Examples with UserEntity com.peterphi.usermanager.db.entity.UserEntity used on opensource projects

Example 16 with UserEntity

use of com.peterphi.usermanager.db.entity.UserEntity in project stdlib by petergeneric.

the class UserDaoImpl method rotateUserAccessKey.

/**
 * Rotate the primary access key -> secondary access key, dropping the old secondary access key and generating a new primary access key
 *
 * @param id
 */
@Transactional
public void rotateUserAccessKey(final int id) {
    final UserEntity account = getById(id);
    if (account != null) {
        // Set the secondary token to the old primary token
        account.setAccessKeySecondary(account.getAccessKey());
        // Now regenerate the primary token
        account.setAccessKey(SimpleId.alphanumeric(UserManagerBearerToken.PREFIX, 100));
        update(account);
    } else {
        throw new IllegalArgumentException("No such user: " + id);
    }
}

Example 17 with UserEntity

use of com.peterphi.usermanager.db.entity.UserEntity in project stdlib by petergeneric.

the class LoginUIServiceImpl method doLogin.

@AuthConstraint(skip = true, comment = "login page")
@Override
public Response doLogin(String nonce, String returnTo, String user, String password) {
    nonceStore.validate(nonce, true);
    if (login.isLoggedIn()) {
        throw new IllegalArgumentException("You are already logged in!");
    } else {
        final UserEntity account = authenticationService.authenticate(user, password, false);
        if (account != null) {
            // Successful login
            login.reload(account);
            final Response.ResponseBuilder builder;
            if (returnTo != null)
                builder = Response.seeOther(URI.create(returnTo));
            else
                builder = Response.seeOther(URI.create("/"));
            // If this account has a Session Reconnect Key we should give it to the browser
            if (account.getSessionReconnectKey() != null) {
                // Mark the cookie as secure if the request arrived on a secure channel
                final boolean secure = HttpCallContext.get().getRequest().isSecure();
                NewCookie cookie = new NewCookie(UserLogin.SESSION_RECONNECT_COOKIE, account.getSessionReconnectKey(), null, null, null, ONE_YEAR, secure, true);
                builder.cookie(cookie);
            }
            return builder.build();
        } else {
            // Send the user back to the login page
            final String page = getLogin(returnTo, "E-mail/password incorrect");
            return Response.status(403).entity(page).build();
        }
    }
}

Example 18 with UserEntity

use of com.peterphi.usermanager.db.entity.UserEntity in project stdlib by petergeneric.

the class RegisterUIServiceImpl method doRegister.

@AuthConstraint(id = "register_service", skip = true, comment = "register page handles own constraints")
@Override
@Transactional
public Response doRegister(String nonce, String email, String name, String dateFormat, String timeZone, String password, String passwordConfirm, List<String> roles) {
    nonceStore.validate(nonce, true);
    if (!allowAnonymousRegistration && !login.isAdmin())
        throw new AuthenticationFailureException("Anonymous registration is not enabled. Please log in as an admin to register users");
    if (!password.equals(passwordConfirm))
        throw new IllegalArgumentException("The passwords you supplied do not match");
    if ((roles != null && roles.size() > 0) && !login.isAdmin())
        throw new IllegalArgumentException("Cannot specify roles with user registration: you are not an admin!");
    if (accountDao.getAll().size() == 0) {
        log.warn("User with e-mail " + email + " will be the first user in the system and so will be granted the role " + UserLogin.ROLE_ADMIN);
        roles = Arrays.asList(UserLogin.ROLE_ADMIN);
    }
    log.info("Creating user " + name + " with e-mail " + email + ". Created by " + login.getName() + " (" + login.getId() + ") with roles " + roles);
    // Create a user
    final int newUser = accountDao.register(name, email, password, dateFormat, timeZone);
    final UserEntity entity = accountDao.getById(newUser);
    for (String role : roles) {
        final RoleEntity roleEntity = roleDao.getById(role);
        if (roleEntity == null)
            throw new IllegalArgumentException("Role does not exist: " + role);
        roleEntity.getMembers().add(entity);
        roleDao.update(roleEntity);
    }
    log.info("Created user " + newUser + " with e-mail " + email);
    if (login.isLoggedIn())
        return Response.seeOther(URI.create("/users")).build();
    else
        return Response.seeOther(URI.create("/login")).build();
}

Example 19 with UserEntity

use of com.peterphi.usermanager.db.entity.UserEntity in project stdlib by petergeneric.

the class UserUIServiceImpl method getUsers.

@Override
@Transactional(readOnly = true)
@AuthConstraint(role = UserLogin.ROLE_ADMIN)
public String getUsers(UriInfo query) {
    ConstrainedResultSet<UserEntity> resultset = accountDao.findByUriQuery(new WebQuery().orderAsc("id").decode(query));
    TemplateCall call = templater.template("users");
    call.set("resultset", resultset);
    call.set("users", resultset.getList());
    call.set("nonce", nonceStore.getValue(NONCE_USE));
    return call.process();
}