usergrid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mru...@apache.org
Subject [29/50] [abbrv] usergrid git commit: Code review changes
Date Mon, 01 Aug 2016 16:54:04 GMT
Code review changes


Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/f8d5713b
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/f8d5713b
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/f8d5713b

Branch: refs/heads/master
Commit: f8d5713b620a5f2df6379f4e9073fa9edbebdafa
Parents: 6d88bcf
Author: Ayesha Dastagiri <ayesha.amrin@gmail.com>
Authored: Tue Jul 26 14:09:06 2016 -0700
Committer: Ayesha Dastagiri <ayesha.amrin@gmail.com>
Committed: Tue Jul 26 14:09:06 2016 -0700

----------------------------------------------------------------------
 .../main/resources/usergrid-default.properties    |  3 +++
 .../rest/management/ManagementResource.java       | 10 +++-------
 .../organizations/OrganizationsResource.java      | 18 ++++++++++--------
 .../cassandra/ManagementServiceImpl.java          | 11 +++++------
 4 files changed, 21 insertions(+), 21 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/usergrid/blob/f8d5713b/stack/config/src/main/resources/usergrid-default.properties
----------------------------------------------------------------------
diff --git a/stack/config/src/main/resources/usergrid-default.properties b/stack/config/src/main/resources/usergrid-default.properties
index 371b251..23da7e9 100644
--- a/stack/config/src/main/resources/usergrid-default.properties
+++ b/stack/config/src/main/resources/usergrid-default.properties
@@ -682,6 +682,9 @@ usergrid.test-account.admin-user.password=test
 #
 #
 
+# Set a flag to allow public org registrations
+usergrid.management.allow-public-registrations=true
+
 # Set the requirements for activiation and confirmations
 usergrid.sysadmin.approve.users=false
 usergrid.sysadmin.approve.organizations=false

http://git-wip-us.apache.org/repos/asf/usergrid/blob/f8d5713b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
index c5d7c77..285a22e 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
@@ -299,13 +299,9 @@ public class ManagementResource extends AbstractContextResource {
             if ( user == null ) {
 
 
-
-                //if ( !me ) { // if not lightweight-auth, i.e. /management/me then...
-
-                    // make sure authentication is allowed considering
-                    // external token validation configuration (UG Central SSO)
-                    ensureAuthenticationAllowed( username, grant_type );
-               // }
+                // make sure authentication is allowed considering
+                // external token validation configuration (UG Central SSO)
+                ensureAuthenticationAllowed( username, grant_type );
 
 
                 if ( authorization != null ) {

http://git-wip-us.apache.org/repos/asf/usergrid/blob/f8d5713b/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationsResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationsResource.java
b/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationsResource.java
index 823ebcc..b75ca60 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationsResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationsResource.java
@@ -40,8 +40,6 @@ import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.UriInfo;
 import java.util.*;
 
-import static org.apache.usergrid.security.tokens.cassandra.TokenServiceImpl.USERGRID_EXTERNAL_PROVIDER_URL;
-
 
 @Component( "org.apache.usergrid.rest.management.organizations.OrganizationsResource" )
 @Scope( "prototype" )
@@ -187,12 +185,16 @@ public class OrganizationsResource extends AbstractContextResource {
                                              String email, String password, Map<String,
Object> userProperties,
                                              Map<String, Object> orgProperties, String
callback ) throws Exception {
 
-        if ( tokens.isExternalSSOProviderEnabled() ) {
-            //let superuser add an org even if external SSO Provider is enabled.
-            if(!userServiceAdmin(null) ) { // what should the username be ?
-                throw new IllegalArgumentException("Organization / Admin Users must be created
via " +
-                    properties.getProperty(USERGRID_EXTERNAL_PROVIDER_URL));
-            }
+        // Providing no password in this request signifies that an existing admin users should
be associated to the
+        // newly requested organization.
+
+        // Always let the sysadmin create an org, but otherwise follow the behavior specified
with
+        // the property 'usergrid.management.allow-public-registration'
+        if ( ( System.getProperty("usergrid.management.allow-public-registration") != null
+            && !Boolean.valueOf(System.getProperty("usergrid.management.allow-public-registration"))
+            && !userServiceAdmin(null) ) ) {
+
+                throw new IllegalArgumentException("Public organization registration is disabled");
         }
 
         Preconditions

http://git-wip-us.apache.org/repos/asf/usergrid/blob/f8d5713b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
index e8bf0ec..97febdf 100644
--- a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
+++ b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
@@ -549,20 +549,19 @@ public class ManagementServiceImpl implements ManagementService {
                 return null;
             }
 
-            // irrespective of it being sso enabled or not , if its a super user request
it will try to fetch user if no password is passed.
-            if(password == null && SubjectUtils.isServiceAdmin()){
+            // sysadmin can omit password field in the request and that will try to fetch
an existing admin user to
+            // associate to the requested organization
+            if((password == null || password.isEmpty()) && SubjectUtils.isServiceAdmin()){
                 user = getAdminUserByEmail(email);
                 if(user == null ){
                     throw new IllegalArgumentException("Password should be sent in the request
or should be a valid admin user email.");
                 }
             }
-            else if(password == null ){   //for existing workflow.
-                throw new IllegalArgumentException("Password should be sent in the request.");
-            }
 
 
             if(user == null) {
-                if ((tokens.isExternalSSOProviderEnabled() && SubjectUtils.isServiceAdmin())
|| areActivationChecksDisabled()) {
+                // if external SSO is enabled and we're adding a user to an org, auto activate
the user
+                if (tokens.isExternalSSOProviderEnabled() || areActivationChecksDisabled())
{
                     user = createAdminUserInternal(null, username, name, email, password,
true, false, userProperties);
                 } else {
                     user = createAdminUserInternal(null, username, name, email, password,
activated, disabled, userProperties);


Mime
View raw message