Search in sources :

Example 96 with Principal

use of org.structr.core.entity.Principal in project structr by structr.

the class AuthenticationRequest method onRequest.

@Override
public void onRequest(CloudConnection serverConnection) throws IOException, FrameworkException {
    if (protocolVersion != CloudService.PROTOCOL_VERSION) {
        serverConnection.send(new Error(400, "Unsupported protocol version " + protocolVersion + ", server needs " + CloudService.PROTOCOL_VERSION));
        return;
    }
    final Principal user = serverConnection.getUser(userName);
    if (user != null) {
        try {
            this.keyLength = Math.min(keyLength, Cipher.getMaxAllowedKeyLength(CloudService.STREAM_CIPHER));
            this.salt = user.getSalt();
            serverConnection.impersonateUser(user);
            serverConnection.send(new AuthenticationResponse(userName, user.getEncryptedPassword(), salt, keyLength));
        } catch (Throwable t) {
            logger.warn("", t);
        }
    } else {
        serverConnection.send(new Error(401, "Authentication failed."));
    }
}
Also used : Principal(org.structr.core.entity.Principal)

Example 97 with Principal

use of org.structr.core.entity.Principal in project structr by structr.

the class UiAuthenticator method getUser.

@Override
public Principal getUser(final HttpServletRequest request, final boolean tryLogin) throws FrameworkException {
    Principal user = null;
    if (request.getAttribute(SessionHelper.SESSION_IS_NEW) != null) {
        // First, check session (JSESSIONID cookie)
        final HttpSession session = request.getSession(false);
        if (session != null) {
            user = AuthHelper.getPrincipalForSessionId(session.getId());
        }
    }
    if (user == null) {
        // Second, check X-Headers
        String userName = request.getHeader("X-User");
        String password = request.getHeader("X-Password");
        String token = request.getHeader("X-StructrSessionToken");
        // Try to authorize with a session token first
        if (token != null) {
            user = AuthHelper.getPrincipalForSessionId(token);
        } else if ((userName != null) && (password != null)) {
            if (tryLogin) {
                user = AuthHelper.getPrincipalForPassword(AbstractNode.name, userName, password);
            }
        }
    }
    return user;
}
Also used : HttpSession(javax.servlet.http.HttpSession) Principal(org.structr.core.entity.Principal)

Example 98 with Principal

use of org.structr.core.entity.Principal in project structr by structr.

the class ImportConsoleCommand method run.

@Override
public void run(final SecurityContext securityContext, final List<String> parameters, final Writable writable) throws FrameworkException, IOException {
    final Principal user = securityContext.getUser(false);
    if (user != null && user.isAdmin()) {
        final DeployCommand cmd = StructrApp.getInstance(securityContext).command(DeployCommand.class);
        cmd.setLogBuffer(writable);
        cmd.execute(toMap("mode", "import", "source", getParameter(parameters, 1)));
    } else {
        writable.println("You must be admin user to use this command.");
    }
}
Also used : DeployCommand(org.structr.web.maintenance.DeployCommand) Principal(org.structr.core.entity.Principal)

Example 99 with Principal

use of org.structr.core.entity.Principal in project structr by structr.

the class UserConsoleCommand method handlePwd.

private void handlePwd(final SecurityContext securityContext, final Writable writable, final String name, final String password) throws FrameworkException, IOException {
    if (StringUtils.isEmpty(name)) {
        throw new FrameworkException(422, "Missing user name for password command.");
    }
    final Class<? extends Principal> type = StructrApp.getConfiguration().getNodeEntityClass("User");
    final App app = StructrApp.getInstance(securityContext);
    if (type != null) {
        try (final Tx tx = app.tx()) {
            final Principal user = app.nodeQuery(type).andName(name).getFirst();
            if (user != null) {
                if (StringUtils.isNotBlank(password)) {
                    user.setPassword(password);
                    writable.println("Password changed.");
                } else {
                    throw new FrameworkException(422, "Will not set empty password");
                }
            } else {
                throw new FrameworkException(422, "User " + name + " not found.");
            }
            tx.success();
        }
    } else {
        throw new FrameworkException(422, "Cannot change password, no User class found.");
    }
}
Also used : StructrApp(org.structr.core.app.StructrApp) App(org.structr.core.app.App) FrameworkException(org.structr.common.error.FrameworkException) Tx(org.structr.core.graph.Tx) Principal(org.structr.core.entity.Principal)

Example 100 with Principal

use of org.structr.core.entity.Principal in project structr by structr.

the class UserConsoleCommand method handleAdd.

private void handleAdd(final SecurityContext securityContext, final Writable writable, final String name, final String eMail, final String isAdmin) throws FrameworkException, IOException {
    if (StringUtils.isEmpty(name)) {
        throw new FrameworkException(422, "Missing user name for add command.");
    }
    final App app = StructrApp.getInstance(securityContext);
    final Class type = StructrApp.getConfiguration().getNodeEntityClass("User");
    if (type != null) {
        try (final Tx tx = app.tx()) {
            final Principal user = app.create(type, new NodeAttribute<>(AbstractNode.name, name));
            // set e-mail address
            if (eMail != null && !"isAdmin".equals(eMail)) {
                user.setEMail(eMail);
            }
            // set isAdmin flag
            if ("isAdmin".equals(eMail) || "isAdmin".equals(isAdmin)) {
                user.setIsAdmin(true);
            }
            writable.println("User created.");
            tx.success();
        }
    } else {
        throw new FrameworkException(422, "Cannot create user, no User class found.");
    }
}
Also used : StructrApp(org.structr.core.app.StructrApp) App(org.structr.core.app.App) FrameworkException(org.structr.common.error.FrameworkException) Tx(org.structr.core.graph.Tx) Principal(org.structr.core.entity.Principal)

Aggregations

Principal (org.structr.core.entity.Principal)112 FrameworkException (org.structr.common.error.FrameworkException)68 Tx (org.structr.core.graph.Tx)65 Test (org.junit.Test)41 App (org.structr.core.app.App)31 StructrApp (org.structr.core.app.StructrApp)31 TestOne (org.structr.core.entity.TestOne)16 Group (org.structr.core.entity.Group)14 NodeAttribute (org.structr.core.graph.NodeAttribute)13 PropertyMap (org.structr.core.property.PropertyMap)13 SecurityContext (org.structr.common.SecurityContext)10 LinkedList (java.util.LinkedList)9 Result (org.structr.core.Result)8 User (org.structr.web.entity.User)8 AbstractNode (org.structr.core.entity.AbstractNode)7 SuperUser (org.structr.core.entity.SuperUser)7 StructrUiTest (org.structr.web.StructrUiTest)7 Page (org.structr.web.entity.dom.Page)7 IOException (java.io.IOException)6 List (java.util.List)6