SONAR-7732 Authentication is now done in Java

3 files changed, 10 insertions, 16 deletions

diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/api/authentication_controller.rb b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/api/authentication_controller.rb
index d8194ad7ef6..a55e5363ac9 100644
--- a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/api/authentication_controller.rb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/api/authentication_controller.rb
@@ -58,7 +58,7 @@ class Api::AuthenticationController < Api::ApiController
   end
 
   def anonymous?
-    !session.has_key?('user_id')
+    current_user.nil?
   end
 
   def set_cache_buster
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/application_controller.rb b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/application_controller.rb
index d1c1682b30e..83b7a6ebff8 100644
--- a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/application_controller.rb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/application_controller.rb
@@ -22,7 +22,7 @@ class ApplicationController < ActionController::Base
   include AuthenticatedSystem
   include NeedAuthorization::Helper
 
-  before_filter :check_database_version, :set_user_session, :check_authentication
+  before_filter :check_database_version, :set_i18n, :check_authentication
 
   # Required for JRuby 1.7
   rescue_from 'Java::JavaLang::Exception', :with => :render_java_exception
@@ -92,19 +92,13 @@ class ApplicationController < ActionController::Base
     end
   end
 
-  def set_user_session
+  def set_i18n
+    # TODO Is it really needed to do this ?
     if params[:locale]
       I18n.locale = request.compatible_language_from(available_locales, [params[:locale]])
     else
       I18n.locale = request.compatible_language_from(available_locales)
     end
-
-    if current_user && current_user.id
-      user_groups_name = current_user.groups.collect {|g| g.name}.to_a
-      Java::OrgSonarServerUser::RubyUserSession.setSession(current_user.id.to_i, current_user.login, current_user.name, user_groups_name, I18n.locale.to_s)
-    else
-      Java::OrgSonarServerUser::RubyUserSession.setSession(nil, nil, nil, nil, I18n.locale.to_s)
-    end
   end
 
   def check_authentication
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/lib/authenticated_system.rb b/server/sonar-web/src/main/webapp/WEB-INF/lib/authenticated_system.rb
index 3032f4038f8..02f70471036 100644
--- a/server/sonar-web/src/main/webapp/WEB-INF/lib/authenticated_system.rb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/lib/authenticated_system.rb
@@ -8,16 +8,14 @@ module AuthenticatedSystem
   # Accesses the current user from the session.
   # Future calls avoid the database because nil is not equal to false.
   def current_user
-    @current_user ||= (login_from_session || login_from_basic_auth) unless @current_user == false
+    @current_user ||= (login_from_java_user_session || login_from_basic_auth) unless @current_user == false
   end
 
-  # Store the given user id in the session.
+  # Store the given user
   def current_user=(new_user)
     if new_user
-      session['user_id'] = new_user.id
       @current_user = new_user
     else
-      session['user_id'] = nil
       @current_user = false
     end
   end
@@ -120,8 +118,10 @@ module AuthenticatedSystem
   #
 
   # Called from #current_user.  First attempt to login by the user id stored in the session.
-  def login_from_session
-    self.current_user = User.find_by_id(session['user_id']) if session['user_id']
+  def login_from_java_user_session
+    userSession = Java::OrgSonarServerPlatform::Platform.component(Java::OrgSonarServerUser::UserSession.java_class)
+    user_id = userSession.getUserId() if userSession && userSession.isLoggedIn()
+    self.current_user = User.find_by_id(user_id) if user_id
   end
 
   # Called from #current_user.  Now, attempt to login by basic authentication information.