#3410 #3411 fix - Fixed user roles and organizations and Pack date fields o...

rsanchez

2016-12-05 1ed7bc42993b3d23d92dfc38dfd34026a4619ae7

 securis/src/main/java/net/curisit/securis/services/UserResource.java
..
..
@@ -28,6 +28,9 @@
28
28
 import javax.ws.rs.core.Response;
29
29
 import javax.ws.rs.core.Response.Status;
30
30
 
31
+import org.apache.logging.log4j.LogManager;
32
+import org.apache.logging.log4j.Logger;
33
+
31
34
 import net.curisit.integrity.commons.Utils;
32
35
 import net.curisit.securis.DefaultExceptionHandler;
33
36
 import net.curisit.securis.SeCurisException;
..
..
@@ -38,10 +41,8 @@
38
41
 import net.curisit.securis.security.Securable;
39
42
 import net.curisit.securis.services.exception.SeCurisServiceException;
40
43
 import net.curisit.securis.services.exception.SeCurisServiceException.ErrorCodes;
44
+import net.curisit.securis.utils.CacheTTL;
41
45
 import net.curisit.securis.utils.TokenHelper;
42
-
43
-import org.apache.logging.log4j.LogManager;
44
-import org.apache.logging.log4j.Logger;
45
46
 
46
47
 /**
47
48
  * User resource
..
..
@@ -52,266 +53,258 @@
52
53
 @RequestScoped
53
54
 public class UserResource {
54
55
 
55
-    @Inject
56
-    TokenHelper tokenHelper;
56
+	@Inject
57
+	TokenHelper tokenHelper;
57
58
 
58
-    @Context
59
-    EntityManager em;
59
+	@Inject
60
+	private CacheTTL cache;
60
61
 
61
-    private static final Logger LOG = LogManager.getLogger(UserResource.class);
62
+	@Context
63
+	EntityManager em;
62
64
 
63
-    public UserResource() {
64
-    }
65
+	private static final Logger LOG = LogManager.getLogger(UserResource.class);
65
66
 
66
-    /**
67
-     * 
68
-     * @return the server version in format majorVersion.minorVersion
69
-     */
70
-    @GET
71
-    @Path("/")
72
-    @Produces({
73
-        MediaType.APPLICATION_JSON
74
-    })
75
-    @Securable
76
-    @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
77
-    public Response index() {
78
-        LOG.info("Getting users list ");
67
+	public UserResource() {
68
+	}
79
69
 
80
-        // EntityManager em = emProvider.get();
81
-        em.clear();
82
-        TypedQuery<User> q = em.createNamedQuery("list-users", User.class);
70
+	/**
71
+	 * 
72
+	 * @return the server version in format majorVersion.minorVersion
73
+	 */
74
+	@GET
75
+	@Path("/")
76
+	@Produces({ MediaType.APPLICATION_JSON })
77
+	@Securable
78
+	@RolesAllowed(BasicSecurityContext.ROL_ADMIN)
79
+	public Response index() {
80
+		LOG.info("Getting users list ");
83
81
 
84
-        List<User> list = q.getResultList();
82
+		// EntityManager em = emProvider.get();
83
+		em.clear();
84
+		TypedQuery<User> q = em.createNamedQuery("list-users", User.class);
85
85
 
86
-        return Response.ok(list).build();
87
-    }
86
+		List<User> list = q.getResultList();
88
87
 
89
-    /**
90
-     * 
91
-     * @return The user
92
-     */
93
-    @GET
94
-    @Path("/{uid}")
95
-    @Produces({
96
-        MediaType.APPLICATION_JSON
97
-    })
98
-    @Securable
99
-    @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
100
-    public Response get(@PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
101
-        LOG.info("Getting user data for id: {}: ", uid);
102
-        if (uid == null || "".equals(uid)) {
103
-            LOG.error("User ID is mandatory");
104
-            return Response.status(Status.NOT_FOUND).build();
105
-        }
88
+		return Response.ok(list).build();
89
+	}
106
90
 
107
-        // EntityManager em = emProvider.get();
108
-        em.clear();
109
-        User lt = em.find(User.class, uid);
110
-        if (lt == null) {
111
-            LOG.error("User with id {} not found in DB", uid);
112
-            return Response.status(Status.NOT_FOUND).build();
113
-        }
114
-        return Response.ok(lt).build();
115
-    }
91
+	/**
92
+	 * 
93
+	 * @return The user
94
+	 */
95
+	@GET
96
+	@Path("/{uid}")
97
+	@Produces({ MediaType.APPLICATION_JSON })
98
+	@Securable
99
+	@RolesAllowed(BasicSecurityContext.ROL_ADMIN)
100
+	public Response get(@PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
101
+		LOG.info("Getting user data for id: {}: ", uid);
102
+		if (uid == null || "".equals(uid)) {
103
+			LOG.error("User ID is mandatory");
104
+			return Response.status(Status.NOT_FOUND).build();
105
+		}
116
106
 
117
-    @POST
118
-    @Path("/")
119
-    @Consumes(MediaType.APPLICATION_JSON)
120
-    @Produces({
121
-        MediaType.APPLICATION_JSON
122
-    })
123
-    @EnsureTransaction
124
-    @Securable
125
-    @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
126
-    public Response create(User user, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
127
-        LOG.info("Creating new user");
128
-        // EntityManager em = emProvider.get();
129
-        User currentUser = em.find(User.class, user.getUsername());
130
-        if (currentUser != null) {
131
-            LOG.info("User with id {} was found in DB, we'll try to modify it", user.getUsername());
132
-            return modify(user, user.getUsername(), token);
133
-        }
107
+		// EntityManager em = emProvider.get();
108
+		em.clear();
109
+		User lt = em.find(User.class, uid);
110
+		if (lt == null) {
111
+			LOG.error("User with id {} not found in DB", uid);
112
+			return Response.status(Status.NOT_FOUND).build();
113
+		}
114
+		return Response.ok(lt).build();
115
+	}
134
116
 
135
-        try {
136
-            this.setUserOrg(user, user.getOrgsIds(), em);
137
-        } catch (SeCurisException e) {
138
-            return Response.status(Status.NOT_FOUND).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, e.getMessage()).build();
139
-        }
140
-        if (user.getPassword() != null && !"".equals(user.getPassword())) {
141
-            user.setPassword(Utils.sha256(user.getPassword()));
142
-        } else {
143
-            return Response.status(DefaultExceptionHandler.DEFAULT_APP_ERROR_STATUS_CODE)
144
-                    .header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, "User password is mandatory").build();
145
-        }
146
-        user.setModificationTimestamp(new Date());
147
-        user.setLastLogin(null);
148
-        user.setCreationTimestamp(new Date());
149
-        em.persist(user);
117
+	@POST
118
+	@Path("/")
119
+	@Consumes(MediaType.APPLICATION_JSON)
120
+	@Produces({ MediaType.APPLICATION_JSON })
121
+	@EnsureTransaction
122
+	@Securable
123
+	@RolesAllowed(BasicSecurityContext.ROL_ADMIN)
124
+	public Response create(User user, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
125
+		LOG.info("Creating new user");
126
+		// EntityManager em = emProvider.get();
127
+		User currentUser = em.find(User.class, user.getUsername());
128
+		if (currentUser != null) {
129
+			LOG.info("User with id {} was found in DB, we'll try to modify it", user.getUsername());
130
+			return modify(user, user.getUsername(), token);
131
+		}
150
132
 
151
-        return Response.ok(user).build();
152
-    }
133
+		try {
134
+			this.setUserOrg(user, user.getOrgsIds(), em);
135
+		} catch (SeCurisException e) {
136
+			return Response.status(Status.NOT_FOUND).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, e.getMessage()).build();
137
+		}
138
+		if (user.getPassword() != null && !"".equals(user.getPassword())) {
139
+			user.setPassword(Utils.sha256(user.getPassword()));
140
+		} else {
141
+			return Response.status(DefaultExceptionHandler.DEFAULT_APP_ERROR_STATUS_CODE).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, "User password is mandatory")
142
+					.build();
143
+		}
144
+		user.setModificationTimestamp(new Date());
145
+		user.setLastLogin(null);
146
+		user.setCreationTimestamp(new Date());
147
+		em.persist(user);
153
148
 
154
-    private void setUserOrg(User user, Set<Integer> orgsIds, EntityManager em) throws SeCurisException {
155
-        Set<Organization> orgs = null;
156
-        if (orgsIds != null && !orgsIds.isEmpty()) {
157
-            orgs = new HashSet<>();
158
-            for (Integer orgId : orgsIds) {
159
-                Organization o = em.find(Organization.class, orgId);
160
-                if (o == null) {
161
-                    LOG.error("User organization with id {} not found in DB", orgId);
162
-                    throw new SeCurisException("User's organization not found with ID: " + orgId);
163
-                }
164
-                orgs.add(o);
165
-            }
166
-        }
149
+		return Response.ok(user).build();
150
+	}
167
151
 
168
-        user.setOrganizations(orgs);
152
+	private void setUserOrg(User user, Set<Integer> orgsIds, EntityManager em) throws SeCurisException {
153
+		Set<Organization> orgs = null;
154
+		if (orgsIds != null && !orgsIds.isEmpty()) {
155
+			orgs = new HashSet<>();
156
+			for (Integer orgId : orgsIds) {
157
+				Organization o = em.find(Organization.class, orgId);
158
+				if (o == null) {
159
+					LOG.error("User organization with id {} not found in DB", orgId);
160
+					throw new SeCurisException("User's organization not found with ID: " + orgId);
161
+				}
162
+				orgs.add(o);
163
+			}
164
+		}
169
165
 
170
-    }
166
+		user.setOrganizations(orgs);
171
167
 
172
-    @PUT
173
-    @POST
174
-    @Path("/{uid}")
175
-    @EnsureTransaction
176
-    @Consumes(MediaType.APPLICATION_JSON)
177
-    @Produces({
178
-        MediaType.APPLICATION_JSON
179
-    })
180
-    @Securable
181
-    @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
182
-    public Response modify(User user, @PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
183
-        LOG.info("Modifying user with id: {}", uid);
184
-        // EntityManager em = emProvider.get();
185
-        User currentUser = em.find(User.class, uid);
186
-        if (currentUser == null) {
187
-            LOG.info("User with id {} not found in DB, we'll try to create it", uid);
188
-            return create(user, token);
189
-        }
168
+	}
190
169
 
191
-        try {
192
-            this.setUserOrg(currentUser, user.getOrgsIds(), em);
193
-        } catch (SeCurisException e) {
194
-            return Response.status(Status.NOT_FOUND).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, e.getMessage()).build();
195
-        }
196
-        currentUser.setFirstName(user.getFirstName());
197
-        currentUser.setLastName(user.getLastName());
198
-        currentUser.setRoles(user.getRoles());
199
-        currentUser.setLang(user.getLang());
200
-        currentUser.setModificationTimestamp(new Date());
201
-        if (user.getPassword() != null && !"".equals(user.getPassword())) {
202
-            currentUser.setPassword(Utils.sha256(user.getPassword()));
203
-        } else {
204
-            // Password has not been modified
205
-            // return
206
-            // Response.status(DefaultExceptionHandler.DEFAULT_APP_ERROR_STATUS_CODE).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER,
207
-            // "User password is mandatory").build();
208
-        }
170
+	@PUT
171
+	@POST
172
+	@Path("/{uid}")
173
+	@EnsureTransaction
174
+	@Consumes(MediaType.APPLICATION_JSON)
175
+	@Produces({ MediaType.APPLICATION_JSON })
176
+	@Securable
177
+	@RolesAllowed(BasicSecurityContext.ROL_ADMIN)
178
+	public Response modify(User user, @PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
179
+		LOG.info("Modifying user with id: {}", uid);
180
+		// EntityManager em = emProvider.get();
181
+		User currentUser = em.find(User.class, uid);
182
+		if (currentUser == null) {
183
+			LOG.info("User with id {} not found in DB, we'll try to create it", uid);
184
+			return create(user, token);
185
+		}
209
186
 
210
-        currentUser.setLastLogin(user.getLastLogin());
187
+		try {
188
+			this.setUserOrg(currentUser, user.getOrgsIds(), em);
189
+		} catch (SeCurisException e) {
190
+			return Response.status(Status.NOT_FOUND).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, e.getMessage()).build();
191
+		}
192
+		currentUser.setFirstName(user.getFirstName());
193
+		currentUser.setLastName(user.getLastName());
194
+		currentUser.setRoles(user.getRoles());
195
+		currentUser.setLang(user.getLang());
196
+		currentUser.setModificationTimestamp(new Date());
197
+		if (user.getPassword() != null && !"".equals(user.getPassword())) {
198
+			currentUser.setPassword(Utils.sha256(user.getPassword()));
199
+		} else {
200
+			// Password has not been modified
201
+			// return
202
+			// Response.status(DefaultExceptionHandler.DEFAULT_APP_ERROR_STATUS_CODE).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER,
203
+			// "User password is mandatory").build();
204
+		}
211
205
 
212
-        em.persist(currentUser);
206
+		currentUser.setLastLogin(user.getLastLogin());
213
207
 
214
-        return Response.ok(currentUser).build();
215
-    }
208
+		em.persist(currentUser);
209
+		clearUserCache(currentUser.getUsername());
216
210
 
217
-    @DELETE
218
-    @Path("/{uid}")
219
-    @EnsureTransaction
220
-    @Produces({
221
-        MediaType.APPLICATION_JSON
222
-    })
223
-    @Securable
224
-    @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
225
-    public Response delete(@PathParam("uid") String uid, @Context HttpServletRequest request) {
226
-        LOG.info("Deleting app with id: {}", uid);
227
-        // EntityManager em = emProvider.get();
228
-        User app = em.find(User.class, uid);
229
-        if (app == null) {
230
-            LOG.error("User with id {} can not be deleted, It was not found in DB", uid);
231
-            return Response.status(Status.NOT_FOUND).build();
232
-        }
211
+		return Response.ok(currentUser).build();
212
+	}
233
213
 
234
-        em.remove(app);
235
-        return Response.ok(Utils.createMap("success", true, "id", uid)).build();
236
-    }
214
+	@DELETE
215
+	@Path("/{uid}")
216
+	@EnsureTransaction
217
+	@Produces({ MediaType.APPLICATION_JSON })
218
+	@Securable
219
+	@RolesAllowed(BasicSecurityContext.ROL_ADMIN)
220
+	public Response delete(@PathParam("uid") String uid, @Context HttpServletRequest request) {
221
+		LOG.info("Deleting app with id: {}", uid);
222
+		// EntityManager em = emProvider.get();
223
+		User user = em.find(User.class, uid);
224
+		if (user == null) {
225
+			LOG.error("User with id {} can not be deleted, It was not found in DB", uid);
226
+			return Response.status(Status.NOT_FOUND).build();
227
+		}
237
228
 
238
-    @POST
239
-    @Path("/login")
240
-    @Produces({
241
-        MediaType.APPLICATION_JSON
242
-    })
243
-    public Response login(@FormParam("username") String username, @FormParam("password") String password, @Context HttpServletRequest request)
244
-            throws SeCurisServiceException {
245
-        LOG.info("index session: " + request.getSession());
246
-        LOG.info("user: {}, pass: {}", username, password);
247
-        LOG.info("is user in role: {} == {} ? ", "advance", request.isUserInRole("advance"));
248
-        LOG.info("is user in role: {} == {} ? ", "admin", request.isUserInRole("admin"));
229
+		em.remove(user);
230
+		clearUserCache(user.getUsername());
231
+		return Response.ok(Utils.createMap("success", true, "id", uid)).build();
232
+	}
249
233
 
250
-        // EntityManager em = emProvider.get();
251
-        User user = em.find(User.class, username);
252
-        if (user == null) {
253
-            LOG.error("Inknown username {} used in login service", username);
254
-            throw new SeCurisServiceException(ErrorCodes.UNAUTHORIZED_ACCESS, "Wrong credentials");
255
-        }
256
-        String securedPassword = Utils.sha256(password);
234
+	private void clearUserCache(String username) {
235
+		cache.remove("roles_" + username);
236
+		cache.remove("orgs_" + username);
237
+	}
257
238
 
258
-        if (securedPassword == null || !securedPassword.equals(user.getPassword())) {
259
-            throw new SeCurisServiceException(ErrorCodes.UNAUTHORIZED_ACCESS, "Wrong credentials");
260
-        }
261
-        user.setLastLogin(new Date());
262
-        em.getTransaction().begin();
263
-        try {
264
-            em.persist(user);
265
-            em.getTransaction().commit();
266
-        } catch (PersistenceException ex) {
267
-            LOG.error("Error updating last login date for user: {}", username);
268
-            LOG.error(ex);
269
-            em.getTransaction().rollback();
270
-        }
271
-        String tokenAuth = tokenHelper.generateToken(username);
272
-        return Response.ok(Utils.createMap("success", true, "token", tokenAuth)).build();
273
-    }
239
+	@POST
240
+	@Path("/login")
241
+	@Produces({ MediaType.APPLICATION_JSON })
242
+	public Response login(@FormParam("username") String username, @FormParam("password") String password, @Context HttpServletRequest request) throws SeCurisServiceException {
243
+		LOG.info("index session: " + request.getSession());
274
244
 
275
-    /**
276
-     * Check if current token is valid
277
-     * 
278
-     * @param user
279
-     * @param password
280
-     * @param request
281
-     * @return
282
-     */
283
-    @POST
284
-    @Path("/check")
285
-    @Produces({
286
-        MediaType.APPLICATION_JSON
287
-    })
288
-    public Response check(@HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token, @QueryParam("token") String token2) {
289
-        if (token == null) {
290
-            token = token2;
291
-        }
292
-        if (token == null) {
293
-            return Response.status(Status.FORBIDDEN).build();
294
-        }
245
+		// EntityManager em = emProvider.get();
246
+		User user = em.find(User.class, username);
247
+		if (user == null) {
248
+			LOG.error("Unknown username {} used in login service", username);
249
+			throw new SeCurisServiceException(ErrorCodes.UNAUTHORIZED_ACCESS, "Wrong credentials");
250
+		}
251
+		String securedPassword = Utils.sha256(password);
295
252
 
296
-        LOG.info("Token : " + token);
297
-        String user = tokenHelper.extractUserFromToken(token);
298
-        LOG.info("Token user: " + user);
299
-        Date date = tokenHelper.extractDateCreationFromToken(token);
300
-        LOG.info("Token date: " + date);
301
-        boolean valid = tokenHelper.isTokenValid(token);
253
+		if (securedPassword == null || !securedPassword.equals(user.getPassword())) {
254
+			throw new SeCurisServiceException(ErrorCodes.UNAUTHORIZED_ACCESS, "Wrong credentials");
255
+		}
256
+		user.setLastLogin(new Date());
257
+		em.getTransaction().begin();
258
+		try {
259
+			em.persist(user);
260
+			em.getTransaction().commit();
261
+		} catch (PersistenceException ex) {
262
+			LOG.error("Error updating last login date for user: {}", username);
263
+			LOG.error(ex);
264
+			em.getTransaction().rollback();
265
+		}
266
+		clearUserCache(username);
302
267
 
303
-        LOG.info("Is Token valid: " + valid);
268
+		String tokenAuth = tokenHelper.generateToken(username);
269
+		return Response.ok(Utils.createMap("success", true, "token", tokenAuth)).build();
270
+	}
304
271
 
305
-        return Response.ok(Utils.createMap("valid", true, "user", user, "date", date, "token", token)).build();
306
-    }
272
+	/**
273
+	 * Check if current token is valid
274
+	 * 
275
+	 * @param user
276
+	 * @param password
277
+	 * @param request
278
+	 * @return
279
+	 */
280
+	@POST
281
+	@Path("/check")
282
+	@Produces({ MediaType.APPLICATION_JSON })
283
+	public Response check(@HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token, @QueryParam("token") String token2) {
284
+		if (token == null) {
285
+			token = token2;
286
+		}
287
+		if (token == null) {
288
+			return Response.status(Status.FORBIDDEN).build();
289
+		}
307
290
 
308
-    @GET
309
-    @Path("/logout")
310
-    @Produces({
311
-        MediaType.APPLICATION_JSON
312
-    })
313
-    public Response logout(@Context HttpServletRequest request) {
314
-        request.getSession().invalidate();
315
-        return Response.ok().build();
316
-    }
291
+		LOG.info("Token : " + token);
292
+		String user = tokenHelper.extractUserFromToken(token);
293
+		LOG.info("Token user: " + user);
294
+		Date date = tokenHelper.extractDateCreationFromToken(token);
295
+		LOG.info("Token date: " + date);
296
+		boolean valid = tokenHelper.isTokenValid(token);
297
+
298
+		LOG.info("Is Token valid: " + valid);
299
+
300
+		return Response.ok(Utils.createMap("valid", true, "user", user, "date", date, "token", token)).build();
301
+	}
302
+
303
+	@GET
304
+	@Path("/logout")
305
+	@Produces({ MediaType.APPLICATION_JSON })
306
+	public Response logout(@Context HttpServletRequest request) {
307
+		request.getSession().invalidate();
308
+		return Response.ok().build();
309
+	}
317
310
 }