diff --git a/sigla-ejb/src/main/java/it/cnr/contab/utente00/nav/comp/GestioneLoginComponent.java b/sigla-ejb/src/main/java/it/cnr/contab/utente00/nav/comp/GestioneLoginComponent.java index 7d3dfe5e71..00500fde32 100644 --- a/sigla-ejb/src/main/java/it/cnr/contab/utente00/nav/comp/GestioneLoginComponent.java +++ b/sigla-ejb/src/main/java/it/cnr/contab/utente00/nav/comp/GestioneLoginComponent.java @@ -894,7 +894,7 @@ public boolean isUtenteAbilitatoLdap(UserContext userContext, String uid, boolea .map(s -> s.equalsIgnoreCase("si")) .orElse(Boolean.FALSE); } catch (NoSuchBeanDefinitionException _ex){ - return true; + return false; } catch (Throwable e) { throw handleException(e); } diff --git a/sigla-web/src/main/java/it/cnr/contab/web/rest/model/AccountDTO.java b/sigla-web/src/main/java/it/cnr/contab/web/rest/model/AccountDTO.java index 6625116b56..2e500cfbea 100644 --- a/sigla-web/src/main/java/it/cnr/contab/web/rest/model/AccountDTO.java +++ b/sigla-web/src/main/java/it/cnr/contab/web/rest/model/AccountDTO.java @@ -54,7 +54,7 @@ public class AccountDTO { private Map> roles; private List users; private Boolean utenteMultiplo; - + private Boolean abilitatoLdap; public AccountDTO(UtenteBulk currentUser) { super(); this.roles = new HashMap>(); @@ -280,4 +280,12 @@ public Boolean getUtenteMultiplo() { public void setUtenteMultiplo(Boolean utenteMultiplo) { this.utenteMultiplo = utenteMultiplo; } + + public Boolean getAbilitatoLdap() { + return abilitatoLdap; + } + + public void setAbilitatoLdap(Boolean abilitatoLdap) { + this.abilitatoLdap = abilitatoLdap; + } } diff --git a/sigla-web/src/main/java/it/cnr/contab/web/rest/resource/config00/AccountResource.java b/sigla-web/src/main/java/it/cnr/contab/web/rest/resource/config00/AccountResource.java index ddd8c23962..96f629f03e 100644 --- a/sigla-web/src/main/java/it/cnr/contab/web/rest/resource/config00/AccountResource.java +++ b/sigla-web/src/main/java/it/cnr/contab/web/rest/resource/config00/AccountResource.java @@ -18,6 +18,7 @@ package it.cnr.contab.web.rest.resource.config00; import it.cnr.contab.security.auth.SIGLALDAPPrincipal; +import it.cnr.contab.utente00.nav.ejb.GestioneLoginComponentSession; import it.cnr.contab.utenze00.bp.CNRUserContext; import it.cnr.contab.utenze00.bulk.UtenteBulk; import it.cnr.contab.web.rest.config.RESTSecurityInterceptor; @@ -59,6 +60,8 @@ public class AccountResource implements AccountLocal { @EJB private CRUDComponentSession crudComponentSession; + @EJB + private GestioneLoginComponentSession gestioneLoginComponentSession; public AccountDTO getAccountDTO(HttpServletRequest request) throws Exception { CNRUserContext userContext = AbstractResource.getUserContext(securityContext, request); @@ -88,6 +91,7 @@ public AccountDTO getAccountDTO(HttpServletRequest request) throws Exception { accountDTO.setFirstName((String) siglaldapPrincipal.get().getAttribute("cnrnome")); accountDTO.setLastName((String) siglaldapPrincipal.get().getAttribute("cnrcognome")); accountDTO.setLdap(Boolean.TRUE); + accountDTO.setAbilitatoLdap(Boolean.TRUE); accountDTO.setUtenteMultiplo(findUtenteByUID.size() > 1); } else { LOGGER.warn("User {} not found!", securityContext.getUserPrincipal().getName()); @@ -97,16 +101,17 @@ public AccountDTO getAccountDTO(HttpServletRequest request) throws Exception { } else if (keycloakPrincipal.isPresent()) { final IDToken idToken = Optional.ofNullable(keycloakPrincipal.get().getKeycloakSecurityContext().getIdToken()) .orElse(keycloakPrincipal.get().getKeycloakSecurityContext().getToken()); + final String uid = Optional.ofNullable(idToken.getOtherClaims()) + .flatMap(stringObjectMap -> Optional.ofNullable(stringObjectMap.get(RESTSecurityInterceptor.USERNAME_CNR))) + .filter(String.class::isInstance) + .map(String.class::cast) + .orElse(idToken.getPreferredUsername()); final List findUtenteByUID = crudComponentSession.find( userContext, UtenteBulk.class, FIND_UTENTE_BY_UID, userContext, - Optional.ofNullable(idToken.getOtherClaims()) - .flatMap(stringObjectMap -> Optional.ofNullable(stringObjectMap.get(RESTSecurityInterceptor.USERNAME_CNR))) - .filter(String.class::isInstance) - .map(String.class::cast) - .orElse(idToken.getPreferredUsername()) + uid ); final Optional utenteBulk1 = findUtenteByUID.stream().findFirst(); if (!utenteBulk1.isPresent()) { @@ -118,8 +123,9 @@ public AccountDTO getAccountDTO(HttpServletRequest request) throws Exception { accountDTO.setEmail(idToken.getEmail()); accountDTO.setFirstName(idToken.getGivenName()); accountDTO.setLastName(idToken.getFamilyName()); - accountDTO.setLdap(Boolean.TRUE); accountDTO.setUtenteMultiplo(findUtenteByUID.size() > 1); + accountDTO.setLdap(Boolean.TRUE); + accountDTO.setAbilitatoLdap(gestioneLoginComponentSession.isUtenteAbilitatoLdap(userContext, uid, Boolean.TRUE)); } else { final UtenteBulk utenteBulk = (UtenteBulk) crudComponentSession.findByPrimaryKey( userContext, @@ -133,6 +139,7 @@ public AccountDTO getAccountDTO(HttpServletRequest request) throws Exception { accountDTO.setLogin(securityContext.getUserPrincipal().getName()); accountDTO.setUsers(Arrays.asList(utenteBulk).stream().map(utente -> new AccountDTO(utente)).collect(Collectors.toList())); accountDTO.setLdap(Boolean.FALSE); + accountDTO.setAbilitatoLdap(Boolean.FALSE); accountDTO.setUtenteMultiplo(Boolean.FALSE); } accountDTO.setEsercizio(userContext.getEsercizio());