From 695f114f5b81cd8271b8659d8f7110efc0549c36 Mon Sep 17 00:00:00 2001 From: Daniil Palagin Date: Mon, 23 Sep 2024 09:39:58 +0200 Subject: [PATCH] [kbss-cvut/record-manager-ui#202] Replace types with roles --- .../cvut/kbss/study/security/CustomSwitchUserFilter.java | 3 ++- .../cz/cvut/kbss/study/security/model/UserDetails.java | 9 ++++----- .../kbss/study/security/CustomSwitchUserFilterTest.java | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/main/java/cz/cvut/kbss/study/security/CustomSwitchUserFilter.java b/src/main/java/cz/cvut/kbss/study/security/CustomSwitchUserFilter.java index 80723dc4..fbc4654a 100644 --- a/src/main/java/cz/cvut/kbss/study/security/CustomSwitchUserFilter.java +++ b/src/main/java/cz/cvut/kbss/study/security/CustomSwitchUserFilter.java @@ -1,5 +1,6 @@ package cz.cvut.kbss.study.security; +import cz.cvut.kbss.study.model.Role; import cz.cvut.kbss.study.rest.exception.BadRequestException; import jakarta.servlet.http.HttpServletRequest; import org.springframework.security.core.Authentication; @@ -14,7 +15,7 @@ public class CustomSwitchUserFilter extends SwitchUserFilter { @Override protected Authentication attemptSwitchUser(HttpServletRequest request) throws AuthenticationException { final Authentication switchTo = super.attemptSwitchUser(request); - if (switchTo.getAuthorities().stream().anyMatch(a -> SecurityConstants.ROLE_ADMIN.equals(a.getAuthority()))) { + if (switchTo.getAuthorities().stream().anyMatch(a -> Role.administrator.name().equals(a.getAuthority()))) { throw new BadRequestException("Cannot impersonate admin."); } return switchTo; diff --git a/src/main/java/cz/cvut/kbss/study/security/model/UserDetails.java b/src/main/java/cz/cvut/kbss/study/security/model/UserDetails.java index 90c882f5..2c7b3897 100644 --- a/src/main/java/cz/cvut/kbss/study/security/model/UserDetails.java +++ b/src/main/java/cz/cvut/kbss/study/security/model/UserDetails.java @@ -1,5 +1,6 @@ package cz.cvut.kbss.study.security.model; +import cz.cvut.kbss.study.model.Role; import cz.cvut.kbss.study.model.User; import cz.cvut.kbss.study.security.SecurityConstants; import org.springframework.security.core.GrantedAuthority; @@ -36,12 +37,10 @@ public UserDetails(User user, Collection authorities) { private void resolveRoles() { authorities.addAll( - user.getTypes().stream() - .map(Role::forType) - .filter(Optional::isPresent) - .map(r -> new SimpleGrantedAuthority(r.get().getName())) + user.getRoleGroup().getRoles().stream() + .map(r -> new SimpleGrantedAuthority(r.name())) .toList()); - authorities.add(new SimpleGrantedAuthority(SecurityConstants.ROLE_USER)); + authorities.add(new SimpleGrantedAuthority(Role.user.name())); } public void eraseCredentials() { diff --git a/src/test/java/cz/cvut/kbss/study/security/CustomSwitchUserFilterTest.java b/src/test/java/cz/cvut/kbss/study/security/CustomSwitchUserFilterTest.java index 57aae8ce..80aa2c58 100644 --- a/src/test/java/cz/cvut/kbss/study/security/CustomSwitchUserFilterTest.java +++ b/src/test/java/cz/cvut/kbss/study/security/CustomSwitchUserFilterTest.java @@ -41,6 +41,7 @@ void attemptSwitchUserSwitchesCurrentUserToTarget() { source.setRoleGroup(Generator.generateRoleGroupWithRoles(Role.administrator)); Environment.setCurrentUser(source); final User target = Generator.generateUser(null, null); + target.setRoleGroup(Generator.generateRoleGroupWithRoles(Role.user)); when(userDetailsService.loadUserByUsername(target.getUsername())).thenReturn(new UserDetails(target)); final MockHttpServletRequest request = new MockHttpServletRequest(); request.setParameter("username", target.getUsername()); @@ -55,7 +56,6 @@ void attemptSwitchUserThrowsBadRequestExceptionWhenTargetUserIsAdmin() { source.setRoleGroup(Generator.generateRoleGroupWithRoles(Role.administrator)); Environment.setCurrentUser(source); final User target = Generator.generateUser(null, roleGroup); - target.addType(Vocabulary.s_i_administrator); target.setRoleGroup(Generator.generateRoleGroupWithRoles(Role.administrator)); when(userDetailsService.loadUserByUsername(target.getUsername())).thenReturn(new UserDetails(target)); final MockHttpServletRequest request = new MockHttpServletRequest();