Add permissions with roles for spring.security users. (#949)
* Add permissions with roles for spring.security users. * Fix review findings. * Use better authorityList initialisation. Signed-off-by: Michael Herdt <Michael.Herdt2@bosch-si.com>
This commit is contained in:
@@ -70,16 +70,13 @@ public class InMemoryUserManagementAutoConfiguration extends GlobalAuthenticatio
|
|||||||
|
|
||||||
final List<UserPrincipal> userPrincipals = new ArrayList<>();
|
final List<UserPrincipal> userPrincipals = new ArrayList<>();
|
||||||
for (final MultiUserProperties.User user : multiUserProperties.getUsers()) {
|
for (final MultiUserProperties.User user : multiUserProperties.getUsers()) {
|
||||||
|
final List<String> permissions = user.getPermissions();
|
||||||
List<GrantedAuthority> authorityList;
|
List<GrantedAuthority> authorityList;
|
||||||
// Allows ALL as a shorthand for all permissions
|
// Allows ALL as a shorthand for all permissions
|
||||||
if (user.getPermissions().size() == 1 && "ALL".equals(user.getPermissions().get(0))) {
|
if (permissions.size() == 1 && "ALL".equals(permissions.get(0))) {
|
||||||
authorityList = PermissionUtils.createAllAuthorityList();
|
authorityList = PermissionUtils.createAllAuthorityList();
|
||||||
} else {
|
} else {
|
||||||
authorityList = new ArrayList<>(user.getPermissions().size());
|
authorityList = createAuthoritiesFromList(permissions);
|
||||||
for (final String permission : user.getPermissions()) {
|
|
||||||
authorityList.add(new SimpleGrantedAuthority(permission));
|
|
||||||
authorityList.add(new SimpleGrantedAuthority("ROLE_" + permission));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
final UserPrincipal userPrincipal = new UserPrincipal(user.getUsername(), user.getPassword(),
|
final UserPrincipal userPrincipal = new UserPrincipal(user.getUsername(), user.getPassword(),
|
||||||
@@ -93,13 +90,26 @@ public class InMemoryUserManagementAutoConfiguration extends GlobalAuthenticatio
|
|||||||
if (userPrincipals.isEmpty()) {
|
if (userPrincipals.isEmpty()) {
|
||||||
final String name = securityProperties.getUser().getName();
|
final String name = securityProperties.getUser().getName();
|
||||||
final String password = securityProperties.getUser().getPassword();
|
final String password = securityProperties.getUser().getPassword();
|
||||||
userPrincipals.add(new UserPrincipal(name, password, name, name, name, null, DEFAULT_TENANT,
|
final List<String> roles = securityProperties.getUser().getRoles();
|
||||||
PermissionUtils.createAllAuthorityList()));
|
List<GrantedAuthority> authorityList = roles.isEmpty()
|
||||||
|
? PermissionUtils.createAllAuthorityList()
|
||||||
|
: createAuthoritiesFromList(roles);
|
||||||
|
userPrincipals
|
||||||
|
.add(new UserPrincipal(name, password, name, name, name, null, DEFAULT_TENANT, authorityList));
|
||||||
}
|
}
|
||||||
|
|
||||||
return new FixedInMemoryUserPrincipalUserDetailsService(userPrincipals);
|
return new FixedInMemoryUserPrincipalUserDetailsService(userPrincipals);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private static List<GrantedAuthority> createAuthoritiesFromList(final List<String> userAuthorities) {
|
||||||
|
List<GrantedAuthority> grantedAuthorityList = new ArrayList<>(userAuthorities.size());
|
||||||
|
for (final String permission : userAuthorities) {
|
||||||
|
grantedAuthorityList.add(new SimpleGrantedAuthority(permission));
|
||||||
|
grantedAuthorityList.add(new SimpleGrantedAuthority("ROLE_" + permission));
|
||||||
|
}
|
||||||
|
return grantedAuthorityList;
|
||||||
|
}
|
||||||
|
|
||||||
private static class FixedInMemoryUserPrincipalUserDetailsService implements UserDetailsService {
|
private static class FixedInMemoryUserPrincipalUserDetailsService implements UserDetailsService {
|
||||||
private final HashMap<String, UserPrincipal> userPrincipalMap = new HashMap<>();
|
private final HashMap<String, UserPrincipal> userPrincipalMap = new HashMap<>();
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user