Examples with UISession org.collectionspace.csp.api.ui.UISession used on opensource projects

Example 1 with UISession

use of org.collectionspace.csp.api.ui.UISession in project application by collectionspace.

the class WebLogin method login.

private void login(Request in) throws UIException {
    // Temporary hack for Mars
    UIRequest request = in.getUIRequest();
    String username = request.getRequestArgument(USERID_PARAM);
    String password = request.getRequestArgument(PASSWORD_PARAM);
    String tenantId = tenantid;
    if (username == null) {
        JSONObject data = new JSONObject();
        if (request.isJSON()) {
            data = request.getJSONBody();
        } else {
            data = request.getPostBody();
        }
        // Stop defaulting to GET request when UI layer stops doing login via GET
        if (data.has("userid")) {
            try {
                username = data.getString("userid");
                password = data.getString("password");
                if (data.has("tenant")) {
                    tenantId = data.getString("tenant");
                }
            } catch (JSONException e) {
                username = request.getRequestArgument(USERID_PARAM);
                password = request.getRequestArgument(PASSWORD_PARAM);
            }
        }
    }
    UISession uiSession = request.getSession();
    uiSession.setValue(UISession.USERID, username);
    uiSession.setValue(UISession.PASSWORD, password);
    uiSession.setValue(UISession.TENANT, tenantId);
    in.reset();
    String logingErrMsg = loginAttempt(in.getStorage(), tenantId);
    if (logingErrMsg == null) {
        try {
        /*
				 * If enabled, this code would attempt to initialize/reload the default authorities and term lists.  It would attempt to
				 * do this with the credentials just used to successfully login.  If the credentials did not suffice to perform the init/reload
				 * then the user would be redirected to an error page rather than the default post-login landing page.
				 * 
				 * This may be a safer (better?) approach then the current one.  The current approach uses the tenant admin credentials stored
				 * in the Application layer's config.  Since keeping these credentials in the config is a security vulnerability, we may need
				 * stop using them and rely on this apporach for init/reloading the default authorities and term lists.
				 * 
				WebReset webReset = new WebReset(false, false);
				webReset.configure(ui, spec);
				webReset.run(in, new String[0], false);
				*/
        } catch (Throwable t) {
            log.error(t.getMessage());
            throw t;
        }
        request.setRedirectPath(login_dest.split("/"));
    } else {
        log.error(String.format("Login attempt to tenant '%s' with username '%s' failed.", tenantId, username));
        // REM - 2/7/2013: If we got here that means we failed to authenticate with the Services (or another "storage" container), so I would think we should kill any existing session and not just null out the username and password fields.
        uiSession.setValue(UISession.USERID, "");
        uiSession.setValue(UISession.PASSWORD, "");
        uiSession.setValue(UISession.TENANT, "");
        request.setRedirectPath(login_failed_dest.split("/"));
        request.setRedirectArgument("result", logingErrMsg);
    }
}

Example 2 with UISession

use of org.collectionspace.csp.api.ui.UISession in project application by collectionspace.

the class WebLoginStatus method testlogin.

public void testlogin(Request in) throws UIException {
    UIRequest request = in.getUIRequest();
    try {
        Storage storage = in.getStorage();
        JSONObject output = new JSONObject();
        UISession uiSession = request.getSession();
        if (uiSession != null && uiSession.getValue(UISession.USERID) != null) {
            if (uiSession.getValue(UISession.USERID).equals("")) {
                output.put("login", false);
            } else {
                JSONObject perms = null;
                // See if there is a cache of the permissions for this user and tenant.
                String userId = (String) uiSession.getValue(UISession.USERID);
                String tenantId = (String) uiSession.getValue(UISession.TENANT);
                perms = findPermsInCache(userId, tenantId);
                boolean fFoundInCache;
                if (perms != null) {
                    fFoundInCache = true;
                } else {
                    fFoundInCache = false;
                    perms = getPermissions(storage);
                }
                if (perms.has("permissions")) {
                    // Will only slow down edge case of user with no roles.
                    if (!fFoundInCache) {
                        addPermsToCache(userId, tenantId, perms);
                    }
                    output.put("permissions", perms.getJSONObject("permissions"));
                    output.put("csid", perms.getString("csid"));
                    output.put("screenName", perms.getString("screenName"));
                    output.put("userId", perms.getString("userId"));
                    output.put("login", true);
                    int maxInterval = 0;
                    UIRequest uir = in.getUIRequest();
                    if (uir != null) {
                        HttpSession httpSession = request.getHttpSession();
                        if (httpSession != null) {
                            maxInterval = httpSession.getMaxInactiveInterval();
                        }
                    }
                    // Need to consider the shorter of session timeout and cookie expiry.
                    // cookie life is in minutes, so convert to seconds.
                    int cookieLife = 60 * spec.getAdminData().getCookieLife();
                    if (maxInterval == 0 || maxInterval >= cookieLife) {
                        maxInterval = cookieLife;
                    }
                    output.put("maxInactive", maxInterval);
                } else {
                    output.put("login", false);
                    output.put("message", "no roles associated with this user");
                }
            }
        } else {
            output.put("login", false);
        }
        request.sendJSONResponse(output);
    } catch (JSONException x) {
        throw new UIException("Failed to parse json: " + x.getMessage(), x);
    } catch (ExistException x) {
        // failed login test
        throw new UIException("Existence exception: ", x);
    } catch (UnimplementedException x) {
        throw new UIException("Unimplemented exception: ", x);
    } catch (UnderlyingStorageException x) {
        UIException uiexception = new UIException(x.getMessage(), x.getStatus(), x.getUrl(), x);
        request.sendJSONResponse(uiexception.getJSON());
    }
}

Example 3 with UISession

use of org.collectionspace.csp.api.ui.UISession in project application by collectionspace.

the class UserDetailsCreateUpdate method store_set.

private void store_set(Storage storage, UIRequest request, String path) throws UIException {
    JSONObject data = null;
    data = request.getJSONBody();
    boolean notfailed = true;
    String msg = "";
    try {
        boolean currentUserPasswordChange = false;
        String newPassword = null;
        boolean absorbedSvcsError = false;
        if (create) {
            path = sendJSON(storage, null, data);
        // assign to default role.
        } else {
            // Check for password update. If doing that, absorb 403 errors and redirect
            // as though we are doing a logout.
            JSONObject fields = data.optJSONObject("fields");
            if (fields != null && fields.has(PASSWORD_FIELD)) {
                String passwd = fields.getString(PASSWORD_FIELD);
                if (passwd != null) {
                    if (passwd.isEmpty()) {
                        // Preclude removl of a password
                        fields.remove(PASSWORD_FIELD);
                    } else {
                        String editedUserId = fields.getString(USER_ID_FIELD);
                        UISession session = request.getSession();
                        if (session != null) {
                            Object currentUserId = session.getValue(UISession.USERID);
                            if (currentUserId != null && currentUserId.equals(editedUserId)) {
                                newPassword = passwd;
                                currentUserPasswordChange = true;
                            }
                        }
                    }
                }
            }
            path = sendJSON(storage, path, data);
            // credentials
            if (currentUserPasswordChange) {
                request.getSession().setValue(UISession.PASSWORD, newPassword);
            }
        }
        if (path == null) {
            throw new UIException("Insufficient data for create (no fields?)");
        }
        data.put("csid", path);
        try {
            assignRole(storage, path, data);
        } catch (UnderlyingStorageException usex) {
            Integer status = usex.getStatus();
            if (status != null && (status == HttpStatus.SC_FORBIDDEN || status == HttpStatus.SC_UNAUTHORIZED)) {
                absorbedSvcsError = true;
                msg = "Cannot update roles for this account.";
                log.warn("UserDetailsCreateUpdate changing roles, and absorbing error returned: " + usex.getStatus());
            } else {
                // Propagate
                throw usex;
            }
        }
        boolean isError = !notfailed;
        data.put("isError", isError);
        JSONObject messages = new JSONObject();
        messages.put("message", msg);
        messages.put("severity", "info");
        JSONArray arr = new JSONArray();
        arr.put(messages);
        data.put("messages", arr);
        // Elide the value of the password field before returning a response
        data.optJSONObject("fields").remove(PASSWORD_FIELD);
        request.sendJSONResponse(data);
        request.setOperationPerformed(create ? Operation.CREATE : Operation.UPDATE);
        if (create && notfailed)
            request.setSecondaryRedirectPath(new String[] { url_base, path });
    } catch (JSONException x) {
        throw new UIException("Failed to parse json: ", x);
    } catch (ExistException x) {
        throw new UIException("Existence exception: ", x);
    } catch (UnimplementedException x) {
        throw new UIException("Unimplemented exception: ", x);
    } catch (UnderlyingStorageException x) {
        UIException uiexception = new UIException(x.getMessage(), x.getStatus(), x.getUrl(), x);
        request.sendJSONResponse(uiexception.getJSON());
    }
}

Example 4 with UISession

use of org.collectionspace.csp.api.ui.UISession in project application by collectionspace.

the class UISchema method run.

@Override
public void run(Object in, String[] tail) throws UIException, UnauthorizedException {
    Request q = (Request) in;
    JSONObject out;
    if (this.record != null) {
        if (this.spectype.equals("search")) {
            out = uisearchschema(q.getStorage(), this.record);
        } else {
            out = uirecordschema(q.getStorage(), this.record);
        }
    } else {
        UISession session = q.getUIRequest().getSession();
        out = uiotherschema(session, q.getStorage(), StringUtils.join(tail, "/"));
    }
    UIRequest uir = q.getUIRequest();
    uir.sendJSONResponse(out);
    int cacheMaxAgeSeconds = spec.getAdminData().getUiSpecSchemaCacheAge();
    if (cacheMaxAgeSeconds > 0) {
        uir.setCacheMaxAgeSeconds(cacheMaxAgeSeconds);
    }
}