use of fi.otavanopisto.pyramus.plugin.auth.InternalAuthenticationProvider in project pyramus by otavanopisto.
the class CreateCredentialsJSONRequestController method process.
public void process(JSONRequestContext requestContext) {
// Validation of request data and basic necessities
String applicationId = StringUtils.trim(requestContext.getString("applicationId"));
String credentialToken = StringUtils.trim(requestContext.getString("token"));
String username = StringUtils.trim(requestContext.getString("username"));
String password = StringUtils.trim(requestContext.getString("password"));
List<InternalAuthenticationProvider> providers = AuthenticationProviderVault.getInstance().getInternalAuthenticationProviders();
InternalAuthenticationProvider provider = providers.size() == 1 ? providers.get(0) : null;
if (provider == null || !provider.canUpdateCredentials() || StringUtils.isAnyBlank(applicationId, username, password, credentialToken)) {
fail(requestContext, "Sisäinen virhe");
return;
}
// Validate application
ApplicationDAO applicationDAO = DAOFactory.getInstance().getApplicationDAO();
Application application = applicationDAO.findByApplicationId(applicationId);
if (application == null || application.getStudent() == null || !StringUtils.equals(credentialToken, application.getCredentialToken())) {
fail(requestContext, "Hakemus ei mahdollista tunnusten luontia");
return;
}
// Validate student
Person person = application.getStudent().getPerson();
InternalAuthDAO internalAuthDAO = DAOFactory.getInstance().getInternalAuthDAO();
UserIdentificationDAO userIdentificationDAO = DAOFactory.getInstance().getUserIdentificationDAO();
UserIdentification userIdentification = userIdentificationDAO.findByAuthSourceAndPerson(provider.getName(), person);
if (userIdentification != null) {
fail(requestContext, "Käyttäjätilillä on jo tunnukset");
return;
}
InternalAuth internalAuth = internalAuthDAO.findByUsername(username);
if (internalAuth != null) {
fail(requestContext, "Valittu käyttäjätunnus on jo varattu");
return;
}
String externalId = provider.createCredentials(username, password);
userIdentificationDAO.create(person, provider.getName(), externalId);
requestContext.addResponseParameter("status", "OK");
}
use of fi.otavanopisto.pyramus.plugin.auth.InternalAuthenticationProvider in project pyramus by otavanopisto.
the class EditStudentViewController method process.
public void process(PageRequestContext pageRequestContext) {
StudentDAO studentDAO = DAOFactory.getInstance().getStudentDAO();
PersonDAO personDAO = DAOFactory.getInstance().getPersonDAO();
StudentActivityTypeDAO studentActivityTypeDAO = DAOFactory.getInstance().getStudentActivityTypeDAO();
StudentEducationalLevelDAO studentEducationalLevelDAO = DAOFactory.getInstance().getStudentEducationalLevelDAO();
StudentExaminationTypeDAO studentExaminationTypeDAO = DAOFactory.getInstance().getStudentExaminationTypeDAO();
StudentStudyEndReasonDAO studyEndReasonDAO = DAOFactory.getInstance().getStudentStudyEndReasonDAO();
UserVariableKeyDAO userVariableKeyDAO = DAOFactory.getInstance().getUserVariableKeyDAO();
UserVariableDAO userVariableDAO = DAOFactory.getInstance().getUserVariableDAO();
StudyProgrammeDAO studyProgrammeDAO = DAOFactory.getInstance().getStudyProgrammeDAO();
MunicipalityDAO municipalityDAO = DAOFactory.getInstance().getMunicipalityDAO();
NationalityDAO nationalityDAO = DAOFactory.getInstance().getNationalityDAO();
SchoolDAO schoolDAO = DAOFactory.getInstance().getSchoolDAO();
LanguageDAO languageDAO = DAOFactory.getInstance().getLanguageDAO();
ContactTypeDAO contactTypeDAO = DAOFactory.getInstance().getContactTypeDAO();
ContactURLTypeDAO contactURLTypeDAO = DAOFactory.getInstance().getContactURLTypeDAO();
CreditLinkDAO creditLinkDAO = DAOFactory.getInstance().getCreditLinkDAO();
CourseAssessmentDAO courseAssessmentDAO = DAOFactory.getInstance().getCourseAssessmentDAO();
TransferCreditDAO transferCreditDAO = DAOFactory.getInstance().getTransferCreditDAO();
UserIdentificationDAO userIdentificationDAO = DAOFactory.getInstance().getUserIdentificationDAO();
UserDAO userDAO = DAOFactory.getInstance().getUserDAO();
CurriculumDAO curriculumDAO = DAOFactory.getInstance().getCurriculumDAO();
StudentLodgingPeriodDAO studentLodgingPeriodDAO = DAOFactory.getInstance().getStudentLodgingPeriodDAO();
PersonVariableKeyDAO personVariableKeyDAO = DAOFactory.getInstance().getPersonVariableKeyDAO();
PersonVariableDAO personVariableDAO = DAOFactory.getInstance().getPersonVariableDAO();
StudentStudyPeriodDAO studentStudyPeriodDAO = DAOFactory.getInstance().getStudentStudyPeriodDAO();
StaffMemberDAO staffMemberDAO = DAOFactory.getInstance().getStaffMemberDAO();
Locale locale = pageRequestContext.getRequest().getLocale();
User loggedUser = userDAO.findById(pageRequestContext.getLoggedUserId());
Long personId = pageRequestContext.getLong("person");
Person person = personDAO.findById(personId);
List<Student> students = UserUtils.canAccessAllOrganizations(loggedUser) ? studentDAO.listByPerson(person) : studentDAO.listByPersonAndOrganization(person, loggedUser.getOrganization());
Collections.sort(students, new Comparator<Student>() {
@Override
public int compare(Student o1, Student o2) {
/**
* Ordering study programmes as follows
* 1. studies that have start date but no end date (ongoing)
* 2. studies that have no start nor end date
* 3. studies that have ended
* 4. studies that are archived
* 5. other
*/
int o1class = (o1.getArchived()) ? 4 : (o1.getStudyStartDate() != null && o1.getStudyEndDate() == null) ? 1 : (o1.getStudyStartDate() == null && o1.getStudyEndDate() == null) ? 2 : (o1.getStudyEndDate() != null) ? 3 : 5;
int o2class = (o2.getArchived()) ? 4 : (o2.getStudyStartDate() != null && o2.getStudyEndDate() == null) ? 1 : (o2.getStudyStartDate() == null && o2.getStudyEndDate() == null) ? 2 : (o2.getStudyEndDate() != null) ? 3 : 5;
if (o1class == o2class) {
// classes are the same, we try to do last comparison from the start dates
return ((o1.getStudyStartDate() != null) && (o2.getStudyStartDate() != null)) ? o2.getStudyStartDate().compareTo(o1.getStudyStartDate()) : 0;
} else
return o1class < o2class ? -1 : o1class == o2class ? 0 : 1;
}
});
Map<Long, String> studentTags = new HashMap<>();
Map<Long, Boolean> studentHasCredits = new HashMap<>();
List<UserVariableKey> userVariableKeys = userVariableKeyDAO.listByUserEditable(Boolean.TRUE);
Collections.sort(userVariableKeys, new StringAttributeComparator("getVariableName"));
JSONObject studentLodgingPeriods = new JSONObject();
JSONObject studentStudyPeriodsJSON = new JSONObject();
for (Student student : students) {
StringBuilder tagsBuilder = new StringBuilder();
Iterator<Tag> tagIterator = student.getTags().iterator();
while (tagIterator.hasNext()) {
Tag tag = tagIterator.next();
tagsBuilder.append(tag.getText());
if (tagIterator.hasNext())
tagsBuilder.append(' ');
}
studentTags.put(student.getId(), tagsBuilder.toString());
studentHasCredits.put(student.getId(), creditLinkDAO.countByStudent(student) + courseAssessmentDAO.countByStudent(student) + transferCreditDAO.countByStudent(student) > 0);
JSONArray variables = new JSONArray();
for (UserVariableKey userVariableKey : userVariableKeys) {
UserVariable userVariable = userVariableDAO.findByUserAndVariableKey(student, userVariableKey);
JSONObject variable = new JSONObject();
variable.put("type", userVariableKey.getVariableType());
variable.put("name", userVariableKey.getVariableName());
variable.put("key", userVariableKey.getVariableKey());
variable.put("value", userVariable != null ? userVariable.getValue() : "");
variables.add(variable);
}
setJsDataVariable(pageRequestContext, "variables." + student.getId(), variables.toString());
List<StudentLodgingPeriod> studentLodgingPeriodEntities = studentLodgingPeriodDAO.listByStudent(student);
studentLodgingPeriodEntities.sort(Comparator.comparing(StudentLodgingPeriod::getBegin, Comparator.nullsLast(Comparator.naturalOrder())));
JSONArray lodgingPeriods = new JSONArray();
for (StudentLodgingPeriod period : studentLodgingPeriodEntities) {
JSONObject periodJSON = new JSONObject();
periodJSON.put("id", period.getId());
periodJSON.put("begin", period.getBegin() != null ? period.getBegin().getTime() : null);
periodJSON.put("end", period.getEnd() != null ? period.getEnd().getTime() : null);
lodgingPeriods.add(periodJSON);
}
if (!lodgingPeriods.isEmpty()) {
studentLodgingPeriods.put(student.getId(), lodgingPeriods);
}
List<StudentStudyPeriod> studyPeriods = studentStudyPeriodDAO.listByStudent(student);
studyPeriods.sort(Comparator.comparing(StudentStudyPeriod::getBegin, Comparator.nullsLast(Comparator.naturalOrder())));
JSONArray studyPeriodsJSON = new JSONArray();
for (StudentStudyPeriod studyPeriod : studyPeriods) {
JSONObject periodJSON = new JSONObject();
periodJSON.put("id", studyPeriod.getId());
periodJSON.put("begin", studyPeriod.getBegin() != null ? studyPeriod.getBegin().getTime() : null);
periodJSON.put("end", studyPeriod.getEnd() != null ? studyPeriod.getEnd().getTime() : null);
periodJSON.put("type", studyPeriod.getPeriodType());
studyPeriodsJSON.add(periodJSON);
}
if (!studyPeriodsJSON.isEmpty()) {
studentStudyPeriodsJSON.put(student.getId(), studyPeriodsJSON);
}
}
setJsDataVariable(pageRequestContext, "studentLodgingPeriods", studentLodgingPeriods.toString());
setJsDataVariable(pageRequestContext, "studentStudyPeriods", studentStudyPeriodsJSON.toString());
List<PersonVariableKey> personVariableKeys = personVariableKeyDAO.listUserEditablePersonVariableKeys();
Collections.sort(personVariableKeys, new StringAttributeComparator("getVariableName"));
JSONArray personVariablesJSON = new JSONArray();
for (PersonVariableKey personVariableKey : personVariableKeys) {
PersonVariable personVariable = personVariableDAO.findByPersonAndVariableKey(person, personVariableKey);
JSONObject personVariableJSON = new JSONObject();
personVariableJSON.put("type", personVariableKey.getVariableType());
personVariableJSON.put("name", personVariableKey.getVariableName());
personVariableJSON.put("key", personVariableKey.getVariableKey());
personVariableJSON.put("value", personVariable != null ? personVariable.getValue() : "");
personVariablesJSON.add(personVariableJSON);
}
setJsDataVariable(pageRequestContext, "personVariables", personVariablesJSON.toString());
List<Nationality> nationalities = nationalityDAO.listUnarchived();
Collections.sort(nationalities, new StringAttributeComparator("getName"));
List<Municipality> municipalities = municipalityDAO.listUnarchived();
Collections.sort(municipalities, new StringAttributeComparator("getName"));
List<Language> languages = languageDAO.listUnarchived();
Collections.sort(languages, new StringAttributeComparator("getName"));
List<School> schools = schoolDAO.listUnarchived();
Collections.sort(schools, new StringAttributeComparator("getName"));
List<ContactURLType> contactURLTypes = contactURLTypeDAO.listUnarchived();
Collections.sort(contactURLTypes, new StringAttributeComparator("getName"));
List<ContactType> contactTypes = contactTypeDAO.listUnarchived();
Collections.sort(contactTypes, new StringAttributeComparator("getName"));
String username = "";
boolean hasInternalAuthenticationStrategies = AuthenticationProviderVault.getInstance().hasInternalStrategies();
if (UserUtils.allowEditCredentials(loggedUser, person)) {
if (hasInternalAuthenticationStrategies) {
// TODO: Support for multiple internal authentication providers
List<InternalAuthenticationProvider> internalAuthenticationProviders = AuthenticationProviderVault.getInstance().getInternalAuthenticationProviders();
if (internalAuthenticationProviders.size() == 1) {
InternalAuthenticationProvider internalAuthenticationProvider = internalAuthenticationProviders.get(0);
if (internalAuthenticationProvider != null) {
UserIdentification userIdentification = userIdentificationDAO.findByAuthSourceAndPerson(internalAuthenticationProvider.getName(), person);
if (internalAuthenticationProvider.canUpdateCredentials()) {
if (userIdentification != null) {
username = internalAuthenticationProvider.getUsername(userIdentification.getExternalId());
}
}
}
}
}
}
JSONArray studentStudyPeriodTypesJSON = new JSONArray();
for (StudentStudyPeriodType studentStudyPeriodType : StudentStudyPeriodType.values()) {
JSONObject studyPeriodType = new JSONObject();
studyPeriodType.put("id", studentStudyPeriodType.toString());
studyPeriodType.put("displayName", Messages.getInstance().getText(locale, String.format("generic.studentStudyPeriods.%s", studentStudyPeriodType)));
studyPeriodType.put("beginOnly", StudentStudyPeriodType.BEGINDATE_ONLY.contains(studentStudyPeriodType));
studentStudyPeriodTypesJSON.add(studyPeriodType);
}
setJsDataVariable(pageRequestContext, "studentStudyPeriodTypes", studentStudyPeriodTypesJSON.toString());
List<Curriculum> curriculums = curriculumDAO.listUnarchived();
Collections.sort(curriculums, new StringAttributeComparator("getName"));
List<StudyProgramme> studyProgrammes = UserUtils.canAccessAllOrganizations(loggedUser) ? studyProgrammeDAO.listUnarchived() : studyProgrammeDAO.listByOrganization(loggedUser.getOrganization(), Archived.UNARCHIVED);
Collections.sort(studyProgrammes, new StringAttributeComparator("getName"));
List<StaffMember> studyApprovers = staffMemberDAO.listByProperty(StaffMemberProperties.STUDY_APPROVER.getKey(), "1");
// Add study approvers to the list that have been used before so the selections can be persisted
List<StaffMember> selectedStudyApprovers = students.stream().map(student -> student.getStudyApprover()).filter(Objects::nonNull).collect(Collectors.toList());
for (StaffMember selectedStudyApprover : selectedStudyApprovers) {
Long selectedStudyApproverId = selectedStudyApprover.getId();
boolean isSelectedInList = studyApprovers.stream().map(StaffMember::getId).anyMatch(selectedStudyApproverId::equals);
if (!isSelectedInList) {
studyApprovers.add(selectedStudyApprover);
}
}
studyApprovers.sort(Comparator.comparing(StaffMember::getLastName).thenComparing(StaffMember::getFirstName));
readUserVariablePresets(pageRequestContext);
pageRequestContext.getRequest().setAttribute("tags", studentTags);
pageRequestContext.getRequest().setAttribute("person", person);
pageRequestContext.getRequest().setAttribute("students", students);
pageRequestContext.getRequest().setAttribute("activityTypes", studentActivityTypeDAO.listUnarchived());
pageRequestContext.getRequest().setAttribute("contactURLTypes", contactURLTypes);
pageRequestContext.getRequest().setAttribute("contactTypes", contactTypes);
pageRequestContext.getRequest().setAttribute("examinationTypes", studentExaminationTypeDAO.listUnarchived());
pageRequestContext.getRequest().setAttribute("educationalLevels", studentEducationalLevelDAO.listUnarchived());
pageRequestContext.getRequest().setAttribute("nationalities", nationalities);
pageRequestContext.getRequest().setAttribute("municipalities", municipalities);
pageRequestContext.getRequest().setAttribute("languages", languages);
pageRequestContext.getRequest().setAttribute("schools", schools);
pageRequestContext.getRequest().setAttribute("studyProgrammes", studyProgrammes);
pageRequestContext.getRequest().setAttribute("curriculums", curriculums);
pageRequestContext.getRequest().setAttribute("studyEndReasons", studyEndReasonDAO.listByParentReason(null));
pageRequestContext.getRequest().setAttribute("variableKeys", userVariableKeys);
pageRequestContext.getRequest().setAttribute("personVariableKeys", personVariableKeys);
pageRequestContext.getRequest().setAttribute("studentHasCredits", studentHasCredits);
pageRequestContext.getRequest().setAttribute("hasInternalAuthenticationStrategies", hasInternalAuthenticationStrategies);
pageRequestContext.getRequest().setAttribute("username", username);
pageRequestContext.getRequest().setAttribute("allowEditCredentials", UserUtils.allowEditCredentials(loggedUser, person));
pageRequestContext.getRequest().setAttribute("studyApprovers", studyApprovers);
pageRequestContext.setIncludeJSP("/templates/students/editstudent.jsp");
}
use of fi.otavanopisto.pyramus.plugin.auth.InternalAuthenticationProvider in project pyramus by otavanopisto.
the class MuikkuRESTService method resetCredentials.
@Path("/resetCredentials/{HASH}")
@GET
@RESTPermit(MuikkuPermissions.MUIKKU_RESET_CREDENTIALS)
public Response resetCredentials(@PathParam("HASH") String hash) {
// Resolve internal authentication provider
List<InternalAuthenticationProvider> providers = AuthenticationProviderVault.getInstance().getInternalAuthenticationProviders();
InternalAuthenticationProvider provider = providers.size() == 1 ? providers.get(0) : null;
if (provider == null || !provider.canUpdateCredentials()) {
return Response.status(Status.INTERNAL_SERVER_ERROR).entity("Invalid authentication provider").build();
}
// Validate reset request
PasswordResetRequest resetRequest = passwordResetRequestDAO.findBySecret(hash);
if (resetRequest == null || isExpired(resetRequest)) {
return Response.status(Status.NOT_FOUND).build();
}
// Create payload with (possible) username
CredentialResetPayload payload = new CredentialResetPayload();
UserIdentification userIdentification = userIdentificationDAO.findByAuthSourceAndPerson(provider.getName(), resetRequest.getPerson());
if (userIdentification != null) {
InternalAuth internalAuth = internalAuthDAO.findById(Long.valueOf(userIdentification.getExternalId()));
if (internalAuth != null) {
payload.setUsername(internalAuth.getUsername());
}
}
return Response.ok(payload).build();
}
use of fi.otavanopisto.pyramus.plugin.auth.InternalAuthenticationProvider in project pyramus by otavanopisto.
the class MuikkuRESTService method resetCredentials.
@Path("/resetCredentials")
@POST
@RESTPermit(MuikkuPermissions.MUIKKU_RESET_CREDENTIALS)
public Response resetCredentials(@Context HttpServletRequest request, CredentialResetPayload payload) {
// Resolve internal authentication provider
List<InternalAuthenticationProvider> providers = AuthenticationProviderVault.getInstance().getInternalAuthenticationProviders();
InternalAuthenticationProvider provider = providers.size() == 1 ? providers.get(0) : null;
if (provider == null || !provider.canUpdateCredentials()) {
return Response.status(Status.INTERNAL_SERVER_ERROR).entity("Invalid authentication provider").build();
}
// Validate reset request
PasswordResetRequest resetRequest = passwordResetRequestDAO.findBySecret(payload.getSecret());
if (resetRequest == null || isExpired(resetRequest)) {
return Response.status(Status.NOT_FOUND).build();
}
// Validate username uniqueness
InternalAuth internalAuth = internalAuthDAO.findByUsername(payload.getUsername());
if (internalAuth != null) {
UserIdentification userIdentification = userIdentificationDAO.findByAuthSourceAndExternalId(provider.getName(), internalAuth.getId().toString());
if (userIdentification != null) {
if (!userIdentification.getPerson().getId().equals(resetRequest.getPerson().getId())) {
return Response.status(Status.CONFLICT).entity(getMessage(request.getLocale(), "error.usernameInUse")).build();
}
}
} else {
UserIdentification userIdentification = userIdentificationDAO.findByAuthSourceAndPerson(provider.getName(), resetRequest.getPerson());
if (userIdentification != null) {
internalAuth = internalAuthDAO.findById(Long.valueOf(userIdentification.getExternalId()));
}
}
try {
if (internalAuth == null) {
String externalId = provider.createCredentials(payload.getUsername(), payload.getPassword());
userIdentificationDAO.create(resetRequest.getPerson(), provider.getName(), externalId);
} else {
provider.updateCredentials(internalAuth.getId().toString(), payload.getUsername(), payload.getPassword());
}
} catch (Exception e) {
return Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
}
// Clear reset request(s)
List<PasswordResetRequest> passwordResetRequests = passwordResetRequestDAO.listByPerson(resetRequest.getPerson());
for (PasswordResetRequest passwordResetRequest : passwordResetRequests) {
passwordResetRequestDAO.delete(passwordResetRequest);
}
return Response.noContent().build();
}
use of fi.otavanopisto.pyramus.plugin.auth.InternalAuthenticationProvider in project pyramus by otavanopisto.
the class PersonRESTService method getCredentials.
@Path("/persons/{ID:[0-9]*}/credentials")
@GET
@RESTPermit(handling = Handling.INLINE)
public Response getCredentials(@PathParam("ID") Long id) {
Person person = personController.findPersonById(id);
if (person == null) {
return Response.status(Status.NOT_FOUND).build();
}
if (!restSecurity.hasPermission(new String[] { PersonPermissions.FIND_USERNAME })) {
// Check that logged in user is the same we're modifying
User user = sessionController.getUser();
// User needs to be logged in for password change
if (user == null) {
return Response.status(Status.UNAUTHORIZED).build();
}
// Persons must match
if (!user.getPerson().getId().equals(person.getId())) {
return Response.status(Status.FORBIDDEN).build();
}
if (!restSecurity.hasPermission(new String[] { PersonPermissions.PERSON_OWNER }, person, Style.OR)) {
return Response.status(Status.FORBIDDEN).build();
}
}
// TODO: Support for multiple internal authentication providers
List<InternalAuthenticationProvider> internalAuthenticationProviders = AuthenticationProviderVault.getInstance().getInternalAuthenticationProviders();
if (internalAuthenticationProviders.size() == 1) {
InternalAuthenticationProvider internalAuthenticationProvider = internalAuthenticationProviders.get(0);
if (internalAuthenticationProvider != null) {
UserIdentification userIdentification = userIdentificationDAO.findByAuthSourceAndPerson(internalAuthenticationProvider.getName(), person);
String username = null;
if (userIdentification != null) {
username = internalAuthenticationProvider.getUsername(userIdentification.getExternalId());
}
UserCredentials credentials = new UserCredentials(null, username, null);
return Response.ok(credentials).build();
}
}
return Response.status(Status.NOT_FOUND).build();
}
Aggregations