Package net.solarnetwork.central.security

Class SecurityUtils

java.lang.Object
net.solarnetwork.central.security.SecurityUtils
public class SecurityUtils extends Object
Security helper methods.

  • Constructor Details

    • SecurityUtils

      public SecurityUtils()

  • Method Details

    • authenticate

      public static void authenticate(org.springframework.security.authentication.AuthenticationManager authenticationManager, Object username, Object password)
      Authenticate a user.
      Parameters:
      authenticationManager - the AuthenticationManager
      username - the username to authenticate
      password - the password to authenticate

    • removeAuthentication

      public static void removeAuthentication()
      Clear the current authentication.
      Since:
      2.2

    • becomeToken

      public static SecurityToken becomeToken(String tokenId, SecurityTokenType type, Long userId, SecurityPolicy policy)
      Become an authenticated token with a RUN_AS_ROLE_USER authority.
      Parameters:
      tokenId - the token ID to use
      type - the token type
      userId - the user ID
      policy - the security policy to use
      Since:
      2.0

    • becomeUser

      public static SecurityUser becomeUser(String username, String name, Long userId)
      Become a user with a RUN_AS_ROLE_USER authority.
      Parameters:
      username - the username (email) to use
      name - the name
      userId - the user ID
      Since:
      2.0

    • becomeNode

      public static SecurityNode becomeNode(Long nodeId)
      Become a node with a RUN_AS_ROLE_NODE authority.
      Parameters:
      nodeId - the node ID to become
      Since:
      1.4

    • requireAnyRole

      public static void requireAnyRole(Set<String> roles)
      Require any one of a set of roles for the current actor. The actor's roles are converted to upper case before testing for inclusion in the roles argument.
      Parameters:
      roles - the roles, one of which is required
      Since:
      1.2

    • requireAllRoles

      public static void requireAllRoles(Set<String> roles)
      Require any one of a set of roles for the current actor. The actor's roles are converted to upper case before testing for inclusion in the roles argument.
      Parameters:
      roles - the required roles
      Since:
      1.2

    • getCurrentAuthentication

      public static org.springframework.security.core.Authentication getCurrentAuthentication()
      Get the current active authentication.
      Returns:
      the active Authentication, or null if none available

    • getCurrentActor

      public static SecurityActor getCurrentActor() throws SecurityException
      Get the current SecurityActor.
      Returns:
      the current actor, never null
      Throws:
      SecurityException - if the actor is not available

    • getActor

      public static SecurityActor getActor(org.springframework.security.core.Authentication auth)
      Get the actor for a given authentication.
      Parameters:
      auth - the authentication
      Returns:
      the actor, never null
      Throws:
      SecurityException - if the actor is not available
      Since:
      2.1

    • getCurrentActorUserId

      public static Long getCurrentActorUserId() throws SecurityException
      Get the current SecurityActor's userId.
      Returns:
      The user ID of the current SecurityActor (never null).
      Throws:
      SecurityException - If the user ID is not available.
      Since:
      1.3

    • getActorUserId

      public static Long getActorUserId(org.springframework.security.core.Authentication auth) throws SecurityException
      Get the ID of the user associated with a given authentication.
      Parameters:
      auth - the authentication
      Returns:
      the ID of the user associated with the actor, never null
      Throws:
      SecurityException - if the user ID is not available
      Since:
      2.1

    • getCurrentToken

      public static SecurityToken getCurrentToken() throws SecurityException
      Get the current SecurityToken.
      Returns:
      the current actor, never null
      Throws:
      SecurityException - if the actor is not available

    • getToken

      public static SecurityToken getToken(org.springframework.security.core.Authentication auth) throws SecurityException
      Get a SecurityToken for a given authentication.
      Parameters:
      auth - the authentication
      Returns:
      the token actor, never null
      Throws:
      SecurityException - if the actor is not available or not a token
      Since:
      2.1

    • currentTokenId

      public static String currentTokenId()
      Get the current SecurityToken.getToken(), if available.
      Returns:
      the token, or null if a token is not available
      Since:
      2.2

    • getCurrentUser

      public static SecurityUser getCurrentUser() throws SecurityException
      Get the current SecurityUser.
      Returns:
      the current user, never null
      Throws:
      SecurityException - if the user is not available

    • getUser

      public static SecurityUser getUser(org.springframework.security.core.Authentication auth) throws SecurityException
      Get a SecurityUser for a given authentication.
      Parameters:
      auth - the authentication
      Returns:
      the user actor, never null
      Throws:
      SecurityException - if the actor is not available or is not a user
      Since:
      2.1

    • getCurrentNode

      public static SecurityNode getCurrentNode() throws SecurityException
      Get the current SecurityNode.
      Returns:
      the current node, never null
      Throws:
      SecurityException - if the node is not available

    • getNode

      public static SecurityNode getNode(org.springframework.security.core.Authentication auth) throws SecurityException
      Get a SecurityNode for a given authentication.
      Parameters:
      auth - the authentication
      Returns:
      the node actor, never null
      Throws:
      SecurityException - if the actor is not available or is not a node
      Since:
      2.1

    • authorizedNodeIdsForCurrentActor

      public static Long[] authorizedNodeIdsForCurrentActor(SolarNodeOwnershipDao nodeOwnershipDao)
      Get all node IDs the current actor is authorized to access.
      Parameters:
      nodeOwnershipDao - The DAO to use to fill in all available nodes for user-based actors, or null to not fill in nodes.
      Returns:
      The allowed node IDs.
      Throws:
      AuthorizationException - if no node IDs are allowed or there is no actor
      Since:
      2.0

    • authorizedNodeIds

      public static Long[] authorizedNodeIds(org.springframework.security.core.Authentication auth, SolarNodeOwnershipDao nodeOwnershipDao)
      Get all node IDs the given authentication is authorized to access.
      Parameters:
      auth - the authentication
      nodeOwnershipDao - the DAO to use to fill in all available nodes for user-based actors, or null to not fill in nodes
      Returns:
      the allowed node IDs
      Throws:
      AuthorizationException - if no node IDs are allowed or there is no actor
      Since:
      2.1

    • getActiveSecurityPolicy

      public static SecurityPolicy getActiveSecurityPolicy()
      Get a SecurityPolicy for the active user, if available.
      Returns:
      The active user's policy, or null.
      Since:
      2.2