Examples with ProfileType password.pwm.config.profile.ProfileType used on opensource projects

Example 1 with ProfileType

use of password.pwm.config.profile.ProfileType in project pwm by pwm-project.

the class UserInfoReader method isRequiresUpdateProfile.

@Override
public boolean isRequiresUpdateProfile() throws PwmUnrecoverableException {
    final Configuration configuration = pwmApplication.getConfig();
    if (!pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.UPDATE_PROFILE_ENABLE)) {
        LOGGER.debug(sessionLabel, "checkProfiles: " + userIdentity.toString() + " profile module is not enabled");
        return false;
    }
    UpdateProfileProfile updateProfileProfile = null;
    final Map<ProfileType, String> profileIDs = selfCachedReference.getProfileIDs();
    if (profileIDs.containsKey(ProfileType.UpdateAttributes)) {
        updateProfileProfile = configuration.getUpdateAttributesProfile().get(profileIDs.get(ProfileType.UpdateAttributes));
    }
    if (updateProfileProfile == null) {
        return false;
    }
    if (!updateProfileProfile.readSettingAsBoolean(PwmSetting.UPDATE_PROFILE_FORCE_SETUP)) {
        LOGGER.debug(sessionLabel, "checkProfiles: " + userIdentity.toString() + " profile force setup is not enabled");
        return false;
    }
    final List<FormConfiguration> updateFormFields = updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
    try {
        final Map<FormConfiguration, List<String>> valueMap = FormUtility.populateFormMapFromLdap(updateFormFields, sessionLabel, selfCachedReference, FormUtility.Flag.ReturnEmptyValues);
        final Map<FormConfiguration, String> singleValueMap = FormUtility.multiValueMapToSingleValue(valueMap);
        FormUtility.validateFormValues(configuration, singleValueMap, locale);
        LOGGER.debug(sessionLabel, "checkProfile: " + userIdentity + " has value for attributes, update profile will not be required");
        return false;
    } catch (PwmDataValidationException e) {
        LOGGER.debug(sessionLabel, "checkProfile: " + userIdentity + " does not have good attributes (" + e.getMessage() + "), update profile will be required");
        return true;
    } catch (PwmUnrecoverableException e) {
        e.printStackTrace();
    }
    return false;
}

Example 2 with ProfileType

use of password.pwm.config.profile.ProfileType in project pwm by pwm-project.

the class UserInfoReader method isRequiresOtpConfig.

@Override
public boolean isRequiresOtpConfig() throws PwmUnrecoverableException {
    LOGGER.trace(sessionLabel, "checkOtp: beginning process to check if user OTP setup is required");
    SetupOtpProfile setupOtpProfile = null;
    final Map<ProfileType, String> profileIDs = selfCachedReference.getProfileIDs();
    if (profileIDs.containsKey(ProfileType.UpdateAttributes)) {
        setupOtpProfile = pwmApplication.getConfig().getSetupOTPProfiles().get(profileIDs.get(ProfileType.SetupOTPProfile));
    }
    if (setupOtpProfile == null) {
        LOGGER.trace(sessionLabel, "checkOtp: no otp setup profile assigned, user OTP setup is not required");
        return false;
    }
    if (!setupOtpProfile.readSettingAsBoolean(PwmSetting.OTP_ALLOW_SETUP)) {
        LOGGER.trace(sessionLabel, "checkOtp: OTP allow setup is not enabled");
        return false;
    }
    final ForceSetupPolicy policy = setupOtpProfile.readSettingAsEnum(PwmSetting.OTP_FORCE_SETUP, ForceSetupPolicy.class);
    if (policy == ForceSetupPolicy.SKIP) {
        LOGGER.trace(sessionLabel, "checkOtp: OTP force setup policy is set to SKIP, user OTP setup is not required");
        return false;
    }
    final OTPUserRecord otpUserRecord = selfCachedReference.getOtpUserRecord();
    final boolean hasStoredOtp = otpUserRecord != null && otpUserRecord.getSecret() != null;
    if (hasStoredOtp) {
        LOGGER.trace(sessionLabel, "checkOtp: user has existing valid otp record, user OTP setup is not required");
        return false;
    }
    // hasStoredOtp is always true at this point, so if forced then update needed
    LOGGER.debug(sessionLabel, "checkOtp: user does not have existing valid otp record, user OTP setup is required");
    return policy == ForceSetupPolicy.FORCE || policy == ForceSetupPolicy.FORCE_ALLOW_SKIP;
}

Example 3 with ProfileType

use of password.pwm.config.profile.ProfileType in project pwm by pwm-project.

the class UserInfoReader method getProfileIDs.

@Override
public Map<ProfileType, String> getProfileIDs() throws PwmUnrecoverableException {
    final Map<ProfileType, String> returnMap = new HashMap<>();
    for (final ProfileType profileType : ProfileType.values()) {
        if (profileType.isAuthenticated()) {
            final String profileID = ProfileUtility.discoverProfileIDforUser(pwmApplication, sessionLabel, userIdentity, profileType);
            returnMap.put(profileType, profileID);
            if (profileID != null) {
                LOGGER.debug(sessionLabel, "assigned " + profileType.toString() + " profileID \"" + profileID + "\" to " + userIdentity.toDisplayString());
            } else {
                LOGGER.debug(sessionLabel, profileType.toString() + " has no matching profiles for user " + userIdentity.toDisplayString());
            }
        }
    }
    return Collections.unmodifiableMap(returnMap);
}

Example 4 with ProfileType

use of password.pwm.config.profile.ProfileType in project pwm by pwm-project.

the class UserDebugDataReader method profileMap.

private static Map<ProfileType, String> profileMap(final PwmApplication pwmApplication, final SessionLabel sessionLabel, final UserIdentity userIdentity) throws PwmUnrecoverableException {
    final Map<ProfileType, String> results = new TreeMap<>();
    for (final ProfileType profileType : ProfileType.values()) {
        final String id = ProfileUtility.discoverProfileIDforUser(pwmApplication, sessionLabel, userIdentity, profileType);
        results.put(profileType, id);
    }
    return Collections.unmodifiableMap(results);
}

Example 5 with ProfileType

use of password.pwm.config.profile.ProfileType in project pwm by pwm-project.

the class UserDebugDataReader method readUserDebugData.

public static UserDebugDataBean readUserDebugData(final PwmApplication pwmApplication, final Locale locale, final SessionLabel sessionLabel, final UserIdentity userIdentity) throws PwmUnrecoverableException {
    final UserInfo userInfo = UserInfoFactory.newUserInfoUsingProxy(pwmApplication, sessionLabel, userIdentity, locale);
    final Map<Permission, String> permissions = UserDebugDataReader.permissionMap(pwmApplication, sessionLabel, userIdentity);
    final Map<ProfileType, String> profiles = UserDebugDataReader.profileMap(pwmApplication, sessionLabel, userIdentity);
    final PwmPasswordPolicy ldapPasswordPolicy = PasswordUtility.readLdapPasswordPolicy(pwmApplication, pwmApplication.getProxiedChaiUser(userIdentity));
    final PwmPasswordPolicy configPasswordPolicy = PasswordUtility.determineConfiguredPolicyProfileForUser(pwmApplication, sessionLabel, userIdentity, locale);
    boolean readablePassword = false;
    try {
        readablePassword = null != LdapOperationsHelper.readLdapPassword(pwmApplication, sessionLabel, userIdentity);
    } catch (ChaiUnavailableException e) {
    /* disregard */
    }
    final MacroMachine macroMachine = MacroMachine.forUser(pwmApplication, locale, sessionLabel, userIdentity);
    final UserDebugDataBean userDebugData = UserDebugDataBean.builder().userInfo(userInfo).publicUserInfoBean(PublicUserInfoBean.fromUserInfoBean(userInfo, pwmApplication.getConfig(), locale, macroMachine)).permissions(permissions).profiles(profiles).ldapPasswordPolicy(ldapPasswordPolicy).configuredPasswordPolicy(configPasswordPolicy).passwordReadable(readablePassword).passwordWithinMinimumLifetime(userInfo.isWithinPasswordMinimumLifetime()).build();
    return userDebugData;
}