Search in sources :

Example 1 with HelpdeskUIMode

use of password.pwm.config.option.HelpdeskUIMode in project pwm by pwm-project.

the class HelpdeskServlet method processCheckPasswordAction.

@ActionHandler(action = "checkPassword")
private ProcessStatus processCheckPasswordAction(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ChaiUnavailableException {
    final RestCheckPasswordServer.JsonInput jsonInput = JsonUtil.deserialize(pwmRequest.readRequestBodyAsString(), RestCheckPasswordServer.JsonInput.class);
    final UserIdentity userIdentity = UserIdentity.fromKey(jsonInput.getUsername(), pwmRequest.getPwmApplication());
    final HelpdeskProfile helpdeskProfile = getHelpdeskProfile(pwmRequest);
    HelpdeskServletUtil.checkIfUserIdentityViewable(pwmRequest, helpdeskProfile, userIdentity);
    final ChaiUser chaiUser = getChaiUser(pwmRequest, getHelpdeskProfile(pwmRequest), userIdentity);
    final UserInfo userInfo = UserInfoFactory.newUserInfo(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), pwmRequest.getLocale(), userIdentity, chaiUser.getChaiProvider());
    {
        final HelpdeskUIMode mode = helpdeskProfile.readSettingAsEnum(PwmSetting.HELPDESK_SET_PASSWORD_MODE, HelpdeskUIMode.class);
        if (mode == HelpdeskUIMode.none) {
            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_SECURITY_VIOLATION, "setting " + PwmSetting.HELPDESK_SET_PASSWORD_MODE.toMenuLocationDebug(helpdeskProfile.getIdentifier(), pwmRequest.getLocale()) + " must not be set to none"));
        }
    }
    final PasswordUtility.PasswordCheckInfo passwordCheckInfo = PasswordUtility.checkEnteredPassword(pwmRequest.getPwmApplication(), pwmRequest.getLocale(), chaiUser, userInfo, null, PasswordData.forStringValue(jsonInput.getPassword1()), PasswordData.forStringValue(jsonInput.getPassword2()));
    final RestCheckPasswordServer.JsonOutput jsonResponse = RestCheckPasswordServer.JsonOutput.fromPasswordCheckInfo(passwordCheckInfo);
    final RestResultBean restResultBean = RestResultBean.withData(jsonResponse);
    pwmRequest.outputJsonResult(restResultBean);
    return ProcessStatus.Halt;
}
Also used : UserIdentity(password.pwm.bean.UserIdentity) HelpdeskProfile(password.pwm.config.profile.HelpdeskProfile) HelpdeskUIMode(password.pwm.config.option.HelpdeskUIMode) PasswordUtility(password.pwm.util.operations.PasswordUtility) UserInfo(password.pwm.ldap.UserInfo) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) RestCheckPasswordServer(password.pwm.ws.server.rest.RestCheckPasswordServer) ErrorInformation(password.pwm.error.ErrorInformation) ChaiUser(com.novell.ldapchai.ChaiUser) RestResultBean(password.pwm.ws.server.RestResultBean)

Example 2 with HelpdeskUIMode

use of password.pwm.config.option.HelpdeskUIMode in project pwm by pwm-project.

the class HelpdeskServlet method processSetPasswordAction.

@ActionHandler(action = "setPassword")
private ProcessStatus processSetPasswordAction(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ChaiUnavailableException {
    final HelpdeskProfile helpdeskProfile = pwmRequest.getPwmSession().getSessionManager().getHelpdeskProfile(pwmRequest.getPwmApplication());
    final RestSetPasswordServer.JsonInputData jsonInput = JsonUtil.deserialize(pwmRequest.readRequestBodyAsString(), RestSetPasswordServer.JsonInputData.class);
    final UserIdentity userIdentity = UserIdentity.fromKey(jsonInput.getUsername(), pwmRequest.getPwmApplication());
    final ChaiUser chaiUser = getChaiUser(pwmRequest, helpdeskProfile, userIdentity);
    final UserInfo userInfo = UserInfoFactory.newUserInfo(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), pwmRequest.getLocale(), userIdentity, chaiUser.getChaiProvider());
    HelpdeskServletUtil.checkIfUserIdentityViewable(pwmRequest, helpdeskProfile, userIdentity);
    final HelpdeskUIMode mode = helpdeskProfile.readSettingAsEnum(PwmSetting.HELPDESK_SET_PASSWORD_MODE, HelpdeskUIMode.class);
    if (mode == HelpdeskUIMode.none) {
        throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_SECURITY_VIOLATION, "setting " + PwmSetting.HELPDESK_SET_PASSWORD_MODE.toMenuLocationDebug(helpdeskProfile.getIdentifier(), pwmRequest.getLocale()) + " must not be set to none"));
    }
    final PasswordData newPassword;
    if (jsonInput.getPassword() == null) {
        if (mode != HelpdeskUIMode.random) {
            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_SECURITY_VIOLATION, "setting " + PwmSetting.HELPDESK_SET_PASSWORD_MODE.toMenuLocationDebug(helpdeskProfile.getIdentifier(), pwmRequest.getLocale()) + " is set to " + mode + " and no password is included in request"));
        }
        final PwmPasswordPolicy passwordPolicy = PasswordUtility.readPasswordPolicyForUser(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), userIdentity, chaiUser, pwmRequest.getLocale());
        newPassword = RandomPasswordGenerator.createRandomPassword(pwmRequest.getSessionLabel(), passwordPolicy, pwmRequest.getPwmApplication());
    } else {
        if (mode == HelpdeskUIMode.random) {
            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_SECURITY_VIOLATION, "setting " + PwmSetting.HELPDESK_SET_PASSWORD_MODE.toMenuLocationDebug(helpdeskProfile.getIdentifier(), pwmRequest.getLocale()) + " is set to autogen yet a password is included in request"));
        }
        newPassword = new PasswordData(jsonInput.getPassword());
    }
    try {
        PasswordUtility.helpdeskSetUserPassword(pwmRequest.getPwmSession(), chaiUser, userInfo, pwmRequest.getPwmApplication(), newPassword);
    } catch (PwmException e) {
        LOGGER.error("error during set password REST operation: " + e.getMessage());
        pwmRequest.outputJsonResult(RestResultBean.fromError(e.getErrorInformation(), pwmRequest));
        return ProcessStatus.Halt;
    }
    pwmRequest.outputJsonResult(RestResultBean.forSuccessMessage(pwmRequest, Message.Success_ChangedHelpdeskPassword, userInfo.getUsername()));
    return ProcessStatus.Halt;
}
Also used : PwmException(password.pwm.error.PwmException) ErrorInformation(password.pwm.error.ErrorInformation) ChaiUser(com.novell.ldapchai.ChaiUser) PasswordData(password.pwm.util.PasswordData) PwmPasswordPolicy(password.pwm.config.profile.PwmPasswordPolicy) UserIdentity(password.pwm.bean.UserIdentity) HelpdeskProfile(password.pwm.config.profile.HelpdeskProfile) HelpdeskUIMode(password.pwm.config.option.HelpdeskUIMode) UserInfo(password.pwm.ldap.UserInfo) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) RestSetPasswordServer(password.pwm.ws.server.rest.RestSetPasswordServer)

Aggregations

ChaiUser (com.novell.ldapchai.ChaiUser)2 UserIdentity (password.pwm.bean.UserIdentity)2 HelpdeskUIMode (password.pwm.config.option.HelpdeskUIMode)2 HelpdeskProfile (password.pwm.config.profile.HelpdeskProfile)2 ErrorInformation (password.pwm.error.ErrorInformation)2 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)2 UserInfo (password.pwm.ldap.UserInfo)2 PwmPasswordPolicy (password.pwm.config.profile.PwmPasswordPolicy)1 PwmException (password.pwm.error.PwmException)1 PasswordData (password.pwm.util.PasswordData)1 PasswordUtility (password.pwm.util.operations.PasswordUtility)1 RestResultBean (password.pwm.ws.server.RestResultBean)1 RestCheckPasswordServer (password.pwm.ws.server.rest.RestCheckPasswordServer)1 RestSetPasswordServer (password.pwm.ws.server.rest.RestSetPasswordServer)1