From 1ed7bc42993b3d23d92dfc38dfd34026a4619ae7 Mon Sep 17 00:00:00 2001
From: rsanchez <rsanchez@curisit.net>
Date: Mon, 05 Dec 2016 15:23:22 +0000
Subject: [PATCH] #3410 #3411 fix - Fixed user roles and organizations and Pack date fields on saving action
---
securis/src/main/java/net/curisit/securis/services/UserResource.java | 463 ++++++++++++++++++++++++++++-----------------------------
1 files changed, 228 insertions(+), 235 deletions(-)
diff --git a/securis/src/main/java/net/curisit/securis/services/UserResource.java b/securis/src/main/java/net/curisit/securis/services/UserResource.java
index 058289b..9a81e89 100644
--- a/securis/src/main/java/net/curisit/securis/services/UserResource.java
+++ b/securis/src/main/java/net/curisit/securis/services/UserResource.java
@@ -28,6 +28,9 @@
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
import net.curisit.integrity.commons.Utils;
import net.curisit.securis.DefaultExceptionHandler;
import net.curisit.securis.SeCurisException;
@@ -38,10 +41,8 @@
import net.curisit.securis.security.Securable;
import net.curisit.securis.services.exception.SeCurisServiceException;
import net.curisit.securis.services.exception.SeCurisServiceException.ErrorCodes;
+import net.curisit.securis.utils.CacheTTL;
import net.curisit.securis.utils.TokenHelper;
-
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
/**
* User resource
@@ -52,266 +53,258 @@
@RequestScoped
public class UserResource {
- @Inject
- TokenHelper tokenHelper;
+ @Inject
+ TokenHelper tokenHelper;
- @Context
- EntityManager em;
+ @Inject
+ private CacheTTL cache;
- private static final Logger LOG = LogManager.getLogger(UserResource.class);
+ @Context
+ EntityManager em;
- public UserResource() {
- }
+ private static final Logger LOG = LogManager.getLogger(UserResource.class);
- /**
- *
- * @return the server version in format majorVersion.minorVersion
- */
- @GET
- @Path("/")
- @Produces({
- MediaType.APPLICATION_JSON
- })
- @Securable
- @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
- public Response index() {
- LOG.info("Getting users list ");
+ public UserResource() {
+ }
- // EntityManager em = emProvider.get();
- em.clear();
- TypedQuery<User> q = em.createNamedQuery("list-users", User.class);
+ /**
+ *
+ * @return the server version in format majorVersion.minorVersion
+ */
+ @GET
+ @Path("/")
+ @Produces({ MediaType.APPLICATION_JSON })
+ @Securable
+ @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
+ public Response index() {
+ LOG.info("Getting users list ");
- List<User> list = q.getResultList();
+ // EntityManager em = emProvider.get();
+ em.clear();
+ TypedQuery<User> q = em.createNamedQuery("list-users", User.class);
- return Response.ok(list).build();
- }
+ List<User> list = q.getResultList();
- /**
- *
- * @return The user
- */
- @GET
- @Path("/{uid}")
- @Produces({
- MediaType.APPLICATION_JSON
- })
- @Securable
- @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
- public Response get(@PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
- LOG.info("Getting user data for id: {}: ", uid);
- if (uid == null || "".equals(uid)) {
- LOG.error("User ID is mandatory");
- return Response.status(Status.NOT_FOUND).build();
- }
+ return Response.ok(list).build();
+ }
- // EntityManager em = emProvider.get();
- em.clear();
- User lt = em.find(User.class, uid);
- if (lt == null) {
- LOG.error("User with id {} not found in DB", uid);
- return Response.status(Status.NOT_FOUND).build();
- }
- return Response.ok(lt).build();
- }
+ /**
+ *
+ * @return The user
+ */
+ @GET
+ @Path("/{uid}")
+ @Produces({ MediaType.APPLICATION_JSON })
+ @Securable
+ @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
+ public Response get(@PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
+ LOG.info("Getting user data for id: {}: ", uid);
+ if (uid == null || "".equals(uid)) {
+ LOG.error("User ID is mandatory");
+ return Response.status(Status.NOT_FOUND).build();
+ }
- @POST
- @Path("/")
- @Consumes(MediaType.APPLICATION_JSON)
- @Produces({
- MediaType.APPLICATION_JSON
- })
- @EnsureTransaction
- @Securable
- @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
- public Response create(User user, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
- LOG.info("Creating new user");
- // EntityManager em = emProvider.get();
- User currentUser = em.find(User.class, user.getUsername());
- if (currentUser != null) {
- LOG.info("User with id {} was found in DB, we'll try to modify it", user.getUsername());
- return modify(user, user.getUsername(), token);
- }
+ // EntityManager em = emProvider.get();
+ em.clear();
+ User lt = em.find(User.class, uid);
+ if (lt == null) {
+ LOG.error("User with id {} not found in DB", uid);
+ return Response.status(Status.NOT_FOUND).build();
+ }
+ return Response.ok(lt).build();
+ }
- try {
- this.setUserOrg(user, user.getOrgsIds(), em);
- } catch (SeCurisException e) {
- return Response.status(Status.NOT_FOUND).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, e.getMessage()).build();
- }
- if (user.getPassword() != null && !"".equals(user.getPassword())) {
- user.setPassword(Utils.sha256(user.getPassword()));
- } else {
- return Response.status(DefaultExceptionHandler.DEFAULT_APP_ERROR_STATUS_CODE)
- .header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, "User password is mandatory").build();
- }
- user.setModificationTimestamp(new Date());
- user.setLastLogin(null);
- user.setCreationTimestamp(new Date());
- em.persist(user);
+ @POST
+ @Path("/")
+ @Consumes(MediaType.APPLICATION_JSON)
+ @Produces({ MediaType.APPLICATION_JSON })
+ @EnsureTransaction
+ @Securable
+ @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
+ public Response create(User user, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
+ LOG.info("Creating new user");
+ // EntityManager em = emProvider.get();
+ User currentUser = em.find(User.class, user.getUsername());
+ if (currentUser != null) {
+ LOG.info("User with id {} was found in DB, we'll try to modify it", user.getUsername());
+ return modify(user, user.getUsername(), token);
+ }
- return Response.ok(user).build();
- }
+ try {
+ this.setUserOrg(user, user.getOrgsIds(), em);
+ } catch (SeCurisException e) {
+ return Response.status(Status.NOT_FOUND).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, e.getMessage()).build();
+ }
+ if (user.getPassword() != null && !"".equals(user.getPassword())) {
+ user.setPassword(Utils.sha256(user.getPassword()));
+ } else {
+ return Response.status(DefaultExceptionHandler.DEFAULT_APP_ERROR_STATUS_CODE).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, "User password is mandatory")
+ .build();
+ }
+ user.setModificationTimestamp(new Date());
+ user.setLastLogin(null);
+ user.setCreationTimestamp(new Date());
+ em.persist(user);
- private void setUserOrg(User user, Set<Integer> orgsIds, EntityManager em) throws SeCurisException {
- Set<Organization> orgs = null;
- if (orgsIds != null && !orgsIds.isEmpty()) {
- orgs = new HashSet<>();
- for (Integer orgId : orgsIds) {
- Organization o = em.find(Organization.class, orgId);
- if (o == null) {
- LOG.error("User organization with id {} not found in DB", orgId);
- throw new SeCurisException("User's organization not found with ID: " + orgId);
- }
- orgs.add(o);
- }
- }
+ return Response.ok(user).build();
+ }
- user.setOrganizations(orgs);
+ private void setUserOrg(User user, Set<Integer> orgsIds, EntityManager em) throws SeCurisException {
+ Set<Organization> orgs = null;
+ if (orgsIds != null && !orgsIds.isEmpty()) {
+ orgs = new HashSet<>();
+ for (Integer orgId : orgsIds) {
+ Organization o = em.find(Organization.class, orgId);
+ if (o == null) {
+ LOG.error("User organization with id {} not found in DB", orgId);
+ throw new SeCurisException("User's organization not found with ID: " + orgId);
+ }
+ orgs.add(o);
+ }
+ }
- }
+ user.setOrganizations(orgs);
- @PUT
- @POST
- @Path("/{uid}")
- @EnsureTransaction
- @Consumes(MediaType.APPLICATION_JSON)
- @Produces({
- MediaType.APPLICATION_JSON
- })
- @Securable
- @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
- public Response modify(User user, @PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
- LOG.info("Modifying user with id: {}", uid);
- // EntityManager em = emProvider.get();
- User currentUser = em.find(User.class, uid);
- if (currentUser == null) {
- LOG.info("User with id {} not found in DB, we'll try to create it", uid);
- return create(user, token);
- }
+ }
- try {
- this.setUserOrg(currentUser, user.getOrgsIds(), em);
- } catch (SeCurisException e) {
- return Response.status(Status.NOT_FOUND).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, e.getMessage()).build();
- }
- currentUser.setFirstName(user.getFirstName());
- currentUser.setLastName(user.getLastName());
- currentUser.setRoles(user.getRoles());
- currentUser.setLang(user.getLang());
- currentUser.setModificationTimestamp(new Date());
- if (user.getPassword() != null && !"".equals(user.getPassword())) {
- currentUser.setPassword(Utils.sha256(user.getPassword()));
- } else {
- // Password has not been modified
- // return
- // Response.status(DefaultExceptionHandler.DEFAULT_APP_ERROR_STATUS_CODE).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER,
- // "User password is mandatory").build();
- }
+ @PUT
+ @POST
+ @Path("/{uid}")
+ @EnsureTransaction
+ @Consumes(MediaType.APPLICATION_JSON)
+ @Produces({ MediaType.APPLICATION_JSON })
+ @Securable
+ @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
+ public Response modify(User user, @PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
+ LOG.info("Modifying user with id: {}", uid);
+ // EntityManager em = emProvider.get();
+ User currentUser = em.find(User.class, uid);
+ if (currentUser == null) {
+ LOG.info("User with id {} not found in DB, we'll try to create it", uid);
+ return create(user, token);
+ }
- currentUser.setLastLogin(user.getLastLogin());
+ try {
+ this.setUserOrg(currentUser, user.getOrgsIds(), em);
+ } catch (SeCurisException e) {
+ return Response.status(Status.NOT_FOUND).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, e.getMessage()).build();
+ }
+ currentUser.setFirstName(user.getFirstName());
+ currentUser.setLastName(user.getLastName());
+ currentUser.setRoles(user.getRoles());
+ currentUser.setLang(user.getLang());
+ currentUser.setModificationTimestamp(new Date());
+ if (user.getPassword() != null && !"".equals(user.getPassword())) {
+ currentUser.setPassword(Utils.sha256(user.getPassword()));
+ } else {
+ // Password has not been modified
+ // return
+ // Response.status(DefaultExceptionHandler.DEFAULT_APP_ERROR_STATUS_CODE).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER,
+ // "User password is mandatory").build();
+ }
- em.persist(currentUser);
+ currentUser.setLastLogin(user.getLastLogin());
- return Response.ok(currentUser).build();
- }
+ em.persist(currentUser);
+ clearUserCache(currentUser.getUsername());
- @DELETE
- @Path("/{uid}")
- @EnsureTransaction
- @Produces({
- MediaType.APPLICATION_JSON
- })
- @Securable
- @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
- public Response delete(@PathParam("uid") String uid, @Context HttpServletRequest request) {
- LOG.info("Deleting app with id: {}", uid);
- // EntityManager em = emProvider.get();
- User app = em.find(User.class, uid);
- if (app == null) {
- LOG.error("User with id {} can not be deleted, It was not found in DB", uid);
- return Response.status(Status.NOT_FOUND).build();
- }
+ return Response.ok(currentUser).build();
+ }
- em.remove(app);
- return Response.ok(Utils.createMap("success", true, "id", uid)).build();
- }
+ @DELETE
+ @Path("/{uid}")
+ @EnsureTransaction
+ @Produces({ MediaType.APPLICATION_JSON })
+ @Securable
+ @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
+ public Response delete(@PathParam("uid") String uid, @Context HttpServletRequest request) {
+ LOG.info("Deleting app with id: {}", uid);
+ // EntityManager em = emProvider.get();
+ User user = em.find(User.class, uid);
+ if (user == null) {
+ LOG.error("User with id {} can not be deleted, It was not found in DB", uid);
+ return Response.status(Status.NOT_FOUND).build();
+ }
- @POST
- @Path("/login")
- @Produces({
- MediaType.APPLICATION_JSON
- })
- public Response login(@FormParam("username") String username, @FormParam("password") String password, @Context HttpServletRequest request)
- throws SeCurisServiceException {
- LOG.info("index session: " + request.getSession());
- LOG.info("user: {}, pass: {}", username, password);
- LOG.info("is user in role: {} == {} ? ", "advance", request.isUserInRole("advance"));
- LOG.info("is user in role: {} == {} ? ", "admin", request.isUserInRole("admin"));
+ em.remove(user);
+ clearUserCache(user.getUsername());
+ return Response.ok(Utils.createMap("success", true, "id", uid)).build();
+ }
- // EntityManager em = emProvider.get();
- User user = em.find(User.class, username);
- if (user == null) {
- LOG.error("Inknown username {} used in login service", username);
- throw new SeCurisServiceException(ErrorCodes.UNAUTHORIZED_ACCESS, "Wrong credentials");
- }
- String securedPassword = Utils.sha256(password);
+ private void clearUserCache(String username) {
+ cache.remove("roles_" + username);
+ cache.remove("orgs_" + username);
+ }
- if (securedPassword == null || !securedPassword.equals(user.getPassword())) {
- throw new SeCurisServiceException(ErrorCodes.UNAUTHORIZED_ACCESS, "Wrong credentials");
- }
- user.setLastLogin(new Date());
- em.getTransaction().begin();
- try {
- em.persist(user);
- em.getTransaction().commit();
- } catch (PersistenceException ex) {
- LOG.error("Error updating last login date for user: {}", username);
- LOG.error(ex);
- em.getTransaction().rollback();
- }
- String tokenAuth = tokenHelper.generateToken(username);
- return Response.ok(Utils.createMap("success", true, "token", tokenAuth)).build();
- }
+ @POST
+ @Path("/login")
+ @Produces({ MediaType.APPLICATION_JSON })
+ public Response login(@FormParam("username") String username, @FormParam("password") String password, @Context HttpServletRequest request) throws SeCurisServiceException {
+ LOG.info("index session: " + request.getSession());
- /**
- * Check if current token is valid
- *
- * @param user
- * @param password
- * @param request
- * @return
- */
- @POST
- @Path("/check")
- @Produces({
- MediaType.APPLICATION_JSON
- })
- public Response check(@HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token, @QueryParam("token") String token2) {
- if (token == null) {
- token = token2;
- }
- if (token == null) {
- return Response.status(Status.FORBIDDEN).build();
- }
+ // EntityManager em = emProvider.get();
+ User user = em.find(User.class, username);
+ if (user == null) {
+ LOG.error("Unknown username {} used in login service", username);
+ throw new SeCurisServiceException(ErrorCodes.UNAUTHORIZED_ACCESS, "Wrong credentials");
+ }
+ String securedPassword = Utils.sha256(password);
- LOG.info("Token : " + token);
- String user = tokenHelper.extractUserFromToken(token);
- LOG.info("Token user: " + user);
- Date date = tokenHelper.extractDateCreationFromToken(token);
- LOG.info("Token date: " + date);
- boolean valid = tokenHelper.isTokenValid(token);
+ if (securedPassword == null || !securedPassword.equals(user.getPassword())) {
+ throw new SeCurisServiceException(ErrorCodes.UNAUTHORIZED_ACCESS, "Wrong credentials");
+ }
+ user.setLastLogin(new Date());
+ em.getTransaction().begin();
+ try {
+ em.persist(user);
+ em.getTransaction().commit();
+ } catch (PersistenceException ex) {
+ LOG.error("Error updating last login date for user: {}", username);
+ LOG.error(ex);
+ em.getTransaction().rollback();
+ }
+ clearUserCache(username);
- LOG.info("Is Token valid: " + valid);
+ String tokenAuth = tokenHelper.generateToken(username);
+ return Response.ok(Utils.createMap("success", true, "token", tokenAuth)).build();
+ }
- return Response.ok(Utils.createMap("valid", true, "user", user, "date", date, "token", token)).build();
- }
+ /**
+ * Check if current token is valid
+ *
+ * @param user
+ * @param password
+ * @param request
+ * @return
+ */
+ @POST
+ @Path("/check")
+ @Produces({ MediaType.APPLICATION_JSON })
+ public Response check(@HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token, @QueryParam("token") String token2) {
+ if (token == null) {
+ token = token2;
+ }
+ if (token == null) {
+ return Response.status(Status.FORBIDDEN).build();
+ }
- @GET
- @Path("/logout")
- @Produces({
- MediaType.APPLICATION_JSON
- })
- public Response logout(@Context HttpServletRequest request) {
- request.getSession().invalidate();
- return Response.ok().build();
- }
+ LOG.info("Token : " + token);
+ String user = tokenHelper.extractUserFromToken(token);
+ LOG.info("Token user: " + user);
+ Date date = tokenHelper.extractDateCreationFromToken(token);
+ LOG.info("Token date: " + date);
+ boolean valid = tokenHelper.isTokenValid(token);
+
+ LOG.info("Is Token valid: " + valid);
+
+ return Response.ok(Utils.createMap("valid", true, "user", user, "date", date, "token", token)).build();
+ }
+
+ @GET
+ @Path("/logout")
+ @Produces({ MediaType.APPLICATION_JSON })
+ public Response logout(@Context HttpServletRequest request) {
+ request.getSession().invalidate();
+ return Response.ok().build();
+ }
}
--
Gitblit v1.3.2