AbiquoUserDetailsService.java

/**
 * Abiquo community edition
 * cloud management application for hybrid clouds
 * Copyright (C) 2008-2010 - Abiquo Holdings S.L.
 *
 * This application is free software; you can redistribute it and/or
 * modify it under the terms of the GNU LESSER GENERAL PUBLIC
 * LICENSE as published by the Free Software Foundation under
 * version 3 of the License
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * LESSER GENERAL PUBLIC LICENSE v.3 for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the
 * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
package com.abiquo.api.spring.security;

import java.util.ArrayList;
import java.util.List;

import javax.annotation.PostConstruct;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.dao.DataAccessException;
import org.springframework.dao.DataRetrievalFailureException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.security.userdetails.UsernameNotFoundException;
import org.springframework.security.util.AuthorityUtils;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Propagation;
import org.springframework.transaction.annotation.Transactional;

import com.abiquo.server.core.enterprise.EnterpriseRep;
import com.abiquo.server.core.enterprise.Privilege;
import com.abiquo.server.core.enterprise.User;
import com.abiquo.server.core.enterprise.User.AuthType;

/**
 * User details service to load user information from database using the Abiquo persistende layer.
 * 
 * @author ibarrera
 */
@Service("userDetailsService")
@Transactional(readOnly = true, propagation = Propagation.REQUIRED)
public class AbiquoUserDetailsService implements UserDetailsService, UserLoginService
{
    /** The default role prefix to use. */
    public static final String DEFAULT_ROLE_PREFIX = "ROLE_";

    /** The default role. */
    protected static final String DEFAULT_ROLE = DEFAULT_ROLE_PREFIX + "AUTHENTICATED";

    /** The Enterprise DAO repository. */
    @Autowired
    protected EnterpriseRep enterpriseRep;

    /** The authentication type. */
    protected AuthType authType;

    public AuthType getAuthType()
    {
        return authType;
    }

    /**
     * Allows to set the proper provider.
     * 
     * @param authType a {@link AuthType} value.
     */
    public void setAuthType(final AuthType authType)
    {
        this.authType = authType;
    }

    @PostConstruct
    public void init()
    {
        authType = null;
    }

    // @Override
    @Override
    public UserDetails loadUserByUsername(final String username) throws UsernameNotFoundException,
        DataAccessException
    {
        User user = null;
        try
        {
            // If we are not coming from remember me we need to call the abiquo db.
            if (authType == null)
            {
                authType = AuthType.ABIQUO;
            }
            user = enterpriseRep.getUserByAuth(username, authType);

            // for next logins
            authType = null;
        }
        catch (Exception ex)
        {
            throw new DataRetrievalFailureException("Could not load user information", ex);
        }

        if (user == null)
        {
            throw new UsernameNotFoundException("Invalid credentials");
        }

        return getUserDetails(user);
    }

    @Override
    public UserDetails getUserDetails(final User user)
    {
        AbiquoUserDetails userDetails = new AbiquoUserDetails();
        userDetails.setUserId(user.getId());
        userDetails.setUsername(user.getNick());
        userDetails.setPassword(user.getPassword());
        userDetails.setActive(user.getActive() == 1);
        userDetails.setEnterpriseId(user.getEnterprise().getId());
        userDetails.setEnterpriseName(user.getEnterprise().getName());
        userDetails.setAuthType(user.getAuthType().name());

        // Set user authorities
        GrantedAuthority[] authorities = loadUserAuthorities(user);
        userDetails.setAuthorities(authorities);

        return userDetails;
    }

    /**
     * Load the granted authorities for the authenticated user.
     * 
     * @param user The authenticated user.
     * @return An array with the granted authorities.
     */
    protected GrantedAuthority[] loadUserAuthorities(final User user)
    {
        List<Privilege> privileges = user.getRole().getPrivileges();
        ArrayList<String> grantedAuthority = new ArrayList<String>();

        // Adding default role
        grantedAuthority.add(DEFAULT_ROLE);

        if (privileges != null)
        {
            for (Privilege privilege : privileges)
            {
                grantedAuthority.add(DEFAULT_ROLE_PREFIX + privilege.getName());
            }
        }

        return AuthorityUtils.stringArrayToAuthorityArray(grantedAuthority
            .toArray(new String[grantedAuthority.size()]));
    }

}