Example 21 with HasPermission
use of org.craftercms.commons.security.permissions.annotations.HasPermission in project studio by craftercms.
the class UserServiceImpl method enableUsers.
@Override
@HasPermission(type = DefaultPermission.class, action = "update_users")
public List<User> enableUsers(List<Long> userIds, List<String> usernames, boolean enabled) throws ServiceLayerException, UserNotFoundException, AuthenticationException {
List<User> users = userServiceInternal.enableUsers(userIds, usernames, enabled);
SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setSiteId(siteFeed.getId());
if (enabled) {
auditLog.setOperation(OPERATION_ENABLE);
} else {
auditLog.setOperation(OPERATION_DISABLE);
}
auditLog.setActorId(getCurrentUser().getUsername());
auditLog.setPrimaryTargetId(siteFeed.getSiteId());
auditLog.setPrimaryTargetType(TARGET_TYPE_USER);
auditLog.setPrimaryTargetValue(siteFeed.getName());
List<AuditLogParameter> paramters = new ArrayList<AuditLogParameter>();
for (User u : users) {
AuditLogParameter paramter = new AuditLogParameter();
paramter.setTargetId(Long.toString(u.getId()));
paramter.setTargetType(TARGET_TYPE_USER);
paramter.setTargetValue(u.getUsername());
paramters.add(paramter);
}
auditLog.setParameters(paramters);
auditServiceInternal.insertAuditLog(auditLog);
return users;
}
Also used :
User(org.craftercms.studio.api.v2.dal.User)
AuthenticatedUser(org.craftercms.studio.model.AuthenticatedUser)
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
ArrayList(java.util.ArrayList)
AuditLogParameter(org.craftercms.studio.api.v2.dal.AuditLogParameter)
AuditLog(org.craftercms.studio.api.v2.dal.AuditLog)
HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)
Example 22 with HasPermission
use of org.craftercms.commons.security.permissions.annotations.HasPermission in project studio by craftercms.
the class UserServiceImpl method getUserSites.
@Override
@HasPermission(type = DefaultPermission.class, action = "read_users")
public List<Site> getUserSites(long userId, String username) throws ServiceLayerException, UserNotFoundException {
List<Site> sites = new ArrayList<>();
Set<String> allSites = siteService.getAllAvailableSites();
List<Group> userGroups = userServiceInternal.getUserGroups(userId, username);
boolean isSysAdmin = userGroups.stream().anyMatch(group -> group.getGroupName().equals(SYSTEM_ADMIN_GROUP));
// Iterate all sites. If the user has any of the site groups, it has access to the site
for (String siteId : allSites) {
List<String> siteGroups = groupServiceInternal.getSiteGroups(siteId);
if (isSysAdmin || userGroups.stream().anyMatch(userGroup -> siteGroups.contains(userGroup.getGroupName()))) {
try {
SiteFeed siteFeed = siteService.getSite(siteId);
Site site = new Site();
site.setSiteId(siteFeed.getSiteId());
site.setDesc(siteFeed.getDescription());
sites.add(site);
} catch (SiteNotFoundException e) {
logger.error("Site not found: {0}", e, siteId);
}
}
}
return sites;
}
Also used :
Site(org.craftercms.studio.model.Site)
Arrays(java.util.Arrays)
AuditLogParameter(org.craftercms.studio.api.v2.dal.AuditLogParameter)
UserServiceInternal(org.craftercms.studio.api.v2.service.security.internal.UserServiceInternal)
TextEncryptor(org.craftercms.commons.crypto.TextEncryptor)
ZonedDateTime(java.time.ZonedDateTime)
MessagingException(javax.mail.MessagingException)
FreeMarkerConfig(org.springframework.web.servlet.view.freemarker.FreeMarkerConfig)
StringUtils(org.apache.commons.lang3.StringUtils)
UserNotFoundException(org.craftercms.studio.api.v1.exception.security.UserNotFoundException)
User(org.craftercms.studio.api.v2.dal.User)
AuditServiceInternal(org.craftercms.studio.api.v2.service.audit.internal.AuditServiceInternal)
SECURITY_FORGOT_PASSWORD_EMAIL_TEMPLATE(org.craftercms.studio.api.v2.utils.StudioConfiguration.SECURITY_FORGOT_PASSWORD_EMAIL_TEMPLATE)
Map(java.util.Map)
AuditLog(org.craftercms.studio.api.v2.dal.AuditLog)
SECURITY_FORGOT_PASSWORD_MESSAGE_SUBJECT(org.craftercms.studio.api.v2.utils.StudioConfiguration.SECURITY_FORGOT_PASSWORD_MESSAGE_SUBJECT)
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
Collection(java.util.Collection)
Set(java.util.Set)
SiteService(org.craftercms.studio.api.v1.service.site.SiteService)
JavaMailSender(org.springframework.mail.javamail.JavaMailSender)
CONFIGURATION_GLOBAL_SYSTEM_SITE(org.craftercms.studio.api.v2.utils.StudioConfiguration.CONFIGURATION_GLOBAL_SYSTEM_SITE)
GroupServiceInternal(org.craftercms.studio.api.v2.service.security.internal.GroupServiceInternal)
Site(org.craftercms.studio.model.Site)
SECURITY_RESET_PASSWORD_SERVICE_URL(org.craftercms.studio.api.v2.utils.StudioConfiguration.SECURITY_RESET_PASSWORD_SERVICE_URL)
EntitlementValidator(org.craftercms.commons.entitlements.validator.EntitlementValidator)
StandardCharsets(java.nio.charset.StandardCharsets)
AuthenticatedUser(org.craftercms.studio.model.AuthenticatedUser)
EntitlementType(org.craftercms.commons.entitlements.model.EntitlementType)
Base64(java.util.Base64)
List(java.util.List)
StudioConfiguration(org.craftercms.studio.api.v2.utils.StudioConfiguration)
Writer(java.io.Writer)
ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException)
OPERATION_CREATE(org.craftercms.studio.api.v2.dal.AuditLogConstants.OPERATION_CREATE)
DefaultPermission(org.craftercms.commons.security.permissions.DefaultPermission)
SYSTEM_ADMIN_GROUP(org.craftercms.studio.api.v1.constant.StudioConstants.SYSTEM_ADMIN_GROUP)
PasswordDoesNotMatchException(org.craftercms.studio.api.v1.exception.security.PasswordDoesNotMatchException)
UserAlreadyExistsException(org.craftercms.studio.api.v1.exception.security.UserAlreadyExistsException)
MimeMessageHelper(org.springframework.mail.javamail.MimeMessageHelper)
TARGET_TYPE_USER(org.craftercms.studio.api.v2.dal.AuditLogConstants.TARGET_TYPE_USER)
RequestContext(org.craftercms.commons.http.RequestContext)
TemplateException(freemarker.template.TemplateException)
Logger(org.craftercms.studio.api.v1.log.Logger)
OPERATION_DELETE(org.craftercms.studio.api.v2.dal.AuditLogConstants.OPERATION_DELETE)
HashMap(java.util.HashMap)
CollectionUtils(org.apache.commons.collections4.CollectionUtils)
ArrayList(java.util.ArrayList)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
StringTokenizer(java.util.StringTokenizer)
SECURITY_FORGOT_PASSWORD_TOKEN_TIMEOUT(org.craftercms.studio.api.v2.utils.StudioConfiguration.SECURITY_FORGOT_PASSWORD_TOKEN_TIMEOUT)
LoggerFactory(org.craftercms.studio.api.v1.log.LoggerFactory)
EntitlementException(org.craftercms.commons.entitlements.exception.EntitlementException)
Template(freemarker.template.Template)
GroupNotFoundException(org.craftercms.studio.api.v1.exception.security.GroupNotFoundException)
OPERATION_UPDATE(org.craftercms.studio.api.v2.dal.AuditLogConstants.OPERATION_UPDATE)
UserExternallyManagedException(org.craftercms.studio.api.v1.exception.security.UserExternallyManagedException)
LinkedHashSet(java.util.LinkedHashSet)
ConfigurationService(org.craftercms.studio.api.v2.service.config.ConfigurationService)
MapUtils(org.apache.commons.collections4.MapUtils)
UserService(org.craftercms.studio.api.v2.service.security.UserService)
StringWriter(java.io.StringWriter)
REMOVE_SYSTEM_ADMIN_MEMBER_LOCK(org.craftercms.studio.api.v1.constant.StudioConstants.REMOVE_SYSTEM_ADMIN_MEMBER_LOCK)
HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)
OPERATION_DISABLE(org.craftercms.studio.api.v2.dal.AuditLogConstants.OPERATION_DISABLE)
IOException(java.io.IOException)
MimeMessage(javax.mail.internet.MimeMessage)
SiteNotFoundException(org.craftercms.studio.api.v1.exception.SiteNotFoundException)
CryptoException(org.craftercms.commons.crypto.CryptoException)
OPERATION_ENABLE(org.craftercms.studio.api.v2.dal.AuditLogConstants.OPERATION_ENABLE)
PermissionException(org.craftercms.commons.security.exception.PermissionException)
ObjectFactory(org.springframework.beans.factory.ObjectFactory)
Group(org.craftercms.studio.api.v2.dal.Group)
SecurityService(org.craftercms.studio.api.v1.service.security.SecurityService)
GeneralLockService(org.craftercms.studio.api.v1.service.GeneralLockService)
MAIL_FROM_DEFAULT(org.craftercms.studio.api.v2.utils.StudioConfiguration.MAIL_FROM_DEFAULT)
InstanceService(org.craftercms.studio.api.v2.service.system.InstanceService)
MAIL_SMTP_AUTH(org.craftercms.studio.api.v2.utils.StudioConfiguration.MAIL_SMTP_AUTH)
AuthenticationException(org.craftercms.studio.api.v1.exception.security.AuthenticationException)
Collections(java.util.Collections)
Group(org.craftercms.studio.api.v2.dal.Group)
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
ArrayList(java.util.ArrayList)
SiteNotFoundException(org.craftercms.studio.api.v1.exception.SiteNotFoundException)
HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)
Example 23 with HasPermission
use of org.craftercms.commons.security.permissions.annotations.HasPermission in project studio by craftercms.
the class UserServiceImpl method updateUser.
@Override
@HasPermission(type = DefaultPermission.class, action = "update_users")
public void updateUser(User user) throws ServiceLayerException, UserNotFoundException, AuthenticationException {
userServiceInternal.updateUser(user);
SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_UPDATE);
auditLog.setSiteId(siteFeed.getId());
auditLog.setActorId(getCurrentUser().getUsername());
auditLog.setPrimaryTargetId(user.getUsername());
auditLog.setPrimaryTargetType(TARGET_TYPE_USER);
auditLog.setPrimaryTargetValue(user.getUsername());
auditServiceInternal.insertAuditLog(auditLog);
}
Also used :
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
AuditLog(org.craftercms.studio.api.v2.dal.AuditLog)
HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)
Example 24 with HasPermission
use of org.craftercms.commons.security.permissions.annotations.HasPermission in project studio by craftercms.
the class WebDavServiceImpl method list.
/**
* {@inheritDoc}
*/
@Override
@ValidateParams
@HasPermission(type = DefaultPermission.class, action = "webdav_read")
public List<WebDavItem> list(@ValidateStringParam(name = "siteId") @ProtectedResourceId("siteId") final String siteId, @ValidateStringParam(name = "profileId") final String profileId, @ValidateStringParam(name = "path") final String path, @ValidateStringParam(name = "type") final String type) throws WebDavException {
WebDavProfile profile = getProfile(siteId, profileId);
String listPath = StringUtils.appendIfMissing(profile.getBaseUrl(), "/");
MimeType filterType;
try {
Sardine sardine = createClient(profile);
if (StringUtils.isEmpty(type) || type.equals(FILTER_ALL_ITEMS)) {
filterType = MimeType.valueOf(ALL_VALUE);
} else {
filterType = new MimeType(type);
}
if (StringUtils.isNotEmpty(path)) {
String[] tokens = StringUtils.split(path, "/");
for (String token : tokens) {
if (StringUtils.isNotEmpty(token)) {
listPath += StringUtils.appendIfMissing(UriUtils.encode(token, charset.name()), "/");
}
}
}
if (!sardine.exists(listPath)) {
logger.debug("Folder {0} doesn't exist", listPath);
return Collections.emptyList();
}
logger.debug("Listing resources at {0}", listPath);
List<DavResource> resources = sardine.list(listPath, 1, true);
logger.debug("Found {0} resources at {0}", resources.size(), listPath);
return resources.stream().skip(// to avoid repeating the folder being listed
1).filter(r -> r.isDirectory() || filterType.includes(MimeType.valueOf(r.getContentType()))).map(r -> new WebDavItem(getName(r), getUrl(r, profileId, profile), r.isDirectory())).collect(Collectors.toList());
} catch (Exception e) {
throw new WebDavException("Error listing resources", e);
}
}
Also used :
Sardine(com.github.sardine.Sardine)
Logger(org.craftercms.studio.api.v1.log.Logger)
UrlUtils(org.craftercms.commons.lang.UrlUtils)
StringUtils(org.apache.commons.lang3.StringUtils)
DavResource(com.github.sardine.DavResource)
MimeType(org.springframework.util.MimeType)
WebDavException(org.craftercms.studio.api.v1.exception.WebDavException)
WebDavItem(org.craftercms.studio.api.v1.webdav.WebDavItem)
WebDavService(org.craftercms.studio.api.v2.service.webdav.WebDavService)
ALL_VALUE(org.springframework.util.MimeTypeUtils.ALL_VALUE)
Charset(java.nio.charset.Charset)
LoggerFactory(org.craftercms.studio.api.v1.log.LoggerFactory)
ValidateParams(org.craftercms.commons.validation.annotations.param.ValidateParams)
URI(java.net.URI)
HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)
WebDavProfile(org.craftercms.commons.config.profiles.webdav.WebDavProfile)
ProtectedResourceId(org.craftercms.commons.security.permissions.annotations.ProtectedResourceId)
SiteAwareConfigProfileLoader(org.craftercms.studio.impl.v1.util.config.profiles.SiteAwareConfigProfileLoader)
Collectors(java.util.stream.Collectors)
Sardine(com.github.sardine.Sardine)
ConfigurationException(org.craftercms.commons.config.ConfigurationException)
List(java.util.List)
WebDavUtils.createClient(org.craftercms.commons.file.stores.WebDavUtils.createClient)
UriUtils(org.springframework.web.util.UriUtils)
DefaultPermission(org.craftercms.commons.security.permissions.DefaultPermission)
ValidateStringParam(org.craftercms.commons.validation.annotations.param.ValidateStringParam)
Collections(java.util.Collections)
InputStream(java.io.InputStream)
WebDavItem(org.craftercms.studio.api.v1.webdav.WebDavItem)
DavResource(com.github.sardine.DavResource)
WebDavException(org.craftercms.studio.api.v1.exception.WebDavException)
MimeType(org.springframework.util.MimeType)
WebDavException(org.craftercms.studio.api.v1.exception.WebDavException)
ConfigurationException(org.craftercms.commons.config.ConfigurationException)
WebDavProfile(org.craftercms.commons.config.profiles.webdav.WebDavProfile)
HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)
ValidateParams(org.craftercms.commons.validation.annotations.param.ValidateParams)
Example 25 with HasPermission
use of org.craftercms.commons.security.permissions.annotations.HasPermission in project studio by craftercms.
the class WebDavServiceImpl method upload.
/**
* {@inheritDoc}
*/
@Override
@ValidateParams
@HasPermission(type = DefaultPermission.class, action = "webdav_write")
public WebDavItem upload(@ValidateStringParam(name = "siteId") @ProtectedResourceId("siteId") final String siteId, @ValidateStringParam(name = "profileId") final String profileId, @ValidateStringParam(name = "path") final String path, @ValidateStringParam(name = "filename") final String filename, final InputStream content) throws WebDavException {
WebDavProfile profile = getProfile(siteId, profileId);
String uploadUrl = StringUtils.appendIfMissing(profile.getBaseUrl(), "/");
try {
Sardine sardine = createClient(profile);
if (StringUtils.isNotEmpty(path)) {
String[] folders = StringUtils.split(path, "/");
for (String folder : folders) {
uploadUrl += StringUtils.appendIfMissing(folder, "/");
logger.debug("Checking folder {0}", uploadUrl);
if (!sardine.exists(uploadUrl)) {
logger.debug("Creating folder {0}", uploadUrl);
sardine.createDirectory(uploadUrl);
logger.debug("Folder {0} created", uploadUrl);
} else {
logger.debug("Folder {0} already exists", uploadUrl);
}
}
}
uploadUrl = StringUtils.appendIfMissing(uploadUrl, "/");
String fileUrl = uploadUrl + UriUtils.encode(filename, charset.name());
logger.debug("Starting upload of file {0}", filename);
logger.debug("Uploading file to {0}", fileUrl);
sardine.put(fileUrl, content);
logger.debug("Upload complete for file {0}", fileUrl);
return new WebDavItem(filename, getRemoteAssetUrl(profileId, path, filename), false);
} catch (Exception e) {
throw new WebDavException("Error uploading file", e);
}
}
Also used :
Sardine(com.github.sardine.Sardine)
WebDavItem(org.craftercms.studio.api.v1.webdav.WebDavItem)
WebDavException(org.craftercms.studio.api.v1.exception.WebDavException)
WebDavException(org.craftercms.studio.api.v1.exception.WebDavException)
ConfigurationException(org.craftercms.commons.config.ConfigurationException)
WebDavProfile(org.craftercms.commons.config.profiles.webdav.WebDavProfile)
HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)
ValidateParams(org.craftercms.commons.validation.annotations.param.ValidateParams)
Aggregations
HasPermission (org.craftercms.commons.security.permissions.annotations.HasPermission)25
ArrayList (java.util.ArrayList)13
SiteFeed (org.craftercms.studio.api.v1.dal.SiteFeed)11
AuditLog (org.craftercms.studio.api.v2.dal.AuditLog)11
AuditLogParameter (org.craftercms.studio.api.v2.dal.AuditLogParameter)8
Group (org.craftercms.studio.api.v2.dal.Group)8
User (org.craftercms.studio.api.v2.dal.User)6
AuthenticatedUser (org.craftercms.studio.model.AuthenticatedUser)6
ServiceLayerException (org.craftercms.studio.api.v1.exception.ServiceLayerException)5
List (java.util.List)4
StringTokenizer (java.util.StringTokenizer)4
CmisObject (org.apache.chemistry.opencmis.client.api.CmisObject)4
Document (org.apache.chemistry.opencmis.client.api.Document)4
Session (org.apache.chemistry.opencmis.client.api.Session)4
AmazonS3 (com.amazonaws.services.s3.AmazonS3)3
StringUtils (org.apache.commons.lang3.StringUtils)3
DataSourceRepository (org.craftercms.studio.api.v2.dal.DataSourceRepository)3
Sardine (com.github.sardine.Sardine)2
InputStream (java.io.InputStream)2
Collections (java.util.Collections)2
