Search in sources :

Example 1 with UserIdentification

use of fi.otavanopisto.pyramus.domainmodel.users.UserIdentification in project pyramus by otavanopisto.

the class CreateCredentialsJSONRequestController method process.

public void process(JSONRequestContext requestContext) {
    // Validation of request data and basic necessities
    String applicationId = StringUtils.trim(requestContext.getString("applicationId"));
    String credentialToken = StringUtils.trim(requestContext.getString("token"));
    String username = StringUtils.trim(requestContext.getString("username"));
    String password = StringUtils.trim(requestContext.getString("password"));
    List<InternalAuthenticationProvider> providers = AuthenticationProviderVault.getInstance().getInternalAuthenticationProviders();
    InternalAuthenticationProvider provider = providers.size() == 1 ? providers.get(0) : null;
    if (provider == null || !provider.canUpdateCredentials() || StringUtils.isAnyBlank(applicationId, username, password, credentialToken)) {
        fail(requestContext, "Sisäinen virhe");
        return;
    }
    // Validate application
    ApplicationDAO applicationDAO = DAOFactory.getInstance().getApplicationDAO();
    Application application = applicationDAO.findByApplicationId(applicationId);
    if (application == null || application.getStudent() == null || !StringUtils.equals(credentialToken, application.getCredentialToken())) {
        fail(requestContext, "Hakemus ei mahdollista tunnusten luontia");
        return;
    }
    // Validate student
    Person person = application.getStudent().getPerson();
    InternalAuthDAO internalAuthDAO = DAOFactory.getInstance().getInternalAuthDAO();
    UserIdentificationDAO userIdentificationDAO = DAOFactory.getInstance().getUserIdentificationDAO();
    UserIdentification userIdentification = userIdentificationDAO.findByAuthSourceAndPerson(provider.getName(), person);
    if (userIdentification != null) {
        fail(requestContext, "Käyttäjätilillä on jo tunnukset");
        return;
    }
    InternalAuth internalAuth = internalAuthDAO.findByUsername(username);
    if (internalAuth != null) {
        fail(requestContext, "Valittu käyttäjätunnus on jo varattu");
        return;
    }
    String externalId = provider.createCredentials(username, password);
    userIdentificationDAO.create(person, provider.getName(), externalId);
    requestContext.addResponseParameter("status", "OK");
}
Also used : InternalAuthenticationProvider(fi.otavanopisto.pyramus.plugin.auth.InternalAuthenticationProvider) InternalAuthDAO(fi.otavanopisto.pyramus.dao.users.InternalAuthDAO) InternalAuth(fi.otavanopisto.pyramus.domainmodel.users.InternalAuth) ApplicationDAO(fi.otavanopisto.pyramus.dao.application.ApplicationDAO) Application(fi.otavanopisto.pyramus.domainmodel.application.Application) Person(fi.otavanopisto.pyramus.domainmodel.base.Person) UserIdentification(fi.otavanopisto.pyramus.domainmodel.users.UserIdentification) UserIdentificationDAO(fi.otavanopisto.pyramus.dao.users.UserIdentificationDAO)

Example 2 with UserIdentification

use of fi.otavanopisto.pyramus.domainmodel.users.UserIdentification in project pyramus by otavanopisto.

the class EditStudentViewController method process.

public void process(PageRequestContext pageRequestContext) {
    StudentDAO studentDAO = DAOFactory.getInstance().getStudentDAO();
    PersonDAO personDAO = DAOFactory.getInstance().getPersonDAO();
    StudentActivityTypeDAO studentActivityTypeDAO = DAOFactory.getInstance().getStudentActivityTypeDAO();
    StudentEducationalLevelDAO studentEducationalLevelDAO = DAOFactory.getInstance().getStudentEducationalLevelDAO();
    StudentExaminationTypeDAO studentExaminationTypeDAO = DAOFactory.getInstance().getStudentExaminationTypeDAO();
    StudentStudyEndReasonDAO studyEndReasonDAO = DAOFactory.getInstance().getStudentStudyEndReasonDAO();
    UserVariableKeyDAO userVariableKeyDAO = DAOFactory.getInstance().getUserVariableKeyDAO();
    UserVariableDAO userVariableDAO = DAOFactory.getInstance().getUserVariableDAO();
    StudyProgrammeDAO studyProgrammeDAO = DAOFactory.getInstance().getStudyProgrammeDAO();
    MunicipalityDAO municipalityDAO = DAOFactory.getInstance().getMunicipalityDAO();
    NationalityDAO nationalityDAO = DAOFactory.getInstance().getNationalityDAO();
    SchoolDAO schoolDAO = DAOFactory.getInstance().getSchoolDAO();
    LanguageDAO languageDAO = DAOFactory.getInstance().getLanguageDAO();
    ContactTypeDAO contactTypeDAO = DAOFactory.getInstance().getContactTypeDAO();
    ContactURLTypeDAO contactURLTypeDAO = DAOFactory.getInstance().getContactURLTypeDAO();
    CreditLinkDAO creditLinkDAO = DAOFactory.getInstance().getCreditLinkDAO();
    CourseAssessmentDAO courseAssessmentDAO = DAOFactory.getInstance().getCourseAssessmentDAO();
    TransferCreditDAO transferCreditDAO = DAOFactory.getInstance().getTransferCreditDAO();
    UserIdentificationDAO userIdentificationDAO = DAOFactory.getInstance().getUserIdentificationDAO();
    UserDAO userDAO = DAOFactory.getInstance().getUserDAO();
    CurriculumDAO curriculumDAO = DAOFactory.getInstance().getCurriculumDAO();
    StudentLodgingPeriodDAO studentLodgingPeriodDAO = DAOFactory.getInstance().getStudentLodgingPeriodDAO();
    PersonVariableKeyDAO personVariableKeyDAO = DAOFactory.getInstance().getPersonVariableKeyDAO();
    PersonVariableDAO personVariableDAO = DAOFactory.getInstance().getPersonVariableDAO();
    StudentStudyPeriodDAO studentStudyPeriodDAO = DAOFactory.getInstance().getStudentStudyPeriodDAO();
    StaffMemberDAO staffMemberDAO = DAOFactory.getInstance().getStaffMemberDAO();
    Locale locale = pageRequestContext.getRequest().getLocale();
    User loggedUser = userDAO.findById(pageRequestContext.getLoggedUserId());
    Long personId = pageRequestContext.getLong("person");
    Person person = personDAO.findById(personId);
    List<Student> students = UserUtils.canAccessAllOrganizations(loggedUser) ? studentDAO.listByPerson(person) : studentDAO.listByPersonAndOrganization(person, loggedUser.getOrganization());
    Collections.sort(students, new Comparator<Student>() {

        @Override
        public int compare(Student o1, Student o2) {
            /**
             * Ordering study programmes as follows
             *  1. studies that have start date but no end date (ongoing)
             *  2. studies that have no start nor end date
             *  3. studies that have ended
             *  4. studies that are archived
             *  5. other
             */
            int o1class = (o1.getArchived()) ? 4 : (o1.getStudyStartDate() != null && o1.getStudyEndDate() == null) ? 1 : (o1.getStudyStartDate() == null && o1.getStudyEndDate() == null) ? 2 : (o1.getStudyEndDate() != null) ? 3 : 5;
            int o2class = (o2.getArchived()) ? 4 : (o2.getStudyStartDate() != null && o2.getStudyEndDate() == null) ? 1 : (o2.getStudyStartDate() == null && o2.getStudyEndDate() == null) ? 2 : (o2.getStudyEndDate() != null) ? 3 : 5;
            if (o1class == o2class) {
                // classes are the same, we try to do last comparison from the start dates
                return ((o1.getStudyStartDate() != null) && (o2.getStudyStartDate() != null)) ? o2.getStudyStartDate().compareTo(o1.getStudyStartDate()) : 0;
            } else
                return o1class < o2class ? -1 : o1class == o2class ? 0 : 1;
        }
    });
    Map<Long, String> studentTags = new HashMap<>();
    Map<Long, Boolean> studentHasCredits = new HashMap<>();
    List<UserVariableKey> userVariableKeys = userVariableKeyDAO.listByUserEditable(Boolean.TRUE);
    Collections.sort(userVariableKeys, new StringAttributeComparator("getVariableName"));
    JSONObject studentLodgingPeriods = new JSONObject();
    JSONObject studentStudyPeriodsJSON = new JSONObject();
    for (Student student : students) {
        StringBuilder tagsBuilder = new StringBuilder();
        Iterator<Tag> tagIterator = student.getTags().iterator();
        while (tagIterator.hasNext()) {
            Tag tag = tagIterator.next();
            tagsBuilder.append(tag.getText());
            if (tagIterator.hasNext())
                tagsBuilder.append(' ');
        }
        studentTags.put(student.getId(), tagsBuilder.toString());
        studentHasCredits.put(student.getId(), creditLinkDAO.countByStudent(student) + courseAssessmentDAO.countByStudent(student) + transferCreditDAO.countByStudent(student) > 0);
        JSONArray variables = new JSONArray();
        for (UserVariableKey userVariableKey : userVariableKeys) {
            UserVariable userVariable = userVariableDAO.findByUserAndVariableKey(student, userVariableKey);
            JSONObject variable = new JSONObject();
            variable.put("type", userVariableKey.getVariableType());
            variable.put("name", userVariableKey.getVariableName());
            variable.put("key", userVariableKey.getVariableKey());
            variable.put("value", userVariable != null ? userVariable.getValue() : "");
            variables.add(variable);
        }
        setJsDataVariable(pageRequestContext, "variables." + student.getId(), variables.toString());
        List<StudentLodgingPeriod> studentLodgingPeriodEntities = studentLodgingPeriodDAO.listByStudent(student);
        studentLodgingPeriodEntities.sort(Comparator.comparing(StudentLodgingPeriod::getBegin, Comparator.nullsLast(Comparator.naturalOrder())));
        JSONArray lodgingPeriods = new JSONArray();
        for (StudentLodgingPeriod period : studentLodgingPeriodEntities) {
            JSONObject periodJSON = new JSONObject();
            periodJSON.put("id", period.getId());
            periodJSON.put("begin", period.getBegin() != null ? period.getBegin().getTime() : null);
            periodJSON.put("end", period.getEnd() != null ? period.getEnd().getTime() : null);
            lodgingPeriods.add(periodJSON);
        }
        if (!lodgingPeriods.isEmpty()) {
            studentLodgingPeriods.put(student.getId(), lodgingPeriods);
        }
        List<StudentStudyPeriod> studyPeriods = studentStudyPeriodDAO.listByStudent(student);
        studyPeriods.sort(Comparator.comparing(StudentStudyPeriod::getBegin, Comparator.nullsLast(Comparator.naturalOrder())));
        JSONArray studyPeriodsJSON = new JSONArray();
        for (StudentStudyPeriod studyPeriod : studyPeriods) {
            JSONObject periodJSON = new JSONObject();
            periodJSON.put("id", studyPeriod.getId());
            periodJSON.put("begin", studyPeriod.getBegin() != null ? studyPeriod.getBegin().getTime() : null);
            periodJSON.put("end", studyPeriod.getEnd() != null ? studyPeriod.getEnd().getTime() : null);
            periodJSON.put("type", studyPeriod.getPeriodType());
            studyPeriodsJSON.add(periodJSON);
        }
        if (!studyPeriodsJSON.isEmpty()) {
            studentStudyPeriodsJSON.put(student.getId(), studyPeriodsJSON);
        }
    }
    setJsDataVariable(pageRequestContext, "studentLodgingPeriods", studentLodgingPeriods.toString());
    setJsDataVariable(pageRequestContext, "studentStudyPeriods", studentStudyPeriodsJSON.toString());
    List<PersonVariableKey> personVariableKeys = personVariableKeyDAO.listUserEditablePersonVariableKeys();
    Collections.sort(personVariableKeys, new StringAttributeComparator("getVariableName"));
    JSONArray personVariablesJSON = new JSONArray();
    for (PersonVariableKey personVariableKey : personVariableKeys) {
        PersonVariable personVariable = personVariableDAO.findByPersonAndVariableKey(person, personVariableKey);
        JSONObject personVariableJSON = new JSONObject();
        personVariableJSON.put("type", personVariableKey.getVariableType());
        personVariableJSON.put("name", personVariableKey.getVariableName());
        personVariableJSON.put("key", personVariableKey.getVariableKey());
        personVariableJSON.put("value", personVariable != null ? personVariable.getValue() : "");
        personVariablesJSON.add(personVariableJSON);
    }
    setJsDataVariable(pageRequestContext, "personVariables", personVariablesJSON.toString());
    List<Nationality> nationalities = nationalityDAO.listUnarchived();
    Collections.sort(nationalities, new StringAttributeComparator("getName"));
    List<Municipality> municipalities = municipalityDAO.listUnarchived();
    Collections.sort(municipalities, new StringAttributeComparator("getName"));
    List<Language> languages = languageDAO.listUnarchived();
    Collections.sort(languages, new StringAttributeComparator("getName"));
    List<School> schools = schoolDAO.listUnarchived();
    Collections.sort(schools, new StringAttributeComparator("getName"));
    List<ContactURLType> contactURLTypes = contactURLTypeDAO.listUnarchived();
    Collections.sort(contactURLTypes, new StringAttributeComparator("getName"));
    List<ContactType> contactTypes = contactTypeDAO.listUnarchived();
    Collections.sort(contactTypes, new StringAttributeComparator("getName"));
    String username = "";
    boolean hasInternalAuthenticationStrategies = AuthenticationProviderVault.getInstance().hasInternalStrategies();
    if (UserUtils.allowEditCredentials(loggedUser, person)) {
        if (hasInternalAuthenticationStrategies) {
            // TODO: Support for multiple internal authentication providers
            List<InternalAuthenticationProvider> internalAuthenticationProviders = AuthenticationProviderVault.getInstance().getInternalAuthenticationProviders();
            if (internalAuthenticationProviders.size() == 1) {
                InternalAuthenticationProvider internalAuthenticationProvider = internalAuthenticationProviders.get(0);
                if (internalAuthenticationProvider != null) {
                    UserIdentification userIdentification = userIdentificationDAO.findByAuthSourceAndPerson(internalAuthenticationProvider.getName(), person);
                    if (internalAuthenticationProvider.canUpdateCredentials()) {
                        if (userIdentification != null) {
                            username = internalAuthenticationProvider.getUsername(userIdentification.getExternalId());
                        }
                    }
                }
            }
        }
    }
    JSONArray studentStudyPeriodTypesJSON = new JSONArray();
    for (StudentStudyPeriodType studentStudyPeriodType : StudentStudyPeriodType.values()) {
        JSONObject studyPeriodType = new JSONObject();
        studyPeriodType.put("id", studentStudyPeriodType.toString());
        studyPeriodType.put("displayName", Messages.getInstance().getText(locale, String.format("generic.studentStudyPeriods.%s", studentStudyPeriodType)));
        studyPeriodType.put("beginOnly", StudentStudyPeriodType.BEGINDATE_ONLY.contains(studentStudyPeriodType));
        studentStudyPeriodTypesJSON.add(studyPeriodType);
    }
    setJsDataVariable(pageRequestContext, "studentStudyPeriodTypes", studentStudyPeriodTypesJSON.toString());
    List<Curriculum> curriculums = curriculumDAO.listUnarchived();
    Collections.sort(curriculums, new StringAttributeComparator("getName"));
    List<StudyProgramme> studyProgrammes = UserUtils.canAccessAllOrganizations(loggedUser) ? studyProgrammeDAO.listUnarchived() : studyProgrammeDAO.listByOrganization(loggedUser.getOrganization(), Archived.UNARCHIVED);
    Collections.sort(studyProgrammes, new StringAttributeComparator("getName"));
    List<StaffMember> studyApprovers = staffMemberDAO.listByProperty(StaffMemberProperties.STUDY_APPROVER.getKey(), "1");
    // Add study approvers to the list that have been used before so the selections can be persisted
    List<StaffMember> selectedStudyApprovers = students.stream().map(student -> student.getStudyApprover()).filter(Objects::nonNull).collect(Collectors.toList());
    for (StaffMember selectedStudyApprover : selectedStudyApprovers) {
        Long selectedStudyApproverId = selectedStudyApprover.getId();
        boolean isSelectedInList = studyApprovers.stream().map(StaffMember::getId).anyMatch(selectedStudyApproverId::equals);
        if (!isSelectedInList) {
            studyApprovers.add(selectedStudyApprover);
        }
    }
    studyApprovers.sort(Comparator.comparing(StaffMember::getLastName).thenComparing(StaffMember::getFirstName));
    readUserVariablePresets(pageRequestContext);
    pageRequestContext.getRequest().setAttribute("tags", studentTags);
    pageRequestContext.getRequest().setAttribute("person", person);
    pageRequestContext.getRequest().setAttribute("students", students);
    pageRequestContext.getRequest().setAttribute("activityTypes", studentActivityTypeDAO.listUnarchived());
    pageRequestContext.getRequest().setAttribute("contactURLTypes", contactURLTypes);
    pageRequestContext.getRequest().setAttribute("contactTypes", contactTypes);
    pageRequestContext.getRequest().setAttribute("examinationTypes", studentExaminationTypeDAO.listUnarchived());
    pageRequestContext.getRequest().setAttribute("educationalLevels", studentEducationalLevelDAO.listUnarchived());
    pageRequestContext.getRequest().setAttribute("nationalities", nationalities);
    pageRequestContext.getRequest().setAttribute("municipalities", municipalities);
    pageRequestContext.getRequest().setAttribute("languages", languages);
    pageRequestContext.getRequest().setAttribute("schools", schools);
    pageRequestContext.getRequest().setAttribute("studyProgrammes", studyProgrammes);
    pageRequestContext.getRequest().setAttribute("curriculums", curriculums);
    pageRequestContext.getRequest().setAttribute("studyEndReasons", studyEndReasonDAO.listByParentReason(null));
    pageRequestContext.getRequest().setAttribute("variableKeys", userVariableKeys);
    pageRequestContext.getRequest().setAttribute("personVariableKeys", personVariableKeys);
    pageRequestContext.getRequest().setAttribute("studentHasCredits", studentHasCredits);
    pageRequestContext.getRequest().setAttribute("hasInternalAuthenticationStrategies", hasInternalAuthenticationStrategies);
    pageRequestContext.getRequest().setAttribute("username", username);
    pageRequestContext.getRequest().setAttribute("allowEditCredentials", UserUtils.allowEditCredentials(loggedUser, person));
    pageRequestContext.getRequest().setAttribute("studyApprovers", studyApprovers);
    pageRequestContext.setIncludeJSP("/templates/students/editstudent.jsp");
}
Also used : Locale(java.util.Locale) ContactType(fi.otavanopisto.pyramus.domainmodel.base.ContactType) HashMap(java.util.HashMap) UserVariableKey(fi.otavanopisto.pyramus.domainmodel.users.UserVariableKey) StaffMember(fi.otavanopisto.pyramus.domainmodel.users.StaffMember) UserVariable(fi.otavanopisto.pyramus.domainmodel.users.UserVariable) StudentLodgingPeriodDAO(fi.otavanopisto.pyramus.dao.students.StudentLodgingPeriodDAO) PersonDAO(fi.otavanopisto.pyramus.dao.base.PersonDAO) InternalAuthenticationProvider(fi.otavanopisto.pyramus.plugin.auth.InternalAuthenticationProvider) MunicipalityDAO(fi.otavanopisto.pyramus.dao.base.MunicipalityDAO) StudentEducationalLevelDAO(fi.otavanopisto.pyramus.dao.students.StudentEducationalLevelDAO) UserIdentificationDAO(fi.otavanopisto.pyramus.dao.users.UserIdentificationDAO) Municipality(fi.otavanopisto.pyramus.domainmodel.base.Municipality) CourseAssessmentDAO(fi.otavanopisto.pyramus.dao.grading.CourseAssessmentDAO) NationalityDAO(fi.otavanopisto.pyramus.dao.base.NationalityDAO) LanguageDAO(fi.otavanopisto.pyramus.dao.base.LanguageDAO) StudentActivityTypeDAO(fi.otavanopisto.pyramus.dao.students.StudentActivityTypeDAO) Student(fi.otavanopisto.pyramus.domainmodel.students.Student) StudentDAO(fi.otavanopisto.pyramus.dao.students.StudentDAO) UserVariableKeyDAO(fi.otavanopisto.pyramus.dao.users.UserVariableKeyDAO) JSONObject(net.sf.json.JSONObject) StudentStudyPeriodType(fi.otavanopisto.pyramus.domainmodel.students.StudentStudyPeriodType) PersonVariableKey(fi.otavanopisto.pyramus.domainmodel.users.PersonVariableKey) Person(fi.otavanopisto.pyramus.domainmodel.base.Person) User(fi.otavanopisto.pyramus.domainmodel.users.User) StudyProgramme(fi.otavanopisto.pyramus.domainmodel.base.StudyProgramme) StringAttributeComparator(fi.otavanopisto.pyramus.util.StringAttributeComparator) StudentStudyEndReasonDAO(fi.otavanopisto.pyramus.dao.students.StudentStudyEndReasonDAO) ContactURLTypeDAO(fi.otavanopisto.pyramus.dao.base.ContactURLTypeDAO) School(fi.otavanopisto.pyramus.domainmodel.base.School) StaffMemberDAO(fi.otavanopisto.pyramus.dao.users.StaffMemberDAO) TransferCreditDAO(fi.otavanopisto.pyramus.dao.grading.TransferCreditDAO) UserDAO(fi.otavanopisto.pyramus.dao.users.UserDAO) Language(fi.otavanopisto.pyramus.domainmodel.base.Language) UserVariableDAO(fi.otavanopisto.pyramus.dao.users.UserVariableDAO) SchoolDAO(fi.otavanopisto.pyramus.dao.base.SchoolDAO) ContactTypeDAO(fi.otavanopisto.pyramus.dao.base.ContactTypeDAO) PersonVariableKeyDAO(fi.otavanopisto.pyramus.dao.users.PersonVariableKeyDAO) StudentStudyPeriodDAO(fi.otavanopisto.pyramus.dao.students.StudentStudyPeriodDAO) StudentExaminationTypeDAO(fi.otavanopisto.pyramus.dao.students.StudentExaminationTypeDAO) CurriculumDAO(fi.otavanopisto.pyramus.dao.base.CurriculumDAO) PersonVariable(fi.otavanopisto.pyramus.domainmodel.users.PersonVariable) JSONArray(net.sf.json.JSONArray) StudyProgrammeDAO(fi.otavanopisto.pyramus.dao.base.StudyProgrammeDAO) CreditLinkDAO(fi.otavanopisto.pyramus.dao.grading.CreditLinkDAO) Nationality(fi.otavanopisto.pyramus.domainmodel.base.Nationality) StudentLodgingPeriod(fi.otavanopisto.pyramus.domainmodel.students.StudentLodgingPeriod) PersonVariableDAO(fi.otavanopisto.pyramus.dao.users.PersonVariableDAO) ContactURLType(fi.otavanopisto.pyramus.domainmodel.base.ContactURLType) Curriculum(fi.otavanopisto.pyramus.domainmodel.base.Curriculum) Tag(fi.otavanopisto.pyramus.domainmodel.base.Tag) StudentStudyPeriod(fi.otavanopisto.pyramus.domainmodel.students.StudentStudyPeriod) UserIdentification(fi.otavanopisto.pyramus.domainmodel.users.UserIdentification)

Example 3 with UserIdentification

use of fi.otavanopisto.pyramus.domainmodel.users.UserIdentification in project pyramus by otavanopisto.

the class MuikkuRESTService method resetCredentials.

@Path("/resetCredentials/{HASH}")
@GET
@RESTPermit(MuikkuPermissions.MUIKKU_RESET_CREDENTIALS)
public Response resetCredentials(@PathParam("HASH") String hash) {
    // Resolve internal authentication provider
    List<InternalAuthenticationProvider> providers = AuthenticationProviderVault.getInstance().getInternalAuthenticationProviders();
    InternalAuthenticationProvider provider = providers.size() == 1 ? providers.get(0) : null;
    if (provider == null || !provider.canUpdateCredentials()) {
        return Response.status(Status.INTERNAL_SERVER_ERROR).entity("Invalid authentication provider").build();
    }
    // Validate reset request
    PasswordResetRequest resetRequest = passwordResetRequestDAO.findBySecret(hash);
    if (resetRequest == null || isExpired(resetRequest)) {
        return Response.status(Status.NOT_FOUND).build();
    }
    // Create payload with (possible) username
    CredentialResetPayload payload = new CredentialResetPayload();
    UserIdentification userIdentification = userIdentificationDAO.findByAuthSourceAndPerson(provider.getName(), resetRequest.getPerson());
    if (userIdentification != null) {
        InternalAuth internalAuth = internalAuthDAO.findById(Long.valueOf(userIdentification.getExternalId()));
        if (internalAuth != null) {
            payload.setUsername(internalAuth.getUsername());
        }
    }
    return Response.ok(payload).build();
}
Also used : PasswordResetRequest(fi.otavanopisto.pyramus.domainmodel.users.PasswordResetRequest) CredentialResetPayload(fi.otavanopisto.pyramus.rest.model.muikku.CredentialResetPayload) InternalAuthenticationProvider(fi.otavanopisto.pyramus.plugin.auth.InternalAuthenticationProvider) InternalAuth(fi.otavanopisto.pyramus.domainmodel.users.InternalAuth) UserIdentification(fi.otavanopisto.pyramus.domainmodel.users.UserIdentification) Path(javax.ws.rs.Path) RESTPermit(fi.otavanopisto.pyramus.rest.annotation.RESTPermit) GET(javax.ws.rs.GET)

Example 4 with UserIdentification

use of fi.otavanopisto.pyramus.domainmodel.users.UserIdentification in project pyramus by otavanopisto.

the class MuikkuRESTService method resetCredentials.

@Path("/resetCredentials")
@POST
@RESTPermit(MuikkuPermissions.MUIKKU_RESET_CREDENTIALS)
public Response resetCredentials(@Context HttpServletRequest request, CredentialResetPayload payload) {
    // Resolve internal authentication provider
    List<InternalAuthenticationProvider> providers = AuthenticationProviderVault.getInstance().getInternalAuthenticationProviders();
    InternalAuthenticationProvider provider = providers.size() == 1 ? providers.get(0) : null;
    if (provider == null || !provider.canUpdateCredentials()) {
        return Response.status(Status.INTERNAL_SERVER_ERROR).entity("Invalid authentication provider").build();
    }
    // Validate reset request
    PasswordResetRequest resetRequest = passwordResetRequestDAO.findBySecret(payload.getSecret());
    if (resetRequest == null || isExpired(resetRequest)) {
        return Response.status(Status.NOT_FOUND).build();
    }
    // Validate username uniqueness
    InternalAuth internalAuth = internalAuthDAO.findByUsername(payload.getUsername());
    if (internalAuth != null) {
        UserIdentification userIdentification = userIdentificationDAO.findByAuthSourceAndExternalId(provider.getName(), internalAuth.getId().toString());
        if (userIdentification != null) {
            if (!userIdentification.getPerson().getId().equals(resetRequest.getPerson().getId())) {
                return Response.status(Status.CONFLICT).entity(getMessage(request.getLocale(), "error.usernameInUse")).build();
            }
        }
    } else {
        UserIdentification userIdentification = userIdentificationDAO.findByAuthSourceAndPerson(provider.getName(), resetRequest.getPerson());
        if (userIdentification != null) {
            internalAuth = internalAuthDAO.findById(Long.valueOf(userIdentification.getExternalId()));
        }
    }
    try {
        if (internalAuth == null) {
            String externalId = provider.createCredentials(payload.getUsername(), payload.getPassword());
            userIdentificationDAO.create(resetRequest.getPerson(), provider.getName(), externalId);
        } else {
            provider.updateCredentials(internalAuth.getId().toString(), payload.getUsername(), payload.getPassword());
        }
    } catch (Exception e) {
        return Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
    }
    // Clear reset request(s)
    List<PasswordResetRequest> passwordResetRequests = passwordResetRequestDAO.listByPerson(resetRequest.getPerson());
    for (PasswordResetRequest passwordResetRequest : passwordResetRequests) {
        passwordResetRequestDAO.delete(passwordResetRequest);
    }
    return Response.noContent().build();
}
Also used : PasswordResetRequest(fi.otavanopisto.pyramus.domainmodel.users.PasswordResetRequest) InternalAuthenticationProvider(fi.otavanopisto.pyramus.plugin.auth.InternalAuthenticationProvider) InternalAuth(fi.otavanopisto.pyramus.domainmodel.users.InternalAuth) UserIdentification(fi.otavanopisto.pyramus.domainmodel.users.UserIdentification) UserEmailInUseException(fi.otavanopisto.pyramus.framework.UserEmailInUseException) Path(javax.ws.rs.Path) RESTPermit(fi.otavanopisto.pyramus.rest.annotation.RESTPermit) POST(javax.ws.rs.POST)

Example 5 with UserIdentification

use of fi.otavanopisto.pyramus.domainmodel.users.UserIdentification in project pyramus by otavanopisto.

the class PersonRESTService method getCredentials.

@Path("/persons/{ID:[0-9]*}/credentials")
@GET
@RESTPermit(handling = Handling.INLINE)
public Response getCredentials(@PathParam("ID") Long id) {
    Person person = personController.findPersonById(id);
    if (person == null) {
        return Response.status(Status.NOT_FOUND).build();
    }
    if (!restSecurity.hasPermission(new String[] { PersonPermissions.FIND_USERNAME })) {
        // Check that logged in user is the same we're modifying
        User user = sessionController.getUser();
        // User needs to be logged in for password change
        if (user == null) {
            return Response.status(Status.UNAUTHORIZED).build();
        }
        // Persons must match
        if (!user.getPerson().getId().equals(person.getId())) {
            return Response.status(Status.FORBIDDEN).build();
        }
        if (!restSecurity.hasPermission(new String[] { PersonPermissions.PERSON_OWNER }, person, Style.OR)) {
            return Response.status(Status.FORBIDDEN).build();
        }
    }
    // TODO: Support for multiple internal authentication providers
    List<InternalAuthenticationProvider> internalAuthenticationProviders = AuthenticationProviderVault.getInstance().getInternalAuthenticationProviders();
    if (internalAuthenticationProviders.size() == 1) {
        InternalAuthenticationProvider internalAuthenticationProvider = internalAuthenticationProviders.get(0);
        if (internalAuthenticationProvider != null) {
            UserIdentification userIdentification = userIdentificationDAO.findByAuthSourceAndPerson(internalAuthenticationProvider.getName(), person);
            String username = null;
            if (userIdentification != null) {
                username = internalAuthenticationProvider.getUsername(userIdentification.getExternalId());
            }
            UserCredentials credentials = new UserCredentials(null, username, null);
            return Response.ok(credentials).build();
        }
    }
    return Response.status(Status.NOT_FOUND).build();
}
Also used : User(fi.otavanopisto.pyramus.domainmodel.users.User) InternalAuthenticationProvider(fi.otavanopisto.pyramus.plugin.auth.InternalAuthenticationProvider) UserCredentials(fi.otavanopisto.pyramus.rest.model.UserCredentials) Person(fi.otavanopisto.pyramus.domainmodel.base.Person) UserIdentification(fi.otavanopisto.pyramus.domainmodel.users.UserIdentification) Path(javax.ws.rs.Path) RESTPermit(fi.otavanopisto.pyramus.rest.annotation.RESTPermit) GET(javax.ws.rs.GET)

Aggregations

UserIdentification (fi.otavanopisto.pyramus.domainmodel.users.UserIdentification)20 UserIdentificationDAO (fi.otavanopisto.pyramus.dao.users.UserIdentificationDAO)11 InternalAuthenticationProvider (fi.otavanopisto.pyramus.plugin.auth.InternalAuthenticationProvider)11 Person (fi.otavanopisto.pyramus.domainmodel.base.Person)7 InternalAuth (fi.otavanopisto.pyramus.domainmodel.users.InternalAuth)7 InternalAuthDAO (fi.otavanopisto.pyramus.dao.users.InternalAuthDAO)5 StaffMemberDAO (fi.otavanopisto.pyramus.dao.users.StaffMemberDAO)5 StaffMember (fi.otavanopisto.pyramus.domainmodel.users.StaffMember)5 SmvcRuntimeException (fi.internetix.smvc.SmvcRuntimeException)4 ContactTypeDAO (fi.otavanopisto.pyramus.dao.base.ContactTypeDAO)4 PersonDAO (fi.otavanopisto.pyramus.dao.base.PersonDAO)4 UserVariableDAO (fi.otavanopisto.pyramus.dao.users.UserVariableDAO)4 ContactType (fi.otavanopisto.pyramus.domainmodel.base.ContactType)4 Tag (fi.otavanopisto.pyramus.domainmodel.base.Tag)4 User (fi.otavanopisto.pyramus.domainmodel.users.User)4 RESTPermit (fi.otavanopisto.pyramus.rest.annotation.RESTPermit)4 Path (javax.ws.rs.Path)4 ApplicationDAO (fi.otavanopisto.pyramus.dao.application.ApplicationDAO)3 Application (fi.otavanopisto.pyramus.domainmodel.application.Application)3 AddressDAO (fi.otavanopisto.pyramus.dao.base.AddressDAO)2