use of org.hisp.dhis.user.CurrentUser in project dhis2-core by dhis2.
the class UserController method resetToInvite.
@PostMapping("/{id}/reset")
@ResponseStatus(HttpStatus.NO_CONTENT)
public void resetToInvite(@PathVariable String id, HttpServletRequest request) throws Exception {
User user = userService.getUser(id);
if (user == null) {
throw NotFoundException.notFoundUid(id);
}
String valid = securityService.validateRestore(user);
if (valid != null) {
throw new WebMessageException(conflict(valid));
}
User currentUser = currentUserService.getCurrentUser();
if (!aclService.canUpdate(currentUser, user)) {
throw new UpdateAccessDeniedException("You don't have the proper permissions to update this user.");
}
if (!userService.canAddOrUpdateUser(getUids(user.getGroups()), currentUser)) {
throw new UpdateAccessDeniedException("You must have permissions manage at least one user group for the user.");
}
securityService.prepareUserForInvite(user);
securityService.sendRestoreOrInviteMessage(user, ContextUtils.getContextPath(request), RestoreOptions.RECOVER_PASSWORD_OPTION);
}
use of org.hisp.dhis.user.CurrentUser in project dhis2-core by dhis2.
the class UserController method updateUser.
protected ImportReport updateUser(String userUid, User parsedUserObject) throws WebMessageException {
List<User> users = getEntity(userUid, NO_WEB_OPTIONS);
if (users.isEmpty()) {
throw new WebMessageException(conflict(getEntityName() + " does not exist: " + userUid));
}
User currentUser = currentUserService.getCurrentUser();
if (!aclService.canUpdate(currentUser, users.get(0))) {
throw new UpdateAccessDeniedException("You don't have the proper permissions to update this user.");
}
// force initialization of all authorities of current user in order to
// prevent cases where user must be reloaded later
// (in case it gets detached)
currentUser.getAllAuthorities();
parsedUserObject.setId(users.get(0).getId());
parsedUserObject.setUid(userUid);
mergeLastLoginAttribute(users.get(0), parsedUserObject);
boolean isPasswordChangeAttempt = parsedUserObject.getPassword() != null;
List<String> groupsUids = getUids(parsedUserObject.getGroups());
if (!userService.canAddOrUpdateUser(groupsUids, currentUser) || !currentUser.canModifyUser(users.get(0))) {
throw new WebMessageException(conflict("You must have permissions to create user, " + "or ability to manage at least one user group for the user."));
}
MetadataImportParams params = importService.getParamsFromMap(contextService.getParameterValuesMap());
params.setImportReportMode(ImportReportMode.FULL);
params.setImportStrategy(ImportStrategy.UPDATE);
params.addObject(parsedUserObject);
ImportReport importReport = importService.importMetadata(params);
if (importReport.getStatus() == Status.OK && importReport.getStats().getUpdated() == 1) {
updateUserGroups(userUid, parsedUserObject, currentUser);
// same. i.e. no before & after equals pw check
if (isPasswordChangeAttempt) {
userService.expireActiveSessions(parsedUserObject);
}
}
return importReport;
}
use of org.hisp.dhis.user.CurrentUser in project dhis2-core by dhis2.
the class UserController method replicateUser.
@SuppressWarnings("unchecked")
@PreAuthorize("hasRole('ALL') or hasRole('F_REPLICATE_USER')")
@PostMapping("/{uid}/replica")
@ResponseBody
public WebMessage replicateUser(@PathVariable String uid, HttpServletRequest request, HttpServletResponse response) throws IOException, WebMessageException {
User existingUser = userService.getUser(uid);
if (existingUser == null) {
return conflict("User not found: " + uid);
}
User currentUser = currentUserService.getCurrentUser();
validateCreateUser(existingUser, currentUser);
Map<String, String> auth = renderService.fromJson(request.getInputStream(), Map.class);
String username = StringUtils.trimToNull(auth != null ? auth.get(KEY_USERNAME) : null);
String password = StringUtils.trimToNull(auth != null ? auth.get(KEY_PASSWORD) : null);
if (auth == null || username == null) {
return conflict("Username must be specified");
}
if (userService.getUserByUsername(username) != null) {
return conflict("Username already taken: " + username);
}
if (password == null) {
return conflict("Password must be specified");
}
if (!ValidationUtils.passwordIsValid(password)) {
return conflict("Password must have at least 8 characters, one digit, one uppercase");
}
User userReplica = new User();
mergeService.merge(new MergeParams<>(existingUser, userReplica).setMergeMode(MergeMode.MERGE));
copyAttributeValues(userReplica);
userReplica.setId(0);
userReplica.setUuid(UUID.randomUUID());
userReplica.setUid(CodeGenerator.generateUid());
userReplica.setCode(null);
userReplica.setCreated(new Date());
userReplica.setLdapId(null);
userReplica.setOpenId(null);
userReplica.setUsername(username);
userService.encodeAndSetPassword(userReplica, password);
userService.addUser(userReplica);
userGroupService.addUserToGroups(userReplica, getUids(existingUser.getGroups()), currentUser);
// ---------------------------------------------------------------------
// Replicate user settings
// ---------------------------------------------------------------------
List<UserSetting> settings = userSettingService.getUserSettings(existingUser);
for (UserSetting setting : settings) {
Optional<UserSettingKey> key = UserSettingKey.getByName(setting.getName());
key.ifPresent(userSettingKey -> userSettingService.saveUserSetting(userSettingKey, setting.getValue(), userReplica));
}
return created("User replica created").setLocation(UserSchemaDescriptor.API_ENDPOINT + "/" + userReplica.getUid());
}
use of org.hisp.dhis.user.CurrentUser in project dhis2-core by dhis2.
the class UserController method postInvite.
private WebMessage postInvite(HttpServletRequest request, User user) throws WebMessageException {
User currentUser = currentUserService.getCurrentUser();
validateInviteUser(user, currentUser);
return postObject(inviteUser(user, currentUser, request));
}
use of org.hisp.dhis.user.CurrentUser in project dhis2-core by dhis2.
the class UserController method postObject.
private WebMessage postObject(User user) throws WebMessageException {
populateUserCredentialsDtoFields(user);
User currentUser = currentUserService.getCurrentUser();
validateCreateUser(user, currentUser);
return postObject(getObjectReport(createUser(user, currentUser)));
}
Aggregations