Example 1 with AdminUser
use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.
the class AdminUserDaoImpl method readAdminUserByUserName.
public AdminUser readAdminUserByUserName(String userName) {
TypedQuery<AdminUser> query = em.createNamedQuery("BC_READ_ADMIN_USER_BY_USERNAME", AdminUser.class);
query.setHint(QueryHints.HINT_CACHEABLE, true);
query.setHint(QueryHints.HINT_CACHE_REGION, "blAdminSecurityVolatileQuery");
query.setParameter("userName", userName);
List<AdminUser> users = query.getResultList();
// TODO rewrite on streams when upgraded to java 8
Iterator<AdminUser> iterator = users.iterator();
while (iterator.hasNext()) {
AdminUser user = iterator.next();
if (Status.class.isAssignableFrom(user.getClass())) {
if ('Y' == ((Status) user).getArchived()) {
iterator.remove();
}
}
}
if (users != null && !users.isEmpty()) {
return users.get(0);
}
return null;
}
Also used :
AdminUser(org.broadleafcommerce.openadmin.server.security.domain.AdminUser)
Example 2 with AdminUser
use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.
the class BroadleafAdminAuthenticationSuccessHandler method onAuthenticationSuccess.
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException {
AdminUser user = adminRemoteSecurityService.getPersistentAdminUser();
if (user != null && user.getLastUsedSandBoxId() != null) {
request.getSession(false).setAttribute(BroadleafSandBoxResolver.SANDBOX_ID_VAR, user.getLastUsedSandBoxId());
}
SavedRequest savedRequest = requestCache.getRequest(request, response);
if (savedRequest == null) {
super.onAuthenticationSuccess(request, response, authentication);
return;
}
String targetUrlParameter = getTargetUrlParameter();
if (isAlwaysUseDefaultTargetUrl() || (targetUrlParameter != null && StringUtils.hasText(request.getParameter(targetUrlParameter)))) {
requestCache.removeRequest(request, response);
super.onAuthenticationSuccess(request, response, authentication);
return;
}
clearAuthenticationAttributes(request);
// Use the DefaultSavedRequest URL
String targetUrl = savedRequest.getRedirectUrl();
try {
UrlUtil.validateUrl(targetUrl, request);
} catch (IOException e) {
logger.error("SECURITY FAILURE Bad redirect location: " + StringUtil.sanitize(targetUrl), e);
response.sendError(403);
return;
}
// Remove the sessionTimeout flag if necessary
targetUrl = targetUrl.replace("sessionTimeout=true", "");
if (targetUrl.charAt(targetUrl.length() - 1) == '?') {
targetUrl = targetUrl.substring(0, targetUrl.length() - 1);
}
if (targetUrl.contains(successUrlParameter)) {
int successUrlPosition = targetUrl.indexOf(successUrlParameter) + successUrlParameter.length();
int nextParamPosition = targetUrl.indexOf("&", successUrlPosition);
if (nextParamPosition == -1) {
targetUrl = targetUrl.substring(successUrlPosition, targetUrl.length());
} else {
targetUrl = targetUrl.substring(successUrlPosition, nextParamPosition);
}
}
// Remove the login URI so we don't continuously redirect to the login page
targetUrl = removeLoginSegment(targetUrl);
logger.debug("Redirecting to DefaultSavedRequest Url: " + StringUtil.sanitize(targetUrl));
getRedirectStrategy().sendRedirect(request, response, targetUrl);
}
Also used :
AdminUser(org.broadleafcommerce.openadmin.server.security.domain.AdminUser)
IOException(java.io.IOException)
SavedRequest(org.springframework.security.web.savedrequest.SavedRequest)
Example 3 with AdminUser
use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.
the class AdminUserProcessor method populateModelVariables.
@Override
public Map<String, Object> populateModelVariables(String tagName, Map<String, String> tagAttributes, BroadleafTemplateContext context) {
String resultVar = tagAttributes.get("resultVar");
Map<String, Object> newModelVars = new HashMap<>();
AdminUser user = getPersistentAdminUser();
if (user != null) {
newModelVars.put(resultVar, user);
}
return newModelVars;
}Example 4 with AdminUser
use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.
the class AdminUserCustomPersistenceHandler method remove.
@Override
public void remove(PersistencePackage persistencePackage, DynamicEntityDao dynamicEntityDao, RecordHelper helper) throws ServiceException {
Entity entity = persistencePackage.getEntity();
String idValue = entity.findProperty("id").getValue();
String userLoginToRemove = entity.findProperty("login") == null ? null : entity.findProperty("login").getValue();
AdminUser persistentAdminUser = adminRemoteSecurityService.getPersistentAdminUser();
if (persistentAdminUser != null && persistentAdminUser.getLogin() != null && userLoginToRemove != null) {
if (persistentAdminUser.getLogin().equals(userLoginToRemove)) {
throw new ValidationException(entity, "admin.cantDeleteCurrentUserError");
}
}
if (idValue != null) {
Long id = Long.parseLong(idValue);
AdminUser adminInstance = adminSecurityService.readAdminUserById(id);
// Check if Status was Weaved in
if (Status.class.isAssignableFrom(adminInstance.getClass())) {
((Status) adminInstance).setArchived('Y');
adminSecurityService.saveAdminUser(adminInstance);
return;
}
}
OperationType removeType = persistencePackage.getPersistencePerspective().getOperationTypes().getRemoveType();
helper.getCompatibleModule(removeType).remove(persistencePackage);
}
Also used :
Status(org.broadleafcommerce.common.persistence.Status)
Entity(org.broadleafcommerce.openadmin.dto.Entity)
ValidationException(org.broadleafcommerce.openadmin.server.service.ValidationException)
AdminUser(org.broadleafcommerce.openadmin.server.security.domain.AdminUser)
EntityOperationType(org.broadleafcommerce.openadmin.server.security.remote.EntityOperationType)
OperationType(org.broadleafcommerce.common.presentation.client.OperationType)
Example 5 with AdminUser
use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.
the class AdminSecurityServiceRemote method getAdminUser.
@Override
public org.broadleafcommerce.openadmin.server.security.remote.AdminUser getAdminUser() throws ServiceException {
AdminUser persistentAdminUser = getPersistentAdminUser();
if (persistentAdminUser != null) {
org.broadleafcommerce.openadmin.server.security.remote.AdminUser response = new org.broadleafcommerce.openadmin.server.security.remote.AdminUser();
for (AdminRole role : persistentAdminUser.getAllRoles()) {
response.getRoles().add(role.getName());
for (AdminPermission permission : role.getAllPermissions()) {
response.getPermissions().add(permission.getName());
}
}
for (AdminPermission permission : persistentAdminUser.getAllPermissions()) {
response.getPermissions().add(permission.getName());
}
response.setUserName(persistentAdminUser.getLogin());
response.setCurrentSandBoxId(String.valueOf(SandBoxContext.getSandBoxContext().getSandBoxId()));
response.setEmail(persistentAdminUser.getEmail());
response.setName(persistentAdminUser.getName());
response.setPhoneNumber(persistentAdminUser.getPhoneNumber());
response.setId(persistentAdminUser.getId());
return response;
}
return null;
}
Also used :
AdminPermission(org.broadleafcommerce.openadmin.server.security.domain.AdminPermission)
AdminUser(org.broadleafcommerce.openadmin.server.security.domain.AdminUser)
AdminRole(org.broadleafcommerce.openadmin.server.security.domain.AdminRole)
Aggregations
AdminUser (org.broadleafcommerce.openadmin.server.security.domain.AdminUser)24
Transactional (org.springframework.transaction.annotation.Transactional)6
HashMap (java.util.HashMap)4
GenericResponse (org.broadleafcommerce.common.service.GenericResponse)4
ArrayList (java.util.ArrayList)3
Site (org.broadleafcommerce.common.site.domain.Site)3
Entity (org.broadleafcommerce.openadmin.dto.Entity)3
ValidationException (org.broadleafcommerce.openadmin.server.service.ValidationException)3
Set (java.util.Set)2
ServiceException (org.broadleafcommerce.common.exception.ServiceException)2
ExtensionResultHolder (org.broadleafcommerce.common.extension.ExtensionResultHolder)2
FieldMetadata (org.broadleafcommerce.openadmin.dto.FieldMetadata)2
PersistencePerspective (org.broadleafcommerce.openadmin.dto.PersistencePerspective)2
AdminRole (org.broadleafcommerce.openadmin.server.security.domain.AdminRole)2
AdminUserImpl (org.broadleafcommerce.openadmin.server.security.domain.AdminUserImpl)2
ForgotPasswordSecurityToken (org.broadleafcommerce.openadmin.server.security.domain.ForgotPasswordSecurityToken)2
Authentication (org.springframework.security.core.Authentication)2
IOException (java.io.IOException)1
HashSet (java.util.HashSet)1
TimeZone (java.util.TimeZone)1
