diff --git a/src/main/java/com/databasepreservation/common/api/v1/AuthenticationResource.java b/src/main/java/com/databasepreservation/common/api/v1/AuthenticationResource.java index c0ee21788..2a5fbe73e 100644 --- a/src/main/java/com/databasepreservation/common/api/v1/AuthenticationResource.java +++ b/src/main/java/com/databasepreservation/common/api/v1/AuthenticationResource.java @@ -32,7 +32,16 @@ public Boolean isAuthenticationEnabled() { @Override public User getAuthenticatedUser() { - User user = UserUtility.getUser(request); + final boolean isAuthenticationEnabled = ViewerConfiguration.getInstance().getIsAuthenticationEnabled(); + + User user; + + if (isAuthenticationEnabled) { + user = UserUtility.getUser(request); + } else { + user = UserUtility.getNoAuthenticationUser(); + UserUtility.setUser(request, user); + } LOGGER.debug("Serving user {}", user); return user; } diff --git a/src/main/java/com/databasepreservation/common/client/ViewerConstants.java b/src/main/java/com/databasepreservation/common/client/ViewerConstants.java index 7f88a407a..8a7ea8f0a 100644 --- a/src/main/java/com/databasepreservation/common/client/ViewerConstants.java +++ b/src/main/java/com/databasepreservation/common/client/ViewerConstants.java @@ -1,5 +1,6 @@ package com.databasepreservation.common.client; +import com.databasepreservation.common.client.models.user.User; import org.roda.core.data.common.RodaConstants; import com.databasepreservation.common.client.index.filter.BasicSearchFilterParameter; import com.databasepreservation.common.client.index.filter.Filter; @@ -529,6 +530,9 @@ public class ViewerConstants { public static final String SIARD_RECORD_PREFIX = "record"; public static final String SIARD_LOB_FILE_EXTENSION = ".bin"; + public static final String DEFAULT_USERNAME = "admin"; + public static final String DEFAULT_FULL_NAME = "admin"; + /** * private constructor */ diff --git a/src/main/java/com/databasepreservation/common/client/common/visualization/browse/DatabasePanel.java b/src/main/java/com/databasepreservation/common/client/common/visualization/browse/DatabasePanel.java index c82afabdd..5dcce8741 100644 --- a/src/main/java/com/databasepreservation/common/client/common/visualization/browse/DatabasePanel.java +++ b/src/main/java/com/databasepreservation/common/client/common/visualization/browse/DatabasePanel.java @@ -152,56 +152,62 @@ private void buildMenuForUser(final User user) { AuthenticationService.Util.call((Boolean authenticationIsEnabled) -> { if (authenticationIsEnabled) { if (user.isGuest()) { - menu.addItem(FontAwesomeIconManager.loaded(FontAwesomeIconManager.USER, messages.loginLogin()), - (Command) () -> UserLogin.getInstance().login()); - MenuBar languagesMenu = new MenuBar(true); - - setLanguageMenu(languagesMenu); - - MenuItem languagesMenuItem = new MenuItem( - FontAwesomeIconManager.loaded(FontAwesomeIconManager.GLOBE, selectedLanguage), languagesMenu); - languagesMenuItem.addStyleName("menu-item menu-item-label menu-item-language"); - menu.addItem(languagesMenuItem); + buildGuestMenu(); } else { - if (!hideMenu) { - MenuBar subMenu = new MenuBar(true); - subMenu.addItem(messages.loginLogout(), (Command) () -> UserLogin.getInstance().logout()); - menu.addItem(FontAwesomeIconManager.loaded(FontAwesomeIconManager.USER, user.getFullName()), subMenu); - if (user.isAdmin()) { - MenuBar administrationMenu = new MenuBar(true); - administrationMenu.addItem( - FontAwesomeIconManager.loaded(FontAwesomeIconManager.ACTIVITY_LOG, messages.activityLogMenuText()), - (Command) HistoryManager::gotoActivityLog); - administrationMenu.addItem( - FontAwesomeIconManager.loaded(FontAwesomeIconManager.NETWORK_WIRED, messages.menuTextForJobs()), - (Command) HistoryManager::gotoJobs); - administrationMenu.addItem( - FontAwesomeIconManager.loaded(FontAwesomeIconManager.PREFERENCES, messages.menuTextForPreferences()), - (Command) HistoryManager::gotoPreferences); - menu.addItem(messages.menuTextForAdministration(), administrationMenu); - } - - MenuBar languagesMenu = new MenuBar(true); - - setLanguageMenu(languagesMenu); - - MenuItem languagesMenuItem = new MenuItem( - FontAwesomeIconManager.loaded(FontAwesomeIconManager.GLOBE, selectedLanguage), languagesMenu); - languagesMenuItem.addStyleName("menu-item menu-item-label menu-item-language"); - menu.addItem(languagesMenuItem); - } + buildDefaultMenu(user, true, hideMenu); } } else { - menu.addItem( - FontAwesomeIconManager.loaded(FontAwesomeIconManager.NEW_UPLOAD, messages.uploadPanelTextForTitle()), - (Command) HistoryManager::gotoNewUpload); - menu.addItem( - FontAwesomeIconManager.loaded(FontAwesomeIconManager.DATABASES, messages.menusidebar_manageDatabases()), - (Command) HistoryManager::gotoDatabaseList); + buildDefaultMenu(user, false, hideMenu); } }).isAuthenticationEnabled(); } + private void buildGuestMenu() { + menu.addItem(FontAwesomeIconManager.loaded(FontAwesomeIconManager.USER, messages.loginLogin()), + (Command) () -> UserLogin.getInstance().login()); + MenuBar languagesMenu = new MenuBar(true); + + setLanguageMenu(languagesMenu); + + MenuItem languagesMenuItem = new MenuItem( + FontAwesomeIconManager.loaded(FontAwesomeIconManager.GLOBE, selectedLanguage), languagesMenu); + languagesMenuItem.addStyleName("menu-item menu-item-label menu-item-language"); + menu.addItem(languagesMenuItem); + } + + private void buildDefaultMenu(User user, boolean authenticationIsEnabled, boolean hideMenu) { + if (!hideMenu) { + GWT.log("authentication: " + authenticationIsEnabled); + if (authenticationIsEnabled) { + MenuBar subMenu = new MenuBar(true); + subMenu.addItem(messages.loginLogout(), (Command) () -> UserLogin.getInstance().logout()); + menu.addItem(FontAwesomeIconManager.loaded(FontAwesomeIconManager.USER, user.getFullName()), subMenu); + } + if (user.isAdmin()) { + MenuBar administrationMenu = new MenuBar(true); + administrationMenu.addItem( + FontAwesomeIconManager.loaded(FontAwesomeIconManager.ACTIVITY_LOG, messages.activityLogMenuText()), + (Command) HistoryManager::gotoActivityLog); + administrationMenu.addItem( + FontAwesomeIconManager.loaded(FontAwesomeIconManager.NETWORK_WIRED, messages.menuTextForJobs()), + (Command) HistoryManager::gotoJobs); + administrationMenu.addItem( + FontAwesomeIconManager.loaded(FontAwesomeIconManager.PREFERENCES, messages.menuTextForPreferences()), + (Command) HistoryManager::gotoPreferences); + menu.addItem(messages.menuTextForAdministration(), administrationMenu); + } + + MenuBar languagesMenu = new MenuBar(true); + + setLanguageMenu(languagesMenu); + + MenuItem languagesMenuItem = new MenuItem( + FontAwesomeIconManager.loaded(FontAwesomeIconManager.GLOBE, selectedLanguage), languagesMenu); + languagesMenuItem.addStyleName("menu-item menu-item-label menu-item-language"); + menu.addItem(languagesMenuItem); + } + } + private void setLanguageMenu(MenuBar languagesMenu) { String locale = LocaleInfo.getCurrentLocale().getLocaleName(); diff --git a/src/main/java/com/databasepreservation/common/server/ViewerConfiguration.java b/src/main/java/com/databasepreservation/common/server/ViewerConfiguration.java index 341b17342..87980e7f8 100644 --- a/src/main/java/com/databasepreservation/common/server/ViewerConfiguration.java +++ b/src/main/java/com/databasepreservation/common/server/ViewerConfiguration.java @@ -2,8 +2,10 @@ import java.io.IOException; import java.io.InputStream; +import java.net.InetAddress; import java.net.MalformedURLException; import java.net.URL; +import java.net.UnknownHostException; import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; @@ -364,7 +366,15 @@ public Path getReportPathForValidation(String databaseUUID) { public List getWhitelistedIPs() { if (cachedWhitelistedIPs == null) { - cachedWhitelistedIPs = getViewerConfigurationAsList(ViewerConfiguration.PROPERTY_FILTER_ONOFF_WHITELISTED_IPS); + cachedWhitelistedIPs = new ArrayList<>(); + for (String whitelistedIP : getViewerConfigurationAsList(ViewerConfiguration.PROPERTY_FILTER_ONOFF_WHITELISTED_IPS)) { + try { + final InetAddress address = InetAddress.getByName(whitelistedIP); + cachedWhitelistedIPs.add(address.getHostAddress()); + } catch (UnknownHostException e) { + LOGGER.debug("Invalid IP address from config: {}", whitelistedIP, e); + } + } } return cachedWhitelistedIPs; } diff --git a/src/main/java/com/databasepreservation/common/server/swagger/SwaggerConfig.java b/src/main/java/com/databasepreservation/common/server/swagger/SwaggerConfig.java index 7e4950ee7..07c0884b9 100644 --- a/src/main/java/com/databasepreservation/common/server/swagger/SwaggerConfig.java +++ b/src/main/java/com/databasepreservation/common/server/swagger/SwaggerConfig.java @@ -1,10 +1,12 @@ package com.databasepreservation.common.server.swagger; +import java.time.LocalDate; + import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.http.ResponseEntity; import io.swagger.annotations.Api; -import org.springframework.http.ResponseEntity; import springfox.documentation.builders.ApiInfoBuilder; import springfox.documentation.builders.PathSelectors; import springfox.documentation.builders.RequestHandlerSelectors; @@ -19,8 +21,6 @@ import springfox.documentation.swagger.web.UiConfigurationBuilder; import springfox.documentation.swagger2.annotations.EnableSwagger2; -import java.time.LocalDate; - /** * @author Miguel GuimarĂ£es */ @@ -28,36 +28,33 @@ @Configuration @EnableSwagger2 public class SwaggerConfig { - @Bean - public Docket eDesignApi(SwaggerConfigProperties swaggerConfigProperties) { - return new - Docket(DocumentationType.SWAGGER_2).apiInfo(apiInfo(swaggerConfigProperties)) - .enable(Boolean.parseBoolean(swaggerConfigProperties.getEnabled())).select() - .apis(RequestHandlerSelectors.withClassAnnotation(Api.class)).paths(PathSelectors.any()).build().pathMapping("/") - .directModelSubstitute(LocalDate.class, - String.class).genericModelSubstitutes(ResponseEntity.class) - .useDefaultResponseMessages(Boolean.parseBoolean(swaggerConfigProperties.getUseDefaultResponseMessages())) - .enableUrlTemplating(Boolean.parseBoolean(swaggerConfigProperties.getEnableUrlTemplating())); - } + @Bean + public Docket api(SwaggerConfigProperties swaggerConfigProperties) { + return new Docket(DocumentationType.SWAGGER_2).apiInfo(apiInfo(swaggerConfigProperties)) + .enable(Boolean.parseBoolean(swaggerConfigProperties.getEnabled())).select() + .apis(RequestHandlerSelectors.withClassAnnotation(Api.class)).paths(PathSelectors.any()).build().pathMapping("/") + .directModelSubstitute(LocalDate.class, String.class).genericModelSubstitutes(ResponseEntity.class) + .useDefaultResponseMessages(Boolean.parseBoolean(swaggerConfigProperties.getUseDefaultResponseMessages())) + .enableUrlTemplating(Boolean.parseBoolean(swaggerConfigProperties.getEnableUrlTemplating())); + } - @Bean - UiConfiguration uiConfig(SwaggerConfigProperties swaggerConfigProperties) { - return - UiConfigurationBuilder.builder().deepLinking(Boolean.valueOf(swaggerConfigProperties.getDeepLinking())) - .displayOperationId(Boolean.valueOf(swaggerConfigProperties.getDisplayOperationId())) - .defaultModelsExpandDepth(Integer.valueOf(swaggerConfigProperties.getDefaultModelsExpandDepth())) - .defaultModelExpandDepth(Integer.valueOf(swaggerConfigProperties.getDefaultModelExpandDepth())) - .defaultModelRendering(ModelRendering.EXAMPLE) - .displayRequestDuration(Boolean.valueOf(swaggerConfigProperties.getDisplayRequestDuration())) - .docExpansion(DocExpansion.NONE).filter(Boolean.valueOf(swaggerConfigProperties.getFilter())) - .maxDisplayedTags(Integer.valueOf(swaggerConfigProperties.getMaxDisplayedTags())) - .operationsSorter(OperationsSorter.ALPHA) - .showExtensions(Boolean.valueOf(swaggerConfigProperties.getShowExtensions())).tagsSorter(TagsSorter.ALPHA) - .supportedSubmitMethods(UiConfiguration.Constants.DEFAULT_SUBMIT_METHODS).validatorUrl(null).build(); - } + @Bean + UiConfiguration uiConfig(SwaggerConfigProperties swaggerConfigProperties) { + return UiConfigurationBuilder.builder().deepLinking(Boolean.valueOf(swaggerConfigProperties.getDeepLinking())) + .displayOperationId(Boolean.valueOf(swaggerConfigProperties.getDisplayOperationId())) + .defaultModelsExpandDepth(Integer.valueOf(swaggerConfigProperties.getDefaultModelsExpandDepth())) + .defaultModelExpandDepth(Integer.valueOf(swaggerConfigProperties.getDefaultModelExpandDepth())) + .defaultModelRendering(ModelRendering.EXAMPLE) + .displayRequestDuration(Boolean.valueOf(swaggerConfigProperties.getDisplayRequestDuration())) + .docExpansion(DocExpansion.NONE).filter(Boolean.valueOf(swaggerConfigProperties.getFilter())) + .maxDisplayedTags(Integer.valueOf(swaggerConfigProperties.getMaxDisplayedTags())) + .operationsSorter(OperationsSorter.ALPHA) + .showExtensions(Boolean.valueOf(swaggerConfigProperties.getShowExtensions())).tagsSorter(TagsSorter.ALPHA) + .supportedSubmitMethods(UiConfiguration.Constants.DEFAULT_SUBMIT_METHODS).validatorUrl(null).build(); + } - private ApiInfo apiInfo(SwaggerConfigProperties swaggerConfigProperties) { - return new ApiInfoBuilder().title(swaggerConfigProperties.getTitle()) - .description(swaggerConfigProperties.getDescription()).version(swaggerConfigProperties.getApiVersion()).build(); - } + private ApiInfo apiInfo(SwaggerConfigProperties swaggerConfigProperties) { + return new ApiInfoBuilder().title(swaggerConfigProperties.getTitle()) + .description(swaggerConfigProperties.getDescription()).version(swaggerConfigProperties.getApiVersion()).build(); + } } diff --git a/src/main/java/com/databasepreservation/common/utils/UserUtility.java b/src/main/java/com/databasepreservation/common/utils/UserUtility.java index 60d7c1b9d..1a98bada5 100644 --- a/src/main/java/com/databasepreservation/common/utils/UserUtility.java +++ b/src/main/java/com/databasepreservation/common/utils/UserUtility.java @@ -231,6 +231,21 @@ private static boolean userIsAdminOrManager(User user) { return userIsAdmin(user) || userIsManager(user); } + public static User getNoAuthenticationUser() { + User user = new User(ViewerConstants.DEFAULT_USERNAME); + final List adminRoles = ViewerConfiguration.getInstance() + .getViewerConfigurationAsList(ViewerConfiguration.PROPERTY_AUTHORIZATION_ADMINISTRATORS); + + user.setAdmin(true); + user.setDirectRoles(new HashSet<>(adminRoles)); + user.setAllRoles(new HashSet<>(adminRoles)); + + user.setGuest(false); + user.setFullName(ViewerConstants.DEFAULT_FULL_NAME); + + return user; + } + public static class Authorization { private static final Map filterParameterDatabaseUUID; diff --git a/src/main/resources/config/dbvtk-viewer.properties b/src/main/resources/config/dbvtk-viewer.properties index 9c123e151..c4f57cf43 100644 --- a/src/main/resources/config/dbvtk-viewer.properties +++ b/src/main/resources/config/dbvtk-viewer.properties @@ -83,8 +83,9 @@ ui.authorization.roda.cas.serviceServerName=http://localhost:8888 # server used to check dip permissions ui.authorization.roda.dip.server=http://localhost:8888 ui.authorization.roda.dip.path=api/v1/dips/{dip_id} + ui.filter.onOff.protectedResourcesAllowAllIPs=true -#ui.filter.onOff.protectedResourcesWhitelistedIP = 127.0.0.1 +ui.filter.onOff.protectedResourcesWhitelistedIP = 127.0.0.1 #ui.filter.onOff.protectedResourcesWhitelistedIP = 192.168.1.2 ##############################################