Return the truth in user permissions. Simplify SimpleUserContext.

guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleAuthenticationProvider.java

@@ -41,7 +41,6 @@ import java.util.Map;
 import net.sourceforge.guacamole.GuacamoleException;
 import net.sourceforge.guacamole.net.auth.AuthenticationProvider;
 import net.sourceforge.guacamole.net.auth.Credentials;
-import net.sourceforge.guacamole.net.auth.User;
 import net.sourceforge.guacamole.net.auth.UserContext;
 import net.sourceforge.guacamole.protocol.GuacamoleConfiguration;
 
@@ -89,11 +88,8 @@ public abstract class SimpleAuthenticationProvider
         if (configs == null)
             return null;
 
-        // Build new user from credentials
-        User user = new SimpleUser(credentials.getUsername(), configs);
-
         // Return user context restricted to authorized configs
-        return new SimpleUserContext(user, configs);
+        return new SimpleUserContext(configs);
 
     }
 

guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUser.java

@@ -37,12 +37,15 @@ package net.sourceforge.guacamole.net.auth.simple;
  *
  * ***** END LICENSE BLOCK ***** */
 
+import java.util.Collection;
 import java.util.HashSet;
 import java.util.Map;
 import java.util.Set;
 import net.sourceforge.guacamole.GuacamoleException;
 import net.sourceforge.guacamole.GuacamoleSecurityException;
 import net.sourceforge.guacamole.net.auth.AbstractUser;
+import net.sourceforge.guacamole.net.auth.ConnectionGroup;
+import net.sourceforge.guacamole.net.auth.permission.ConnectionGroupPermission;
 import net.sourceforge.guacamole.net.auth.permission.ConnectionPermission;
 import net.sourceforge.guacamole.net.auth.permission.ObjectPermission;
 import net.sourceforge.guacamole.net.auth.permission.Permission;
@@ -72,14 +75,16 @@ public class SimpleUser extends AbstractUser {
      *
      * @param username The username to assign to this SimpleUser.
      * @param configs All configurations this user has read access to.
+     * @param groups All groups this user has read access to.
      */
     public SimpleUser(String username,
-            Map<String, GuacamoleConfiguration> configs) {
+            Map<String, GuacamoleConfiguration> configs,
+            Collection<ConnectionGroup> groups) {
 
         // Set username
         setUsername(username);
 
-        // Add permissions
+        // Add connection permissions
         for (String identifier : configs.keySet()) {
 
             // Create permission
@@ -93,6 +98,20 @@ public class SimpleUser extends AbstractUser {
 
         }
 
+        // Add group permissions
+        for (ConnectionGroup group : groups) {
+
+            // Create permission
+            Permission permission = new ConnectionGroupPermission(
+                ObjectPermission.Type.READ,
+                group.getIdentifier()
+            );
+
+            // Add to set
+            permissions.add(permission);
+
+        }
+
     }
 
     @Override

guacamole-ext/src/main/java/net/sourceforge/guacamole/net/auth/simple/SimpleUserContext.java

@@ -75,25 +75,25 @@ public class SimpleUserContext implements UserContext {
 
     /**
      * Creates a new SimpleUserContext which provides access to only those
-     * configurations within the given Map. The User given must be the user
-     * that owns this UserContext, and the Map given must contain only
-     * GuacamoleConfigurations that the given User has read access to.
+     * configurations within the given Map.
      * 
-     * @param self The owner of this UserContext.
      * @param configs A Map of all configurations for which the user associated
      *                with this UserContext has read access.
      */
-    public SimpleUserContext(User self,
-            Map<String, GuacamoleConfiguration> configs) {
-
-        this.self = self;
-        this.userDirectory = new SimpleUserDirectory(self);
+    public SimpleUserContext(Map<String, GuacamoleConfiguration> configs) {
 
         // Add root group that contains only configurations
         this.connectionGroup = new SimpleConnectionGroup("ROOT", "ROOT",
                 new SimpleConnectionDirectory(configs),
                 new SimpleConnectionGroupDirectory(Collections.EMPTY_LIST));
 
+        // Build new user from credentials, giving the user an arbitrary name
+        this.self = new SimpleUser("user",
+                configs, Collections.singleton(connectionGroup));
+
+        // Create user directory for new user
+        this.userDirectory = new SimpleUserDirectory(self);
+        
     }
 
     @Override