root/trunk/grails-app/domain/dbnp/authentication/SecUser.groovy @ 2229

Revision 2229, 2.7 KB (checked in by work@…, 2 years ago)

Make sure all existing users also have an api key

  • Property svn:keywords set to Rev Author Date
Line 
1package dbnp.authentication
2
3class SecUser implements Serializable {
4        String username         // for shibboleth this is request header: persistent-id
5        String password         // for shibboleth this is springSecurityService.encodePassword("myDummyPassword", shibPersistentId)
6        String displayName              // shibboleth request header: displayName
7        String organization             // shibboleth request header: schacHomeOrganization
8        String uid                              // shibboleth request header: uid
9        String voName                   // shibboleth request header: coin-vo-name
10        String userStatus               // shibboleth request header: coin-user-status
11        String email
12    String apiKey           // api key for clients using the API
13        Date dateCreated
14
15        boolean shibbolethUser = false
16        boolean enabled
17        boolean accountExpired
18        boolean accountLocked
19        boolean passwordExpired
20        boolean userConfirmed   // True if the user has confirmed his subscription using the link in the email
21        boolean adminConfirmed  // True if the administrator has confirmed this subscription using the link in the email
22
23        static constraints = {
24                username blank: false, unique: true
25                password blank: true
26                email blank: false
27                displayName nullable: true
28                organization nullable: true
29                uid nullable: true
30                voName nullable: true
31                userStatus nullable: true
32        apiKey nullable: true, unique: true
33        }
34
35        static mapping = {
36                password column: '`password`'
37                enabled formula: 'USER_CONFIRMED AND ADMIN_CONFIRMED'
38        }
39
40        Set<SecRole> getAuthorities() {
41                SecUserSecRole.findAllBySecUser(this).collect { it.secRole } as Set
42        }
43
44        public boolean equals(Object y) {
45                if (!(y instanceof SecUser)) {
46                        return false;
47                }
48
49                if (y == null) return false;
50
51                return this.id == y.id
52        }
53
54        public boolean hasAdminRights() {
55                return getAuthorities().contains(SecRole.findByAuthority('ROLE_ADMIN'));
56        }
57       
58        /**
59         * Delete all remote logins for this user as well.
60         */
61        def beforeDelete = {
62                executeUpdate( "DELETE FROM SessionAuthenticatedUser sau WHERE sau.secUser = :secUser", [ "secUser": this ] );
63        }
64
65    /**
66     * Generate a shared secret for this user
67     * @void
68     */
69    def beforeInsert = {
70        // generate an apiKey for this user
71        apiKey = UUID.randomUUID().toString()
72    }
73
74    /**
75     * Make sure every user has an api key
76     */
77    def onLoad = {
78        // make sure a user has an api key
79        if (!apiKey) {
80            // generate an apiKey for this user
81            apiKey = UUID.randomUUID().toString()
82
83            // save ourselves
84            this.save()
85
86            // and refresh
87            this.refresh()
88        }
89    }
90
91        /**
92         * return the text representation of this user
93         * @return
94         */
95        def String toString() {
96                if (shibbolethUser) {
97                        return displayName
98                } else {
99                        return username
100                }
101        }
102}
Note: See TracBrowser for help on using the browser.