use of org.keycloak.userprofile.EventAuditingAttributeChangeListener in project keycloak by keycloak.
the class AccountFormService method processAccountUpdate.
/**
* Update account information.
* <p>
* Form params:
* <p>
* firstName
* lastName
* email
*
* @return
*/
@Path("/")
@POST
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response processAccountUpdate() {
MultivaluedMap<String, String> formData = request.getDecodedFormParameters();
if (auth == null) {
return login(null);
}
auth.require(AccountRoles.MANAGE_ACCOUNT);
String action = formData.getFirst("submitAction");
if (action != null && action.equals("Cancel")) {
setReferrerOnPage();
return account.createResponse(AccountPages.ACCOUNT);
}
csrfCheck(formData);
UserModel user = auth.getUser();
event.event(EventType.UPDATE_PROFILE).client(auth.getClient()).user(auth.getUser()).detail(Details.CONTEXT, UserProfileContext.ACCOUNT_OLD.name());
UserProfileProvider profileProvider = session.getProvider(UserProfileProvider.class);
UserProfile profile = profileProvider.create(UserProfileContext.ACCOUNT_OLD, formData, user);
try {
// backward compatibility with old account console where attributes are not removed if missing
profile.update(false, new EventAuditingAttributeChangeListener(profile, event));
} catch (ValidationException pve) {
List<FormMessage> errors = Validation.getFormErrorsFromValidation(pve.getErrors());
if (!errors.isEmpty()) {
setReferrerOnPage();
Response.Status status = Status.OK;
if (pve.hasError(Messages.READ_ONLY_USERNAME)) {
status = Response.Status.BAD_REQUEST;
} else if (pve.hasError(Messages.EMAIL_EXISTS, Messages.USERNAME_EXISTS)) {
status = Response.Status.CONFLICT;
}
return account.setErrors(status, errors).setProfileFormData(formData).createResponse(AccountPages.ACCOUNT);
}
} catch (ReadOnlyException e) {
setReferrerOnPage();
return account.setError(Response.Status.BAD_REQUEST, Messages.READ_ONLY_USER).setProfileFormData(formData).createResponse(AccountPages.ACCOUNT);
}
event.success();
setReferrerOnPage();
return account.setSuccess(Messages.ACCOUNT_UPDATED).createResponse(AccountPages.ACCOUNT);
}
use of org.keycloak.userprofile.EventAuditingAttributeChangeListener in project keycloak by keycloak.
the class AccountRestService method updateAccount.
@Path("/")
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public Response updateAccount(UserRepresentation rep) {
auth.require(AccountRoles.MANAGE_ACCOUNT);
event.event(EventType.UPDATE_PROFILE).client(auth.getClient()).user(auth.getUser()).detail(Details.CONTEXT, UserProfileContext.ACCOUNT.name());
UserProfileProvider profileProvider = session.getProvider(UserProfileProvider.class);
UserProfile profile = profileProvider.create(UserProfileContext.ACCOUNT, rep.toAttributes(), auth.getUser());
try {
profile.update(new EventAuditingAttributeChangeListener(profile, event));
event.success();
return Response.noContent().build();
} catch (ValidationException pve) {
List<ErrorRepresentation> errors = new ArrayList<>();
for (Error err : pve.getErrors()) {
errors.add(new ErrorRepresentation(err.getAttribute(), err.getMessage(), validationErrorParamsToString(err.getMessageParameters(), profile.getAttributes())));
}
return ErrorResponse.errors(errors, pve.getStatusCode(), false);
} catch (ReadOnlyException e) {
return ErrorResponse.error(Messages.READ_ONLY_USER, Response.Status.BAD_REQUEST);
}
}
use of org.keycloak.userprofile.EventAuditingAttributeChangeListener in project keycloak by keycloak.
the class UpdateProfile method processAction.
@Override
public void processAction(RequiredActionContext context) {
EventBuilder event = context.getEvent();
event.event(EventType.UPDATE_PROFILE).detail(Details.CONTEXT, UserProfileContext.UPDATE_PROFILE.name());
MultivaluedMap<String, String> formData = context.getHttpRequest().getDecodedFormParameters();
UserModel user = context.getUser();
UserProfileProvider provider = context.getSession().getProvider(UserProfileProvider.class);
UserProfile profile = provider.create(UserProfileContext.UPDATE_PROFILE, formData, user);
try {
// backward compatibility with old account console where attributes are not removed if missing
profile.update(false, new EventAuditingAttributeChangeListener(profile, event));
context.success();
} catch (ValidationException pve) {
List<FormMessage> errors = Validation.getFormErrorsFromValidation(pve.getErrors());
context.challenge(createResponse(context, formData, errors));
}
}
Aggregations