CDOAuthenticatedSession.java

/**
 * (C) Copyright 2013 Jabylon (http://www.jabylon.org) and others.
 *
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 */
/**
 *
 */
package org.jabylon.rest.ui.security;

import java.util.ArrayList;
import java.util.List;

import org.apache.wicket.authroles.authentication.AuthenticatedWebSession;
import org.apache.wicket.authroles.authorization.strategies.role.Roles;
import org.apache.wicket.model.IModel;
import org.apache.wicket.request.Request;
import org.eclipse.emf.common.util.EList;
import org.jabylon.common.resolver.URIConstants;
import org.jabylon.rest.ui.Activator;
import org.jabylon.rest.ui.model.EObjectModel;
import org.jabylon.security.CommonPermissions;
import org.jabylon.security.auth.AuthenticationService;
import org.jabylon.users.Permission;
import org.jabylon.users.Role;
import org.jabylon.users.User;
import org.jabylon.users.UserManagement;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * @author Johannes Utzig (jutzig.dev@googlemail.com)
 *
 */
public class CDOAuthenticatedSession extends AuthenticatedWebSession {

    private static final long serialVersionUID = 1L;

    private IModel<User> user;

    private IModel<User> anonymousUser;

    private IModel<UserManagement> userManagementModel;

    private static final Logger logger = LoggerFactory.getLogger(CDOAuthenticatedSession.class);

    public CDOAuthenticatedSession(Request request) {
        super(request);

    }

    @Override
    public void detach() {
        super.detach();
        if(user!=null)
            user.detach();
        if(anonymousUser!=null)
            anonymousUser.detach();
        if(userManagementModel!=null)
            userManagementModel.detach();
    }

    public boolean hasPermission(String permission) {
    	User user = getUser();
    	if(user==null)
    		user = getAnonymousUser();
    	if(user!=null)
    		return user.hasPermission(permission);
    	return false;
    }

    private UserManagement getUserManagement()
    {
        if(userManagementModel==null)
        {
            Object resolved = Activator.getDefault().getRepositoryLookup().resolve(URIConstants.SECURITY_URI_PREFIX);
            if (resolved instanceof UserManagement) {
                UserManagement managment = (UserManagement) resolved;
                userManagementModel = new EObjectModel<UserManagement>(managment);
                return managment;
            }
            else
            {
                logger.error("Failed to obtain UserManagement");
                return null;
            }
        }
        return userManagementModel.getObject();

    }

    /* (non-Javadoc)
     * @see org.apache.wicket.authroles.authentication.AuthenticatedWebSession#authenticate(java.lang.String, java.lang.String)
     */
    @Override
    public boolean authenticate(final String username, final String password) {

    	AuthenticationService service = Activator.getDefault().getAuthenticationService();
    	User user = service.authenticateUser(username, password);
    	if(user==null)
    		return false;
    	this.user = new EObjectModel<User>(user);
        return true;
    }


    /* (non-Javadoc)
     * @see org.apache.wicket.authroles.authentication.AbstractAuthenticatedWebSession#getRoles()
     */
    @Override
    public Roles getRoles() {
        // TODO Auto-generated method stub
        if(isSignedIn())
        {
            //in our case permissions are wicket roles
            EList<Permission> permissions = user.getObject().getAllPermissions();
            return createRoles(permissions);
        }
        return getAnonymousRoles();
    }

    private Roles createRoles(EList<Permission> permissions) {
        List<String> roleNames = new ArrayList<String>(permissions.size());
        for (Permission permission : permissions) {
            roleNames.add(permission.getName());
        }
        return new Roles(roleNames.toArray(new String[permissions.size()]));
    }

    private Roles getAnonymousRoles() {
        logger.info("Computing Anonymous Roles");
        Role role = getUserManagement().findRoleByName(CommonPermissions.ROLE_ANONYMOUS);
        Roles roles = createRoles(role.getAllPermissions());
        return roles;
    }

    public User getUser() {
        if(user == null)
            return null;
        return user.getObject();
    }

    public User getAnonymousUser() {
        if(anonymousUser == null)
        {
            if(getUserManagement()==null)
                return null;
            User anonymous = Activator.getDefault().getAuthenticationService().getAnonymousUser();
            if(anonymous!=null)
                anonymousUser = new EObjectModel<User>(anonymous);
            else
                return null;
        }
        return anonymousUser.getObject();
    }

}