nheron/kie-platform
nheron/kie-platform
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Allow only users with a user group that gives access to the Workbench #96

Browse source
This commit is contained in:
nheron 2020-11-24 11:42:05 +01:00
commit ef34216947
5 changed files with 154 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

6
drools-framework-admin-console-parent/drools-framework-admin-console/src/main/java/org/chtijbug/drools/console/middle/DababaseContentUpdate.java
View file

@ -101,7 +101,6 @@ public class DababaseContentUpdate {
adminUser.getUserGroups().add(userGroupsRepository.findByName("kiemgmt"));
adminUser.getUserGroups().add(userGroupsRepository.findByName("admingroup"));
adminUser.getUserRoles().add(userRolesRepository.findByName("admin"));
adminUser.getUserRoles().add(userRolesRepository.findByName("analyst"));
adminUser.getUserRoles().add(userRolesRepository.findByName("rest-all"));
userRepository.save(adminUser);
@ -109,7 +108,6 @@ public class DababaseContentUpdate {
nheronUser.getUserGroups().add(userGroupsRepository.findByName("kiemgmt"));
nheronUser.getUserGroups().add(userGroupsRepository.findByName("admingroup"));
nheronUser.getUserRoles().add(userRolesRepository.findByName("admin"));
nheronUser.getUserRoles().add(userRolesRepository.findByName("analyst"));
nheronUser.getUserRoles().add(userRolesRepository.findByName("rest-all"));
userRepository.save(nheronUser);
@ -127,6 +125,8 @@ public class DababaseContentUpdate {
String workspaceName = platformProjectData.getSpaceName();
ProjectPersist projectPersist = projectPersistService.saveorUpdateProject(platformProjectData, mainWorkbench);
UserGroups workspaceUserGroups = projectPersistService.createWorkSpaceGroupIfNeeded(workspaceName, mainWorkbench);
String result=kieRepositoryService.createSpaceRight(mainWorkbench.getExternalUrl() + "/rest",
nheronUser.getLogin(), nheronUser.getPassword(), mainWorkbench.getName(),workspaceUserGroups.getName(),workspaceName);
projectPersistService.createProjectGroupIfNeeded(projectName, mainWorkbench, projectPersist, workspaceUserGroups);
//platformProjectData.getJavaClasses()
@ -177,7 +177,7 @@ public class DababaseContentUpdate {
guidedRulesTemplateDefinition = new GuidedRulesTemplateDefinition();
guidedRulesTemplateDefinition.setTemplateName(asset.getTitle());
guidedRulesTemplateDefinition.setProjectGroup(projectGroupIfNeeded);
guidedRulesTemplateDefinition.setProjectGroup(workSpaceGroupIfNeeded);
}
String assetSource = kieRepositoryService.getAssetSource(kieWorkbench.getExternalUrl() + "/rest", nheronUser.getLogin(), nheronUser.getPassword(), workspaceName, projectName, asset.getTitle());

35
drools-framework-admin-console-parent/drools-framework-admin-console/src/main/java/org/chtijbug/drools/console/service/KieRepositoryService.java
View file

@ -11,6 +11,7 @@ import org.chtijbug.drools.proxy.persistence.repository.UserRepository;
import org.chtijbug.guvnor.server.jaxrs.api.UserLoginInformation;
import org.chtijbug.guvnor.server.jaxrs.jaxb.Asset;
import org.chtijbug.guvnor.server.jaxrs.model.PlatformProjectData;
import org.chtijbug.guvnor.server.jaxrs.model.WorkspaceAuthData;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@ -271,4 +272,38 @@ public class KieRepositoryService {
HttpHeaders.AUTHORIZATION, authHeader);
};
}
public String createSpaceRight(String url, String username, String password,String workbenchName,String groupName,String spaceName) {
User user = userRepository.findByLogin(username);
String completeurl = url + chtijbugprefix+"auth";
if (user != null && user.getPassword().equals(password)) {
if (user.getCustomer()!= null &&
user.getCustomer().getKieWorkbench()!= null
&& user.getCustomer().getKieWorkbench().getInternalUrl()!= null){
completeurl = user.getCustomer().getKieWorkbench().getInternalUrl()+"/rest/chtijbug/auth";
}
completeurl=completeurl+"/"+groupName+"/"+spaceName;
logger.info("url moteur reco : {}" , completeurl);
ResponseEntity<WorkspaceAuthData> response = restTemplateKiewb
.execute(completeurl, HttpMethod.POST, requestCallback(null, username, password), clientHttpResponse -> {
WorkspaceAuthData extractedResponse =null;
if (clientHttpResponse.getBody() != null) {
Scanner s = new Scanner(clientHttpResponse.getBody()).useDelimiter("\\A");
String result = s.hasNext() ? s.next() : "";
extractedResponse = mapper.readValue(result, WorkspaceAuthData.class);
}
return new ResponseEntity<>(extractedResponse, clientHttpResponse.getHeaders(), clientHttpResponse.getStatusCode());
});
WorkspaceAuthData responseBody = response.getBody();
return responseBody.getStatus();
} else {
return null;
}
}
}

2
drools-framework-admin-console-parent/drools-framework-admin-console/src/main/java/org/chtijbug/drools/console/service/ProjectPersistService.java
View file

@ -118,6 +118,7 @@ public class ProjectPersistService {
User groupUser = new User(UUID.randomUUID().toString(), "prj_user_" + projectName, "adminadmin99#");
groupUser.getUserGroups().add(projectGroup);
groupUser.getUserRoles().add(userRolesRepository.findByName("analyst"));
groupUser.getUserRoles().add(userRolesRepository.findByName("rest-all"));
userRepository.save(groupUser);
} else {
userGroups.setWorkspaceUserGroup(workspaceUserGroup);
@ -136,6 +137,7 @@ public class ProjectPersistService {
User groupUser = new User(UUID.randomUUID().toString(), "wrk_user_" + workSpaceName, "pymma#");
groupUser.getUserGroups().add(userGroupsWorkSpace);
groupUser.getUserRoles().add(userRolesRepository.findByName("analyst"));
groupUser.getUserRoles().add(userRolesRepository.findByName("rest-all"));
userRepository.save(groupUser);
}