From 44d6870c76efd90c0105e36a35a6b44db5bd4a1a Mon Sep 17 00:00:00 2001
From: Rick Herrick <jrherrick@wustl.edu>
Date: Tue, 31 May 2016 12:40:26 -0500
Subject: [PATCH] Converted XnatInitCheckFilter initialization to use YAML
configuration instead of hard-coded URLs.
---
.../xnat/initialization/SecurityConfig.java | 39 ++++++++++++++-----
.../xnat/security/initialization-urls.yaml | 14 +++++++
2 files changed, 44 insertions(+), 9 deletions(-)
create mode 100644 src/main/resources/META-INF/xnat/security/initialization-urls.yaml
diff --git a/src/main/java/org/nrg/xnat/initialization/SecurityConfig.java b/src/main/java/org/nrg/xnat/initialization/SecurityConfig.java
index 771b24c2..c61d791d 100644
--- a/src/main/java/org/nrg/xnat/initialization/SecurityConfig.java
+++ b/src/main/java/org/nrg/xnat/initialization/SecurityConfig.java
@@ -1,6 +1,8 @@
package org.nrg.xnat.initialization;
import com.fasterxml.jackson.core.type.TypeReference;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.node.ArrayNode;
import org.nrg.config.exceptions.SiteConfigurationException;
import org.nrg.framework.services.SerializerService;
import org.nrg.xdat.preferences.InitializerSiteConfiguration;
@@ -100,7 +102,7 @@ public class SecurityConfig {
final SecurityContextLogoutHandler securityContextLogoutHandler = new SecurityContextLogoutHandler();
securityContextLogoutHandler.setInvalidateHttpSession(true);
final XnatLogoutHandler xnatLogoutHandler = new XnatLogoutHandler();
- final LogoutFilter filter = new LogoutFilter(logoutSuccessHandler, securityContextLogoutHandler, xnatLogoutHandler);
+ final LogoutFilter filter = new LogoutFilter(logoutSuccessHandler, securityContextLogoutHandler, xnatLogoutHandler);
filter.setFilterProcessesUrl("/app/action/LogoutUser");
return filter;
}
@@ -109,7 +111,7 @@ public class SecurityConfig {
public FilterSecurityInterceptorBeanPostProcessor filterSecurityInterceptorBeanPostProcessor() throws IOException {
final Resource resource = RESOURCE_LOADER.getResource("classpath:META-INF/xnat/security/configured-urls.yaml");
try (final InputStream inputStream = resource.getInputStream()) {
- final HashMap<String, ArrayList<String>> urlMap = _serializer.deserializeYaml(inputStream, TYPE_REFERENCE);
+ final HashMap<String, ArrayList<String>> urlMap = _serializer.deserializeYaml(inputStream, TYPE_REFERENCE);
final FilterSecurityInterceptorBeanPostProcessor postProcessor = new FilterSecurityInterceptorBeanPostProcessor();
postProcessor.setOpenUrls(urlMap.get("openUrls"));
postProcessor.setAdminUrls(urlMap.get("adminUrls"));
@@ -195,13 +197,17 @@ public class SecurityConfig {
}
@Bean
- public XnatInitCheckFilter xnatInitCheckFilter() {
- final XnatInitCheckFilter filter = new XnatInitCheckFilter();
- filter.setInitializationPaths(Arrays.asList("/xapi/siteConfig/batch", "/xapi/notifications/smtp"));
- filter.setConfigurationPath("/setup");
- filter.setNonAdminErrorPath("/app/template/Unconfigured.vm");
- filter.setExemptedPaths(Arrays.asList("/app/template/XDATScreen_UpdateUser.vm", "/app/action/ModifyPassword", "/app/template/Login.vm", "/style/app.css", "/login"));
- return filter;
+ public XnatInitCheckFilter xnatInitCheckFilter() throws IOException {
+ final Resource resource = RESOURCE_LOADER.getResource("classpath:META-INF/xnat/security/initialization-urls.yaml");
+ try (final InputStream inputStream = resource.getInputStream()) {
+ final XnatInitCheckFilter filter = new XnatInitCheckFilter();
+ final JsonNode paths = _serializer.deserializeYaml(inputStream);
+ filter.setConfigurationPath(paths.get("configPath").asText());
+ filter.setNonAdminErrorPath(paths.get("nonAdminErrorPath").asText());
+ filter.setInitializationPaths(nodeToList(paths.get("initPaths")));
+ filter.setExemptedPaths(nodeToList(paths.get("exemptedPaths")));
+ return filter;
+ }
}
@Bean
@@ -211,6 +217,21 @@ public class SecurityConfig {
return service;
}
+ protected List<String> nodeToList(final JsonNode node) {
+ final List<String> list = new ArrayList<>();
+ if (node.isArray()) {
+ final ArrayNode arrayNode = (ArrayNode) node;
+ for (final JsonNode item : arrayNode) {
+ list.add(item.asText());
+ }
+ } else if (node.isTextual()) {
+ list.add(node.asText());
+ } else {
+ list.add(node.toString());
+ }
+ return list;
+ }
+
private static final ResourceLoader RESOURCE_LOADER = new DefaultResourceLoader();
private static final TypeReference<HashMap<String, ArrayList<String>>> TYPE_REFERENCE = new TypeReference<HashMap<String, ArrayList<String>>>() {
};
diff --git a/src/main/resources/META-INF/xnat/security/initialization-urls.yaml b/src/main/resources/META-INF/xnat/security/initialization-urls.yaml
new file mode 100644
index 00000000..e536e0db
--- /dev/null
+++ b/src/main/resources/META-INF/xnat/security/initialization-urls.yaml
@@ -0,0 +1,14 @@
+configPath: /setup
+nonAdminErrorPath: /app/template/Unconfigured.vm
+
+initPaths:
+ - /xapi/siteConfig/batch
+ - /xapi/notifications/smtp
+ - /xapi/spawner/resolve/siteAdmin/siteSetup
+
+exemptedPaths:
+ - /app/template/XDATScreen_UpdateUser.vm
+ - /app/action/ModifyPassword
+ - /app/template/Login.vm
+ - /style/app.css
+ - /login
--
GitLab