use of password.pwm.config.value.data.FormConfiguration in project pwm by pwm-project.
the class HelpdeskServlet method restSearchRequest.
@ActionHandler(action = "search")
private ProcessStatus restSearchRequest(final PwmRequest pwmRequest) throws ChaiUnavailableException, PwmUnrecoverableException, IOException, ServletException {
final HelpdeskProfile helpdeskProfile = getHelpdeskProfile(pwmRequest);
final Map<String, String> valueMap = pwmRequest.readBodyAsJsonStringMap();
final String username = valueMap.get("username");
final boolean useProxy = helpdeskProfile.readSettingAsBoolean(PwmSetting.HELPDESK_USE_PROXY);
final List<FormConfiguration> searchForm = helpdeskProfile.readSettingAsForm(PwmSetting.HELPDESK_SEARCH_FORM);
final int maxResults = (int) helpdeskProfile.readSettingAsLong(PwmSetting.HELPDESK_RESULT_LIMIT);
if (username == null || username.isEmpty()) {
final HelpdeskSearchResultsBean emptyResults = new HelpdeskSearchResultsBean();
emptyResults.setSearchResults(new ArrayList<>());
emptyResults.setSizeExceeded(false);
final RestResultBean restResultBean = RestResultBean.withData(emptyResults);
pwmRequest.outputJsonResult(restResultBean);
return ProcessStatus.Halt;
}
final UserSearchEngine userSearchEngine = pwmRequest.getPwmApplication().getUserSearchEngine();
final SearchConfiguration searchConfiguration;
{
final SearchConfiguration.SearchConfigurationBuilder builder = SearchConfiguration.builder();
builder.contexts(helpdeskProfile.readSettingAsStringArray(PwmSetting.HELPDESK_SEARCH_BASE));
builder.enableContextValidation(false);
builder.username(username);
builder.enableValueEscaping(false);
builder.filter(HelpdeskServletUtil.getSearchFilter(pwmRequest.getConfig(), helpdeskProfile));
builder.enableSplitWhitespace(true);
if (!useProxy) {
final UserIdentity loggedInUser = pwmRequest.getPwmSession().getUserInfo().getUserIdentity();
builder.ldapProfile(loggedInUser.getLdapProfileID());
builder.chaiProvider(getChaiUser(pwmRequest, helpdeskProfile, loggedInUser).getChaiProvider());
}
searchConfiguration = builder.build();
}
final UserSearchResults results;
final boolean sizeExceeded;
try {
final Locale locale = pwmRequest.getLocale();
results = userSearchEngine.performMultiUserSearchFromForm(locale, searchConfiguration, maxResults, searchForm, pwmRequest.getSessionLabel());
sizeExceeded = results.isSizeExceeded();
} catch (PwmOperationalException e) {
final ErrorInformation errorInformation = e.getErrorInformation();
LOGGER.error(pwmRequest, errorInformation);
final RestResultBean restResultBean = RestResultBean.fromError(errorInformation, pwmRequest);
pwmRequest.outputJsonResult(restResultBean);
return ProcessStatus.Halt;
}
final HelpdeskSearchResultsBean outputData = new HelpdeskSearchResultsBean();
outputData.setSearchResults(results.resultsAsJsonOutput(pwmRequest.getPwmApplication(), pwmRequest.getUserInfoIfLoggedIn()));
outputData.setSizeExceeded(sizeExceeded);
final RestResultBean restResultBean = RestResultBean.withData(outputData);
pwmRequest.outputJsonResult(restResultBean);
return ProcessStatus.Halt;
}
use of password.pwm.config.value.data.FormConfiguration in project pwm by pwm-project.
the class ForgottenPasswordServlet method processCheckAttributes.
@ActionHandler(action = "checkAttributes")
private ProcessStatus processCheckAttributes(final PwmRequest pwmRequest) throws ChaiUnavailableException, IOException, ServletException, PwmUnrecoverableException {
// final SessionStateBean ssBean = pwmRequest.getPwmSession().getSessionStateBean();
final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean(pwmRequest);
if (forgottenPasswordBean.isBogusUser()) {
final FormConfiguration formConfiguration = forgottenPasswordBean.getAttributeForm().iterator().next();
// add a bit of jitter to pretend like we're checking a data source
JavaHelper.pause(300 + PwmRandom.getInstance().nextInt(700));
if (forgottenPasswordBean.getUserSearchValues() != null) {
final List<FormConfiguration> formConfigurations = pwmRequest.getConfig().readSettingAsForm(PwmSetting.FORGOTTEN_PASSWORD_SEARCH_FORM);
final Map<FormConfiguration, String> formMap = FormUtility.asFormConfigurationMap(formConfigurations, forgottenPasswordBean.getUserSearchValues());
pwmRequest.getPwmApplication().getIntruderManager().convenience().markAttributes(formMap, pwmRequest.getPwmSession());
}
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_INCORRECT_RESPONSE, "incorrect value for attribute '" + formConfiguration.getName() + "'", new String[] { formConfiguration.getLabel(pwmRequest.getLocale()) });
forgottenPasswordBean.getProgress().setInProgressVerificationMethod(IdentityVerificationMethod.ATTRIBUTES);
setLastError(pwmRequest, errorInformation);
return ProcessStatus.Continue;
}
if (forgottenPasswordBean.getUserIdentity() == null) {
return ProcessStatus.Continue;
}
final UserIdentity userIdentity = forgottenPasswordBean.getUserIdentity();
try {
// check attributes
final ChaiUser theUser = pwmRequest.getPwmApplication().getProxiedChaiUser(userIdentity);
final Locale userLocale = pwmRequest.getLocale();
final List<FormConfiguration> requiredAttributesForm = forgottenPasswordBean.getAttributeForm();
if (requiredAttributesForm.isEmpty()) {
return ProcessStatus.Continue;
}
final Map<FormConfiguration, String> formValues = FormUtility.readFormValuesFromRequest(pwmRequest, requiredAttributesForm, userLocale);
for (final Map.Entry<FormConfiguration, String> entry : formValues.entrySet()) {
final FormConfiguration formConfiguration = entry.getKey();
final String attrName = formConfiguration.getName();
try {
if (theUser.compareStringAttribute(attrName, entry.getValue())) {
LOGGER.trace(pwmRequest, "successful validation of ldap attribute value for '" + attrName + "'");
} else {
throw new PwmDataValidationException(new ErrorInformation(PwmError.ERROR_INCORRECT_RESPONSE, "incorrect value for '" + attrName + "'", new String[] { formConfiguration.getLabel(pwmRequest.getLocale()) }));
}
} catch (ChaiOperationException e) {
LOGGER.error(pwmRequest, "error during param validation of '" + attrName + "', error: " + e.getMessage());
throw new PwmDataValidationException(new ErrorInformation(PwmError.ERROR_INCORRECT_RESPONSE, "ldap error testing value for '" + attrName + "'", new String[] { formConfiguration.getLabel(pwmRequest.getLocale()) }));
}
}
forgottenPasswordBean.getProgress().getSatisfiedMethods().add(IdentityVerificationMethod.ATTRIBUTES);
} catch (PwmDataValidationException e) {
handleUserVerificationBadAttempt(pwmRequest, forgottenPasswordBean, new ErrorInformation(PwmError.ERROR_INCORRECT_RESPONSE, e.getErrorInformation().toDebugStr()));
}
return ProcessStatus.Continue;
}
use of password.pwm.config.value.data.FormConfiguration in project pwm by pwm-project.
the class GuestRegistrationServlet method handleSearchRequest.
protected void handleSearchRequest(final PwmRequest pwmRequest, final GuestRegistrationBean guestRegistrationBean) throws ServletException, ChaiUnavailableException, IOException, PwmUnrecoverableException {
LOGGER.trace(pwmRequest, "Enter: handleSearchRequest(...)");
final PwmSession pwmSession = pwmRequest.getPwmSession();
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final ChaiProvider chaiProvider = pwmSession.getSessionManager().getChaiProvider();
final Configuration config = pwmApplication.getConfig();
final String adminDnAttribute = config.readSettingAsString(PwmSetting.GUEST_ADMIN_ATTRIBUTE);
final Boolean origAdminOnly = config.readSettingAsBoolean(PwmSetting.GUEST_EDIT_ORIG_ADMIN_ONLY);
final String usernameParam = pwmRequest.readParameterAsString("username");
final GuestRegistrationBean guBean = pwmApplication.getSessionStateService().getBean(pwmRequest, GuestRegistrationBean.class);
final SearchConfiguration searchConfiguration = SearchConfiguration.builder().chaiProvider(chaiProvider).contexts(Collections.singletonList(config.readSettingAsString(PwmSetting.GUEST_CONTEXT))).enableContextValidation(false).username(usernameParam).build();
final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
try {
final UserIdentity theGuest = userSearchEngine.performSingleUserSearch(searchConfiguration, pwmSession.getLabel());
final FormMap formProps = guBean.getFormValues();
try {
final List<FormConfiguration> guestUpdateForm = config.readSettingAsForm(PwmSetting.GUEST_UPDATE_FORM);
final Set<String> involvedAttrs = new HashSet<>();
for (final FormConfiguration formItem : guestUpdateForm) {
if (!formItem.getName().equalsIgnoreCase(HTTP_PARAM_EXPIRATION_DATE)) {
involvedAttrs.add(formItem.getName());
}
}
final UserInfo guestUserInfo = UserInfoFactory.newUserInfo(pwmApplication, pwmSession.getLabel(), pwmRequest.getLocale(), theGuest, pwmSession.getSessionManager().getChaiProvider());
final Map<String, String> userAttrValues = guestUserInfo.readStringAttributes(involvedAttrs);
if (origAdminOnly && adminDnAttribute != null && adminDnAttribute.length() > 0) {
final String origAdminDn = userAttrValues.get(adminDnAttribute);
if (origAdminDn != null && origAdminDn.length() > 0) {
if (!pwmSession.getUserInfo().getUserIdentity().getUserDN().equalsIgnoreCase(origAdminDn)) {
final ErrorInformation info = new ErrorInformation(PwmError.ERROR_ORIG_ADMIN_ONLY);
setLastError(pwmRequest, info);
LOGGER.warn(pwmSession, info);
this.forwardToJSP(pwmRequest, guestRegistrationBean);
}
}
}
final String expirationAttribute = config.readSettingAsString(PwmSetting.GUEST_EXPIRATION_ATTRIBUTE);
if (expirationAttribute != null && expirationAttribute.length() > 0) {
final Instant expiration = guestUserInfo.readDateAttribute(expirationAttribute);
if (expiration != null) {
guBean.setUpdateUserExpirationDate(expiration);
}
}
for (final FormConfiguration formItem : guestUpdateForm) {
final String key = formItem.getName();
final String value = userAttrValues.get(key);
if (value != null) {
formProps.put(key, value);
}
}
guBean.setUpdateUserIdentity(theGuest);
this.forwardToUpdateJSP(pwmRequest, guestRegistrationBean);
return;
} catch (PwmUnrecoverableException e) {
LOGGER.warn(pwmSession, "error reading current attributes for user: " + e.getMessage());
}
} catch (PwmOperationalException e) {
final ErrorInformation error = e.getErrorInformation();
setLastError(pwmRequest, error);
this.forwardToJSP(pwmRequest, guestRegistrationBean);
return;
}
this.forwardToJSP(pwmRequest, guestRegistrationBean);
}
use of password.pwm.config.value.data.FormConfiguration in project pwm by pwm-project.
the class GuestRegistrationServlet method handleCreateRequest.
private void handleCreateRequest(final PwmRequest pwmRequest, final GuestRegistrationBean guestRegistrationBean) throws PwmUnrecoverableException, ChaiUnavailableException, IOException, ServletException {
final PwmSession pwmSession = pwmRequest.getPwmSession();
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
final Configuration config = pwmApplication.getConfig();
final Locale locale = ssBean.getLocale();
final List<FormConfiguration> guestUserForm = config.readSettingAsForm(PwmSetting.GUEST_FORM);
try {
// read the values from the request
final Map<FormConfiguration, String> formValues = FormUtility.readFormValuesFromRequest(pwmRequest, guestUserForm, locale);
// read the expiration date from the request.
final Instant expirationDate = readExpirationFromRequest(pwmRequest);
// see if the values meet form requirements.
FormUtility.validateFormValues(config, formValues, locale);
// read new user DN
final String guestUserDN = determineUserDN(formValues, config);
// read a chai provider to make the user
final ChaiProvider provider = pwmSession.getSessionManager().getChaiProvider();
// set up the user creation attributes
final Map<String, String> createAttributes = new HashMap<>();
for (final Map.Entry<FormConfiguration, String> entry : formValues.entrySet()) {
final FormConfiguration formItem = entry.getKey();
final String value = entry.getValue();
LOGGER.debug(pwmSession, "Attribute from form: " + formItem.getName() + " = " + value);
final String n = formItem.getName();
final String v = formValues.get(formItem);
if (n != null && n.length() > 0 && v != null && v.length() > 0) {
createAttributes.put(n, v);
}
}
// Write creator DN
createAttributes.put(config.readSettingAsString(PwmSetting.GUEST_ADMIN_ATTRIBUTE), pwmSession.getUserInfo().getUserIdentity().getUserDN());
// read the creation object classes.
final Set<String> createObjectClasses = new HashSet<>(config.readSettingAsStringArray(PwmSetting.DEFAULT_OBJECT_CLASSES));
provider.createEntry(guestUserDN, createObjectClasses, createAttributes);
LOGGER.info(pwmSession, "created user object: " + guestUserDN);
final ChaiUser theUser = provider.getEntryFactory().newChaiUser(guestUserDN);
final UserIdentity userIdentity = new UserIdentity(guestUserDN, pwmSession.getUserInfo().getUserIdentity().getLdapProfileID());
// write the expiration date:
if (expirationDate != null) {
final String expirationAttr = config.readSettingAsString(PwmSetting.GUEST_EXPIRATION_ATTRIBUTE);
theUser.writeDateAttribute(expirationAttr, expirationDate);
}
final PwmPasswordPolicy passwordPolicy = PasswordUtility.readPasswordPolicyForUser(pwmApplication, pwmSession.getLabel(), userIdentity, theUser, locale);
final PasswordData newPassword = RandomPasswordGenerator.createRandomPassword(pwmSession.getLabel(), passwordPolicy, pwmApplication);
theUser.setPassword(newPassword.getStringValue());
{
// execute configured actions
LOGGER.debug(pwmSession, "executing configured actions to user " + theUser.getEntryDN());
final List<ActionConfiguration> actions = pwmApplication.getConfig().readSettingAsAction(PwmSetting.GUEST_WRITE_ATTRIBUTES);
if (actions != null && !actions.isEmpty()) {
final MacroMachine macroMachine = MacroMachine.forUser(pwmRequest, userIdentity);
final ActionExecutor actionExecutor = new ActionExecutor.ActionExecutorSettings(pwmApplication, theUser).setExpandPwmMacros(true).setMacroMachine(macroMachine).createActionExecutor();
actionExecutor.executeActions(actions, pwmRequest.getSessionLabel());
}
}
// everything good so forward to success page.
this.sendGuestUserEmailConfirmation(pwmRequest, userIdentity);
pwmApplication.getStatisticsManager().incrementValue(Statistic.NEW_USERS);
pwmRequest.getPwmResponse().forwardToSuccessPage(Message.Success_CreateGuest);
} catch (ChaiOperationException e) {
final ErrorInformation info = new ErrorInformation(PwmError.ERROR_NEW_USER_FAILURE, "error creating user: " + e.getMessage());
setLastError(pwmRequest, info);
LOGGER.warn(pwmSession, info);
this.forwardToJSP(pwmRequest, guestRegistrationBean);
} catch (PwmOperationalException e) {
LOGGER.error(pwmSession, e.getErrorInformation().toDebugStr());
setLastError(pwmRequest, e.getErrorInformation());
this.forwardToJSP(pwmRequest, guestRegistrationBean);
}
}
use of password.pwm.config.value.data.FormConfiguration in project pwm by pwm-project.
the class AccountInformationBean method makeFormInfo.
private static List<DisplayElement> makeFormInfo(final PwmRequest pwmRequest, final Locale locale) throws PwmUnrecoverableException {
final List<DisplayElement> returnData = new ArrayList<>();
final List<FormConfiguration> formConfiguration = pwmRequest.getConfig().readSettingAsForm(PwmSetting.ACCOUNT_INFORMATION_VIEW_FORM);
if (formConfiguration != null && !formConfiguration.isEmpty()) {
final Map<FormConfiguration, List<String>> ldapValues = FormUtility.populateFormMapFromLdap(formConfiguration, pwmRequest.getSessionLabel(), pwmRequest.getPwmSession().getUserInfo(), FormUtility.Flag.ReturnEmptyValues);
for (final Map.Entry<FormConfiguration, List<String>> entry : ldapValues.entrySet()) {
final FormConfiguration formConfig = entry.getKey();
final List<String> values = entry.getValue();
final String display = formConfig.isMultivalue() ? StringUtil.collectionToString(values, ", ") : values.isEmpty() ? "" : values.iterator().next();
returnData.add(new DisplayElement(formConfig.getName(), DisplayElement.Type.string, formConfig.getLabel(locale), display));
}
}
return Collections.unmodifiableList(returnData);
}
Aggregations