ROLE_ALL_USER

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java

@@ -138,7 +138,8 @@ public abstract class AbstractAuthenticationProvider {
         //create session
         this.sessionManager.create(session.getId(), session);
         
-        AuthorizationUtils.setSession(session);
+        //set Authentication to http session
+        AuthorizationUtils.setAuthentication(authenticationToken);
      
         return authenticationToken;
     }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/InMemorySessionManager.java

@@ -85,7 +85,7 @@ public class InMemorySessionManager extends AbstractSessionManager{
         LocalTime currentTime = LocalTime.now();
         Duration duration = Duration.between(currentTime, session.getLastAccessTime());
         
-        _logger.trace("OnlineTicket duration " + duration.getSeconds());
+        _logger.trace("Session duration " + duration.getSeconds());
         
         if(duration.getSeconds() > Session.MAX_EXPIRY_DURATION) {
         	session.setLastAccessTime(currentTime);

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/RedisSessionManager.java

@@ -59,8 +59,8 @@ public class RedisSessionManager extends AbstractSessionManager {
 
 	@Override
 	public void create(String sessionId, Session ticket) {
-		RedisConnection conn=connectionFactory.getConnection();
-		conn.setexObject(PREFIX+sessionId, serviceTicketValiditySeconds, ticket);
+		RedisConnection conn = connectionFactory.getConnection();
+		conn.setexObject(PREFIX + sessionId, serviceTicketValiditySeconds, ticket);
 		conn.close();
 	}
 
@@ -101,7 +101,7 @@ public class RedisSessionManager extends AbstractSessionManager {
         LocalTime currentTime = LocalTime.now();
         Duration duration = Duration.between(currentTime, session.getLastAccessTime());
         
-        _logger.trace("OnlineTicket duration " + duration.getSeconds());
+        _logger.trace("Session duration " + duration.getSeconds());
         
         if(duration.getSeconds() > Session.MAX_EXPIRY_DURATION) {
         	session.setLastAccessTime(currentTime);

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java

@@ -44,7 +44,7 @@ public class AuthorizationUtils {
 			AuthJwtService authJwtService,
 			SessionManager sessionManager
 			) throws ParseException{
-		 if(getSession() == null) {
+		 if(getAuthentication() == null) {
 			Cookie authCookie = WebContext.getCookie(request, Authorization_Cookie);
 			if(authCookie != null ) {
 		    	String  authorization =  authCookie.getValue();
@@ -59,7 +59,7 @@ public class AuthorizationUtils {
 			AuthJwtService authJwtService,
 			SessionManager sessionManager
 			) throws ParseException{
-		 if(getSession() == null) {
+		 if(getAuthentication() == null) {
 			 String  authorization = AuthorizationHeaderUtils.resolveBearer(request);
 			if(authorization != null ) {
 				doJwtAuthenticate(authorization,authJwtService,sessionManager);
@@ -76,28 +76,12 @@ public class AuthorizationUtils {
 			String sessionId = authJwtService.resolveJWTID(authorization);
 			Session session = sessionManager.get(sessionId);
 			if(session != null) {
-				setSession(session);
 				setAuthentication(session.getAuthentication());
 			}
 		}
 	}
-	
-	//set session to http session
-    public static void setSession(Session session) {
-    	WebContext.setAttribute(WebConstants.SESSION, session);
-    }
 
-    public static Session getSession() {
-    	Session session = getSession(WebContext.getRequest());
-        return session;
-    }
     
-    //get session to http session
-    public static Session getSession(HttpServletRequest request) {
-    	Session session = (Session) request.getSession().getAttribute(WebConstants.SESSION);
-        return session;
-    }
-
     public static Authentication getAuthentication() {
     	Authentication authentication = (Authentication) getAuthentication(WebContext.getRequest());
         return authentication;
@@ -108,12 +92,13 @@ public class AuthorizationUtils {
         return authentication;
     }
     
+    //set Authentication to http session
     public static void setAuthentication(Authentication authentication) {
     	WebContext.setAttribute(WebConstants.AUTHENTICATION, authentication);
     }
 
     public static  boolean isAuthenticated() {
-    	return getSession() != null;
+    	return getAuthentication() != null;
     }
     
     public static  boolean isNotAuthenticated() {

maxkey-core/src/main/java/org/maxkey/entity/Groups.java

@@ -166,6 +166,17 @@ public class Groups extends JpaBaseEntity implements Serializable {
         this.status = status;
     }
 
+    /**
+     * ROLE_ALL_USER must be 
+     * 		1, dynamic 
+     * 		2, all orgIdsList 
+	 *		3, not filters
+     */
+    public void setDefaultAllUser() {
+    	this.dynamic = "1";
+    	this.orgIdsList ="";
+		this.filters ="";
+    }
     
     public String getDynamic() {
         return dynamic;

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/GroupsController.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -92,6 +92,9 @@ public class GroupsController {
 	@RequestMapping(value={"/update"}, produces = {MediaType.APPLICATION_JSON_VALUE})
 	public ResponseEntity<?> update(@RequestBody Groups group,@CurrentUser UserInfo currentUser) {
 		_logger.debug("-update  group :" + group);
+		if(group.getId().equalsIgnoreCase("ROLE_ALL_USER")) {
+			group.setDefaultAllUser();
+		}
 		group.setInstId(currentUser.getInstId());
 		if (groupsService.update(group)) {
 		    groupsService.refreshDynamicGroups(group);