From 0ccffe63b6cf2b1aba489ee0096d9147d50d167b Mon Sep 17 00:00:00 2001 From: Markus Kreth Date: Fri, 25 Jan 2019 15:17:05 +0100 Subject: [PATCH] replaced session with securityVerifier --- .../meldung/AltersgruppePersonMap.java | 31 ++++++++++++++--- .../meldung/MeldungGeneratorFactory.java | 3 ++ .../security/SecurityVerifier.java | 15 +++++++++ ...ierImpl.java => SecurityVerifierImpl.java} | 21 +++++++++++- .../vaadinclubhelper/ui/EventDetails.java | 7 ++-- .../vaadinclubhelper/ui/HeadView.java | 33 +++++++------------ .../vaadinclubhelper/ui/LoginUI.java | 8 +++-- .../vaadinclubhelper/ui/MainUi.java | 11 +++++-- .../vaadinclubhelper/ui/MainView.java | 32 +++++++++--------- .../SecurityGroupVerifierImplTest.java | 18 ++++++++-- 10 files changed, 125 insertions(+), 54 deletions(-) create mode 100644 src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/security/SecurityVerifier.java rename src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/security/{SecurityGroupVerifierImpl.java => SecurityVerifierImpl.java} (52%) diff --git a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/business/meldung/AltersgruppePersonMap.java b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/business/meldung/AltersgruppePersonMap.java index 28d5b5d..6273dbe 100644 --- a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/business/meldung/AltersgruppePersonMap.java +++ b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/business/meldung/AltersgruppePersonMap.java @@ -1,5 +1,6 @@ package de.kreth.vaadin.clubhelper.vaadinclubhelper.business.meldung; +import java.time.LocalDate; import java.util.ArrayList; import java.util.Collection; import java.util.HashMap; @@ -27,22 +28,42 @@ public class AltersgruppePersonMap { } private void group(ClubEvent event, Person p) { + if (event.getAltersgruppen().isEmpty()) { + Altersgruppe g; + if (groups.isEmpty()) { + g = new Altersgruppe(); + g.setBezeichnung("Alle Teilnehmer"); + g.setClubEvent(event); + g.setStart(1900); + g.setEnd(LocalDate.MAX.getYear()); + groups.put(g, new HashMap<>()); + } else { + g = groups.keySet().iterator().next(); + } + addPersonToGroup(p, g); + return; + } for (Altersgruppe g : event.getAltersgruppen()) { if (g.isBetween(p.getBirth())) { if (!groups.containsKey(g)) { groups.put(g, new HashMap<>()); } - Map> map = groups.get(g); - if (!map.containsKey(p.getGender())) { - map.put(p.getGender(), new ArrayList<>()); - } - map.get(p.getGender()).add(p); + + addPersonToGroup(p, g); return; } } throw new IllegalStateException("No Group found for " + p); } + public void addPersonToGroup(Person p, Altersgruppe g) { + Map> map = groups.get(g); + if (!map.containsKey(p.getGender())) { + map.put(p.getGender(), new ArrayList<>()); + } + map.get(p.getGender()).add(p); + } + public Collection altersgruppen() { return groups.keySet(); } diff --git a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/business/meldung/MeldungGeneratorFactory.java b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/business/meldung/MeldungGeneratorFactory.java index e66b49b..baa10fa 100644 --- a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/business/meldung/MeldungGeneratorFactory.java +++ b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/business/meldung/MeldungGeneratorFactory.java @@ -5,6 +5,9 @@ import de.kreth.vaadin.clubhelper.vaadinclubhelper.data.CompetitionType; public class MeldungGeneratorFactory { public static MeldungGenerator forType(CompetitionType.Type type) { + if (type == null) { + return new MeldungEinzelWettkampfGenerator(); + } switch (type) { case DOPPELMINI: return new MeldungDmtWettkampfGenerator(); diff --git a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/security/SecurityVerifier.java b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/security/SecurityVerifier.java new file mode 100644 index 0000000..f650b99 --- /dev/null +++ b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/security/SecurityVerifier.java @@ -0,0 +1,15 @@ +package de.kreth.vaadin.clubhelper.vaadinclubhelper.security; + +import de.kreth.vaadin.clubhelper.vaadinclubhelper.data.Person; + +public interface SecurityVerifier { + + void setLoggedinPerson(Person person); + + Person getLoggedinPerson(); + + boolean isPermitted(SecurityGroups... groups); + + boolean isLoggedin(); + +} \ No newline at end of file diff --git a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/security/SecurityGroupVerifierImpl.java b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/security/SecurityVerifierImpl.java similarity index 52% rename from src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/security/SecurityGroupVerifierImpl.java rename to src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/security/SecurityVerifierImpl.java index 442d2e6..8a56c66 100644 --- a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/security/SecurityGroupVerifierImpl.java +++ b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/security/SecurityVerifierImpl.java @@ -1,16 +1,30 @@ package de.kreth.vaadin.clubhelper.vaadinclubhelper.security; +import org.springframework.stereotype.Service; + +import com.vaadin.server.VaadinSession; + import de.kreth.vaadin.clubhelper.vaadinclubhelper.data.GroupDef; import de.kreth.vaadin.clubhelper.vaadinclubhelper.data.Person; -public class SecurityGroupVerifierImpl { +@Service +public class SecurityVerifierImpl implements SecurityVerifier { private Person person; + @Override public void setLoggedinPerson(Person person) { + VaadinSession currentSession = VaadinSession.getCurrent(); + currentSession.setAttribute(Person.SESSION_LOGIN, person); this.person = person; } + @Override + public Person getLoggedinPerson() { + return person; + } + + @Override public boolean isPermitted(SecurityGroups... groups) { if (person != null) { @@ -25,4 +39,9 @@ public class SecurityGroupVerifierImpl { return false; } + @Override + public boolean isLoggedin() { + return person != null && person.getGroups() != null && person.getGroups().isEmpty() == false; + } + } diff --git a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/EventDetails.java b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/EventDetails.java index ba9ec4f..cb76201 100644 --- a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/EventDetails.java +++ b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/EventDetails.java @@ -17,6 +17,7 @@ import de.kreth.vaadin.clubhelper.vaadinclubhelper.dao.GroupDao; import de.kreth.vaadin.clubhelper.vaadinclubhelper.dao.PersonDao; import de.kreth.vaadin.clubhelper.vaadinclubhelper.dao.PflichtenDao; import de.kreth.vaadin.clubhelper.vaadinclubhelper.data.ClubEvent; +import de.kreth.vaadin.clubhelper.vaadinclubhelper.security.SecurityVerifier; import de.kreth.vaadin.clubhelper.vaadinclubhelper.ui.components.EventAltersgruppen; import de.kreth.vaadin.clubhelper.vaadinclubhelper.ui.components.PersonGrid; import de.kreth.vaadin.clubhelper.vaadinclubhelper.ui.components.SingleEventView; @@ -30,19 +31,21 @@ public class EventDetails extends GridLayout implements NamedView { private final PersonDao personDao; private final GroupDao groupDao; private final PflichtenDao pflichtenDao; + private final SecurityVerifier securityGroupVerifier; private ClubEvent currentEvent; private SingleEventView eventView; private PersonGrid personGrid; private EventAltersgruppen eventAltersgruppen; - public EventDetails(PersonDao personDao, GroupDao groupDao, EventBusiness eventBusiness, - PflichtenDao pflichtenDao) { + public EventDetails(PersonDao personDao, GroupDao groupDao, EventBusiness eventBusiness, PflichtenDao pflichtenDao, + SecurityVerifier securityGroupVerifier) { super(3, 5); this.eventBusiness = eventBusiness; this.personDao = personDao; this.groupDao = groupDao; this.pflichtenDao = pflichtenDao; + this.securityGroupVerifier = securityGroupVerifier; } @Override diff --git a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/HeadView.java b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/HeadView.java index 81087e6..f20319d 100644 --- a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/HeadView.java +++ b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/HeadView.java @@ -10,7 +10,6 @@ import java.util.Date; import java.util.HashMap; import java.util.List; import java.util.Map; -import java.util.Set; import java.util.concurrent.ExecutorService; import java.util.concurrent.Executors; import java.util.function.Supplier; @@ -22,7 +21,6 @@ import com.vaadin.contextmenu.ContextMenu; import com.vaadin.icons.VaadinIcons; import com.vaadin.navigator.Navigator; import com.vaadin.server.StreamResource; -import com.vaadin.server.VaadinSession; import com.vaadin.ui.AbstractComponent; import com.vaadin.ui.Alignment; import com.vaadin.ui.BrowserFrame; @@ -35,9 +33,10 @@ import com.vaadin.ui.Notification; import com.vaadin.ui.Window; import de.kreth.vaadin.clubhelper.vaadinclubhelper.data.ClubEvent; -import de.kreth.vaadin.clubhelper.vaadinclubhelper.data.GroupDef; import de.kreth.vaadin.clubhelper.vaadinclubhelper.data.Person; import de.kreth.vaadin.clubhelper.vaadinclubhelper.jasper.CalendarCreator; +import de.kreth.vaadin.clubhelper.vaadinclubhelper.security.SecurityGroups; +import de.kreth.vaadin.clubhelper.vaadinclubhelper.security.SecurityVerifier; import de.kreth.vaadin.clubhelper.vaadinclubhelper.ui.components.CalendarComponent.ClubEventProvider; import net.sf.jasperreports.engine.JRException; import net.sf.jasperreports.engine.JasperExportManager; @@ -61,14 +60,16 @@ public class HeadView extends HorizontalLayout { private Label personLabel; - private Person loggedinPerson; - private final Navigator navigator; + private final SecurityVerifier securityVerifier; + public HeadView(Navigator navigator, Supplier startTime, Supplier endTime, - ClubEventProvider dataProvider) { + ClubEventProvider dataProvider, SecurityVerifier securityVerifier) { this.navigator = navigator; + this.securityVerifier = securityVerifier; + monthName = new Label(); monthName.setId("calendar.month"); monthName.setStyleName("title_caption"); @@ -101,7 +102,7 @@ public class HeadView extends HorizontalLayout { public void updateLoggedinPerson() { - loggedinPerson = (Person) getSession().getAttribute(Person.SESSION_LOGIN); + Person loggedinPerson = securityVerifier.getLoggedinPerson(); if (loggedinPerson != null) { personLabel.setCaption(loggedinPerson.getSurname() + ", " + loggedinPerson.getPrename()); } else { @@ -118,18 +119,15 @@ public class HeadView extends HorizontalLayout { private void openPopupMenu(ClickEvent ev) { Button button = ev.getButton(); - VaadinSession session = getSession(); - Person loggedinPerson = (Person) session.getAttribute(Person.SESSION_LOGIN); ContextMenu contextMenu = new ContextMenu(button, true); monthItemId = contextMenu.addItem("Export Monat", ev1 -> calendarExport(ev1)).getId(); contextMenu.addItem("Export Jahr", ev1 -> calendarExport(ev1)); - if (loggedinPerson != null) { - Set groups = loggedinPerson.getGroups(); - if (contains(groups, "ADMIN") || contains(groups, "Übungsleiter")) { + if (securityVerifier.getLoggedinPerson() != null) { + if (securityVerifier.isPermitted(SecurityGroups.ADMIN, SecurityGroups.UEBUNGSLEITER)) { contextMenu.addItem("Personen verwalten", ev1 -> navigator.navigateTo(PersonEditView.VIEW_NAME)); } contextMenu.addItem("Abmelden", ev1 -> { - session.setAttribute(Person.SESSION_LOGIN, null); + securityVerifier.setLoggedinPerson(null); navigator.navigateTo(MainView.VIEW_NAME); }); } else { @@ -138,15 +136,6 @@ public class HeadView extends HorizontalLayout { contextMenu.open(50, 50); } - public boolean contains(Set groups, String name) { - for (GroupDef g : groups) { - if (g.getName().toLowerCase().contentEquals(name.toLowerCase())) { - return true; - } - } - return false; - } - private void calendarExport(MenuItem ev1) { boolean monthOnly = ev1.getId() == monthItemId; diff --git a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/LoginUI.java b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/LoginUI.java index 4e30648..2e18b24 100644 --- a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/LoginUI.java +++ b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/LoginUI.java @@ -9,6 +9,7 @@ import com.vaadin.ui.VerticalLayout; import de.kreth.vaadin.clubhelper.vaadinclubhelper.dao.PersonDao; import de.kreth.vaadin.clubhelper.vaadinclubhelper.data.Person; +import de.kreth.vaadin.clubhelper.vaadinclubhelper.security.SecurityVerifier; public class LoginUI extends VerticalLayout implements NamedView { @@ -18,7 +19,7 @@ public class LoginUI extends VerticalLayout implements NamedView { private Navigator navigator; private String parameters; - public LoginUI(PersonDao personDao) { + public LoginUI(PersonDao personDao, SecurityVerifier securityGroupVerifier) { LoginForm lf = new LoginForm(); lf.addLoginListener(e -> { @@ -28,7 +29,7 @@ public class LoginUI extends VerticalLayout implements NamedView { try { Person loggedin = personDao.findLoginUser(username, password); - this.getSession().setAttribute(Person.SESSION_LOGIN, loggedin); + securityGroupVerifier.setLoggedinPerson(loggedin); navigator.navigateTo(MainView.VIEW_NAME + '/' + parameters); } catch (final Exception ex) { String message = "Incorrect user or password:" + ex.getMessage() + e.getLoginParameter("username") + ":" @@ -46,6 +47,9 @@ public class LoginUI extends VerticalLayout implements NamedView { public void enter(ViewChangeEvent event) { navigator = event.getNavigator(); parameters = event.getParameters(); + if (parameters == null) { + parameters = ""; + } } @Override diff --git a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/MainUi.java b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/MainUi.java index 3e82348..570ad8f 100644 --- a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/MainUi.java +++ b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/MainUi.java @@ -17,6 +17,7 @@ import de.kreth.vaadin.clubhelper.vaadinclubhelper.business.EventBusiness; import de.kreth.vaadin.clubhelper.vaadinclubhelper.dao.GroupDao; import de.kreth.vaadin.clubhelper.vaadinclubhelper.dao.PersonDao; import de.kreth.vaadin.clubhelper.vaadinclubhelper.dao.PflichtenDao; +import de.kreth.vaadin.clubhelper.vaadinclubhelper.security.SecurityVerifier; @Theme("vaadin-clubhelpertheme") @SpringUI @@ -39,6 +40,9 @@ public class MainUi extends UI { @Autowired PflichtenDao pflichtenDao; + @Autowired + SecurityVerifier securityGroupVerifier; + @Override protected void init(VaadinRequest request) { @@ -49,10 +53,11 @@ public class MainUi extends UI { Navigator navigator = new Navigator(this, this); // Create and register the views - navigator.addView(MainView.VIEW_NAME, new MainView(personDao, groupDao, eventBusiness)); - navigator.addView(LoginUI.VIEW_NAME, new LoginUI(personDao)); + navigator.addView(MainView.VIEW_NAME, new MainView(personDao, groupDao, eventBusiness, securityGroupVerifier)); + navigator.addView(LoginUI.VIEW_NAME, new LoginUI(personDao, securityGroupVerifier)); navigator.addView(PersonEditView.VIEW_NAME, new PersonEditView(groupDao, personDao)); - navigator.addView(EventDetails.VIEW_NAME, new EventDetails(personDao, groupDao, eventBusiness, pflichtenDao)); + navigator.addView(EventDetails.VIEW_NAME, + new EventDetails(personDao, groupDao, eventBusiness, pflichtenDao, securityGroupVerifier)); navigator.navigateTo(MainView.VIEW_NAME); } diff --git a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/MainView.java b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/MainView.java index 4e0651e..ee141b2 100644 --- a/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/MainView.java +++ b/src/main/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/ui/MainView.java @@ -24,6 +24,7 @@ import de.kreth.vaadin.clubhelper.vaadinclubhelper.dao.GroupDao; import de.kreth.vaadin.clubhelper.vaadinclubhelper.dao.PersonDao; import de.kreth.vaadin.clubhelper.vaadinclubhelper.data.ClubEvent; import de.kreth.vaadin.clubhelper.vaadinclubhelper.data.Person; +import de.kreth.vaadin.clubhelper.vaadinclubhelper.security.SecurityVerifier; import de.kreth.vaadin.clubhelper.vaadinclubhelper.ui.components.CalendarComponent; import de.kreth.vaadin.clubhelper.vaadinclubhelper.ui.components.CalendarComponent.ClubEventProvider; import de.kreth.vaadin.clubhelper.vaadinclubhelper.ui.components.PersonGrid; @@ -36,26 +37,25 @@ public class MainView extends BorderLayout implements NamedView { private static final long serialVersionUID = 4831071242146146399L; private final Logger LOGGER = LoggerFactory.getLogger(getClass()); - private PersonGrid personGrid; + private final PersonDao personDao; + private final GroupDao groupDao; + private final EventBusiness eventBusiness; + private final SecurityVerifier securityVerifier; + private PersonGrid personGrid; private CalendarComponent calendar; - - private Person loggedinPerson; - private PersonDao personDao; - private GroupDao groupDao; - private EventBusiness eventBusiness; - private Navigator navigator; - private HeadView head; - private SingleEventView eventView; - private HorizontalLayout eventButtonLayout; - public MainView(PersonDao personDao, GroupDao groupDao, EventBusiness eventBusiness) { + private Navigator navigator; + + public MainView(PersonDao personDao, GroupDao groupDao, EventBusiness eventBusiness, + SecurityVerifier securityGroupVerifier) { this.personDao = personDao; this.groupDao = groupDao; this.eventBusiness = eventBusiness; + this.securityVerifier = securityGroupVerifier; } @Override @@ -65,9 +65,7 @@ public class MainView extends BorderLayout implements NamedView { LOGGER.info("Loaded UI and started fetch of Events"); } else { - loggedinPerson = (Person) getSession().getAttribute(Person.SESSION_LOGIN); - - if (loggedinPerson != null) { + if (securityVerifier.isLoggedin()) { LOGGER.info("{} already initialized - opening Person View.", getClass().getName()); openPersonViewForEvent(eventBusiness.getCurrent()); calendar.setToday(eventBusiness.getCurrent().getStart()); @@ -115,7 +113,8 @@ public class MainView extends BorderLayout implements NamedView { calendar.setId("main.calendar"); calendar.setHandler(this::onItemClick); - head = new HeadView(navigator, () -> calendar.getStartDate(), () -> calendar.getEndDate(), dataProvider); + head = new HeadView(navigator, () -> calendar.getStartDate(), () -> calendar.getEndDate(), dataProvider, + securityVerifier); head.updateMonthText(calendar.getStartDate()); calendar.add(dateTime -> head.updateMonthText(dateTime)); @@ -154,9 +153,8 @@ public class MainView extends BorderLayout implements NamedView { private void onItemClick(CalendarComponentEvents.ItemClickEvent event) { - loggedinPerson = (Person) getSession().getAttribute(Person.SESSION_LOGIN); ClubEvent ev = (ClubEvent) event.getCalendarItem(); - if (loggedinPerson != null) { + if (securityVerifier.isLoggedin()) { openPersonViewForEvent(ev); } else { eventBusiness.setSelected(ev); diff --git a/src/test/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/security/SecurityGroupVerifierImplTest.java b/src/test/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/security/SecurityGroupVerifierImplTest.java index bb8c6fb..3115850 100644 --- a/src/test/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/security/SecurityGroupVerifierImplTest.java +++ b/src/test/java/de/kreth/vaadin/clubhelper/vaadinclubhelper/security/SecurityGroupVerifierImplTest.java @@ -3,6 +3,7 @@ package de.kreth.vaadin.clubhelper.vaadinclubhelper.security; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; +import static org.mockito.Mockito.verify; import java.util.HashMap; import java.util.HashSet; @@ -11,6 +12,10 @@ import java.util.Set; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; +import org.mockito.Mock; +import org.mockito.MockitoAnnotations; + +import com.vaadin.server.VaadinSession; import de.kreth.vaadin.clubhelper.vaadinclubhelper.data.GroupDef; import de.kreth.vaadin.clubhelper.vaadinclubhelper.data.Person; @@ -18,14 +23,18 @@ import de.kreth.vaadin.clubhelper.vaadinclubhelper.ui.tests.TestPersonGenerator; class SecurityGroupVerifierImplTest { - private SecurityGroupVerifierImpl securityGroupVerifier; + private SecurityVerifier securityGroupVerifier; private Map groupDefinitions; private Person person; private Set personGroups; + @Mock + private VaadinSession session; @BeforeEach void setUp() throws Exception { - securityGroupVerifier = new SecurityGroupVerifierImpl(); + MockitoAnnotations.initMocks(this); + VaadinSession.setCurrent(session); + securityGroupVerifier = new SecurityVerifierImpl(); groupDefinitions = new HashMap<>(); for (SecurityGroups g : SecurityGroups.values()) { @@ -39,6 +48,11 @@ class SecurityGroupVerifierImplTest { securityGroupVerifier.setLoggedinPerson(person); } + @Test + void verifySessionHasPersonSet() { + verify(session).setAttribute(Person.SESSION_LOGIN, person); + } + @Test void verifyGroupDefinitions() { for (SecurityGroups g : SecurityGroups.values()) {