Search in sources :

Example 1 with UserManager

use of org.apache.wiki.auth.UserManager in project jspwiki by apache.

the class Installer method createAdministrator.

/**
 * Creates an administrative user and returns the new password.
 * If the admin user exists, the password will be <code>null</code>.
 * @return the password
 * @throws WikiSecurityException
 */
public String createAdministrator() throws WikiSecurityException {
    if (!m_validated) {
        throw new WikiSecurityException("Cannot create administrator because one or more of the installation settings are invalid.");
    }
    if (adminExists()) {
        return null;
    }
    // See if the admin user exists already
    UserManager userMgr = m_engine.getUserManager();
    UserDatabase userDb = userMgr.getUserDatabase();
    String password = null;
    try {
        userDb.findByLoginName(ADMIN_ID);
    } catch (NoSuchPrincipalException e) {
        // Create a random 12-character password
        password = TextUtil.generateRandomPassword();
        UserProfile profile = userDb.newProfile();
        profile.setLoginName(ADMIN_ID);
        profile.setFullname(ADMIN_NAME);
        profile.setPassword(password);
        userDb.save(profile);
    }
    // Create a new admin group
    GroupManager groupMgr = m_engine.getGroupManager();
    Group group = null;
    try {
        group = groupMgr.getGroup(ADMIN_GROUP);
        group.add(new WikiPrincipal(ADMIN_NAME));
    } catch (NoSuchPrincipalException e) {
        group = groupMgr.parseGroup(ADMIN_GROUP, ADMIN_NAME, true);
    }
    groupMgr.setGroup(m_session, group);
    return password;
}
Also used : WikiSecurityException(org.apache.wiki.auth.WikiSecurityException) Group(org.apache.wiki.auth.authorize.Group) UserProfile(org.apache.wiki.auth.user.UserProfile) WikiPrincipal(org.apache.wiki.auth.WikiPrincipal) UserManager(org.apache.wiki.auth.UserManager) UserDatabase(org.apache.wiki.auth.user.UserDatabase) NoSuchPrincipalException(org.apache.wiki.auth.NoSuchPrincipalException) GroupManager(org.apache.wiki.auth.authorize.GroupManager)

Example 2 with UserManager

use of org.apache.wiki.auth.UserManager in project jspwiki by apache.

the class UserBean method doPost.

public String doPost(WikiContext context) {
    HttpServletRequest request = context.getHttpRequest();
    WikiSession session = context.getWikiSession();
    UserManager mgr = context.getEngine().getUserManager();
    String loginid = request.getParameter("loginid");
    String loginname = request.getParameter("loginname");
    String fullname = request.getParameter("fullname");
    String password = request.getParameter("password");
    String password2 = request.getParameter("password2");
    String email = request.getParameter("email");
    if (request.getParameter("action").equalsIgnoreCase("remove")) {
        try {
            mgr.getUserDatabase().deleteByLoginName(loginid);
            session.addMessage("User profile " + loginid + " (" + fullname + ") has been deleted");
        } catch (NoSuchPrincipalException e) {
            session.addMessage("User profile has already been removed");
        } catch (WikiSecurityException e) {
            session.addMessage("Security problem: " + e);
        }
        return "";
    }
    if (password != null && password.length() > 0 && !password.equals(password2)) {
        session.addMessage("Passwords do not match!");
        return "";
    }
    UserProfile p;
    if (loginid.equals("--New--")) {
        // Create new user
        p = mgr.getUserDatabase().newProfile();
        p.setCreated(new Date());
    } else {
        try {
            p = mgr.getUserDatabase().findByLoginName(loginid);
        } catch (NoSuchPrincipalException e) {
            session.addMessage("I could not find user profile " + loginid);
            return "";
        }
    }
    p.setEmail(email);
    p.setFullname(fullname);
    if (password != null && password.length() > 0)
        p.setPassword(password);
    p.setLoginName(loginname);
    try {
        mgr.getUserDatabase().save(p);
    } catch (WikiSecurityException e) {
        session.addMessage("Unable to save " + e.getMessage());
    }
    session.addMessage("User profile has been updated");
    return "";
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) WikiSession(org.apache.wiki.WikiSession) WikiSecurityException(org.apache.wiki.auth.WikiSecurityException) UserProfile(org.apache.wiki.auth.user.UserProfile) UserManager(org.apache.wiki.auth.UserManager) NoSuchPrincipalException(org.apache.wiki.auth.NoSuchPrincipalException) Date(java.util.Date)

Example 3 with UserManager

use of org.apache.wiki.auth.UserManager in project jspwiki by apache.

the class WikiContext method requiredPermission.

/**
 * Returns the permission required to successfully execute this context.
 * For example, the a wiki context of VIEW for a certain page means that
 * the PagePermission "view" is required for the page. In some cases, no
 * particular permission is required, in which case a dummy permission will
 * be returned ({@link java.util.PropertyPermission}<code> "os.name",
 * "read"</code>). This method is guaranteed to always return a valid,
 * non-null permission.
 * @return the permission
 * @since 2.4
 */
public Permission requiredPermission() {
    // This is a filthy rotten hack -- absolutely putrid
    if (WikiCommand.INSTALL.equals(m_command)) {
        // See if admin users exists
        boolean adminExists = false;
        try {
            UserManager userMgr = m_engine.getUserManager();
            UserDatabase userDb = userMgr.getUserDatabase();
            userDb.findByLoginName(Installer.ADMIN_ID);
            adminExists = true;
        } catch (NoSuchPrincipalException e) {
            return DUMMY_PERMISSION;
        }
        if (adminExists) {
            return new AllPermission(m_engine.getApplicationName());
        }
    }
    // method returns null, but until then we will use this hack
    if (m_command.requiredPermission() == null) {
        return DUMMY_PERMISSION;
    }
    return m_command.requiredPermission();
}
Also used : UserManager(org.apache.wiki.auth.UserManager) UserDatabase(org.apache.wiki.auth.user.UserDatabase) AllPermission(org.apache.wiki.auth.permissions.AllPermission) NoSuchPrincipalException(org.apache.wiki.auth.NoSuchPrincipalException)

Example 4 with UserManager

use of org.apache.wiki.auth.UserManager in project jspwiki by apache.

the class Installer method adminExists.

/**
 * Returns <code>true</code> if the administrative user had
 * been created previously.
 * @return the result
 */
public boolean adminExists() {
    // See if the admin user exists already
    UserManager userMgr = m_engine.getUserManager();
    UserDatabase userDb = userMgr.getUserDatabase();
    try {
        userDb.findByLoginName(ADMIN_ID);
        return true;
    } catch (NoSuchPrincipalException e) {
        return false;
    }
}
Also used : UserManager(org.apache.wiki.auth.UserManager) UserDatabase(org.apache.wiki.auth.user.UserDatabase) NoSuchPrincipalException(org.apache.wiki.auth.NoSuchPrincipalException)

Example 5 with UserManager

use of org.apache.wiki.auth.UserManager in project jspwiki by apache.

the class UserProfileTag method doWikiStartTag.

public final int doWikiStartTag() throws IOException, WikiSecurityException {
    UserManager manager = m_wikiContext.getEngine().getUserManager();
    UserProfile profile = manager.getUserProfile(m_wikiContext.getWikiSession());
    String result = null;
    if (EXISTS.equals(m_prop) || NOT_NEW.equals(m_prop)) {
        return profile.isNew() ? SKIP_BODY : EVAL_BODY_INCLUDE;
    } else if (NEW.equals(m_prop) || NOT_EXISTS.equals(m_prop)) {
        return profile.isNew() ? EVAL_BODY_INCLUDE : SKIP_BODY;
    } else if (CREATED.equals(m_prop) && profile.getCreated() != null) {
        result = profile.getCreated().toString();
    } else if (EMAIL.equals(m_prop)) {
        result = profile.getEmail();
    } else if (FULLNAME.equals(m_prop)) {
        result = profile.getFullname();
    } else if (GROUPS.equals(m_prop)) {
        result = printGroups(m_wikiContext);
    } else if (LOGINNAME.equals(m_prop)) {
        result = profile.getLoginName();
    } else if (MODIFIED.equals(m_prop) && profile.getLastModified() != null) {
        result = profile.getLastModified().toString();
    } else if (ROLES.equals(m_prop)) {
        result = printRoles(m_wikiContext);
    } else if (WIKINAME.equals(m_prop)) {
        result = profile.getWikiName();
        if (result == null) {
            // 
            // Default back to the declared user name
            // 
            WikiEngine engine = this.m_wikiContext.getEngine();
            WikiSession wikiSession = WikiSession.getWikiSession(engine, (HttpServletRequest) pageContext.getRequest());
            Principal user = wikiSession.getUserPrincipal();
            if (user != null) {
                result = user.getName();
            }
        }
    } else if (CHANGE_PASSWORD.equals(m_prop) || CHANGE_LOGIN_NAME.equals(m_prop)) {
        AuthenticationManager authMgr = m_wikiContext.getEngine().getAuthenticationManager();
        if (!authMgr.isContainerAuthenticated()) {
            return EVAL_BODY_INCLUDE;
        }
    } else if (NOT_CHANGE_PASSWORD.equals(m_prop) || NOT_CHANGE_LOGIN_NAME.equals(m_prop)) {
        AuthenticationManager authMgr = m_wikiContext.getEngine().getAuthenticationManager();
        if (authMgr.isContainerAuthenticated()) {
            return EVAL_BODY_INCLUDE;
        }
    }
    if (result != null) {
        pageContext.getOut().print(TextUtil.replaceEntities(result));
    }
    return SKIP_BODY;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) AuthenticationManager(org.apache.wiki.auth.AuthenticationManager) WikiSession(org.apache.wiki.WikiSession) UserProfile(org.apache.wiki.auth.user.UserProfile) UserManager(org.apache.wiki.auth.UserManager) WikiEngine(org.apache.wiki.WikiEngine) Principal(java.security.Principal) GroupPrincipal(org.apache.wiki.auth.GroupPrincipal)

Aggregations

UserManager (org.apache.wiki.auth.UserManager)6 NoSuchPrincipalException (org.apache.wiki.auth.NoSuchPrincipalException)4 UserDatabase (org.apache.wiki.auth.user.UserDatabase)3 UserProfile (org.apache.wiki.auth.user.UserProfile)3 Date (java.util.Date)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 WikiSession (org.apache.wiki.WikiSession)2 AuthenticationManager (org.apache.wiki.auth.AuthenticationManager)2 WikiSecurityException (org.apache.wiki.auth.WikiSecurityException)2 GroupManager (org.apache.wiki.auth.authorize.GroupManager)2 File (java.io.File)1 IOException (java.io.IOException)1 UnsupportedEncodingException (java.io.UnsupportedEncodingException)1 Principal (java.security.Principal)1 WikiEngine (org.apache.wiki.WikiEngine)1 AdminBeanManager (org.apache.wiki.api.engine.AdminBeanManager)1 FilterManager (org.apache.wiki.api.engine.FilterManager)1 PluginManager (org.apache.wiki.api.engine.PluginManager)1 FilterException (org.apache.wiki.api.exceptions.FilterException)1 NoSuchVariableException (org.apache.wiki.api.exceptions.NoSuchVariableException)1