package no.niths.security;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import no.niths.common.constants.SecurityConstants;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
/**
* Simple wrapper class for authenticated user.
* We set the current authenticated user to an instance of this class.
* Spring security then uses the instance to determine if it has the
* roles and attributes needed
*
* The attributes in this class is used to fine grain the security checks.
*
* Ex: The student id can be used together with the role like this:
*
* PreAuthorize(hasRole('ROLE_STUDENT') and principal.studentId == #id)
* public void anyMethod(Long id) {...}
*
* principal = the authenticated user
*
*/
public class RequestHolderDetails implements UserDetails {
private static final long serialVersionUID = -4668876556049860936L;
private List<String> roleNames = new ArrayList<String>();
private String userName;
private Long studentId;
private Long developerId = new Long(-1);
private Long appId = new Long(-1);
public RequestHolderDetails() {
this("Not provided");
}
public RequestHolderDetails(String userName) {
this.userName = userName;
}
public Long getStudentId() {
return studentId;
}
public void setStudentId(Long studentId) {
this.studentId = studentId;
}
@SuppressWarnings("serial")
@Override
public Collection<GrantedAuthority> getAuthorities() {
Collection<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>();
if (roleNames.isEmpty()) {
GrantedAuthority grantedAuthority = new GrantedAuthority() {
public String getAuthority() {
return SecurityConstants.R_ANONYMOUS;
}
};
grantedAuthorities.add(grantedAuthority);
} else {
for (final String role : roleNames) {
GrantedAuthority grantedAuthority = new GrantedAuthority() {
public String getAuthority() {
return role;
}
};
grantedAuthorities.add(grantedAuthority);
}
}
return grantedAuthorities;
}
public void addRoleName(String roleName) {
roleNames.add(roleName);
}
@Override
public String getPassword() {
return null;
}
@Override
public String getUsername() {
return userName;
}
@Override
public boolean isAccountNonExpired() {
return false;
}
@Override
public boolean isAccountNonLocked() {
return false;
}
@Override
public boolean isCredentialsNonExpired() {
return false;
}
@Override
public boolean isEnabled() {
return true;
}
public String getUserName() {
return userName;
}
public void setUserName(String userName) {
if (userName == null) {
userName = "Not provided";
}
this.userName = userName;
}
public Long getDeveloperId() {
return developerId;
}
public void setDeveloperId(Long developerId) {
this.developerId = developerId;
}
public Long getAppId() {
return appId;
}
public void setAppId(Long appId) {
this.appId = appId;
}
}