Example 1 with AdminAuthorization
use of org.bimserver.webservices.authorization.AdminAuthorization in project BIMserver by opensourceBIM.
the class LoginUserTokenDatabaseAction method execute.
@Override
public String execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException, ServerException {
BimDatabaseAction<User> action = new GetUserByUserTokenDatabaseAction(getDatabaseSession(), getAccessMethod(), userToken);
User user = action.execute();
if (user != null) {
if (user.getState() == ObjectState.DELETED) {
throw new UserException("User account has been deleted");
} else if (user.getUserType() == UserType.SYSTEM) {
throw new UserException("System user cannot login");
}
Authorization authorization = null;
if (user.getUserType() == UserType.ADMIN) {
authorization = new AdminAuthorization(bimServer.getServerSettingsCache().getServerSettings().getSessionTimeOutSeconds(), TimeUnit.SECONDS);
} else {
authorization = new UserAuthorization(bimServer.getServerSettingsCache().getServerSettings().getSessionTimeOutSeconds(), TimeUnit.SECONDS);
}
authorization.setUoid(user.getOid());
authorization.setUsername(user.getUsername());
String asHexToken = authorization.asHexToken(bimServer.getEncryptionKey());
serviceMap.setAuthorization(authorization);
if (bimServer.getServerSettingsCache().getServerSettings().isStoreLastLogin()) {
user.setLastSeen(new Date());
getDatabaseSession().store(user);
}
return asHexToken;
}
try {
// Adding a random sleep to prevent timing attacks
Thread.sleep(DEFAULT_LOGIN_ERROR_TIMEOUT + new java.security.SecureRandom().nextInt(1000));
} catch (InterruptedException e) {
LOGGER.error("", e);
}
throw new UserException("Invalid token", DefaultErrorCode.INVALID_TOKEN);
}
Also used :
UserAuthorization(org.bimserver.webservices.authorization.UserAuthorization)
AdminAuthorization(org.bimserver.webservices.authorization.AdminAuthorization)
Authorization(org.bimserver.webservices.authorization.Authorization)
User(org.bimserver.models.store.User)
UserAuthorization(org.bimserver.webservices.authorization.UserAuthorization)
UserException(org.bimserver.shared.exceptions.UserException)
AdminAuthorization(org.bimserver.webservices.authorization.AdminAuthorization)
Date(java.util.Date)
Example 2 with AdminAuthorization
use of org.bimserver.webservices.authorization.AdminAuthorization in project BIMserver by opensourceBIM.
the class GetSubProjectsDatabaseAction method execute.
@Override
public Set<Project> execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException {
User user = getUserByUoid(authorization.getUoid());
Project project = getProjectByPoid(poid);
if (!authorization.hasRightsOnProjectOrSuperProjectsOrSubProjects(user, project)) {
throw new UserException("User has no rights on project");
}
Set<Project> subProjects = new HashSet<Project>();
for (Project subProject : project.getSubProjects()) {
if (subProject.getState() == ObjectState.ACTIVE || authorization instanceof AdminAuthorization) {
subProjects.add(subProject);
}
}
return subProjects;
}
Also used :
Project(org.bimserver.models.store.Project)
User(org.bimserver.models.store.User)
UserException(org.bimserver.shared.exceptions.UserException)
AdminAuthorization(org.bimserver.webservices.authorization.AdminAuthorization)
HashSet(java.util.HashSet)
Example 3 with AdminAuthorization
use of org.bimserver.webservices.authorization.AdminAuthorization in project BIMserver by opensourceBIM.
the class NewRevisionNotification method sendEmail.
private void sendEmail(DatabaseSession session, Project project, Revision revision) throws UserException {
Set<User> users = getUsers(session, project);
for (User user : users) {
String body = null;
try {
if (MailSystem.isValidEmailAddress(user.getUsername())) {
EmailMessage message = getBimServer().getMailSystem().createMessage();
ServerSettings serverSettings = getBimServer().getServerSettingsCache().getServerSettings();
String emailSenderAddress = serverSettings.getEmailSenderAddress();
InternetAddress addressFrom = new InternetAddress(emailSenderAddress);
message.setFrom(addressFrom);
InternetAddress[] addressTo = new InternetAddress[1];
addressTo[0] = new InternetAddress(user.getUsername());
message.setRecipients(Message.RecipientType.TO, addressTo);
Map<String, Object> context = new HashMap<String, Object>();
context.put("name", user.getName());
context.put("username", user.getUsername());
context.put("siteaddress", serverSettings.getSiteAddress());
context.put("revisionId", revision.getId());
Authorization authorization = null;
if (user.getUserType() == UserType.ADMIN) {
authorization = new AdminAuthorization(getBimServer().getServerSettingsCache().getServerSettings().getSessionTimeOutSeconds(), TimeUnit.SECONDS);
} else {
authorization = new UserAuthorization(getBimServer().getServerSettingsCache().getServerSettings().getSessionTimeOutSeconds(), TimeUnit.SECONDS);
}
authorization.setUoid(user.getOid());
String asHexToken = authorization.asHexToken(getBimServer().getEncryptionKey());
context.put("token", asHexToken);
context.put("roid", revision.getOid());
context.put("comment", revision.getComment());
context.put("projectName", project.getName());
String subject = null;
body = getBimServer().getTemplateEngine().process(context, TemplateIdentifier.NEW_REVISION_EMAIL_BODY);
subject = getBimServer().getTemplateEngine().process(context, TemplateIdentifier.NEW_REVISION_EMAIL_SUBJECT);
message.setContent(body, "text/html");
message.setSubject(subject.trim());
LOGGER.info("Sending new revision e-mail to " + user.getUsername());
message.send();
}
} catch (Exception e) {
LOGGER.error(body);
LOGGER.error("", e);
throw new UserException(e);
}
}
}
Also used :
EmailMessage(org.bimserver.mail.EmailMessage)
InternetAddress(javax.mail.internet.InternetAddress)
User(org.bimserver.models.store.User)
HashMap(java.util.HashMap)
UserAuthorization(org.bimserver.webservices.authorization.UserAuthorization)
ModelCheckException(org.bimserver.plugins.modelchecker.ModelCheckException)
UserException(org.bimserver.shared.exceptions.UserException)
ChannelConnectionException(org.bimserver.shared.ChannelConnectionException)
PublicInterfaceNotFoundException(org.bimserver.shared.exceptions.PublicInterfaceNotFoundException)
ServerException(org.bimserver.shared.exceptions.ServerException)
BimserverDatabaseException(org.bimserver.BimserverDatabaseException)
ExplicitRightsAuthorization(org.bimserver.webservices.authorization.ExplicitRightsAuthorization)
AdminAuthorization(org.bimserver.webservices.authorization.AdminAuthorization)
UserAuthorization(org.bimserver.webservices.authorization.UserAuthorization)
Authorization(org.bimserver.webservices.authorization.Authorization)
ServerSettings(org.bimserver.models.store.ServerSettings)
UserException(org.bimserver.shared.exceptions.UserException)
AdminAuthorization(org.bimserver.webservices.authorization.AdminAuthorization)
Example 4 with AdminAuthorization
use of org.bimserver.webservices.authorization.AdminAuthorization in project BIMserver by opensourceBIM.
the class GetAllRelatedProjectsDatabaseAction method addProjects.
private void addProjects(List<SProjectSmall> list, Project project, User user) {
if (project.getState() == ObjectState.DELETED && !(authorization instanceof AdminAuthorization)) {
return;
}
list.add(GetAllProjectsSmallDatabaseAction.createSmallProject(authorization, bimServer, project, user));
List<Project> subProjects = new ArrayList<Project>(project.getSubProjects());
Collections.sort(subProjects, new Comparator<Project>() {
@Override
public int compare(Project o1, Project o2) {
return o1.getName().compareTo(o2.getName());
}
});
for (Project subProject : subProjects) {
addProjects(list, subProject, user);
}
}
Also used :
Project(org.bimserver.models.store.Project)
ArrayList(java.util.ArrayList)
AdminAuthorization(org.bimserver.webservices.authorization.AdminAuthorization)
Example 5 with AdminAuthorization
use of org.bimserver.webservices.authorization.AdminAuthorization in project BIMserver by opensourceBIM.
the class LoginDatabaseAction method execute.
@Override
public String execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException, ServerException {
BimDatabaseAction<User> action = new GetUserByUserNameDatabaseAction(getDatabaseSession(), getAccessMethod(), username);
User user = action.execute();
if (user != null) {
if (user.getPasswordHash() == null || user.getPasswordHash().length == 0) {
throw new UserException("Your email address has not been validated yet");
}
if (new Authenticator().validate(password, user.getPasswordHash(), user.getPasswordSalt())) {
if (user.getState() == ObjectState.DELETED) {
throw new UserException("User account has been deleted");
} else if (user.getUserType() == UserType.SYSTEM) {
throw new UserException("System user cannot login");
}
Authorization authorization = null;
int sessionTimeOutSeconds = 60 * 10;
boolean migrationRequired = bimServer.getDatabase().getMigrator().migrationRequired();
if (!migrationRequired) {
sessionTimeOutSeconds = bimServer.getServerSettingsCache().getServerSettings().getSessionTimeOutSeconds();
}
if (user.getUserType() == UserType.ADMIN) {
authorization = new AdminAuthorization(sessionTimeOutSeconds, TimeUnit.SECONDS);
} else if (user.getUserType() == UserType.MONITOR) {
authorization = new MonitorAuthorization(sessionTimeOutSeconds, TimeUnit.SECONDS);
} else {
authorization = new UserAuthorization(sessionTimeOutSeconds, TimeUnit.SECONDS);
}
authorization.setUoid(user.getOid());
authorization.setUsername(user.getUsername());
String asHexToken = authorization.asHexToken(bimServer.getEncryptionKey());
serviceMap.setAuthorization(authorization);
bimServer.getAuthCache().store(asHexToken, authorization);
if (!migrationRequired && bimServer.getServerSettingsCache().getServerSettings().isStoreLastLogin()) {
user.setLastSeen(new Date());
getDatabaseSession().store(user);
}
return asHexToken;
}
}
try {
// Adding a random sleep to prevent timing attacks
Thread.sleep(DEFAULT_LOGIN_ERROR_TIMEOUT + new java.security.SecureRandom().nextInt(1000));
} catch (InterruptedException e) {
LOGGER.error("", e);
}
throw new UserException("Invalid username/password combination");
}
Also used :
User(org.bimserver.models.store.User)
UserAuthorization(org.bimserver.webservices.authorization.UserAuthorization)
MonitorAuthorization(org.bimserver.webservices.authorization.MonitorAuthorization)
Date(java.util.Date)
UserAuthorization(org.bimserver.webservices.authorization.UserAuthorization)
AdminAuthorization(org.bimserver.webservices.authorization.AdminAuthorization)
Authorization(org.bimserver.webservices.authorization.Authorization)
MonitorAuthorization(org.bimserver.webservices.authorization.MonitorAuthorization)
UserException(org.bimserver.shared.exceptions.UserException)
Authenticator(org.bimserver.Authenticator)
AdminAuthorization(org.bimserver.webservices.authorization.AdminAuthorization)
Aggregations
AdminAuthorization (org.bimserver.webservices.authorization.AdminAuthorization)6
User (org.bimserver.models.store.User)4
UserException (org.bimserver.shared.exceptions.UserException)4
Project (org.bimserver.models.store.Project)3
Authorization (org.bimserver.webservices.authorization.Authorization)3
UserAuthorization (org.bimserver.webservices.authorization.UserAuthorization)3
ArrayList (java.util.ArrayList)2
Date (java.util.Date)2
HashMap (java.util.HashMap)1
HashSet (java.util.HashSet)1
InternetAddress (javax.mail.internet.InternetAddress)1
Authenticator (org.bimserver.Authenticator)1
BimserverDatabaseException (org.bimserver.BimserverDatabaseException)1
EmailMessage (org.bimserver.mail.EmailMessage)1
ServerSettings (org.bimserver.models.store.ServerSettings)1
ModelCheckException (org.bimserver.plugins.modelchecker.ModelCheckException)1
ChannelConnectionException (org.bimserver.shared.ChannelConnectionException)1
PublicInterfaceNotFoundException (org.bimserver.shared.exceptions.PublicInterfaceNotFoundException)1
ServerException (org.bimserver.shared.exceptions.ServerException)1
ExplicitRightsAuthorization (org.bimserver.webservices.authorization.ExplicitRightsAuthorization)1
