Search in sources :

Example 1 with ErrorVO

use of org.olat.restapi.support.vo.ErrorVO in project OpenOLAT by OpenOLAT.

the class UserAuthenticationMgmtTest method createAuthentications_checkDuplicate.

/**
 * Check if the REST call return a specific error if the pair authentication user name and provider
 * is already used.
 */
@Test
public void createAuthentications_checkDuplicate() throws IOException, URISyntaxException {
    Identity id1 = JunitTestHelper.createAndPersistIdentityAsRndUser("check-auth-1");
    Identity id2 = JunitTestHelper.createAndPersistIdentityAsRndUser("check-auth-2");
    String authUsername = UUID.randomUUID().toString();
    dbInstance.commitAndCloseSession();
    RestConnection conn = new RestConnection();
    Assert.assertTrue(conn.login("administrator", "openolat"));
    // set the first authentication
    AuthenticationVO vo1 = new AuthenticationVO();
    vo1.setAuthUsername(authUsername);
    vo1.setIdentityKey(id1.getKey());
    vo1.setProvider("REST-API");
    vo1.setCredential("credentials");
    URI request1 = UriBuilder.fromUri(getContextURI()).path("/users/" + id1.getName() + "/auth").build();
    HttpPut method1 = conn.createPut(request1, MediaType.APPLICATION_JSON, true);
    conn.addJsonEntity(method1, vo1);
    HttpResponse response1 = conn.execute(method1);
    Assert.assertEquals(200, response1.getStatusLine().getStatusCode());
    conn.parse(response1, AuthenticationVO.class);
    Authentication refAuth1 = securityManager.findAuthentication(id1, "REST-API");
    Assert.assertNotNull(refAuth1);
    Assert.assertEquals(id1, refAuth1.getIdentity());
    // set the second which duplicates the first
    AuthenticationVO vo2 = new AuthenticationVO();
    vo2.setAuthUsername(authUsername);
    vo2.setIdentityKey(id2.getKey());
    vo2.setProvider("REST-API");
    vo2.setCredential("credentials");
    URI request2 = UriBuilder.fromUri(getContextURI()).path("/users/" + id2.getName() + "/auth").build();
    HttpPut method2 = conn.createPut(request2, MediaType.APPLICATION_JSON, true);
    conn.addJsonEntity(method2, vo2);
    HttpResponse response2 = conn.execute(method2);
    Assert.assertEquals(409, response2.getStatusLine().getStatusCode());
    ErrorVO error = conn.parse(response2, ErrorVO.class);
    Assert.assertNotNull(error);
    conn.shutdown();
}
Also used : ErrorVO(org.olat.restapi.support.vo.ErrorVO) Authentication(org.olat.basesecurity.Authentication) HttpResponse(org.apache.http.HttpResponse) Identity(org.olat.core.id.Identity) AuthenticationVO(org.olat.restapi.support.vo.AuthenticationVO) URI(java.net.URI) HttpPut(org.apache.http.client.methods.HttpPut) Test(org.junit.Test)

Example 2 with ErrorVO

use of org.olat.restapi.support.vo.ErrorVO in project OpenOLAT by OpenOLAT.

the class UserWebService method create.

/**
 * Creates and persists a new user entity
 * @response.representation.qname {http://www.example.com}userVO
 * @response.representation.mediaType application/xml, application/json
 * @response.representation.doc The user to persist
 * @response.representation.example {@link org.olat.user.restapi.Examples#SAMPLE_USERVO}
 * @response.representation.200.mediaType application/xml, application/json
 * @response.representation.200.doc The persisted user
 * @response.representation.200.example {@link org.olat.user.restapi.Examples#SAMPLE_USERVO}
 * @response.representation.401.doc The roles of the authenticated user are not sufficient
 * @response.representation.406.mediaType application/xml, application/json
 * @response.representation.406.doc The list of errors
 * @response.representation.406.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_ERRORVOes}
 * @param user The user to persist
 * @param request The HTTP request
 * @return the new persisted <code>User</code>
 */
@PUT
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response create(UserVO user, @Context HttpServletRequest request) {
    if (!isUserManager(request)) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    // Check if login is still available
    Identity identity = BaseSecurityManager.getInstance().findIdentityByName(user.getLogin());
    if (identity != null) {
        Locale locale = getLocale(request);
        Translator translator = Util.createPackageTranslator(UserShortDescription.class, locale);
        String translation = translator.translate("new.error.loginname.choosen");
        ErrorVO[] errorVos = new ErrorVO[] { new ErrorVO("org.olat.admin.user", "new.error.loginname.choosen", translation) };
        return Response.ok(errorVos).status(Status.NOT_ACCEPTABLE).build();
    }
    List<ErrorVO> errors = validateUser(null, user, request);
    if (errors.isEmpty()) {
        User newUser = UserManager.getInstance().createUser(user.getFirstName(), user.getLastName(), user.getEmail());
        Identity id = BaseSecurityManager.getInstance().createAndPersistIdentityAndUserWithDefaultProviderAndUserGroup(user.getLogin(), user.getExternalId(), user.getPassword(), newUser);
        post(newUser, user, getLocale(request));
        UserManager.getInstance().updateUser(newUser);
        return Response.ok(get(id)).build();
    }
    // content not ok
    ErrorVO[] errorVos = new ErrorVO[errors.size()];
    errors.toArray(errorVos);
    return Response.ok(errorVos).status(Status.NOT_ACCEPTABLE).build();
}
Also used : Locale(java.util.Locale) RestSecurityHelper.getLocale(org.olat.restapi.security.RestSecurityHelper.getLocale) ErrorVO(org.olat.restapi.support.vo.ErrorVO) User(org.olat.core.id.User) Translator(org.olat.core.gui.translator.Translator) PackageTranslator(org.olat.core.gui.translator.PackageTranslator) Identity(org.olat.core.id.Identity) RestSecurityHelper.getIdentity(org.olat.restapi.security.RestSecurityHelper.getIdentity) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) PUT(javax.ws.rs.PUT)

Example 3 with ErrorVO

use of org.olat.restapi.support.vo.ErrorVO in project OpenOLAT by OpenOLAT.

the class UserWebService method validateUser.

private List<ErrorVO> validateUser(User user, UserVO userVo, HttpServletRequest request) {
    UserManager um = UserManager.getInstance();
    Locale locale = getLocale(request);
    List<ErrorVO> errors = new ArrayList<>();
    List<UserPropertyHandler> propertyHandlers = um.getUserPropertyHandlersFor(PROPERTY_HANDLER_IDENTIFIER, false);
    validateProperty(user, UserConstants.FIRSTNAME, userVo.getFirstName(), propertyHandlers, errors, um, locale);
    validateProperty(user, UserConstants.LASTNAME, userVo.getLastName(), propertyHandlers, errors, um, locale);
    validateProperty(user, UserConstants.EMAIL, userVo.getEmail(), propertyHandlers, errors, um, locale);
    for (UserPropertyHandler propertyHandler : propertyHandlers) {
        if (!UserConstants.FIRSTNAME.equals(propertyHandler.getName()) && !UserConstants.LASTNAME.equals(propertyHandler.getName()) && !UserConstants.EMAIL.equals(propertyHandler.getName())) {
            validateProperty(user, userVo, propertyHandler, errors, um, locale);
        }
    }
    return errors;
}
Also used : Locale(java.util.Locale) RestSecurityHelper.getLocale(org.olat.restapi.security.RestSecurityHelper.getLocale) ErrorVO(org.olat.restapi.support.vo.ErrorVO) UserManager(org.olat.user.UserManager) RestSecurityHelper.isUserManager(org.olat.restapi.security.RestSecurityHelper.isUserManager) ArrayList(java.util.ArrayList) UserPropertyHandler(org.olat.user.propertyhandlers.UserPropertyHandler)

Example 4 with ErrorVO

use of org.olat.restapi.support.vo.ErrorVO in project openolat by klemens.

the class ObjectFactory method get.

public static ErrorVO get(String pack, String key, String translation) {
    ErrorVO vo = new ErrorVO();
    vo.setCode(pack + ":" + key);
    vo.setTranslation(translation);
    return vo;
}
Also used : ErrorVO(org.olat.restapi.support.vo.ErrorVO)

Example 5 with ErrorVO

use of org.olat.restapi.support.vo.ErrorVO in project openolat by klemens.

the class UserAuthenticationWebService method create.

/**
 * Creates and persists an authentication
 * @response.representation.qname {http://www.example.com}authenticationVO
 * @response.representation.mediaType application/xml, application/json
 * @response.representation.doc An authentication to save
 * @response.representation.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_AUTHVO}
 * @response.representation.200.qname {http://www.example.com}authenticationVO
 * @response.representation.200.mediaType application/xml, application/json
 * @response.representation.200.doc The saved authentication
 * @response.representation.200.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_AUTHVO}
 * @response.representation.401.doc The roles of the authenticated user are not sufficient
 * @response.representation.404.doc The identity not found
 * @response.representation.406.doc Cannot create the authentication for an unkown reason
 * @response.representation.409.doc Cannot create the authentication because the authentication username is already used by someone else within the same provider
 * @param username The username of the user
 * @param authenticationVO The authentication object to persist
 * @param request The HTTP request
 * @return the saved authentication
 */
@PUT
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response create(@PathParam("username") String username, AuthenticationVO authenticationVO, @Context HttpServletRequest request) {
    if (!RestSecurityHelper.isUserManager(request)) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    BaseSecurity baseSecurity = BaseSecurityManager.getInstance();
    Identity identity = baseSecurity.loadIdentityByKey(authenticationVO.getIdentityKey(), false);
    if (identity == null) {
        return Response.serverError().status(Status.NOT_FOUND).build();
    }
    if (!identity.getName().equals(username)) {
        return Response.serverError().status(Status.NOT_FOUND).build();
    }
    String provider = authenticationVO.getProvider();
    String authUsername = authenticationVO.getAuthUsername();
    String credentials = authenticationVO.getCredential();
    Authentication currentAuthentication = baseSecurity.findAuthenticationByAuthusername(authUsername, provider);
    if (currentAuthentication != null) {
        if (!currentAuthentication.getIdentity().equals(identity)) {
            ErrorVO error = new ErrorVO();
            error.setCode("unkown:409");
            error.setTranslation("Authentication name used by: " + currentAuthentication.getIdentity().getUser().getEmail());
            return Response.serverError().status(Status.CONFLICT).entity(error).build();
        }
    }
    Authentication authentication = baseSecurity.createAndPersistAuthentication(identity, provider, authUsername, credentials, null);
    if (authentication == null) {
        return Response.serverError().status(Status.NOT_ACCEPTABLE).build();
    }
    log.audit("New authentication created for " + authUsername + " with provider " + provider);
    AuthenticationVO savedAuth = ObjectFactory.get(authentication, true);
    return Response.ok(savedAuth).build();
}
Also used : ErrorVO(org.olat.restapi.support.vo.ErrorVO) Authentication(org.olat.basesecurity.Authentication) RestSecurityHelper.getIdentity(org.olat.restapi.security.RestSecurityHelper.getIdentity) Identity(org.olat.core.id.Identity) AuthenticationVO(org.olat.restapi.support.vo.AuthenticationVO) BaseSecurity(org.olat.basesecurity.BaseSecurity) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) PUT(javax.ws.rs.PUT)

Aggregations

ErrorVO (org.olat.restapi.support.vo.ErrorVO)20 Identity (org.olat.core.id.Identity)10 Locale (java.util.Locale)6 Consumes (javax.ws.rs.Consumes)6 Produces (javax.ws.rs.Produces)6 Translator (org.olat.core.gui.translator.Translator)6 RestSecurityHelper.getIdentity (org.olat.restapi.security.RestSecurityHelper.getIdentity)6 URI (java.net.URI)4 PUT (javax.ws.rs.PUT)4 HttpResponse (org.apache.http.HttpResponse)4 HttpPut (org.apache.http.client.methods.HttpPut)4 Test (org.junit.Test)4 Authentication (org.olat.basesecurity.Authentication)4 BaseSecurity (org.olat.basesecurity.BaseSecurity)4 PackageTranslator (org.olat.core.gui.translator.PackageTranslator)4 User (org.olat.core.id.User)4 RestSecurityHelper.getLocale (org.olat.restapi.security.RestSecurityHelper.getLocale)4 AuthenticationVO (org.olat.restapi.support.vo.AuthenticationVO)4 UserManager (org.olat.user.UserManager)4 ByteArrayInputStream (java.io.ByteArrayInputStream)2