Search in sources :

Example 1 with UserException

use of io.hops.hopsworks.exceptions.UserException in project hopsworks by logicalclocks.

the class AuthController method validateOTP.

/**
 * Validate one time password if user is already authenticated
 * @param user
 * @param otpStr
 * @throws UserException
 */
public void validateOTP(Users user, String otpStr) throws UserException {
    int otp;
    try {
        otp = Integer.parseInt(otpStr);
    } catch (NumberFormatException e) {
        throw new UserException(RESTCodes.UserErrorCode.INVALID_OTP, Level.FINE, "OTP not an integer");
    }
    if (user == null) {
        throw new UserException(RESTCodes.UserErrorCode.USER_DOES_NOT_EXIST, Level.FINE, "User not found");
    }
    boolean valid = checkCode(user.getSecret(), otp);
    if (!valid) {
        throw new UserException(RESTCodes.UserErrorCode.INVALID_OTP, Level.FINE);
    }
}
Also used : UserException(io.hops.hopsworks.exceptions.UserException)

Example 2 with UserException

use of io.hops.hopsworks.exceptions.UserException in project hopsworks by logicalclocks.

the class UsersController method changePassword.

private void changePassword(Users user, String newPassword, String confirmedPassword) throws UserException {
    if (userValidator.isValidPassword(newPassword, confirmedPassword)) {
        try {
            Secret secret = securityUtils.generateSecret(newPassword);
            authController.changePassword(user, secret);
        } catch (Exception ex) {
            throw new UserException(RESTCodes.UserErrorCode.PASSWORD_RESET_UNSUCCESSFUL, Level.SEVERE, null, ex.getMessage(), ex);
        }
    }
}
Also used : Secret(io.hops.hopsworks.common.security.utils.Secret) UserException(io.hops.hopsworks.exceptions.UserException) MessagingException(javax.mail.MessagingException) WriterException(com.google.zxing.WriterException) IOException(java.io.IOException) ServiceException(io.hops.hopsworks.exceptions.ServiceException) UserException(io.hops.hopsworks.exceptions.UserException) ConstraintViolationException(javax.validation.ConstraintViolationException)

Example 3 with UserException

use of io.hops.hopsworks.exceptions.UserException in project hopsworks by logicalclocks.

the class UsersController method resetPassword.

/**
 * Use to reset password to a temporary random password
 * @param id
 * @return
 * @throws UserException
 * @throws MessagingException
 */
public String resetPassword(Integer id, String initiator) throws UserException, MessagingException {
    Users user = userFacade.find(id);
    if (!user.getMode().equals(UserAccountType.M_ACCOUNT_TYPE)) {
        throw new UserException(RESTCodes.UserErrorCode.OPERATION_NOT_ALLOWED, Level.FINE, "Can not reset password of a" + " remote user");
    }
    String randomPwd = securityUtils.generateRandomString(UserValidator.TEMP_PASSWORD_LENGTH);
    user.setStatus(UserAccountStatus.TEMP_PASSWORD);
    changePasswordAsAdmin(user, randomPwd);
    String subject = UserAccountsEmailMessages.ACCOUNT_PASSWORD_RESET;
    String msg = UserAccountsEmailMessages.buildResetByAdminMessage(initiator);
    emailBean.sendEmail(user.getEmail(), Message.RecipientType.TO, subject, msg);
    return randomPwd;
}
Also used : Users(io.hops.hopsworks.persistence.entity.user.Users) UserException(io.hops.hopsworks.exceptions.UserException)

Example 4 with UserException

use of io.hops.hopsworks.exceptions.UserException in project hopsworks by logicalclocks.

the class UsersController method sendPasswordRecoveryEmail.

public void sendPasswordRecoveryEmail(String email, String reqUrl) throws UserException, MessagingException {
    Users user = userFacade.findByEmail(email);
    if (user == null) {
        throw new UserException(RESTCodes.UserErrorCode.USER_WAS_NOT_FOUND, Level.FINE);
    }
    try {
        userStatusValidator.checkStatus(user.getStatus());
    } catch (UserException e) {
        // Needed to not map account exceptions to Unauthorized rest response.
        throw new UserException(RESTCodes.UserErrorCode.ACCOUNT_NOT_ACTIVE, Level.FINE, e.getErrorCode().getMessage());
    }
    authController.sendNewRecoveryValidationKey(user, reqUrl, true);
}
Also used : Users(io.hops.hopsworks.persistence.entity.user.Users) UserException(io.hops.hopsworks.exceptions.UserException)

Example 5 with UserException

use of io.hops.hopsworks.exceptions.UserException in project hopsworks by logicalclocks.

the class UsersController method deleteUser.

/**
 * Delete users. Will fail if the user is an initiator of an audit log.
 * @param u
 * @throws UserException
 */
public void deleteUser(Users u) throws UserException {
    if (u != null) {
        // Should not delete user that is an Initiator in a RolesAudit
        List<RolesAudit> results = rolesAuditFacade.findByTarget(u);
        for (Iterator<RolesAudit> iterator = results.iterator(); iterator.hasNext(); ) {
            RolesAudit next = iterator.next();
            rolesAuditFacade.remove(next);
        }
        // Should not delete user that is an Initiator in an AccountAudit
        List<AccountAudit> resultsAA = accountAuditFacade.findByTarget(u);
        for (Iterator<AccountAudit> iterator = resultsAA.iterator(); iterator.hasNext(); ) {
            AccountAudit next = iterator.next();
            accountAuditFacade.remove(next);
        }
        // run delete handlers
        UserAccountHandler.runUserAccountDeleteHandlers(userAccountHandlers, u);
        try {
            userFacade.removeByEmail(u.getEmail());
        } catch (ConstraintViolationException cve) {
            throw new UserException(RESTCodes.UserErrorCode.ACCOUNT_DELETION_ERROR, Level.FINE, "User that initiated " + "audit log on another account can not be deleted.", cve.getMessage());
        }
    }
}
Also used : RolesAudit(io.hops.hopsworks.persistence.entity.user.security.audit.RolesAudit) ConstraintViolationException(javax.validation.ConstraintViolationException) UserException(io.hops.hopsworks.exceptions.UserException) AccountAudit(io.hops.hopsworks.persistence.entity.user.security.audit.AccountAudit)

Aggregations

UserException (io.hops.hopsworks.exceptions.UserException)74 Users (io.hops.hopsworks.persistence.entity.user.Users)32 HttpServletRequest (javax.servlet.http.HttpServletRequest)16 Produces (javax.ws.rs.Produces)12 IOException (java.io.IOException)11 Path (javax.ws.rs.Path)10 ServiceException (io.hops.hopsworks.exceptions.ServiceException)9 MessagingException (javax.mail.MessagingException)9 ProjectException (io.hops.hopsworks.exceptions.ProjectException)8 Project (io.hops.hopsworks.persistence.entity.project.Project)8 EJBException (javax.ejb.EJBException)8 FacesContext (javax.faces.context.FacesContext)8 FeaturestoreException (io.hops.hopsworks.exceptions.FeaturestoreException)7 ApiOperation (io.swagger.annotations.ApiOperation)7 BbcGroup (io.hops.hopsworks.persistence.entity.user.BbcGroup)6 Secret (io.hops.hopsworks.persistence.entity.user.security.secrets.Secret)6 HopsSecurityException (io.hops.hopsworks.exceptions.HopsSecurityException)5 KafkaException (io.hops.hopsworks.exceptions.KafkaException)5 GeneralSecurityException (java.security.GeneralSecurityException)5 GET (javax.ws.rs.GET)5