Examples with InvalidUserException org.eclipse.vorto.repository.services.exceptions.InvalidUserException used on opensource projects

Example 1 with InvalidUserException

use of org.eclipse.vorto.repository.services.exceptions.InvalidUserException in project vorto by eclipse.

the class AccountController method createTechnicalUser.

/**
 * This endpoint is added for suite integration. <br/>
 * It allows any authenticated user to create a technical user <b>if</b> that user does not exist
 * already, without the need to immediately associate that user to an existing namespace owned
 * by the requestor. <br/>
 * This is currently used by the "request access to namespace" form in its standalone version,
 * when the form is also parametrized with at least a {@code userId} whose value is the name of
 * the technical user to create (or not). <br/>
 * Returns HTTP {@literal 200} if the technical user already exists, {@literal 201} if created
 * successfully or {@literal 400} if the user cannot be created due to bad parameter values.<br/>
 * Parameter sanitization is mostly done through Spring security, and at service level.<br/>
 * Note that in the current implementation, the parametrized standalone form will first ask the
 * back-end whether the given technical use exists anyway. <br/>
 * While doubling the amount of networking, this is conductive to a workflow where the end user
 * opening the parametrized form has to click a button explicitly when creating the technical
 * user, instead of the form doing so automatically when loading parametrized. <br/>
 * In other words, the duplicate networking call (first ask if user exists, then if not allow
 * creating it) restricts possible automated abuse of technical user creation, by means of
 * a forced UI interaction.
 *
 * @param technicalUser
 * @return
 * @see AccountController#getUser(String)
 */
@PostMapping(consumes = "application/json", value = "/rest/accounts/createTechnicalUser")
@PreAuthorize("isAuthenticated()")
public ResponseEntity<OperationResult> createTechnicalUser(@RequestBody @ApiParam(value = "The technical user to be created", required = true) final UserDto technicalUser) {
    // user exists - do nothing and return false / 200
    User existingUser = accountService.getUser(technicalUser.getUsername());
    if (existingUser != null) {
        return new ResponseEntity<>(OperationResult.success("User already exists"), HttpStatus.OK);
    }
    // user does not exist
    // getting calling user
    User actor = accountService.getUser(UserContext.user(SecurityContextHolder.getContext().getAuthentication()).getUsername());
    try {
        // adding date fields
        technicalUser.setDateCreated(Timestamp.from(Instant.now()));
        technicalUser.setLastUpdated(Timestamp.from(Instant.now()));
        // UI will inform end-user that by creating the technical user, the terms and conditions are
        // considered to be approved
        userService.createOrUpdateTechnicalUser(actor, technicalUser.toUser());
        return new ResponseEntity<>(OperationResult.success(), HttpStatus.CREATED);
    } catch (InvalidUserException iue) {
        LOGGER.warn("Invalid technical user creation request.", iue);
        return new ResponseEntity<>(OperationResult.failure(iue.getMessage()), HttpStatus.BAD_REQUEST);
    }
}

Example 2 with InvalidUserException

use of org.eclipse.vorto.repository.services.exceptions.InvalidUserException in project vorto by eclipse.

the class RepositoryInitializer method createAdminUser.

private void createAdminUser(String username, long id) {
    if (userRepository.findByUsername(username) == null) {
        logger.info("Creating admin user: {}", username);
        User user = null;
        try {
            user = new UserBuilder().withName(username).build();
        } catch (InvalidUserException iue) {
            logger.warn("Unable to create admin user - skipping.");
            return;
        }
        // TODO : set to be configurable from configuration file
        user.setEmailAddress("vorto-dev@bosch-si.com");
        user.setAuthenticationProviderId("GITHUB");
        user.setTechnicalUser(false);
        userRepository.save(user);
    }
    User user = userRepository.findByUsername(username);
    UserRepositoryRoles roles = userRepositoryRoleRepository.findByUser(user.getId()).orElse(new UserRepositoryRoles());
    if (roles.getUser() == null) {
        roles.setUser(user);
    }
    if (roles.getId() == null) {
        roles.setId(id);
    }
    roles.setRoles(RepositoryRole.SYS_ADMIN.getRole());
    userRepositoryRoleRepository.save(roles);
}

Example 3 with InvalidUserException

use of org.eclipse.vorto.repository.services.exceptions.InvalidUserException in project vorto by eclipse.

the class NamespaceController method createTechnicalUserForNamespace.

/**
 * Creates a technical user with the given {@link Collaborator} and associates them to the given
 * namespace, with the desired roles held by the collaborator.
 *
 * @param namespace
 * @param collaborator
 * @return
 */
@RequestMapping(method = RequestMethod.POST, value = "/{namespace:.+}/users")
@PreAuthorize("isAuthenticated()")
public ResponseEntity<Boolean> createTechnicalUserForNamespace(@ApiParam(value = "namespace", required = true) @PathVariable String namespace, @RequestBody @ApiParam(value = "The user to be associated with the namespace", required = true) final Collaborator collaborator) {
    try {
        IUserContext userContext = UserContext.user(SecurityContextHolder.getContext().getAuthentication());
        User user = EntityDTOConverter.createUser(userUtil, collaborator);
        userNamespaceRoleService.createTechnicalUserAndAddAsCollaborator(userContext.getUsername(), user, namespace, collaborator.getRoles());
        return new ResponseEntity<>(true, HttpStatus.CREATED);
    } catch (InvalidUserException ie) {
        return new ResponseEntity<>(false, HttpStatus.BAD_REQUEST);
    } catch (OperationForbiddenException ofe) {
        return new ResponseEntity<>(false, HttpStatus.FORBIDDEN);
    } catch (DoesNotExistException d) {
        return new ResponseEntity<>(false, HttpStatus.NOT_FOUND);
    }
}

Example 4 with InvalidUserException

use of org.eclipse.vorto.repository.services.exceptions.InvalidUserException in project vorto by eclipse.

the class NamespaceController method addOrUpdateCollaboratorForNamespace.

/**
 * Sets the roles of the given user on the given namespace.
 *
 * @param namespace
 * @param collaborator
 * @return
 */
@PreAuthorize("isAuthenticated()")
@RequestMapping(method = RequestMethod.PUT, value = "/{namespace:.+}/users")
public ResponseEntity<Boolean> addOrUpdateCollaboratorForNamespace(@ApiParam(value = "namespace", required = true) @PathVariable String namespace, @RequestBody @ApiParam(value = "The user to be associated with the namespace", required = true) final Collaborator collaborator) {
    try {
        // no validation here save for essentials: we are pointing to an existing user
        User user = EntityDTOConverter.createUser(null, collaborator);
        IUserContext userContext = UserContext.user(SecurityContextHolder.getContext().getAuthentication());
        return new ResponseEntity<>(userNamespaceRoleService.setRoles(userContext.getUsername(), user.getUsername(), namespace, collaborator.getRoles(), false), HttpStatus.OK);
    } catch (InvalidUserException iue) {
        return new ResponseEntity<>(false, HttpStatus.BAD_REQUEST);
    } catch (OperationForbiddenException ofe) {
        return new ResponseEntity<>(false, HttpStatus.FORBIDDEN);
    } catch (DoesNotExistException d) {
        return new ResponseEntity<>(false, HttpStatus.NOT_FOUND);
    }
}

Example 5 with InvalidUserException

use of org.eclipse.vorto.repository.services.exceptions.InvalidUserException in project vorto by eclipse.

the class AccountController method createUserAccount.

@PostMapping(consumes = "application/json", value = "/rest/accounts")
@PreAuthorize("hasAuthority('sysadmin') or #user.name == authentication.name")
public ResponseEntity<Boolean> createUserAccount(Principal user) {
    OAuth2Authentication oauth2User = (OAuth2Authentication) user;
    if (accountService.getUser(oauth2User.getName()) != null) {
        return new ResponseEntity<>(false, HttpStatus.CREATED);
    }
    User createdUser = null;
    try {
        createdUser = accountService.createNonTechnicalUser(oauth2User.getName(), getAuthenticationProvider(oauth2User), null);
    } catch (InvalidUserException iue) {
        return new ResponseEntity<>(false, HttpStatus.BAD_REQUEST);
    }
    SpringUserUtils.refreshSpringSecurityUser(createdUser, userNamespaceRoleService);
    return new ResponseEntity<>(true, HttpStatus.CREATED);
}