use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.
the class JpaUserProviderTest method testDuplicateUser.
@Test
public void testDuplicateUser() {
Set<JpaRole> authorities1 = set(new JpaRole("ROLE_COOL_ONE", org1));
Set<JpaRole> authorities2 = set(new JpaRole("ROLE_COOL_ONE", org2));
try {
provider.addUser(createUserWithRoles(org1, "user1", "ROLE_COOL_ONE"));
provider.addUser(createUserWithRoles(org1, "user2", "ROLE_COOL_ONE"));
provider.addUser(createUserWithRoles(org2, "user1", "ROLE_COOL_ONE"));
} catch (UnauthorizedException e) {
fail("User should be created");
}
try {
provider.addUser(createUserWithRoles(org1, "user1", "ROLE_COOL_ONE"));
fail("Duplicate user");
} catch (Exception ignore) {
}
}
use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.
the class JpaUserProviderTest method testUpdateUser.
@Test
public void testUpdateUser() throws Exception {
Set<JpaRole> authorities = new HashSet<JpaRole>();
authorities.add(new JpaRole("ROLE_ASTRO_101_SPRING_2011_STUDENT", org1));
JpaUser user = new JpaUser("user1", "pass1", org1, provider.getName(), true, authorities);
provider.addUser(user);
User loadUser = provider.loadUser("user1");
assertNotNull(loadUser);
authorities.add(new JpaRole("ROLE_ASTRO_101_SPRING_2013_STUDENT", org1));
String newPassword = "newPassword";
JpaUser updateUser = new JpaUser(user.getUsername(), newPassword, org1, provider.getName(), true, authorities);
User loadUpdatedUser = provider.updateUser(updateUser);
// User loadUpdatedUser = provider.loadUser(user.getUsername());
assertNotNull(loadUpdatedUser);
assertEquals(user.getUsername(), loadUpdatedUser.getUsername());
assertEquals(PasswordEncoder.encode(newPassword, user.getUsername()), loadUpdatedUser.getPassword());
assertEquals(authorities.size(), loadUpdatedUser.getRoles().size());
updateUser = new JpaUser("unknown", newPassword, org1, provider.getName(), true, authorities);
try {
provider.updateUser(updateUser);
fail("Should throw a NotFoundException");
} catch (NotFoundException e) {
assertTrue("User not found.", true);
}
}
use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.
the class UsersEndpoint method updateUser.
@PUT
@Path("{username}.json")
@RestQuery(name = "updateUser", description = "Update an user", returnDescription = "Status ok", restParameters = { @RestParameter(description = "The password.", isRequired = false, name = "password", type = STRING), @RestParameter(description = "The name.", isRequired = false, name = "name", type = STRING), @RestParameter(description = "The email.", isRequired = false, name = "email", type = STRING), @RestParameter(name = "roles", type = STRING, isRequired = false, description = "The user roles as a json array") }, pathParameters = @RestParameter(name = "username", type = STRING, isRequired = true, description = "The username"), reponses = { @RestResponse(responseCode = SC_OK, description = "User has been updated."), @RestResponse(responseCode = SC_FORBIDDEN, description = "Not enough permissions to update a user with admin role."), @RestResponse(responseCode = SC_NOT_FOUND, description = "User not found.") })
public Response updateUser(@PathParam("username") String username, @FormParam("password") String password, @FormParam("name") String name, @FormParam("email") String email, @FormParam("roles") String roles) throws NotFoundException {
User user = jpaUserAndRoleProvider.loadUser(username);
if (user == null) {
throw new NotFoundException("User " + username + " does not exist.");
}
JpaOrganization organization = (JpaOrganization) securityService.getOrganization();
Set<JpaRole> rolesSet = new HashSet<>();
Option<JSONArray> rolesArray = Option.none();
if (StringUtils.isNotBlank(roles)) {
rolesArray = Option.some((JSONArray) JSONValue.parse(roles));
}
if (rolesArray.isSome()) {
// Add the roles given
for (Object roleObj : rolesArray.get()) {
JSONObject role = (JSONObject) roleObj;
String rolename = (String) role.get("id");
Role.Type roletype = Role.Type.valueOf((String) role.get("type"));
rolesSet.add(new JpaRole(rolename, organization, null, roletype));
}
} else {
// Or the use the one from the user if no one is given
for (Role role : user.getRoles()) {
rolesSet.add(new JpaRole(role.getName(), organization, role.getDescription(), role.getType()));
}
}
try {
jpaUserAndRoleProvider.updateUser(new JpaUser(username, password, organization, name, email, jpaUserAndRoleProvider.getName(), true, rolesSet));
userDirectoryService.invalidate(username);
return Response.status(SC_OK).build();
} catch (UnauthorizedException ex) {
return Response.status(Response.Status.FORBIDDEN).build();
}
}
use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.
the class UsersEndpoint method createUser.
@POST
@Path("/")
@RestQuery(name = "createUser", description = "Create a new user", returnDescription = "The location of the new ressource", restParameters = { @RestParameter(description = "The username.", isRequired = true, name = "username", type = STRING), @RestParameter(description = "The password.", isRequired = true, name = "password", type = STRING), @RestParameter(description = "The name.", isRequired = false, name = "name", type = STRING), @RestParameter(description = "The email.", isRequired = false, name = "email", type = STRING), @RestParameter(name = "roles", type = STRING, isRequired = false, description = "The user roles as a json array") }, reponses = { @RestResponse(responseCode = SC_CREATED, description = "User has been created."), @RestResponse(responseCode = SC_FORBIDDEN, description = "Not enough permissions to create a user with a admin role."), @RestResponse(responseCode = SC_CONFLICT, description = "An user with this username already exist.") })
public Response createUser(@FormParam("username") String username, @FormParam("password") String password, @FormParam("name") String name, @FormParam("email") String email, @FormParam("roles") String roles) throws NotFoundException {
if (StringUtils.isBlank(username))
return RestUtil.R.badRequest("No username set");
if (StringUtils.isBlank(password))
return RestUtil.R.badRequest("No password set");
User existingUser = jpaUserAndRoleProvider.loadUser(username);
if (existingUser != null) {
return Response.status(SC_CONFLICT).build();
}
JpaOrganization organization = (JpaOrganization) securityService.getOrganization();
Option<JSONArray> rolesArray = Option.none();
if (StringUtils.isNotBlank(roles)) {
rolesArray = Option.option((JSONArray) JSONValue.parse(roles));
}
Set<JpaRole> rolesSet = new HashSet<>();
// Add the roles given
if (rolesArray.isSome()) {
// Add the roles given
for (Object role : rolesArray.get()) {
JSONObject roleAsJson = (JSONObject) role;
Role.Type roletype = Role.Type.valueOf((String) roleAsJson.get("type"));
rolesSet.add(new JpaRole(roleAsJson.get("id").toString(), organization, null, roletype));
}
} else {
rolesSet.add(new JpaRole(organization.getAnonymousRole(), organization));
}
JpaUser user = new JpaUser(username, password, organization, name, email, jpaUserAndRoleProvider.getName(), true, rolesSet);
try {
jpaUserAndRoleProvider.addUser(user);
return Response.created(uri(endpointBaseUrl, user.getUsername() + ".json")).build();
} catch (UnauthorizedException e) {
return Response.status(Response.Status.FORBIDDEN).build();
}
}
use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.
the class JpaUserAndRoleProvider method addUser.
/**
* Adds a user to the persistence
*
* @param user
* the user to add
*
* @throws org.opencastproject.security.api.UnauthorizedException
* if the user is not allowed to create other user with the given roles
*/
public void addUser(JpaUser user) throws UnauthorizedException {
if (!UserDirectoryUtils.isCurrentUserAuthorizedHandleRoles(securityService, user.getRoles()))
throw new UnauthorizedException("The user is not allowed to set the admin role on other users");
// Create a JPA user with an encoded password.
String encodedPassword = PasswordEncoder.encode(user.getPassword(), user.getUsername());
// Only save internal roles
Set<JpaRole> roles = UserDirectoryPersistenceUtil.saveRoles(filterRoles(user.getRoles()), emf);
JpaOrganization organization = UserDirectoryPersistenceUtil.saveOrganization((JpaOrganization) user.getOrganization(), emf);
JpaUser newUser = new JpaUser(user.getUsername(), encodedPassword, organization, user.getName(), user.getEmail(), user.getProvider(), user.isManageable(), roles);
// Then save the user
EntityManager em = null;
EntityTransaction tx = null;
try {
em = emf.createEntityManager();
tx = em.getTransaction();
tx.begin();
em.persist(newUser);
tx.commit();
cache.put(user.getUsername() + DELIMITER + user.getOrganization().getId(), newUser);
} finally {
if (tx.isActive()) {
tx.rollback();
}
if (em != null)
em.close();
}
updateGroupMembership(user);
}
Aggregations