use of com.evolveum.midpoint.util.exception.SecurityViolationException in project midpoint by Evolveum.
the class ResourceContentPanel method importResourceObject.
protected void importResourceObject(ShadowType selected, AjaxRequestTarget target) {
List<ShadowType> selectedShadow = null;
if (selected != null) {
selectedShadow = new ArrayList<>();
selectedShadow.add(selected);
} else {
selectedShadow = getTable().getSelectedObjects();
}
OperationResult result = new OperationResult(OPERATION_IMPORT_OBJECT);
Task task = pageBase.createSimpleTask(OPERATION_IMPORT_OBJECT);
if (selectedShadow == null || selectedShadow.isEmpty()) {
result.recordWarning("Nothing select to import");
getPageBase().showResult(result);
target.add(getPageBase().getFeedbackPanel());
return;
}
for (ShadowType shadow : selectedShadow) {
try {
getPageBase().getModelService().importFromResource(shadow.getOid(), task, result);
} catch (ObjectNotFoundException | SchemaException | SecurityViolationException | CommunicationException | ConfigurationException | ExpressionEvaluationException e) {
result.recordPartialError("Could not import account " + shadow, e);
LOGGER.error("Could not import account {} ", shadow, e);
continue;
}
}
result.computeStatusIfUnknown();
getPageBase().showResult(result);
getTable().refreshTable(null, target);
target.add(getPageBase().getFeedbackPanel());
}
use of com.evolveum.midpoint.util.exception.SecurityViolationException in project midpoint by Evolveum.
the class PageSecurityQuestions method resetPassword.
private void resetPassword(UserType user, AjaxRequestTarget target) {
Task task = createAnonymousTask(OPERATION_RESET_PASSWORD);
OperationResult result = task.getResult();
LOGGER.debug("Resetting password for {}", user);
ProtectedStringType password = new ProtectedStringType();
Collection<SelectorOptions<GetOperationOptions>> options = SelectorOptions.createCollection(GetOperationOptions.createResolve(), SystemConfigurationType.F_DEFAULT_USER_TEMPLATE, SystemConfigurationType.F_GLOBAL_PASSWORD_POLICY);
PrismObject<SystemConfigurationType> systemConfig = null;
String newPassword = "";
PageBase page = (PageBase) getPage();
ModelService modelService = page.getModelService();
try {
systemConfig = modelService.getObject(SystemConfigurationType.class, SystemObjectsType.SYSTEM_CONFIGURATION.value(), options, task, result);
LOGGER.trace("system config {}", systemConfig);
if (systemConfig.asObjectable().getNotificationConfiguration() != null) {
// Security policy with the minumum number of chars
if (systemConfig.asObjectable().getGlobalPasswordPolicyRef() != null) {
PrismObject<ValuePolicyType> valPolicy = modelService.getObject(ValuePolicyType.class, systemConfig.asObjectable().getGlobalPasswordPolicyRef().getOid(), options, task, result);
LOGGER.trace("password policy {}", valPolicy);
newPassword = getModelInteractionService().generateValue(valPolicy.asObjectable().getStringPolicy(), valPolicy.asObjectable().getStringPolicy().getLimitations().getMinLength(), false, user.asPrismObject(), "security questions password generation", task, result);
} else {
// TODO What if there is no policy? What should be done to
// provide a new automatic password
warn(getString("pageSecurityQuestions.message.noPolicySet"));
target.add(getFeedbackPanel());
return;
}
} else {
// TODO localization
getSession().error(getString("pageSecurityQuestions.message.notificationsNotSet"));
LOGGER.trace("Notificatons not set, returning to login page");
throw new RestartResponseException(PageLogin.class);
}
} catch (ObjectNotFoundException | ExpressionEvaluationException e1) {
LoggingUtils.logUnexpectedException(LOGGER, "Couldn't reset password", e1);
} catch (SchemaException e1) {
LoggingUtils.logUnexpectedException(LOGGER, "Couldn't reset password", e1);
e1.printStackTrace();
} catch (SecurityViolationException e1) {
LoggingUtils.logUnexpectedException(LOGGER, "Couldn't reset password", e1);
} catch (CommunicationException e1) {
LoggingUtils.logUnexpectedException(LOGGER, "Couldn't reset password", e1);
} catch (ConfigurationException e1) {
LoggingUtils.logUnexpectedException(LOGGER, "Couldn't reset password", e1);
}
password.setClearValue(newPassword);
WebComponentUtil.encryptProtectedString(password, true, getMidpointApplication());
final ItemPath valuePath = new ItemPath(SchemaConstantsGenerated.C_CREDENTIALS, CredentialsType.F_PASSWORD, PasswordType.F_VALUE);
SchemaRegistry registry = getPrismContext().getSchemaRegistry();
Collection<ObjectDelta<? extends ObjectType>> deltas = new ArrayList<ObjectDelta<? extends ObjectType>>();
PrismObjectDefinition objDef = registry.findObjectDefinitionByCompileTimeClass(UserType.class);
PropertyDelta delta = PropertyDelta.createModificationReplaceProperty(valuePath, objDef, password);
Class<? extends ObjectType> type = UserType.class;
deltas.add(ObjectDelta.createModifyDelta(user.getOid(), delta, type, getPrismContext()));
try {
modelService.executeChanges(deltas, null, task, result);
OperationResult parentResult = new OperationResult(OPERATION_LOAD_RESET_PASSWORD_POLICY);
try {
if (getModelInteractionService().getCredentialsPolicy(null, null, parentResult).getSecurityQuestions().getResetMethod().getResetType().equals(CredentialsResetTypeType.SECURITY_QUESTIONS)) {
getSession().setAttribute("pwdReset", newPassword);
setResponsePage(PageShowPassword.class);
} else if (getModelInteractionService().getCredentialsPolicy(null, null, parentResult).getSecurityQuestions().getResetMethod().getResetType().equals(CredentialsResetTypeType.SECURITY_QUESTIONS_EMAIL)) {
if (systemConfig.asObjectable().getNotificationConfiguration() != null && systemConfig.asObjectable().getNotificationConfiguration().getMail() != null) {
MailConfigurationType mailConfig = systemConfig.asObjectable().getNotificationConfiguration().getMail();
if (mailConfig.getServer() != null) {
List serverList = mailConfig.getServer();
if (serverList.size() > 0) {
MailServerConfigurationType mailServerType = mailConfig.getServer().get(0);
sendMailToUser(mailServerType.getUsername(), getMidpointApplication().getProtector().decryptString(mailServerType.getPassword()), newPassword, mailServerType.getHost(), mailServerType.getPort().toString(), mailConfig.getDefaultFrom(), user.getEmailAddress());
} else {
getSession().error(getString("pageLogin.message.ForgetPasswordSettingsWrong"));
throw new RestartResponseException(PageLogin.class);
}
} else {
getSession().error(getString("pageLogin.message.ForgetPasswordSettingsWrong"));
throw new RestartResponseException(PageLogin.class);
}
} else {
// System.out.println("ifff4");
getSession().error(getString("pageLogin.message.ForgetPasswordSettingsWrong"));
throw new RestartResponseException(PageLogin.class);
}
}
} catch (ObjectNotFoundException | SchemaException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
// TODO ASAP a message should be shown as the result of the process
// MailMessage mailMessage=new MailMessage(, port);
// mailTransport.send(mailMessage, transportName, task,
// parentResult);
} catch (ObjectAlreadyExistsException | ObjectNotFoundException | SchemaException | ExpressionEvaluationException | CommunicationException | ConfigurationException | PolicyViolationException | SecurityViolationException | EncryptionException e) {
LoggingUtils.logUnexpectedException(LOGGER, "reset password exception", e);
}
}
use of com.evolveum.midpoint.util.exception.SecurityViolationException in project midpoint by Evolveum.
the class PageProcessInstances method stopProcessInstancesPerformed.
private void stopProcessInstancesPerformed(AjaxRequestTarget target) {
MidPointPrincipal user = SecurityUtils.getPrincipalUser();
List<ProcessInstanceDto> selectedStoppableInstances = new ArrayList<>();
for (Selectable row : WebComponentUtil.getSelectedData(getTable())) {
ProcessInstanceDto instance = (ProcessInstanceDto) row;
if (instance.getEndTimestamp() == null) {
selectedStoppableInstances.add(instance);
}
}
if (!isSomeItemSelected(selectedStoppableInstances, true, target)) {
return;
}
OperationResult result = new OperationResult(OPERATION_STOP_PROCESS_INSTANCES);
WorkflowService workflowService = getWorkflowService();
for (ProcessInstanceDto instance : selectedStoppableInstances) {
try {
workflowService.stopProcessInstance(instance.getProcessInstanceId(), WebComponentUtil.getOrigStringFromPoly(user.getName()), result);
} catch (SchemaException | ObjectNotFoundException | SecurityViolationException | RuntimeException ex) {
result.createSubresult(OPERATION_STOP_PROCESS_INSTANCE).recordPartialError("Couldn't stop process instance " + instance.getName(), ex);
}
}
if (result.isUnknown()) {
result.recomputeStatus();
}
if (result.isSuccess()) {
result.recordStatus(OperationResultStatus.SUCCESS, "Selected process instance(s) have been successfully stopped.");
}
showResult(result);
ProcessInstanceDtoProvider provider = (ProcessInstanceDtoProvider) getTable().getDataTable().getDataProvider();
provider.clearCache();
//refresh feedback and table
target.add(getFeedbackPanel());
target.add(getTable());
}
use of com.evolveum.midpoint.util.exception.SecurityViolationException in project midpoint by Evolveum.
the class PageWorkItems method releaseWorkItemsPerformed.
private void releaseWorkItemsPerformed(AjaxRequestTarget target) {
List<WorkItemDto> workItemDtoList = getWorkItemsPanel().getSelectedWorkItems();
if (!isSomeItemSelected(workItemDtoList, target)) {
return;
}
OperationResult mainResult = new OperationResult(OPERATION_RELEASE_ITEMS);
WorkflowService workflowService = getWorkflowService();
for (WorkItemDto workItemDto : workItemDtoList) {
OperationResult result = mainResult.createSubresult(OPERATION_RELEASE_ITEM);
try {
workflowService.releaseWorkItem(workItemDto.getWorkItemId(), result);
result.computeStatusIfUnknown();
} catch (ObjectNotFoundException | SecurityViolationException | RuntimeException e) {
result.recordPartialError("Couldn't release work item due to an unexpected exception.", e);
}
}
if (mainResult.isUnknown()) {
mainResult.recomputeStatus();
}
if (mainResult.isSuccess()) {
mainResult.recordStatus(OperationResultStatus.SUCCESS, "The work item(s) have been successfully released.");
}
showResult(mainResult);
resetWorkItemCountModel();
target.add(this);
}
use of com.evolveum.midpoint.util.exception.SecurityViolationException in project midpoint by Evolveum.
the class PageWorkItems method claimWorkItemsPerformed.
private void claimWorkItemsPerformed(AjaxRequestTarget target) {
List<WorkItemDto> workItemDtoList = getWorkItemsPanel().getSelectedWorkItems();
if (!isSomeItemSelected(workItemDtoList, target)) {
return;
}
OperationResult mainResult = new OperationResult(OPERATION_CLAIM_ITEMS);
WorkflowService workflowService = getWorkflowService();
for (WorkItemDto workItemDto : workItemDtoList) {
OperationResult result = mainResult.createSubresult(OPERATION_CLAIM_ITEM);
try {
workflowService.claimWorkItem(workItemDto.getWorkItemId(), result);
result.computeStatusIfUnknown();
} catch (ObjectNotFoundException | SecurityViolationException | RuntimeException e) {
result.recordPartialError("Couldn't claim work item due to an unexpected exception.", e);
}
}
if (mainResult.isUnknown()) {
mainResult.recomputeStatus();
}
if (mainResult.isSuccess()) {
mainResult.recordStatus(OperationResultStatus.SUCCESS, "The work item(s) have been successfully claimed.");
}
showResult(mainResult);
resetWorkItemCountModel();
target.add(this);
}
Aggregations