use of io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup in project datarouter by hotpads.
the class DatarouterUserService method assertUserDoesNotExist.
public void assertUserDoesNotExist(Long id, String userToken, String username) {
DatarouterUser userWithId = getUserById(id);
if (userWithId != null) {
throw new IllegalArgumentException("DatarouterUser already exists with id=" + id);
}
DatarouterUser userWithUserToken = nodes.getByUserToken(new DatarouterUserByUserTokenLookup(userToken));
if (userWithUserToken != null) {
throw new IllegalArgumentException("DatarouterUser already exists with userToken=" + userToken);
}
DatarouterUser userWithEmail = nodes.getByUsername(new DatarouterUserByUsernameLookup(username));
if (userWithEmail != null) {
throw new IllegalArgumentException("DatarouterUser already exists with username=" + username);
}
}
use of io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup in project datarouter by hotpads.
the class AdminEditUserHandler method updateUserDetails.
// TODO DATAROUTER-2759 make this work without DatarouterUser
@Handler
private EditUserDetailsDto updateUserDetails(@RequestBody EditUserDetailsDto dto) {
if (dto == null || StringTool.isNullOrEmptyOrWhitespace(dto.username) || dto.currentAccounts == null || dto.currentRoles == null) {
return new EditUserDetailsDto("Invalid request.");
}
DatarouterUser currentUser = getCurrentUser();
DatarouterUser userToEdit = datarouterUserDao.getByUsername(new DatarouterUserByUsernameLookup(dto.username));
if (!userToEdit.isEnabled()) {
return new EditUserDetailsDto("This user is not editable.");
}
if (!checkEditPermission(currentUser, userToEdit, datarouterUserService::canEditUser)) {
return null;
}
Set<Role> requestedUserRoles = Scanner.of(dto.currentRoles.entrySet()).include(Entry::getValue).map(Entry::getKey).map(roleManager::getRoleFromPersistentString).collect(HashSet::new);
Set<DatarouterAccountKey> requestedAccounts = Scanner.of(dto.currentAccounts.entrySet()).include(Entry::getValue).map(Entry::getKey).map(DatarouterAccountKey::new).collect(HashSet::new);
datarouterUserEditService.editUser(userToEdit, currentUser, requestedUserRoles, null, getSigninUrl(), requestedAccounts, Optional.ofNullable(dto.currentZoneId).map(ZoneId::of), Optional.empty());
return getEditUserDetailsDto(dto.username);
}
use of io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup in project datarouter by hotpads.
the class AdminEditUserHandler method updatePassword.
// TODO DATAROUTER-2759 make this work without DatarouterUser
@Handler
private EditUserDetailsDto updatePassword(@RequestBody UpdatePasswordRequestDto dto) {
if (dto == null || StringTool.isNullOrEmptyOrWhitespace(dto.username) || StringTool.isNullOrEmptyOrWhitespace(dto.newPassword)) {
return new EditUserDetailsDto("Invalid request.");
}
DatarouterUser editor = getCurrentUser();
DatarouterUser userToEdit = datarouterUserDao.getByUsername(new DatarouterUserByUsernameLookup(dto.username));
if (!checkEditPermission(editor, userToEdit, datarouterUserService::canEditUserPassword)) {
return null;
}
if (!datarouterUserService.canHavePassword(userToEdit)) {
return new EditUserDetailsDto("This user is externally authenticated and cannot have a password.");
}
datarouterUserEditService.changePassword(userToEdit, editor, dto.newPassword, getSigninUrl());
return getEditUserDetailsDto(userToEdit.getUsername());
}
use of io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup in project datarouter by hotpads.
the class AdminEditUserHandler method editUser.
// TODO DATAROUTER-2759 make this work without DatarouterUser
@Handler
private Mav editUser() {
DatarouterUser currentUser = getCurrentUser();
DatarouterUser userToEdit = params.optional("username").map(DatarouterUserByUsernameLookup::new).map(datarouterUserDao::getByUsername).orElseGet(() -> {
Optional<Long> optionalUserId = params.optionalLong("userId");
if (optionalUserId.isPresent()) {
// TODO DATAROUTER-2788? consider what to display, since this breaks the page
return optionalUserId.map(datarouterUserService::getUserById).get();
}
return currentUser;
});
if (!checkEditPermission(currentUser, userToEdit, datarouterUserService::canEditUser)) {
return null;
}
return getReactMav("Datarouter - Edit User " + userToEdit.getUsername(), Optional.of(userToEdit.getUsername()));
}
use of io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup in project datarouter by hotpads.
the class AdminEditUserHandler method copyUser.
@Handler
private EditUserDetailsDto copyUser(String oldUsername, String newUsername) {
if (StringTool.isNullOrEmptyOrWhitespace(oldUsername) || StringTool.isNullOrEmptyOrWhitespace(newUsername)) {
return new EditUserDetailsDto("Invalid request.");
}
DatarouterUser editor = getCurrentUser();
DatarouterUser oldUser = datarouterUserDao.getByUsername(new DatarouterUserByUsernameLookup(oldUsername));
if (editor.getUsername().equals(oldUser.getUsername())) {
return new EditUserDetailsDto("Cannot copy yourself.");
}
if (!datarouterUserService.canEditUser(editor, oldUser)) {
return new EditUserDetailsDto("Cannot copy user.");
}
Set<Role> requestedRoles;
if (oldUser.isEnabled()) {
requestedRoles = new HashSet<>(oldUser.getRoles());
} else {
// copy roles from deprovisioned user info, if present
requestedRoles = deprovisionedUserDao.find(new DeprovisionedUserKey(oldUsername)).map(DeprovisionedUser::getRoles).orElseGet(HashSet::new);
}
Set<DatarouterAccountKey> requestedAccounts = Scanner.of(datarouterAccountUserService.findAccountNamesForUser(oldUser)).map(DatarouterAccountKey::new).collect(Collectors.toCollection(HashSet::new));
Optional<ZoneId> zoneId = oldUser.getZoneId();
// if newUser exists, do an "edit"; else do a "create" then "edit" (since accounts are not set in "create")
DatarouterUser newUser = datarouterUserDao.getByUsername(new DatarouterUserByUsernameLookup(newUsername));
var description = Optional.of("User copied from " + oldUsername + " by " + editor.getUsername());
if (newUser == null) {
newUser = datarouterUserCreationService.createManualUser(editor, newUsername, null, requestedRoles, true, zoneId, description);
} else {
// preserve existing roles and accounts that are not present on the source user of the copy
requestedRoles.addAll(newUser.getRoles());
Scanner.of(datarouterAccountUserService.findAccountNamesForUser(newUser)).map(DatarouterAccountKey::new).forEach(requestedAccounts::add);
}
var signinUrl = getSigninUrl();
datarouterUserEditService.editUser(newUser, editor, requestedRoles, true, signinUrl, requestedAccounts, zoneId, description);
// add history to user that was copied from
datarouterUserHistoryService.recordMessage(oldUser, editor, "User copied to " + newUsername + " by " + editor.getUsername());
copyUserListener.onCopiedUser(oldUsername, newUsername);
return getEditUserDetailsDto(oldUsername);
}
Aggregations