use of password.pwm.config.value.data.FormConfiguration in project pwm by pwm-project.
the class ForgottenUsernameServlet method handleSearchRequest.
public void handleSearchRequest(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException {
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final PwmSession pwmSession = pwmRequest.getPwmSession();
final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
if (CaptchaUtility.captchaEnabledForRequest(pwmRequest)) {
if (!CaptchaUtility.verifyReCaptcha(pwmRequest)) {
final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_BAD_CAPTCHA_RESPONSE);
LOGGER.debug(pwmRequest, errorInfo);
setLastError(pwmRequest, errorInfo);
forwardToFormJsp(pwmRequest);
return;
}
}
final String contextParam = pwmRequest.readParameterAsString(PwmConstants.PARAM_CONTEXT);
final String ldapProfile = pwmRequest.readParameterAsString(PwmConstants.PARAM_LDAP_PROFILE);
final List<FormConfiguration> forgottenUsernameForm = pwmApplication.getConfig().readSettingAsForm(PwmSetting.FORGOTTEN_USERNAME_FORM);
// read the values from the request
Map<FormConfiguration, String> formValues = new HashMap<>();
try {
formValues = FormUtility.readFormValuesFromRequest(pwmRequest, forgottenUsernameForm, ssBean.getLocale());
// check for intruder search
pwmApplication.getIntruderManager().convenience().checkAttributes(formValues);
// see if the values meet the configured form requirements.
FormUtility.validateFormValues(pwmRequest.getConfig(), formValues, ssBean.getLocale());
final String searchFilter;
{
final String configuredSearchFilter = pwmApplication.getConfig().readSettingAsString(PwmSetting.FORGOTTEN_USERNAME_SEARCH_FILTER);
if (configuredSearchFilter == null || configuredSearchFilter.isEmpty()) {
searchFilter = FormUtility.ldapSearchFilterForForm(pwmApplication, forgottenUsernameForm);
LOGGER.trace(pwmSession, "auto generated ldap search filter: " + searchFilter);
} else {
searchFilter = configuredSearchFilter;
}
}
final UserIdentity userIdentity;
{
final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
final SearchConfiguration searchConfiguration = SearchConfiguration.builder().filter(searchFilter).formValues(formValues).ldapProfile(ldapProfile).contexts(Collections.singletonList(contextParam)).build();
userIdentity = userSearchEngine.performSingleUserSearch(searchConfiguration, pwmSession.getLabel());
}
if (userIdentity == null) {
pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
pwmApplication.getStatisticsManager().incrementValue(Statistic.FORGOTTEN_USERNAME_FAILURES);
setLastError(pwmRequest, PwmError.ERROR_CANT_MATCH_USER.toInfo());
forwardToFormJsp(pwmRequest);
return;
}
// make sure the user isn't locked.
pwmApplication.getIntruderManager().convenience().checkUserIdentity(userIdentity);
final UserInfo forgottenUserInfo = UserInfoFactory.newUserInfoUsingProxy(pwmApplication, pwmRequest.getSessionLabel(), userIdentity, pwmRequest.getLocale());
// send username
sendUsername(pwmApplication, pwmSession, forgottenUserInfo);
pwmApplication.getIntruderManager().convenience().clearAddressAndSession(pwmSession);
pwmApplication.getIntruderManager().convenience().clearAttributes(formValues);
pwmApplication.getStatisticsManager().incrementValue(Statistic.FORGOTTEN_USERNAME_SUCCESSES);
// redirect user to success page.
forwardToCompletePage(pwmRequest, userIdentity);
return;
} catch (PwmOperationalException e) {
final ErrorInformation errorInfo;
errorInfo = e.getError() == PwmError.ERROR_UNKNOWN ? new ErrorInformation(PwmError.ERROR_CANT_MATCH_USER, e.getErrorInformation().getDetailedErrorMsg(), e.getErrorInformation().getFieldValues()) : e.getErrorInformation();
setLastError(pwmRequest, errorInfo);
pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
pwmApplication.getIntruderManager().convenience().markAttributes(formValues, pwmSession);
}
pwmApplication.getStatisticsManager().incrementValue(Statistic.FORGOTTEN_USERNAME_FAILURES);
forwardToFormJsp(pwmRequest);
}
use of password.pwm.config.value.data.FormConfiguration in project pwm by pwm-project.
the class RestProfileServer method doGetProfileDataImpl.
private static RestResultBean doGetProfileDataImpl(final RestRequest restRequest, final String username) throws PwmUnrecoverableException, ChaiUnavailableException {
final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, username);
final String updateProfileID = ProfileUtility.discoverProfileIDforUser(restRequest.getPwmApplication(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), ProfileType.UpdateAttributes);
if (StringUtil.isEmpty(updateProfileID)) {
throw new PwmUnrecoverableException(PwmError.ERROR_NO_PROFILE_ASSIGNED);
}
final UpdateProfileProfile updateProfileProfile = restRequest.getPwmApplication().getConfig().getUpdateAttributesProfile().get(updateProfileID);
final Map<String, String> profileData = new HashMap<>();
{
final Map<FormConfiguration, String> formData = new HashMap<>();
for (final FormConfiguration formConfiguration : updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM)) {
formData.put(formConfiguration, "");
}
final List<FormConfiguration> formFields = updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
final UserInfo userInfo = UserInfoFactory.newUserInfo(restRequest.getPwmApplication(), restRequest.getSessionLabel(), restRequest.getLocale(), targetUserIdentity.getUserIdentity(), targetUserIdentity.getChaiProvider());
FormUtility.populateFormMapFromLdap(formFields, restRequest.getSessionLabel(), formData, userInfo);
for (final Map.Entry<FormConfiguration, String> entry : formData.entrySet()) {
final FormConfiguration formConfig = entry.getKey();
profileData.put(formConfig.getName(), entry.getValue());
}
}
final JsonProfileData outputData = new JsonProfileData();
outputData.profile = profileData;
outputData.formDefinition = updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
final RestResultBean restResultBean = RestResultBean.withData(outputData);
StatisticsManager.incrementStat(restRequest.getPwmApplication(), Statistic.REST_PROFILE);
return restResultBean;
}
use of password.pwm.config.value.data.FormConfiguration in project pwm by pwm-project.
the class RestProfileServer method doPostProfileDataImpl.
private static RestResultBean doPostProfileDataImpl(final RestRequest restRequest, final JsonProfileData jsonInput) throws PwmUnrecoverableException, ChaiUnavailableException, PwmOperationalException {
final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, jsonInput.getUsername());
final String updateProfileID = ProfileUtility.discoverProfileIDforUser(restRequest.getPwmApplication(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), ProfileType.UpdateAttributes);
if (StringUtil.isEmpty(updateProfileID)) {
throw new PwmUnrecoverableException(PwmError.ERROR_NO_PROFILE_ASSIGNED);
}
final UpdateProfileProfile updateProfileProfile = restRequest.getPwmApplication().getConfig().getUpdateAttributesProfile().get(updateProfileID);
{
final List<UserPermission> userPermission = updateProfileProfile.readSettingAsUserPermission(PwmSetting.UPDATE_PROFILE_QUERY_MATCH);
final boolean result = LdapPermissionTester.testUserPermissions(restRequest.getPwmApplication(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), userPermission);
if (!result) {
throw new PwmUnrecoverableException(PwmError.ERROR_UNAUTHORIZED);
}
}
final FormMap inputFormData = new FormMap(jsonInput.profile);
final List<FormConfiguration> profileForm = updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
final Map<FormConfiguration, String> profileFormData = new HashMap<>();
for (final FormConfiguration formConfiguration : profileForm) {
if (!formConfiguration.isReadonly() && inputFormData.containsKey(formConfiguration.getName())) {
profileFormData.put(formConfiguration, inputFormData.get(formConfiguration.getName()));
}
}
final UserInfo userInfo = UserInfoFactory.newUserInfo(restRequest.getPwmApplication(), restRequest.getSessionLabel(), restRequest.getLocale(), targetUserIdentity.getUserIdentity(), targetUserIdentity.getChaiProvider());
final MacroMachine macroMachine = MacroMachine.forUser(restRequest.getPwmApplication(), restRequest.getLocale(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity());
UpdateProfileUtil.doProfileUpdate(restRequest.getPwmApplication(), restRequest.getSessionLabel(), restRequest.getLocale(), userInfo, macroMachine, updateProfileProfile, FormUtility.asStringMap(profileFormData), targetUserIdentity.getChaiUser());
StatisticsManager.incrementStat(restRequest.getPwmApplication(), Statistic.REST_PROFILE);
return RestResultBean.forSuccessMessage(restRequest, Message.Success_UpdateProfile);
}
use of password.pwm.config.value.data.FormConfiguration in project pwm by pwm-project.
the class FormValue method toXmlValues.
public List<Element> toXmlValues(final String valueElementName, final PwmSecurityKey pwmSecurityKey) {
final List<Element> returnList = new ArrayList<>();
for (final FormConfiguration value : values) {
final Element valueElement = new Element(valueElementName);
valueElement.addContent(JsonUtil.serialize(value));
returnList.add(valueElement);
}
return returnList;
}
use of password.pwm.config.value.data.FormConfiguration in project pwm by pwm-project.
the class NewUserFormUtils method getLdapDataFromNewUserForm.
static Map<String, String> getLdapDataFromNewUserForm(final NewUserProfile newUserProfile, final NewUserForm newUserForm) {
final Map<String, String> ldapData = new LinkedHashMap<>();
final List<FormConfiguration> formConfigurations = newUserProfile.readSettingAsForm(PwmSetting.NEWUSER_FORM);
for (final FormConfiguration formConfiguration : formConfigurations) {
if (formConfiguration.getSource() == FormConfiguration.Source.ldap) {
final String attrName = formConfiguration.getName();
final String value = newUserForm.getFormData().get(attrName);
if (!StringUtil.isEmpty(value)) {
ldapData.put(attrName, value);
}
}
}
return ldapData;
}
Aggregations