Example 11 with MCRUserInformation
use of org.mycore.common.MCRUserInformation in project mycore by MyCoRe-Org.
the class MCRLoginServlet method addCurrentUserInfo.
static void addCurrentUserInfo(MCRLogin login) {
MCRUserInformation userInfo = MCRSessionMgr.getCurrentSession().getUserInformation();
String realmId = (userInfo instanceof MCRUser) ? ((MCRUser) userInfo).getRealm().getLabel() : userInfo.getUserAttribute(MCRRealm.USER_INFORMATION_ATTR);
if (realmId == null) {
realmId = MCRRealmFactory.getLocalRealm().getLabel();
}
login.setRealm(realmId);
}
Also used :
MCRUser(org.mycore.user2.MCRUser)
MCRUserInformation(org.mycore.common.MCRUserInformation)
Example 12 with MCRUserInformation
use of org.mycore.common.MCRUserInformation in project mycore by MyCoRe-Org.
the class MCRLoginServlet method addCurrentUserInfo.
static void addCurrentUserInfo(Element rootElement) {
MCRUserInformation userInfo = MCRSessionMgr.getCurrentSession().getUserInformation();
rootElement.setAttribute("user", userInfo.getUserID());
String realmId = (userInfo instanceof MCRUser) ? ((MCRUser) userInfo).getRealm().getLabel() : userInfo.getUserAttribute(MCRRealm.USER_INFORMATION_ATTR);
if (realmId == null) {
realmId = MCRRealmFactory.getLocalRealm().getLabel();
}
rootElement.setAttribute(REALM_URL_PARAMETER, realmId);
rootElement.setAttribute("guest", String.valueOf(currentUserIsGuest()));
}
Also used :
MCRUser(org.mycore.user2.MCRUser)
MCRUserInformation(org.mycore.common.MCRUserInformation)
Example 13 with MCRUserInformation
use of org.mycore.common.MCRUserInformation in project mycore by MyCoRe-Org.
the class MCRUserManager method setPassword.
/**
* Sets password of 'user' to 'password'.
*
* Automatically updates the user in database.
*/
public static void setPassword(MCRUser user, String password) {
MCRSession session = MCRSessionMgr.getCurrentSession();
MCRUserInformation currentUser = session.getUserInformation();
// only update password
MCRUser myUser = getUser(user.getUserName(), user.getRealmID());
boolean allowed = MCRAccessManager.checkPermission(MCRUser2Constants.USER_ADMIN_PERMISSION) || currentUser.equals(myUser.getOwner()) || (currentUser.equals(user) && myUser.hasNoOwner() || !myUser.isLocked());
if (!allowed) {
throw new MCRException("You are not allowed to change password of user: " + user);
}
updatePasswordHashToSHA256(myUser, password);
updateUser(myUser);
}
Also used :
MCRException(org.mycore.common.MCRException)
MCRSession(org.mycore.common.MCRSession)
MCRUserInformation(org.mycore.common.MCRUserInformation)
Example 14 with MCRUserInformation
use of org.mycore.common.MCRUserInformation in project mycore by MyCoRe-Org.
the class MCRShibbolethLoginServlet method doGetPost.
public void doGetPost(MCRServletJob job) throws Exception {
HttpServletRequest req = job.getRequest();
HttpServletResponse res = job.getResponse();
String msg = null;
String uid = (String) req.getAttribute("uid");
String userId = uid != null ? uid : req.getRemoteUser();
if (userId != null) {
final String realmId = userId.contains("@") ? userId.substring(userId.indexOf("@") + 1) : null;
if (realmId != null && MCRRealmFactory.getRealm(realmId) != null) {
userId = realmId != null ? userId.replace("@" + realmId, "") : userId;
final Map<String, Object> attributes = new HashMap<>();
final MCRUserAttributeMapper attributeMapper = MCRRealmFactory.getAttributeMapper(realmId);
for (final String key : attributeMapper.getAttributeNames()) {
final Object value = req.getAttribute(key);
if (value != null) {
LOGGER.info("received {}:{}", key, value);
attributes.put(key, value);
}
}
MCRUserInformation userinfo;
MCRUser user = MCRUserManager.getUser(userId, realmId);
if (user != null) {
LOGGER.debug("login existing user \"{}\"", user.getUserID());
attributeMapper.mapAttributes(user, attributes);
user.setLastLogin();
MCRUserManager.updateUser(user);
userinfo = user;
} else {
userinfo = new MCRShibbolethUserInformation(userId, realmId, attributes);
}
MCRSessionMgr.getCurrentSession().setUserInformation(userinfo);
// MCR-1154
req.changeSessionId();
res.sendRedirect(res.encodeRedirectURL(req.getParameter("url")));
return;
} else {
msg = "Login from realm \"" + realmId + "\" is not allowed.";
}
} else {
msg = "Principal could not be received from IDP.";
}
job.getResponse().sendError(HttpServletResponse.SC_UNAUTHORIZED, msg);
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
HashMap(java.util.HashMap)
MCRUser(org.mycore.user2.MCRUser)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
MCRUserAttributeMapper(org.mycore.user2.MCRUserAttributeMapper)
MCRUserInformation(org.mycore.common.MCRUserInformation)
Example 15 with MCRUserInformation
use of org.mycore.common.MCRUserInformation in project mycore by MyCoRe-Org.
the class MCRUserAttributeMapperTest method testUserCreate.
@Test
public void testUserCreate() throws Exception {
Map<String, Object> attributes = new HashMap<>();
attributes.put("eduPersonPrincipalName", mcrUser.getUserName() + "@" + realmId);
attributes.put("displayName", mcrUser.getRealName());
attributes.put("mail", mcrUser.getEMailAddress());
attributes.put("eduPersonAffiliation", roles);
MCRUserInformation userInfo = new MCRShibbolethUserInformation(mcrUser.getUserName(), realmId, attributes);
MCRTransientUser user = new MCRTransientUser(userInfo);
assertEquals(mcrUser.getUserName(), user.getUserName());
assertEquals(mcrUser.getRealName(), user.getRealName());
assertTrue(user.isUserInRole("editor"));
Map<String, String> extraAttribs = new HashMap<>();
extraAttribs.put("attrib1", "test123");
extraAttribs.put("attrib2", "test321");
user.setAttributes(extraAttribs);
MCRUserManager.createUser(user);
startNewTransaction();
MCRUser storedUser = MCRUserManager.getUser(user.getUserName(), realmId);
assertEquals(mcrUser.getEMailAddress(), storedUser.getEMailAddress());
assertEquals(extraAttribs.get("attrib1"), storedUser.getAttributes().get("attrib1"));
assertEquals(extraAttribs.get("attrib2"), storedUser.getAttributes().get("attrib2"));
Document exportableXML = MCRUserTransformer.buildExportableXML(storedUser);
new XMLOutputter(Format.getPrettyFormat()).output(exportableXML, System.out);
}
Also used :
XMLOutputter(org.jdom2.output.XMLOutputter)
HashMap(java.util.HashMap)
MCRShibbolethUserInformation(org.mycore.user2.login.MCRShibbolethUserInformation)
Document(org.jdom2.Document)
MCRUserInformation(org.mycore.common.MCRUserInformation)
Test(org.junit.Test)
Aggregations
MCRUserInformation (org.mycore.common.MCRUserInformation)19
MCRSession (org.mycore.common.MCRSession)9
MCRObjectID (org.mycore.datamodel.metadata.MCRObjectID)6
SignedJWT (com.nimbusds.jwt.SignedJWT)5
MCRRestAPIException (org.mycore.restapi.v1.errors.MCRRestAPIException)5
IOException (java.io.IOException)4
HashMap (java.util.HashMap)4
Test (org.junit.Test)4
MCRAccessException (org.mycore.access.MCRAccessException)4
MCRPersistenceException (org.mycore.common.MCRPersistenceException)4
MCRRestAPIError (org.mycore.restapi.v1.errors.MCRRestAPIError)4
MCRUser (org.mycore.user2.MCRUser)4
Response (javax.ws.rs.core.Response)3
Document (org.jdom2.Document)3
XMLOutputter (org.jdom2.output.XMLOutputter)3
MCRDerivate (org.mycore.datamodel.metadata.MCRDerivate)3
MCRShibbolethUserInformation (org.mycore.user2.login.MCRShibbolethUserInformation)3
TreeMap (java.util.TreeMap)2
MCRException (org.mycore.common.MCRException)2
BufferedInputStream (java.io.BufferedInputStream)1
