Example 1 with UserAuthorization
use of org.bimserver.webservices.authorization.UserAuthorization in project BIMserver by opensourceBIM.
the class NewRevisionNotification method sendEmail.
private void sendEmail(DatabaseSession session, Project project, Revision revision) throws UserException {
Set<User> users = getUsers(session, project);
for (User user : users) {
String body = null;
try {
if (MailSystem.isValidEmailAddress(user.getUsername())) {
EmailMessage message = getBimServer().getMailSystem().createMessage();
ServerSettings serverSettings = getBimServer().getServerSettingsCache().getServerSettings();
String emailSenderAddress = serverSettings.getEmailSenderAddress();
InternetAddress addressFrom = new InternetAddress(emailSenderAddress);
message.setFrom(addressFrom);
InternetAddress[] addressTo = new InternetAddress[1];
addressTo[0] = new InternetAddress(user.getUsername());
message.setRecipients(Message.RecipientType.TO, addressTo);
Map<String, Object> context = new HashMap<String, Object>();
context.put("name", user.getName());
context.put("username", user.getUsername());
context.put("siteaddress", serverSettings.getSiteAddress());
context.put("revisionId", revision.getId());
Authorization authorization = null;
if (user.getUserType() == UserType.ADMIN) {
authorization = new AdminAuthorization(getBimServer().getServerSettingsCache().getServerSettings().getSessionTimeOutSeconds(), TimeUnit.SECONDS);
} else {
authorization = new UserAuthorization(getBimServer().getServerSettingsCache().getServerSettings().getSessionTimeOutSeconds(), TimeUnit.SECONDS);
}
authorization.setUoid(user.getOid());
String asHexToken = authorization.asHexToken(getBimServer().getEncryptionKey());
context.put("token", asHexToken);
context.put("roid", revision.getOid());
context.put("comment", revision.getComment());
context.put("projectName", project.getName());
String subject = null;
body = getBimServer().getTemplateEngine().process(context, TemplateIdentifier.NEW_REVISION_EMAIL_BODY);
subject = getBimServer().getTemplateEngine().process(context, TemplateIdentifier.NEW_REVISION_EMAIL_SUBJECT);
message.setContent(body, "text/html");
message.setSubject(subject.trim());
LOGGER.info("Sending new revision e-mail to " + user.getUsername());
message.send();
}
} catch (Exception e) {
LOGGER.error(body);
LOGGER.error("", e);
throw new UserException(e);
}
}
}
Also used :
EmailMessage(org.bimserver.mail.EmailMessage)
InternetAddress(javax.mail.internet.InternetAddress)
User(org.bimserver.models.store.User)
HashMap(java.util.HashMap)
UserAuthorization(org.bimserver.webservices.authorization.UserAuthorization)
ModelCheckException(org.bimserver.plugins.modelchecker.ModelCheckException)
UserException(org.bimserver.shared.exceptions.UserException)
ChannelConnectionException(org.bimserver.shared.ChannelConnectionException)
PublicInterfaceNotFoundException(org.bimserver.shared.exceptions.PublicInterfaceNotFoundException)
ServerException(org.bimserver.shared.exceptions.ServerException)
BimserverDatabaseException(org.bimserver.BimserverDatabaseException)
ExplicitRightsAuthorization(org.bimserver.webservices.authorization.ExplicitRightsAuthorization)
AdminAuthorization(org.bimserver.webservices.authorization.AdminAuthorization)
UserAuthorization(org.bimserver.webservices.authorization.UserAuthorization)
Authorization(org.bimserver.webservices.authorization.Authorization)
ServerSettings(org.bimserver.models.store.ServerSettings)
UserException(org.bimserver.shared.exceptions.UserException)
AdminAuthorization(org.bimserver.webservices.authorization.AdminAuthorization)
Example 2 with UserAuthorization
use of org.bimserver.webservices.authorization.UserAuthorization in project BIMserver by opensourceBIM.
the class LoginUserTokenDatabaseAction method execute.
@Override
public String execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException, ServerException {
BimDatabaseAction<User> action = new GetUserByUserTokenDatabaseAction(getDatabaseSession(), getAccessMethod(), userToken);
User user = action.execute();
if (user != null) {
if (user.getState() == ObjectState.DELETED) {
throw new UserException("User account has been deleted");
} else if (user.getUserType() == UserType.SYSTEM) {
throw new UserException("System user cannot login");
}
Authorization authorization = null;
if (user.getUserType() == UserType.ADMIN) {
authorization = new AdminAuthorization(bimServer.getServerSettingsCache().getServerSettings().getSessionTimeOutSeconds(), TimeUnit.SECONDS);
} else {
authorization = new UserAuthorization(bimServer.getServerSettingsCache().getServerSettings().getSessionTimeOutSeconds(), TimeUnit.SECONDS);
}
authorization.setUoid(user.getOid());
String asHexToken = authorization.asHexToken(bimServer.getEncryptionKey());
serviceMap.setAuthorization(authorization);
if (bimServer.getServerSettingsCache().getServerSettings().isStoreLastLogin()) {
user.setLastSeen(new Date());
getDatabaseSession().store(user);
}
return asHexToken;
}
try {
// Adding a random sleep to prevent timing attacks
Thread.sleep(DEFAULT_LOGIN_ERROR_TIMEOUT + new java.security.SecureRandom().nextInt(1000));
} catch (InterruptedException e) {
LOGGER.error("", e);
}
throw new UserException("Invalid token");
}
Also used :
UserAuthorization(org.bimserver.webservices.authorization.UserAuthorization)
AdminAuthorization(org.bimserver.webservices.authorization.AdminAuthorization)
Authorization(org.bimserver.webservices.authorization.Authorization)
User(org.bimserver.models.store.User)
UserAuthorization(org.bimserver.webservices.authorization.UserAuthorization)
UserException(org.bimserver.shared.exceptions.UserException)
AdminAuthorization(org.bimserver.webservices.authorization.AdminAuthorization)
Date(java.util.Date)
Example 3 with UserAuthorization
use of org.bimserver.webservices.authorization.UserAuthorization in project BIMserver by opensourceBIM.
the class LoginDatabaseAction method execute.
@Override
public String execute() throws UserException, BimserverLockConflictException, BimserverDatabaseException, ServerException {
BimDatabaseAction<User> action = new GetUserByUserNameDatabaseAction(getDatabaseSession(), getAccessMethod(), username);
User user = action.execute();
if (user != null) {
if (user.getPasswordHash() == null || user.getPasswordHash().length == 0) {
throw new UserException("Your email address has not been validated yet");
}
if (new Authenticator().validate(password, user.getPasswordHash(), user.getPasswordSalt())) {
if (user.getState() == ObjectState.DELETED) {
throw new UserException("User account has been deleted");
} else if (user.getUserType() == UserType.SYSTEM) {
throw new UserException("System user cannot login");
}
Authorization authorization = null;
if (user.getUserType() == UserType.ADMIN) {
authorization = new AdminAuthorization(bimServer.getServerSettingsCache().getServerSettings().getSessionTimeOutSeconds(), TimeUnit.SECONDS);
} else {
authorization = new UserAuthorization(bimServer.getServerSettingsCache().getServerSettings().getSessionTimeOutSeconds(), TimeUnit.SECONDS);
}
authorization.setUoid(user.getOid());
String asHexToken = authorization.asHexToken(bimServer.getEncryptionKey());
serviceMap.setAuthorization(authorization);
if (bimServer.getServerSettingsCache().getServerSettings().isStoreLastLogin()) {
user.setLastSeen(new Date());
getDatabaseSession().store(user);
}
return asHexToken;
}
}
try {
// Adding a random sleep to prevent timing attacks
Thread.sleep(DEFAULT_LOGIN_ERROR_TIMEOUT + new java.security.SecureRandom().nextInt(1000));
} catch (InterruptedException e) {
LOGGER.error("", e);
}
throw new UserException("Invalid username/password combination");
}
Also used :
User(org.bimserver.models.store.User)
UserAuthorization(org.bimserver.webservices.authorization.UserAuthorization)
Date(java.util.Date)
UserAuthorization(org.bimserver.webservices.authorization.UserAuthorization)
AdminAuthorization(org.bimserver.webservices.authorization.AdminAuthorization)
Authorization(org.bimserver.webservices.authorization.Authorization)
UserException(org.bimserver.shared.exceptions.UserException)
Authenticator(org.bimserver.Authenticator)
AdminAuthorization(org.bimserver.webservices.authorization.AdminAuthorization)
Aggregations
User (org.bimserver.models.store.User)3
UserException (org.bimserver.shared.exceptions.UserException)3
AdminAuthorization (org.bimserver.webservices.authorization.AdminAuthorization)3
Authorization (org.bimserver.webservices.authorization.Authorization)3
UserAuthorization (org.bimserver.webservices.authorization.UserAuthorization)3
Date (java.util.Date)2
HashMap (java.util.HashMap)1
InternetAddress (javax.mail.internet.InternetAddress)1
Authenticator (org.bimserver.Authenticator)1
BimserverDatabaseException (org.bimserver.BimserverDatabaseException)1
EmailMessage (org.bimserver.mail.EmailMessage)1
ServerSettings (org.bimserver.models.store.ServerSettings)1
ModelCheckException (org.bimserver.plugins.modelchecker.ModelCheckException)1
ChannelConnectionException (org.bimserver.shared.ChannelConnectionException)1
PublicInterfaceNotFoundException (org.bimserver.shared.exceptions.PublicInterfaceNotFoundException)1
ServerException (org.bimserver.shared.exceptions.ServerException)1
ExplicitRightsAuthorization (org.bimserver.webservices.authorization.ExplicitRightsAuthorization)1
