Example 16 with JpaUser
use of org.opencastproject.security.impl.jpa.JpaUser in project opencast by opencast.
the class JpaUserProviderTest method testAddAndGetUser.
@Test
public void testAddAndGetUser() throws Exception {
JpaUser user = createUserWithRoles(org1, "user1", "ROLE_ASTRO_101_SPRING_2011_STUDENT");
provider.addUser(user);
User loadUser = provider.loadUser("user1");
assertNotNull(loadUser);
assertEquals(user.getUsername(), loadUser.getUsername());
assertEquals(PasswordEncoder.encode(user.getPassword(), user.getUsername()), loadUser.getPassword());
assertEquals(user.getOrganization(), loadUser.getOrganization());
assertEquals(user.getRoles(), loadUser.getRoles());
assertNull("Loading 'does not exist' should return null", provider.loadUser("does not exist"));
assertNull("Loading 'does not exist' should return null", provider.loadUser("user1", org2.getId()));
loadUser = provider.loadUser("user1", org1.getId());
assertNotNull(loadUser);
assertEquals(user.getUsername(), loadUser.getUsername());
assertEquals(PasswordEncoder.encode(user.getPassword(), user.getUsername()), loadUser.getPassword());
assertEquals(user.getOrganization(), loadUser.getOrganization());
assertEquals(user.getRoles(), loadUser.getRoles());
}Example 17 with JpaUser
use of org.opencastproject.security.impl.jpa.JpaUser in project opencast by opencast.
the class UsersEndpoint method updateUser.
@PUT
@Path("{username}.json")
@RestQuery(name = "updateUser", description = "Update an user", returnDescription = "Status ok", restParameters = { @RestParameter(description = "The password.", isRequired = false, name = "password", type = STRING), @RestParameter(description = "The name.", isRequired = false, name = "name", type = STRING), @RestParameter(description = "The email.", isRequired = false, name = "email", type = STRING), @RestParameter(name = "roles", type = STRING, isRequired = false, description = "The user roles as a json array") }, pathParameters = @RestParameter(name = "username", type = STRING, isRequired = true, description = "The username"), reponses = { @RestResponse(responseCode = SC_OK, description = "User has been updated."), @RestResponse(responseCode = SC_FORBIDDEN, description = "Not enough permissions to update a user with admin role."), @RestResponse(responseCode = SC_NOT_FOUND, description = "User not found.") })
public Response updateUser(@PathParam("username") String username, @FormParam("password") String password, @FormParam("name") String name, @FormParam("email") String email, @FormParam("roles") String roles) throws NotFoundException {
User user = jpaUserAndRoleProvider.loadUser(username);
if (user == null) {
throw new NotFoundException("User " + username + " does not exist.");
}
JpaOrganization organization = (JpaOrganization) securityService.getOrganization();
Set<JpaRole> rolesSet = new HashSet<>();
Option<JSONArray> rolesArray = Option.none();
if (StringUtils.isNotBlank(roles)) {
rolesArray = Option.some((JSONArray) JSONValue.parse(roles));
}
if (rolesArray.isSome()) {
// Add the roles given
for (Object roleObj : rolesArray.get()) {
JSONObject role = (JSONObject) roleObj;
String rolename = (String) role.get("id");
Role.Type roletype = Role.Type.valueOf((String) role.get("type"));
rolesSet.add(new JpaRole(rolename, organization, null, roletype));
}
} else {
// Or the use the one from the user if no one is given
for (Role role : user.getRoles()) {
rolesSet.add(new JpaRole(role.getName(), organization, role.getDescription(), role.getType()));
}
}
try {
jpaUserAndRoleProvider.updateUser(new JpaUser(username, password, organization, name, email, jpaUserAndRoleProvider.getName(), true, rolesSet));
userDirectoryService.invalidate(username);
return Response.status(SC_OK).build();
} catch (UnauthorizedException ex) {
return Response.status(Response.Status.FORBIDDEN).build();
}
}
Also used :
JpaUser(org.opencastproject.security.impl.jpa.JpaUser)
User(org.opencastproject.security.api.User)
JpaOrganization(org.opencastproject.security.impl.jpa.JpaOrganization)
JSONArray(org.json.simple.JSONArray)
NotFoundException(org.opencastproject.util.NotFoundException)
JpaUser(org.opencastproject.security.impl.jpa.JpaUser)
Role(org.opencastproject.security.api.Role)
JpaRole(org.opencastproject.security.impl.jpa.JpaRole)
JSONObject(org.json.simple.JSONObject)
JpaRole(org.opencastproject.security.impl.jpa.JpaRole)
UnauthorizedException(org.opencastproject.security.api.UnauthorizedException)
JSONObject(org.json.simple.JSONObject)
JObject(com.entwinemedia.fn.data.json.JObject)
HashSet(java.util.HashSet)
Path(javax.ws.rs.Path)
RestQuery(org.opencastproject.util.doc.rest.RestQuery)
PUT(javax.ws.rs.PUT)
Example 18 with JpaUser
use of org.opencastproject.security.impl.jpa.JpaUser in project opencast by opencast.
the class UsersEndpoint method createUser.
@POST
@Path("/")
@RestQuery(name = "createUser", description = "Create a new user", returnDescription = "The location of the new ressource", restParameters = { @RestParameter(description = "The username.", isRequired = true, name = "username", type = STRING), @RestParameter(description = "The password.", isRequired = true, name = "password", type = STRING), @RestParameter(description = "The name.", isRequired = false, name = "name", type = STRING), @RestParameter(description = "The email.", isRequired = false, name = "email", type = STRING), @RestParameter(name = "roles", type = STRING, isRequired = false, description = "The user roles as a json array") }, reponses = { @RestResponse(responseCode = SC_CREATED, description = "User has been created."), @RestResponse(responseCode = SC_FORBIDDEN, description = "Not enough permissions to create a user with a admin role."), @RestResponse(responseCode = SC_CONFLICT, description = "An user with this username already exist.") })
public Response createUser(@FormParam("username") String username, @FormParam("password") String password, @FormParam("name") String name, @FormParam("email") String email, @FormParam("roles") String roles) throws NotFoundException {
if (StringUtils.isBlank(username))
return RestUtil.R.badRequest("No username set");
if (StringUtils.isBlank(password))
return RestUtil.R.badRequest("No password set");
User existingUser = jpaUserAndRoleProvider.loadUser(username);
if (existingUser != null) {
return Response.status(SC_CONFLICT).build();
}
JpaOrganization organization = (JpaOrganization) securityService.getOrganization();
Option<JSONArray> rolesArray = Option.none();
if (StringUtils.isNotBlank(roles)) {
rolesArray = Option.option((JSONArray) JSONValue.parse(roles));
}
Set<JpaRole> rolesSet = new HashSet<>();
// Add the roles given
if (rolesArray.isSome()) {
// Add the roles given
for (Object role : rolesArray.get()) {
JSONObject roleAsJson = (JSONObject) role;
Role.Type roletype = Role.Type.valueOf((String) roleAsJson.get("type"));
rolesSet.add(new JpaRole(roleAsJson.get("id").toString(), organization, null, roletype));
}
} else {
rolesSet.add(new JpaRole(organization.getAnonymousRole(), organization));
}
JpaUser user = new JpaUser(username, password, organization, name, email, jpaUserAndRoleProvider.getName(), true, rolesSet);
try {
jpaUserAndRoleProvider.addUser(user);
return Response.created(uri(endpointBaseUrl, user.getUsername() + ".json")).build();
} catch (UnauthorizedException e) {
return Response.status(Response.Status.FORBIDDEN).build();
}
}
Also used :
JpaUser(org.opencastproject.security.impl.jpa.JpaUser)
User(org.opencastproject.security.api.User)
JpaOrganization(org.opencastproject.security.impl.jpa.JpaOrganization)
JSONArray(org.json.simple.JSONArray)
JpaUser(org.opencastproject.security.impl.jpa.JpaUser)
Role(org.opencastproject.security.api.Role)
JpaRole(org.opencastproject.security.impl.jpa.JpaRole)
JSONObject(org.json.simple.JSONObject)
JpaRole(org.opencastproject.security.impl.jpa.JpaRole)
UnauthorizedException(org.opencastproject.security.api.UnauthorizedException)
JSONObject(org.json.simple.JSONObject)
JObject(com.entwinemedia.fn.data.json.JObject)
HashSet(java.util.HashSet)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
RestQuery(org.opencastproject.util.doc.rest.RestQuery)
Example 19 with JpaUser
use of org.opencastproject.security.impl.jpa.JpaUser in project opencast by opencast.
the class ServiceRegistrationJpaImplTest method setUpOrganizationAndUsers.
private void setUpOrganizationAndUsers() {
org = new JpaOrganization("test-org", "Test Organization", "http://testorg.edu", 80, "TEST_ORG_ADMIN", "TEST_ORG_ANON", new HashMap<String, String>());
user = new JpaUser("producer1", "pw-producer1", org, "test", true, new HashSet<JpaRole>());
org = env.tx(Queries.persistOrUpdate(org));
user = env.tx(Queries.persistOrUpdate(user));
}
Also used :
JpaOrganization(org.opencastproject.security.impl.jpa.JpaOrganization)
HashMap(java.util.HashMap)
JpaUser(org.opencastproject.security.impl.jpa.JpaUser)
HashSet(java.util.HashSet)
Example 20 with JpaUser
use of org.opencastproject.security.impl.jpa.JpaUser in project opencast by opencast.
the class JpaUserAndRoleProvider method addUser.
/**
* Adds a user to the persistence
*
* @param user
* the user to add
*
* @throws org.opencastproject.security.api.UnauthorizedException
* if the user is not allowed to create other user with the given roles
*/
public void addUser(JpaUser user) throws UnauthorizedException {
if (!UserDirectoryUtils.isCurrentUserAuthorizedHandleRoles(securityService, user.getRoles()))
throw new UnauthorizedException("The user is not allowed to set the admin role on other users");
// Create a JPA user with an encoded password.
String encodedPassword = PasswordEncoder.encode(user.getPassword(), user.getUsername());
// Only save internal roles
Set<JpaRole> roles = UserDirectoryPersistenceUtil.saveRoles(filterRoles(user.getRoles()), emf);
JpaOrganization organization = UserDirectoryPersistenceUtil.saveOrganization((JpaOrganization) user.getOrganization(), emf);
JpaUser newUser = new JpaUser(user.getUsername(), encodedPassword, organization, user.getName(), user.getEmail(), user.getProvider(), user.isManageable(), roles);
// Then save the user
EntityManager em = null;
EntityTransaction tx = null;
try {
em = emf.createEntityManager();
tx = em.getTransaction();
tx.begin();
em.persist(newUser);
tx.commit();
cache.put(user.getUsername() + DELIMITER + user.getOrganization().getId(), newUser);
} finally {
if (tx.isActive()) {
tx.rollback();
}
if (em != null)
em.close();
}
updateGroupMembership(user);
}
Also used :
EntityTransaction(javax.persistence.EntityTransaction)
EntityManager(javax.persistence.EntityManager)
JpaOrganization(org.opencastproject.security.impl.jpa.JpaOrganization)
UnauthorizedException(org.opencastproject.security.api.UnauthorizedException)
JpaRole(org.opencastproject.security.impl.jpa.JpaRole)
JpaUser(org.opencastproject.security.impl.jpa.JpaUser)
Aggregations
JpaUser (org.opencastproject.security.impl.jpa.JpaUser)35
Test (org.junit.Test)19
JpaRole (org.opencastproject.security.impl.jpa.JpaRole)18
UnauthorizedException (org.opencastproject.security.api.UnauthorizedException)13
User (org.opencastproject.security.api.User)12
NotFoundException (org.opencastproject.util.NotFoundException)9
HashSet (java.util.HashSet)8
JpaOrganization (org.opencastproject.security.impl.jpa.JpaOrganization)8
EntityManager (javax.persistence.EntityManager)5
Path (javax.ws.rs.Path)4
SecurityService (org.opencastproject.security.api.SecurityService)4
RestQuery (org.opencastproject.util.doc.rest.RestQuery)4
EntityTransaction (javax.persistence.EntityTransaction)3
NoResultException (javax.persistence.NoResultException)3
Before (org.junit.Before)3
Role (org.opencastproject.security.api.Role)3
JpaGroup (org.opencastproject.security.impl.jpa.JpaGroup)3
JObject (com.entwinemedia.fn.data.json.JObject)2
ArrayList (java.util.ArrayList)2
Iterator (java.util.Iterator)2
