Search in sources :

Example 36 with AuditLog

use of org.craftercms.studio.api.v2.dal.AuditLog in project studio by craftercms.

the class GroupServiceImpl method addGroupMembers.

@Override
@HasPermission(type = DefaultPermission.class, action = "update_groups")
public List<User> addGroupMembers(long groupId, List<Long> userIds, List<String> usernames) throws ServiceLayerException, UserNotFoundException, GroupNotFoundException, AuthenticationException {
    List<User> users = groupServiceInternal.addGroupMembers(groupId, userIds, usernames);
    Group group = groupServiceInternal.getGroup(groupId);
    SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
    AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
    List<AuditLogParameter> parameters = new ArrayList<AuditLogParameter>();
    for (User user : users) {
        AuditLogParameter parameter = new AuditLogParameter();
        parameter.setTargetId(Long.toString(user.getId()));
        parameter.setTargetType(TARGET_TYPE_USER);
        parameter.setTargetValue(user.getUsername());
        parameters.add(parameter);
    }
    auditLog.setParameters(parameters);
    auditLog.setOperation(OPERATION_ADD_MEMBERS);
    auditLog.setSiteId(siteFeed.getId());
    auditLog.setActorId(userService.getCurrentUser().getUsername());
    auditLog.setPrimaryTargetId(Long.toString(groupId));
    auditLog.setPrimaryTargetType(TARGET_TYPE_GROUP);
    auditLog.setPrimaryTargetValue(group.getGroupName());
    auditServiceInternal.insertAuditLog(auditLog);
    return users;
}
Also used : Group(org.craftercms.studio.api.v2.dal.Group) User(org.craftercms.studio.api.v2.dal.User) SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed) ArrayList(java.util.ArrayList) AuditLogParameter(org.craftercms.studio.api.v2.dal.AuditLogParameter) AuditLog(org.craftercms.studio.api.v2.dal.AuditLog) HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)

Example 37 with AuditLog

use of org.craftercms.studio.api.v2.dal.AuditLog in project studio by craftercms.

the class GroupServiceImpl method deleteGroup.

@Override
@HasPermission(type = DefaultPermission.class, action = "delete_groups")
public void deleteGroup(List<Long> groupIds) throws ServiceLayerException, GroupNotFoundException, AuthenticationException {
    Group sysAdminGroup;
    try {
        sysAdminGroup = groupServiceInternal.getGroupByName(SYSTEM_ADMIN_GROUP);
    } catch (GroupNotFoundException e) {
        throw new ServiceLayerException("The System Admin group is not found", e);
    }
    if (CollectionUtils.isNotEmpty(groupIds)) {
        if (groupIds.contains(sysAdminGroup.getId())) {
            throw new ServiceLayerException("Deleting the System Admin group is not allowed.");
        }
    }
    List<Group> groups = groupServiceInternal.getGroups(groupIds);
    groupServiceInternal.deleteGroup(groupIds);
    SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
    AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
    auditLog.setOperation(OPERATION_DELETE);
    auditLog.setActorId(userService.getCurrentUser().getUsername());
    auditLog.setSiteId(siteFeed.getId());
    auditLog.setPrimaryTargetId(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
    auditLog.setPrimaryTargetType(TARGET_TYPE_GROUP);
    auditLog.setPrimaryTargetValue(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
    List<AuditLogParameter> paramters = new ArrayList<AuditLogParameter>();
    for (Group g : groups) {
        AuditLogParameter paramter = new AuditLogParameter();
        paramter.setTargetId(Long.toString(g.getId()));
        paramter.setTargetType(TARGET_TYPE_GROUP);
        paramter.setTargetValue(g.getGroupName());
        paramters.add(paramter);
    }
    auditLog.setParameters(paramters);
    auditServiceInternal.insertAuditLog(auditLog);
}
Also used : Group(org.craftercms.studio.api.v2.dal.Group) SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed) ArrayList(java.util.ArrayList) ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException) GroupNotFoundException(org.craftercms.studio.api.v1.exception.security.GroupNotFoundException) AuditLogParameter(org.craftercms.studio.api.v2.dal.AuditLogParameter) AuditLog(org.craftercms.studio.api.v2.dal.AuditLog) HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)

Example 38 with AuditLog

use of org.craftercms.studio.api.v2.dal.AuditLog in project studio by craftercms.

the class GroupServiceImpl method createGroup.

@Override
@HasPermission(type = DefaultPermission.class, action = "create_groups")
public Group createGroup(long orgId, String groupName, String groupDescription) throws GroupAlreadyExistsException, ServiceLayerException, AuthenticationException {
    Group toRet = groupServiceInternal.createGroup(orgId, groupName, groupDescription);
    SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
    AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
    auditLog.setOperation(OPERATION_CREATE);
    auditLog.setSiteId(siteFeed.getId());
    auditLog.setActorId(userService.getCurrentUser().getUsername());
    auditLog.setPrimaryTargetId(groupName);
    auditLog.setPrimaryTargetType(TARGET_TYPE_GROUP);
    auditLog.setPrimaryTargetValue(groupName);
    auditServiceInternal.insertAuditLog(auditLog);
    return toRet;
}
Also used : Group(org.craftercms.studio.api.v2.dal.Group) SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed) AuditLog(org.craftercms.studio.api.v2.dal.AuditLog) HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)

Example 39 with AuditLog

use of org.craftercms.studio.api.v2.dal.AuditLog in project studio by craftercms.

the class HeadersAuthenticationProvider method doAuthenticate.

@Override
public boolean doAuthenticate(HttpServletRequest request, HttpServletResponse response, AuthenticationChain authenticationChain, String username, String password) throws AuthenticationSystemException, UserNotFoundException {
    if (isEnabled()) {
        logger.debug("Authenticating user using authentication headers.");
        RequestContext requestContext = RequestContext.getCurrent();
        if (requestContext != null) {
            String securekeyHeader = request.getHeader(secureKeyHeader);
            logger.debug("Verifying authentication header secure key.");
            if (StringUtils.equals(securekeyHeader, secureKeyHeaderValue)) {
                String usernameHeaderValue = request.getHeader(usernameHeader);
                String firstName = request.getHeader(firstNameHeader);
                String lastName = request.getHeader(lastNameHeader);
                String email = request.getHeader(emailHeader);
                String groups = request.getHeader(groupsHeader);
                try {
                    UserServiceInternal userServiceInternal = authenticationChain.getUserServiceInternal();
                    AuditServiceInternal auditServiceInternal = authenticationChain.getAuditServiceInternal();
                    StudioConfiguration studioConfiguration = authenticationChain.getStudioConfiguration();
                    SiteService siteService = authenticationChain.getSiteService();
                    SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
                    if (userServiceInternal.userExists(-1, usernameHeaderValue)) {
                        User user = userServiceInternal.getUserByIdOrUsername(-1, usernameHeaderValue);
                        user.setFirstName(firstName);
                        user.setLastName(lastName);
                        user.setEmail(email);
                        if (StringUtils.isNoneEmpty(firstName, lastName, email)) {
                            logger.debug("If user already exists in studio DB, update details.");
                            try {
                                userServiceInternal.updateUser(user);
                                AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
                                auditLog.setOperation(OPERATION_UPDATE);
                                auditLog.setActorId(usernameHeaderValue);
                                auditLog.setSiteId(siteFeed.getId());
                                auditLog.setPrimaryTargetId(usernameHeaderValue);
                                auditLog.setPrimaryTargetType(TARGET_TYPE_USER);
                                auditLog.setPrimaryTargetValue(user.getUsername());
                                auditServiceInternal.insertAuditLog(auditLog);
                            } catch (Exception e) {
                                logger.debug("Error updating user " + usernameHeaderValue + " with data from authentication headers", e);
                                throw new AuthenticationSystemException("Error updating user " + usernameHeaderValue + " with data from " + "external authentication provider", e);
                            }
                        }
                    } else {
                        logger.debug("User does not exist in studio db. Adding user " + usernameHeader);
                        try {
                            User user = new User();
                            user.setUsername(usernameHeaderValue);
                            user.setPassword(UUID.randomUUID().toString());
                            user.setFirstName(firstName);
                            user.setLastName(lastName);
                            user.setEmail(email);
                            user.setExternallyManaged(true);
                            user.setEnabled(true);
                            userServiceInternal.createUser(user);
                            AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
                            auditLog.setOperation(OPERATION_CREATE);
                            auditLog.setSiteId(siteFeed.getId());
                            auditLog.setActorId(usernameHeaderValue);
                            auditLog.setPrimaryTargetId(usernameHeaderValue);
                            auditLog.setPrimaryTargetType(TARGET_TYPE_USER);
                            auditLog.setPrimaryTargetValue(user.getUsername());
                            auditServiceInternal.insertAuditLog(auditLog);
                        } catch (UserAlreadyExistsException | ServiceLayerException e) {
                            logger.debug("Error adding user " + usernameHeaderValue + " from authentication " + "headers", e);
                            throw new AuthenticationSystemException("Error adding user " + usernameHeaderValue + " from external " + "authentication provider", e);
                        }
                    }
                } catch (ServiceLayerException e) {
                    logger.debug("Unknown service error", e);
                    throw new AuthenticationSystemException("Unknown service error", e);
                }
                User user = new User();
                user.setUsername(usernameHeaderValue);
                user.setFirstName(firstName);
                user.setLastName(lastName);
                user.setEmail(email);
                user.setGroups(new ArrayList<UserGroup>());
                logger.debug("Update user groups in database.");
                if (StringUtils.isNoneEmpty(groups)) {
                    String[] groupsArray = groups.split(",");
                    for (int i = 0; i < groupsArray.length; i++) {
                        Group g = new Group();
                        try {
                            g.setGroupName(StringUtils.trim(groupsArray[i]));
                            g.setGroupDescription("Externally managed group");
                            g.setOrganization(null);
                            UserGroup ug = new UserGroup();
                            ug.setGroup(g);
                            user.getGroups().add(ug);
                            upsertUserGroup(g.getGroupName(), usernameHeaderValue, authenticationChain);
                        } catch (Exception e) {
                            logger.debug("Error updating user group " + g.getGroupName() + " with data from authentication headers", e);
                        }
                    }
                }
                String token = createToken(user, authenticationChain);
                if (isLogoutEnabled()) {
                    storeAuthentication(new Authentication(usernameHeaderValue, token, AuthenticationType.AUTH_HEADERS, logoutUrl));
                } else {
                    storeAuthentication(new Authentication(usernameHeaderValue, token, AuthenticationType.AUTH_HEADERS));
                }
                return true;
            }
        }
        logger.debug("Unable to authenticate user using authentication headers");
        return false;
    } else {
        logger.debug("Authentication using headers disabled");
        return false;
    }
}
Also used : UserGroup(org.craftercms.studio.api.v2.dal.UserGroup) Group(org.craftercms.studio.api.v2.dal.Group) User(org.craftercms.studio.api.v2.dal.User) UserServiceInternal(org.craftercms.studio.api.v2.service.security.internal.UserServiceInternal) AuthenticationSystemException(org.craftercms.studio.api.v1.exception.security.AuthenticationSystemException) ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException) UserAlreadyExistsException(org.craftercms.studio.api.v1.exception.security.UserAlreadyExistsException) AuditLog(org.craftercms.studio.api.v2.dal.AuditLog) UserAlreadyExistsException(org.craftercms.studio.api.v1.exception.security.UserAlreadyExistsException) UserNotFoundException(org.craftercms.studio.api.v1.exception.security.UserNotFoundException) AuthenticationSystemException(org.craftercms.studio.api.v1.exception.security.AuthenticationSystemException) SiteNotFoundException(org.craftercms.studio.api.v1.exception.SiteNotFoundException) ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException) UserGroup(org.craftercms.studio.api.v2.dal.UserGroup) StudioConfiguration(org.craftercms.studio.api.v2.utils.StudioConfiguration) AuditServiceInternal(org.craftercms.studio.api.v2.service.audit.internal.AuditServiceInternal) SiteService(org.craftercms.studio.api.v1.service.site.SiteService) SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed) RequestContext(org.craftercms.commons.http.RequestContext)

Example 40 with AuditLog

use of org.craftercms.studio.api.v2.dal.AuditLog in project studio by craftercms.

the class HeadersAuthenticationProvider method upsertUserGroup.

protected boolean upsertUserGroup(String groupName, String username, AuthenticationChain authenticationChain) throws SiteNotFoundException {
    GroupDAO groupDao = authenticationChain.getGroupDao();
    UserDAO userDao = authenticationChain.getUserDao();
    AuditServiceInternal auditServiceInternal = authenticationChain.getAuditServiceInternal();
    SiteService siteService = authenticationChain.getSiteService();
    StudioConfiguration studioConfiguration = authenticationChain.getStudioConfiguration();
    SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
    try {
        Map<String, Object> params = new HashMap<>();
        params.put(ORG_ID, DEFAULT_ORGANIZATION_ID);
        params.put(GROUP_NAME, groupName);
        params.put(GROUP_DESCRIPTION, "Externally managed group - " + groupName);
        groupDao.createGroup(params);
    } catch (Exception e) {
        logger.debug("Error creating group", e);
    }
    Map<String, Object> params = new HashMap<String, Object>();
    params.put(GROUP_NAME, groupName);
    Group group = groupDao.getGroupByName(params);
    if (group != null) {
        List<String> usernames = new ArrayList<String>();
        params = new HashMap<>();
        params.put(USER_ID, -1);
        params.put(USERNAME, username);
        User user = userDao.getUserByIdOrUsername(params);
        List<Long> users = new ArrayList<Long>();
        users.add(user.getId());
        params = new HashMap<>();
        params.put(USER_IDS, users);
        params.put(GROUP_ID, group.getId());
        try {
            groupDao.addGroupMembers(params);
            AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
            auditLog.setOperation(OPERATION_ADD_MEMBERS);
            auditLog.setSiteId(siteFeed.getId());
            auditLog.setActorId(username);
            auditLog.setPrimaryTargetId(group.getGroupName() + ":" + user.getUsername());
            auditLog.setPrimaryTargetType(TARGET_TYPE_USER);
            auditLog.setPrimaryTargetValue(user.getUsername());
            auditServiceInternal.insertAuditLog(auditLog);
        } catch (Exception e) {
            logger.debug("Unknown database error", e);
        }
    }
    return true;
}
Also used : UserGroup(org.craftercms.studio.api.v2.dal.UserGroup) Group(org.craftercms.studio.api.v2.dal.Group) User(org.craftercms.studio.api.v2.dal.User) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) UserAlreadyExistsException(org.craftercms.studio.api.v1.exception.security.UserAlreadyExistsException) UserNotFoundException(org.craftercms.studio.api.v1.exception.security.UserNotFoundException) AuthenticationSystemException(org.craftercms.studio.api.v1.exception.security.AuthenticationSystemException) SiteNotFoundException(org.craftercms.studio.api.v1.exception.SiteNotFoundException) ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException) AuditLog(org.craftercms.studio.api.v2.dal.AuditLog) StudioConfiguration(org.craftercms.studio.api.v2.utils.StudioConfiguration) AuditServiceInternal(org.craftercms.studio.api.v2.service.audit.internal.AuditServiceInternal) UserDAO(org.craftercms.studio.api.v2.dal.UserDAO) SiteService(org.craftercms.studio.api.v1.service.site.SiteService) SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed) GroupDAO(org.craftercms.studio.api.v2.dal.GroupDAO)

Aggregations

AuditLog (org.craftercms.studio.api.v2.dal.AuditLog)44 SiteFeed (org.craftercms.studio.api.v1.dal.SiteFeed)38 ArrayList (java.util.ArrayList)16 ServiceLayerException (org.craftercms.studio.api.v1.exception.ServiceLayerException)11 AuditLogParameter (org.craftercms.studio.api.v2.dal.AuditLogParameter)11 HasPermission (org.craftercms.commons.security.permissions.annotations.HasPermission)10 Group (org.craftercms.studio.api.v2.dal.Group)10 User (org.craftercms.studio.api.v2.dal.User)9 HashMap (java.util.HashMap)7 SiteNotFoundException (org.craftercms.studio.api.v1.exception.SiteNotFoundException)6 ValidateParams (org.craftercms.commons.validation.annotations.param.ValidateParams)5 AuthenticationSystemException (org.craftercms.studio.api.v1.exception.security.AuthenticationSystemException)5 UserAlreadyExistsException (org.craftercms.studio.api.v1.exception.security.UserAlreadyExistsException)4 UserNotFoundException (org.craftercms.studio.api.v1.exception.security.UserNotFoundException)4 SiteService (org.craftercms.studio.api.v1.service.site.SiteService)4 UserGroup (org.craftercms.studio.api.v2.dal.UserGroup)4 AuditServiceInternal (org.craftercms.studio.api.v2.service.audit.internal.AuditServiceInternal)4 StudioConfiguration (org.craftercms.studio.api.v2.utils.StudioConfiguration)4 SimpleDateFormat (java.text.SimpleDateFormat)3 GroupDAO (org.craftercms.studio.api.v2.dal.GroupDAO)3