Example 1 with AuthenticationException
use of org.craftercms.studio.api.v1.exception.security.AuthenticationException in project studio by craftercms.
the class UserServiceImpl method deleteUsers.
@Override
@HasPermission(type = DefaultPermission.class, action = "delete_users")
public void deleteUsers(List<Long> userIds, List<String> usernames) throws ServiceLayerException, AuthenticationException, UserNotFoundException {
User currentUser = getCurrentUser();
if (CollectionUtils.containsAny(userIds, Arrays.asList(currentUser.getId())) || CollectionUtils.containsAny(usernames, Arrays.asList(currentUser.getUsername()))) {
throw new ServiceLayerException("Cannot delete self.");
}
generalLockService.lock(REMOVE_SYSTEM_ADMIN_MEMBER_LOCK);
try {
try {
Group g = groupServiceInternal.getGroupByName(SYSTEM_ADMIN_GROUP);
List<User> members = groupServiceInternal.getGroupMembers(g.getId(), 0, Integer.MAX_VALUE, StringUtils.EMPTY);
if (CollectionUtils.isNotEmpty(members)) {
List<User> membersAfterRemove = new ArrayList<User>();
membersAfterRemove.addAll(members);
members.forEach(m -> {
if (CollectionUtils.isNotEmpty(userIds)) {
if (userIds.contains(m.getId())) {
membersAfterRemove.remove(m);
}
}
if (CollectionUtils.isNotEmpty(usernames)) {
if (usernames.contains(m.getUsername())) {
membersAfterRemove.remove(m);
}
}
});
if (CollectionUtils.isEmpty(membersAfterRemove)) {
throw new ServiceLayerException("Removing all members of the System Admin group is not allowed." + " We must have at least one system administrator.");
}
}
} catch (GroupNotFoundException e) {
throw new ServiceLayerException("The System Admin group is not found.", e);
}
List<User> toDelete = userServiceInternal.getUsersByIdOrUsername(userIds, usernames);
userServiceInternal.deleteUsers(userIds, usernames);
SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_DELETE);
auditLog.setActorId(getCurrentUser().getUsername());
auditLog.setPrimaryTargetId(siteFeed.getSiteId());
auditLog.setPrimaryTargetType(TARGET_TYPE_USER);
auditLog.setPrimaryTargetValue(siteFeed.getName());
List<AuditLogParameter> paramters = new ArrayList<AuditLogParameter>();
for (User deletedUser : toDelete) {
AuditLogParameter paramter = new AuditLogParameter();
paramter.setTargetId(Long.toString(deletedUser.getId()));
paramter.setTargetType(TARGET_TYPE_USER);
paramter.setTargetValue(deletedUser.getUsername());
paramters.add(paramter);
}
auditLog.setParameters(paramters);
auditServiceInternal.insertAuditLog(auditLog);
} finally {
generalLockService.unlock(REMOVE_SYSTEM_ADMIN_MEMBER_LOCK);
}
}
Also used :
Group(org.craftercms.studio.api.v2.dal.Group)
User(org.craftercms.studio.api.v2.dal.User)
AuthenticatedUser(org.craftercms.studio.model.AuthenticatedUser)
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
ArrayList(java.util.ArrayList)
ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException)
GroupNotFoundException(org.craftercms.studio.api.v1.exception.security.GroupNotFoundException)
AuditLogParameter(org.craftercms.studio.api.v2.dal.AuditLogParameter)
AuditLog(org.craftercms.studio.api.v2.dal.AuditLog)
HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)
Example 2 with AuthenticationException
use of org.craftercms.studio.api.v1.exception.security.AuthenticationException in project studio by craftercms.
the class UserServiceImpl method createUser.
@Override
@HasPermission(type = DefaultPermission.class, action = "create_users")
public User createUser(User user) throws UserAlreadyExistsException, ServiceLayerException, AuthenticationException {
try {
entitlementValidator.validateEntitlement(EntitlementType.USER, 1);
} catch (EntitlementException e) {
throw new ServiceLayerException("Unable to complete request due to entitlement limits. Please contact " + "your system administrator.", e);
}
User toRet = userServiceInternal.createUser(user);
SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_CREATE);
auditLog.setSiteId(siteFeed.getId());
auditLog.setActorId(getCurrentUser().getUsername());
auditLog.setPrimaryTargetId(user.getUsername());
auditLog.setPrimaryTargetType(TARGET_TYPE_USER);
auditLog.setPrimaryTargetValue(user.getUsername());
auditServiceInternal.insertAuditLog(auditLog);
return toRet;
}
Also used :
EntitlementException(org.craftercms.commons.entitlements.exception.EntitlementException)
User(org.craftercms.studio.api.v2.dal.User)
AuthenticatedUser(org.craftercms.studio.model.AuthenticatedUser)
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException)
AuditLog(org.craftercms.studio.api.v2.dal.AuditLog)
HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)
Example 3 with AuthenticationException
use of org.craftercms.studio.api.v1.exception.security.AuthenticationException in project studio by craftercms.
the class GroupServiceImpl method updateGroup.
@Override
@HasPermission(type = DefaultPermission.class, action = "update_groups")
public Group updateGroup(long orgId, Group group) throws ServiceLayerException, GroupNotFoundException, AuthenticationException {
Group toRet = groupServiceInternal.updateGroup(orgId, group);
SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_UPDATE);
auditLog.setSiteId(siteFeed.getId());
auditLog.setActorId(userService.getCurrentUser().getUsername());
auditLog.setPrimaryTargetId(group.getGroupName());
auditLog.setPrimaryTargetType(TARGET_TYPE_GROUP);
auditLog.setPrimaryTargetValue(group.getGroupName());
auditServiceInternal.insertAuditLog(auditLog);
return toRet;
}
Also used :
Group(org.craftercms.studio.api.v2.dal.Group)
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
AuditLog(org.craftercms.studio.api.v2.dal.AuditLog)
HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)
Example 4 with AuthenticationException
use of org.craftercms.studio.api.v1.exception.security.AuthenticationException in project studio by craftercms.
the class GroupServiceImpl method removeGroupMembers.
@Override
@HasPermission(type = DefaultPermission.class, action = "update_groups")
public void removeGroupMembers(long groupId, List<Long> userIds, List<String> usernames) throws ServiceLayerException, UserNotFoundException, GroupNotFoundException, AuthenticationException {
Group group = getGroup(groupId);
generalLockService.lock(REMOVE_SYSTEM_ADMIN_MEMBER_LOCK);
try {
if (group.getGroupName().equals(SYSTEM_ADMIN_GROUP)) {
List<User> members = getGroupMembers(groupId, 0, Integer.MAX_VALUE, StringUtils.EMPTY);
if (CollectionUtils.isNotEmpty(members)) {
List<User> membersAfterRemove = new ArrayList<User>();
membersAfterRemove.addAll(members);
members.forEach(m -> {
if (CollectionUtils.isNotEmpty(userIds)) {
if (userIds.contains(m.getId())) {
membersAfterRemove.remove(m);
}
}
if (CollectionUtils.isNotEmpty(usernames)) {
if (usernames.contains(m.getUsername())) {
membersAfterRemove.remove(m);
}
}
});
if (CollectionUtils.isEmpty(membersAfterRemove)) {
throw new ServiceLayerException("Removing all members of the System Admin group is not allowed." + " We must have at least one system administrator.");
}
}
}
List<User> users = userServiceInternal.getUsersByIdOrUsername(userIds, usernames);
groupServiceInternal.removeGroupMembers(groupId, userIds, usernames);
SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_REMOVE_MEMBERS);
auditLog.setActorId(userService.getCurrentUser().getUsername());
auditLog.setSiteId(siteFeed.getId());
auditLog.setPrimaryTargetId(Long.toString(group.getId()));
auditLog.setPrimaryTargetType(TARGET_TYPE_USER);
auditLog.setPrimaryTargetValue(group.getGroupName());
List<AuditLogParameter> paramters = new ArrayList<AuditLogParameter>();
for (User user : users) {
AuditLogParameter paramter = new AuditLogParameter();
paramter.setTargetId(Long.toString(user.getId()));
paramter.setTargetType(TARGET_TYPE_USER);
paramter.setTargetValue(user.getUsername());
paramters.add(paramter);
}
auditLog.setParameters(paramters);
auditServiceInternal.insertAuditLog(auditLog);
} finally {
generalLockService.unlock(REMOVE_SYSTEM_ADMIN_MEMBER_LOCK);
}
}
Also used :
Group(org.craftercms.studio.api.v2.dal.Group)
User(org.craftercms.studio.api.v2.dal.User)
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
ArrayList(java.util.ArrayList)
ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException)
AuditLogParameter(org.craftercms.studio.api.v2.dal.AuditLogParameter)
AuditLog(org.craftercms.studio.api.v2.dal.AuditLog)
HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)
Example 5 with AuthenticationException
use of org.craftercms.studio.api.v1.exception.security.AuthenticationException in project studio by craftercms.
the class DeploymentServiceImpl method enablePublishing.
@Override
@ValidateParams
public boolean enablePublishing(@ValidateStringParam(name = "site") String site, boolean enabled) throws SiteNotFoundException, AuthenticationException {
if (!siteService.exists(site)) {
throw new SiteNotFoundException();
}
if (!securityService.isSiteAdmin(securityService.getCurrentUser(), site)) {
throw new AuthenticationException();
}
boolean toRet = siteService.enablePublishing(site, enabled);
String message;
String status;
if (enabled) {
logger.info("Publishing started for site {0}", site);
if (publishingManager.isPublishingQueueEmpty(site)) {
message = studioConfiguration.getProperty(JOB_DEPLOY_CONTENT_TO_ENVIRONMENT_STATUS_MESSAGE_DEFAULT);
status = READY;
} else {
message = studioConfiguration.getProperty(JOB_DEPLOY_CONTENT_TO_ENVIRONMENT_STATUS_MESSAGE_QUEUED);
status = QUEUED;
}
} else {
logger.info("Publishing stopped for site {0}", site);
message = studioConfiguration.getProperty(JOB_DEPLOY_CONTENT_TO_ENVIRONMENT_STATUS_MESSAGE_STOPPED);
message = message.replace("{username}", securityService.getCurrentUser()).replace("{datetime}", ZonedDateTime.now(ZoneOffset.UTC).format(DateTimeFormatter.ofPattern(DATE_PATTERN_WORKFLOW_WITH_TZ)));
status = STOPPED;
}
siteService.updatePublishingStatusMessage(site, status, message);
SiteFeed siteFeed = siteService.getSite(site);
AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setSiteId(siteFeed.getId());
if (enabled) {
auditLog.setOperation(OPERATION_START_PUBLISHER);
} else {
auditLog.setOperation(OPERATION_STOP_PUBLISHER);
}
auditLog.setActorId(securityService.getCurrentUser());
auditLog.setPrimaryTargetId(siteFeed.getSiteId());
auditLog.setPrimaryTargetType(TARGET_TYPE_SITE);
auditLog.setPrimaryTargetValue(siteFeed.getName());
auditServiceInternal.insertAuditLog(auditLog);
return toRet;
}
Also used :
AuthenticationException(org.craftercms.studio.api.v1.exception.security.AuthenticationException)
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
SiteNotFoundException(org.craftercms.studio.api.v1.exception.SiteNotFoundException)
AuditLog(org.craftercms.studio.api.v2.dal.AuditLog)
ValidateParams(org.craftercms.commons.validation.annotations.param.ValidateParams)
Aggregations
SiteFeed (org.craftercms.studio.api.v1.dal.SiteFeed)13
AuditLog (org.craftercms.studio.api.v2.dal.AuditLog)13
HasPermission (org.craftercms.commons.security.permissions.annotations.HasPermission)9
Group (org.craftercms.studio.api.v2.dal.Group)7
User (org.craftercms.studio.api.v2.dal.User)7
ArrayList (java.util.ArrayList)6
ServiceLayerException (org.craftercms.studio.api.v1.exception.ServiceLayerException)6
AuditLogParameter (org.craftercms.studio.api.v2.dal.AuditLogParameter)5
AuthenticatedUser (org.craftercms.studio.model.AuthenticatedUser)4
SiteNotFoundException (org.craftercms.studio.api.v1.exception.SiteNotFoundException)3
AuthenticationException (org.craftercms.studio.api.v1.exception.security.AuthenticationException)2
GroupNotFoundException (org.craftercms.studio.api.v1.exception.security.GroupNotFoundException)2
UserNotFoundException (org.craftercms.studio.api.v1.exception.security.UserNotFoundException)2
HashMap (java.util.HashMap)1
List (java.util.List)1
Map (java.util.Map)1
UUID (java.util.UUID)1
Matcher (java.util.regex.Matcher)1
Pattern (java.util.regex.Pattern)1
NamingEnumeration (javax.naming.NamingEnumeration)1
