s1890 - users uri prefix comes from ldap user persistence

9c6e670f · Brian Major · 978fc0a3 · 9c6e670f · 9c6e670f · 9c6e670f
Commit 9c6e670f authored 8 years ago by Brian Major
--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupPersistence.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupPersistence.java
@@ -68,7 +68,6 @@
 */
 package ca.nrc.cadc.ac.server.ldap;

-import java.lang.reflect.Field;
 import java.security.AccessControlException;
 import java.security.Principal;
 import java.util.ArrayList;
@@ -94,6 +93,7 @@ import ca.nrc.cadc.auth.AuthMethod;
 import ca.nrc.cadc.auth.AuthenticationUtil;
 import ca.nrc.cadc.auth.DNPrincipal;
 import ca.nrc.cadc.net.TransientException;
+import ca.nrc.cadc.util.ObjectUtil;

 public class LdapGroupPersistence extends LdapPersistence implements GroupPersistence
 {
@@ -182,7 +182,7 @@ public class LdapGroupPersistence extends LdapPersistence implements GroupPersis
        {
            LdapUserDAO userDAO = new LdapUserDAO(conns);
            User owner = userDAO.getAugmentedUser(userID);
-            setField(group, owner, "owner");
+            ObjectUtil.setField(group, owner, "owner");
            LdapGroupDAO groupDAO = new LdapGroupDAO(conns, userDAO);
            groupDAO.addGroup(group);
        }
@@ -395,27 +395,4 @@ public class LdapGroupPersistence extends LdapPersistence implements GroupPersis
        GroupMemberships gms = gset.iterator().next();
        return gms.getUserID();
    }
-
-    // set private field using reflection
-    private void setField(Object object, Object value, String name)
-    {
-        try
-        {
-            Field field = object.getClass().getDeclaredField(name);
-            field.setAccessible(true);
-            field.set(object, value);
-        }
-        catch (NoSuchFieldException e)
-        {
-            final String error = object.getClass().getSimpleName() +
-                " field " + name + "not found";
-            throw new RuntimeException(error, e);
-        }
-        catch (IllegalAccessException e)
-        {
-            final String error = "unable to update " + name + " in " +
-                object.getClass().getSimpleName();
-            throw new RuntimeException(error, e);
-        }
-    }
 }
--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
@@ -142,6 +142,8 @@ public class LdapUserDAO extends LdapDAO

    private final Profiler profiler = new Profiler(LdapUserDAO.class);

+    private String internalIdUriPrefix = AC.USER_URI;
+
    // Map of identity type to LDAP attribute
    private final Map<Class<?>, String> userLdapAttrib = new HashMap<Class<?>, String>();

@@ -1263,11 +1265,15 @@ public class LdapUserDAO extends LdapDAO
        return uuid.getLeastSignificantBits();
    }

+    protected void setInternalIdUriPrefix(String internalIdUriPrefix)
+    {
+        this.internalIdUriPrefix = internalIdUriPrefix;
+    }
+
    protected InternalID getInternalID(String numericID)
    {
        UUID uuid = new UUID(0L, Long.parseLong(numericID));
-
-        final String uriString = AC.USER_URI + uuid.toString();
+        String uriString = internalIdUriPrefix + "?" + uuid.toString();
        URI uri;
        try
        {

--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java
@@ -122,7 +122,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
        LdapConnections conns = new LdapConnections(this);
        try
        {
-            userDAO = new LdapUserDAO(conns);
+            userDAO = getLdapUserDao(conns);
            userDAO.addUser(user);
        }
        finally
@@ -147,7 +147,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
        LdapConnections conns = new LdapConnections(this);
        try
        {
-            userDAO = new LdapUserDAO(conns);
+            userDAO = getLdapUserDao(conns);
            userDAO.addUserRequest(userRequest);
        }
        finally
@@ -178,7 +178,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
        LdapConnections conns = new LdapConnections(this);
        try
        {
-            userDAO = new LdapUserDAO(conns);
+            userDAO = getLdapUserDao(conns);
            return userDAO.getUser(userID);
        }
        finally
@@ -206,7 +206,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
            LdapConnections conns = new LdapConnections(this);
            try
            {
-                LdapUserDAO userDAO = new LdapUserDAO(conns);
+                LdapUserDAO userDAO = getLdapUserDao(conns);
                return userDAO.getUserByEmailAddress(emailAddress);
            }
            finally
@@ -235,7 +235,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
        LdapConnections conns = new LdapConnections(this);
        try
        {
-            userDAO = new LdapUserDAO(conns);
+            userDAO = getLdapUserDao(conns);
            return userDAO.getUserRequest(userID);
        }
        finally
@@ -263,7 +263,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
        LdapConnections conns = new LdapConnections(this);
        try
        {
-            userDAO = new LdapUserDAO(conns);
+            userDAO = getLdapUserDao(conns);
            profiler.checkpoint("Create LdapUserDAO");
            User user = userDAO.getAugmentedUser(userID);
            profiler.checkpoint("getAugmentedUser");
@@ -294,7 +294,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
        LdapConnections conns = new LdapConnections(this);
        try
        {
-            userDAO = new LdapUserDAO(conns);
+            userDAO = getLdapUserDao(conns);
            return userDAO.getUsers();
        }
        finally
@@ -318,7 +318,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
        LdapConnections conns = new LdapConnections(this);
        try
        {
-            userDAO = new LdapUserDAO(conns);
+            userDAO = getLdapUserDao(conns);
            return userDAO.getUserRequests();
        }
        finally
@@ -348,7 +348,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
        LdapConnections conns = new LdapConnections(this);
        try
        {
-            userDAO = new LdapUserDAO(conns);
+            userDAO = getLdapUserDao(conns);
            return userDAO.approveUserRequest(userID);
        }
        finally
@@ -380,7 +380,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
        LdapConnections conns = new LdapConnections(this);
        try
        {
-            userDAO = new LdapUserDAO(conns);
+            userDAO = getLdapUserDao(conns);
            return userDAO.modifyUser(user);
        }
        finally
@@ -410,7 +410,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
        LdapConnections conns = new LdapConnections(this);
        try
        {
-            userDAO = new LdapUserDAO(conns);
+            userDAO = getLdapUserDao(conns);
            userDAO.deleteUser(userID);
        }
        finally
@@ -437,7 +437,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
        LdapConnections conns = new LdapConnections(this);
        try
        {
-            userDAO = new LdapUserDAO(conns);
+            userDAO = getLdapUserDao(conns);
            userDAO.deleteUserRequest(userID);
        }
        finally
@@ -464,7 +464,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
        LdapConnections conns = new LdapConnections(this);
        try
        {
-            userDAO = new LdapUserDAO(conns);
+            userDAO = getLdapUserDao(conns);
            return userDAO.doLogin(userID, password);
        }
        finally
@@ -494,7 +494,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
        LdapConnections conns = new LdapConnections(this);
        try
        {
-            userDAO = new LdapUserDAO(conns);
+            userDAO = getLdapUserDao(conns);
            if (userDAO.doLogin(userID.getName(), oldPassword))
            {
                // oldPassword is correct
@@ -527,7 +527,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
        LdapConnections conns = new LdapConnections(this);
        try
        {
-            userDAO = new LdapUserDAO(conns);
+            userDAO = getLdapUserDao(conns);
            User user = getUser(userID);

            if (user != null)
@@ -570,4 +570,24 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste
        }
        return false;
    }
+
+    private LdapUserDAO getLdapUserDao(LdapConnections conn)
+    {
+        LdapUserDAO dao = new LdapUserDAO(conn);
+        if (getInternalIdUriPrefix() != null)
+            dao.setInternalIdUriPrefix(getInternalIdUriPrefix());
+        return dao;
+    }
+
+    /**
+     * Web services can override this method to change
+     * the user prefix used in the internal ID.
+     *
+     * By default the LdapUserDAO will use AC.USER_URI;
+     */
+    protected String getInternalIdUriPrefix()
+    {
+        return null;
+    }
+
 }
--- a/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/WhoAmIServletTest.java
+++ b/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/WhoAmIServletTest.java
@@ -68,20 +68,25 @@

 package ca.nrc.cadc.ac.server.web;

-import ca.nrc.cadc.ac.AC;
-import ca.nrc.cadc.auth.HttpPrincipal;
-import ca.nrc.cadc.reg.client.RegistryClient;
-import org.junit.Test;
+import static org.easymock.EasyMock.createMock;
+import static org.easymock.EasyMock.expect;
+import static org.easymock.EasyMock.expectLastCall;
+import static org.easymock.EasyMock.replay;
+import static org.easymock.EasyMock.verify;
+
+import java.net.URI;
+import java.net.URL;
+import java.security.PrivilegedExceptionAction;

 import javax.security.auth.Subject;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

-import java.net.URI;
-import java.net.URL;
-import java.security.PrivilegedExceptionAction;
+import org.junit.Test;

-import static org.easymock.EasyMock.*;
+import ca.nrc.cadc.ac.AC;
+import ca.nrc.cadc.auth.HttpPrincipal;
+import ca.nrc.cadc.reg.client.RegistryClient;


 public class WhoAmIServletTest
@@ -127,8 +132,8 @@ public class WhoAmIServletTest
        mockResponse.sendRedirect("/ac/users/CADCtest?idType=HTTP");
        expectLastCall().once();

-        expect(mockRegistry.getServiceURL(URI.create(AC.GMS_SERVICE_URI),
-                                          "http", "/users/%s?idType=HTTP")).
+        expect(mockRegistry.getServiceURL(URI.create(AC.UMS_SERVICE_URI + "#users"),
+                                          "http", "/%s?idType=HTTP")).
                andReturn(new URL("http://mysite.com/ac/users/CADCtest?idType=HTTP")).once();

        replay(mockRequest, mockResponse, mockRegistry);

--- a/cadcAccessControl/src/ca/nrc/cadc/ac/AC.java
+++ b/cadcAccessControl/src/ca/nrc/cadc/ac/AC.java
@@ -92,6 +92,6 @@ public class AC
    public static final String GROUP_URI = "ivo://cadc.nrc.ca/gms#";

    // User URI with appended UUID represents a unique user
-    public static final String USER_URI = "ivo://cadc.nrc.ca/user?";
+    public static final String USER_URI = "ivo://cadc.nrc.ca/user";

 }
--- a/cadcAccessControl/src/ca/nrc/cadc/ac/InternalID.java
+++ b/cadcAccessControl/src/ca/nrc/cadc/ac/InternalID.java
@@ -75,6 +75,8 @@ import java.util.UUID;
 /**
 * Class that represents a numeric id. This is useful for
 * representing an internal user key reference.
+ *
+ * The expected format of the URI is scheme://authority?uuid
 */
 public class InternalID
 {