Search in sources :

Example 11 with DatarouterUser

use of io.datarouter.web.user.databean.DatarouterUser in project datarouter by hotpads.

the class DatarouterUserHistoryService method recordDeprovisions.

public void recordDeprovisions(List<DatarouterUser> users, Optional<DatarouterUser> editor) {
    Instant time = Instant.now();
    Long editorId = editor.map(DatarouterUser::getId).orElse(DatarouterUserCreationService.ADMIN_ID);
    Map<Long, DatarouterUserHistory> histories = Scanner.of(users).map(user -> new DatarouterUserHistory(user.getId(), time, editorId, DatarouterUserChangeType.DEPROVISION, "deprovisioned")).flush(baseDatarouterUserHistoryDao::putMulti).toMap(history -> history.getKey().getUserId());
    Scanner.of(users).map(DatarouterUser::getId).listTo(permissionRequestDao::scanOpenPermissionRequestsForUsers).map(request -> request.decline(time)).flush(permissionRequestDao::putMulti);
    editor.ifPresent(editorUser -> {
        users.forEach(user -> sendDeprovisioningEmail(user, histories.get(user.getId()), editorUser));
    });
    recordProvisioningChangelogs(users, editor, DatarouterUserChangeType.DEPROVISION);
}
Also used : TagCreator.text(j2html.TagCreator.text) DatarouterUserChangeType(io.datarouter.auth.storage.userhistory.DatarouterUserHistory.DatarouterUserChangeType) Scanner(io.datarouter.scanner.Scanner) DatarouterHtmlEmailService(io.datarouter.web.email.DatarouterHtmlEmailService) Singleton(javax.inject.Singleton) Function(java.util.function.Function) DatarouterUserHistoryKey(io.datarouter.auth.storage.userhistory.DatarouterUserHistoryKey) ChangelogRecorder(io.datarouter.instrumentation.changelog.ChangelogRecorder) Inject(javax.inject.Inject) DatarouterUser(io.datarouter.web.user.databean.DatarouterUser) Map(java.util.Map) AdminEmail(io.datarouter.storage.config.properties.AdminEmail) DatarouterUserHistoryDao(io.datarouter.auth.storage.userhistory.DatarouterUserHistoryDao) TagCreator.p(j2html.TagCreator.p) ServerTypeDetector(io.datarouter.storage.servertype.ServerTypeDetector) DatarouterUserHistory(io.datarouter.auth.storage.userhistory.DatarouterUserHistory) DatarouterChangelogDtoBuilder(io.datarouter.instrumentation.changelog.ChangelogRecorder.DatarouterChangelogDtoBuilder) Instant(java.time.Instant) TagCreator.a(j2html.TagCreator.a) DatarouterPermissionRequest(io.datarouter.auth.storage.permissionrequest.DatarouterPermissionRequest) ContainerTag(j2html.tags.ContainerTag) Objects(java.util.Objects) List(java.util.List) DatarouterPermissionRequestDao(io.datarouter.auth.storage.permissionrequest.DatarouterPermissionRequestDao) DatarouterUserDao(io.datarouter.auth.storage.user.DatarouterUserDao) PermissionRequestEmailType(io.datarouter.email.type.DatarouterEmailTypes.PermissionRequestEmailType) Optional(java.util.Optional) DatarouterChangelogDto(io.datarouter.instrumentation.changelog.ChangelogRecorder.DatarouterChangelogDto) TagCreator.div(j2html.TagCreator.div) DatarouterUserHistory(io.datarouter.auth.storage.userhistory.DatarouterUserHistory) Instant(java.time.Instant)

Example 12 with DatarouterUser

use of io.datarouter.web.user.databean.DatarouterUser in project datarouter by hotpads.

the class DatarouterUserSessionService method signInUserWithRoles.

@Override
public Optional<Session> signInUserWithRoles(HttpServletRequest request, String username, Set<Role> roles) {
    DatarouterUser user = cache.get(username).orElse(null);
    if (user == null) {
        return Optional.empty();
    }
    if (BooleanTool.isFalseOrNull(user.getEnabled())) {
        throw new InvalidCredentialsException("user not enabled (" + username + ")");
    }
    user.setLastLoggedIn(Instant.now());
    user.setRoles(Scanner.concat(roles, user.getRoles()).collect(HashSet::new));
    userDao.put(user);
    DatarouterSession session = DatarouterSession.createFromUser(user);
    sessionDao.put(session);
    return Optional.of(session);
}
Also used : DatarouterUser(io.datarouter.web.user.databean.DatarouterUser) InvalidCredentialsException(io.datarouter.web.exception.InvalidCredentialsException) DatarouterSession(io.datarouter.web.user.session.DatarouterSession)

Example 13 with DatarouterUser

use of io.datarouter.web.user.databean.DatarouterUser in project datarouter by hotpads.

the class DatarouterUserDeprovisioningStrategy method doFlagOrDeprovision.

private List<String> doFlagOrDeprovision(List<String> usernames, boolean shouldDeprovision, Optional<String> editorUsername) {
    userSessionService.deleteUserSessions(usernames);
    List<DeprovisionedUser> deprovisionedUsers = new ArrayList<>();
    List<DatarouterUser> users = Scanner.of(usernames).map(DatarouterUserByUsernameLookup::new).listTo(datarouterUserDao::getMultiByUsername);
    var deprovisionedUsernames = new ArrayList<String>();
    users.forEach(user -> {
        deprovisionedUsers.add(new DeprovisionedUser(user.getUsername(), user.getRoles(), shouldDeprovision ? UserDeprovisioningStatus.DEPROVISIONED : UserDeprovisioningStatus.FLAGGED));
        user.setRoles(List.of());
        user.setEnabled(false);
        deprovisionedUsernames.add(user.getUsername());
    });
    deprovisionedUserDao.putMulti(deprovisionedUsers);
    if (shouldDeprovision) {
        Optional<DatarouterUser> editor = editorUsername.map(DatarouterUserByUsernameLookup::new).map(datarouterUserDao::getByUsername);
        datarouterUserDao.putMulti(users);
        datarouterUserHistoryService.recordDeprovisions(users, editor);
    }
    return deprovisionedUsernames;
}
Also used : DeprovisionedUser(io.datarouter.auth.storage.deprovisioneduser.DeprovisionedUser) DatarouterUser(io.datarouter.web.user.databean.DatarouterUser) ArrayList(java.util.ArrayList)

Example 14 with DatarouterUser

use of io.datarouter.web.user.databean.DatarouterUser in project datarouter by hotpads.

the class AdminEditUserHandler method createUserSubmit.

// TODO DATAROUTER-2786
@Handler
private Mav createUserSubmit() {
    if (serverTypeDetector.mightBeProduction()) {
        return pageFactory.message(request, "This is not supported on production");
    }
    DatarouterUser currentUser = getCurrentUser();
    if (!roleManager.isAdmin(currentUser.getRoles())) {
        handleInvalidRequest();
    }
    String username = params.required(authenticationConfig.getUsernameParam());
    String password = params.required(authenticationConfig.getPasswordParam());
    String[] roleStrings = params.optionalArray(authenticationConfig.getUserRolesParam()).orElse(EmptyArray.STRING);
    Set<Role> requestedRoles = Arrays.stream(roleStrings).map(roleManager::getRoleFromPersistentString).collect(Collectors.toSet());
    boolean enabled = params.optionalBoolean(authenticationConfig.getEnabledParam(), true);
    datarouterUserCreationService.createManualUser(currentUser, username, password, requestedRoles, enabled, Optional.empty(), Optional.empty());
    return new InContextRedirectMav(request, paths.admin.viewUsers);
}
Also used : Role(io.datarouter.web.user.session.service.Role) DatarouterUser(io.datarouter.web.user.databean.DatarouterUser) InContextRedirectMav(io.datarouter.web.handler.mav.imp.InContextRedirectMav) BaseHandler(io.datarouter.web.handler.BaseHandler)

Example 15 with DatarouterUser

use of io.datarouter.web.user.databean.DatarouterUser in project datarouter by hotpads.

the class AdminEditUserHandler method updatePassword.

// TODO DATAROUTER-2759 make this work without DatarouterUser
@Handler
private EditUserDetailsDto updatePassword(@RequestBody UpdatePasswordRequestDto dto) {
    if (dto == null || StringTool.isNullOrEmptyOrWhitespace(dto.username) || StringTool.isNullOrEmptyOrWhitespace(dto.newPassword)) {
        return new EditUserDetailsDto("Invalid request.");
    }
    DatarouterUser editor = getCurrentUser();
    DatarouterUser userToEdit = datarouterUserDao.getByUsername(new DatarouterUserByUsernameLookup(dto.username));
    if (!checkEditPermission(editor, userToEdit, datarouterUserService::canEditUserPassword)) {
        return null;
    }
    if (!datarouterUserService.canHavePassword(userToEdit)) {
        return new EditUserDetailsDto("This user is externally authenticated and cannot have a password.");
    }
    datarouterUserEditService.changePassword(userToEdit, editor, dto.newPassword, getSigninUrl());
    return getEditUserDetailsDto(userToEdit.getUsername());
}
Also used : DatarouterUser(io.datarouter.web.user.databean.DatarouterUser) DatarouterUserByUsernameLookup(io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup) BaseHandler(io.datarouter.web.handler.BaseHandler)

Aggregations

DatarouterUser (io.datarouter.web.user.databean.DatarouterUser)19 BaseHandler (io.datarouter.web.handler.BaseHandler)9 DatarouterUserByUsernameLookup (io.datarouter.web.user.databean.DatarouterUser.DatarouterUserByUsernameLookup)5 DatarouterPermissionRequest (io.datarouter.auth.storage.permissionrequest.DatarouterPermissionRequest)4 InContextRedirectMav (io.datarouter.web.handler.mav.imp.InContextRedirectMav)4 Role (io.datarouter.web.user.session.service.Role)4 Optional (java.util.Optional)4 Inject (javax.inject.Inject)4 DatarouterAccountKey (io.datarouter.auth.storage.account.DatarouterAccountKey)3 DatarouterPermissionRequestDao (io.datarouter.auth.storage.permissionrequest.DatarouterPermissionRequestDao)3 PermissionRequestEmailType (io.datarouter.email.type.DatarouterEmailTypes.PermissionRequestEmailType)3 Scanner (io.datarouter.scanner.Scanner)3 AdminEmail (io.datarouter.storage.config.properties.AdminEmail)3 ServerTypeDetector (io.datarouter.storage.servertype.ServerTypeDetector)3 DatarouterHtmlEmailService (io.datarouter.web.email.DatarouterHtmlEmailService)3 MessageMav (io.datarouter.web.handler.mav.imp.MessageMav)3 HashSet (java.util.HashSet)3 DeprovisionedUser (io.datarouter.auth.storage.deprovisioneduser.DeprovisionedUser)2 DatarouterUserDao (io.datarouter.auth.storage.user.DatarouterUserDao)2 DatarouterUserHistory (io.datarouter.auth.storage.userhistory.DatarouterUserHistory)2