Search in sources :

Example 11 with ThingsboardException

use of org.thingsboard.server.exception.ThingsboardException in project thingsboard by thingsboard.

the class AuditLogController method getAuditLogs.

@PreAuthorize("hasAuthority('TENANT_ADMIN')")
@RequestMapping(value = "/audit/logs", params = { "limit" }, method = RequestMethod.GET)
@ResponseBody
public TimePageData<AuditLog> getAuditLogs(@RequestParam int limit, @RequestParam(required = false) Long startTime, @RequestParam(required = false) Long endTime, @RequestParam(required = false, defaultValue = "false") boolean ascOrder, @RequestParam(required = false) String offset) throws ThingsboardException {
    try {
        TenantId tenantId = getCurrentUser().getTenantId();
        TimePageLink pageLink = createPageLink(limit, startTime, endTime, ascOrder, offset);
        return checkNotNull(auditLogService.findAuditLogsByTenantId(tenantId, pageLink));
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : TenantId(org.thingsboard.server.common.data.id.TenantId) TimePageLink(org.thingsboard.server.common.data.page.TimePageLink) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)

Example 12 with ThingsboardException

use of org.thingsboard.server.exception.ThingsboardException in project thingsboard by thingsboard.

the class AuthController method activateUser.

@RequestMapping(value = "/noauth/activate", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
@ResponseBody
public JsonNode activateUser(@RequestBody JsonNode activateRequest, HttpServletRequest request) throws ThingsboardException {
    try {
        String activateToken = activateRequest.get("activateToken").asText();
        String password = activateRequest.get("password").asText();
        String encodedPassword = passwordEncoder.encode(password);
        UserCredentials credentials = userService.activateUserCredentials(activateToken, encodedPassword);
        User user = userService.findUserById(credentials.getUserId());
        UserPrincipal principal = new UserPrincipal(UserPrincipal.Type.USER_NAME, user.getEmail());
        SecurityUser securityUser = new SecurityUser(user, credentials.isEnabled(), principal);
        String baseUrl = constructBaseUrl(request);
        String loginUrl = String.format("%s/login", baseUrl);
        String email = user.getEmail();
        try {
            mailService.sendAccountActivatedEmail(loginUrl, email);
        } catch (Exception e) {
            log.info("Unable to send account activation email [{}]", e.getMessage());
        }
        JwtToken accessToken = tokenFactory.createAccessJwtToken(securityUser);
        JwtToken refreshToken = refreshTokenRepository.requestRefreshToken(securityUser);
        ObjectMapper objectMapper = new ObjectMapper();
        ObjectNode tokenObject = objectMapper.createObjectNode();
        tokenObject.put("token", accessToken.getToken());
        tokenObject.put("refreshToken", refreshToken.getToken());
        return tokenObject;
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : JwtToken(org.thingsboard.server.service.security.model.token.JwtToken) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) User(org.thingsboard.server.common.data.User) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) UserCredentials(org.thingsboard.server.common.data.security.UserCredentials) UserPrincipal(org.thingsboard.server.service.security.model.UserPrincipal) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) URISyntaxException(java.net.URISyntaxException) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)

Example 13 with ThingsboardException

use of org.thingsboard.server.exception.ThingsboardException in project thingsboard by thingsboard.

the class AuthController method requestResetPasswordByEmail.

@RequestMapping(value = "/noauth/resetPasswordByEmail", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
public void requestResetPasswordByEmail(@RequestBody JsonNode resetPasswordByEmailRequest, HttpServletRequest request) throws ThingsboardException {
    try {
        String email = resetPasswordByEmailRequest.get("email").asText();
        UserCredentials userCredentials = userService.requestPasswordReset(email);
        String baseUrl = constructBaseUrl(request);
        String resetUrl = String.format("%s/api/noauth/resetPassword?resetToken=%s", baseUrl, userCredentials.getResetToken());
        mailService.sendResetPasswordEmail(resetUrl, email);
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : UserCredentials(org.thingsboard.server.common.data.security.UserCredentials) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) URISyntaxException(java.net.URISyntaxException)

Example 14 with ThingsboardException

use of org.thingsboard.server.exception.ThingsboardException in project thingsboard by thingsboard.

the class AuthController method changePassword.

@PreAuthorize("isAuthenticated()")
@RequestMapping(value = "/auth/changePassword", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
public void changePassword(@RequestBody JsonNode changePasswordRequest) throws ThingsboardException {
    try {
        String currentPassword = changePasswordRequest.get("currentPassword").asText();
        String newPassword = changePasswordRequest.get("newPassword").asText();
        SecurityUser securityUser = getCurrentUser();
        UserCredentials userCredentials = userService.findUserCredentialsByUserId(securityUser.getId());
        if (!passwordEncoder.matches(currentPassword, userCredentials.getPassword())) {
            throw new ThingsboardException("Current password doesn't match!", ThingsboardErrorCode.BAD_REQUEST_PARAMS);
        }
        userCredentials.setPassword(passwordEncoder.encode(newPassword));
        userService.saveUserCredentials(userCredentials);
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) UserCredentials(org.thingsboard.server.common.data.security.UserCredentials) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) URISyntaxException(java.net.URISyntaxException) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)

Example 15 with ThingsboardException

use of org.thingsboard.server.exception.ThingsboardException in project thingsboard by thingsboard.

the class AuthController method resetPassword.

@RequestMapping(value = "/noauth/resetPassword", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
@ResponseBody
public JsonNode resetPassword(@RequestBody JsonNode resetPasswordRequest, HttpServletRequest request) throws ThingsboardException {
    try {
        String resetToken = resetPasswordRequest.get("resetToken").asText();
        String password = resetPasswordRequest.get("password").asText();
        UserCredentials userCredentials = userService.findUserCredentialsByResetToken(resetToken);
        if (userCredentials != null) {
            String encodedPassword = passwordEncoder.encode(password);
            userCredentials.setPassword(encodedPassword);
            userCredentials.setResetToken(null);
            userCredentials = userService.saveUserCredentials(userCredentials);
            User user = userService.findUserById(userCredentials.getUserId());
            UserPrincipal principal = new UserPrincipal(UserPrincipal.Type.USER_NAME, user.getEmail());
            SecurityUser securityUser = new SecurityUser(user, userCredentials.isEnabled(), principal);
            String baseUrl = constructBaseUrl(request);
            String loginUrl = String.format("%s/login", baseUrl);
            String email = user.getEmail();
            mailService.sendPasswordWasResetEmail(loginUrl, email);
            JwtToken accessToken = tokenFactory.createAccessJwtToken(securityUser);
            JwtToken refreshToken = refreshTokenRepository.requestRefreshToken(securityUser);
            ObjectMapper objectMapper = new ObjectMapper();
            ObjectNode tokenObject = objectMapper.createObjectNode();
            tokenObject.put("token", accessToken.getToken());
            tokenObject.put("refreshToken", refreshToken.getToken());
            return tokenObject;
        } else {
            throw new ThingsboardException("Invalid reset token!", ThingsboardErrorCode.BAD_REQUEST_PARAMS);
        }
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : JwtToken(org.thingsboard.server.service.security.model.token.JwtToken) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) User(org.thingsboard.server.common.data.User) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) UserCredentials(org.thingsboard.server.common.data.security.UserCredentials) UserPrincipal(org.thingsboard.server.service.security.model.UserPrincipal) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) URISyntaxException(java.net.URISyntaxException)

Aggregations

ThingsboardException (org.thingsboard.server.exception.ThingsboardException)88 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)72 IncorrectParameterException (org.thingsboard.server.dao.exception.IncorrectParameterException)39 TenantId (org.thingsboard.server.common.data.id.TenantId)23 SecurityUser (org.thingsboard.server.service.security.model.SecurityUser)18 CustomerId (org.thingsboard.server.common.data.id.CustomerId)17 TextPageLink (org.thingsboard.server.common.data.page.TextPageLink)11 Customer (org.thingsboard.server.common.data.Customer)10 MessagingException (javax.mail.MessagingException)8 DashboardId (org.thingsboard.server.common.data.id.DashboardId)8 DataValidationException (org.thingsboard.server.dao.exception.DataValidationException)8 Device (org.thingsboard.server.common.data.Device)7 EntityId (org.thingsboard.server.common.data.id.EntityId)7 TimePageLink (org.thingsboard.server.common.data.page.TimePageLink)7 User (org.thingsboard.server.common.data.User)6 Asset (org.thingsboard.server.common.data.asset.Asset)6 DeviceId (org.thingsboard.server.common.data.id.DeviceId)6 RelationTypeGroup (org.thingsboard.server.common.data.relation.RelationTypeGroup)6 UserCredentials (org.thingsboard.server.common.data.security.UserCredentials)6 List (java.util.List)5