabled}") private String facebookEnabled;
+ @Value("${security.facebook.enabled-roles:speaker,student}") private String[] facebookRoles;
@Value("${security.facebook.order}") private int facebookOrder;
@Value("${security.google.enabled}") private String googleEnabled;
+ @Value("${security.google.allowed-roles:speaker,student}") private String[] googleRoles;
@Value("${security.google.order}") private int googleOrder;
@Value("${security.twitter.enabled}") private String twitterEnabled;
+ @Value("${security.twitter.allowed-roles:speaker,student}") private String[] twitterRoles;
@Value("${security.twitter.order}") private int twitterOrder;
@Autowired(required = false)
@@ -309,12 +317,10 @@ public class LoginController extends AbstractController {
ServiceDescription sdesc = new ServiceDescription(
"guest",
"Guest",
- null
+ null,
+ guestRoles
);
sdesc.setOrder(guestOrder);
- if (!"true".equals(guestLecturerEnabled)) {
- sdesc.setAllowLecturer(false);
- }
services.add(sdesc);
}
@@ -323,6 +329,7 @@ public class LoginController extends AbstractController {
"custom",
customLoginTitle,
customizationPath + "/" + customLoginDialog + "?redirect={0}",
+ customLoginRoles,
customLoginImage
);
sdesc.setOrder(customLoginOrder);
@@ -334,6 +341,7 @@ public class LoginController extends AbstractController {
"arsnova",
dbAuthTitle,
customizationPath + "/" + dbAuthDialog + "?redirect={0}",
+ dbAuthRoles,
dbAuthImage
);
sdesc.setOrder(dbAuthOrder);
@@ -345,6 +353,7 @@ public class LoginController extends AbstractController {
"ldap",
ldapTitle,
customizationPath + "/" + ldapDialog + "?redirect={0}",
+ ldapRoles,
ldapImage
);
sdesc.setOrder(ldapOrder);
@@ -355,7 +364,8 @@ public class LoginController extends AbstractController {
ServiceDescription sdesc = new ServiceDescription(
"cas",
casTitle,
- MessageFormat.format(dialogUrl, "cas")
+ MessageFormat.format(dialogUrl, "cas"),
+ casRoles
);
sdesc.setOrder(casOrder);
services.add(sdesc);
@@ -365,7 +375,8 @@ public class LoginController extends AbstractController {
ServiceDescription sdesc = new ServiceDescription(
"facebook",
"Facebook",
- MessageFormat.format(dialogUrl, "facebook")
+ MessageFormat.format(dialogUrl, "facebook"),
+ facebookRoles
);
sdesc.setOrder(facebookOrder);
services.add(sdesc);
@@ -375,7 +386,8 @@ public class LoginController extends AbstractController {
ServiceDescription sdesc = new ServiceDescription(
"google",
"Google",
- MessageFormat.format(dialogUrl, "google")
+ MessageFormat.format(dialogUrl, "google"),
+ googleRoles
);
sdesc.setOrder(googleOrder);
services.add(sdesc);
@@ -385,7 +397,8 @@ public class LoginController extends AbstractController {
ServiceDescription sdesc = new ServiceDescription(
"twitter",
"Twitter",
- MessageFormat.format(dialogUrl, "twitter")
+ MessageFormat.format(dialogUrl, "twitter"),
+ twitterRoles
);
sdesc.setOrder(twitterOrder);
services.add(sdesc);
diff --git a/src/main/java/de/thm/arsnova/entities/ServiceDescription.java b/src/main/java/de/thm/arsnova/entities/ServiceDescription.java
index 28dfd7ef..39c75f47 100644
--- a/src/main/java/de/thm/arsnova/entities/ServiceDescription.java
+++ b/src/main/java/de/thm/arsnova/entities/ServiceDescription.java
@@ -26,7 +26,7 @@ public class ServiceDescription {
private String dialogUrl;
private String image;
private int order = 0;
- private boolean allowLecturer = true;
+ private String[] allowedRoles;
public ServiceDescription(String id, String name, String dialogUrl) {
this.id = id;
@@ -34,20 +34,21 @@ public class ServiceDescription {
this.dialogUrl = dialogUrl;
}
- public ServiceDescription(String id, String name, String dialogUrl, String image) {
+ public ServiceDescription(String id, String name, String dialogUrl, String[] allowedRoles) {
this.id = id;
this.name = name;
this.dialogUrl = dialogUrl;
- if (!"".equals(image)) {
- this.image = image;
- }
+ this.allowedRoles = allowedRoles;
}
- public ServiceDescription(String id, String name, String dialogUrl, boolean allowLecturer) {
+ public ServiceDescription(String id, String name, String dialogUrl, String[] allowedRoles, String image) {
this.id = id;
this.name = name;
this.dialogUrl = dialogUrl;
- this.allowLecturer = allowLecturer;
+ this.allowedRoles = allowedRoles;
+ if (!"".equals(image)) {
+ this.image = image;
+ }
}
public String getId() {
@@ -90,11 +91,11 @@ public class ServiceDescription {
this.order = order;
}
- public boolean isAllowLecturer() {
- return allowLecturer;
+ public String[] getAllowedRoles() {
+ return allowedRoles;
}
- public void setAllowLecturer(boolean allowLecturer) {
- this.allowLecturer = allowLecturer;
+ public void setAllowedRoles(String[] roles) {
+ this.allowedRoles = allowedRoles;
}
}
diff --git a/src/main/resources/arsnova.properties.example b/src/main/resources/arsnova.properties.example
index 7c414dc1..f7efb747 100644
--- a/src/main/resources/arsnova.properties.example
+++ b/src/main/resources/arsnova.properties.example
@@ -64,13 +64,14 @@ security.authentication.login-try-limit=50
# Guest authentication
#
security.guest.enabled=true
+security.guest.allowed-roles=speaker,student
security.guest.order=0
-security.guest.lecturer.enabled=true
# Setup combined login if you want to use a single, customized login page
# which is used for multiple authentication services.
#
security.custom-login.enabled=false
+security.custom-login.allowed-roles=speaker,student
security.custom-login.title=University
security.custom-login.login-dialog-path=
security.custom-login.image=
@@ -88,6 +89,7 @@ security.custom-login.order=0
# replaced by the value of activation-path.
#
security.user-db.enabled=true
+security.user-db.allowed-roles=speaker,student
security.user-db.title=ARSnova
security.user-db.login-dialog-path=account.html
security.user-db.activation-path=account.html
@@ -111,6 +113,7 @@ security.user-db.reset-password-mail.body=You requested to reset your \
# server. {0} will be replaced with the user ID by ARSnova.
#
security.ldap.enabled=false
+security.ldap.allowed-roles=speaker,student
security.ldap.title=LDAP
security.ldap.login-dialog-path=login-ldap.html
security.ldap.image=
@@ -128,6 +131,7 @@ security.ldap.user-dn-pattern=uid={0},ou=arsnova
# CAS authentication
#
security.cas.enabled=false
+security.cas.allowed-roles=speaker,student
security.cas.title=CAS
security.cas.image=
security.cas.order=0
@@ -141,6 +145,7 @@ security.cas-server-url=https://example.com/cas
# Facebook
#
security.facebook.enabled=false
+security.facebook.allowed-roles=speaker,student
security.facebook.order=0
security.facebook.key=
security.facebook.secret=
@@ -148,6 +153,7 @@ security.facebook.secret=
# Twitter
#
security.twitter.enabled=false
+security.twitter.allowed-roles=speaker,student
security.twitter.order=0
security.twitter.key=
security.twitter.secret=
@@ -155,6 +161,7 @@ security.twitter.secret=
# Google
#
security.google.enabled=false
+security.google.allowed-roles=speaker,student
security.google.order=0
security.google.key=
security.google.secret=
--
GitLab