Example 1 with UseCaseAdminAcceptsSignup
use of com.mercedesbenz.sechub.sharedkernel.usecases.admin.signup.UseCaseAdminAcceptsSignup in project sechub by mercedes-benz.
the class UserCreationService method createUserFromSelfRegistration.
@UseCaseAdminAcceptsSignup(@Step(number = 2, name = "Create user and send events", next = { 3, 4 }, description = "The service will create the user a one time token for api token generation and triggers asynchronous events.\n" + "It will also remove the existing user signup because no longer necessary."))
public void createUserFromSelfRegistration(String userId) {
String sanitizedLogUserId = logSanitizer.sanitize(userId, 30);
auditLog.log("accepts signup of user {}", sanitizedLogUserId);
assertion.assertIsValidUserId(userId);
Optional<Signup> selfRegistration = selfRegistrationRepository.findById(userId);
if (!selfRegistration.isPresent()) {
LOG.warn("Did not found a self registration for user with name:{}, so skipped creation", sanitizedLogUserId);
return;
}
Optional<User> found = userRepository.findById(userId);
if (found.isPresent()) {
LOG.warn("Self registration coming in for user:{} but user already exists. So just removing self registration entry", sanitizedLogUserId);
selfRegistrationRepository.deleteById(userId);
return;
}
String emailAdress = selfRegistration.get().getEmailAdress();
assertion.assertIsValidEmailAddress(emailAdress);
found = userRepository.findByEmailAdress(emailAdress);
if (found.isPresent()) {
LOG.warn("Self registration coming in for user:{} but mailadress {} already exists. So just removing self registration entry", sanitizedLogUserId, emailAdress);
selfRegistrationRepository.deleteById(userId);
return;
}
String oneTimeToken = oneTimeTokenGenerator.generateNewOneTimeToken();
User user = new User();
user.name = userId;
// leave it empty, so API auth is disabled - will be filled later after user has
user.hashedApiToken = "";
// clicked to link
user.emailAdress = emailAdress;
user.oneTimeToken = oneTimeToken;
user.oneTimeTokenDate = new Date();
userRepository.save(user);
LOG.debug("Persisted new user:{}", sanitizedLogUserId);
selfRegistrationRepository.deleteById(userId);
LOG.debug("Removed self registration data of user:{}", sanitizedLogUserId);
informUserAboutSignupAccepted(user);
informUserCreated(user);
}
Also used :
Signup(com.mercedesbenz.sechub.domain.administration.signup.Signup)
UseCaseAdminAcceptsSignup(com.mercedesbenz.sechub.sharedkernel.usecases.admin.signup.UseCaseAdminAcceptsSignup)
Date(java.util.Date)
UseCaseAdminAcceptsSignup(com.mercedesbenz.sechub.sharedkernel.usecases.admin.signup.UseCaseAdminAcceptsSignup)
Example 2 with UseCaseAdminAcceptsSignup
use of com.mercedesbenz.sechub.sharedkernel.usecases.admin.signup.UseCaseAdminAcceptsSignup in project sechub by mercedes-benz.
the class NewApiTokenRequestedUserNotificationService method notify.
@UseCaseAdminAcceptsSignup(@Step(number = 3, next = { Step.NO_NEXT_STEP }, name = "Email to user", description = "A notification is send per email to user that a new api token was requested. " + "The mail contains a link for getting the secure API token"))
public void notify(UserMessage userMessage) {
String link = userMessage.getLinkWithOneTimeToken();
StringBuilder emailContent = new StringBuilder();
emailContent.append("You requested a new API token. Please use following link to get the token:\n");
/*
* important link must be at last line for integration testing. if changes here
* are done please change the parts in `sechub-integrationtest
* AssertUser#fetchOneApiTokenByMailOrFail` too!
*/
emailContent.append(link);
emailContent.append("\n");
SimpleMailMessage message1 = factory.createMessage(userMessage.getSubject());
message1.setTo(userMessage.getEmailAdress());
message1.setText(emailContent.toString());
emailService.send(message1);
}
Also used :
SimpleMailMessage(org.springframework.mail.SimpleMailMessage)
UseCaseAdminAcceptsSignup(com.mercedesbenz.sechub.sharedkernel.usecases.admin.signup.UseCaseAdminAcceptsSignup)
Example 3 with UseCaseAdminAcceptsSignup
use of com.mercedesbenz.sechub.sharedkernel.usecases.admin.signup.UseCaseAdminAcceptsSignup in project sechub by mercedes-benz.
the class AuthUserCreationService method createUser.
@UseCaseAdminAcceptsSignup(@Step(number = 4, next = { Step.NO_NEXT_STEP }, name = "Give user access", description = "Authorization layer is informed about new user and gives access to sechub. But without any project information"))
@IsSendingAsyncMessage(MessageID.REQUEST_USER_ROLE_RECALCULATION)
public void createUser(String userId, String hashedApiToken) {
assertion.assertIsValidUserId(userId);
Optional<AuthUser> found = userRepo.findByUserId(userId);
if (found.isPresent()) {
LOG.warn("Will skip user create action because user already found with name:{}", userId);
return;
}
AuthUser user = new AuthUser();
user.setUserId(userId);
userRepo.save(user);
LOG.info("Created auth user:{}", userId);
eventBus.sendAsynchron(DomainMessageFactory.createRequestRoleCalculation(userId));
}
Also used :
AuthUser(com.mercedesbenz.sechub.domain.authorization.AuthUser)
UseCaseAdminAcceptsSignup(com.mercedesbenz.sechub.sharedkernel.usecases.admin.signup.UseCaseAdminAcceptsSignup)
IsSendingAsyncMessage(com.mercedesbenz.sechub.sharedkernel.messaging.IsSendingAsyncMessage)
Aggregations
UseCaseAdminAcceptsSignup (com.mercedesbenz.sechub.sharedkernel.usecases.admin.signup.UseCaseAdminAcceptsSignup)3
Signup (com.mercedesbenz.sechub.domain.administration.signup.Signup)1
AuthUser (com.mercedesbenz.sechub.domain.authorization.AuthUser)1
IsSendingAsyncMessage (com.mercedesbenz.sechub.sharedkernel.messaging.IsSendingAsyncMessage)1
Date (java.util.Date)1
SimpleMailMessage (org.springframework.mail.SimpleMailMessage)1
