Enable full access when authentication is disabled - #202 [skip ci]

keeps · Apr 2, 2020 · 0dc6daf · 0dc6daf
1 parent 30c61fc
commit 0dc6daf
Show file tree

Hide file tree

Showing 7 changed files with 121 additions and 79 deletions.
diff --git a/src/main/java/com/databasepreservation/common/api/v1/AuthenticationResource.java b/src/main/java/com/databasepreservation/common/api/v1/AuthenticationResource.java
@@ -32,7 +32,16 @@ public Boolean isAuthenticationEnabled() {
 
   @Override
   public User getAuthenticatedUser() {
-    User user = UserUtility.getUser(request);
+    final boolean isAuthenticationEnabled = ViewerConfiguration.getInstance().getIsAuthenticationEnabled();
+
+    User user;
+
+    if (isAuthenticationEnabled) {
+      user = UserUtility.getUser(request);
+    } else {
+      user = UserUtility.getNoAuthenticationUser();
+      UserUtility.setUser(request, user);
+    }
     LOGGER.debug("Serving user {}", user);
     return user;
   }

diff --git a/src/main/java/com/databasepreservation/common/client/ViewerConstants.java b/src/main/java/com/databasepreservation/common/client/ViewerConstants.java
@@ -1,5 +1,6 @@
 package com.databasepreservation.common.client;
 
+import com.databasepreservation.common.client.models.user.User;
 import org.roda.core.data.common.RodaConstants;
 import com.databasepreservation.common.client.index.filter.BasicSearchFilterParameter;
 import com.databasepreservation.common.client.index.filter.Filter;
@@ -529,6 +530,9 @@ public class ViewerConstants {
   public static final String SIARD_RECORD_PREFIX = "record";
   public static final String SIARD_LOB_FILE_EXTENSION = ".bin";
 
+  public static final String DEFAULT_USERNAME = "admin";
+  public static final String DEFAULT_FULL_NAME = "admin";
+
   /**
    * private constructor
    */

diff --git a/...ava/com/databasepreservation/common/client/common/visualization/browse/DatabasePanel.java b/...ava/com/databasepreservation/common/client/common/visualization/browse/DatabasePanel.java
@@ -152,56 +152,62 @@ private void buildMenuForUser(final User user) {
     AuthenticationService.Util.call((Boolean authenticationIsEnabled) -> {
       if (authenticationIsEnabled) {
         if (user.isGuest()) {
-          menu.addItem(FontAwesomeIconManager.loaded(FontAwesomeIconManager.USER, messages.loginLogin()),
-            (Command) () -> UserLogin.getInstance().login());
-          MenuBar languagesMenu = new MenuBar(true);
-
-          setLanguageMenu(languagesMenu);
-
-          MenuItem languagesMenuItem = new MenuItem(
-            FontAwesomeIconManager.loaded(FontAwesomeIconManager.GLOBE, selectedLanguage), languagesMenu);
-          languagesMenuItem.addStyleName("menu-item menu-item-label menu-item-language");
-          menu.addItem(languagesMenuItem);
+          buildGuestMenu();
         } else {
-          if (!hideMenu) {
-            MenuBar subMenu = new MenuBar(true);
-            subMenu.addItem(messages.loginLogout(), (Command) () -> UserLogin.getInstance().logout());
-            menu.addItem(FontAwesomeIconManager.loaded(FontAwesomeIconManager.USER, user.getFullName()), subMenu);
-            if (user.isAdmin()) {
-              MenuBar administrationMenu = new MenuBar(true);
-              administrationMenu.addItem(
-                FontAwesomeIconManager.loaded(FontAwesomeIconManager.ACTIVITY_LOG, messages.activityLogMenuText()),
-                (Command) HistoryManager::gotoActivityLog);
-              administrationMenu.addItem(
-                FontAwesomeIconManager.loaded(FontAwesomeIconManager.NETWORK_WIRED, messages.menuTextForJobs()),
-                (Command) HistoryManager::gotoJobs);
-              administrationMenu.addItem(
-                FontAwesomeIconManager.loaded(FontAwesomeIconManager.PREFERENCES, messages.menuTextForPreferences()),
-                (Command) HistoryManager::gotoPreferences);
-              menu.addItem(messages.menuTextForAdministration(), administrationMenu);
-            }
-
-            MenuBar languagesMenu = new MenuBar(true);
-
-            setLanguageMenu(languagesMenu);
-
-            MenuItem languagesMenuItem = new MenuItem(
-              FontAwesomeIconManager.loaded(FontAwesomeIconManager.GLOBE, selectedLanguage), languagesMenu);
-            languagesMenuItem.addStyleName("menu-item menu-item-label menu-item-language");
-            menu.addItem(languagesMenuItem);
-          }
+          buildDefaultMenu(user, true, hideMenu);
         }
       } else {
-        menu.addItem(
-          FontAwesomeIconManager.loaded(FontAwesomeIconManager.NEW_UPLOAD, messages.uploadPanelTextForTitle()),
-          (Command) HistoryManager::gotoNewUpload);
-        menu.addItem(
-          FontAwesomeIconManager.loaded(FontAwesomeIconManager.DATABASES, messages.menusidebar_manageDatabases()),
-          (Command) HistoryManager::gotoDatabaseList);
+        buildDefaultMenu(user, false, hideMenu);
       }
     }).isAuthenticationEnabled();
   }
 
+  private void buildGuestMenu() {
+    menu.addItem(FontAwesomeIconManager.loaded(FontAwesomeIconManager.USER, messages.loginLogin()),
+      (Command) () -> UserLogin.getInstance().login());
+    MenuBar languagesMenu = new MenuBar(true);
+
+    setLanguageMenu(languagesMenu);
+
+    MenuItem languagesMenuItem = new MenuItem(
+      FontAwesomeIconManager.loaded(FontAwesomeIconManager.GLOBE, selectedLanguage), languagesMenu);
+    languagesMenuItem.addStyleName("menu-item menu-item-label menu-item-language");
+    menu.addItem(languagesMenuItem);
+  }
+
+  private void buildDefaultMenu(User user, boolean authenticationIsEnabled, boolean hideMenu) {
+    if (!hideMenu) {
+      GWT.log("authentication: " + authenticationIsEnabled);
+      if (authenticationIsEnabled) {
+        MenuBar subMenu = new MenuBar(true);
+        subMenu.addItem(messages.loginLogout(), (Command) () -> UserLogin.getInstance().logout());
+        menu.addItem(FontAwesomeIconManager.loaded(FontAwesomeIconManager.USER, user.getFullName()), subMenu);
+      }
+      if (user.isAdmin()) {
+        MenuBar administrationMenu = new MenuBar(true);
+        administrationMenu.addItem(
+          FontAwesomeIconManager.loaded(FontAwesomeIconManager.ACTIVITY_LOG, messages.activityLogMenuText()),
+          (Command) HistoryManager::gotoActivityLog);
+        administrationMenu.addItem(
+          FontAwesomeIconManager.loaded(FontAwesomeIconManager.NETWORK_WIRED, messages.menuTextForJobs()),
+          (Command) HistoryManager::gotoJobs);
+        administrationMenu.addItem(
+          FontAwesomeIconManager.loaded(FontAwesomeIconManager.PREFERENCES, messages.menuTextForPreferences()),
+          (Command) HistoryManager::gotoPreferences);
+        menu.addItem(messages.menuTextForAdministration(), administrationMenu);
+      }
+
+      MenuBar languagesMenu = new MenuBar(true);
+
+      setLanguageMenu(languagesMenu);
+
+      MenuItem languagesMenuItem = new MenuItem(
+        FontAwesomeIconManager.loaded(FontAwesomeIconManager.GLOBE, selectedLanguage), languagesMenu);
+      languagesMenuItem.addStyleName("menu-item menu-item-label menu-item-language");
+      menu.addItem(languagesMenuItem);
+    }
+  }
+
   private void setLanguageMenu(MenuBar languagesMenu) {
     String locale = LocaleInfo.getCurrentLocale().getLocaleName();
 

diff --git a/src/main/java/com/databasepreservation/common/server/ViewerConfiguration.java b/src/main/java/com/databasepreservation/common/server/ViewerConfiguration.java
@@ -2,8 +2,10 @@
 
 import java.io.IOException;
 import java.io.InputStream;
+import java.net.InetAddress;
 import java.net.MalformedURLException;
 import java.net.URL;
+import java.net.UnknownHostException;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
@@ -364,7 +366,15 @@ public Path getReportPathForValidation(String databaseUUID) {
 
   public List<String> getWhitelistedIPs() {
     if (cachedWhitelistedIPs == null) {
-      cachedWhitelistedIPs = getViewerConfigurationAsList(ViewerConfiguration.PROPERTY_FILTER_ONOFF_WHITELISTED_IPS);
+      cachedWhitelistedIPs = new ArrayList<>();
+      for (String whitelistedIP : getViewerConfigurationAsList(ViewerConfiguration.PROPERTY_FILTER_ONOFF_WHITELISTED_IPS)) {
+        try {
+          final InetAddress address = InetAddress.getByName(whitelistedIP);
+          cachedWhitelistedIPs.add(address.getHostAddress());
+        } catch (UnknownHostException e) {
+          LOGGER.debug("Invalid IP address from config: {}", whitelistedIP, e);
+        }
+      }
     }
     return cachedWhitelistedIPs;
   }

diff --git a/src/main/java/com/databasepreservation/common/server/swagger/SwaggerConfig.java b/src/main/java/com/databasepreservation/common/server/swagger/SwaggerConfig.java
@@ -1,10 +1,12 @@
 package com.databasepreservation.common.server.swagger;
 
+import java.time.LocalDate;
+
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.ResponseEntity;
 
 import io.swagger.annotations.Api;
-import org.springframework.http.ResponseEntity;
 import springfox.documentation.builders.ApiInfoBuilder;
 import springfox.documentation.builders.PathSelectors;
 import springfox.documentation.builders.RequestHandlerSelectors;
@@ -19,45 +21,40 @@
 import springfox.documentation.swagger.web.UiConfigurationBuilder;
 import springfox.documentation.swagger2.annotations.EnableSwagger2;
 
-import java.time.LocalDate;
-
 /**
  * @author Miguel Guimarães <mguimaraes@keep.pt>
  */
 
 @Configuration
 @EnableSwagger2
 public class SwaggerConfig {
-   @Bean
-   public Docket eDesignApi(SwaggerConfigProperties swaggerConfigProperties) {
-   return new
-   Docket(DocumentationType.SWAGGER_2).apiInfo(apiInfo(swaggerConfigProperties))
-   .enable(Boolean.parseBoolean(swaggerConfigProperties.getEnabled())).select()
-   .apis(RequestHandlerSelectors.withClassAnnotation(Api.class)).paths(PathSelectors.any()).build().pathMapping("/")
-   .directModelSubstitute(LocalDate.class,
-   String.class).genericModelSubstitutes(ResponseEntity.class)
-   .useDefaultResponseMessages(Boolean.parseBoolean(swaggerConfigProperties.getUseDefaultResponseMessages()))
-   .enableUrlTemplating(Boolean.parseBoolean(swaggerConfigProperties.getEnableUrlTemplating()));
-   }
+  @Bean
+  public Docket api(SwaggerConfigProperties swaggerConfigProperties) {
+    return new Docket(DocumentationType.SWAGGER_2).apiInfo(apiInfo(swaggerConfigProperties))
+      .enable(Boolean.parseBoolean(swaggerConfigProperties.getEnabled())).select()
+      .apis(RequestHandlerSelectors.withClassAnnotation(Api.class)).paths(PathSelectors.any()).build().pathMapping("/")
+      .directModelSubstitute(LocalDate.class, String.class).genericModelSubstitutes(ResponseEntity.class)
+      .useDefaultResponseMessages(Boolean.parseBoolean(swaggerConfigProperties.getUseDefaultResponseMessages()))
+      .enableUrlTemplating(Boolean.parseBoolean(swaggerConfigProperties.getEnableUrlTemplating()));
+  }
 
-   @Bean
-   UiConfiguration uiConfig(SwaggerConfigProperties swaggerConfigProperties) {
-   return
-   UiConfigurationBuilder.builder().deepLinking(Boolean.valueOf(swaggerConfigProperties.getDeepLinking()))
-   .displayOperationId(Boolean.valueOf(swaggerConfigProperties.getDisplayOperationId()))
-   .defaultModelsExpandDepth(Integer.valueOf(swaggerConfigProperties.getDefaultModelsExpandDepth()))
-   .defaultModelExpandDepth(Integer.valueOf(swaggerConfigProperties.getDefaultModelExpandDepth()))
-   .defaultModelRendering(ModelRendering.EXAMPLE)
-   .displayRequestDuration(Boolean.valueOf(swaggerConfigProperties.getDisplayRequestDuration()))
-   .docExpansion(DocExpansion.NONE).filter(Boolean.valueOf(swaggerConfigProperties.getFilter()))
-   .maxDisplayedTags(Integer.valueOf(swaggerConfigProperties.getMaxDisplayedTags()))
-   .operationsSorter(OperationsSorter.ALPHA)
-   .showExtensions(Boolean.valueOf(swaggerConfigProperties.getShowExtensions())).tagsSorter(TagsSorter.ALPHA)
-   .supportedSubmitMethods(UiConfiguration.Constants.DEFAULT_SUBMIT_METHODS).validatorUrl(null).build();
-   }
+  @Bean
+  UiConfiguration uiConfig(SwaggerConfigProperties swaggerConfigProperties) {
+    return UiConfigurationBuilder.builder().deepLinking(Boolean.valueOf(swaggerConfigProperties.getDeepLinking()))
+      .displayOperationId(Boolean.valueOf(swaggerConfigProperties.getDisplayOperationId()))
+      .defaultModelsExpandDepth(Integer.valueOf(swaggerConfigProperties.getDefaultModelsExpandDepth()))
+      .defaultModelExpandDepth(Integer.valueOf(swaggerConfigProperties.getDefaultModelExpandDepth()))
+      .defaultModelRendering(ModelRendering.EXAMPLE)
+      .displayRequestDuration(Boolean.valueOf(swaggerConfigProperties.getDisplayRequestDuration()))
+      .docExpansion(DocExpansion.NONE).filter(Boolean.valueOf(swaggerConfigProperties.getFilter()))
+      .maxDisplayedTags(Integer.valueOf(swaggerConfigProperties.getMaxDisplayedTags()))
+      .operationsSorter(OperationsSorter.ALPHA)
+      .showExtensions(Boolean.valueOf(swaggerConfigProperties.getShowExtensions())).tagsSorter(TagsSorter.ALPHA)
+      .supportedSubmitMethods(UiConfiguration.Constants.DEFAULT_SUBMIT_METHODS).validatorUrl(null).build();
+  }
 
-   private ApiInfo apiInfo(SwaggerConfigProperties swaggerConfigProperties) {
-   return new ApiInfoBuilder().title(swaggerConfigProperties.getTitle())
-   .description(swaggerConfigProperties.getDescription()).version(swaggerConfigProperties.getApiVersion()).build();
-   }
+  private ApiInfo apiInfo(SwaggerConfigProperties swaggerConfigProperties) {
+    return new ApiInfoBuilder().title(swaggerConfigProperties.getTitle())
+      .description(swaggerConfigProperties.getDescription()).version(swaggerConfigProperties.getApiVersion()).build();
+  }
 }
diff --git a/src/main/java/com/databasepreservation/common/utils/UserUtility.java b/src/main/java/com/databasepreservation/common/utils/UserUtility.java
@@ -231,6 +231,21 @@ private static boolean userIsAdminOrManager(User user) {
     return userIsAdmin(user) || userIsManager(user);
   }
 
+  public static User getNoAuthenticationUser() {
+    User user = new User(ViewerConstants.DEFAULT_USERNAME);
+    final List<String> adminRoles = ViewerConfiguration.getInstance()
+        .getViewerConfigurationAsList(ViewerConfiguration.PROPERTY_AUTHORIZATION_ADMINISTRATORS);
+
+    user.setAdmin(true);
+    user.setDirectRoles(new HashSet<>(adminRoles));
+    user.setAllRoles(new HashSet<>(adminRoles));
+
+    user.setGuest(false);
+    user.setFullName(ViewerConstants.DEFAULT_FULL_NAME);
+
+    return user;
+  }
+
   public static class Authorization {
     private static final Map<Class, String> filterParameterDatabaseUUID;
 

diff --git a/src/main/resources/config/dbvtk-viewer.properties b/src/main/resources/config/dbvtk-viewer.properties
@@ -83,8 +83,9 @@ ui.authorization.roda.cas.serviceServerName=http://localhost:8888
 # server used to check dip permissions
 ui.authorization.roda.dip.server=http://localhost:8888
 ui.authorization.roda.dip.path=api/v1/dips/{dip_id}
+
 ui.filter.onOff.protectedResourcesAllowAllIPs=true
-#ui.filter.onOff.protectedResourcesWhitelistedIP = 127.0.0.1
+ui.filter.onOff.protectedResourcesWhitelistedIP = 127.0.0.1
 #ui.filter.onOff.protectedResourcesWhitelistedIP = 192.168.1.2
 
 ##############################################