Example 6 with UserEntity
use of com.peterphi.usermanager.db.entity.UserEntity in project stdlib by petergeneric.
the class ImpersonationService method impersonate.
@AuthConstraint(id = "impersonation", role = UserLogin.ROLE_ADMIN, comment = "only admins can impersonate other users")
public String impersonate(final int userId) {
final UserLogin currentUser = userProvider.get();
final UserEntity newUser = authenticationService.getById(userId);
log.info("Admin user " + currentUser.getId() + " (" + currentUser.getEmail() + ") is changing their session to impersonate user " + newUser.getId() + " (" + newUser.getEmail() + ")");
currentUser.reload(newUser);
return newUser.getSessionReconnectKey();
}
Also used :
UserEntity(com.peterphi.usermanager.db.entity.UserEntity)
AuthConstraint(com.peterphi.std.guice.common.auth.annotations.AuthConstraint)
Example 7 with UserEntity
use of com.peterphi.usermanager.db.entity.UserEntity in project stdlib by petergeneric.
the class UserLoginProvider method tryBasicAuthLogin.
/**
* Support proactive HTTP BASIC authentication
*
* @param authService
* the user authentication service
* @param request
* the HTTP request
*
* @return a UserLogin for the appropriate user if valid credentials were presented, otherwise null
*/
private UserLogin tryBasicAuthLogin(UserLogin login, UserAuthenticationService authService, HttpServletRequest request) {
final String header = request.getHeader(HttpHeaderNames.AUTHORIZATION);
if (header != null) {
final String[] credentials = BasicAuthHelper.parseHeader(header);
if (credentials != null) {
final String username = credentials[0];
final String password = credentials[1];
final Future<UserEntity> future = asynchService.get().submit(() -> tryLogin(authService, username, password, true));
try {
UserEntity user = LOGIN_TIMEOUT.start().resolveFuture(future, true);
login.reload(user);
} catch (Exception e) {
throw new RuntimeException("Error attempting asynchronous BASIC auth login: " + e.getMessage(), e);
}
}
}
// No authorisation (or unsupported authorisation type)
return null;
}
Also used :
UserEntity(com.peterphi.usermanager.db.entity.UserEntity)
Example 8 with UserEntity
use of com.peterphi.usermanager.db.entity.UserEntity in project stdlib by petergeneric.
the class UserLoginProvider method tryRelogin.
private UserLogin tryRelogin(final UserLogin login, UserAuthenticationService auth, Cookie[] cookies) {
for (Cookie cookie : cookies) {
if (UserLogin.SESSION_RECONNECT_COOKIE.equals(cookie.getName())) {
final String key = cookie.getValue();
final Future<UserEntity> future = asynchService.get().submit(() -> trySessionReconnectLogin(auth, key));
try {
UserEntity user = LOGIN_TIMEOUT.start().resolveFuture(future, true);
login.reload(user);
} catch (Exception e) {
throw new RuntimeException("Error attempting asynchronous session reconnect auth login: " + e.getMessage(), e);
}
}
}
return null;
}
Also used :
Cookie(javax.servlet.http.Cookie)
UserEntity(com.peterphi.usermanager.db.entity.UserEntity)
Example 9 with UserEntity
use of com.peterphi.usermanager.db.entity.UserEntity in project stdlib by petergeneric.
the class RoleUIServiceImpl method changeMembers.
@Override
@Transactional
public Response changeMembers(final String id, final String nonce, final List<Integer> members) {
nonceStore.validate(NONCE_USE, nonce);
final RoleEntity entity = dao.getById(id);
if (entity == null)
throw new IllegalArgumentException("No such Role: " + id);
final List<UserEntity> users = userDao.getListById(members);
if (users.size() != members.size())
throw new IllegalArgumentException("One or more members provided did not exist! " + members);
{
final List<Integer> existing = entity.getMembers().stream().map(UserEntity::getId).collect(Collectors.toList());
final List<Integer> added = members.stream().filter(i -> !existing.contains(i)).collect(Collectors.toList());
final List<Integer> removed = members.stream().filter(i -> existing.contains(i)).collect(Collectors.toList());
}
entity.getMembers().clear();
;
entity.getMembers().addAll(users);
dao.update(entity);
return Response.seeOther(URI.create("/role/" + id)).build();
}
Also used :
RoleEntity(com.peterphi.usermanager.db.entity.RoleEntity)
List(java.util.List)
UserEntity(com.peterphi.usermanager.db.entity.UserEntity)
Transactional(com.peterphi.std.guice.database.annotation.Transactional)
Example 10 with UserEntity
use of com.peterphi.usermanager.db.entity.UserEntity in project stdlib by petergeneric.
the class ServiceUIServiceImpl method create.
@Override
@Transactional
public Response create(final String nonce, final String name, final String endpoints) {
nonceStore.validate(NONCE_USE, nonce);
final int userId = userProvider.get().getId();
final UserEntity user = userDao.getById(userId);
OAuthServiceEntity entity = new OAuthServiceEntity();
entity.setOwner(user);
entity.setName(name);
entity.setEndpoints(StringUtils.trimToNull(endpoints));
entity.setEnabled(true);
dao.save(entity);
return Response.seeOther(URI.create("/service/" + entity.getId())).build();
}
Also used :
OAuthServiceEntity(com.peterphi.usermanager.db.entity.OAuthServiceEntity)
AuthConstraint(com.peterphi.std.guice.common.auth.annotations.AuthConstraint)
UserEntity(com.peterphi.usermanager.db.entity.UserEntity)
Transactional(com.peterphi.std.guice.database.annotation.Transactional)
Aggregations
UserEntity (com.peterphi.usermanager.db.entity.UserEntity)19
Transactional (com.peterphi.std.guice.database.annotation.Transactional)13
AuthConstraint (com.peterphi.std.guice.common.auth.annotations.AuthConstraint)7
RoleEntity (com.peterphi.usermanager.db.entity.RoleEntity)3
AuthenticationFailureException (com.peterphi.usermanager.guice.authentication.AuthenticationFailureException)3
WebQuery (com.peterphi.std.guice.restclient.jaxb.webquery.WebQuery)2
TemplateCall (com.peterphi.std.guice.web.rest.templating.TemplateCall)2
DateTime (org.joda.time.DateTime)2
OAuthServiceEntity (com.peterphi.usermanager.db.entity.OAuthServiceEntity)1
HashSet (java.util.HashSet)1
List (java.util.List)1
Cookie (javax.servlet.http.Cookie)1
NewCookie (javax.ws.rs.core.NewCookie)1
Response (javax.ws.rs.core.Response)1
