use of org.activityinfo.server.database.hibernate.entity.User in project activityinfo by bedatadriven.
the class OdkAuthProvider method get.
/**
* Returns the currently authenticated user. During develop
*
* @return the currently authenticated user
* @throws javax.ws.rs.WebApplicationException if the request is not authenticated
*/
@Override
public AuthenticatedUser get() {
if (authProvider.get().isAnonymous()) {
if (DeploymentEnvironment.isAppEngineDevelopment()) {
// do we have a dummy user id configured?
String odkDebugAuthorizationUserId = config.getProperty(DEBUG_USER_ID);
if (odkDebugAuthorizationUserId != null) {
int userId = Integer.parseInt(odkDebugAuthorizationUserId);
if (userId > 0) {
// if so, we're assuming that user is authorized.
User user = em.get().find(User.class, userId);
if (user == null) {
throw new IllegalStateException("odk.debug.authorization.userid set, but user cannot be found");
}
authProvider.set(user);
return new AuthenticatedUser("", user.getId(), user.getEmail(), user.getLocale());
}
}
}
// form of digest authentication when running in development mode.
if (DeploymentEnvironment.isAppEngineDevelopment()) {
LOGGER.info("Requested digest authentication for ODK testing purposes.");
throw new WebApplicationException(Response.status(401).header("WWW-Authenticate", "Digest realm=\"Activityinfo\" qop=\"auth\" nonce=\"XYZ\" opaque=\"opaque\"").build());
} else {
throw new WebApplicationException(Response.status(401).header("WWW-Authenticate", "Basic realm=\"Activityinfo\"").build());
}
} else {
// authorized user, continue
return authProvider.get();
}
}
use of org.activityinfo.server.database.hibernate.entity.User in project activityinfo by bedatadriven.
the class KmlDataServlet method doGet.
@Override
public void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
res.getWriter();
int activityId = Integer.valueOf(req.getParameter("activityId"));
// Get Authorization header
String auth = req.getHeader("Authorization");
// Do we allow that user?
User user = authenticator.doAuthentication(auth);
if (user == null) {
// Not allowed, or no password provided so report unauthorized
res.setHeader("WWW-Authenticate", "BASIC realm=\"ActivityInfo\"");
res.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
res.setContentType("application/vnd.google-earth.kml+xml");
try {
writeDocument(res.getWriter(), activityId);
} catch (Exception e) {
LOGGER.log(Level.SEVERE, "KML Rendering failed", e);
res.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
}
use of org.activityinfo.server.database.hibernate.entity.User in project activityinfo by bedatadriven.
the class JobTaskServlet method doPost.
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
if (Strings.isNullOrEmpty(req.getHeader("X-AppEngine-QueueName"))) {
LOGGER.severe("Unauthorized task request");
resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
}
String jobKey = req.getParameter(JobResource.JOB_KEY_PARAM);
final JobEntity jobEntity = JobStore.getUserJob(jobKey).now();
if (jobEntity == null) {
LOGGER.severe("Job " + jobKey + " not found");
resp.setStatus(200);
return;
}
if (jobEntity.getState() != JobState.STARTED) {
LOGGER.info("Job " + jobKey + " has state " + jobEntity.getState() + ", stopping here.");
resp.setStatus(200);
return;
}
User user = entityManager.get().find(User.class, (int) jobEntity.getUserId());
authProvider.set(user.asAuthenticatedUser());
Locale jobLocale = jobLocale(user, jobEntity);
ThreadLocalLocaleProvider.pushLocale(jobLocale);
LOGGER.info("Set authenticated user to " + user.getEmail() + " [" + jobLocale + "]");
JobExecutor executor = executorFactory.create(jobEntity.getType());
JobDescriptor descriptor = jobEntity.parseDescriptor();
try {
final JobResult result = executor.execute(descriptor);
markCompleted(jobEntity, result);
} catch (Exception e) {
markFailed(jobEntity, e);
}
}
use of org.activityinfo.server.database.hibernate.entity.User in project activityinfo by bedatadriven.
the class ChangePasswordController method changePassword.
@POST
public Response changePassword(@Context UriInfo uri, @FormParam("key") String key, @FormParam("password") String password, @FormParam("password2") String password2) throws IOException, ServletException {
User user = null;
try {
user = userDAO.get().findUserByChangePasswordKey(key);
} catch (NoResultException e) {
return ok(new InvalidInvitePageModel());
}
if (password == null || password.length() < MINIMUM_PASSWORD_LENGTH) {
return ok(new ChangePasswordPageModel(user).setPasswordLengthInvalid(true));
}
if (!password.equals(password2)) {
return ok(new ChangePasswordPageModel(user).setPasswordsNotMatched(true));
}
changePassword(user, password);
return Response.seeOther(uri.getAbsolutePathBuilder().replacePath("/").build()).cookie(authTokenProvider.createNewAuthCookies(user)).build();
}
use of org.activityinfo.server.database.hibernate.entity.User in project activityinfo by bedatadriven.
the class ConfirmInviteController method confirm.
@POST
public Response confirm(@Context UriInfo uri, @FormParam("key") String key, @FormParam("locale") String locale, @FormParam("password") String password, @FormParam("name") String name, @FormParam("newsletter") boolean newsletter) throws Exception {
User user = null;
try {
user = userDAO.get().findUserByChangePasswordKey(key);
user.setName(checkNonEmpty(name));
user.setLocale(checkNonEmpty(locale));
user.changePassword(checkNonEmpty(password));
user.clearChangePasswordKey();
user.setEmailNotification(true);
mailingList.subscribe(user, true, newsletter);
return Response.seeOther(uri.getAbsolutePathBuilder().replacePath("/app").build()).cookie(authTokenProvider.createNewAuthCookies(user)).build();
} catch (EntityNotFoundException e) {
return Response.ok(new InvalidInvitePageModel().asViewable()).type(MediaType.TEXT_HTML).build();
} catch (IllegalArgumentException e) {
return Response.ok(ConfirmInvitePageModel.incompleteForm(user).asViewable()).type(MediaType.TEXT_HTML).build();
}
}
Aggregations