use of org.simbasecurity.core.exception.SimbaException in project simba-os by cegeka.
the class UserServiceImpl method create.
@Override
public User create(User user, List<String> roleNames) {
for (String roleName : roleNames) {
Role role = roleRepository.findByName(roleName);
if (role == null) {
throw new IllegalArgumentException("Role name " + roleName + " doesn't exist");
}
user.addRole(role);
}
if (userRepository.findByName(user.getUserName()) != null) {
throw new SimbaException(USER_ALREADY_EXISTS, user.getUserName());
}
User newUser = userRepository.persist(user);
audit.log(eventFactory.createEventForSession(user.getUserName(), null, "", "User created"));
return newUser;
}
use of org.simbasecurity.core.exception.SimbaException in project simba-os by cegeka.
the class ValidateRequestParametersCommand method checkIfLoginTokenExpired.
/**
* Validates the login token to see if it exists in the logging mapping
* database. If the login token isn't present no error is generated because
* there are cases that there is no login token or it can be null.
*
* @param context
*/
private void checkIfLoginTokenExpired(ChainContext context) {
String loginToken = context.getLoginToken();
if (loginToken != null) {
LoginMapping loginMapping = loginMappingService.getMapping(loginToken);
if (loginMapping == null) {
throw new SimbaException(SimbaMessageKey.LOGIN_TIME_EXPIRED);
}
context.setLoginMapping(loginMapping);
}
}
use of org.simbasecurity.core.exception.SimbaException in project simba-os by cegeka.
the class UserEntityTest method setUp.
@Before
public void setUp() {
implantMock(UserValidator.class);
PasswordValidator mockPasswordValidator = implantMock(PasswordValidator.class);
doThrow(new SimbaException(PASSWORD_INVALID_LENGTH)).when(mockPasswordValidator).validatePassword(INVALID_PASSWORD);
ConfigurationServiceImpl configurationServiceMock = implantMock(ConfigurationServiceImpl.class);
when(configurationServiceMock.getValue(SimbaConfigurationParameter.DEFAULT_PASSWORD)).thenReturn(DEFAULT_PASSWORD);
user = new UserEntity(USERNAME, null, null, null, Language.en_US, Status.ACTIVE, true, true);
}
use of org.simbasecurity.core.exception.SimbaException in project simba-os by cegeka.
the class UserService method changePassword.
@RequestMapping("changePassword")
@ResponseBody
public void changePassword(@RequestHeader(value = SIMBA_SSO_TOKEN, required = false) String ssoTokenFromHeader, @CookieValue(value = SIMBA_SSO_TOKEN, required = false) String ssoTokenFromCookie, @RequestBody ChangePasswordDTO changePasswordDTO, HttpServletResponse response) {
String ssoToken = (ssoTokenFromHeader != null ? ssoTokenFromHeader : ssoTokenFromCookie);
if (ssoToken == null || changePasswordDTO.getUserName() == null) {
sendUnauthorizedError(response);
return;
}
Session activeSession = sessionRepository.findBySSOToken(new SSOToken(ssoToken));
if (activeSession == null) {
sendUnauthorizedError(response);
return;
} else {
User sessionUser = activeSession.getUser();
User userThatNeedsPasswordChange = userRepository.findByName(changePasswordDTO.getUserName());
if (!sessionUser.getUserName().equals(userThatNeedsPasswordChange.getUserName())) {
sendUnauthorizedError(response);
return;
} else {
try {
userThatNeedsPasswordChange.changePassword(changePasswordDTO.getNewPassword(), changePasswordDTO.getNewPasswordConfirmation());
} catch (SimbaException ex) {
sendError(ErrorSender.UNABLE_TO_CHANGE_PASSWORD_ERROR_CODE, response, ex.getMessage());
return;
}
userRepository.flush();
}
}
}
use of org.simbasecurity.core.exception.SimbaException in project simba-os by cegeka.
the class ChangePasswordCommandTest method testPasswordReset_passwordNotValid.
@Test
public void testPasswordReset_passwordNotValid() throws Exception {
String simbaURL = "simbaURL";
String requestURL = "requestURL";
when(chainContextMock.getSimbaWebURL()).thenReturn(simbaURL);
when(chainContextMock.getRequestURL()).thenReturn(requestURL);
when(chainContextMock.getClientIpAddress()).thenReturn(IP_ADDRESS);
when(chainContextMock.getUserName()).thenReturn(USERNAME);
when(chainContextMock.getRequestParameter(AuthenticationConstants.NEW_PASSWORD)).thenReturn(NEW_PASSWORD);
when(chainContextMock.getRequestParameter(AuthenticationConstants.NEW_PASSWORD_CONFIRMATION)).thenReturn(NEW_PASSWORD);
doThrow(new SimbaException(PASSWORD_INVALID_LENGTH)).when(credentialServiceMock).changePassword(USERNAME, NEW_PASSWORD, NEW_PASSWORD);
when(chainContextMock.isChangePasswordRequest()).thenReturn(Boolean.TRUE);
State state = command.execute(chainContextMock);
verify(auditMock).log(captor.capture());
AuditLogEvent resultAuditLogEvent = captor.getValue();
assertEquals(AuditLogEventCategory.SESSION, resultAuditLogEvent.getCategory());
assertEquals(AuditMessages.FAILURE + AuditMessages.PASSWORD_NOT_VALID, resultAuditLogEvent.getMessage());
verify(chainContextMock).redirectWithCredentialError(PASSWORD_INVALID_LENGTH);
assertEquals(State.FINISH, state);
}
Aggregations