Class SpringSecurityLoaderImpl
java.lang.Object
com.randomnoun.common.security.impl.SpringSecurityLoaderImpl
- All Implemented Interfaces:
SecurityLoader
An implementation of the
SecurityLoader
class, using the Spring framework to populate the SecurityContext from a JDBC
datasource.
This security context used to optionally take a customerId (used to partition users across separate SaaS contexts), or an applicationId (used to partition permissions across separate software products). If not defined, then these columns did not need to be present in the database. This functionality has been deprecated.
I think we had String userids at one point as well, so look out for that.
This class has a number of initialisation properties that are specific to this class (in addition to those initialisation properties that are set by the SecurityContext itself):
-
INIT_JDBCTEMPLATE- The Spring JdbcTemplate class used to retrieve information from a database. -
INIT_DATABASE_VENDOR- Set to one of the SqlGenerator.DATABASE_* constants, which specifies what syntax of SQL to use (DB2, Oracle or SqlServer).
- Author:
- knoxg
-
Field Summary
FieldsModifier and TypeFieldDescriptionfinal CamelCaserColumn renamer for the SECURITYAUDITS tablestatic final StringBoolean object version of SecurityContext.INIT_CASE_INSENSITIVE string; set to false if missingstatic final StringDatabase vendor for generated SQL.static final StringInitialisation property key to set JdbcTemplate.static final org.apache.log4j.LoggerLogger for this classfinal CamelCaserColumn renamer for the PERMISSION tablefinal CamelCaserColumn renamer for the shouty ROLETABLE tablefinal CamelCaserColumn renamer for the USERS table -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidinitialise(Map<String, Object> properties) Initialise this loader.loadAllActivities(String resourceName) Retrieve a list of all the activities that can be applied to resource for the current application context.Return a List of all Permissions available to this applicationRetrieve a list of all the resources under security for the current application context.Returns List of maps, where each map represents the details of a particular role.Load all role permissions.Retrieve a list of all the roles that can be applied to a user for the current application context.Returns List of maps, where each map represents the details of a particular user.Retrieve a list of users in the current application context.loadRolePermissions(String role) Return List of Permission associated with a particular roleloadUser(long userId) Load a user.loadUserPermissions(User user) Retrieve per-user permission objects.loadUserRolePermissions(User user) Return List of Permissions containing permissions contained for all roles for a particular user.loadUserRoles(User user) Retrieve a list of roles applied to a particular user for the current application context.voidResets the security context.voidsaveRolePermissions(String role, List<Permission> rolePermissions) Persists the permission information for this role to the database.voidsaveUserRolesAndPermissions(User user, List<String> roles, List<Permission> userPermissions) Persists the role and permission information recorded for this user to the database.
-
Field Details
-
logger
Logger for this class -
INIT_JDBCTEMPLATE
Initialisation property key to set JdbcTemplate.- See Also:
-
INIT_DATABASE_VENDOR
Database vendor for generated SQL. Should be one of the SqlGenerator.DB_* constants- See Also:
-
INIT_CASE_INSENSITIVE_OBJ
Boolean object version of SecurityContext.INIT_CASE_INSENSITIVE string; set to false if missing- See Also:
-
roleCamelCaser
Column renamer for the shouty ROLETABLE table -
userCamelCaser
Column renamer for the USERS table -
permissionCamelCaser
Column renamer for the PERMISSION table -
auditCamelCaser
Column renamer for the SECURITYAUDITS table
-
-
Constructor Details
-
SpringSecurityLoaderImpl
public SpringSecurityLoaderImpl()
-
-
Method Details
-
initialise
Initialise this loader.The properties Map passed into this method must contain the following attributes.
jdbcTemplate - a JdbcTemplate object connected to a datasource databaseVendor - one of the SqlGenerator.DATABASE_* constants, defining what syntax of SQL to generate from this class. - Specified by:
initialisein interfaceSecurityLoader- Parameters:
properties- Initialisation properties for this loader.- See Also:
-
loadAllRolePermissions
Load all role permissions. Return a structured list of application specific Permission objects which is used to preload the SecurityContext rolePermission cache. Each permission returned must be a role-based Permission.- Specified by:
loadAllRolePermissionsin interfaceSecurityLoader- Returns:
- A List of Permission objects for all roles in the current application. Does not return Permissions that are not explicitly associated with a role in the security table.
- Throws:
IOException- if an error occured loading from the database. This IOException will always contain a spring DataAccessException which can be accessed in its .getCause() method.- See Also:
-
loadUserPermissions
Retrieve per-user permission objects. Returns the list of permissions assigned to this user.- Specified by:
loadUserPermissionsin interfaceSecurityLoader- Throws:
IOException- if an error occured loading from the database. This IOException will always contain a spring DataAccessException which can be accessed in its .getCause() method.- See Also:
-
loadUserRoles
Retrieve a list of roles applied to a particular user for the current application context.- Specified by:
loadUserRolesin interfaceSecurityLoader- Returns:
- List of roles, represented as Strings
- See Also:
-
loadRolePermissions
Return List of Permission associated with a particular role- Specified by:
loadRolePermissionsin interfaceSecurityLoader- Parameters:
role-- Returns:
- A List of Permission objects that apply to that role
-
loadUserRolePermissions
Return List of Permissions containing permissions contained for all roles for a particular user.Note that if a user contains multiple roles that have permissions that apply to the same activity/resource combinations, then that will be reflected in the returned list.
- Specified by:
loadUserRolePermissionsin interfaceSecurityLoader- Parameters:
userid- Name of user we are interested in.- Returns:
- A List of Maps
-
loadAllPermissions
Return a List of all Permissions available to this application- Specified by:
loadAllPermissionsin interfaceSecurityLoader- Returns:
- a List of Permissions available to this application
-
loadUser
Description copied from interface:SecurityLoaderLoad a user. Will not load any role or permission data for that user.Will probably throw an IOException if the user doesn't exist.
- Specified by:
loadUserin interfaceSecurityLoader- Returns:
- a User object.
- Throws:
IOException
-
loadAllUsers
Retrieve a list of users in the current application context. Return a list of User objects representing all users contained in this security context. Permission information relating to that user is not populated unless the 'populatePermission' parameter is set to true.The information returned by this function may be cached, depending on the initialisation properties of the security context.
- Specified by:
loadAllUsersin interfaceSecurityLoader- Returns:
- A List of Users.
- Throws:
IOException- if an error occured loading from the database. This IOException will always contain a spring DataAccessException which can be accessed viamethod.invalid reference
java.io.Throwable#getCause- See Also:
-
loadAllResources
Retrieve a list of all the resources under security for the current application context.- Specified by:
loadAllResourcesin interfaceSecurityLoader- Returns:
- List of maps, each map represents resource
- See Also:
-
loadAllActivities
Retrieve a list of all the activities that can be applied to resource for the current application context.- Specified by:
loadAllActivitiesin interfaceSecurityLoader- Parameters:
resourceName- The resource we wish to retrieve activities for- Returns:
- List of maps, each map represents an activity.
- See Also:
-
loadAllRoles
Retrieve a list of all the roles that can be applied to a user for the current application context.- Specified by:
loadAllRolesin interfaceSecurityLoader- Returns:
- List of maps, each map represents a role.
- See Also:
-
loadAllRoleDetails
Returns List of maps, where each map represents the details of a particular role.- Specified by:
loadAllRoleDetailsin interfaceSecurityLoader- Returns:
- A List of Roles, in Map format.
-
loadAllUserDetails
Returns List of maps, where each map represents the details of a particular user.- Specified by:
loadAllUserDetailsin interfaceSecurityLoader- Returns:
- A List of Users, in Map format.
-
resetSecurityContext
Resets the security context.This security context holds no state, so this method does nothing.
- Specified by:
resetSecurityContextin interfaceSecurityLoader
-
saveUserRolesAndPermissions
public void saveUserRolesAndPermissions(User user, List<String> roles, List<Permission> userPermissions) throws IOException Description copied from interface:SecurityLoaderPersists the role and permission information recorded for this user to the database. Existing role and permission information in the database will be removed.- Specified by:
saveUserRolesAndPermissionsin interfaceSecurityLoader- Parameters:
user- The user to persist- Throws:
IOException
-
saveRolePermissions
Description copied from interface:SecurityLoaderPersists the permission information for this role to the database. Existing permission information in the database will be removed.- Specified by:
saveRolePermissionsin interfaceSecurityLoader- Throws:
IOException
-