Changeset 985

Timestamp:

Oct 25, 2010, 3:28:44 PM (13 years ago)

Author:

robert@…

Message:

Removed spring-security-ui plugin to decrease dependencies. The functionality (user management and password resets) was copied to gscf itself.

Location:

trunk

Files:

• application.properties (modified) (2 diffs)
• grails-app/conf/Config.groovy (modified) (1 diff)
• grails-app/controllers/dbnp/authentication/RegisterController.groovy (modified) (1 diff)
• grails-app/controllers/dbnp/authentication/UserController.groovy (added)
• grails-app/domain/dbnp/authentication/RegistrationCode.groovy (added)
• grails-app/i18n/messages.spring-security-ui.properties (added)
• grails-app/views/common/_login_panel.gsp (modified) (1 diff)
• grails-app/views/common/_topnav.gsp (modified) (2 diffs)
• grails-app/views/email/_passwordReset.gsp (added)
• grails-app/views/register/resetPassword.gsp (modified) (1 diff)
• grails-app/views/user/create.gsp (modified) (1 diff)
• grails-app/views/user/edit.gsp (modified) (5 diffs)
• grails-app/views/user/search.gsp (modified) (5 diffs)

trunk/application.properties

@@ -1 +1 @@
 #Grails Metadata file
-#Fri Oct 22 12:28:07 CEST 2010
+#Mon Oct 25 15:00:21 CEST 2010
 app.grails.version=1.3.5
 app.name=gscf
@@ -7 +7 @@
 plugins.crypto=2.0
 plugins.db-util=0.4
-plugins.famfamfam=1.0.1
 plugins.grom=0.1.2
 plugins.hibernate=1.3.5
 plugins.jquery=1.4.3.2
-plugins.jquery-ui=1.8.4.3
 plugins.mail=0.9
 plugins.oauth=0.10
 plugins.searchable=0.5.5.1
 plugins.spring-security-core=1.0.1
-plugins.spring-security-ui=0.1.2
 plugins.tomcat=1.3.5
 plugins.webflow=1.3.4

trunk/grails-app/conf/Config.groovy

@@ -166 +166 @@
 grails.plugins.springsecurity.successHandler.targetUrlParameter = 'spring-security-redirect'
 
+// Needed for the (copy of) the Spring Security UI plugin
+grails.plugins.springsecurity.ui.forgotPassword.emailFrom = 'gscf@dbnp.org'
+grails.plugins.springsecurity.ui.forgotPassword.emailSubject = 'Password reset GSCF'
+
 // Make sure the different controllers provided by springsecurity.ui are only accessible by administrators
 // NB: the RegisterController is used for forgotten passwords. It should be accessible by anyone

trunk/grails-app/controllers/dbnp/authentication/RegisterController.groovy

@@ +1 @@
+/* Copyright 2009-2010 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package dbnp.authentication
 
-import grails.plugins.springsecurity.Secured
-import grails.plugins.springsecurity.ui.*
+import groovy.text.SimpleTemplateEngine
+
+import org.codehaus.groovy.grails.commons.ApplicationHolder as AH
+import org.codehaus.groovy.grails.plugins.springsecurity.NullSaltSource
 import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
-import org.codehaus.groovy.grails.plugins.springsecurity.ui.RegistrationCode
 
-class RegisterController extends grails.plugins.springsecurity.ui.RegisterController {
+/**
+ * @author <a href='mailto:burt@burtbeckwith.com'>Burt Beckwith</a>
+ */
+class RegisterController {
 
-    // The registration should be done using the UserRegistration controller
-    @Secured(['ROLE_ADMIN'])
-    def index = {
-        throw new Exception( "Method should not be called!" )
-    }
+        def springSecurityService
+        def mailService
+        
+        static defaultAction = 'index'
 
+        def saltSource
+
+        def index = {
+                [command: new RegisterCommand()]
+        }
+
+        def forgotPassword = {
+
+                if (!request.post) {
+                        // show the form
+                        return
+                }
+
+                String username = params.username
+                if (!username) {
+                        flash.error = message(code: 'spring.security.ui.forgotPassword.username.missing')
+                        return
+                }
+
+                def user = SecUser.findByUsername(username)
+                if (!user) {
+                        flash.error = message(code: 'spring.security.ui.forgotPassword.user.notFound')
+                        return
+                }
+
+                def registrationCode = new RegistrationCode(username: user.username).save()
+
+                String url = generateLink('resetPassword', [t: registrationCode.token])
+
+                def conf = SpringSecurityUtils.securityConfig
+                def body = g.render(template:'/email/passwordReset', model: [user: user, url: url])
+                
+                mailService.sendMail {
+                        to user.email
+                        from conf.ui.forgotPassword.emailFrom
+                        subject conf.ui.forgotPassword.emailSubject
+                        html body.toString()
+                }
+
+                [emailSent: true]
+        }
+
+        def resetPassword = { ResetPasswordCommand command ->
+
+                String token = params.t
+
+                def registrationCode = token ? RegistrationCode.findByToken(token) : null
+                if (!registrationCode) {
+                        flash.error = message(code: 'spring.security.ui.resetPassword.badCode')
+                        redirect uri: SpringSecurityUtils.securityConfig.successHandler.defaultTargetUrl
+                        return
+                }
+
+                if (!request.post) {
+                        return [token: token, command: new ResetPasswordCommand()]
+                }
+
+                command.username = registrationCode.username
+                command.validate()
+
+                if (command.hasErrors()) {
+                        return [token: token, command: command]
+                }
+
+                String salt = registrationCode.username
+                RegistrationCode.withTransaction { status ->
+                        def user = SecUser.findByUsername(registrationCode.username)
+                        user.password = springSecurityService.encodePassword(command.password, salt)
+                        user.save()
+                        registrationCode.delete()
+                }
+
+                springSecurityService.reauthenticate registrationCode.username
+
+                flash.message = message(code: 'spring.security.ui.resetPassword.success')
+
+                def conf = SpringSecurityUtils.securityConfig
+                String postResetUrl = conf.ui.register.postResetUrl ?: conf.successHandler.defaultTargetUrl
+                redirect uri: postResetUrl
+        }
+
+        protected String generateLink(String action, linkParams) {
+                createLink(base: "$request.scheme://$request.serverName:$request.serverPort$request.contextPath",
+                                controller: 'register', action: action,
+                                params: linkParams)
+
+        }
+
+        protected String evaluate(s, binding) {
+                new SimpleTemplateEngine().createTemplate(s).make(binding)
+        }
+
+        static final passwordValidator = { String password, command ->
+                if (command.username && command.username.equals(password)) {
+                        return 'command.password.error.username'
+                }
+
+                if (!password || password.length() < 8 || password.length() > 64 ||
+                                (!password.matches('^.*\\p{Alpha}.*$') ||
+                                !password.matches('^.*\\p{Digit}.*$') ||
+                                !password.matches('^.*[!@#$%^&].*$'))) {
+                        return 'command.password.error.strength'
+                }
+        }
+
+        static final password2Validator = { value, command ->
+                if (command.password != command.password2) {
+                        return 'command.password2.error.mismatch'
+                }
+        }
 }
+
+class RegisterCommand {
+
+        String username
+        String email
+        String password
+        String password2
+
+        static constraints = {
+                username blank: false, validator: { value, command ->
+                        if (value) {
+                                def User = AH.application.getDomainClass(
+                                        SpringSecurityUtils.securityConfig.userLookup.userDomainClassName).clazz
+                                if (User.findByUsername(value)) {
+                                        return 'registerCommand.username.unique'
+                                }
+                        }
+                }
+                email blank: false, email: true
+                password blank: false, minSize: 8, maxSize: 64, validator: RegisterController.passwordValidator
+                password2 validator: RegisterController.password2Validator
+        }
+}
+
+class ResetPasswordCommand {
+        String username
+        String password
+        String password2
+
+        static constraints = {
+                password blank: false, minSize: 8, maxSize: 64, validator: RegisterController.passwordValidator
+                password2 validator: RegisterController.password2Validator
+        }
+}

trunk/grails-app/views/common/_login_panel.gsp

@@ -7 +7 @@
                                 <h2>version <b>${meta(name: 'app.version')}</b></h2>
                                 <p class="grey">Please use the forms on the right to either log in if you already have an account, or sign up if you think this data support platform suits your needs.</p>
-                                <p class="grey">Note that <span class="red">registration</span> and <span class="red">password reminders</span> are not yet implemented and hence <span class="red">do not work</span> at this moment!</p>
                                 <g:if test="${flash.message}"><p class="red">${flash.message}</p></g:if>
                         </div>

trunk/grails-app/views/common/_topnav.gsp

@@ -5 +5 @@
 <sec:ifLoggedIn>
      <li><g:link controller="study" action="myStudies">My studies</g:link></li>
-</sec:ifLoggedIn>     <li>
+</sec:ifLoggedIn>
+        <li>
       <a href="#">Studies</a>
       <ul class="subnav">
@@ -44 +45 @@
             <li><g:link controller="user" class="icon icon_user">List Users</g:link></li>
             <li><g:link controller="user" action="create" class="icon icon_user_add">Create User</g:link></li>
-            <li><g:link controller="role" class="icon icon_cog">List Roles</g:link></li>
-            <li><g:link controller="role" action="create" class="icon icon_cog_add">Create Role</g:link></li>
             <li><g:link controller="logout" class="icon icon_cross">Sign out</g:link></li>
           </ul>

trunk/grails-app/views/register/resetPassword.gsp

@@ -7 +7 @@
 
 <p/>
+        <g:form action='resetPassword' name='resetPasswordForm' autocomplete='off'>
+        <g:hiddenField name='t' value='${token}'/>
+          <div class="sign-in">
 
-        <g:form action='resetPassword' name='resetPasswordForm' autocomplete='off'>
-        <g:hiddenField name='t' value='${token}'/>
-        <div class="sign-in">
+                <g:hasErrors bean="${command}">
+                  <p>Both passwords should match, contain more than 8 and less than 64 characters.</p>
+                  <p>Also, passwords should contain at least one letter, one number and one symbol.</p>
+                </g:hasErrors>
 
-        <br/>
-        <h4><g:message code='spring.security.ui.resetPassword.description'/></h4>
+                <br/>
+                <h4><g:message code='spring.security.ui.resetPassword.description'/></h4>
 
-        <table>
-                <s2ui:passwordFieldRow name='password' labelCode='resetPasswordCommand.password.label' bean="${command}"
-                             labelCodeDefault='Password' value="${command?.password}"/>
+                <table>
+                  <tr><td>Password</td><td><g:passwordField name="password" value="${command?.password}" /></td></tr>
+                  <tr><td>Password (again)</td><td>
+                        <g:passwordField name="password2" value="${command?.password2}" />
+                  </td></tr>
+                </table>
 
-                <s2ui:passwordFieldRow name='password2' labelCode='resetPasswordCommand.password2.label' bean="${command}"
-                             labelCodeDefault='Password (again)' value="${command?.password2}"/>
-        </table>
+                <input type="submit" value="Reset my password" />
 
-        <input type="submit" value="Reset my password" />
-
-
-        </div>
+          </div>
         </g:form>
 

trunk/grails-app/views/user/create.gsp

@@ -1 +1 @@
 <head>
-        <meta name='layout' content='springSecurityUI'/>
+        <meta name='layout' content='main'/>
         <g:set var="entityName" value="${message(code: 'user.label', default: 'User')}"/>
         <title><g:message code="default.create.label" args="[entityName]"/></title>
+
+    <script type="text/javascript">
+      // This method is called on the event body.onLoad
+      $(function() {
+              $("#tabs").tabs();
+      });
+    </script>
 </head>
 
 <body>
-
+    <script src="${resource(dir: 'js', file: 'jquery-callback-1.2.js')}" type="text/javascript"></script>
 <h3><g:message code="default.create.label" args="[entityName]"/></h3>
 
-<g:form action="save" name='userCreateForm'>
+<g:form action="save" name='userCreateForm' class="button-style">
 
-<%
-def tabData = []
-tabData << [name: 'userinfo', icon: 'icon_user',  messageCode: 'spring.security.ui.user.info']
-tabData << [name: 'roles',    icon: 'icon_role', messageCode: 'spring.security.ui.user.roles']
-%>
+      <div id="tabs">
+        <ul>
+          <li><a href="#userinfo">User info</a></li>
+          <li><a href="#roles">Roles</a></li>
+        </ul>
 
-<s2ui:tabs elementId='tabs' height='375' data="${tabData}">
+        <div id="userinfo">
 
-        <s2ui:tab name='userinfo' height='280'>
-                <table>
-                <tbody>
+                  <table>
+                  <tbody>
+                        <tr><td>Username</td><td><g:textField name="username" value="${user?.username}"/></td></tr>
+                        <tr><td>Password</td><td><g:passwordField name="password" value="${user?.password}"/></td></tr>
+                        <tr><td>Email address</td><td><g:textField name="email" value="${user?.email}"/></td></tr>
+                        <tr><td>User confirmed</td><td><g:checkBox name="userConfirmed" value="${user?.userConfirmed}"/></td></tr>
+                        <tr><td>Admin confirmed</td><td><g:checkBox name="adminConfirmed" value="${user?.adminConfirmed}"/></td></tr>
+                        <tr><td>Account expired</td><td><g:checkBox name="accountExpired" value="${user?.accountExpired}"/></td></tr>
+                        <tr><td>Account locked</td><td><g:checkBox name="accountLocked" value="${user?.accountLocked}"/></td></tr>
+                        <tr><td>Password expired</td><td><g:checkBox name="passwordExpired" value="${user?.passwordExpired}"/></td></tr>
 
-                        <s2ui:textFieldRow name='username' labelCode='user.username.label' bean="${user}"
-                            labelCodeDefault='Username' value="${user?.username}"/>
-
-                        <s2ui:passwordFieldRow name='password' labelCode='user.password.label' bean="${user}"
-                                labelCodeDefault='Password' value="${user?.password}"/>
-
-                        <s2ui:checkboxRow name='userConfirmed' labelCode='user.confirmed.label' bean="${user}"
-                           labelCodeDefault='Confirmed (by user)' value="${user?.userConfirmed}"/>
-
-                        <s2ui:checkboxRow name='adminConfirmed' labelCode='user.approved.label' bean="${user}"
-                           labelCodeDefault='Approved (by administrator)' value="${user?.adminConfirmed}"/>
-
-                        <s2ui:checkboxRow name='accountExpired' labelCode='user.accountExpired.label' bean="${user}"
-                           labelCodeDefault='Account Expired' value="${user?.accountExpired}"/>
-
-                        <s2ui:checkboxRow name='accountLocked' labelCode='user.accountLocked.label' bean="${user}"
-                           labelCodeDefault='Account Locked' value="${user?.accountLocked}"/>
-
-                        <s2ui:checkboxRow name='passwordExpired' labelCode='user.passwordExpired.label' bean="${user}"
-                           labelCodeDefault='Password Expired' value="${user?.passwordExpired}"/>
-                </tbody>
-                </table>
-        </s2ui:tab>
-
-        <s2ui:tab name='roles' height='280'>
-                <g:each var="auth" in="${authorityList}">
+                  </tbody>
+                  </table>
+          </div>
+          <div id="roles">
+                <g:each var="entry" in="${roleMap}">
                 <div>
-                        <g:checkBox name="${auth.authority}" />
-                        <g:link controller='role' action='edit' id='${auth.id}'>${auth.authority.encodeAsHTML()}</g:link>
+                        <g:checkBox name="${entry.key.authority}" value="${entry.value}"/>
+                        <g:link controller='role' action='edit' id='${entry.key.id}'>${entry.key.authority.encodeAsHTML()}</g:link>
                 </div>
                 </g:each>
-        </s2ui:tab>
+          </div>
 
-</s2ui:tabs>
+          </div>
 
-<div style='float:left; margin-top: 10px; '>
-<s2ui:submitButton elementId='create' form='userCreateForm' messageCode='default.button.create.label'/>
+<div style='float:left; margin-top: 10px;'>
+  <input type="submit" value="Save" />
+
+  <g:if test='${user}'>
+        DELETE
+  </g:if>
+
 </div>
 
 </g:form>
 
+<g:if test='${user}'>
+  deleteform
+</g:if>
+
 <script>
 $(document).ready(function() {
         $('#username').focus();
-        <s2ui:initCheckboxes/>
 });
 </script>

trunk/grails-app/views/user/edit.gsp

@@ -1 @@
-<%@ page import="org.codehaus.groovy.grails.plugins.PluginManagerHolder" %>
-
-<sec:ifNotSwitched>
-        <sec:ifAllGranted roles='ROLE_SWITCH_USER'>
-        <g:if test='${user.username}'>
-        <g:set var='canRunAs' value='${true}'/>
-        </g:if>
-        </sec:ifAllGranted>
-</sec:ifNotSwitched>
-
 <head>
-        <meta name='layout' content='springSecurityUI'/>
+        <meta name='layout' content='main'/>
         <g:set var="entityName" value="${message(code: 'user.label', default: 'User')}"/>
         <title><g:message code="default.edit.label" args="[entityName]"/></title>
+
+    <script type="text/javascript">
+      // This method is called on the event body.onLoad
+      $(function() {
+              $("#tabs").tabs();
+      });
+    </script>
 </head>
 
 <body>
-
+    <script src="${resource(dir: 'js', file: 'jquery-callback-1.2.js')}" type="text/javascript"></script>
 <h3><g:message code="default.edit.label" args="[entityName]"/></h3>
 
@@ -23 +20 @@
 <g:hiddenField name="version" value="${user?.version}"/>
 
-<%
-def tabData = []
-tabData << [name: 'userinfo', icon: 'icon_user', messageCode: 'spring.security.ui.user.info']
-tabData << [name: 'roles',    icon: 'icon_role', messageCode: 'spring.security.ui.user.roles']
-boolean isOpenId = PluginManagerHolder.pluginManager.hasGrailsPlugin('springSecurityOpenid')
-if (isOpenId) {
-        tabData << [name: 'openIds', icon: 'icon_role', messageCode: 'spring.security.ui.user.openIds']
-}
-%>
+      <div id="tabs">
+        <ul>
+          <li><a href="#userinfo">User info</a></li>
+          <li><a href="#roles">Roles</a></li>
+        </ul>
 
-<s2ui:tabs elementId='tabs' height='375' data="${tabData}">
+        <div id="userinfo">
 
-        <s2ui:tab name='userinfo' height='275'>
-                <table>
-                <tbody>
+                  <table>
+                  <tbody>
+                        <tr><td>Username</td><td><g:textField name="username" value="${user?.username}"/></td></tr>
+                        <tr><td>Password</td><td><g:passwordField name="password" value="${user?.password}"/></td></tr>
+                        <tr><td>Email address</td><td><g:textField name="email" value="${user?.email}"/></td></tr>
+                        <tr><td>User confirmed</td><td><g:checkBox name="userConfirmed" value="${user?.userConfirmed}"/></td></tr>
+                        <tr><td>Admin confirmed</td><td><g:checkBox name="adminConfirmed" value="${user?.adminConfirmed}"/></td></tr>
+                        <tr><td>Account expired</td><td><g:checkBox name="accountExpired" value="${user?.accountExpired}"/></td></tr>
+                        <tr><td>Account locked</td><td><g:checkBox name="accountLocked" value="${user?.accountLocked}"/></td></tr>
+                        <tr><td>Password expired</td><td><g:checkBox name="passwordExpired" value="${user?.passwordExpired}"/></td></tr>
 
-                        <s2ui:textFieldRow name='username' labelCode='user.username.label' bean="${user}"
-                            labelCodeDefault='Username' value="${user?.username}"/>
-
-                        <s2ui:passwordFieldRow name='password' labelCode='user.password.label' bean="${user}"
-                                labelCodeDefault='Password' value="${user?.password}"/>
-
-                        <s2ui:checkboxRow name='userConfirmed' labelCode='user.confirmed.label' bean="${user}"
-                           labelCodeDefault='Confirmed (by user)' value="${user?.userConfirmed}"/>
-
-                        <s2ui:checkboxRow name='adminConfirmed' labelCode='user.approved.label' bean="${user}"
-                           labelCodeDefault='Approved (by administrator)' value="${user?.adminConfirmed}"/>
-
-                        <s2ui:checkboxRow name='accountExpired' labelCode='user.accountExpired.label' bean="${user}"
-                           labelCodeDefault='Account Expired' value="${user?.accountExpired}"/>
-
-                        <s2ui:checkboxRow name='accountLocked' labelCode='user.accountLocked.label' bean="${user}"
-                           labelCodeDefault='Account Locked' value="${user?.accountLocked}"/>
-
-                        <s2ui:checkboxRow name='passwordExpired' labelCode='user.passwordExpired.label' bean="${user}"
-                           labelCodeDefault='Password Expired' value="${user?.passwordExpired}"/>
-                </tbody>
-                </table>
-        </s2ui:tab>
-
-        <s2ui:tab name='roles' height='275'>
+                  </tbody>
+                  </table>
+          </div>
+          <div id="roles">
                 <g:each var="entry" in="${roleMap}">
                 <div>
@@ -70 +49 @@
                 </div>
                 </g:each>
-        </s2ui:tab>
+          </div>
 
-        <g:if test='${isOpenId}'>
-        <s2ui:tab name='openIds' height='275'>
-        <g:if test='${user?.openIds}'>
-                <ul>
-                <g:each var="openId" in="${user.openIds}">
-                <li>${openId.url}</li>
-                </g:each>
-                </ul>
-        </g:if>
-        <g:else>
-        No OpenIDs registered
-        </g:else>
-        </s2ui:tab>
-        </g:if>
-
-</s2ui:tabs>
+          </div>
 
 <div style='float:left; margin-top: 10px;'>
-<s2ui:submitButton elementId='update' form='userEditForm' messageCode='default.button.update.label'/>
+  <input type="submit" value="Save" />
 
-<g:if test='${user}'>
-<s2ui:deleteButton />
-</g:if>
-
-<g:if test='${canRunAs}'>
-<a id="runAsButton">${message(code:'spring.security.ui.runas.submit')}</a>
-</g:if>
+  <g:if test='${user}'>
+        DELETE
+  </g:if>
 
 </div>
@@ -105 +65 @@
 
 <g:if test='${user}'>
-<s2ui:deleteButtonForm instanceId='${user.id}'/>
-</g:if>
-
-<g:if test='${canRunAs}'>
-        <form name='runAsForm' action='${request.contextPath}/j_spring_security_switch_user' method='POST'>
-                <g:hiddenField name='j_username' value="${user.username}"/>
-                <input type='submit' class='s2ui_hidden_button' />
-        </form>
+  deleteform
 </g:if>
 
@@ -118 +71 @@
 $(document).ready(function() {
         $('#username').focus();
-
-        <s2ui:initCheckboxes/>
-
-        $("#runAsButton").button();
-        $('#runAsButton').bind('click', function() {
-           document.forms.runAsForm.submit();
-        });
 });
 </script>

trunk/grails-app/views/user/search.gsp

@@ -1 +1 @@
 <head>
-        <meta name='layout' content='springSecurityUI'/>
+        <meta name='layout' content='main'/>
         <title><g:message code='spring.security.ui.user.search'/></title>
 </head>
@@ -7 +7 @@
 
 <div>
-
-        <s2ui:form width='100%' height='375' elementId='formContainer'
-              titleCode='spring.security.ui.user.search'>
 
         <g:form action='userSearch' name='userSearchForm'>
@@ -55 +52 @@
                         <tr><td colspan='4'>&nbsp;</td></tr>
                         <tr>
-                                <td colspan='4'><s2ui:submitButton elementId='search' form='userSearchForm' messageCode='spring.security.ui.search'/></td>
+                                <td colspan='4'><input type="submit" value="Search" /></td>
                         </tr>
                         </tbody>
                 </table>
         </g:form>
-
-        </s2ui:form>
 
         <g:if test='${searched}'>
@@ -99 +94 @@
         </div>
 
-        <div style="text-align:center">
-                <s2ui:paginationSummary total="${totalCount}"/>
-        </div>
-
         </g:if>
 
@@ -116 +107 @@
 });
 
-<s2ui:initCheckboxes/>
-
 </script>