Examples with UserModel com.infiniteautomation.mango.rest.latest.model.user.UserModel used on opensource projects

Example 1 with UserModel

use of com.infiniteautomation.mango.rest.latest.model.user.UserModel in project ma-modules-public by infiniteautomation.

the class LoginRestController method exitSwitchUser.

/**
 * The actual authentication for the exit user occurs in the core by the SwitchUserFilter,
 *  by the time this end point is actually reached the user is either already authenticated or not
 * The Spring Security authentication success handler forwards the request here
 *
 * Ensure that the URLs in MangoSecurityConfiguration are changed if you change the @RequestMapping value
 */
@ApiOperation(value = "Exit Switch User", notes = "Used to switch User using POST")
@RequestMapping(method = RequestMethod.POST, value = "/exit-su")
public ResponseEntity<UserModel> exitSwitchUser(@AuthenticationPrincipal User user, HttpServletRequest request, HttpServletResponse response) throws IOException {
    AuthenticationException ex = (AuthenticationException) request.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
    if (ex != null) {
        // return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
        response.sendError(HttpStatus.UNAUTHORIZED.value(), ex.getMessage());
        return null;
    }
    if (user == null) {
        return new ResponseEntity<>(HttpStatus.OK);
    } else {
        LoginUriInfo info = pageResolver.getDefaultUriInfo(request, response, user);
        response.setHeader(LOGIN_DEFAULT_URI_HEADER, info.getUri());
        response.setHeader(LOGIN_LAST_UPGRADE_HEADER, Long.toString(installedModulesDao.lastUpgradeTime().toEpochMilli() / 1000));
        if (info.isRequired())
            response.setHeader(LOGIN_DEFAULT_URI_REQUIRED_HEADER, Boolean.TRUE.toString());
        return new ResponseEntity<>(new UserModel(user), HttpStatus.OK);
    }
}

Example 2 with UserModel

use of com.infiniteautomation.mango.rest.latest.model.user.UserModel in project ma-modules-public by infiniteautomation.

the class LoginRestController method loginPost.

/**
 * <p>The actual authentication for the login occurs in the core, by the time this
 * end point is actually reached the user is either already authenticated or not.
 * The Spring Security authentication success handler forwards the request here.</p>
 *
 * <p>Authentication exceptions are re-thrown and mapped to rest bodies in {@link com.infiniteautomation.mango.rest.latest.exception.RestExceptionHandler MangoSpringExceptionHandler}</p>
 *
 * <p>Ensure that the URLs in MangoSecurityConfiguration are changed if you change the @RequestMapping value</p>
 */
@ApiOperation(value = "Login", notes = "Used to login using POST and JSON credentials")
@RequestMapping(method = RequestMethod.POST)
@AnonymousAccess
public ResponseEntity<UserModel> loginPost(@AuthenticationPrincipal User user, HttpServletRequest request, HttpServletResponse response) {
    AuthenticationException ex = (AuthenticationException) request.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
    if (ex != null) {
        throw ex;
    }
    if (user == null) {
        return new ResponseEntity<>(HttpStatus.OK);
    } else {
        LoginUriInfo info = pageResolver.getDefaultUriInfo(request, response, user);
        response.setHeader(LOGIN_DEFAULT_URI_HEADER, info.getUri());
        response.setHeader(LOGIN_LAST_UPGRADE_HEADER, Long.toString(installedModulesDao.lastUpgradeTime().toEpochMilli() / 1000));
        if (info.isRequired())
            response.setHeader(LOGIN_DEFAULT_URI_REQUIRED_HEADER, Boolean.TRUE.toString());
        return new ResponseEntity<>(new UserModel(user), HttpStatus.OK);
    }
}

Example 3 with UserModel

use of com.infiniteautomation.mango.rest.latest.model.user.UserModel in project ma-modules-public by infiniteautomation.

the class LoginRestController method switchUser.

/**
 * The actual authentication for the switch user occurs in the core by the SwitchUserFilter,
 *  by the time this end point is actually reached the user is either already authenticated or not
 * The Spring Security authentication success handler forwards the request here
 *
 * Ensure that the URLs in MangoSecurityConfiguration are changed if you change the @RequestMapping value
 */
@ApiOperation(value = "Switch User", notes = "Used to switch User using GET")
@RequestMapping(method = RequestMethod.POST, value = "/su")
public ResponseEntity<UserModel> switchUser(@ApiParam(value = "Username to switch to", required = true, allowMultiple = false) @RequestParam(required = true) String username, @AuthenticationPrincipal User user, HttpServletRequest request, HttpServletResponse response) throws IOException {
    AuthenticationException ex = (AuthenticationException) request.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
    if (ex != null) {
        // TODO
        // return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
        response.sendError(HttpStatus.UNAUTHORIZED.value(), ex.getMessage());
        return null;
    }
    if (user == null) {
        return new ResponseEntity<>(HttpStatus.OK);
    } else {
        LoginUriInfo info = pageResolver.getDefaultUriInfo(request, response, user);
        response.setHeader(LOGIN_DEFAULT_URI_HEADER, info.getUri());
        response.setHeader(LOGIN_LAST_UPGRADE_HEADER, Long.toString(installedModulesDao.lastUpgradeTime().toEpochMilli() / 1000));
        if (info.isRequired())
            response.setHeader(LOGIN_DEFAULT_URI_REQUIRED_HEADER, Boolean.TRUE.toString());
        return new ResponseEntity<>(new UserModel(user), HttpStatus.OK);
    }
}

Example 4 with UserModel

use of com.infiniteautomation.mango.rest.latest.model.user.UserModel in project ma-modules-public by infiniteautomation.

the class PasswordResetController method systemSetup.

@ApiOperation(value = "Change admin password and set system locale, system timezone", notes = "Superadmin permission required")
@RequestMapping(method = RequestMethod.POST, value = "/system-setup")
@PreAuthorize("isPasswordAuthenticated()")
public ResponseEntity<UserModel> systemSetup(HttpServletRequest request, @RequestBody SystemSetupRequest body) {
    body.ensureValid();
    User update = passwordResetService.systemSetup(body.getPassword(), body.getSystemSettings());
    sessionRegistry.userUpdated(request, update);
    return new ResponseEntity<UserModel>(new UserModel(update), HttpStatus.OK);
}

Example 5 with UserModel

use of com.infiniteautomation.mango.rest.latest.model.user.UserModel in project ma-modules-public by infiniteautomation.

the class UserRestController method updateUser.

@ApiOperation(value = "Update User", notes = "Admin or Update Self only", response = UserModel.class)
@RequestMapping(method = RequestMethod.PUT, value = "/{username}")
public ResponseEntity<UserModel> updateUser(@PathVariable String username, @ApiParam(value = "User", required = true) @RequestBody UserModel model, @AuthenticationPrincipal PermissionHolder user, HttpServletRequest request, UriComponentsBuilder builder, Authentication authentication) {
    User existing = service.get(username);
    User currentUser = user.getUser();
    if (currentUser != null && existing.getId() == currentUser.getId() && !(authentication instanceof UsernamePasswordAuthenticationToken))
        throw new PermissionException(new TranslatableMessage("rest.error.usernamePasswordOnly"), user);
    User update = service.update(existing.getId(), model.toVO());
    sessionRegistry.userUpdated(request, update);
    URI location = builder.path("/users/{username}").buildAndExpand(update.getUsername()).toUri();
    HttpHeaders headers = new HttpHeaders();
    headers.setLocation(location);
    return new ResponseEntity<>(new UserModel(update), headers, HttpStatus.OK);
}