Example 16 with AdminUser
use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.
the class AdminUserDataProvider method createAdminUser.
@DataProvider(name = "setupAdminUser")
public static Object[][] createAdminUser() {
AdminUser adminUser = new AdminUserImpl();
adminUser.setName("TestAdminUserName");
adminUser.setLogin("TestAdminUserLogin");
adminUser.setEmail("TestAdminUserEmail@broadleafcommerce.org");
adminUser.setPassword("TestAdminUserPassword");
return new Object[][] { new Object[] { adminUser } };
}
Also used :
AdminUserImpl(org.broadleafcommerce.openadmin.server.security.domain.AdminUserImpl)
AdminUser(org.broadleafcommerce.openadmin.server.security.domain.AdminUser)
DataProvider(org.testng.annotations.DataProvider)
Example 17 with AdminUser
use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.
the class AdminUserCustomPersistenceHandler method update.
@Override
public Entity update(PersistencePackage persistencePackage, DynamicEntityDao dynamicEntityDao, RecordHelper helper) throws ServiceException {
Entity entity = persistencePackage.getEntity();
try {
PersistencePerspective persistencePerspective = persistencePackage.getPersistencePerspective();
Map<String, FieldMetadata> adminProperties = helper.getSimpleMergedProperties(AdminUser.class.getName(), persistencePerspective);
Object primaryKey = helper.getPrimaryKey(entity, adminProperties);
AdminUser adminInstance = (AdminUser) dynamicEntityDao.retrieve(Class.forName(entity.getType()[0]), primaryKey);
Entity errorEntity = validateLegalUsernameAndEmail(entity, adminInstance, false);
if (errorEntity != null) {
return errorEntity;
}
String passwordBefore = adminInstance.getPassword();
adminInstance.setPassword(null);
adminInstance = (AdminUser) helper.createPopulatedInstance(adminInstance, entity, adminProperties, false);
Property passwordProperty = entity.getPMap().get("password");
if (passwordProperty != null) {
if (StringUtils.isNotEmpty(passwordProperty.getValue())) {
adminInstance.setUnencodedPassword(passwordProperty.getValue());
adminInstance.setPassword(null);
} else {
adminInstance.setPassword(passwordBefore);
}
}
validateUserUpdateSecurity(persistencePackage, adminInstance);
adminInstance = adminSecurityService.saveAdminUser(adminInstance);
Entity adminEntity = helper.getRecord(adminProperties, adminInstance, null, null);
return adminEntity;
} catch (Exception e) {
throw new ServiceException("Unable to update entity for " + entity.getType()[0], e);
}
}
Also used :
Entity(org.broadleafcommerce.openadmin.dto.Entity)
FieldMetadata(org.broadleafcommerce.openadmin.dto.FieldMetadata)
PersistencePerspective(org.broadleafcommerce.openadmin.dto.PersistencePerspective)
ServiceException(org.broadleafcommerce.common.exception.ServiceException)
AdminUser(org.broadleafcommerce.openadmin.server.security.domain.AdminUser)
BLCSystemProperty(org.broadleafcommerce.common.util.BLCSystemProperty)
Property(org.broadleafcommerce.openadmin.dto.Property)
ServiceException(org.broadleafcommerce.common.exception.ServiceException)
ValidationException(org.broadleafcommerce.openadmin.server.service.ValidationException)
Example 18 with AdminUser
use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.
the class AdminUserCustomPersistenceHandler method add.
@Override
public Entity add(PersistencePackage persistencePackage, DynamicEntityDao dynamicEntityDao, RecordHelper helper) throws ServiceException {
adminRemoteSecurityService.securityCheck(persistencePackage, EntityOperationType.ADD);
Entity entity = persistencePackage.getEntity();
try {
PersistencePerspective persistencePerspective = persistencePackage.getPersistencePerspective();
AdminUser adminInstance = (AdminUser) Class.forName(entity.getType()[0]).newInstance();
Map<String, FieldMetadata> adminProperties = helper.getSimpleMergedProperties(AdminUser.class.getName(), persistencePerspective);
adminInstance = (AdminUser) helper.createPopulatedInstance(adminInstance, entity, adminProperties, false);
Entity errorEntity = validateLegalUsernameAndEmail(entity, adminInstance, true);
if (errorEntity != null) {
return errorEntity;
}
adminInstance.setUnencodedPassword(adminInstance.getPassword());
adminInstance.setPassword(null);
adminInstance = adminSecurityService.saveAdminUser(adminInstance);
Entity adminEntity = helper.getRecord(adminProperties, adminInstance, null, null);
return adminEntity;
} catch (Exception e) {
throw new ServiceException("Unable to add entity for " + entity.getType()[0], e);
}
}
Also used :
Entity(org.broadleafcommerce.openadmin.dto.Entity)
FieldMetadata(org.broadleafcommerce.openadmin.dto.FieldMetadata)
PersistencePerspective(org.broadleafcommerce.openadmin.dto.PersistencePerspective)
ServiceException(org.broadleafcommerce.common.exception.ServiceException)
AdminUser(org.broadleafcommerce.openadmin.server.security.domain.AdminUser)
ServiceException(org.broadleafcommerce.common.exception.ServiceException)
ValidationException(org.broadleafcommerce.openadmin.server.service.ValidationException)
Example 19 with AdminUser
use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.
the class AdminSecurityServiceRemote method securityCheck.
protected void securityCheck(String[] ceilingNames, EntityOperationType operationType) throws ServiceException {
if (ArrayUtils.isEmpty(ceilingNames)) {
throw new SecurityServiceException("Security Check Failed: ceilingNames not specified");
}
AdminUser persistentAdminUser = getPersistentAdminUser();
PermissionType permissionType;
switch(operationType) {
case ADD:
permissionType = PermissionType.CREATE;
break;
case FETCH:
permissionType = PermissionType.READ;
break;
case REMOVE:
permissionType = PermissionType.DELETE;
break;
case UPDATE:
permissionType = PermissionType.UPDATE;
break;
case INSPECT:
permissionType = PermissionType.READ;
break;
default:
permissionType = PermissionType.OTHER;
break;
}
SecurityServiceException primaryException = null;
boolean isQualified = false;
for (String ceilingEntityFullyQualifiedName : ceilingNames) {
isQualified = securityService.isUserQualifiedForOperationOnCeilingEntity(persistentAdminUser, permissionType, ceilingEntityFullyQualifiedName);
if (!isQualified) {
if (primaryException == null) {
primaryException = new SecurityServiceException("Security Check Failed for entity operation: " + operationType.toString() + " (" + ceilingEntityFullyQualifiedName + ")");
}
} else {
break;
}
}
if (!isQualified) {
// check if the requested entity is not configured and warn
if (!securityService.doesOperationExistForCeilingEntity(permissionType, ceilingNames[0])) {
if (LOG.isWarnEnabled()) {
LOG.warn("Detected security request for an unregistered ceiling entity (" + StringUtil.sanitize(ceilingNames[0]) + "). " + "As a result, the request failed. Please make sure to configure security for any ceiling entities " + "referenced via the admin. This is usually accomplished by adding records in the " + "BLC_ADMIN_PERMISSION_ENTITY table. Note, depending on how the entity in question is used, you " + "may need to add to BLC_ADMIN_PERMISSION, BLC_ADMIN_ROLE_PERMISSION_XREF and BLC_ADMIN_SEC_PERM_XREF.", primaryException);
}
}
throw primaryException;
}
}
Also used :
SecurityServiceException(org.broadleafcommerce.common.exception.SecurityServiceException)
PermissionType(org.broadleafcommerce.openadmin.server.security.service.type.PermissionType)
AdminUser(org.broadleafcommerce.openadmin.server.security.domain.AdminUser)
Example 20 with AdminUser
use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.
the class AdminUserProvisioningServiceImpl method provisionAdminUser.
@Override
public AdminUserDetails provisionAdminUser(BroadleafExternalAuthenticationUserDetails details) {
HashSet<String> parsedRoleNames = parseRolesFromUserDetails(details);
HashSet<AdminRole> parsedRoles = new HashSet<AdminRole>();
List<AdminRole> adminRoles = securityService.readAllAdminRoles();
if (adminRoles != null) {
for (AdminRole role : adminRoles) {
if (parsedRoleNames.contains(role.getName())) {
parsedRoles.add(role);
}
}
}
Set<SimpleGrantedAuthority> adminUserAuthorities = extractAdminUserAuthorities(parsedRoles);
AdminUser adminUser = securityService.readAdminUserByUserName(details.getUsername());
if (adminUser == null) {
adminUser = new AdminUserImpl();
adminUser.setLogin(details.getUsername());
}
if (StringUtils.isNotBlank(details.getEmail())) {
adminUser.setEmail(details.getEmail());
}
StringBuilder name = new StringBuilder();
if (StringUtils.isNotBlank(details.getFirstName())) {
name.append(details.getFirstName()).append(" ");
}
if (StringUtils.isNotBlank(details.getLastName())) {
name.append(details.getLastName());
}
String fullName = name.toString();
if (StringUtils.isNotBlank(fullName)) {
adminUser.setName(fullName);
} else {
adminUser.setName(details.getUsername());
}
// set the roles for the admin user to our new set of roles
adminUser.setAllRoles(new HashSet<>(parsedRoles));
// Add optional support for things like Multi-Tenant, etc...
adminExternalLoginExtensionManager.getProxy().performAdditionalAuthenticationTasks(adminUser, details);
// Save the user data and all of the roles...
adminUser = securityService.saveAdminUser(adminUser);
return new AdminUserDetails(adminUser.getId(), details.getUsername(), "", true, true, true, true, adminUserAuthorities);
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
AdminUserImpl(org.broadleafcommerce.openadmin.server.security.domain.AdminUserImpl)
AdminUser(org.broadleafcommerce.openadmin.server.security.domain.AdminUser)
AdminRole(org.broadleafcommerce.openadmin.server.security.domain.AdminRole)
HashSet(java.util.HashSet)
Aggregations
AdminUser (org.broadleafcommerce.openadmin.server.security.domain.AdminUser)24
Transactional (org.springframework.transaction.annotation.Transactional)6
HashMap (java.util.HashMap)4
GenericResponse (org.broadleafcommerce.common.service.GenericResponse)4
ArrayList (java.util.ArrayList)3
Site (org.broadleafcommerce.common.site.domain.Site)3
Entity (org.broadleafcommerce.openadmin.dto.Entity)3
ValidationException (org.broadleafcommerce.openadmin.server.service.ValidationException)3
Set (java.util.Set)2
ServiceException (org.broadleafcommerce.common.exception.ServiceException)2
ExtensionResultHolder (org.broadleafcommerce.common.extension.ExtensionResultHolder)2
FieldMetadata (org.broadleafcommerce.openadmin.dto.FieldMetadata)2
PersistencePerspective (org.broadleafcommerce.openadmin.dto.PersistencePerspective)2
AdminRole (org.broadleafcommerce.openadmin.server.security.domain.AdminRole)2
AdminUserImpl (org.broadleafcommerce.openadmin.server.security.domain.AdminUserImpl)2
ForgotPasswordSecurityToken (org.broadleafcommerce.openadmin.server.security.domain.ForgotPasswordSecurityToken)2
Authentication (org.springframework.security.core.Authentication)2
IOException (java.io.IOException)1
HashSet (java.util.HashSet)1
TimeZone (java.util.TimeZone)1
