Changeset 976 for trunk/grails-app/conf


Ignore:
Timestamp:
Oct 21, 2010, 5:28:04 PM (11 years ago)
Author:
robert@…
Message:

Authentication and authorization for studies is added, according to ticket 118

Location:
trunk/grails-app/conf
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/grails-app/conf/BaseFilters.groovy

    r776 r976  
    2929                        }
    3030                }
     31
    3132        }
    3233}
  • trunk/grails-app/conf/BootStrap.groovy

    r939 r976  
    66import org.codehaus.groovy.grails.commons.GrailsApplication
    77import grails.util.GrailsUtil
    8 import org.nmcdsp.plugins.aaaa.SecUser
     8import dbnp.authentication.*
    99
    1010
     
    2626                System.setProperty('user.timezone', 'CET')
    2727
    28                 def user = SecUser.findByUsername('user') ?: new SecUser(
     28                def adminRole = SecRole.findByAuthority( 'ROLE_ADMIN' ) ?: new SecRole( authority: 'ROLE_ADMIN' ).save()
     29
     30                def user = SecUser.findByUsername('user') ?: new SecUser(
    2931                           username: 'user',
    30                            password: springSecurityService.encodePassword('useR123!'),
    31                            enabled: true).save(failOnError: true)
     32                           password: springSecurityService.encodePassword( 'useR123!', 'user' ),
     33                           email: 'user@dbnp.org',
     34                           userConfirmed: true, adminConfirmed: true).save(failOnError: true)
    3235
    3336                def userAdmin = SecUser.findByUsername('admin') ?: new SecUser(
    3437                                username: 'admin',
    35                                 password: springSecurityService.encodePassword('admiN123!'),
    36                                 enabled: true).save(failOnError: true)
     38                                password: springSecurityService.encodePassword( 'admiN123!', 'admin' ),
     39                                email: 'admin@dbnp.org',
     40                                userConfirmed: true, adminConfirmed: true).save(failOnError: true)
     41
     42                // Make the admin user an administrator
     43                SecUserSecRole.create userAdmin, adminRole, true
    3744
    3845                def userTest = SecUser.findByUsername('test') ?: new SecUser(
    3946                                username: 'test',
    40                                 password: springSecurityService.encodePassword('testT123!'),
    41                                 enabled: true).save(failOnError: true)
    42                
    43                 println "Done with SpringSecurity bootstrap, created [user, admin, test]."
     47                                password: springSecurityService.encodePassword( 'useR123!', 'test' ),
     48                                email: 'test@dbnp.org',
     49                            userConfirmed: true, adminConfirmed: true).save(failOnError: true)
     50
     51                println "Done with SpringSecurity bootstrap, created [user, admin, test]."
    4452
    4553                // If there are no templates yet in the database
     
    8189                                } else {
    8290                                        // general study boostrapping
    83                                         BootStrapStudies.addExampleStudies(user)
     91                                        BootStrapStudies.addExampleStudies(user, userAdmin)
    8492                                }
    8593                        }
  • trunk/grails-app/conf/BootStrapStudies.groovy

    r948 r976  
    2121         */
    2222
    23         public static void addExampleStudies(org.nmcdsp.plugins.aaaa.SecUser owner) {
     23        public static void addExampleStudies(dbnp.authentication.SecUser owner, dbnp.authentication.SecUser otherUser ) {
    2424
    2525                // Look up the used ontologies which should be in the database by now
     
    171171                        ecCode:"2007117.c",
    172172                        startDate: Date.parse('yyyy-MM-dd','2008-01-02'),
    173                         owner: owner
     173                        owner: owner,
     174                        readers: [otherUser]
    174175                ).with { if (!validate()) { errors.each { println it} } else save()}
    175176
     
    378379                        ecCode:"unknown",
    379380                        startDate: Date.parse('yyyy-MM-dd','2008-01-14'),
    380                         owner: owner
     381                        owner: owner,
     382                        writers: [otherUser]
    381383                )
    382384                .setFieldValue( 'Description', "Human study performed at RRI; centres involved: RRI, IFR, TUM, Maastricht U." )
  • trunk/grails-app/conf/Config.groovy

    r936 r976  
    157157
    158158// Needed for the Spring Security Core plugin:
    159 grails.plugins.springsecurity.userLookup.userDomainClassName = 'org.nmcdsp.plugins.aaaa.SecUser'
    160 grails.plugins.springsecurity.userLookup.authorityJoinClassName = 'org.nmcdsp.plugins.aaaa.SecUserSecRole'
    161 grails.plugins.springsecurity.authority.className = 'org.nmcdsp.plugins.aaaa.SecRole'
     159grails.plugins.springsecurity.userLookup.userDomainClassName = 'dbnp.authentication.SecUser'
     160grails.plugins.springsecurity.userLookup.authorityJoinClassName = 'dbnp.authentication.SecUserSecRole'
     161grails.plugins.springsecurity.authority.className = 'dbnp.authentication.SecRole'
     162grails.plugins.springsecurity.password.algorithm = 'SHA-256'
     163grails.plugins.springsecurity.password.encodeHashAsBase64 = true
     164grails.plugins.springsecurity.dao.reflectionSaltSourceProperty = 'username' // Use the persons username as salt for encryption
     165grails.plugins.springsecurity.securityConfigType = grails.plugins.springsecurity.SecurityConfigType.Annotation
     166
     167// Make sure the different controllers provided by springsecurity.ui are only accessible by administrators
     168// NB: the RegisterController is used for forgotten passwords. It should be accessible by anyone
     169grails.plugins.springsecurity.controllerAnnotations.staticRules = [
     170    '/user/**': ['ROLE_ADMIN'],
     171    '/role/**': ['ROLE_ADMIN'],
     172    '/aclclass/**': ['ROLE_ADMIN'],
     173    '/aclentry/**': ['ROLE_ADMIN'],
     174    '/aclobjectidentity/**': ['ROLE_ADMIN'],
     175    '/aclsid/**': ['ROLE_ADMIN'],
     176    '/persistentlogin/**': ['ROLE_ADMIN'],
     177    '/registrationcode/**': ['ROLE_ADMIN'],
     178    '/requestmap/**': ['ROLE_ADMIN'],
     179    '/securityinfo/**': ['ROLE_ADMIN']
     180]
     181
     182
     183// Needed for sending emails
     184grails {
     185    mail {
     186        host = "smtp.gmail.com"
     187        port = 465
     188        username = "gscfproject@gmail.com"
     189        password = "gscf2010"
     190        props = [
     191            "mail.smtp.auth":"true",
     192            "mail.smtp.socketFactory.port": '465',
     193            "mail.smtp.socketFactory.class": "javax.net.ssl.SSLSocketFactory",
     194            "mail.smtp.socketFactory.fallback": "false"
     195        ]
     196    }
     197}
    162198
    163199// The OAuth consumer key and secret variables are currently replaced by Jeroen's Continuous Integration script.
     
    173209        }
    174210}
     211
Note: See TracChangeset for help on using the changeset viewer.