[Major] refactored privileges returned on LoginResult

ch.eitchnet.privilege

@@ -1 +1 @@
-Subproject commit fa40671b8cc8c1b4f0cefc877d2786edbb77cc88
+Subproject commit 7ff8ba67793b35480b01134003aa5607244382a9

li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java

@@ -17,8 +17,8 @@ package li.strolch.rest.endpoint;
 
 import java.text.MessageFormat;
 import java.util.ArrayList;
-import java.util.Arrays;
 import java.util.List;
+import java.util.Set;
 
 import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
@@ -45,6 +45,7 @@ import org.slf4j.LoggerFactory;
 
 import ch.eitchnet.privilege.base.PrivilegeException;
 import ch.eitchnet.privilege.model.Certificate;
+import ch.eitchnet.privilege.model.IPrivilege;
 import ch.eitchnet.privilege.model.PrivilegeContext;
 import ch.eitchnet.utils.helper.StringHelper;
 
@@ -92,15 +93,16 @@ public class AuthenticationService {
 			loginResult.setParameters(certificate.getPropertyMap());
 			loginResult.setRoles(new ArrayList<>(certificate.getUserRoles()));
 
-			// TODO rethink this stupid aggregating of the allow list
-			List<String> allowList = new ArrayList<>();
+			List<LoginResult.Privilege> privileges = new ArrayList<>();
 			for (String name : privilegeContext.getPrivilegeNames()) {
-				allowList.addAll(privilegeContext.getPrivilege(name).getAllowList());
+				IPrivilege privilege = privilegeContext.getPrivilege(name);
+				Set<String> allowSet = privilege.getAllowList();
+				ArrayList<String> allowList = null;
+				if (!allowSet.isEmpty())
+					allowList = new ArrayList<>(allowSet);
+				privileges.add(new LoginResult.Privilege(name, privilege.isAllAllowed(), allowList));
 			}
-			if (allowList.isEmpty())
-				loginResult.setPrivileges(Arrays.asList("*")); //$NON-NLS-1$
-			else
-				loginResult.setPrivileges(allowList);
+			loginResult.setPrivileges(privileges);
 
 			return Response.ok().entity(loginResult)//
 					.header(HttpHeaders.AUTHORIZATION, certificate.getAuthToken())//

li.strolch.rest/src/main/java/li/strolch/rest/model/LoginResult.java

@@ -51,7 +51,7 @@ public class LoginResult {
 	private List<String> roles;
 
 	@XmlElement(name = "privileges")
-	private List<String> privileges;
+	private List<Privilege> privileges;
 
 	private Map<String, String> parameters;
 
@@ -172,7 +172,7 @@ public class LoginResult {
 	/**
 	 * @return the privileges
 	 */
-	public List<String> getPrivileges() {
+	public List<Privilege> getPrivileges() {
 		return this.privileges;
 	}
 
@@ -180,7 +180,54 @@ public class LoginResult {
 	 * @param privileges
 	 *            the privileges to set
 	 */
-	public void setPrivileges(List<String> privileges) {
+	public void setPrivileges(List<Privilege> privileges) {
 		this.privileges = privileges;
 	}
+
+	@XmlRootElement(name = "Privilege")
+	@XmlAccessorType(XmlAccessType.NONE)
+	public static class Privilege {
+
+		@XmlAttribute(name = "name")
+		private String name;
+		@XmlAttribute(name = "allAllowed")
+		private boolean allAllowed;
+		@XmlElement(name = "allowList")
+		private List<String> allowList;
+
+		public Privilege() {
+			// no-arg constructor for JAXB
+		}
+
+		public Privilege(String name, boolean allAllowed, List<String> allowList) {
+			this.name = name;
+			this.allAllowed = allAllowed;
+			this.allowList = allowList;
+		}
+
+		public void setName(String name) {
+			this.name = name;
+		}
+
+		public String getName() {
+			return this.name;
+		}
+
+		public List<String> getAllowList() {
+			return this.allowList;
+		}
+
+		public void setAllowList(List<String> allowList) {
+			this.allowList = allowList;
+		}
+
+		public boolean isAllAllowed() {
+			return this.allAllowed;
+		}
+
+		public void setAllAllowed(boolean allAllowed) {
+			this.allAllowed = allAllowed;
+		}
+
+	}
 }