/*
* Copyright 2009-2010 the original author or authors.
*
* Licensed under the Apache license, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.internna.iwebmvc.boot.tasks;
import java.util.List;
import java.util.Set;
import java.util.Locale;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Collection;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.internna.iwebmvc.model.Role;
import org.internna.iwebmvc.dao.SecurityDAO;
import org.internna.iwebmvc.boot.StartupTask;
import org.internna.iwebmvc.model.DomainEntity;
import org.internna.iwebmvc.model.security.RoleImpl;
import org.internna.iwebmvc.model.security.UserImpl;
import org.internna.iwebmvc.metadata.EntitySecurity;
import org.internna.iwebmvc.spring.io.ClasspathScanner;
import org.internna.iwebmvc.metadata.EntitySecurityRule;
import org.internna.iwebmvc.utils.StringUtils;
/**
* Creates an admin user on boot time.
*
* @author Jose Noheda
* @since 2.0
*/
public final class CreateRootUserStartUpTask implements StartupTask {
protected Log logger = LogFactory.getLog(getClass());
private SecurityDAO dao;
private boolean createRootUser;
private Set<String> authorities;
private ClasspathScanner scanner;
private List<Locale> supportedLocales;
private String rootUserName, rootPassword, rootPasswordSalt, rootUserTheme, rootUserEmail;
public void setCreateRootUser(boolean createRootUser) {
this.createRootUser = createRootUser;
}
public void setDao(SecurityDAO dao) {
this.dao = dao;
}
public void setRootPassword(String rootPassword) {
this.rootPassword = rootPassword;
}
public void setRootPasswordSalt(String rootPasswordSalt) {
this.rootPasswordSalt = rootPasswordSalt;
}
public void setAuthorities(Set<String> authorities) {
this.authorities = authorities;
}
public void setRootUserName(String rootUserName) {
this.rootUserName = rootUserName;
}
public void setRootUserTheme(String rootUserTheme) {
this.rootUserTheme = rootUserTheme;
}
public void setSupportedLocales(List<Locale> supportedLocales) {
this.supportedLocales = supportedLocales;
}
public void setScanner(ClasspathScanner scanner) {
this.scanner = scanner;
}
public void setRootUserEmail(String rootUserEmail) {
if (StringUtils.validateEmail(rootUserEmail)) {
this.rootUserEmail = rootUserEmail;
}
}
@SuppressWarnings("unchecked")
@Override public void execute() {
if (logger.isInfoEnabled()) logger.info("Executing startup task [CreateRootUserStartUpTask]");
Collection<Role> mainRoles = dao.findAuthorities();
if (authorities == null) authorities = new HashSet<String>();
authorities.add(RoleImpl.ROLE_USER);
authorities.add(RoleImpl.ROLE_ANONYMOUS);
authorities.add(RoleImpl.ROLE_ADMINISTRATOR);
try {
Set<Class<DomainEntity>> entities = scanner.collect(EntitySecurity.class);
for (Class<DomainEntity> entityClass : entities) {
EntitySecurity es = entityClass.getAnnotation(EntitySecurity.class);
if (es != null) {
for (EntitySecurityRule rule : es.value()) {
authorities.addAll(Arrays.asList(rule.ifAllGranted()));
authorities.addAll(Arrays.asList(rule.ifAnyGranted()));
authorities.addAll(Arrays.asList(rule.ifNotGranted()));
}
}
}
} catch (ClassNotFoundException cne) {
logger.warn("Could not generate authority information for: " + cne.getMessage());
}
for (String role : authorities) {
if (!mainRoles.contains(new RoleImpl(role))) {
if (logger.isInfoEnabled()) logger.info("Creating application security role [" + role + "]");
dao.createAuthority(role);
}
}
if (createRootUser) {
if (dao.findUser(rootUserName) == null) {
try {
UserImpl rootUser = new UserImpl();
rootUser.setName("Admin");
rootUser.setEmail(rootUserEmail);
rootUser.setTheme(rootUserTheme);
rootUser.setUsername(rootUserName);
rootUser.setSalt(rootPasswordSalt);
rootUser.setPassword(rootPassword);
rootUser.setRoles(new HashSet(dao.findAuthorities()));
if ((supportedLocales != null) && (!supportedLocales.isEmpty())) rootUser.setLocale(supportedLocales.get(0));
if (logger.isDebugEnabled()) logger.debug("Creating root user [" + rootUserName + "] with roles: " + rootUser.getRoles());
dao.createUser(rootUser);
} catch (Exception creationException) {
if (logger.isWarnEnabled()) logger.warn("Could not create Root user [" + rootUserName + "]: " + creationException, creationException);
}
} else if (logger.isDebugEnabled()) logger.debug("Root user [" + rootUserName + "] already exists. Skipping creation");
}
}
/**
* First task always!
*
* @return 0
*/
@Override public int order() {
return 0;
}
@Override public String getTaskName() {
return "Generate Root user as an administrator";
}
}