Skip to content

Codecrew / Moya

Go to a project
Commit 7e7e44bb by Juho Juopperi
Options

Merge branch 'master' of dev.intra.insomnia.fi:/data/bortal

2 parents 2d798437 970c39fa
Inline Side-by-side
Showing with 268 additions and 96 deletions
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/SecurityBean.java
......@@ -44,4 +44,41 @@ public class SecurityBean implements SecurityBeanLocal {
logger.debug(entry.toString(), exception);
entryFacade.create(entry);
}
public void logException(User user, Exception exception) {
LogEntryType type = typeFacade.findOrCreate(SecurityLogType.unknownException);
LogEntry entry = new LogEntry();
entry.setType(type);
entry.setTime(Calendar.getInstance());
entry.setDescription(exception.getMessage());
entry.setUser(user);
logger.debug(entry.toString(), exception);
entryFacade.create(entry);
}
public void logMessage(User user, String description) {
logMessage(SecurityLogType.genericMessage, user, description);
}
public void logMessage(SecurityLogType paramType, User user, String description) {
LogEntryType type = typeFacade.findOrCreate(paramType);
LogEntry entry = new LogEntry();
entry.setType(type);
entry.setTime(Calendar.getInstance());
entry.setDescription(description);
entry.setUser(user);
entryFacade.create(entry);
}
public void logMessage(String description) {
logMessage(SecurityLogType.genericMessage, description);
}
public void logMessage(SecurityLogType type, String description) {
logMessage(type, null, description);
}
}
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/SessionHandlerBean.java
......@@ -3,8 +3,11 @@ package fi.insomnia.bortal.beans;
import java.util.HashSet;
import java.util.Set;
import javax.annotation.Resource;
import javax.ejb.EJB;
import javax.ejb.SessionContext;
import javax.ejb.Stateless;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
......@@ -35,6 +38,7 @@ public class SessionHandlerBean implements SessionHandlerBeanLocal {
// TODO Auto-generated constructor stub
}
@Override
public boolean hasPermission(String target, User user, RolePermission permission) {
......
code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/SecurityBeanLocal.java
......@@ -7,6 +7,14 @@ import fi.insomnia.bortal.model.User;
@Local
public interface SecurityBeanLocal {
void logPermissionDenied(User user, Exception permissionDeniedException);
void logPermissionDenied(User user, Exception exception);
void logException(User user, Exception exception);
void logMessage(User user, String description);
void logMessage(SecurityLogType type, User user, String description);
void logMessage(String description);
void logMessage(SecurityLogType type, String description);
}
code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/SecurityLogType.java
package fi.insomnia.bortal.beans;
public enum SecurityLogType {
permissionDenied
permissionDenied,
unknownException,
genericMessage
}
code/LanBortalWeb/WebContent/WEB-INF/faces-config.xml
......@@ -8,7 +8,7 @@
>
<application>
<resource-bundle>
<base-name>i18n</base-name>
<base-name>resources.i18n</base-name>
<var>i18n</var>
</resource-bundle>
<message-bundle>resources.i18n</message-bundle>
......@@ -22,6 +22,7 @@
<supported-locale>fi_IN_XII</supported-locale>
<supported-locale>en_ST_v7</supported-locale>
</locale-config>
</application>
......
code/LanBortalWeb/WebContent/WEB-INF/web.xml
......@@ -17,13 +17,14 @@
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<filter>
<display-name>EventI18nFilter</display-name>
<filter-name>EventI18nFilter</filter-name>
<filter-class>fi.insomnia.bortal.i18n.EventI18nFilter</filter-class>
<display-name>HostnameFilter</display-name>
<filter-name>HostnameFilter</filter-name>
<filter-class>fi.insomnia.bortal.HostnameFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>EventI18nFilter</filter-name>
<url-pattern>/EventI18nFilter</url-pattern>
<filter-name>HostnameFilter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>
</web-app>
\ No newline at end of file
code/LanBortalWeb/WebContent/layout/default-template.xhtml
......@@ -3,6 +3,7 @@
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:tools="http://java.sun.com/jsf/composite/tools"
xmlns:ui="http://java.sun.com/jsf/facelets">
<f:view locale="#{userView.locale}">
<h:head>
......@@ -77,6 +78,9 @@
</div>
<div id="column2">
<h:messages globalOnly="true"/>
<tools:loginLogout /><br />
<ui:insert name="content">
Default content..
</ui:insert>
......
code/LanBortalWeb/WebContent/resources/tools/login/login.xhtml
......@@ -10,24 +10,24 @@
xmlns:c="http://java.sun.com/jsp/jstl/core">
<composite:interface>
<composite:attribute type="java.lang.Boolean" name="isOneliner" required="false" />
<composite:attribute name="isOneliner" required="false" />
</composite:interface>
<composite:implementation>
<h:form>
<c:choose>
<c:when test="#{isOneliner}">
<c:when test="#{not empty cc.attrs.isOneliner}">
<h:inputText value="#{sessionHandler.username}" />
<h:inputSecret value="#{sessionHandler.password}" />
<h:commandButton action="#{sessionHandler.login}" />
<h:commandButton value="#{i18n['login.submit']}" action="#{sessionHandler.login}" />
</c:when>
<c:otherwise>
<h:panelGrid columns="2">
<h:inputText value="#{sessionHandler.username}" />
<h:inputSecret value="#{sessionHandler.password}" />
<h:commandButton action="#{sessionHandler.login}" />
<h:outputText value="#{i18n['login.username']}" /> <h:inputText value="#{sessionHandler.username}" />
<h:outputText value="#{i18n['login.password']}" /> <h:inputSecret value="#{sessionHandler.password}" />
<h:commandButton value="#{i18n['login.submit']}" action="#{sessionHandler.login}" />
</h:panelGrid>
</c:otherwise>
......
code/LanBortalWeb/WebContent/resources/tools/role/list.xhtml
......@@ -2,56 +2,54 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html
xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:composite="http://java.sun.com/jsf/composite"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:c="http://java.sun.com/jsp/jstl/core"
xmlns:tools="http://java.sun.com/jsf/composite/tools">
<composite:interface>
</composite:interface>
<composite:implementation>
<h:form>
<tools:canRead target="roleManagement">
<h:dataTable
border="1"
id="user"
value="#{roleView.roles}"
var="role">
<h:column>
<f:facet name="header">
<h:outputText value="#" />
</f:facet>
<h:outputText value="#{role.id}" />
</h:column>
<h:column>
<f:facet name="header">
<h:outputText value="#{i18n['role.name']}" />
</f:facet>
<h:outputText value="#{role.name}" />
</h:column>
<tools:canWrite target="roleManagement">
<h:column>
<f:facet name="header">
<h:outputText value="Edit" />
</f:facet>
<h:commandButton
action="#{roleView.edit()}"
value="Edit" />
</h:column>
</tools:canWrite>
</h:dataTable>
</tools:canRead>
</h:form>
</tools:authorization>
</composite:implementation>
xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:composite="http://java.sun.com/jsf/composite"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:c="http://java.sun.com/jsp/jstl/core"
xmlns:tools="http://java.sun.com/jsf/composite/tools">
<composite:interface>
</composite:interface>
<composite:implementation>
<h:form>
<tools:canRead target="roleManagement">
<h:dataTable
border="1"
id="user"
value="#{roleView.roles}"
var="role">
<h:column>
<f:facet name="header">
<h:outputText value="#" />
</f:facet>
<h:outputText value="#{role.id}" />
</h:column>
<h:column>
<f:facet name="header">
<h:outputText value="#{i18n['role.name']}" />
</f:facet>
<h:outputText value="#{role.name}" />
</h:column>
<tools:canWrite target="roleManagement">
<h:column>
<f:facet name="header">
<h:outputText value="Edit" />
</f:facet>
<h:commandButton
action="#{roleView.edit()}"
value="Edit" />
</h:column>
</tools:canWrite>
</h:dataTable>
</tools:canRead>
</h:form>
</composite:implementation>
</html>
code/LanBortalWeb/WebContent/user/list.xhtml
......@@ -16,8 +16,8 @@
<ui:define name="header">Edit user</ui:define>
<ui:define name="content">
<users:list />
<users:list />
</ui:define>
<ui:define name="footer">footer</ui:define>
</ui:composition>
......
code/LanBortalWeb/src/fi/insomnia/bortal/HostnameFilter.java 0 → 100644
package fi.insomnia.bortal;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* Servlet Filter implementation class HostnameFilter
*/
public class HostnameFilter implements Filter {
private static final String HTTP_URL_HOSTNAME = "HTTP_URL_HOSTNAME";
private static final Logger logger = LoggerFactory.getLogger(HostnameFilter.class);
/**
* Default constructor.
*/
public HostnameFilter() {
// TODO Auto-generated constructor stub
}
/**
* @see Filter#destroy()
*/
public void destroy() {
// Nothing...
}
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
if (request != null && request instanceof HttpServletRequest) {
HttpServletRequest httpRequest = ((HttpServletRequest) request);
StringBuffer url = httpRequest.getRequestURL();
logger.warn("request URL: {}", url);
int beginindex = 7; // Let's skip http://
int slashindex = url.indexOf("/", beginindex); // Find the first
// / from URL
// after http://
int colonindex = url.indexOf(":", beginindex);
int lastindex = slashindex;
if (slashindex > colonindex) {
lastindex = colonindex;
}
if (lastindex < 0) {
lastindex = url.length() - 1;
}
logger.warn("begin: {}, last {}", beginindex, lastindex);
String hostname = url.substring(beginindex, lastindex);
logger.info("Setting hostname to {} ", hostname);
httpRequest.getSession().setAttribute(HTTP_URL_HOSTNAME, hostname);
}
// pass the request along the filter chain
chain.doFilter(request, response);
}
/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig fConfig) throws ServletException {
// Nothing...
}
public static String getHostname(HttpSession sess) {
String ret = null;
if (sess != null) {
Object retObj = sess.getAttribute(HTTP_URL_HOSTNAME);
if (retObj != null)
ret = retObj.toString();
}
return ret;
}
}
code/LanBortalWeb/src/fi/insomnia/bortal/handler/SessionHandler.java
......@@ -6,9 +6,12 @@
package fi.insomnia.bortal.handler;
import javax.ejb.EJB;
import javax.enterprise.context.SessionScoped;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.SessionScoped;
import javax.faces.context.FacesContext;
import javax.servlet.http.HttpSession;
import fi.insomnia.bortal.HostnameFilter;
import fi.insomnia.bortal.beans.RolePermission;
import fi.insomnia.bortal.beans.SessionHandlerBeanLocal;
import fi.insomnia.bortal.model.User;
......@@ -43,6 +46,13 @@ public class SessionHandler {
return hasPermission(target, perm);
}
public String getHostname()
{
FacesContext ctx = FacesContext.getCurrentInstance();
HttpSession sess =(HttpSession) ctx.getExternalContext().getSession(false);
return HostnameFilter.getHostname(sess);
}
public boolean hasPermission(String target, RolePermission permission) {
return true;
......
code/LanBortalWeb/src/fi/insomnia/bortal/view/UserView.java
......@@ -6,12 +6,16 @@ import javax.ejb.EJB;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.ManagedProperty;
import javax.faces.bean.SessionScoped;
import javax.faces.context.FacesContext;
import javax.faces.model.ListDataModel;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import fi.insomnia.bortal.HostnameFilter;
import fi.insomnia.bortal.beans.SecurityBeanLocal;
import fi.insomnia.bortal.beans.SessionHandlerBeanLocal;
import fi.insomnia.bortal.beans.UserBeanLocal;
import fi.insomnia.bortal.exceptions.PermissionDeniedException;
import fi.insomnia.bortal.handler.SessionHandler;
......@@ -20,9 +24,12 @@ import fi.insomnia.bortal.model.User;
@ManagedBean(name = "userView")
@SessionScoped
public class UserView {
@ManagedProperty("#{sessionHandler}")
private SessionHandler sessionhandler;
@EJB
private SessionHandlerBeanLocal sessionbean;
@EJB
private UserBeanLocal userBean;
......@@ -39,14 +46,16 @@ public class UserView {
return "userEdit";
}
public String getLocale() {
return "en_IN_XII";
return "en_ST_v7";
}
public String createUser() {
if (!sessionhandler.canWrite("userManagement")) {
if (!getSessionhandler().canWrite("userManagement")) {
// Give message to administration what happened here.
throw new PermissionDeniedException(securitybean, sessionhandler.getUser(), "User " + sessionhandler.getUser() + " does not have permission to create user!");
throw new PermissionDeniedException(securitybean, getSessionhandler().getUser(), "User " + getSessionhandler().getUser() + " does not have permission to create user!");
}
logger.info("Saving user");
......@@ -102,4 +111,11 @@ public class UserView {
public User getUser() {
return user;
}
public void setSessionhandler(SessionHandler sessionhandler) {
this.sessionhandler = sessionhandler;
}
public SessionHandler getSessionhandler() {
return sessionhandler;
}
}
code/LanBortalWeb/src/resources/i18n.properties
......@@ -16,3 +16,4 @@ user.validate.notUniqueUsername=i18n K\u00E4ytt\u00E4j\u00E4tunnus on jo olemass
fallbackstr="fallback default"
teststr=default locale test
defaultstr="Something default..."
logout=H\u00E4ivy
code/LanBortalWeb/src/resources/i18n_en.properties
user.username=K\u00e4ytt\u00e4j\u00e4tunnus
user.username=K\u00E4ytt\u00E4j\u00E4tunnus
user.realname=Nimi
user.password=Salasana
user.email=S\u00e4hk\u00e4postiosoite
user.email=S\u00E4hk\u00E4postiosoite
user.phone=Puhelinnumero
user.bankaccount=Tilinumero
user.bank=Pankki
save=Tallenna
cancel=Peruuta
login.username=K\u00e4ytt\u00e4j\u00e4tunnus:
login.username=K\u00E4ytt\u00E4j\u00E4tunnus:
login.password=Salasana:
login.submit=Kirjaudu sis\u00e4\u00e4n
login.submit=Kirjaudu sis\u00E4\u00E4n
user.validate.notUniqueUsername=i18n K\u00e4ytt\u00e4j\u00e4tunnus on jo olemassa. Ole hyv\u00e4 ja valitse toinen tunnus.
user.validate.notUniqueUsername=i18n K\u00E4ytt\u00E4j\u00E4tunnus on jo olemassa. Ole hyv\u00E4 ja valitse toinen tunnus.
fallbackstr="fallback default"
teststr=default locale test
defaultstr="Something default..."
logout=H\u00E4ivy
code/LanBortalWeb/src/resources/i18n_en_ST.properties
user.username=Kyttjtunnus
user.username=K\u00E4ytt\u00E4j\u00E4tunnus
user.realname=Nimi
user.password=Salasana
user.email=Shkpostiosoite
user.email=S\u00E4hk\u00F6postiosoite
user.phone=Puhelinnumero
user.bankaccount=Tilinumero
user.bank=Pankki
save=Tallenna
cancel=Peruuta
login.username=Kyttjtunnus:
login.username=K\u00E4ytt\u00E4j\u00E4tunnus:
login.password=Salasana:
login.submit=Kirjaudu sisn
login.submit=Kirjaudu sis\u00E4\u00E4n
user.validate.notUniqueUsername=i18n Kyttjtunnus on jo olemassa. Ole hyv ja valitse toinen tunnus.
user.validate.notUniqueUsername=i18n K\u00E4ytt\u00E4j\u00E4tunnus on jo olemassa. Ole hyv\u00E4 ja valitse toinen tunnus.
fallbackstr="fallback default"
teststr=default locale test
defaultstr="Something default..."
logout=H\u00E4ivy
code/LanBortalWeb/src/resources/i18n_en_ST_v7.properties
user.username=Kyttjtunnus
user.username=K\u00E4ytt\u00E4j\u00E4tunnus
user.realname=Nimi
user.password=Salasana
user.email=Shkpostiosoite
user.email=S\u00E4hk\u00F6postiosoite
user.phone=Puhelinnumero
user.bankaccount=Tilinumero
user.bank=Pankki
save=Tallenna
cancel=Peruuta
login.username=Kyttjtunnus:
login.username=K\u00E4ytt\u00E4j\u00E4tunnus:
login.password=Salasana:
login.submit=Kirjaudu sisn
login.submit=Kirjaudu sis\u00E4\u00E4n
user.validate.notUniqueUsername=i18n Kyttjtunnus on jo olemassa. Ole hyv ja valitse toinen tunnus.
user.validate.notUniqueUsername=i18n K\u00E4ytt\u00E4j\u00E4tunnus on jo olemassa. Ole hyv\u00E4 ja valitse toinen tunnus.
fallbackstr="fallback default"
teststr=default locale test
defaultstr="Something default..."
logout=H\u00E4ivy
code/LanBortalWeb/src/resources/i18n_fi_IN.properties
user.username=Kyttjtunnus
user.username=K\u00E4ytt\u00E4j\u00E4tunnus
user.realname=Nimi
user.password=Salasana
user.email=Shkpostiosoite
user.email=S\u00E4hk\u00F6postiosoite
user.phone=Puhelinnumero
user.bankaccount=Tilinumero
user.bank=Pankki
save=Tallenna
cancel=Peruuta
login.username=Kyttjtunnus:
login.username=K\u00E4ytt\u00E4j\u00E4tunnus:
login.password=Salasana:
login.submit=Kirjaudu sisn
login.submit=Kirjaudu sis\u00E4\u00E4n
user.validate.notUniqueUsername=i18n Kyttjtunnus on jo olemassa. Ole hyv ja valitse toinen tunnus.
user.validate.notUniqueUsername=i18n K\u00E4ytt\u00E4j\u00E4tunnus on jo olemassa. Ole hyv\u00E4 ja valitse toinen tunnus.
teststr=brlocale test
fallbackstr=InsomniaSpecific fallback
\ No newline at end of file
fallbackstr=InsomniaSpecific fallback
logout=H\u00E4ivy
code/LanBortalWeb/src/resources/i18n_fi_IN_XII.properties
teststr=XII locale test
\ No newline at end of file
teststr=XII locale test
logout=H\u00E4ivy
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!