use of edu.harvard.iq.dataverse.actionlogging.ActionLogRecord in project dataverse by IQSS.
the class ShibGroupServiceBean method delete.
public boolean delete(ShibGroup doomed) throws Exception {
ActionLogRecord alr = new ActionLogRecord(ActionLogRecord.ActionType.GlobalGroups, "shibDelete");
alr.setInfo(doomed.getName() + ":" + doomed.getIdentifier());
List<RoleAssignment> assignments = roleAssigneeSvc.getAssignmentsFor(doomed.getIdentifier());
if (assignments.isEmpty()) {
em.remove(doomed);
actionLogSvc.log(alr);
return true;
} else {
/**
* @todo Delete role assignments that match this Shib group.
*/
List<String> assignmentIds = new ArrayList<>();
for (RoleAssignment assignment : assignments) {
assignmentIds.add(assignment.getId().toString());
}
String message = "Could not delete Shibboleth group id " + doomed.getId() + " due to existing role assignments: " + assignmentIds;
logger.info(message);
actionLogSvc.log(alr.setActionResult(ActionLogRecord.Result.BadRequest).setInfo(alr.getInfo() + "// " + message));
throw new Exception(message);
}
}
use of edu.harvard.iq.dataverse.actionlogging.ActionLogRecord in project dataverse by IQSS.
the class AuthenticationServiceBean method deleteAuthenticatedUser.
/**
* Use with care! This method was written primarily for developers
* interested in API testing who want to:
*
* 1. Create a temporary user and get an API token.
*
* 2. Do some work with that API token.
*
* 3. Delete all the stuff that was created with the API token.
*
* 4. Delete the temporary user.
*
* Before calling this method, make sure you've deleted all the stuff tied
* to the user, including stuff they've created, role assignments, group
* assignments, etc.
*
* Longer term, the intention is to have a "disableAuthenticatedUser"
* method/command. See https://github.com/IQSS/dataverse/issues/2419
*/
public void deleteAuthenticatedUser(Object pk) {
AuthenticatedUser user = em.find(AuthenticatedUser.class, pk);
if (user != null) {
ApiToken apiToken = findApiTokenByUser(user);
if (apiToken != null) {
em.remove(apiToken);
}
ConfirmEmailData confirmEmailData = confirmEmailService.findSingleConfirmEmailDataByUser(user);
if (confirmEmailData != null) {
/**
* @todo This could probably be a cascade delete instead.
*/
em.remove(confirmEmailData);
}
userNotificationService.findByUser(user.getId()).forEach(userNotificationService::delete);
AuthenticationProvider prv = lookupProvider(user);
if (prv != null && prv.isUserDeletionAllowed()) {
prv.deleteUser(user.getAuthenticatedUserLookup().getPersistentUserId());
}
actionLogSvc.log(new ActionLogRecord(ActionLogRecord.ActionType.Auth, "deleteUser").setInfo(user.getUserIdentifier()));
em.remove(user.getAuthenticatedUserLookup());
em.remove(user);
}
}
use of edu.harvard.iq.dataverse.actionlogging.ActionLogRecord in project dataverse by IQSS.
the class IpGroupsServiceBean method store.
/**
* Stores (inserts/updates) the passed IP group.
* @param grp The group to store.
* @return Managed version of the group. The provider might be un-set.
*/
public IpGroup store(IpGroup grp) {
ActionLogRecord alr = new ActionLogRecord(ActionLogRecord.ActionType.GlobalGroups, "ipCreate");
if (grp.getGroupProvider() != null) {
alr.setInfo(grp.getIdentifier());
} else {
alr.setInfo(grp.getDisplayName());
}
alr.setInfo(alr.getInfo() + "// " + grp.getRanges());
if (grp.getId() == null) {
if (grp.getPersistedGroupAlias() != null) {
IpGroup existing = getByGroupName(grp.getPersistedGroupAlias());
if (existing == null) {
// new group
em.persist(grp);
actionLogSvc.log(alr);
return grp;
} else {
existing.setDescription(grp.getDescription());
existing.setDisplayName(grp.getDisplayName());
existing.setIpv4Ranges(grp.getIpv4Ranges());
existing.setIpv6Ranges(grp.getIpv6Ranges());
actionLogSvc.log(alr.setActionSubType("ipUpdate"));
return existing;
}
} else {
actionLogSvc.log(alr);
em.persist(grp);
return grp;
}
} else {
actionLogSvc.log(alr.setActionSubType("ipUpdate"));
return em.merge(grp);
}
}
use of edu.harvard.iq.dataverse.actionlogging.ActionLogRecord in project dataverse by IQSS.
the class ExternalTools method addExternalTool.
@POST
public Response addExternalTool(String manifest) {
try {
ExternalTool externalTool = ExternalToolServiceBean.parseAddExternalToolManifest(manifest);
ExternalTool saved = externalToolService.save(externalTool);
Long toolId = saved.getId();
actionLogSvc.log(new ActionLogRecord(ActionLogRecord.ActionType.ExternalTool, "addExternalTool").setInfo("External tool added with id " + toolId + "."));
return ok(saved.toJson());
} catch (Exception ex) {
return error(BAD_REQUEST, ex.getMessage());
}
}
use of edu.harvard.iq.dataverse.actionlogging.ActionLogRecord in project dataverse by IQSS.
the class Admin method toggleSuperuser.
@Path("superuser/{identifier}")
@POST
public Response toggleSuperuser(@PathParam("identifier") String identifier) {
ActionLogRecord alr = new ActionLogRecord(ActionLogRecord.ActionType.Admin, "toggleSuperuser").setInfo(identifier);
try {
AuthenticatedUser user = authSvc.getAuthenticatedUser(identifier);
user.setSuperuser(!user.isSuperuser());
return ok("User " + user.getIdentifier() + " " + (user.isSuperuser() ? "set" : "removed") + " as a superuser.");
} catch (Exception e) {
alr.setActionResult(ActionLogRecord.Result.InternalError);
alr.setInfo(alr.getInfo() + "// " + e.getMessage());
return error(Response.Status.INTERNAL_SERVER_ERROR, e.getMessage());
} finally {
actionLogSvc.log(alr);
}
}
Aggregations