Example 11 with DatarouterUser
use of io.datarouter.web.user.databean.DatarouterUser in project datarouter by hotpads.
the class DatarouterUserHistoryService method recordDeprovisions.
public void recordDeprovisions(List<DatarouterUser> users, Optional<DatarouterUser> editor) {
Instant time = Instant.now();
Long editorId = editor.map(DatarouterUser::getId).orElse(DatarouterUserCreationService.ADMIN_ID);
Map<Long, DatarouterUserHistory> histories = Scanner.of(users).map(user -> new DatarouterUserHistory(user.getId(), time, editorId, DatarouterUserChangeType.DEPROVISION, "deprovisioned")).flush(baseDatarouterUserHistoryDao::putMulti).toMap(history -> history.getKey().getUserId());
Scanner.of(users).map(DatarouterUser::getId).listTo(permissionRequestDao::scanOpenPermissionRequestsForUsers).map(request -> request.decline(time)).flush(permissionRequestDao::putMulti);
editor.ifPresent(editorUser -> {
users.forEach(user -> sendDeprovisioningEmail(user, histories.get(user.getId()), editorUser));
});
recordProvisioningChangelogs(users, editor, DatarouterUserChangeType.DEPROVISION);
}
Also used :
TagCreator.text(j2html.TagCreator.text)
DatarouterUserChangeType(io.datarouter.auth.storage.userhistory.DatarouterUserHistory.DatarouterUserChangeType)
Scanner(io.datarouter.scanner.Scanner)
DatarouterHtmlEmailService(io.datarouter.web.email.DatarouterHtmlEmailService)
Singleton(javax.inject.Singleton)
Function(java.util.function.Function)
DatarouterUserHistoryKey(io.datarouter.auth.storage.userhistory.DatarouterUserHistoryKey)
ChangelogRecorder(io.datarouter.instrumentation.changelog.ChangelogRecorder)
Inject(javax.inject.Inject)
DatarouterUser(io.datarouter.web.user.databean.DatarouterUser)
Map(java.util.Map)
AdminEmail(io.datarouter.storage.config.properties.AdminEmail)
DatarouterUserHistoryDao(io.datarouter.auth.storage.userhistory.DatarouterUserHistoryDao)
TagCreator.p(j2html.TagCreator.p)
ServerTypeDetector(io.datarouter.storage.servertype.ServerTypeDetector)
DatarouterUserHistory(io.datarouter.auth.storage.userhistory.DatarouterUserHistory)
DatarouterChangelogDtoBuilder(io.datarouter.instrumentation.changelog.ChangelogRecorder.DatarouterChangelogDtoBuilder)
Instant(java.time.Instant)
TagCreator.a(j2html.TagCreator.a)
DatarouterPermissionRequest(io.datarouter.auth.storage.permissionrequest.DatarouterPermissionRequest)
ContainerTag(j2html.tags.ContainerTag)
Objects(java.util.Objects)
List(java.util.List)
DatarouterPermissionRequestDao(io.datarouter.auth.storage.permissionrequest.DatarouterPermissionRequestDao)
DatarouterUserDao(io.datarouter.auth.storage.user.DatarouterUserDao)
PermissionRequestEmailType(io.datarouter.email.type.DatarouterEmailTypes.PermissionRequestEmailType)
Optional(java.util.Optional)
DatarouterChangelogDto(io.datarouter.instrumentation.changelog.ChangelogRecorder.DatarouterChangelogDto)
TagCreator.div(j2html.TagCreator.div)
DatarouterUserHistory(io.datarouter.auth.storage.userhistory.DatarouterUserHistory)
Instant(java.time.Instant)
Example 12 with DatarouterUser
use of io.datarouter.web.user.databean.DatarouterUser in project datarouter by hotpads.
the class DatarouterUserSessionService method signInUserWithRoles.
@Override
public Optional<Session> signInUserWithRoles(HttpServletRequest request, String username, Set<Role> roles) {
DatarouterUser user = cache.get(username).orElse(null);
if (user == null) {
return Optional.empty();
}
if (BooleanTool.isFalseOrNull(user.getEnabled())) {
throw new InvalidCredentialsException("user not enabled (" + username + ")");
}
user.setLastLoggedIn(Instant.now());
user.setRoles(Scanner.concat(roles, user.getRoles()).collect(HashSet::new));
userDao.put(user);
DatarouterSession session = DatarouterSession.createFromUser(user);
sessionDao.put(session);
return Optional.of(session);
}
Also used :
DatarouterUser(io.datarouter.web.user.databean.DatarouterUser)
InvalidCredentialsException(io.datarouter.web.exception.InvalidCredentialsException)
DatarouterSession(io.datarouter.web.user.session.DatarouterSession)
Example 13 with DatarouterUser
use of io.datarouter.web.user.databean.DatarouterUser in project datarouter by hotpads.
the class DatarouterUserDeprovisioningStrategy method doFlagOrDeprovision.
private List<String> doFlagOrDeprovision(List<String> usernames, boolean shouldDeprovision, Optional<String> editorUsername) {
userSessionService.deleteUserSessions(usernames);
List<DeprovisionedUser> deprovisionedUsers = new ArrayList<>();
List<DatarouterUser> users = Scanner.of(usernames).map(DatarouterUserByUsernameLookup::new).listTo(datarouterUserDao::getMultiByUsername);
var deprovisionedUsernames = new ArrayList<String>();
users.forEach(user -> {
deprovisionedUsers.add(new DeprovisionedUser(user.getUsername(), user.getRoles(), shouldDeprovision ? UserDeprovisioningStatus.DEPROVISIONED : UserDeprovisioningStatus.FLAGGED));
user.setRoles(List.of());
user.setEnabled(false);
deprovisionedUsernames.add(user.getUsername());
});
deprovisionedUserDao.putMulti(deprovisionedUsers);
if (shouldDeprovision) {
Optional<DatarouterUser> editor = editorUsername.map(DatarouterUserByUsernameLookup::new).map(datarouterUserDao::getByUsername);
datarouterUserDao.putMulti(users);
datarouterUserHistoryService.recordDeprovisions(users, editor);
}
return deprovisionedUsernames;
}
Also used :
DeprovisionedUser(io.datarouter.auth.storage.deprovisioneduser.DeprovisionedUser)
DatarouterUser(io.datarouter.web.user.databean.DatarouterUser)
ArrayList(java.util.ArrayList)
Example 14 with DatarouterUser
use of io.datarouter.web.user.databean.DatarouterUser in project datarouter by hotpads.
the class AdminEditUserHandler method createUserSubmit.
// TODO DATAROUTER-2786
@Handler
private Mav createUserSubmit() {
if (serverTypeDetector.mightBeProduction()) {
return pageFactory.message(request, "This is not supported on production");
}
DatarouterUser currentUser = getCurrentUser();
if (!roleManager.isAdmin(currentUser.getRoles())) {
handleInvalidRequest();
}
String username = params.required(authenticationConfig.getUsernameParam());
String password = params.required(authenticationConfig.getPasswordParam());
String[] roleStrings = params.optionalArray(authenticationConfig.getUserRolesParam()).orElse(EmptyArray.STRING);
Set<Role> requestedRoles = Arrays.stream(roleStrings).map(roleManager::getRoleFromPersistentString).collect(Collectors.toSet());
boolean enabled = params.optionalBoolean(authenticationConfig.getEnabledParam(), true);
datarouterUserCreationService.createManualUser(currentUser, username, password, requestedRoles, enabled, Optional.empty(), Optional.empty());
return new InContextRedirectMav(request, paths.admin.viewUsers);
}
Also used :
Role(io.datarouter.web.user.session.service.Role)
DatarouterUser(io.datarouter.web.user.databean.DatarouterUser)
InContextRedirectMav(io.datarouter.web.handler.mav.imp.InContextRedirectMav)
BaseHandler(io.datarouter.web.handler.BaseHandler)
Example 15 with DatarouterUser
use of io.datarouter.web.user.databean.DatarouterUser in project datarouter by hotpads.
the class AdminEditUserHandler method updatePassword.
// TODO DATAROUTER-2759 make this work without DatarouterUser
@Handler
private EditUserDetailsDto updatePassword(@RequestBody UpdatePasswordRequestDto dto) {
if (dto == null || StringTool.isNullOrEmptyOrWhitespace(dto.username) || StringTool.isNullOrEmptyOrWhitespace(dto.newPassword)) {
return new EditUserDetailsDto("Invalid request.");
}
DatarouterUser editor = getCurrentUser();
DatarouterUser userToEdit = datarouterUserDao.getByUsername(new DatarouterUserByUsernameLookup(dto.username));
if (!checkEditPermission(editor, userToEdit, datarouterUserService::canEditUserPassword)) {
return null;
}
if (!datarouterUserService.canHavePassword(userToEdit)) {
return new EditUserDetailsDto("This user is externally authenticated and cannot have a password.");
}
datarouterUserEditService.changePassword(userToEdit, editor, dto.newPassword, getSigninUrl());
return getEditUserDetailsDto(userToEdit.getUsername());
}
Also used :
DatarouterUser(io.datarouter.web.user.databean.DatarouterUser)
DatarouterUserByUsernameLookup(io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup)
BaseHandler(io.datarouter.web.handler.BaseHandler)
Aggregations
DatarouterUser (io.datarouter.web.user.databean.DatarouterUser)19
BaseHandler (io.datarouter.web.handler.BaseHandler)9
DatarouterUserByUsernameLookup (io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup)5
DatarouterPermissionRequest (io.datarouter.auth.storage.permissionrequest.DatarouterPermissionRequest)4
InContextRedirectMav (io.datarouter.web.handler.mav.imp.InContextRedirectMav)4
Role (io.datarouter.web.user.session.service.Role)4
Optional (java.util.Optional)4
Inject (javax.inject.Inject)4
DatarouterAccountKey (io.datarouter.auth.storage.account.DatarouterAccountKey)3
DatarouterPermissionRequestDao (io.datarouter.auth.storage.permissionrequest.DatarouterPermissionRequestDao)3
PermissionRequestEmailType (io.datarouter.email.type.DatarouterEmailTypes.PermissionRequestEmailType)3
Scanner (io.datarouter.scanner.Scanner)3
AdminEmail (io.datarouter.storage.config.properties.AdminEmail)3
ServerTypeDetector (io.datarouter.storage.servertype.ServerTypeDetector)3
DatarouterHtmlEmailService (io.datarouter.web.email.DatarouterHtmlEmailService)3
MessageMav (io.datarouter.web.handler.mav.imp.MessageMav)3
HashSet (java.util.HashSet)3
DeprovisionedUser (io.datarouter.auth.storage.deprovisioneduser.DeprovisionedUser)2
DatarouterUserDao (io.datarouter.auth.storage.user.DatarouterUserDao)2
DatarouterUserHistory (io.datarouter.auth.storage.userhistory.DatarouterUserHistory)2
