Example 1 with UserDetailsImpl
use of gemma.gsec.authentication.UserDetailsImpl in project Gemma by PavlidisLab.
the class UserManagerImpl method loadUserByUsername.
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {
User user = this.loadUser(username);
Set<GrantedAuthority> dbAuthsSet = new HashSet<>();
if (enableAuthorities) {
dbAuthsSet.addAll(this.loadUserAuthorities(user.getUserName()));
}
if (enableGroups) {
dbAuthsSet.addAll(this.loadGroupAuthorities(user));
}
if (dbAuthsSet.isEmpty()) {
throw new UsernameNotFoundException("User " + username + " has no GrantedAuthority");
}
List<GrantedAuthority> dbAuths = new ArrayList<>(dbAuthsSet);
return this.createUserDetails(username, new UserDetailsImpl(user), dbAuths);
}
Also used :
UsernameNotFoundException(org.springframework.security.core.userdetails.UsernameNotFoundException)
UserDetailsImpl(gemma.gsec.authentication.UserDetailsImpl)
User(gemma.gsec.model.User)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
Example 2 with UserDetailsImpl
use of gemma.gsec.authentication.UserDetailsImpl in project Gemma by PavlidisLab.
the class UserManagerImpl method createUser.
@Override
@Secured({ "IS_AUTHENTICATED_ANONYMOUSLY", "RUN_AS_ADMIN" })
@Transactional
public void createUser(UserDetails user) {
/*
* UserDetails is not an entity, so this method is not directly managed by the Audit or ACL advice. However, it
* runs in a transaction and calls two service methods which are intercepted. This means it is intercepted
* before the transaction is flushed.
*/
this.validateUserName(user.getUsername());
User u = ubic.gemma.model.common.auditAndSecurity.User.Factory.newInstance();
u.setUserName(user.getUsername());
u.setPassword(user.getPassword());
u.setEnabled(user.isEnabled());
if (user instanceof UserDetailsImpl) {
u.setSignupToken(((UserDetailsImpl) user).getSignupToken());
u.setSignupTokenDatestamp(((UserDetailsImpl) user).getSignupTokenDatestamp());
}
if (user instanceof UserDetailsImpl) {
u.setEmail(((UserDetailsImpl) user).getEmail());
}
try {
u = userService.create(u);
} catch (UserExistsException e) {
throw new RuntimeException(e);
}
// Add the user to the default user group.
UserGroup g = this.loadGroup(AuthorityConstants.USER_GROUP_NAME);
userService.addUserToGroup(g, u);
/*
* We don't log the user in automatically, because we require that new users click a confirmation link in an
* email.
*/
}
Also used :
UserDetailsImpl(gemma.gsec.authentication.UserDetailsImpl)
UserExistsException(gemma.gsec.authentication.UserExistsException)
User(gemma.gsec.model.User)
UserGroup(gemma.gsec.model.UserGroup)
Secured(org.springframework.security.access.annotation.Secured)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 3 with UserDetailsImpl
use of gemma.gsec.authentication.UserDetailsImpl in project Gemma by PavlidisLab.
the class PrincipalTest method before.
@Before
public void before() {
pwd = this.randomName();
username = this.randomName();
email = username + "@foo.foo";
if (!userManager.userExists(username)) {
String encodedPassword = passwordEncoder.encodePassword(pwd, username);
UserDetailsImpl u = new UserDetailsImpl(encodedPassword, username, true, null, email, null, new Date());
userManager.createUser(u);
}
}
Also used :
UserDetailsImpl(gemma.gsec.authentication.UserDetailsImpl)
Date(java.util.Date)
Before(org.junit.Before)
Example 4 with UserDetailsImpl
use of gemma.gsec.authentication.UserDetailsImpl in project Gemma by PavlidisLab.
the class AclAuthorizationTest method setup.
@Before
public void setup() {
arrayDesign = ArrayDesign.Factory.newInstance();
arrayDesign.setName(arrayDesignName);
arrayDesign.setShortName(arrayDesignName);
arrayDesign.setDescription("A test ArrayDesign from " + this.getClass().getName());
arrayDesign.setPrimaryTaxon(this.getTaxon("mouse"));
CompositeSequence cs1 = CompositeSequence.Factory.newInstance();
cs1.setName(compositeSequenceName1);
CompositeSequence cs2 = CompositeSequence.Factory.newInstance();
cs2.setName(compositeSequenceName2);
Collection<CompositeSequence> col = new HashSet<>();
col.add(cs1);
col.add(cs2);
cs1.setArrayDesign(arrayDesign);
cs2.setArrayDesign(arrayDesign);
arrayDesign.setCompositeSequences(col);
// persister helper
arrayDesign = (ArrayDesign) persisterHelper.persist(arrayDesign);
try {
userManager.loadUserByUsername(aDifferentUsername);
} catch (UsernameNotFoundException e) {
userManager.createUser(new UserDetailsImpl("foo", aDifferentUsername, true, null, RandomStringUtils.randomAlphabetic(10) + "@gmail.com", "key", new Date()));
}
}
Also used :
UsernameNotFoundException(org.springframework.security.core.userdetails.UsernameNotFoundException)
UserDetailsImpl(gemma.gsec.authentication.UserDetailsImpl)
CompositeSequence(ubic.gemma.model.expression.designElement.CompositeSequence)
Date(java.util.Date)
HashSet(java.util.HashSet)
Before(org.junit.Before)
Example 5 with UserDetailsImpl
use of gemma.gsec.authentication.UserDetailsImpl in project Gemma by PavlidisLab.
the class UserFormMultiActionController method editUser.
/**
* Entry point for updates.
*/
@RequestMapping("/editUser.html")
public void editUser(HttpServletRequest request, HttpServletResponse response) throws Exception {
String email = request.getParameter("email");
String password = request.getParameter("password");
String passwordConfirm = request.getParameter("passwordConfirm");
String oldPassword = request.getParameter("oldpassword");
/*
* I had this idea we could let users change their user names, but this turns out to be a PITA.
*/
String originalUserName = request.getParameter("username");
String jsonText = null;
JSONUtil jsonUtil = new JSONUtil(request, response);
try {
/*
* Pulling username out of security context to ensure users are logged in and can only update themselves.
*/
String username = SecurityContextHolder.getContext().getAuthentication().getName();
if (!username.equals(originalUserName)) {
throw new RuntimeException("You must be logged in to edit your profile.");
}
UserDetailsImpl user = (UserDetailsImpl) userManager.loadUserByUsername(username);
boolean changed = false;
if (StringUtils.isNotBlank(email) && !user.getEmail().equals(email)) {
if (!EmailValidator.getInstance().isValid(email)) {
jsonText = "{success:false,message:'The email address does not look valid'}";
jsonUtil.writeToResponse(jsonText);
return;
}
user.setEmail(email);
changed = true;
}
if (password.length() > 0) {
if (!StringUtils.equals(password, passwordConfirm)) {
throw new RuntimeException("Passwords do not match.");
}
String encryptedPassword = passwordEncoder.encodePassword(password, user.getUsername());
userManager.changePassword(oldPassword, encryptedPassword);
}
if (changed) {
userManager.updateUser(user);
}
saveMessage(request, "Changes saved.");
jsonText = "{success:true}";
} catch (Exception e) {
log.error(e.getLocalizedMessage());
jsonText = jsonUtil.getJSONErrorMessage(e);
log.info(jsonText);
} finally {
jsonUtil.writeToResponse(jsonText);
}
}
Also used :
UserDetailsImpl(gemma.gsec.authentication.UserDetailsImpl)
JSONUtil(gemma.gsec.util.JSONUtil)
IOException(java.io.IOException)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Aggregations
UserDetailsImpl (gemma.gsec.authentication.UserDetailsImpl)15
Date (java.util.Date)7
UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)5
User (gemma.gsec.model.User)4
Before (org.junit.Before)4
Secured (org.springframework.security.access.annotation.Secured)3
JSONUtil (gemma.gsec.util.JSONUtil)2
Test (org.junit.Test)2
UserDetails (org.springframework.security.core.userdetails.UserDetails)2
Transactional (org.springframework.transaction.annotation.Transactional)2
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2
BaseSpringContextTest (ubic.gemma.core.testing.BaseSpringContextTest)2
UserExistsException (gemma.gsec.authentication.UserExistsException)1
UserGroup (gemma.gsec.model.UserGroup)1
IOException (java.io.IOException)1
HashSet (java.util.HashSet)1
ExecutorService (java.util.concurrent.ExecutorService)1
GrantedAuthority (org.springframework.security.core.GrantedAuthority)1
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)1
ExecutingTask (ubic.gemma.core.job.executor.common.ExecutingTask)1
