Examples with AdminUser org.broadleafcommerce.openadmin.server.security.domain.AdminUser used on opensource projects

Example 6 with AdminUser

use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.

the class AdminSecurityServiceImpl method sendResetPasswordNotification.

@Override
@Transactional("blTransactionManager")
public GenericResponse sendResetPasswordNotification(String username) {
    GenericResponse response = new GenericResponse();
    AdminUser user = null;
    if (username != null) {
        user = adminUserDao.readAdminUserByUserName(username);
    }
    checkUser(user, response);
    if (!response.getHasErrors()) {
        String token = PasswordUtils.generateSecurePassword(TEMP_PASSWORD_LENGTH);
        token = token.toLowerCase();
        ForgotPasswordSecurityToken fpst = new ForgotPasswordSecurityTokenImpl();
        fpst.setAdminUserId(user.getId());
        fpst.setToken(encodePassword(token, null));
        fpst.setCreateDate(SystemTime.asDate());
        forgotPasswordSecurityTokenDao.saveToken(fpst);
        HashMap<String, Object> vars = new HashMap<String, Object>();
        vars.put("token", token);
        String resetPasswordUrl = getResetPasswordURL();
        if (!StringUtils.isEmpty(resetPasswordUrl)) {
            if (resetPasswordUrl.contains("?")) {
                resetPasswordUrl = resetPasswordUrl + "&token=" + token;
            } else {
                resetPasswordUrl = resetPasswordUrl + "?token=" + token;
            }
        }
        vars.put("resetPasswordUrl", resetPasswordUrl);
        emailService.sendTemplateEmail(user.getEmail(), getResetPasswordEmailInfo(), vars);
    }
    return response;
}

Example 7 with AdminUser

use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.

the class AdminSecurityServiceImpl method saveAdminUser.

@Override
@Transactional("blTransactionManager")
public AdminUser saveAdminUser(AdminUser user) {
    boolean encodePasswordNeeded = false;
    String unencodedPassword = user.getUnencodedPassword();
    if (user.getUnencodedPassword() != null) {
        encodePasswordNeeded = true;
        user.setPassword(unencodedPassword);
    }
    // If no password is set, default to a secure password.
    if (user.getPassword() == null) {
        user.setPassword(generateSecurePassword());
    }
    AdminUser returnUser = adminUserDao.saveAdminUser(user);
    if (encodePasswordNeeded) {
        returnUser.setPassword(encodePassword(unencodedPassword, getSalt(returnUser, unencodedPassword)));
    }
    returnUser = adminUserDao.saveAdminUser(returnUser);
    clearAdminSecurityCache();
    return returnUser;
}

Example 8 with AdminUser

use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.

the class AdminSecurityServiceImpl method changePassword.

@Override
@Transactional("blTransactionManager")
public AdminUser changePassword(PasswordChange passwordChange) {
    AdminUser user = readAdminUserByUserName(passwordChange.getUsername());
    user.setUnencodedPassword(passwordChange.getNewPassword());
    user = saveAdminUser(user);
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(passwordChange.getUsername(), passwordChange.getNewPassword(), auth.getAuthorities());
    SecurityContextHolder.getContext().setAuthentication(authRequest);
    auth.setAuthenticated(false);
    return user;
}

Example 9 with AdminUser

use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.

the class AdminExternalLoginStateFilter method doFilter.

@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) servletRequest;
    if (request.getSession(true).getAttribute(BLC_ADMIN_PROVISION_USER_CHECK) == null) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null && authentication.isAuthenticated()) {
            if (authentication.getPrincipal() instanceof UserDetails) {
                UserDetails userDetails = (UserDetails) authentication.getPrincipal();
                if (userDetails != null && userDetails.getUsername() != null) {
                    AdminUser user = adminSecurityService.readAdminUserByUserName(userDetails.getUsername());
                    if (userDetails instanceof BroadleafExternalAuthenticationUserDetails) {
                        BroadleafExternalAuthenticationUserDetails broadleafUser = (BroadleafExternalAuthenticationUserDetails) userDetails;
                        if (user == null) {
                            // Provision a new user...
                            user = (AdminUser) entityConfiguration.createEntityInstance(AdminUser.class.getName());
                        }
                        saveAdminUser(broadleafUser, user);
                        request.getSession().setAttribute(BLC_ADMIN_PROVISION_USER_CHECK, Boolean.TRUE);
                    }
                }
            }
        }
    }
    filterChain.doFilter(servletRequest, servletResponse);
}

Example 10 with AdminUser

use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.

the class BroadleafAdminRequestProcessor method prepareSandBox.

protected void prepareSandBox(WebRequest request, BroadleafRequestContext brc) {
    AdminUser adminUser = adminRemoteSecurityService.getPersistentAdminUser();
    if (adminUser == null) {
        // clear any sandbox
        if (BLCRequestUtils.isOKtoUseSession(request)) {
            request.removeAttribute(BroadleafSandBoxResolver.SANDBOX_ID_VAR, WebRequest.SCOPE_GLOBAL_SESSION);
        }
    } else {
        SandBox sandBox = null;
        if (StringUtils.isNotBlank(request.getParameter(SANDBOX_REQ_PARAM))) {
            Long sandBoxId = Long.parseLong(request.getParameter(SANDBOX_REQ_PARAM));
            sandBox = sandBoxService.retrieveUserSandBoxForParent(adminUser.getId(), sandBoxId);
            if (sandBox == null) {
                SandBox approvalOrUserSandBox = sandBoxService.retrieveSandBoxManagementById(sandBoxId);
                if (approvalOrUserSandBox != null) {
                    if (approvalOrUserSandBox.getSandBoxType().equals(SandBoxType.USER)) {
                        sandBox = approvalOrUserSandBox;
                    } else {
                        sandBox = sandBoxService.createUserSandBox(adminUser.getId(), approvalOrUserSandBox);
                    }
                }
            }
            if (BLCRequestUtils.isOKtoUseSession(request)) {
                String token = request.getParameter(staleStateProtectionService.getStateVersionTokenParameter());
                staleStateProtectionService.compareToken(token);
                staleStateProtectionService.invalidateState(true);
            }
        }
        if (sandBox == null) {
            Long previouslySetSandBoxId = null;
            if (BLCRequestUtils.isOKtoUseSession(request)) {
                previouslySetSandBoxId = (Long) request.getAttribute(BroadleafSandBoxResolver.SANDBOX_ID_VAR, WebRequest.SCOPE_GLOBAL_SESSION);
            }
            if (previouslySetSandBoxId != null) {
                sandBox = sandBoxService.retrieveSandBoxManagementById(previouslySetSandBoxId);
            }
        }
        if (sandBox == null) {
            List<SandBox> defaultSandBoxes = sandBoxService.retrieveSandBoxesByType(SandBoxType.DEFAULT);
            if (defaultSandBoxes.size() > 1) {
                throw new IllegalStateException("Only one sandbox should be configured as default");
            }
            SandBox defaultSandBox;
            if (defaultSandBoxes.size() == 1) {
                defaultSandBox = defaultSandBoxes.get(0);
            } else {
                defaultSandBox = sandBoxService.createDefaultSandBox();
            }
            sandBox = sandBoxService.retrieveUserSandBoxForParent(adminUser.getId(), defaultSandBox.getId());
            if (sandBox == null) {
                sandBox = sandBoxService.createUserSandBox(adminUser.getId(), defaultSandBox);
            }
        }
        // If the user just changed sandboxes, we want to update the database record.
        Long previouslySetSandBoxId = null;
        if (BLCRequestUtils.isOKtoUseSession(request)) {
            previouslySetSandBoxId = (Long) request.getAttribute(BroadleafSandBoxResolver.SANDBOX_ID_VAR, WebRequest.SCOPE_GLOBAL_SESSION);
        }
        if (previouslySetSandBoxId != null && !sandBox.getId().equals(previouslySetSandBoxId)) {
            adminUser.setLastUsedSandBoxId(sandBox.getId());
            adminUser = adminSecurityService.saveAdminUser(adminUser);
        }
        if (BLCRequestUtils.isOKtoUseSession(request)) {
            request.setAttribute(BroadleafSandBoxResolver.SANDBOX_ID_VAR, sandBox.getId(), WebRequest.SCOPE_GLOBAL_SESSION);
        }
        // is used in a different session that it was initiated in. see QA#2576
        if (sandBox != null && sandBox.getChildSandBoxes() != null) {
            sandBox.getChildSandBoxes().size();
        }
        brc.setSandBox(sandBox);
        brc.setDeployBehavior(deployBehaviorUtil.isProductionSandBoxMode() ? DeployBehavior.CLONE_PARENT : DeployBehavior.OVERWRITE_PARENT);
        brc.getAdditionalProperties().put("adminUser", adminUser);
    }
}