use of io.datarouter.web.user.databean.DatarouterUser in project datarouter by hotpads.
the class DatarouterUserHistoryService method recordDeprovisions.
public void recordDeprovisions(List<DatarouterUser> users, Optional<DatarouterUser> editor) {
Instant time = Instant.now();
Long editorId = editor.map(DatarouterUser::getId).orElse(DatarouterUserCreationService.ADMIN_ID);
Map<Long, DatarouterUserHistory> histories = Scanner.of(users).map(user -> new DatarouterUserHistory(user.getId(), time, editorId, DatarouterUserChangeType.DEPROVISION, "deprovisioned")).flush(baseDatarouterUserHistoryDao::putMulti).toMap(history -> history.getKey().getUserId());
Scanner.of(users).map(DatarouterUser::getId).listTo(permissionRequestDao::scanOpenPermissionRequestsForUsers).map(request -> request.decline(time)).flush(permissionRequestDao::putMulti);
editor.ifPresent(editorUser -> {
users.forEach(user -> sendDeprovisioningEmail(user, histories.get(user.getId()), editorUser));
});
recordProvisioningChangelogs(users, editor, DatarouterUserChangeType.DEPROVISION);
}
use of io.datarouter.web.user.databean.DatarouterUser in project datarouter by hotpads.
the class DatarouterUserSessionService method signInUserWithRoles.
@Override
public Optional<Session> signInUserWithRoles(HttpServletRequest request, String username, Set<Role> roles) {
DatarouterUser user = cache.get(username).orElse(null);
if (user == null) {
return Optional.empty();
}
if (BooleanTool.isFalseOrNull(user.getEnabled())) {
throw new InvalidCredentialsException("user not enabled (" + username + ")");
}
user.setLastLoggedIn(Instant.now());
user.setRoles(Scanner.concat(roles, user.getRoles()).collect(HashSet::new));
userDao.put(user);
DatarouterSession session = DatarouterSession.createFromUser(user);
sessionDao.put(session);
return Optional.of(session);
}
use of io.datarouter.web.user.databean.DatarouterUser in project datarouter by hotpads.
the class DatarouterUserDeprovisioningStrategy method doFlagOrDeprovision.
private List<String> doFlagOrDeprovision(List<String> usernames, boolean shouldDeprovision, Optional<String> editorUsername) {
userSessionService.deleteUserSessions(usernames);
List<DeprovisionedUser> deprovisionedUsers = new ArrayList<>();
List<DatarouterUser> users = Scanner.of(usernames).map(DatarouterUserByUsernameLookup::new).listTo(datarouterUserDao::getMultiByUsername);
var deprovisionedUsernames = new ArrayList<String>();
users.forEach(user -> {
deprovisionedUsers.add(new DeprovisionedUser(user.getUsername(), user.getRoles(), shouldDeprovision ? UserDeprovisioningStatus.DEPROVISIONED : UserDeprovisioningStatus.FLAGGED));
user.setRoles(List.of());
user.setEnabled(false);
deprovisionedUsernames.add(user.getUsername());
});
deprovisionedUserDao.putMulti(deprovisionedUsers);
if (shouldDeprovision) {
Optional<DatarouterUser> editor = editorUsername.map(DatarouterUserByUsernameLookup::new).map(datarouterUserDao::getByUsername);
datarouterUserDao.putMulti(users);
datarouterUserHistoryService.recordDeprovisions(users, editor);
}
return deprovisionedUsernames;
}
use of io.datarouter.web.user.databean.DatarouterUser in project datarouter by hotpads.
the class AdminEditUserHandler method createUserSubmit.
// TODO DATAROUTER-2786
@Handler
private Mav createUserSubmit() {
if (serverTypeDetector.mightBeProduction()) {
return pageFactory.message(request, "This is not supported on production");
}
DatarouterUser currentUser = getCurrentUser();
if (!roleManager.isAdmin(currentUser.getRoles())) {
handleInvalidRequest();
}
String username = params.required(authenticationConfig.getUsernameParam());
String password = params.required(authenticationConfig.getPasswordParam());
String[] roleStrings = params.optionalArray(authenticationConfig.getUserRolesParam()).orElse(EmptyArray.STRING);
Set<Role> requestedRoles = Arrays.stream(roleStrings).map(roleManager::getRoleFromPersistentString).collect(Collectors.toSet());
boolean enabled = params.optionalBoolean(authenticationConfig.getEnabledParam(), true);
datarouterUserCreationService.createManualUser(currentUser, username, password, requestedRoles, enabled, Optional.empty(), Optional.empty());
return new InContextRedirectMav(request, paths.admin.viewUsers);
}
use of io.datarouter.web.user.databean.DatarouterUser in project datarouter by hotpads.
the class AdminEditUserHandler method updatePassword.
// TODO DATAROUTER-2759 make this work without DatarouterUser
@Handler
private EditUserDetailsDto updatePassword(@RequestBody UpdatePasswordRequestDto dto) {
if (dto == null || StringTool.isNullOrEmptyOrWhitespace(dto.username) || StringTool.isNullOrEmptyOrWhitespace(dto.newPassword)) {
return new EditUserDetailsDto("Invalid request.");
}
DatarouterUser editor = getCurrentUser();
DatarouterUser userToEdit = datarouterUserDao.getByUsername(new DatarouterUserByUsernameLookup(dto.username));
if (!checkEditPermission(editor, userToEdit, datarouterUserService::canEditUserPassword)) {
return null;
}
if (!datarouterUserService.canHavePassword(userToEdit)) {
return new EditUserDetailsDto("This user is externally authenticated and cannot have a password.");
}
datarouterUserEditService.changePassword(userToEdit, editor, dto.newPassword, getSigninUrl());
return getEditUserDetailsDto(userToEdit.getUsername());
}
Aggregations