use of org.olat.restapi.support.vo.ErrorVO in project OpenOLAT by OpenOLAT.
the class UserAuthenticationMgmtTest method createAuthentications_checkDuplicate.
/**
* Check if the REST call return a specific error if the pair authentication user name and provider
* is already used.
*/
@Test
public void createAuthentications_checkDuplicate() throws IOException, URISyntaxException {
Identity id1 = JunitTestHelper.createAndPersistIdentityAsRndUser("check-auth-1");
Identity id2 = JunitTestHelper.createAndPersistIdentityAsRndUser("check-auth-2");
String authUsername = UUID.randomUUID().toString();
dbInstance.commitAndCloseSession();
RestConnection conn = new RestConnection();
Assert.assertTrue(conn.login("administrator", "openolat"));
// set the first authentication
AuthenticationVO vo1 = new AuthenticationVO();
vo1.setAuthUsername(authUsername);
vo1.setIdentityKey(id1.getKey());
vo1.setProvider("REST-API");
vo1.setCredential("credentials");
URI request1 = UriBuilder.fromUri(getContextURI()).path("/users/" + id1.getName() + "/auth").build();
HttpPut method1 = conn.createPut(request1, MediaType.APPLICATION_JSON, true);
conn.addJsonEntity(method1, vo1);
HttpResponse response1 = conn.execute(method1);
Assert.assertEquals(200, response1.getStatusLine().getStatusCode());
conn.parse(response1, AuthenticationVO.class);
Authentication refAuth1 = securityManager.findAuthentication(id1, "REST-API");
Assert.assertNotNull(refAuth1);
Assert.assertEquals(id1, refAuth1.getIdentity());
// set the second which duplicates the first
AuthenticationVO vo2 = new AuthenticationVO();
vo2.setAuthUsername(authUsername);
vo2.setIdentityKey(id2.getKey());
vo2.setProvider("REST-API");
vo2.setCredential("credentials");
URI request2 = UriBuilder.fromUri(getContextURI()).path("/users/" + id2.getName() + "/auth").build();
HttpPut method2 = conn.createPut(request2, MediaType.APPLICATION_JSON, true);
conn.addJsonEntity(method2, vo2);
HttpResponse response2 = conn.execute(method2);
Assert.assertEquals(409, response2.getStatusLine().getStatusCode());
ErrorVO error = conn.parse(response2, ErrorVO.class);
Assert.assertNotNull(error);
conn.shutdown();
}
use of org.olat.restapi.support.vo.ErrorVO in project OpenOLAT by OpenOLAT.
the class UserWebService method create.
/**
* Creates and persists a new user entity
* @response.representation.qname {http://www.example.com}userVO
* @response.representation.mediaType application/xml, application/json
* @response.representation.doc The user to persist
* @response.representation.example {@link org.olat.user.restapi.Examples#SAMPLE_USERVO}
* @response.representation.200.mediaType application/xml, application/json
* @response.representation.200.doc The persisted user
* @response.representation.200.example {@link org.olat.user.restapi.Examples#SAMPLE_USERVO}
* @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.406.mediaType application/xml, application/json
* @response.representation.406.doc The list of errors
* @response.representation.406.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_ERRORVOes}
* @param user The user to persist
* @param request The HTTP request
* @return the new persisted <code>User</code>
*/
@PUT
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response create(UserVO user, @Context HttpServletRequest request) {
if (!isUserManager(request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
// Check if login is still available
Identity identity = BaseSecurityManager.getInstance().findIdentityByName(user.getLogin());
if (identity != null) {
Locale locale = getLocale(request);
Translator translator = Util.createPackageTranslator(UserShortDescription.class, locale);
String translation = translator.translate("new.error.loginname.choosen");
ErrorVO[] errorVos = new ErrorVO[] { new ErrorVO("org.olat.admin.user", "new.error.loginname.choosen", translation) };
return Response.ok(errorVos).status(Status.NOT_ACCEPTABLE).build();
}
List<ErrorVO> errors = validateUser(null, user, request);
if (errors.isEmpty()) {
User newUser = UserManager.getInstance().createUser(user.getFirstName(), user.getLastName(), user.getEmail());
Identity id = BaseSecurityManager.getInstance().createAndPersistIdentityAndUserWithDefaultProviderAndUserGroup(user.getLogin(), user.getExternalId(), user.getPassword(), newUser);
post(newUser, user, getLocale(request));
UserManager.getInstance().updateUser(newUser);
return Response.ok(get(id)).build();
}
// content not ok
ErrorVO[] errorVos = new ErrorVO[errors.size()];
errors.toArray(errorVos);
return Response.ok(errorVos).status(Status.NOT_ACCEPTABLE).build();
}
use of org.olat.restapi.support.vo.ErrorVO in project OpenOLAT by OpenOLAT.
the class UserWebService method validateUser.
private List<ErrorVO> validateUser(User user, UserVO userVo, HttpServletRequest request) {
UserManager um = UserManager.getInstance();
Locale locale = getLocale(request);
List<ErrorVO> errors = new ArrayList<>();
List<UserPropertyHandler> propertyHandlers = um.getUserPropertyHandlersFor(PROPERTY_HANDLER_IDENTIFIER, false);
validateProperty(user, UserConstants.FIRSTNAME, userVo.getFirstName(), propertyHandlers, errors, um, locale);
validateProperty(user, UserConstants.LASTNAME, userVo.getLastName(), propertyHandlers, errors, um, locale);
validateProperty(user, UserConstants.EMAIL, userVo.getEmail(), propertyHandlers, errors, um, locale);
for (UserPropertyHandler propertyHandler : propertyHandlers) {
if (!UserConstants.FIRSTNAME.equals(propertyHandler.getName()) && !UserConstants.LASTNAME.equals(propertyHandler.getName()) && !UserConstants.EMAIL.equals(propertyHandler.getName())) {
validateProperty(user, userVo, propertyHandler, errors, um, locale);
}
}
return errors;
}
use of org.olat.restapi.support.vo.ErrorVO in project openolat by klemens.
the class ObjectFactory method get.
public static ErrorVO get(String pack, String key, String translation) {
ErrorVO vo = new ErrorVO();
vo.setCode(pack + ":" + key);
vo.setTranslation(translation);
return vo;
}
use of org.olat.restapi.support.vo.ErrorVO in project openolat by klemens.
the class UserAuthenticationWebService method create.
/**
* Creates and persists an authentication
* @response.representation.qname {http://www.example.com}authenticationVO
* @response.representation.mediaType application/xml, application/json
* @response.representation.doc An authentication to save
* @response.representation.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_AUTHVO}
* @response.representation.200.qname {http://www.example.com}authenticationVO
* @response.representation.200.mediaType application/xml, application/json
* @response.representation.200.doc The saved authentication
* @response.representation.200.example {@link org.olat.restapi.support.vo.Examples#SAMPLE_AUTHVO}
* @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The identity not found
* @response.representation.406.doc Cannot create the authentication for an unkown reason
* @response.representation.409.doc Cannot create the authentication because the authentication username is already used by someone else within the same provider
* @param username The username of the user
* @param authenticationVO The authentication object to persist
* @param request The HTTP request
* @return the saved authentication
*/
@PUT
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response create(@PathParam("username") String username, AuthenticationVO authenticationVO, @Context HttpServletRequest request) {
if (!RestSecurityHelper.isUserManager(request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
BaseSecurity baseSecurity = BaseSecurityManager.getInstance();
Identity identity = baseSecurity.loadIdentityByKey(authenticationVO.getIdentityKey(), false);
if (identity == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
}
if (!identity.getName().equals(username)) {
return Response.serverError().status(Status.NOT_FOUND).build();
}
String provider = authenticationVO.getProvider();
String authUsername = authenticationVO.getAuthUsername();
String credentials = authenticationVO.getCredential();
Authentication currentAuthentication = baseSecurity.findAuthenticationByAuthusername(authUsername, provider);
if (currentAuthentication != null) {
if (!currentAuthentication.getIdentity().equals(identity)) {
ErrorVO error = new ErrorVO();
error.setCode("unkown:409");
error.setTranslation("Authentication name used by: " + currentAuthentication.getIdentity().getUser().getEmail());
return Response.serverError().status(Status.CONFLICT).entity(error).build();
}
}
Authentication authentication = baseSecurity.createAndPersistAuthentication(identity, provider, authUsername, credentials, null);
if (authentication == null) {
return Response.serverError().status(Status.NOT_ACCEPTABLE).build();
}
log.audit("New authentication created for " + authUsername + " with provider " + provider);
AuthenticationVO savedAuth = ObjectFactory.get(authentication, true);
return Response.ok(savedAuth).build();
}
Aggregations