Examples with User com.webank.wedatasphere.qualitis.entity.User used on opensource projects

Example 31 with User

use of com.webank.wedatasphere.qualitis.entity.User in project Qualitis by WeBankFinTech.

the class UserRoleServiceImpl method modifyUserRole.

@Override
@Transactional(rollbackFor = { RuntimeException.class, UnExpectedRequestException.class })
public GeneralResponse<?> modifyUserRole(ModifyUserRoleRequest request) throws UnExpectedRequestException {
    // Check Arguments
    checkRequest(request);
    // Find user role by id
    String uuid = request.getUuid();
    UserRole userRoleInDb = userRoleDao.findByUuid(uuid);
    if (userRoleInDb == null) {
        throw new UnExpectedRequestException("user role id {&DOES_NOT_EXIST}, request: " + request);
    }
    LOGGER.info("Succeed to find user_role, uuid: {}, user_id: {}, role_id: {}, current_user: {}", uuid, userRoleInDb.getUser().getId(), userRoleInDb.getRole().getId(), HttpUtils.getUserName(httpServletRequest));
    Long userId = request.getUserId();
    Long roleId = request.getRoleId();
    User userInDb = userDao.findById(userId);
    if (userInDb == null) {
        throw new UnExpectedRequestException("userId {&DOES_NOT_EXIST}, request: " + request);
    }
    Role roleInDb = roleDao.findById(roleId);
    if (roleInDb == null) {
        throw new UnExpectedRequestException("roleId {&DOES_NOT_EXIST}, request: " + request);
    }
    UserRole userIdAndRoleIdInDb = userRoleDao.findByUserAndRole(userInDb, roleInDb);
    if (userIdAndRoleIdInDb != null) {
        throw new UnExpectedRequestException("userId and roleId {&ALREADY_EXIST}, request: " + request);
    }
    userRoleInDb.setUser(userInDb);
    userRoleInDb.setRole(roleInDb);
    UserRole savedUserRole = userRoleDao.saveUserRole(userRoleInDb);
    LOGGER.info("Succeed to modify user_role, uuid: {}, user_id: {}, role_id: {}, current_user: {}", uuid, savedUserRole.getUser().getId(), savedUserRole.getRole().getId(), HttpUtils.getUserName(httpServletRequest));
    return new GeneralResponse<>("200", "{&MODIFY_USER_ROLE_SUCCESSFULLY}", null);
}

Example 32 with User

use of com.webank.wedatasphere.qualitis.entity.User in project Qualitis by WeBankFinTech.

the class UserRoleServiceImpl method addUserRole.

@Override
@Transactional(rollbackFor = { RuntimeException.class, UnExpectedRequestException.class })
public GeneralResponse<UserRoleResponse> addUserRole(AddUserRoleRequest request) throws UnExpectedRequestException {
    // Check Arguments
    checkRequest(request);
    // Check existence of user, role and user role
    Long userId = request.getUserId();
    Long roleId = request.getRoleId();
    User userInDb = userDao.findById(userId);
    if (userInDb == null) {
        throw new UnExpectedRequestException("userId {&DOES_NOT_EXIST}, request: " + request);
    }
    Role roleInDb = roleDao.findById(roleId);
    if (roleInDb == null) {
        throw new UnExpectedRequestException("roleId {&DOES_NOT_EXIST}, request: " + request);
    }
    UserRole userRoleInDb = userRoleDao.findByUserAndRole(userInDb, roleInDb);
    if (userRoleInDb != null) {
        throw new UnExpectedRequestException("userId and roleId {&ALREADY_EXIST}, request: " + request);
    }
    // Save user role
    UserRole newUserRole = new UserRole();
    newUserRole.setRole(roleInDb);
    newUserRole.setUser(userInDb);
    newUserRole.setId(UuidGenerator.generate());
    UserRole savedUserRole = userRoleDao.saveUserRole(newUserRole);
    UserRoleResponse response = new UserRoleResponse(savedUserRole);
    LOGGER.info("Succeed to add user_role: response: {}, current_user: {}", response, HttpUtils.getUserName(httpServletRequest));
    return new GeneralResponse<>("200", "{&ADD_USER_ROLE_SUCCESSFULLY}", response);
}

Example 33 with User

use of com.webank.wedatasphere.qualitis.entity.User in project Qualitis by WeBankFinTech.

the class UserServiceImpl method modifyPassword.

@Override
public GeneralResponse<?> modifyPassword(ModifyPasswordRequest request) throws UnExpectedRequestException {
    // Check Arguments
    checkRequest(request);
    // Modify if old password is correct
    Long userId = HttpUtils.getUserId(httpServletRequest);
    User userInDb = userDao.findById(userId);
    if (null == userInDb) {
        throw new UnExpectedRequestException("userId {&DOES_NOT_EXIST}");
    }
    String passwordInDb = userInDb.getPassword();
    if (!passwordInDb.equals(request.getOldPassword())) {
        throw new UnExpectedRequestException("{&OLD_PASSWORD_NOT_CORRECT}");
    }
    userInDb.setPassword(request.getNewPassword());
    // Save user
    userDao.saveUser(userInDb);
    LOGGER.info("Succeed to modify password, userId: {}, current_user: {}", userId, HttpUtils.getUserName(httpServletRequest));
    return new GeneralResponse<>("200", "{&MODIFY_PASSWORD_SUCCESSFULLY}", null);
}

Example 34 with User

use of com.webank.wedatasphere.qualitis.entity.User in project Qualitis by WeBankFinTech.

the class UserSpecPermissionServiceImpl method addUserSpecPermission.

@Override
@Transactional(rollbackFor = { RuntimeException.class, UnExpectedRequestException.class })
public GeneralResponse<UserSpecPermissionResponse> addUserSpecPermission(AddUserSpecPermissionRequest request) throws UnExpectedRequestException {
    // Check Arguments
    checkRequest(request);
    // Check existence of user permission
    long userId = request.getUserId();
    long permissionId = request.getPermissionId();
    User userInDb = userDao.findById(userId);
    if (userInDb == null) {
        throw new UnExpectedRequestException("user id {&DOES_NOT_EXIST}, request: " + request);
    }
    Permission permissionInDb = permissionDao.findById(permissionId);
    if (permissionInDb == null) {
        throw new UnExpectedRequestException("permission id {&DOES_NOT_EXIST}, request: " + request);
    }
    UserSpecPermission userSpecPermissionInDb = userSpecPermissionDao.findByUserAndPermission(userInDb, permissionInDb);
    if (userSpecPermissionInDb != null) {
        throw new UnExpectedRequestException("user id and permission id {&ALREADY_EXIST}, request: " + request);
    }
    // Save new user permissions
    UserSpecPermission newUserSpecPermission = new UserSpecPermission();
    newUserSpecPermission.setUser(userInDb);
    newUserSpecPermission.setPermission(permissionInDb);
    newUserSpecPermission.setId(UuidGenerator.generate());
    UserSpecPermission savedUserSpecPermission = userSpecPermissionDao.saveUserSpecPermission(newUserSpecPermission);
    UserSpecPermissionResponse response = new UserSpecPermissionResponse(savedUserSpecPermission);
    LOGGER.info("Succeed to add user_permission, response: {}, current_user: {}", response, HttpUtils.getUserName(httpServletRequest));
    return new GeneralResponse<>("200", "{&ADD_USER_SPEC_PERMISSION_SUCCESSFULLY}", response);
}

Example 35 with User

use of com.webank.wedatasphere.qualitis.entity.User in project Qualitis by WeBankFinTech.

the class Filter1AuthorizationFilter method doFilter.

@Override
public void doFilter(ServletRequest servletRequest, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) servletRequest;
    String requestUrl = request.getRequestURI();
    // Pass if file upload url accepted
    AntPathMatcher matcher = new AntPathMatcher();
    for (String uploadUrl : uploadUrlList) {
        if (matcher.match(uploadUrl, requestUrl)) {
            filterChain.doFilter(request, response);
            return;
        }
    }
    BodyReaderHttpServletRequestWrapper requestWrapper = new BodyReaderHttpServletRequestWrapper(request);
    printReceiveLog(requestWrapper);
    if (NOT_FILTER_METHOD.equals(requestWrapper.getMethod())) {
        filterChain.doFilter(requestWrapper, response);
        return;
    }
    HttpSession session = requestWrapper.getSession();
    if (!permitUrlList.contains(requestUrl)) {
        Object permissionObj = session.getAttribute("permissions");
        Object user = session.getAttribute("user");
        if (null == permissionObj || null == user) {
            String username = request.getRemoteUser();
            if (username == null) {
                // Redirect to login page
                LOGGER.info("Can not get username from sso, it will redirect to local login page");
                writeRedirectHome(response);
            } else {
                // 查询数据库，看用户是否存在
                User userInDb = userDao.findByUsername(username);
                if (userInDb != null) {
                    // 放入session
                    loginService.addToSession(username, request);
                    ((HttpServletResponse) response).sendRedirect(frontEndConfig.getHomePage());
                } else {
                    // 自动创建用户
                    LOGGER.warn("user: {}, do not exist, trying to create user", username);
                    try {
                        userService.autoAddUser(username);
                        loginService.addToSession(username, request);
                        ((HttpServletResponse) response).sendRedirect(frontEndConfig.getHomePage());
                    } catch (RoleNotFoundException e) {
                        LOGGER.error("Failed to auto add user, cause by: Failed to get role [PROJECTOR]", e);
                    }
                }
            }
            return;
        }
        List<Permission> permissions = (List<Permission>) permissionObj;
        String method = requestWrapper.getMethod();
        if (!checkPermission(requestUrl, method, permissions)) {
            writeForbidden("no permissions", response);
            LOGGER.warn("User: {} failed to access url: {}, caused by: No permissions", user, requestWrapper.getRequestURI());
            return;
        }
    }
    Object user = session.getAttribute("user");
    LOGGER.info("User: {} succeed to access url: {}", user, requestWrapper.getRequestURI());
    filterChain.doFilter(requestWrapper, response);
}