Examples with AnonymousAccess com.serotonin.m2m2.web.mvc.spring.security.permissions.AnonymousAccess used on opensource projects

Search in sources :

Example 1 with AnonymousAccess

use of com.serotonin.m2m2.web.mvc.spring.security.permissions.AnonymousAccess in project ma-modules-public by infiniteautomation.

the class GraphicalViewDwr method saveView.

@DwrPermission(user = true)
public ProcessResult saveView(String name, String xid, int anonymousAccess, String readPermission, String setPermission, String editPermission) {
    ProcessResult result = new ProcessResult();
    User user = Common.getUser();
    GraphicalView view = GraphicalViewsCommon.getUserEditView(user);
    view.setName(name);
    view.setXid(xid);
    view.setAnonymousAccess(anonymousAccess);
    view.setReadPermission(readPermission);
    view.setSetPermission(setPermission);
    view.setEditPermission(editPermission);
    view.validate(result);
    if (!result.getHasMessages()) {
        view.setUserId(user.getId());
        new GraphicalViewDao().saveView(view);
        result.addData("view", view);
    }
    return result;
}
Also used : ShareUser(com.serotonin.m2m2.view.ShareUser) AnonymousUser(com.serotonin.m2m2.vo.AnonymousUser) User(com.serotonin.m2m2.vo.User) ProcessResult(com.serotonin.m2m2.i18n.ProcessResult) DwrPermission(com.serotonin.m2m2.web.dwr.util.DwrPermission)

Example 2 with AnonymousAccess

use of com.serotonin.m2m2.web.mvc.spring.security.permissions.AnonymousAccess in project ma-modules-public by infiniteautomation.

the class LoginRestController method loginPost.

/**
 * <p>The actual authentication for the login occurs in the core, by the time this
 * end point is actually reached the user is either already authenticated or not.
 * The Spring Security authentication success handler forwards the request here.</p>
 *
 * <p>Authentication exceptions are re-thrown and mapped to rest bodies in {@link com.infiniteautomation.mango.rest.latest.exception.RestExceptionHandler MangoSpringExceptionHandler}</p>
 *
 * <p>Ensure that the URLs in MangoSecurityConfiguration are changed if you change the @RequestMapping value</p>
 */
@ApiOperation(value = "Login", notes = "Used to login using POST and JSON credentials")
@RequestMapping(method = RequestMethod.POST)
@AnonymousAccess
public ResponseEntity<UserModel> loginPost(@AuthenticationPrincipal User user, HttpServletRequest request, HttpServletResponse response) {
    AuthenticationException ex = (AuthenticationException) request.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
    if (ex != null) {
        throw ex;
    }
    if (user == null) {
        return new ResponseEntity<>(HttpStatus.OK);
    } else {
        LoginUriInfo info = pageResolver.getDefaultUriInfo(request, response, user);
        response.setHeader(LOGIN_DEFAULT_URI_HEADER, info.getUri());
        response.setHeader(LOGIN_LAST_UPGRADE_HEADER, Long.toString(installedModulesDao.lastUpgradeTime().toEpochMilli() / 1000));
        if (info.isRequired())
            response.setHeader(LOGIN_DEFAULT_URI_REQUIRED_HEADER, Boolean.TRUE.toString());
        return new ResponseEntity<>(new UserModel(user), HttpStatus.OK);
    }
}
Also used : UserModel(com.infiniteautomation.mango.rest.latest.model.user.UserModel) ResponseEntity(org.springframework.http.ResponseEntity) AuthenticationException(org.springframework.security.core.AuthenticationException) LoginUriInfo(com.infiniteautomation.mango.spring.components.pageresolver.LoginUriInfo) AnonymousAccess(com.serotonin.m2m2.web.mvc.spring.security.permissions.AnonymousAccess) ApiOperation(io.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 3 with AnonymousAccess

use of com.serotonin.m2m2.web.mvc.spring.security.permissions.AnonymousAccess in project ma-modules-public by infiniteautomation.

the class TranslationsController method publicNamespacedTranslations.

@ApiOperation(value = "Get translations for public namespaces", notes = "Namespace must be base , ie public not public.messages. Returns sub-namespaces too. For > 1 use comma common,public")
@RequestMapping(method = RequestMethod.GET, value = "/public/{namespaces}")
@AnonymousAccess
public TranslationsModel publicNamespacedTranslations(@ApiParam(value = "Message Namespaces, simmilar to java package structure", allowMultiple = true) @PathVariable String[] namespaces, @ApiParam(value = "Language for translation (must have language pack installed)", allowMultiple = false) @RequestParam(value = "language", required = false) String language, @ApiParam(value = "Use server language for translation", allowMultiple = false) @RequestParam(value = "server", required = false, defaultValue = "false") boolean server, @RequestParam(value = "browser", required = false, defaultValue = "false") boolean browser, @AuthenticationPrincipal PermissionHolder user, HttpServletRequest request) {
    // Confirm the requested namespace is indeed public
    for (String namespace : namespaces) {
        if (!this.publicNamespaces.contains(namespace)) {
            throw new BadRequestException();
        }
    }
    TranslationsModel resultMap = new TranslationsModel();
    Locale locale = this.getLocale(language, server, browser, request, user);
    resultMap.setLocale(locale.toLanguageTag());
    resultMap.setTranslations(getTranslationMap(namespaces, locale));
    resultMap.setNamespaces(namespaces);
    return resultMap;
}
Also used : Locale(java.util.Locale) BadRequestException(com.infiniteautomation.mango.rest.latest.exception.BadRequestException) AnonymousAccess(com.serotonin.m2m2.web.mvc.spring.security.permissions.AnonymousAccess) ApiOperation(io.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 4 with AnonymousAccess

use of com.serotonin.m2m2.web.mvc.spring.security.permissions.AnonymousAccess in project ma-modules-public by infiniteautomation.

the class GraphicalView method jsonRead.

@Override
public void jsonRead(JsonReader reader, JsonObject jsonObject) throws JsonException {
    if (isNew()) {
        String username = jsonObject.getString("user");
        if (StringUtils.isBlank(username))
            throw new TranslatableJsonException("emport.error.missingValue", "user");
        User user = UserDao.instance.getUser(username);
        if (user == null)
            throw new TranslatableJsonException("emport.error.missingUser", username);
        userId = user.getId();
    }
    JsonArray components = jsonObject.getJsonArray("viewComponents");
    if (components != null) {
        viewComponents.clear();
        for (JsonValue jv : components) addViewComponent(reader.read(ViewComponent.class, jv));
    }
    String text = jsonObject.getString("anonymousAccess");
    if (text != null) {
        anonymousAccess = ShareUser.ACCESS_CODES.getId(text);
        if (anonymousAccess == -1)
            throw new TranslatableJsonException("emport.error.invalid", "anonymousAccess", text, ShareUser.ACCESS_CODES.getCodeList());
    }
}
Also used : JsonArray(com.serotonin.json.type.JsonArray) ShareUser(com.serotonin.m2m2.view.ShareUser) User(com.serotonin.m2m2.vo.User) JsonValue(com.serotonin.json.type.JsonValue) TranslatableJsonException(com.serotonin.m2m2.i18n.TranslatableJsonException)

Example 5 with AnonymousAccess

use of com.serotonin.m2m2.web.mvc.spring.security.permissions.AnonymousAccess in project ma-modules-public by infiniteautomation.

the class EmailVerificationController method publicRegisterUser.

/**
 * CAUTION: This method is public!
 * However the token's signature is cryptographically verified.
 */
@ApiOperation(value = "Registers a new user if the token's signature can be verified", notes = "The new user is created disabled and must be approved by an administrator.")
@RequestMapping(method = RequestMethod.POST, value = "/public/register")
@AnonymousAccess
public ResponseEntity<UserModel> publicRegisterUser(@RequestBody PublicRegistrationRequest body) {
    body.ensureValid();
    User newUser = body.getUser().toVO();
    try {
        User created = emailVerificationService.publicRegisterNewUser(body.getToken(), newUser);
        return new ResponseEntity<>(new UserModel(created), HttpStatus.OK);
    } catch (ExpiredJwtException | UnsupportedJwtException | MalformedJwtException | IllegalArgumentException | SignatureException | MissingClaimException | IncorrectClaimException e) {
        throw new BadRequestException(new TranslatableMessage("rest.error.invalidEmailVerificationToken"), e);
    } catch (ValidationException e) {
        e.getValidationResult().prefixContextKey("user");
        throw e;
    }
}
Also used : User(com.serotonin.m2m2.vo.User) ValidationException(com.infiniteautomation.mango.util.exception.ValidationException) ExpiredJwtException(io.jsonwebtoken.ExpiredJwtException) SignatureException(io.jsonwebtoken.SignatureException) IncorrectClaimException(io.jsonwebtoken.IncorrectClaimException) UserModel(com.infiniteautomation.mango.rest.latest.model.user.UserModel) ResponseEntity(org.springframework.http.ResponseEntity) MissingClaimException(io.jsonwebtoken.MissingClaimException) BadRequestException(com.infiniteautomation.mango.rest.latest.exception.BadRequestException) TranslatableMessage(com.serotonin.m2m2.i18n.TranslatableMessage) MalformedJwtException(io.jsonwebtoken.MalformedJwtException) UnsupportedJwtException(io.jsonwebtoken.UnsupportedJwtException) AnonymousAccess(com.serotonin.m2m2.web.mvc.spring.security.permissions.AnonymousAccess) ApiOperation(io.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

User (com.serotonin.m2m2.vo.User)3 AnonymousAccess (com.serotonin.m2m2.web.mvc.spring.security.permissions.AnonymousAccess)3 ApiOperation (io.swagger.annotations.ApiOperation)3 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)3 BadRequestException (com.infiniteautomation.mango.rest.latest.exception.BadRequestException)2 UserModel (com.infiniteautomation.mango.rest.latest.model.user.UserModel)2 ShareUser (com.serotonin.m2m2.view.ShareUser)2 ResponseEntity (org.springframework.http.ResponseEntity)2 LoginUriInfo (com.infiniteautomation.mango.spring.components.pageresolver.LoginUriInfo)1 ValidationException (com.infiniteautomation.mango.util.exception.ValidationException)1 JsonArray (com.serotonin.json.type.JsonArray)1 JsonValue (com.serotonin.json.type.JsonValue)1 ProcessResult (com.serotonin.m2m2.i18n.ProcessResult)1 TranslatableJsonException (com.serotonin.m2m2.i18n.TranslatableJsonException)1 TranslatableMessage (com.serotonin.m2m2.i18n.TranslatableMessage)1 AnonymousUser (com.serotonin.m2m2.vo.AnonymousUser)1 DwrPermission (com.serotonin.m2m2.web.dwr.util.DwrPermission)1 ExpiredJwtException (io.jsonwebtoken.ExpiredJwtException)1 IncorrectClaimException (io.jsonwebtoken.IncorrectClaimException)1 MalformedJwtException (io.jsonwebtoken.MalformedJwtException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial