Added 04 A Finer Grain of Conreol for Spring tutorial.

Author: dogeared

tutorials/spring-boot/04-a-finer-grain-of-control/src/main/java/com/stormpath/tutorial/controller/HelloController.java

@@ -15,6 +15,11 @@
  */
 package com.stormpath.tutorial.controller;
 
+import com.stormpath.sdk.account.Account;
+import com.stormpath.sdk.directory.CustomData;
+import com.stormpath.sdk.group.Group;
+import com.stormpath.sdk.group.GroupList;
+import com.stormpath.sdk.lang.Collections;
 import com.stormpath.sdk.servlet.account.AccountResolver;
 import com.stormpath.tutorial.service.HelloService;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -24,6 +29,10 @@
 import org.springframework.web.bind.annotation.RequestMapping;
 
 import javax.servlet.http.HttpServletRequest;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
 
 /**
  * @since 1.0.RC5
@@ -46,7 +55,22 @@ String home(HttpServletRequest req, Model model) {
     }
 
     @RequestMapping("/userdetails")
-    String userDetails() {
+    String userDetails(HttpServletRequest req, Model model) {
+        Account account = AccountResolver.INSTANCE.getAccount(req);
+        Map<String, List<String>> springSecurityPermissions = new HashMap<>();
+
+        // group perms
+        for (Group group : account.getGroups()) {
+            updateSpringSecurityPermissionsMap(
+               "group:" + group.getName(), springSecurityPermissions, group.getCustomData()
+            );
+        }
+
+        // account perms
+        updateSpringSecurityPermissionsMap("account", springSecurityPermissions, account.getCustomData());
+
+        model.addAttribute("springSecurityPermissions", springSecurityPermissions);
+
         return "userdetails";
     }
 
@@ -59,4 +83,13 @@ String restricted(HttpServletRequest req, Model model) {
         return "restricted";
     }
 
+    @SuppressWarnings("unchecked")
+    private void updateSpringSecurityPermissionsMap(
+            String key, Map<String, List<String>> springSecurityPermissions, CustomData customData
+    ) {
+        List<String> springSecurityPermissionsList = (List<String>) customData.get("springSecurityPermissions");
+        if (!Collections.isEmpty(springSecurityPermissionsList)) {
+            springSecurityPermissions.put(key, springSecurityPermissionsList);
+        }
+    }
 }

tutorials/spring-boot/04-a-finer-grain-of-control/src/main/resources/templates/userdetails.html

@@ -39,6 +39,20 @@ <h2>You belong to these groups:</h2>
                         </tr>
                     </table>
 
+                    <h2>You have these permissions:</h2>
+                    <table class="table table-bordered  ">
+                        <tr>
+                            <th>Source</th>
+                            <th>Spring Security Permissions</th>
+                        </tr>
+                        <tr th:each="permission: ${springSecurityPermissions}">
+                            <td th:text="${permission.key}"/>
+                            <td>
+                                <span th:each="value: ${permission.value}" th:inline="text">[[${value}]]<br/></span>
+                            </td>
+                        </tr>
+                    </table>
+
                     <a href="/" class="btn btn-primary">Go Home</a>
                 </div>
             </div>

tutorials/spring/04-a-finer-grain-of-control/pom.xml

@@ -0,0 +1,116 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright 2016 Stormpath, Inc.
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~     http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>com.stormpath.sdk</groupId>
+        <artifactId>stormpath-sdk-tutorials-spring</artifactId>
+        <version>1.3.0-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+
+    <groupId>com.stormpath.spring</groupId>
+    <artifactId>stormpath-sdk-tutorials-spring-security-webmvc-a-finer-grain-of-control</artifactId>
+    <version>1.3.0-SNAPSHOT</version>
+
+    <name>Stormpath Java SDK :: Tutorials :: Spring Security WebMVC :: A Finer Grain Of Control</name>
+    <description>A simple Spring Security Web MVC application with out-of-the-box login and self-service screens!</description>
+    <packaging>war</packaging>
+
+    <dependencies>
+        <!-- Compile-time dependencies: -->
+        <dependency>
+            <groupId>com.stormpath.spring</groupId>
+            <artifactId>stormpath-spring-security-webmvc</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>javax.servlet-api</artifactId>
+            <version>${servlet.version}</version>
+            <scope>provided</scope>
+        </dependency>
+
+        <!-- Runtime-only dependencies: -->
+        <dependency>
+            <groupId>com.stormpath.sdk</groupId>
+            <artifactId>stormpath-sdk-httpclient</artifactId>
+            <version>${project.version}</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>jcl-over-slf4j</artifactId>
+            <version>${slf4j.version}</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>ch.qos.logback</groupId>
+            <artifactId>logback-classic</artifactId>
+            <version>${logback.version}</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-taglibs</artifactId>
+            <version>${spring.security.version}</version>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>3.2</version>
+                <configuration>
+                    <source>${jdk.version}</source>
+                    <target>${jdk.version}</target>
+                    <encoding>${project.build.sourceEncoding}</encoding>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-war-plugin</artifactId>
+                <version>2.6</version>
+                <configuration>
+                    <failOnMissingWebXml>false</failOnMissingWebXml>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.tomcat.maven</groupId>
+                <artifactId>tomcat7-maven-plugin</artifactId>
+                <version>2.2</version>
+                <configuration>
+                    <path>/</path>
+                    <server>
+                        <autoDeploy>true</autoDeploy>
+                        <backgroundProcessorDelay>10</backgroundProcessorDelay>
+                    </server>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-deploy-plugin</artifactId>
+                <version>2.8.2</version>
+            </plugin>
+        </plugins>
+    </build>
+
+</project>

tutorials/spring/04-a-finer-grain-of-control/src/main/java/com/stormpath/tutorial/ErrorController.java

@@ -0,0 +1,41 @@
+/*
+ * Copyright 2016 Stormpath, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.stormpath.tutorial;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * @since 1.3.0
+ */
+@Controller
+public class ErrorController {
+
+    @RequestMapping("/403")
+    public String forbidden(Model model) {
+        Map<String, String> errors = new HashMap<>();
+        errors.put("status", "403");
+        errors.put("message", "Access is Denied");
+
+        model.addAttribute("errors", errors);
+
+        return "error";
+    }
+}

tutorials/spring/04-a-finer-grain-of-control/src/main/java/com/stormpath/tutorial/Groups.java

@@ -0,0 +1,33 @@
+/*
+ * Copyright 2016 Stormpath, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.stormpath.tutorial;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.env.Environment;
+import org.springframework.stereotype.Component;
+
+/**
+ * @since 1.3.0
+ */
+@Component
+public class Groups {
+    public final String USER;
+
+    @Autowired
+    public Groups(Environment env) {
+        USER = env.getProperty("stormpath.authorized.user.group.href");
+    }
+}

tutorials/spring/04-a-finer-grain-of-control/src/main/java/com/stormpath/tutorial/HelloController.java

@@ -0,0 +1,97 @@
+/*
+ * Copyright 2016 Stormpath, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.stormpath.tutorial;
+
+import com.stormpath.sdk.account.Account;
+import com.stormpath.sdk.directory.CustomData;
+import com.stormpath.sdk.group.Group;
+import com.stormpath.sdk.group.GroupList;
+import com.stormpath.sdk.lang.Collections;
+import com.stormpath.sdk.servlet.account.AccountResolver;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.util.Assert;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * @since 1.3.0
+ */
+@Controller
+public class HelloController {
+
+    private HelloService helloService;
+
+    @Autowired
+    public HelloController(HelloService helloService) {
+        Assert.notNull(helloService);
+        this.helloService = helloService;
+    }
+
+    @RequestMapping("/")
+    String home(HttpServletRequest req, Model model) {
+        model.addAttribute("status", req.getParameter("status"));
+        return "home";
+    }
+
+    @RequestMapping("/userdetails")
+    String userDetails(HttpServletRequest req, Model model) {
+        Account account = AccountResolver.INSTANCE.getAccount(req);
+        Map<String, List<String>> springSecurityPermissions = new HashMap<>();
+
+        // groups
+        List<Group> groups = new ArrayList<>();
+        for (Group group : account.getGroups()) {
+            groups.add(group);
+            updateSpringSecurityPermissionsMap(
+                "group:" + group.getName(), springSecurityPermissions, group.getCustomData()
+            );
+        }
+        model.addAttribute("groups", groups);
+
+        // perms
+        updateSpringSecurityPermissionsMap("account", springSecurityPermissions, account.getCustomData());
+
+        model.addAttribute("springSecurityPermissions", springSecurityPermissions);
+
+        return "userdetails";
+    }
+
+    @RequestMapping("/restricted")
+    String restricted(HttpServletRequest req, Model model) {
+        String msg = helloService.sayHello(
+            AccountResolver.INSTANCE.getAccount(req)
+        );
+        model.addAttribute("msg", msg);
+        return "restricted";
+    }
+
+    @SuppressWarnings("unchecked")
+    private void updateSpringSecurityPermissionsMap(
+        String key, Map<String, List<String>> springSecurityPermissions, CustomData customData
+    ) {
+        List<String> springSecurityPermissionsList = (List<String>) customData.get("springSecurityPermissions");
+        if (!Collections.isEmpty(springSecurityPermissionsList)) {
+            springSecurityPermissions.put(key, springSecurityPermissionsList);
+        }
+    }
+}