Search in sources :

Example 1 with DatarouterUserByUsernameLookup

use of io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup in project datarouter by hotpads.

the class DatarouterUserService method assertUserDoesNotExist.

public void assertUserDoesNotExist(Long id, String userToken, String username) {
    DatarouterUser userWithId = getUserById(id);
    if (userWithId != null) {
        throw new IllegalArgumentException("DatarouterUser already exists with id=" + id);
    }
    DatarouterUser userWithUserToken = nodes.getByUserToken(new DatarouterUserByUserTokenLookup(userToken));
    if (userWithUserToken != null) {
        throw new IllegalArgumentException("DatarouterUser already exists with userToken=" + userToken);
    }
    DatarouterUser userWithEmail = nodes.getByUsername(new DatarouterUserByUsernameLookup(username));
    if (userWithEmail != null) {
        throw new IllegalArgumentException("DatarouterUser already exists with username=" + username);
    }
}
Also used : DatarouterUser(io.datarouter.web.user.databean.DatarouterUser) DatarouterUserByUsernameLookup(io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup) DatarouterUserByUserTokenLookup(io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUserTokenLookup)

Example 2 with DatarouterUserByUsernameLookup

use of io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup in project datarouter by hotpads.

the class AdminEditUserHandler method updateUserDetails.

// TODO DATAROUTER-2759 make this work without DatarouterUser
@Handler
private EditUserDetailsDto updateUserDetails(@RequestBody EditUserDetailsDto dto) {
    if (dto == null || StringTool.isNullOrEmptyOrWhitespace(dto.username) || dto.currentAccounts == null || dto.currentRoles == null) {
        return new EditUserDetailsDto("Invalid request.");
    }
    DatarouterUser currentUser = getCurrentUser();
    DatarouterUser userToEdit = datarouterUserDao.getByUsername(new DatarouterUserByUsernameLookup(dto.username));
    if (!userToEdit.isEnabled()) {
        return new EditUserDetailsDto("This user is not editable.");
    }
    if (!checkEditPermission(currentUser, userToEdit, datarouterUserService::canEditUser)) {
        return null;
    }
    Set<Role> requestedUserRoles = Scanner.of(dto.currentRoles.entrySet()).include(Entry::getValue).map(Entry::getKey).map(roleManager::getRoleFromPersistentString).collect(HashSet::new);
    Set<DatarouterAccountKey> requestedAccounts = Scanner.of(dto.currentAccounts.entrySet()).include(Entry::getValue).map(Entry::getKey).map(DatarouterAccountKey::new).collect(HashSet::new);
    datarouterUserEditService.editUser(userToEdit, currentUser, requestedUserRoles, null, getSigninUrl(), requestedAccounts, Optional.ofNullable(dto.currentZoneId).map(ZoneId::of), Optional.empty());
    return getEditUserDetailsDto(dto.username);
}
Also used : Role(io.datarouter.web.user.session.service.Role) DatarouterAccountKey(io.datarouter.auth.storage.account.DatarouterAccountKey) Entry(java.util.Map.Entry) DatarouterUser(io.datarouter.web.user.databean.DatarouterUser) DatarouterUserByUsernameLookup(io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup) HashSet(java.util.HashSet) BaseHandler(io.datarouter.web.handler.BaseHandler)

Example 3 with DatarouterUserByUsernameLookup

use of io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup in project datarouter by hotpads.

the class AdminEditUserHandler method updatePassword.

// TODO DATAROUTER-2759 make this work without DatarouterUser
@Handler
private EditUserDetailsDto updatePassword(@RequestBody UpdatePasswordRequestDto dto) {
    if (dto == null || StringTool.isNullOrEmptyOrWhitespace(dto.username) || StringTool.isNullOrEmptyOrWhitespace(dto.newPassword)) {
        return new EditUserDetailsDto("Invalid request.");
    }
    DatarouterUser editor = getCurrentUser();
    DatarouterUser userToEdit = datarouterUserDao.getByUsername(new DatarouterUserByUsernameLookup(dto.username));
    if (!checkEditPermission(editor, userToEdit, datarouterUserService::canEditUserPassword)) {
        return null;
    }
    if (!datarouterUserService.canHavePassword(userToEdit)) {
        return new EditUserDetailsDto("This user is externally authenticated and cannot have a password.");
    }
    datarouterUserEditService.changePassword(userToEdit, editor, dto.newPassword, getSigninUrl());
    return getEditUserDetailsDto(userToEdit.getUsername());
}
Also used : DatarouterUser(io.datarouter.web.user.databean.DatarouterUser) DatarouterUserByUsernameLookup(io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup) BaseHandler(io.datarouter.web.handler.BaseHandler)

Example 4 with DatarouterUserByUsernameLookup

use of io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup in project datarouter by hotpads.

the class AdminEditUserHandler method editUser.

// TODO DATAROUTER-2759 make this work without DatarouterUser
@Handler
private Mav editUser() {
    DatarouterUser currentUser = getCurrentUser();
    DatarouterUser userToEdit = params.optional("username").map(DatarouterUserByUsernameLookup::new).map(datarouterUserDao::getByUsername).orElseGet(() -> {
        Optional<Long> optionalUserId = params.optionalLong("userId");
        if (optionalUserId.isPresent()) {
            // TODO DATAROUTER-2788? consider what to display, since this breaks the page
            return optionalUserId.map(datarouterUserService::getUserById).get();
        }
        return currentUser;
    });
    if (!checkEditPermission(currentUser, userToEdit, datarouterUserService::canEditUser)) {
        return null;
    }
    return getReactMav("Datarouter - Edit User " + userToEdit.getUsername(), Optional.of(userToEdit.getUsername()));
}
Also used : DatarouterUser(io.datarouter.web.user.databean.DatarouterUser) DatarouterUserByUsernameLookup(io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup) BaseHandler(io.datarouter.web.handler.BaseHandler)

Example 5 with DatarouterUserByUsernameLookup

use of io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup in project datarouter by hotpads.

the class AdminEditUserHandler method copyUser.

@Handler
private EditUserDetailsDto copyUser(String oldUsername, String newUsername) {
    if (StringTool.isNullOrEmptyOrWhitespace(oldUsername) || StringTool.isNullOrEmptyOrWhitespace(newUsername)) {
        return new EditUserDetailsDto("Invalid request.");
    }
    DatarouterUser editor = getCurrentUser();
    DatarouterUser oldUser = datarouterUserDao.getByUsername(new DatarouterUserByUsernameLookup(oldUsername));
    if (editor.getUsername().equals(oldUser.getUsername())) {
        return new EditUserDetailsDto("Cannot copy yourself.");
    }
    if (!datarouterUserService.canEditUser(editor, oldUser)) {
        return new EditUserDetailsDto("Cannot copy user.");
    }
    Set<Role> requestedRoles;
    if (oldUser.isEnabled()) {
        requestedRoles = new HashSet<>(oldUser.getRoles());
    } else {
        // copy roles from deprovisioned user info, if present
        requestedRoles = deprovisionedUserDao.find(new DeprovisionedUserKey(oldUsername)).map(DeprovisionedUser::getRoles).orElseGet(HashSet::new);
    }
    Set<DatarouterAccountKey> requestedAccounts = Scanner.of(datarouterAccountUserService.findAccountNamesForUser(oldUser)).map(DatarouterAccountKey::new).collect(Collectors.toCollection(HashSet::new));
    Optional<ZoneId> zoneId = oldUser.getZoneId();
    // if newUser exists, do an "edit"; else do a "create" then "edit" (since accounts are not set in "create")
    DatarouterUser newUser = datarouterUserDao.getByUsername(new DatarouterUserByUsernameLookup(newUsername));
    var description = Optional.of("User copied from " + oldUsername + " by " + editor.getUsername());
    if (newUser == null) {
        newUser = datarouterUserCreationService.createManualUser(editor, newUsername, null, requestedRoles, true, zoneId, description);
    } else {
        // preserve existing roles and accounts that are not present on the source user of the copy
        requestedRoles.addAll(newUser.getRoles());
        Scanner.of(datarouterAccountUserService.findAccountNamesForUser(newUser)).map(DatarouterAccountKey::new).forEach(requestedAccounts::add);
    }
    var signinUrl = getSigninUrl();
    datarouterUserEditService.editUser(newUser, editor, requestedRoles, true, signinUrl, requestedAccounts, zoneId, description);
    // add history to user that was copied from
    datarouterUserHistoryService.recordMessage(oldUser, editor, "User copied to " + newUsername + " by " + editor.getUsername());
    copyUserListener.onCopiedUser(oldUsername, newUsername);
    return getEditUserDetailsDto(oldUsername);
}
Also used : DeprovisionedUserKey(io.datarouter.auth.storage.deprovisioneduser.DeprovisionedUserKey) DatarouterUser(io.datarouter.web.user.databean.DatarouterUser) ZoneId(java.time.ZoneId) DatarouterUserByUsernameLookup(io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup) Role(io.datarouter.web.user.session.service.Role) DatarouterAccountKey(io.datarouter.auth.storage.account.DatarouterAccountKey) DeprovisionedUser(io.datarouter.auth.storage.deprovisioneduser.DeprovisionedUser) BaseHandler(io.datarouter.web.handler.BaseHandler)

Aggregations

DatarouterUser (io.datarouter.web.user.databean.DatarouterUser)5 DatarouterUserByUsernameLookup (io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup)5 BaseHandler (io.datarouter.web.handler.BaseHandler)4 DatarouterAccountKey (io.datarouter.auth.storage.account.DatarouterAccountKey)2 Role (io.datarouter.web.user.session.service.Role)2 DeprovisionedUser (io.datarouter.auth.storage.deprovisioneduser.DeprovisionedUser)1 DeprovisionedUserKey (io.datarouter.auth.storage.deprovisioneduser.DeprovisionedUserKey)1 DatarouterUserByUserTokenLookup (io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUserTokenLookup)1 ZoneId (java.time.ZoneId)1 HashSet (java.util.HashSet)1 Entry (java.util.Map.Entry)1