Examples with SecurityViolationException com.evolveum.midpoint.util.exception.SecurityViolationException used on opensource projects

Example 66 with SecurityViolationException

use of com.evolveum.midpoint.util.exception.SecurityViolationException in project midpoint by Evolveum.

the class ResourceContentPanel method importResourceObject.

protected void importResourceObject(ShadowType selected, AjaxRequestTarget target) {
    List<ShadowType> selectedShadow = null;
    if (selected != null) {
        selectedShadow = new ArrayList<>();
        selectedShadow.add(selected);
    } else {
        selectedShadow = getTable().getSelectedObjects();
    }
    OperationResult result = new OperationResult(OPERATION_IMPORT_OBJECT);
    Task task = pageBase.createSimpleTask(OPERATION_IMPORT_OBJECT);
    if (selectedShadow == null || selectedShadow.isEmpty()) {
        result.recordWarning("Nothing select to import");
        getPageBase().showResult(result);
        target.add(getPageBase().getFeedbackPanel());
        return;
    }
    for (ShadowType shadow : selectedShadow) {
        try {
            getPageBase().getModelService().importFromResource(shadow.getOid(), task, result);
        } catch (ObjectNotFoundException | SchemaException | SecurityViolationException | CommunicationException | ConfigurationException | ExpressionEvaluationException e) {
            result.recordPartialError("Could not import account " + shadow, e);
            LOGGER.error("Could not import account {} ", shadow, e);
            continue;
        }
    }
    result.computeStatusIfUnknown();
    getPageBase().showResult(result);
    getTable().refreshTable(null, target);
    target.add(getPageBase().getFeedbackPanel());
}

Example 67 with SecurityViolationException

use of com.evolveum.midpoint.util.exception.SecurityViolationException in project midpoint by Evolveum.

the class PageSecurityQuestions method resetPassword.

private void resetPassword(UserType user, AjaxRequestTarget target) {
    Task task = createAnonymousTask(OPERATION_RESET_PASSWORD);
    OperationResult result = task.getResult();
    LOGGER.debug("Resetting password for {}", user);
    ProtectedStringType password = new ProtectedStringType();
    Collection<SelectorOptions<GetOperationOptions>> options = SelectorOptions.createCollection(GetOperationOptions.createResolve(), SystemConfigurationType.F_DEFAULT_USER_TEMPLATE, SystemConfigurationType.F_GLOBAL_PASSWORD_POLICY);
    PrismObject<SystemConfigurationType> systemConfig = null;
    String newPassword = "";
    PageBase page = (PageBase) getPage();
    ModelService modelService = page.getModelService();
    try {
        systemConfig = modelService.getObject(SystemConfigurationType.class, SystemObjectsType.SYSTEM_CONFIGURATION.value(), options, task, result);
        LOGGER.trace("system config {}", systemConfig);
        if (systemConfig.asObjectable().getNotificationConfiguration() != null) {
            // Security policy with the minumum number of chars
            if (systemConfig.asObjectable().getGlobalPasswordPolicyRef() != null) {
                PrismObject<ValuePolicyType> valPolicy = modelService.getObject(ValuePolicyType.class, systemConfig.asObjectable().getGlobalPasswordPolicyRef().getOid(), options, task, result);
                LOGGER.trace("password policy {}", valPolicy);
                newPassword = getModelInteractionService().generateValue(valPolicy.asObjectable().getStringPolicy(), valPolicy.asObjectable().getStringPolicy().getLimitations().getMinLength(), false, user.asPrismObject(), "security questions password generation", task, result);
            } else {
                // TODO What if there is no policy? What should be done to
                // provide a new automatic password
                warn(getString("pageSecurityQuestions.message.noPolicySet"));
                target.add(getFeedbackPanel());
                return;
            }
        } else {
            // TODO localization
            getSession().error(getString("pageSecurityQuestions.message.notificationsNotSet"));
            LOGGER.trace("Notificatons not set, returning to login page");
            throw new RestartResponseException(PageLogin.class);
        }
    } catch (ObjectNotFoundException | ExpressionEvaluationException e1) {
        LoggingUtils.logUnexpectedException(LOGGER, "Couldn't reset password", e1);
    } catch (SchemaException e1) {
        LoggingUtils.logUnexpectedException(LOGGER, "Couldn't reset password", e1);
        e1.printStackTrace();
    } catch (SecurityViolationException e1) {
        LoggingUtils.logUnexpectedException(LOGGER, "Couldn't reset password", e1);
    } catch (CommunicationException e1) {
        LoggingUtils.logUnexpectedException(LOGGER, "Couldn't reset password", e1);
    } catch (ConfigurationException e1) {
        LoggingUtils.logUnexpectedException(LOGGER, "Couldn't reset password", e1);
    }
    password.setClearValue(newPassword);
    WebComponentUtil.encryptProtectedString(password, true, getMidpointApplication());
    final ItemPath valuePath = new ItemPath(SchemaConstantsGenerated.C_CREDENTIALS, CredentialsType.F_PASSWORD, PasswordType.F_VALUE);
    SchemaRegistry registry = getPrismContext().getSchemaRegistry();
    Collection<ObjectDelta<? extends ObjectType>> deltas = new ArrayList<ObjectDelta<? extends ObjectType>>();
    PrismObjectDefinition objDef = registry.findObjectDefinitionByCompileTimeClass(UserType.class);
    PropertyDelta delta = PropertyDelta.createModificationReplaceProperty(valuePath, objDef, password);
    Class<? extends ObjectType> type = UserType.class;
    deltas.add(ObjectDelta.createModifyDelta(user.getOid(), delta, type, getPrismContext()));
    try {
        modelService.executeChanges(deltas, null, task, result);
        OperationResult parentResult = new OperationResult(OPERATION_LOAD_RESET_PASSWORD_POLICY);
        try {
            if (getModelInteractionService().getCredentialsPolicy(null, null, parentResult).getSecurityQuestions().getResetMethod().getResetType().equals(CredentialsResetTypeType.SECURITY_QUESTIONS)) {
                getSession().setAttribute("pwdReset", newPassword);
                setResponsePage(PageShowPassword.class);
            } else if (getModelInteractionService().getCredentialsPolicy(null, null, parentResult).getSecurityQuestions().getResetMethod().getResetType().equals(CredentialsResetTypeType.SECURITY_QUESTIONS_EMAIL)) {
                if (systemConfig.asObjectable().getNotificationConfiguration() != null && systemConfig.asObjectable().getNotificationConfiguration().getMail() != null) {
                    MailConfigurationType mailConfig = systemConfig.asObjectable().getNotificationConfiguration().getMail();
                    if (mailConfig.getServer() != null) {
                        List serverList = mailConfig.getServer();
                        if (serverList.size() > 0) {
                            MailServerConfigurationType mailServerType = mailConfig.getServer().get(0);
                            sendMailToUser(mailServerType.getUsername(), getMidpointApplication().getProtector().decryptString(mailServerType.getPassword()), newPassword, mailServerType.getHost(), mailServerType.getPort().toString(), mailConfig.getDefaultFrom(), user.getEmailAddress());
                        } else {
                            getSession().error(getString("pageLogin.message.ForgetPasswordSettingsWrong"));
                            throw new RestartResponseException(PageLogin.class);
                        }
                    } else {
                        getSession().error(getString("pageLogin.message.ForgetPasswordSettingsWrong"));
                        throw new RestartResponseException(PageLogin.class);
                    }
                } else {
                    // System.out.println("ifff4");
                    getSession().error(getString("pageLogin.message.ForgetPasswordSettingsWrong"));
                    throw new RestartResponseException(PageLogin.class);
                }
            }
        } catch (ObjectNotFoundException | SchemaException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
    // TODO ASAP a message should be shown as the result of the process
    // MailMessage mailMessage=new MailMessage(, port);
    // mailTransport.send(mailMessage, transportName, task,
    // parentResult);
    } catch (ObjectAlreadyExistsException | ObjectNotFoundException | SchemaException | ExpressionEvaluationException | CommunicationException | ConfigurationException | PolicyViolationException | SecurityViolationException | EncryptionException e) {
        LoggingUtils.logUnexpectedException(LOGGER, "reset password exception", e);
    }
}

Example 68 with SecurityViolationException

use of com.evolveum.midpoint.util.exception.SecurityViolationException in project midpoint by Evolveum.

the class PageProcessInstances method stopProcessInstancesPerformed.

private void stopProcessInstancesPerformed(AjaxRequestTarget target) {
    MidPointPrincipal user = SecurityUtils.getPrincipalUser();
    List<ProcessInstanceDto> selectedStoppableInstances = new ArrayList<>();
    for (Selectable row : WebComponentUtil.getSelectedData(getTable())) {
        ProcessInstanceDto instance = (ProcessInstanceDto) row;
        if (instance.getEndTimestamp() == null) {
            selectedStoppableInstances.add(instance);
        }
    }
    if (!isSomeItemSelected(selectedStoppableInstances, true, target)) {
        return;
    }
    OperationResult result = new OperationResult(OPERATION_STOP_PROCESS_INSTANCES);
    WorkflowService workflowService = getWorkflowService();
    for (ProcessInstanceDto instance : selectedStoppableInstances) {
        try {
            workflowService.stopProcessInstance(instance.getProcessInstanceId(), WebComponentUtil.getOrigStringFromPoly(user.getName()), result);
        } catch (SchemaException | ObjectNotFoundException | SecurityViolationException | RuntimeException ex) {
            result.createSubresult(OPERATION_STOP_PROCESS_INSTANCE).recordPartialError("Couldn't stop process instance " + instance.getName(), ex);
        }
    }
    if (result.isUnknown()) {
        result.recomputeStatus();
    }
    if (result.isSuccess()) {
        result.recordStatus(OperationResultStatus.SUCCESS, "Selected process instance(s) have been successfully stopped.");
    }
    showResult(result);
    ProcessInstanceDtoProvider provider = (ProcessInstanceDtoProvider) getTable().getDataTable().getDataProvider();
    provider.clearCache();
    //refresh feedback and table
    target.add(getFeedbackPanel());
    target.add(getTable());
}

Example 69 with SecurityViolationException

use of com.evolveum.midpoint.util.exception.SecurityViolationException in project midpoint by Evolveum.

the class PageWorkItems method releaseWorkItemsPerformed.

private void releaseWorkItemsPerformed(AjaxRequestTarget target) {
    List<WorkItemDto> workItemDtoList = getWorkItemsPanel().getSelectedWorkItems();
    if (!isSomeItemSelected(workItemDtoList, target)) {
        return;
    }
    OperationResult mainResult = new OperationResult(OPERATION_RELEASE_ITEMS);
    WorkflowService workflowService = getWorkflowService();
    for (WorkItemDto workItemDto : workItemDtoList) {
        OperationResult result = mainResult.createSubresult(OPERATION_RELEASE_ITEM);
        try {
            workflowService.releaseWorkItem(workItemDto.getWorkItemId(), result);
            result.computeStatusIfUnknown();
        } catch (ObjectNotFoundException | SecurityViolationException | RuntimeException e) {
            result.recordPartialError("Couldn't release work item due to an unexpected exception.", e);
        }
    }
    if (mainResult.isUnknown()) {
        mainResult.recomputeStatus();
    }
    if (mainResult.isSuccess()) {
        mainResult.recordStatus(OperationResultStatus.SUCCESS, "The work item(s) have been successfully released.");
    }
    showResult(mainResult);
    resetWorkItemCountModel();
    target.add(this);
}

Example 70 with SecurityViolationException

use of com.evolveum.midpoint.util.exception.SecurityViolationException in project midpoint by Evolveum.

the class PageWorkItems method claimWorkItemsPerformed.

private void claimWorkItemsPerformed(AjaxRequestTarget target) {
    List<WorkItemDto> workItemDtoList = getWorkItemsPanel().getSelectedWorkItems();
    if (!isSomeItemSelected(workItemDtoList, target)) {
        return;
    }
    OperationResult mainResult = new OperationResult(OPERATION_CLAIM_ITEMS);
    WorkflowService workflowService = getWorkflowService();
    for (WorkItemDto workItemDto : workItemDtoList) {
        OperationResult result = mainResult.createSubresult(OPERATION_CLAIM_ITEM);
        try {
            workflowService.claimWorkItem(workItemDto.getWorkItemId(), result);
            result.computeStatusIfUnknown();
        } catch (ObjectNotFoundException | SecurityViolationException | RuntimeException e) {
            result.recordPartialError("Couldn't claim work item due to an unexpected exception.", e);
        }
    }
    if (mainResult.isUnknown()) {
        mainResult.recomputeStatus();
    }
    if (mainResult.isSuccess()) {
        mainResult.recordStatus(OperationResultStatus.SUCCESS, "The work item(s) have been successfully claimed.");
    }
    showResult(mainResult);
    resetWorkItemCountModel();
    target.add(this);
}