FIx terms.
This commit is contained in:
Anatoly Sablin
@@ -115,13 +115,6 @@ public class HttpMxisd {
|
|||||||
.post(LoginHandler.Path, SaneHandler.around(new LoginPostHandler(m.getAuth())))
|
.post(LoginHandler.Path, SaneHandler.around(new LoginPostHandler(m.getAuth())))
|
||||||
.post(RestAuthHandler.Path, SaneHandler.around(new RestAuthHandler(m.getAuth())))
|
.post(RestAuthHandler.Path, SaneHandler.around(new RestAuthHandler(m.getAuth())))
|
||||||
|
|
||||||
// Account endpoints
|
|
||||||
.post(AccountRegisterHandler.Path, SaneHandler.around(new AccountRegisterHandler(m.getAccMgr())))
|
|
||||||
.get(AccountGetUserInfoHandler.Path,
|
|
||||||
SaneHandler.around(AuthorizationHandler.around(m.getAccMgr(), new AccountGetUserInfoHandler(m.getAccMgr()))))
|
|
||||||
.post(AccountLogoutHandler.Path,
|
|
||||||
SaneHandler.around(AuthorizationHandler.around(m.getAccMgr(), new AccountLogoutHandler(m.getAccMgr()))))
|
|
||||||
|
|
||||||
// Directory endpoints
|
// Directory endpoints
|
||||||
.post(UserDirectorySearchHandler.Path, SaneHandler.around(new UserDirectorySearchHandler(m.getDirectory())))
|
.post(UserDirectorySearchHandler.Path, SaneHandler.around(new UserDirectorySearchHandler(m.getDirectory())))
|
||||||
|
|
||||||
@@ -151,6 +144,7 @@ public class HttpMxisd {
|
|||||||
identityEndpoints(handler);
|
identityEndpoints(handler);
|
||||||
termsEndpoints(handler);
|
termsEndpoints(handler);
|
||||||
hashEndpoints(handler);
|
hashEndpoints(handler);
|
||||||
|
accountEndpoints(handler);
|
||||||
httpSrv = Undertow.builder().addHttpListener(m.getConfig().getServer().getPort(), "0.0.0.0").setHandler(handler).build();
|
httpSrv = Undertow.builder().addHttpListener(m.getConfig().getServer().getPort(), "0.0.0.0").setHandler(handler).build();
|
||||||
|
|
||||||
httpSrv.start();
|
httpSrv.start();
|
||||||
@@ -194,17 +188,25 @@ public class HttpMxisd {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void accountEndpoints(RoutingHandler routingHandler) {
|
||||||
|
routingHandler.post(AccountRegisterHandler.Path, SaneHandler.around(new AccountRegisterHandler(m.getAccMgr())));
|
||||||
|
wrapWithTokenAndAuthorizationHandlers(routingHandler, Methods.GET, sane(new AccountGetUserInfoHandler(m.getAccMgr())),
|
||||||
|
AccountGetUserInfoHandler.Path, true);
|
||||||
|
wrapWithTokenAndAuthorizationHandlers(routingHandler, Methods.GET, sane(new AccountLogoutHandler(m.getAccMgr())),
|
||||||
|
AccountLogoutHandler.Path, true);
|
||||||
|
}
|
||||||
|
|
||||||
private void termsEndpoints(RoutingHandler routingHandler) {
|
private void termsEndpoints(RoutingHandler routingHandler) {
|
||||||
routingHandler.get(GetTermsHandler.PATH, new GetTermsHandler(m.getConfig().getPolicy()));
|
routingHandler.get(GetTermsHandler.PATH, new GetTermsHandler(m.getConfig().getPolicy()));
|
||||||
routingHandler
|
wrapWithTokenAndAuthorizationHandlers(routingHandler, Methods.POST, sane(new AcceptTermsHandler(m.getAccMgr())),
|
||||||
.post(AcceptTermsHandler.PATH, AuthorizationHandler.around(m.getAccMgr(), sane(new AcceptTermsHandler(m.getAccMgr()))));
|
AcceptTermsHandler.PATH, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void hashEndpoints(RoutingHandler routingHandler) {
|
private void hashEndpoints(RoutingHandler routingHandler) {
|
||||||
routingHandler
|
wrapWithTokenAndAuthorizationHandlers(routingHandler, Methods.GET, sane(new HashDetailsHandler(m.getHashManager())),
|
||||||
.get(HashDetailsHandler.PATH, AuthorizationHandler.around(m.getAccMgr(), sane(new HashDetailsHandler(m.getHashManager()))));
|
HashDetailsHandler.PATH, true);
|
||||||
routingHandler.post(HashLookupHandler.Path,
|
wrapWithTokenAndAuthorizationHandlers(routingHandler, Methods.POST,
|
||||||
AuthorizationHandler.around(m.getAccMgr(), sane(new HashLookupHandler(m.getIdentity(), m.getHashManager()))));
|
sane(new HashLookupHandler(m.getIdentity(), m.getHashManager())), HashLookupHandler.Path, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void addEndpoints(RoutingHandler routingHandler, HttpString method, boolean useAuthorization, ApiHandler... handlers) {
|
private void addEndpoints(RoutingHandler routingHandler, HttpString method, boolean useAuthorization, ApiHandler... handlers) {
|
||||||
@@ -220,27 +222,32 @@ public class HttpMxisd {
|
|||||||
routingHandler.add(method, apiHandler.getPath(IdentityServiceAPI.V1), httpHandler);
|
routingHandler.add(method, apiHandler.getPath(IdentityServiceAPI.V1), httpHandler);
|
||||||
}
|
}
|
||||||
if (matrixConfig.isV2()) {
|
if (matrixConfig.isV2()) {
|
||||||
List<PolicyConfig.PolicyObject> policyObjects = getPolicyObjects(apiHandler);
|
String path = apiHandler.getPath(IdentityServiceAPI.V2);
|
||||||
boolean wrapWithTerms = !policyObjects.isEmpty();
|
wrapWithTokenAndAuthorizationHandlers(routingHandler, method, httpHandler, path, useAuthorization);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private void wrapWithTokenAndAuthorizationHandlers(RoutingHandler routingHandler, HttpString method, HttpHandler httpHandler,
|
||||||
|
String url, boolean useAuthorization) {
|
||||||
|
List<PolicyConfig.PolicyObject> policyObjects = getPolicyObjects(url);
|
||||||
HttpHandler wrappedHandler;
|
HttpHandler wrappedHandler;
|
||||||
if (useAuthorization) {
|
if (useAuthorization) {
|
||||||
wrappedHandler = wrapWithTerms ? CheckTermsHandler.around(m.getAccMgr(), httpHandler, policyObjects) : httpHandler;
|
wrappedHandler = policyObjects.isEmpty() ? httpHandler : CheckTermsHandler.around(m.getAccMgr(), httpHandler, policyObjects);
|
||||||
wrappedHandler = AuthorizationHandler.around(m.getAccMgr(), wrappedHandler);
|
wrappedHandler = AuthorizationHandler.around(m.getAccMgr(), wrappedHandler);
|
||||||
} else {
|
} else {
|
||||||
wrappedHandler = httpHandler;
|
wrappedHandler = httpHandler;
|
||||||
}
|
}
|
||||||
routingHandler.add(method, apiHandler.getPath(IdentityServiceAPI.V2), wrappedHandler);
|
routingHandler.add(method, url, wrappedHandler);
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@NotNull
|
@NotNull
|
||||||
private List<PolicyConfig.PolicyObject> getPolicyObjects(ApiHandler apiHandler) {
|
private List<PolicyConfig.PolicyObject> getPolicyObjects(String url) {
|
||||||
PolicyConfig policyConfig = m.getConfig().getPolicy();
|
PolicyConfig policyConfig = m.getConfig().getPolicy();
|
||||||
List<PolicyConfig.PolicyObject> policies = new ArrayList<>();
|
List<PolicyConfig.PolicyObject> policies = new ArrayList<>();
|
||||||
if (!policyConfig.getPolicies().isEmpty()) {
|
if (!policyConfig.getPolicies().isEmpty()) {
|
||||||
for (PolicyConfig.PolicyObject policy : policyConfig.getPolicies().values()) {
|
for (PolicyConfig.PolicyObject policy : policyConfig.getPolicies().values()) {
|
||||||
for (Pattern pattern : policy.getPatterns()) {
|
for (Pattern pattern : policy.getPatterns()) {
|
||||||
if (pattern.matcher(apiHandler.getHandlerPath()).matches()) {
|
if (pattern.matcher(url).matches()) {
|
||||||
policies.add(policy);
|
policies.add(policy);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -2,7 +2,6 @@ package io.kamax.mxisd.http.undertow.handler.term.v2;
|
|||||||
|
|
||||||
import com.google.gson.JsonElement;
|
import com.google.gson.JsonElement;
|
||||||
import com.google.gson.JsonObject;
|
import com.google.gson.JsonObject;
|
||||||
import io.kamax.matrix.json.GsonUtil;
|
|
||||||
import io.kamax.mxisd.auth.AccountManager;
|
import io.kamax.mxisd.auth.AccountManager;
|
||||||
import io.kamax.mxisd.exception.InvalidCredentialsException;
|
import io.kamax.mxisd.exception.InvalidCredentialsException;
|
||||||
import io.kamax.mxisd.http.undertow.handler.BasicHttpHandler;
|
import io.kamax.mxisd.http.undertow.handler.BasicHttpHandler;
|
||||||
@@ -28,7 +27,7 @@ public class AcceptTermsHandler extends BasicHttpHandler {
|
|||||||
String token = getAccessToken(exchange);
|
String token = getAccessToken(exchange);
|
||||||
|
|
||||||
JsonObject request = parseJsonObject(exchange);
|
JsonObject request = parseJsonObject(exchange);
|
||||||
JsonObject accepts = GsonUtil.getObj(request, "user_accepts");
|
JsonElement accepts = request.get("user_accepts");
|
||||||
AccountDao account = accountManager.findAccount(token);
|
AccountDao account = accountManager.findAccount(token);
|
||||||
|
|
||||||
if (account == null) {
|
if (account == null) {
|
||||||
|
|||||||
@@ -294,6 +294,13 @@ public class OrmLiteSqlStorage implements IStorage {
|
|||||||
public void acceptTerm(String token, String url) {
|
public void acceptTerm(String token, String url) {
|
||||||
withCatcher(() -> {
|
withCatcher(() -> {
|
||||||
AccountDao account = findAccount(token).orElseThrow(InvalidCredentialsException::new);
|
AccountDao account = findAccount(token).orElseThrow(InvalidCredentialsException::new);
|
||||||
|
List<AcceptedDao> acceptedTerms = acceptedDao.queryForEq("userId", account.getUserId());
|
||||||
|
for (AcceptedDao acceptedTerm : acceptedTerms) {
|
||||||
|
if (acceptedTerm.getUrl().equalsIgnoreCase(url)) {
|
||||||
|
// already accepted
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
int created = acceptedDao.create(new AcceptedDao(url, account.getUserId(), System.currentTimeMillis()));
|
int created = acceptedDao.create(new AcceptedDao(url, account.getUserId(), System.currentTimeMillis()));
|
||||||
if (created != 1) {
|
if (created != 1) {
|
||||||
throw new RuntimeException("Unexpected row count after DB action: " + created);
|
throw new RuntimeException("Unexpected row count after DB action: " + created);
|
||||||
|
|||||||
Reference in New Issue
Block a user