Search in sources :

Example 6 with AuditRecord

use of password.pwm.svc.event.AuditRecord in project pwm by pwm-project.

the class ChangePasswordServlet method processAgreeAction.

@ActionHandler(action = "agree")
ProcessStatus processAgreeAction(final PwmRequest pwmRequest) throws ServletException, PwmUnrecoverableException, IOException, ChaiUnavailableException {
    final ChangePasswordBean changePasswordBean = pwmRequest.getPwmApplication().getSessionStateService().getBean(pwmRequest, ChangePasswordBean.class);
    LOGGER.debug(pwmRequest, "user accepted password change agreement");
    if (!changePasswordBean.isAgreementPassed()) {
        changePasswordBean.setAgreementPassed(true);
        final AuditRecord auditRecord = new AuditRecordFactory(pwmRequest).createUserAuditRecord(AuditEvent.AGREEMENT_PASSED, pwmRequest.getUserInfoIfLoggedIn(), pwmRequest.getSessionLabel(), "ChangePassword");
        pwmRequest.getPwmApplication().getAuditManager().submit(auditRecord);
    }
    return ProcessStatus.Continue;
}
Also used : ChangePasswordBean(password.pwm.http.bean.ChangePasswordBean) AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) AuditRecord(password.pwm.svc.event.AuditRecord)

Example 7 with AuditRecord

use of password.pwm.svc.event.AuditRecord in project pwm by pwm-project.

the class UpdateProfileServlet method handleAgreeRequest.

@ActionHandler(action = "agree")
ProcessStatus handleAgreeRequest(final PwmRequest pwmRequest) throws ServletException, IOException, PwmUnrecoverableException, ChaiUnavailableException {
    LOGGER.debug(pwmRequest, "user accepted agreement");
    final UpdateProfileBean updateProfileBean = getBean(pwmRequest);
    if (!updateProfileBean.isAgreementPassed()) {
        updateProfileBean.setAgreementPassed(true);
        final AuditRecord auditRecord = new AuditRecordFactory(pwmRequest).createUserAuditRecord(AuditEvent.AGREEMENT_PASSED, pwmRequest.getUserInfoIfLoggedIn(), pwmRequest.getSessionLabel(), "UpdateProfile");
        pwmRequest.getPwmApplication().getAuditManager().submit(auditRecord);
    }
    return ProcessStatus.Continue;
}
Also used : AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) UpdateProfileBean(password.pwm.http.bean.UpdateProfileBean) AuditRecord(password.pwm.svc.event.AuditRecord)

Example 8 with AuditRecord

use of password.pwm.svc.event.AuditRecord in project pwm by pwm-project.

the class TokenService method markTokenAsClaimed.

private void markTokenAsClaimed(final TokenKey tokenKey, final PwmSession pwmSession, final TokenPayload tokenPayload) throws PwmUnrecoverableException {
    if (tokenPayload == null || tokenPayload.getUserIdentity() == null) {
        return;
    }
    final boolean removeOnClaim = Boolean.parseBoolean(configuration.readAppProperty(AppProperty.TOKEN_REMOVE_ON_CLAIM));
    if (removeOnClaim) {
        try {
            LOGGER.trace(pwmSession, "removing claimed token: " + tokenPayload.toDebugString());
            tokenMachine.removeToken(tokenKey);
        } catch (PwmOperationalException e) {
            LOGGER.error(pwmSession, "error clearing claimed token: " + e.getMessage());
        }
    }
    final AuditRecord auditRecord = new AuditRecordFactory(pwmApplication).createUserAuditRecord(AuditEvent.TOKEN_CLAIMED, tokenPayload.getUserIdentity(), pwmSession.getLabel(), JsonUtil.serialize(tokenPayload));
    pwmApplication.getAuditManager().submit(auditRecord);
    StatisticsManager.incrementStat(pwmApplication, Statistic.TOKENS_PASSSED);
}
Also used : AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) AuditRecord(password.pwm.svc.event.AuditRecord) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 9 with AuditRecord

use of password.pwm.svc.event.AuditRecord in project pwm by pwm-project.

the class TokenService method generateNewToken.

public String generateNewToken(final TokenPayload tokenPayload, final SessionLabel sessionLabel) throws PwmUnrecoverableException, PwmOperationalException {
    checkStatus();
    final String tokenKey;
    try {
        tokenKey = tokenMachine.generateToken(sessionLabel, tokenPayload);
        tokenMachine.storeToken(tokenMachine.keyFromKey(tokenKey), tokenPayload);
    } catch (PwmException e) {
        final String errorMsg = "unexpected error trying to store token in datastore: " + e.getMessage();
        final ErrorInformation errorInformation = new ErrorInformation(e.getError(), errorMsg);
        throw new PwmOperationalException(errorInformation);
    }
    LOGGER.trace(sessionLabel, "generated token with payload: " + tokenPayload.toDebugString());
    final AuditRecord auditRecord = new AuditRecordFactory(pwmApplication).createUserAuditRecord(AuditEvent.TOKEN_ISSUED, tokenPayload.getUserIdentity(), sessionLabel, JsonUtil.serialize(tokenPayload));
    pwmApplication.getAuditManager().submit(auditRecord);
    return tokenKey;
}
Also used : PwmException(password.pwm.error.PwmException) ErrorInformation(password.pwm.error.ErrorInformation) AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) AuditRecord(password.pwm.svc.event.AuditRecord) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 10 with AuditRecord

use of password.pwm.svc.event.AuditRecord in project pwm by pwm-project.

the class DeleteAccountServlet method handleAgreeRequest.

@ActionHandler(action = "agree")
private ProcessStatus handleAgreeRequest(final PwmRequest pwmRequest) throws ServletException, IOException, PwmUnrecoverableException, ChaiUnavailableException {
    LOGGER.debug(pwmRequest, "user accepted agreement");
    final DeleteAccountBean deleteAccountBean = getBean(pwmRequest);
    if (!deleteAccountBean.isAgreementPassed()) {
        deleteAccountBean.setAgreementPassed(true);
        final AuditRecord auditRecord = new AuditRecordFactory(pwmRequest).createUserAuditRecord(AuditEvent.AGREEMENT_PASSED, pwmRequest.getUserInfoIfLoggedIn(), pwmRequest.getSessionLabel(), ProfileType.DeleteAccount.toString());
        pwmRequest.getPwmApplication().getAuditManager().submit(auditRecord);
    }
    return ProcessStatus.Continue;
}
Also used : DeleteAccountBean(password.pwm.http.bean.DeleteAccountBean) AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) AuditRecord(password.pwm.svc.event.AuditRecord)

Aggregations

AuditRecord (password.pwm.svc.event.AuditRecord)11 AuditRecordFactory (password.pwm.svc.event.AuditRecordFactory)10 ErrorInformation (password.pwm.error.ErrorInformation)3 PwmException (password.pwm.error.PwmException)3 PwmOperationalException (password.pwm.error.PwmOperationalException)3 IOException (java.io.IOException)2 HashMap (java.util.HashMap)2 PwmApplication (password.pwm.PwmApplication)2 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)2 ChaiUser (com.novell.ldapchai.ChaiUser)1 ChaiException (com.novell.ldapchai.exception.ChaiException)1 ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)1 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)1 ChaiProvider (com.novell.ldapchai.provider.ChaiProvider)1 DirectoryVendor (com.novell.ldapchai.provider.DirectoryVendor)1 Instant (java.time.Instant)1 ArrayList (java.util.ArrayList)1 Date (java.util.Date)1 LinkedHashMap (java.util.LinkedHashMap)1 List (java.util.List)1