Search in sources :

Example 21 with FormConfiguration

use of password.pwm.config.value.data.FormConfiguration in project pwm by pwm-project.

the class ForgottenUsernameServlet method handleSearchRequest.

public void handleSearchRequest(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
    if (CaptchaUtility.captchaEnabledForRequest(pwmRequest)) {
        if (!CaptchaUtility.verifyReCaptcha(pwmRequest)) {
            final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_BAD_CAPTCHA_RESPONSE);
            LOGGER.debug(pwmRequest, errorInfo);
            setLastError(pwmRequest, errorInfo);
            forwardToFormJsp(pwmRequest);
            return;
        }
    }
    final String contextParam = pwmRequest.readParameterAsString(PwmConstants.PARAM_CONTEXT);
    final String ldapProfile = pwmRequest.readParameterAsString(PwmConstants.PARAM_LDAP_PROFILE);
    final List<FormConfiguration> forgottenUsernameForm = pwmApplication.getConfig().readSettingAsForm(PwmSetting.FORGOTTEN_USERNAME_FORM);
    // read the values from the request
    Map<FormConfiguration, String> formValues = new HashMap<>();
    try {
        formValues = FormUtility.readFormValuesFromRequest(pwmRequest, forgottenUsernameForm, ssBean.getLocale());
        // check for intruder search
        pwmApplication.getIntruderManager().convenience().checkAttributes(formValues);
        // see if the values meet the configured form requirements.
        FormUtility.validateFormValues(pwmRequest.getConfig(), formValues, ssBean.getLocale());
        final String searchFilter;
        {
            final String configuredSearchFilter = pwmApplication.getConfig().readSettingAsString(PwmSetting.FORGOTTEN_USERNAME_SEARCH_FILTER);
            if (configuredSearchFilter == null || configuredSearchFilter.isEmpty()) {
                searchFilter = FormUtility.ldapSearchFilterForForm(pwmApplication, forgottenUsernameForm);
                LOGGER.trace(pwmSession, "auto generated ldap search filter: " + searchFilter);
            } else {
                searchFilter = configuredSearchFilter;
            }
        }
        final UserIdentity userIdentity;
        {
            final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
            final SearchConfiguration searchConfiguration = SearchConfiguration.builder().filter(searchFilter).formValues(formValues).ldapProfile(ldapProfile).contexts(Collections.singletonList(contextParam)).build();
            userIdentity = userSearchEngine.performSingleUserSearch(searchConfiguration, pwmSession.getLabel());
        }
        if (userIdentity == null) {
            pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
            pwmApplication.getStatisticsManager().incrementValue(Statistic.FORGOTTEN_USERNAME_FAILURES);
            setLastError(pwmRequest, PwmError.ERROR_CANT_MATCH_USER.toInfo());
            forwardToFormJsp(pwmRequest);
            return;
        }
        // make sure the user isn't locked.
        pwmApplication.getIntruderManager().convenience().checkUserIdentity(userIdentity);
        final UserInfo forgottenUserInfo = UserInfoFactory.newUserInfoUsingProxy(pwmApplication, pwmRequest.getSessionLabel(), userIdentity, pwmRequest.getLocale());
        // send username
        sendUsername(pwmApplication, pwmSession, forgottenUserInfo);
        pwmApplication.getIntruderManager().convenience().clearAddressAndSession(pwmSession);
        pwmApplication.getIntruderManager().convenience().clearAttributes(formValues);
        pwmApplication.getStatisticsManager().incrementValue(Statistic.FORGOTTEN_USERNAME_SUCCESSES);
        // redirect user to success page.
        forwardToCompletePage(pwmRequest, userIdentity);
        return;
    } catch (PwmOperationalException e) {
        final ErrorInformation errorInfo;
        errorInfo = e.getError() == PwmError.ERROR_UNKNOWN ? new ErrorInformation(PwmError.ERROR_CANT_MATCH_USER, e.getErrorInformation().getDetailedErrorMsg(), e.getErrorInformation().getFieldValues()) : e.getErrorInformation();
        setLastError(pwmRequest, errorInfo);
        pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
        pwmApplication.getIntruderManager().convenience().markAttributes(formValues, pwmSession);
    }
    pwmApplication.getStatisticsManager().incrementValue(Statistic.FORGOTTEN_USERNAME_FAILURES);
    forwardToFormJsp(pwmRequest);
}
Also used : PwmApplication(password.pwm.PwmApplication) HashMap(java.util.HashMap) UserIdentity(password.pwm.bean.UserIdentity) UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) UserInfo(password.pwm.ldap.UserInfo) PwmOperationalException(password.pwm.error.PwmOperationalException) ErrorInformation(password.pwm.error.ErrorInformation) LocalSessionStateBean(password.pwm.bean.LocalSessionStateBean) FormConfiguration(password.pwm.config.value.data.FormConfiguration) PwmSession(password.pwm.http.PwmSession)

Example 22 with FormConfiguration

use of password.pwm.config.value.data.FormConfiguration in project pwm by pwm-project.

the class RestProfileServer method doGetProfileDataImpl.

private static RestResultBean doGetProfileDataImpl(final RestRequest restRequest, final String username) throws PwmUnrecoverableException, ChaiUnavailableException {
    final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, username);
    final String updateProfileID = ProfileUtility.discoverProfileIDforUser(restRequest.getPwmApplication(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), ProfileType.UpdateAttributes);
    if (StringUtil.isEmpty(updateProfileID)) {
        throw new PwmUnrecoverableException(PwmError.ERROR_NO_PROFILE_ASSIGNED);
    }
    final UpdateProfileProfile updateProfileProfile = restRequest.getPwmApplication().getConfig().getUpdateAttributesProfile().get(updateProfileID);
    final Map<String, String> profileData = new HashMap<>();
    {
        final Map<FormConfiguration, String> formData = new HashMap<>();
        for (final FormConfiguration formConfiguration : updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM)) {
            formData.put(formConfiguration, "");
        }
        final List<FormConfiguration> formFields = updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
        final UserInfo userInfo = UserInfoFactory.newUserInfo(restRequest.getPwmApplication(), restRequest.getSessionLabel(), restRequest.getLocale(), targetUserIdentity.getUserIdentity(), targetUserIdentity.getChaiProvider());
        FormUtility.populateFormMapFromLdap(formFields, restRequest.getSessionLabel(), formData, userInfo);
        for (final Map.Entry<FormConfiguration, String> entry : formData.entrySet()) {
            final FormConfiguration formConfig = entry.getKey();
            profileData.put(formConfig.getName(), entry.getValue());
        }
    }
    final JsonProfileData outputData = new JsonProfileData();
    outputData.profile = profileData;
    outputData.formDefinition = updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
    final RestResultBean restResultBean = RestResultBean.withData(outputData);
    StatisticsManager.incrementStat(restRequest.getPwmApplication(), Statistic.REST_PROFILE);
    return restResultBean;
}
Also used : HashMap(java.util.HashMap) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) UserInfo(password.pwm.ldap.UserInfo) UpdateProfileProfile(password.pwm.config.profile.UpdateProfileProfile) FormConfiguration(password.pwm.config.value.data.FormConfiguration) List(java.util.List) HashMap(java.util.HashMap) Map(java.util.Map) FormMap(password.pwm.util.FormMap) RestResultBean(password.pwm.ws.server.RestResultBean)

Example 23 with FormConfiguration

use of password.pwm.config.value.data.FormConfiguration in project pwm by pwm-project.

the class RestProfileServer method doPostProfileDataImpl.

private static RestResultBean doPostProfileDataImpl(final RestRequest restRequest, final JsonProfileData jsonInput) throws PwmUnrecoverableException, ChaiUnavailableException, PwmOperationalException {
    final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, jsonInput.getUsername());
    final String updateProfileID = ProfileUtility.discoverProfileIDforUser(restRequest.getPwmApplication(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), ProfileType.UpdateAttributes);
    if (StringUtil.isEmpty(updateProfileID)) {
        throw new PwmUnrecoverableException(PwmError.ERROR_NO_PROFILE_ASSIGNED);
    }
    final UpdateProfileProfile updateProfileProfile = restRequest.getPwmApplication().getConfig().getUpdateAttributesProfile().get(updateProfileID);
    {
        final List<UserPermission> userPermission = updateProfileProfile.readSettingAsUserPermission(PwmSetting.UPDATE_PROFILE_QUERY_MATCH);
        final boolean result = LdapPermissionTester.testUserPermissions(restRequest.getPwmApplication(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), userPermission);
        if (!result) {
            throw new PwmUnrecoverableException(PwmError.ERROR_UNAUTHORIZED);
        }
    }
    final FormMap inputFormData = new FormMap(jsonInput.profile);
    final List<FormConfiguration> profileForm = updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
    final Map<FormConfiguration, String> profileFormData = new HashMap<>();
    for (final FormConfiguration formConfiguration : profileForm) {
        if (!formConfiguration.isReadonly() && inputFormData.containsKey(formConfiguration.getName())) {
            profileFormData.put(formConfiguration, inputFormData.get(formConfiguration.getName()));
        }
    }
    final UserInfo userInfo = UserInfoFactory.newUserInfo(restRequest.getPwmApplication(), restRequest.getSessionLabel(), restRequest.getLocale(), targetUserIdentity.getUserIdentity(), targetUserIdentity.getChaiProvider());
    final MacroMachine macroMachine = MacroMachine.forUser(restRequest.getPwmApplication(), restRequest.getLocale(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity());
    UpdateProfileUtil.doProfileUpdate(restRequest.getPwmApplication(), restRequest.getSessionLabel(), restRequest.getLocale(), userInfo, macroMachine, updateProfileProfile, FormUtility.asStringMap(profileFormData), targetUserIdentity.getChaiUser());
    StatisticsManager.incrementStat(restRequest.getPwmApplication(), Statistic.REST_PROFILE);
    return RestResultBean.forSuccessMessage(restRequest, Message.Success_UpdateProfile);
}
Also used : HashMap(java.util.HashMap) MacroMachine(password.pwm.util.macro.MacroMachine) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) UpdateProfileProfile(password.pwm.config.profile.UpdateProfileProfile) List(java.util.List) FormConfiguration(password.pwm.config.value.data.FormConfiguration) UserInfo(password.pwm.ldap.UserInfo) FormMap(password.pwm.util.FormMap)

Example 24 with FormConfiguration

use of password.pwm.config.value.data.FormConfiguration in project pwm by pwm-project.

the class FormValue method toXmlValues.

public List<Element> toXmlValues(final String valueElementName, final PwmSecurityKey pwmSecurityKey) {
    final List<Element> returnList = new ArrayList<>();
    for (final FormConfiguration value : values) {
        final Element valueElement = new Element(valueElementName);
        valueElement.addContent(JsonUtil.serialize(value));
        returnList.add(valueElement);
    }
    return returnList;
}
Also used : Element(org.jdom2.Element) ArrayList(java.util.ArrayList) FormConfiguration(password.pwm.config.value.data.FormConfiguration)

Example 25 with FormConfiguration

use of password.pwm.config.value.data.FormConfiguration in project pwm by pwm-project.

the class NewUserFormUtils method getLdapDataFromNewUserForm.

static Map<String, String> getLdapDataFromNewUserForm(final NewUserProfile newUserProfile, final NewUserForm newUserForm) {
    final Map<String, String> ldapData = new LinkedHashMap<>();
    final List<FormConfiguration> formConfigurations = newUserProfile.readSettingAsForm(PwmSetting.NEWUSER_FORM);
    for (final FormConfiguration formConfiguration : formConfigurations) {
        if (formConfiguration.getSource() == FormConfiguration.Source.ldap) {
            final String attrName = formConfiguration.getName();
            final String value = newUserForm.getFormData().get(attrName);
            if (!StringUtil.isEmpty(value)) {
                ldapData.put(attrName, value);
            }
        }
    }
    return ldapData;
}
Also used : FormConfiguration(password.pwm.config.value.data.FormConfiguration) LinkedHashMap(java.util.LinkedHashMap)

Aggregations

FormConfiguration (password.pwm.config.value.data.FormConfiguration)63 LinkedHashMap (java.util.LinkedHashMap)26 ErrorInformation (password.pwm.error.ErrorInformation)23 Map (java.util.Map)19 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)15 ArrayList (java.util.ArrayList)14 HashMap (java.util.HashMap)14 PwmOperationalException (password.pwm.error.PwmOperationalException)14 List (java.util.List)13 UserIdentity (password.pwm.bean.UserIdentity)13 PwmApplication (password.pwm.PwmApplication)11 UserInfo (password.pwm.ldap.UserInfo)10 ChaiUser (com.novell.ldapchai.ChaiUser)9 Locale (java.util.Locale)9 PwmSession (password.pwm.http.PwmSession)9 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)9 ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)8 Configuration (password.pwm.config.Configuration)7 PwmDataValidationException (password.pwm.error.PwmDataValidationException)7 UserSearchEngine (password.pwm.ldap.search.UserSearchEngine)7