Examples with AuthenticationFailureException com.peterphi.usermanager.guice.authentication.AuthenticationFailureException used on opensource projects

Example 1 with AuthenticationFailureException

use of com.peterphi.usermanager.guice.authentication.AuthenticationFailureException in project stdlib by petergeneric.

the class UserUIServiceImpl method changePassword.

@Override
@Transactional
public Response changePassword(final int userId, final String nonce, final String newPassword, final String newPasswordConfirm) {
    nonceStore.validate(NONCE_USE, nonce);
    final int localUser = login.getId();
    if (localUser != userId && !login.isAdmin())
        throw new AuthenticationFailureException("Only a User Admin can change the password of another user!");
    if (newPassword == null || newPasswordConfirm == null)
        throw new IllegalArgumentException("Passwords do not match (or no password supplied)");
    if (!newPassword.equals(newPasswordConfirm))
        throw new IllegalArgumentException("Passwords do not match!");
    if (newPassword.length() == 0)
        throw new IllegalArgumentException("No password supplied!");
    accountDao.changePassword(userId, newPassword);
    // Redirect back to the user page
    return Response.seeOther(URI.create("/user/" + userId)).build();
}

Example 2 with AuthenticationFailureException

use of com.peterphi.usermanager.guice.authentication.AuthenticationFailureException in project stdlib by petergeneric.

the class UserUIServiceImpl method getUserEdit.

@Override
@Transactional(readOnly = true)
public String getUserEdit(final int userId) {
    final int localUser = login.getId();
    if (localUser != userId && !login.isAdmin())
        throw new AuthenticationFailureException("Only a User Admin can edit the profile of another user!");
    TemplateCall call = templater.template("user_edit");
    final UserEntity user = accountDao.getById(userId);
    call.set("entity", user);
    call.set("user", user);
    call.set("timezones", Arrays.asList(TimeZone.getAvailableIDs()));
    call.set("dateformats", Arrays.asList("YYYY-MM-dd HH:mm:ss zzz", "YYYY-MM-dd HH:mm:ss", "YYYY-MM-dd HH:mm"));
    call.set("entityRoleIds", getRoles(user));
    call.set("roles", roleDao.getAll());
    call.set("nonce", nonceStore.getValue(NONCE_USE));
    return call.process();
}

Example 3 with AuthenticationFailureException

use of com.peterphi.usermanager.guice.authentication.AuthenticationFailureException in project stdlib by petergeneric.

the class UserUIServiceImpl method editUserProfile.

@Override
@Transactional
public Response editUserProfile(final int userId, final String nonce, final String dateFormat, final String timeZone, final String name, final String email, final List<String> roles) {
    nonceStore.validate(NONCE_USE, nonce);
    final int localUser = login.getId();
    if (localUser != userId && !login.isAdmin())
        throw new AuthenticationFailureException("Only a User Admin can edit the profile of another user!");
    // Change regular account settings
    final UserEntity user = accountDao.changeProfile(userId, name, email, dateFormat, timeZone);
    // Change roles (if we're admin and the user is local)
    if (login.isAdmin() && user.isLocal()) {
        final Set<String> currentRoles = getRoles(user);
        // Roles to add to user
        final Set<String> addRoles = new HashSet<>(roles);
        addRoles.removeAll(currentRoles);
        // Roles to remove from user
        final Set<String> delRoles = new HashSet<>(currentRoles);
        delRoles.removeAll(roles);
        // Add roles as necessary
        if (addRoles.size() > 0) {
            for (String role : addRoles) {
                RoleEntity entity = roleDao.getById(role);
                entity.getMembers().add(user);
                roleDao.update(entity);
            }
        }
        // Remove roles as necessary
        if (delRoles.size() > 0) {
            for (String role : delRoles) {
                RoleEntity entity = roleDao.getById(role);
                entity.getMembers().removeIf(u -> u.getId() == user.getId());
                roleDao.update(entity);
            }
        }
    }
    // Redirect back to the user page
    return Response.seeOther(URI.create("/user/" + userId)).build();
}

Example 4 with AuthenticationFailureException

use of com.peterphi.usermanager.guice.authentication.AuthenticationFailureException in project stdlib by petergeneric.

the class RegisterUIServiceImpl method getRegister.

@AuthConstraint(id = "register_service", skip = true, comment = "register page handles own constraints")
@Transactional(readOnly = true)
@Override
public String getRegister() {
    if (!allowAnonymousRegistration && !login.isAdmin())
        throw new AuthenticationFailureException("Anonymous registration is not enabled. Please log in to create other users");
    TemplateCall call = templater.template("register");
    call.set("nonce", nonceStore.allocate());
    if (login.isAdmin())
        // Admin user, role picker will be available
        call.set("roles", roleDao.getAll());
    else
        // Anonymous registration, no role select
        call.set("roles", Collections.emptyList());
    return call.process();
}

Example 5 with AuthenticationFailureException

use of com.peterphi.usermanager.guice.authentication.AuthenticationFailureException in project stdlib by petergeneric.

the class RegisterUIServiceImpl method doRegister.

@AuthConstraint(id = "register_service", skip = true, comment = "register page handles own constraints")
@Override
@Transactional
public Response doRegister(String nonce, String email, String name, String dateFormat, String timeZone, String password, String passwordConfirm, List<String> roles) {
    nonceStore.validate(nonce, true);
    if (!allowAnonymousRegistration && !login.isAdmin())
        throw new AuthenticationFailureException("Anonymous registration is not enabled. Please log in as an admin to register users");
    if (!password.equals(passwordConfirm))
        throw new IllegalArgumentException("The passwords you supplied do not match");
    if ((roles != null && roles.size() > 0) && !login.isAdmin())
        throw new IllegalArgumentException("Cannot specify roles with user registration: you are not an admin!");
    if (accountDao.getAll().size() == 0) {
        log.warn("User with e-mail " + email + " will be the first user in the system and so will be granted the role " + UserLogin.ROLE_ADMIN);
        roles = Arrays.asList(UserLogin.ROLE_ADMIN);
    }
    log.info("Creating user " + name + " with e-mail " + email + ". Created by " + login.getName() + " (" + login.getId() + ") with roles " + roles);
    // Create a user
    final int newUser = accountDao.register(name, email, password, dateFormat, timeZone);
    final UserEntity entity = accountDao.getById(newUser);
    for (String role : roles) {
        final RoleEntity roleEntity = roleDao.getById(role);
        if (roleEntity == null)
            throw new IllegalArgumentException("Role does not exist: " + role);
        roleEntity.getMembers().add(entity);
        roleDao.update(roleEntity);
    }
    log.info("Created user " + newUser + " with e-mail " + email);
    if (login.isLoggedIn())
        return Response.seeOther(URI.create("/users")).build();
    else
        return Response.seeOther(URI.create("/login")).build();
}