Google Git
Sign in
apache / archiva-web-content / 1b7e811f9aa411dd1b001fe82a147012e4cce823 / . / redback / core / 3.0.0-SNAPSHOT / apidocs / src-html / org / apache / archiva / redback / rest / services / DefaultUserService.html
blob: d1964ac03b6010fef495a80d3333d38a32508cd0 [file] [log] [blame]
<!DOCTYPE HTML>
<html lang="en">
<head>
<title>Source code</title>
<link rel="stylesheet" type="text/css" href="../../../../../../../stylesheet.css" title="Style">
</head>
<body>
<main role="main">
<div class="sourceContainer">
<pre><span class="sourceLineNo">001</span><a id="line.1">package org.apache.archiva.redback.rest.services;</a>
<span class="sourceLineNo">002</span><a id="line.2"></a>
<span class="sourceLineNo">003</span><a id="line.3">/*</a>
<span class="sourceLineNo">004</span><a id="line.4"> * Licensed to the Apache Software Foundation (ASF) under one</a>
<span class="sourceLineNo">005</span><a id="line.5"> * or more contributor license agreements. See the NOTICE file</a>
<span class="sourceLineNo">006</span><a id="line.6"> * distributed with this work for additional information</a>
<span class="sourceLineNo">007</span><a id="line.7"> * regarding copyright ownership. The ASF licenses this file</a>
<span class="sourceLineNo">008</span><a id="line.8"> * to you under the Apache License, Version 2.0 (the</a>
<span class="sourceLineNo">009</span><a id="line.9"> * "License"); you may not use this file except in compliance</a>
<span class="sourceLineNo">010</span><a id="line.10"> * with the License. You may obtain a copy of the License at</a>
<span class="sourceLineNo">011</span><a id="line.11"> *</a>
<span class="sourceLineNo">012</span><a id="line.12"> * http://www.apache.org/licenses/LICENSE-2.0</a>
<span class="sourceLineNo">013</span><a id="line.13"> *</a>
<span class="sourceLineNo">014</span><a id="line.14"> * Unless required by applicable law or agreed to in writing,</a>
<span class="sourceLineNo">015</span><a id="line.15"> * software distributed under the License is distributed on an</a>
<span class="sourceLineNo">016</span><a id="line.16"> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY</a>
<span class="sourceLineNo">017</span><a id="line.17"> * KIND, either express or implied. See the License for the</a>
<span class="sourceLineNo">018</span><a id="line.18"> * specific language governing permissions and limitations</a>
<span class="sourceLineNo">019</span><a id="line.19"> * under the License.</a>
<span class="sourceLineNo">020</span><a id="line.20"> */</a>
<span class="sourceLineNo">021</span><a id="line.21"></a>
<span class="sourceLineNo">022</span><a id="line.22">import org.apache.archiva.components.cache.Cache;</a>
<span class="sourceLineNo">023</span><a id="line.23">import org.apache.archiva.redback.authentication.AuthenticationException;</a>
<span class="sourceLineNo">024</span><a id="line.24">import org.apache.archiva.redback.authentication.TokenBasedAuthenticationDataSource;</a>
<span class="sourceLineNo">025</span><a id="line.25">import org.apache.archiva.redback.configuration.UserConfiguration;</a>
<span class="sourceLineNo">026</span><a id="line.26">import org.apache.archiva.redback.configuration.UserConfigurationKeys;</a>
<span class="sourceLineNo">027</span><a id="line.27">import org.apache.archiva.redback.integration.filter.authentication.HttpAuthenticator;</a>
<span class="sourceLineNo">028</span><a id="line.28">import org.apache.archiva.redback.integration.mail.Mailer;</a>
<span class="sourceLineNo">029</span><a id="line.29">import org.apache.archiva.redback.integration.security.role.RedbackRoleConstants;</a>
<span class="sourceLineNo">030</span><a id="line.30">import org.apache.archiva.redback.keys.AuthenticationKey;</a>
<span class="sourceLineNo">031</span><a id="line.31">import org.apache.archiva.redback.keys.KeyManager;</a>
<span class="sourceLineNo">032</span><a id="line.32">import org.apache.archiva.redback.keys.KeyManagerException;</a>
<span class="sourceLineNo">033</span><a id="line.33">import org.apache.archiva.redback.keys.KeyNotFoundException;</a>
<span class="sourceLineNo">034</span><a id="line.34">import org.apache.archiva.redback.policy.AccountLockedException;</a>
<span class="sourceLineNo">035</span><a id="line.35">import org.apache.archiva.redback.policy.MustChangePasswordException;</a>
<span class="sourceLineNo">036</span><a id="line.36">import org.apache.archiva.redback.policy.PasswordEncoder;</a>
<span class="sourceLineNo">037</span><a id="line.37">import org.apache.archiva.redback.policy.UserSecurityPolicy;</a>
<span class="sourceLineNo">038</span><a id="line.38">import org.apache.archiva.redback.rbac.RBACManager;</a>
<span class="sourceLineNo">039</span><a id="line.39">import org.apache.archiva.redback.rbac.RbacManagerException;</a>
<span class="sourceLineNo">040</span><a id="line.40">import org.apache.archiva.redback.rbac.UserAssignment;</a>
<span class="sourceLineNo">041</span><a id="line.41">import org.apache.archiva.redback.rest.api.model.ErrorMessage;</a>
<span class="sourceLineNo">042</span><a id="line.42">import org.apache.archiva.redback.rest.api.model.Operation;</a>
<span class="sourceLineNo">043</span><a id="line.43">import org.apache.archiva.redback.rest.api.model.Permission;</a>
<span class="sourceLineNo">044</span><a id="line.44">import org.apache.archiva.redback.rest.api.model.RegistrationKey;</a>
<span class="sourceLineNo">045</span><a id="line.45">import org.apache.archiva.redback.rest.api.model.ResetPasswordRequest;</a>
<span class="sourceLineNo">046</span><a id="line.46">import org.apache.archiva.redback.rest.api.model.Resource;</a>
<span class="sourceLineNo">047</span><a id="line.47">import org.apache.archiva.redback.rest.api.model.User;</a>
<span class="sourceLineNo">048</span><a id="line.48">import org.apache.archiva.redback.rest.api.model.UserRegistrationRequest;</a>
<span class="sourceLineNo">049</span><a id="line.49">import org.apache.archiva.redback.rest.api.services.RedbackServiceException;</a>
<span class="sourceLineNo">050</span><a id="line.50">import org.apache.archiva.redback.rest.api.services.UserService;</a>
<span class="sourceLineNo">051</span><a id="line.51">import org.apache.archiva.redback.rest.services.utils.PasswordValidator;</a>
<span class="sourceLineNo">052</span><a id="line.52">import org.apache.archiva.redback.role.RoleManager;</a>
<span class="sourceLineNo">053</span><a id="line.53">import org.apache.archiva.redback.role.RoleManagerException;</a>
<span class="sourceLineNo">054</span><a id="line.54">import org.apache.archiva.redback.system.SecuritySystem;</a>
<span class="sourceLineNo">055</span><a id="line.55">import org.apache.archiva.redback.users.UserManager;</a>
<span class="sourceLineNo">056</span><a id="line.56">import org.apache.archiva.redback.users.UserManagerException;</a>
<span class="sourceLineNo">057</span><a id="line.57">import org.apache.archiva.redback.users.UserNotFoundException;</a>
<span class="sourceLineNo">058</span><a id="line.58">import org.apache.commons.lang3.StringUtils;</a>
<span class="sourceLineNo">059</span><a id="line.59">import org.slf4j.Logger;</a>
<span class="sourceLineNo">060</span><a id="line.60">import org.slf4j.LoggerFactory;</a>
<span class="sourceLineNo">061</span><a id="line.61">import org.springframework.stereotype.Service;</a>
<span class="sourceLineNo">062</span><a id="line.62"></a>
<span class="sourceLineNo">063</span><a id="line.63">import javax.inject.Inject;</a>
<span class="sourceLineNo">064</span><a id="line.64">import javax.inject.Named;</a>
<span class="sourceLineNo">065</span><a id="line.65">import javax.mail.internet.AddressException;</a>
<span class="sourceLineNo">066</span><a id="line.66">import javax.mail.internet.InternetAddress;</a>
<span class="sourceLineNo">067</span><a id="line.67">import javax.servlet.http.HttpServletRequest;</a>
<span class="sourceLineNo">068</span><a id="line.68">import javax.ws.rs.core.Context;</a>
<span class="sourceLineNo">069</span><a id="line.69">import javax.ws.rs.core.Response;</a>
<span class="sourceLineNo">070</span><a id="line.70">import java.util.ArrayList;</a>
<span class="sourceLineNo">071</span><a id="line.71">import java.util.Arrays;</a>
<span class="sourceLineNo">072</span><a id="line.72">import java.util.Collection;</a>
<span class="sourceLineNo">073</span><a id="line.73">import java.util.List;</a>
<span class="sourceLineNo">074</span><a id="line.74">import java.util.Set;</a>
<span class="sourceLineNo">075</span><a id="line.75"></a>
<span class="sourceLineNo">076</span><a id="line.76">/**</a>
<span class="sourceLineNo">077</span><a id="line.77"> * This version is deprected. Use the V2 version: {@link org.apache.archiva.redback.rest.services.v2.DefaultUserService}</a>
<span class="sourceLineNo">078</span><a id="line.78"> */</a>
<span class="sourceLineNo">079</span><a id="line.79">@Service( "userService#rest" )</a>
<span class="sourceLineNo">080</span><a id="line.80">@Deprecated</a>
<span class="sourceLineNo">081</span><a id="line.81">public class DefaultUserService</a>
<span class="sourceLineNo">082</span><a id="line.82"> implements UserService</a>
<span class="sourceLineNo">083</span><a id="line.83">{</a>
<span class="sourceLineNo">084</span><a id="line.84"></a>
<span class="sourceLineNo">085</span><a id="line.85"> private final Logger log = LoggerFactory.getLogger( getClass() );</a>
<span class="sourceLineNo">086</span><a id="line.86"></a>
<span class="sourceLineNo">087</span><a id="line.87"> private static final String VALID_USERNAME_CHARS = "[a-zA-Z_0-9\\-.@]*";</a>
<span class="sourceLineNo">088</span><a id="line.88"></a>
<span class="sourceLineNo">089</span><a id="line.89"> private UserManager userManager;</a>
<span class="sourceLineNo">090</span><a id="line.90"></a>
<span class="sourceLineNo">091</span><a id="line.91"> private SecuritySystem securitySystem;</a>
<span class="sourceLineNo">092</span><a id="line.92"></a>
<span class="sourceLineNo">093</span><a id="line.93"> @Inject</a>
<span class="sourceLineNo">094</span><a id="line.94"> @Named( value = "userConfiguration#default" )</a>
<span class="sourceLineNo">095</span><a id="line.95"> private UserConfiguration config;</a>
<span class="sourceLineNo">096</span><a id="line.96"></a>
<span class="sourceLineNo">097</span><a id="line.97"> @Inject</a>
<span class="sourceLineNo">098</span><a id="line.98"> private RoleManager roleManager;</a>
<span class="sourceLineNo">099</span><a id="line.99"></a>
<span class="sourceLineNo">100</span><a id="line.100"> /**</a>
<span class="sourceLineNo">101</span><a id="line.101"> * cache used for user assignments</a>
<span class="sourceLineNo">102</span><a id="line.102"> */</a>
<span class="sourceLineNo">103</span><a id="line.103"> @Inject</a>
<span class="sourceLineNo">104</span><a id="line.104"> @Named( value = "cache#userAssignments" )</a>
<span class="sourceLineNo">105</span><a id="line.105"> private Cache&lt;String, ? extends UserAssignment&gt; userAssignmentsCache;</a>
<span class="sourceLineNo">106</span><a id="line.106"></a>
<span class="sourceLineNo">107</span><a id="line.107"> /**</a>
<span class="sourceLineNo">108</span><a id="line.108"> * cache used for user permissions</a>
<span class="sourceLineNo">109</span><a id="line.109"> */</a>
<span class="sourceLineNo">110</span><a id="line.110"> @Inject</a>
<span class="sourceLineNo">111</span><a id="line.111"> @Named( value = "cache#userPermissions" )</a>
<span class="sourceLineNo">112</span><a id="line.112"> private Cache&lt;String, ? extends Permission&gt; userPermissionsCache;</a>
<span class="sourceLineNo">113</span><a id="line.113"></a>
<span class="sourceLineNo">114</span><a id="line.114"> /**</a>
<span class="sourceLineNo">115</span><a id="line.115"> * Cache used for users</a>
<span class="sourceLineNo">116</span><a id="line.116"> */</a>
<span class="sourceLineNo">117</span><a id="line.117"> @Inject</a>
<span class="sourceLineNo">118</span><a id="line.118"> @Named( value = "cache#users" )</a>
<span class="sourceLineNo">119</span><a id="line.119"> private Cache&lt;String, ? extends User&gt; usersCache;</a>
<span class="sourceLineNo">120</span><a id="line.120"></a>
<span class="sourceLineNo">121</span><a id="line.121"> @Inject</a>
<span class="sourceLineNo">122</span><a id="line.122"> private Mailer mailer;</a>
<span class="sourceLineNo">123</span><a id="line.123"></a>
<span class="sourceLineNo">124</span><a id="line.124"> @Inject</a>
<span class="sourceLineNo">125</span><a id="line.125"> @Named( value = "rbacManager#default" )</a>
<span class="sourceLineNo">126</span><a id="line.126"> private RBACManager rbacManager;</a>
<span class="sourceLineNo">127</span><a id="line.127"></a>
<span class="sourceLineNo">128</span><a id="line.128"> private HttpAuthenticator httpAuthenticator;</a>
<span class="sourceLineNo">129</span><a id="line.129"></a>
<span class="sourceLineNo">130</span><a id="line.130"> @Inject</a>
<span class="sourceLineNo">131</span><a id="line.131"> private PasswordValidator passwordValidator;</a>
<span class="sourceLineNo">132</span><a id="line.132"></a>
<span class="sourceLineNo">133</span><a id="line.133"> @Context</a>
<span class="sourceLineNo">134</span><a id="line.134"> private HttpServletRequest httpServletRequest;</a>
<span class="sourceLineNo">135</span><a id="line.135"></a>
<span class="sourceLineNo">136</span><a id="line.136"> @Inject</a>
<span class="sourceLineNo">137</span><a id="line.137"> public DefaultUserService( @Named( value = "userManager#default" ) UserManager userManager,</a>
<span class="sourceLineNo">138</span><a id="line.138"> SecuritySystem securitySystem,</a>
<span class="sourceLineNo">139</span><a id="line.139"> @Named( "httpAuthenticator#basic" ) HttpAuthenticator httpAuthenticator )</a>
<span class="sourceLineNo">140</span><a id="line.140"> {</a>
<span class="sourceLineNo">141</span><a id="line.141"> this.userManager = userManager;</a>
<span class="sourceLineNo">142</span><a id="line.142"> this.securitySystem = securitySystem;</a>
<span class="sourceLineNo">143</span><a id="line.143"> this.httpAuthenticator = httpAuthenticator;</a>
<span class="sourceLineNo">144</span><a id="line.144"> }</a>
<span class="sourceLineNo">145</span><a id="line.145"></a>
<span class="sourceLineNo">146</span><a id="line.146"></a>
<span class="sourceLineNo">147</span><a id="line.147"> @Override</a>
<span class="sourceLineNo">148</span><a id="line.148"> public Boolean createUser( User user )</a>
<span class="sourceLineNo">149</span><a id="line.149"> throws RedbackServiceException</a>
<span class="sourceLineNo">150</span><a id="line.150"> {</a>
<span class="sourceLineNo">151</span><a id="line.151"></a>
<span class="sourceLineNo">152</span><a id="line.152"> try</a>
<span class="sourceLineNo">153</span><a id="line.153"> {</a>
<span class="sourceLineNo">154</span><a id="line.154"> org.apache.archiva.redback.users.User u = userManager.findUser( user.getUsername() );</a>
<span class="sourceLineNo">155</span><a id="line.155"> if ( u != null )</a>
<span class="sourceLineNo">156</span><a id="line.156"> {</a>
<span class="sourceLineNo">157</span><a id="line.157"> throw new RedbackServiceException(</a>
<span class="sourceLineNo">158</span><a id="line.158"> new ErrorMessage( "user " + user.getUsername() + " already exists" ) );</a>
<span class="sourceLineNo">159</span><a id="line.159"> }</a>
<span class="sourceLineNo">160</span><a id="line.160"> }</a>
<span class="sourceLineNo">161</span><a id="line.161"> catch ( UserNotFoundException e )</a>
<span class="sourceLineNo">162</span><a id="line.162"> {</a>
<span class="sourceLineNo">163</span><a id="line.163"> //ignore we just want to prevent non human readable error message from backend :-)</a>
<span class="sourceLineNo">164</span><a id="line.164"> log.debug( "user {} not exists", user.getUsername() );</a>
<span class="sourceLineNo">165</span><a id="line.165"> }</a>
<span class="sourceLineNo">166</span><a id="line.166"> catch ( UserManagerException e )</a>
<span class="sourceLineNo">167</span><a id="line.167"> {</a>
<span class="sourceLineNo">168</span><a id="line.168"> throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );</a>
<span class="sourceLineNo">169</span><a id="line.169"> }</a>
<span class="sourceLineNo">170</span><a id="line.170"></a>
<span class="sourceLineNo">171</span><a id="line.171"> // data validation</a>
<span class="sourceLineNo">172</span><a id="line.172"> if ( StringUtils.isEmpty( user.getUsername() ) )</a>
<span class="sourceLineNo">173</span><a id="line.173"> {</a>
<span class="sourceLineNo">174</span><a id="line.174"> throw new RedbackServiceException( new ErrorMessage( "username cannot be empty" ) );</a>
<span class="sourceLineNo">175</span><a id="line.175"> }</a>
<span class="sourceLineNo">176</span><a id="line.176"></a>
<span class="sourceLineNo">177</span><a id="line.177"> if ( StringUtils.isEmpty( user.getFullName() ) )</a>
<span class="sourceLineNo">178</span><a id="line.178"> {</a>
<span class="sourceLineNo">179</span><a id="line.179"> throw new RedbackServiceException( new ErrorMessage( "fullName cannot be empty" ) );</a>
<span class="sourceLineNo">180</span><a id="line.180"> }</a>
<span class="sourceLineNo">181</span><a id="line.181"></a>
<span class="sourceLineNo">182</span><a id="line.182"> if ( StringUtils.isEmpty( user.getEmail() ) )</a>
<span class="sourceLineNo">183</span><a id="line.183"> {</a>
<span class="sourceLineNo">184</span><a id="line.184"> throw new RedbackServiceException( new ErrorMessage( "email cannot be empty" ) );</a>
<span class="sourceLineNo">185</span><a id="line.185"> }</a>
<span class="sourceLineNo">186</span><a id="line.186"></a>
<span class="sourceLineNo">187</span><a id="line.187"> try</a>
<span class="sourceLineNo">188</span><a id="line.188"> {</a>
<span class="sourceLineNo">189</span><a id="line.189"></a>
<span class="sourceLineNo">190</span><a id="line.190"> org.apache.archiva.redback.users.User u =</a>
<span class="sourceLineNo">191</span><a id="line.191"> userManager.createUser( user.getUsername(), user.getFullName(), user.getEmail() );</a>
<span class="sourceLineNo">192</span><a id="line.192"> u.setPassword( user.getPassword() );</a>
<span class="sourceLineNo">193</span><a id="line.193"> u.setLocked( user.isLocked() );</a>
<span class="sourceLineNo">194</span><a id="line.194"> u.setPasswordChangeRequired( user.isPasswordChangeRequired() );</a>
<span class="sourceLineNo">195</span><a id="line.195"> u.setPermanent( user.isPermanent() );</a>
<span class="sourceLineNo">196</span><a id="line.196"> u.setValidated( user.isValidated() );</a>
<span class="sourceLineNo">197</span><a id="line.197"> u = userManager.addUser( u );</a>
<span class="sourceLineNo">198</span><a id="line.198"> if ( !user.isPasswordChangeRequired() )</a>
<span class="sourceLineNo">199</span><a id="line.199"> {</a>
<span class="sourceLineNo">200</span><a id="line.200"> u.setPasswordChangeRequired( false );</a>
<span class="sourceLineNo">201</span><a id="line.201"> try</a>
<span class="sourceLineNo">202</span><a id="line.202"> {</a>
<span class="sourceLineNo">203</span><a id="line.203"> u = userManager.updateUser( u );</a>
<span class="sourceLineNo">204</span><a id="line.204"> log.debug( "user {} created", u.getUsername() );</a>
<span class="sourceLineNo">205</span><a id="line.205"> }</a>
<span class="sourceLineNo">206</span><a id="line.206"> catch ( UserNotFoundException e )</a>
<span class="sourceLineNo">207</span><a id="line.207"> {</a>
<span class="sourceLineNo">208</span><a id="line.208"> throw new RedbackServiceException( e.getMessage() );</a>
<span class="sourceLineNo">209</span><a id="line.209"> }</a>
<span class="sourceLineNo">210</span><a id="line.210"> }</a>
<span class="sourceLineNo">211</span><a id="line.211"></a>
<span class="sourceLineNo">212</span><a id="line.212"> roleManager.assignRole( RedbackRoleConstants.REGISTERED_USER_ROLE_ID, u.getUsername() );</a>
<span class="sourceLineNo">213</span><a id="line.213"> }</a>
<span class="sourceLineNo">214</span><a id="line.214"> catch ( RoleManagerException rpe )</a>
<span class="sourceLineNo">215</span><a id="line.215"> {</a>
<span class="sourceLineNo">216</span><a id="line.216"> log.error( "RoleProfile Error: {}", rpe.getMessage(), rpe );</a>
<span class="sourceLineNo">217</span><a id="line.217"> throw new RedbackServiceException( new ErrorMessage( "assign.role.failure", null ) );</a>
<span class="sourceLineNo">218</span><a id="line.218"> }</a>
<span class="sourceLineNo">219</span><a id="line.219"> catch ( UserManagerException e )</a>
<span class="sourceLineNo">220</span><a id="line.220"> {</a>
<span class="sourceLineNo">221</span><a id="line.221"> throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );</a>
<span class="sourceLineNo">222</span><a id="line.222"> }</a>
<span class="sourceLineNo">223</span><a id="line.223"> return Boolean.TRUE;</a>
<span class="sourceLineNo">224</span><a id="line.224"> }</a>
<span class="sourceLineNo">225</span><a id="line.225"></a>
<span class="sourceLineNo">226</span><a id="line.226"> @Override</a>
<span class="sourceLineNo">227</span><a id="line.227"> public Boolean deleteUser( String username )</a>
<span class="sourceLineNo">228</span><a id="line.228"> throws RedbackServiceException</a>
<span class="sourceLineNo">229</span><a id="line.229"> {</a>
<span class="sourceLineNo">230</span><a id="line.230"></a>
<span class="sourceLineNo">231</span><a id="line.231"> try</a>
<span class="sourceLineNo">232</span><a id="line.232"> {</a>
<span class="sourceLineNo">233</span><a id="line.233"></a>
<span class="sourceLineNo">234</span><a id="line.234"> if ( rbacManager.userAssignmentExists( username ) )</a>
<span class="sourceLineNo">235</span><a id="line.235"> {</a>
<span class="sourceLineNo">236</span><a id="line.236"> UserAssignment assignment = rbacManager.getUserAssignment( username );</a>
<span class="sourceLineNo">237</span><a id="line.237"> rbacManager.removeUserAssignment( assignment );</a>
<span class="sourceLineNo">238</span><a id="line.238"> }</a>
<span class="sourceLineNo">239</span><a id="line.239"></a>
<span class="sourceLineNo">240</span><a id="line.240"> }</a>
<span class="sourceLineNo">241</span><a id="line.241"> catch ( RbacManagerException e )</a>
<span class="sourceLineNo">242</span><a id="line.242"> {</a>
<span class="sourceLineNo">243</span><a id="line.243"> log.error( e.getMessage(), e );</a>
<span class="sourceLineNo">244</span><a id="line.244"> throw new RedbackServiceException( e.getMessage() );</a>
<span class="sourceLineNo">245</span><a id="line.245"> }</a>
<span class="sourceLineNo">246</span><a id="line.246"> try</a>
<span class="sourceLineNo">247</span><a id="line.247"> {</a>
<span class="sourceLineNo">248</span><a id="line.248"> userManager.deleteUser( username );</a>
<span class="sourceLineNo">249</span><a id="line.249"> return Boolean.TRUE;</a>
<span class="sourceLineNo">250</span><a id="line.250"> }</a>
<span class="sourceLineNo">251</span><a id="line.251"> catch ( UserNotFoundException e )</a>
<span class="sourceLineNo">252</span><a id="line.252"> {</a>
<span class="sourceLineNo">253</span><a id="line.253"> log.error( e.getMessage(), e );</a>
<span class="sourceLineNo">254</span><a id="line.254"> throw new RedbackServiceException( e.getMessage() );</a>
<span class="sourceLineNo">255</span><a id="line.255"> }</a>
<span class="sourceLineNo">256</span><a id="line.256"> catch ( UserManagerException e )</a>
<span class="sourceLineNo">257</span><a id="line.257"> {</a>
<span class="sourceLineNo">258</span><a id="line.258"> throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );</a>
<span class="sourceLineNo">259</span><a id="line.259"> }</a>
<span class="sourceLineNo">260</span><a id="line.260"> finally</a>
<span class="sourceLineNo">261</span><a id="line.261"> {</a>
<span class="sourceLineNo">262</span><a id="line.262"> removeFromCache( username );</a>
<span class="sourceLineNo">263</span><a id="line.263"> }</a>
<span class="sourceLineNo">264</span><a id="line.264"> }</a>
<span class="sourceLineNo">265</span><a id="line.265"></a>
<span class="sourceLineNo">266</span><a id="line.266"></a>
<span class="sourceLineNo">267</span><a id="line.267"> @Override</a>
<span class="sourceLineNo">268</span><a id="line.268"> public User getUser( String username )</a>
<span class="sourceLineNo">269</span><a id="line.269"> throws RedbackServiceException</a>
<span class="sourceLineNo">270</span><a id="line.270"> {</a>
<span class="sourceLineNo">271</span><a id="line.271"> try</a>
<span class="sourceLineNo">272</span><a id="line.272"> {</a>
<span class="sourceLineNo">273</span><a id="line.273"> org.apache.archiva.redback.users.User user = userManager.findUser( username );</a>
<span class="sourceLineNo">274</span><a id="line.274"> return getSimpleUser( user );</a>
<span class="sourceLineNo">275</span><a id="line.275"> }</a>
<span class="sourceLineNo">276</span><a id="line.276"> catch ( UserNotFoundException e )</a>
<span class="sourceLineNo">277</span><a id="line.277"> {</a>
<span class="sourceLineNo">278</span><a id="line.278"> return null;</a>
<span class="sourceLineNo">279</span><a id="line.279"> }</a>
<span class="sourceLineNo">280</span><a id="line.280"> catch ( UserManagerException e )</a>
<span class="sourceLineNo">281</span><a id="line.281"> {</a>
<span class="sourceLineNo">282</span><a id="line.282"> throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );</a>
<span class="sourceLineNo">283</span><a id="line.283"> }</a>
<span class="sourceLineNo">284</span><a id="line.284"> }</a>
<span class="sourceLineNo">285</span><a id="line.285"></a>
<span class="sourceLineNo">286</span><a id="line.286"> @Override</a>
<span class="sourceLineNo">287</span><a id="line.287"> public List&lt;User&gt; getUsers()</a>
<span class="sourceLineNo">288</span><a id="line.288"> throws RedbackServiceException</a>
<span class="sourceLineNo">289</span><a id="line.289"> {</a>
<span class="sourceLineNo">290</span><a id="line.290"> try</a>
<span class="sourceLineNo">291</span><a id="line.291"> {</a>
<span class="sourceLineNo">292</span><a id="line.292"> List&lt;? extends org.apache.archiva.redback.users.User&gt; users = userManager.getUsers();</a>
<span class="sourceLineNo">293</span><a id="line.293"> List&lt;User&gt; simpleUsers = new ArrayList&lt;&gt;( users.size( ) );</a>
<span class="sourceLineNo">294</span><a id="line.294"></a>
<span class="sourceLineNo">295</span><a id="line.295"> for ( org.apache.archiva.redback.users.User user : users )</a>
<span class="sourceLineNo">296</span><a id="line.296"> {</a>
<span class="sourceLineNo">297</span><a id="line.297"> simpleUsers.add( getSimpleUser( user ) );</a>
<span class="sourceLineNo">298</span><a id="line.298"> }</a>
<span class="sourceLineNo">299</span><a id="line.299"></a>
<span class="sourceLineNo">300</span><a id="line.300"> return simpleUsers;</a>
<span class="sourceLineNo">301</span><a id="line.301"> }</a>
<span class="sourceLineNo">302</span><a id="line.302"> catch ( UserManagerException e )</a>
<span class="sourceLineNo">303</span><a id="line.303"> {</a>
<span class="sourceLineNo">304</span><a id="line.304"> throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );</a>
<span class="sourceLineNo">305</span><a id="line.305"> }</a>
<span class="sourceLineNo">306</span><a id="line.306"> }</a>
<span class="sourceLineNo">307</span><a id="line.307"></a>
<span class="sourceLineNo">308</span><a id="line.308"> @Override</a>
<span class="sourceLineNo">309</span><a id="line.309"> public Boolean updateMe( User user )</a>
<span class="sourceLineNo">310</span><a id="line.310"> throws RedbackServiceException</a>
<span class="sourceLineNo">311</span><a id="line.311"> {</a>
<span class="sourceLineNo">312</span><a id="line.312"> // check username == one in the session</a>
<span class="sourceLineNo">313</span><a id="line.313"> RedbackRequestInformation redbackRequestInformation = RedbackAuthenticationThreadLocal.get();</a>
<span class="sourceLineNo">314</span><a id="line.314"> if ( redbackRequestInformation == null || redbackRequestInformation.getUser() == null )</a>
<span class="sourceLineNo">315</span><a id="line.315"> {</a>
<span class="sourceLineNo">316</span><a id="line.316"> log.warn( "RedbackRequestInformation from ThreadLocal is null" );</a>
<span class="sourceLineNo">317</span><a id="line.317"> throw new RedbackServiceException( new ErrorMessage( "you must be logged to update your profile" ),</a>
<span class="sourceLineNo">318</span><a id="line.318"> Response.Status.FORBIDDEN.getStatusCode() );</a>
<span class="sourceLineNo">319</span><a id="line.319"> }</a>
<span class="sourceLineNo">320</span><a id="line.320"> if ( user == null )</a>
<span class="sourceLineNo">321</span><a id="line.321"> {</a>
<span class="sourceLineNo">322</span><a id="line.322"> throw new RedbackServiceException( new ErrorMessage( "user parameter is mandatory" ),</a>
<span class="sourceLineNo">323</span><a id="line.323"> Response.Status.BAD_REQUEST.getStatusCode() );</a>
<span class="sourceLineNo">324</span><a id="line.324"> }</a>
<span class="sourceLineNo">325</span><a id="line.325"> if ( !StringUtils.equals( redbackRequestInformation.getUser().getUsername(), user.getUsername() ) )</a>
<span class="sourceLineNo">326</span><a id="line.326"> {</a>
<span class="sourceLineNo">327</span><a id="line.327"> throw new RedbackServiceException( new ErrorMessage( "you can update only your profile" ),</a>
<span class="sourceLineNo">328</span><a id="line.328"> Response.Status.FORBIDDEN.getStatusCode() );</a>
<span class="sourceLineNo">329</span><a id="line.329"> }</a>
<span class="sourceLineNo">330</span><a id="line.330"></a>
<span class="sourceLineNo">331</span><a id="line.331"> if ( StringUtils.isEmpty( user.getPreviousPassword() ) )</a>
<span class="sourceLineNo">332</span><a id="line.332"> {</a>
<span class="sourceLineNo">333</span><a id="line.333"> throw new RedbackServiceException( new ErrorMessage( "previous password is empty" ),</a>
<span class="sourceLineNo">334</span><a id="line.334"> Response.Status.BAD_REQUEST.getStatusCode() );</a>
<span class="sourceLineNo">335</span><a id="line.335"> }</a>
<span class="sourceLineNo">336</span><a id="line.336"></a>
<span class="sourceLineNo">337</span><a id="line.337"> User realUser = getUser( user.getUsername() );</a>
<span class="sourceLineNo">338</span><a id="line.338"> try</a>
<span class="sourceLineNo">339</span><a id="line.339"> {</a>
<span class="sourceLineNo">340</span><a id="line.340"> String previousEncodedPassword =</a>
<span class="sourceLineNo">341</span><a id="line.341"> securitySystem.getUserManager().findUser( user.getUsername(), false ).getEncodedPassword();</a>
<span class="sourceLineNo">342</span><a id="line.342"></a>
<span class="sourceLineNo">343</span><a id="line.343"> // check oldPassword with the current one</a>
<span class="sourceLineNo">344</span><a id="line.344"></a>
<span class="sourceLineNo">345</span><a id="line.345"> PasswordEncoder encoder = securitySystem.getPolicy().getPasswordEncoder();</a>
<span class="sourceLineNo">346</span><a id="line.346"></a>
<span class="sourceLineNo">347</span><a id="line.347"> if ( !encoder.isPasswordValid( previousEncodedPassword, user.getPreviousPassword() ) )</a>
<span class="sourceLineNo">348</span><a id="line.348"> {</a>
<span class="sourceLineNo">349</span><a id="line.349"></a>
<span class="sourceLineNo">350</span><a id="line.350"> throw new RedbackServiceException( new ErrorMessage( "password.provided.does.not.match.existing" ),</a>
<span class="sourceLineNo">351</span><a id="line.351"> Response.Status.BAD_REQUEST.getStatusCode() );</a>
<span class="sourceLineNo">352</span><a id="line.352"> }</a>
<span class="sourceLineNo">353</span><a id="line.353"> }</a>
<span class="sourceLineNo">354</span><a id="line.354"> catch ( UserNotFoundException e )</a>
<span class="sourceLineNo">355</span><a id="line.355"> {</a>
<span class="sourceLineNo">356</span><a id="line.356"> throw new RedbackServiceException( new ErrorMessage( "user not found" ),</a>
<span class="sourceLineNo">357</span><a id="line.357"> Response.Status.BAD_REQUEST.getStatusCode() );</a>
<span class="sourceLineNo">358</span><a id="line.358"> }</a>
<span class="sourceLineNo">359</span><a id="line.359"> catch ( UserManagerException e )</a>
<span class="sourceLineNo">360</span><a id="line.360"> {</a>
<span class="sourceLineNo">361</span><a id="line.361"> throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );</a>
<span class="sourceLineNo">362</span><a id="line.362"> }</a>
<span class="sourceLineNo">363</span><a id="line.363"> // only 3 fields to update</a>
<span class="sourceLineNo">364</span><a id="line.364"> realUser.setFullName( user.getFullName() );</a>
<span class="sourceLineNo">365</span><a id="line.365"> realUser.setEmail( user.getEmail() );</a>
<span class="sourceLineNo">366</span><a id="line.366"> // ui can limit to not update password</a>
<span class="sourceLineNo">367</span><a id="line.367"> if ( StringUtils.isNotBlank( user.getPassword() ) )</a>
<span class="sourceLineNo">368</span><a id="line.368"> {</a>
<span class="sourceLineNo">369</span><a id="line.369"> passwordValidator.validatePassword( user.getPassword(), user.getUsername() );</a>
<span class="sourceLineNo">370</span><a id="line.370"></a>
<span class="sourceLineNo">371</span><a id="line.371"> realUser.setPassword( user.getPassword() );</a>
<span class="sourceLineNo">372</span><a id="line.372"> }</a>
<span class="sourceLineNo">373</span><a id="line.373"></a>
<span class="sourceLineNo">374</span><a id="line.374"> updateUser( realUser );</a>
<span class="sourceLineNo">375</span><a id="line.375"></a>
<span class="sourceLineNo">376</span><a id="line.376"> return Boolean.TRUE;</a>
<span class="sourceLineNo">377</span><a id="line.377"> }</a>
<span class="sourceLineNo">378</span><a id="line.378"></a>
<span class="sourceLineNo">379</span><a id="line.379"> @Override</a>
<span class="sourceLineNo">380</span><a id="line.380"> public Boolean updateUser( User user )</a>
<span class="sourceLineNo">381</span><a id="line.381"> throws RedbackServiceException</a>
<span class="sourceLineNo">382</span><a id="line.382"> {</a>
<span class="sourceLineNo">383</span><a id="line.383"> try</a>
<span class="sourceLineNo">384</span><a id="line.384"> {</a>
<span class="sourceLineNo">385</span><a id="line.385"> org.apache.archiva.redback.users.User rawUser = userManager.findUser( user.getUsername(), false );</a>
<span class="sourceLineNo">386</span><a id="line.386"> rawUser.setFullName( user.getFullName() );</a>
<span class="sourceLineNo">387</span><a id="line.387"> rawUser.setEmail( user.getEmail() );</a>
<span class="sourceLineNo">388</span><a id="line.388"> rawUser.setValidated( user.isValidated() );</a>
<span class="sourceLineNo">389</span><a id="line.389"> rawUser.setLocked( user.isLocked() );</a>
<span class="sourceLineNo">390</span><a id="line.390"> rawUser.setPassword( user.getPassword() );</a>
<span class="sourceLineNo">391</span><a id="line.391"> rawUser.setPasswordChangeRequired( user.isPasswordChangeRequired() );</a>
<span class="sourceLineNo">392</span><a id="line.392"> rawUser.setPermanent( user.isPermanent() );</a>
<span class="sourceLineNo">393</span><a id="line.393"></a>
<span class="sourceLineNo">394</span><a id="line.394"> userManager.updateUser( rawUser );</a>
<span class="sourceLineNo">395</span><a id="line.395"> return Boolean.TRUE;</a>
<span class="sourceLineNo">396</span><a id="line.396"> }</a>
<span class="sourceLineNo">397</span><a id="line.397"> catch ( UserNotFoundException e )</a>
<span class="sourceLineNo">398</span><a id="line.398"> {</a>
<span class="sourceLineNo">399</span><a id="line.399"> throw new RedbackServiceException( e.getMessage() );</a>
<span class="sourceLineNo">400</span><a id="line.400"> }</a>
<span class="sourceLineNo">401</span><a id="line.401"> catch ( UserManagerException e )</a>
<span class="sourceLineNo">402</span><a id="line.402"> {</a>
<span class="sourceLineNo">403</span><a id="line.403"> throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );</a>
<span class="sourceLineNo">404</span><a id="line.404"> }</a>
<span class="sourceLineNo">405</span><a id="line.405"> }</a>
<span class="sourceLineNo">406</span><a id="line.406"></a>
<span class="sourceLineNo">407</span><a id="line.407"> @Override</a>
<span class="sourceLineNo">408</span><a id="line.408"> public int removeFromCache( String userName )</a>
<span class="sourceLineNo">409</span><a id="line.409"> throws RedbackServiceException</a>
<span class="sourceLineNo">410</span><a id="line.410"> {</a>
<span class="sourceLineNo">411</span><a id="line.411"> if ( userAssignmentsCache != null )</a>
<span class="sourceLineNo">412</span><a id="line.412"> {</a>
<span class="sourceLineNo">413</span><a id="line.413"> userAssignmentsCache.remove( userName );</a>
<span class="sourceLineNo">414</span><a id="line.414"> }</a>
<span class="sourceLineNo">415</span><a id="line.415"> if ( userPermissionsCache != null )</a>
<span class="sourceLineNo">416</span><a id="line.416"> {</a>
<span class="sourceLineNo">417</span><a id="line.417"> userPermissionsCache.remove( userName );</a>
<span class="sourceLineNo">418</span><a id="line.418"> }</a>
<span class="sourceLineNo">419</span><a id="line.419"> if ( usersCache != null )</a>
<span class="sourceLineNo">420</span><a id="line.420"> {</a>
<span class="sourceLineNo">421</span><a id="line.421"> usersCache.remove( userName );</a>
<span class="sourceLineNo">422</span><a id="line.422"> }</a>
<span class="sourceLineNo">423</span><a id="line.423"></a>
<span class="sourceLineNo">424</span><a id="line.424"> return -1;</a>
<span class="sourceLineNo">425</span><a id="line.425"> }</a>
<span class="sourceLineNo">426</span><a id="line.426"></a>
<span class="sourceLineNo">427</span><a id="line.427"> @Override</a>
<span class="sourceLineNo">428</span><a id="line.428"> public User getGuestUser()</a>
<span class="sourceLineNo">429</span><a id="line.429"> throws RedbackServiceException</a>
<span class="sourceLineNo">430</span><a id="line.430"> {</a>
<span class="sourceLineNo">431</span><a id="line.431"> try</a>
<span class="sourceLineNo">432</span><a id="line.432"> {</a>
<span class="sourceLineNo">433</span><a id="line.433"> org.apache.archiva.redback.users.User user = userManager.getGuestUser();</a>
<span class="sourceLineNo">434</span><a id="line.434"> return getSimpleUser( user );</a>
<span class="sourceLineNo">435</span><a id="line.435"> }</a>
<span class="sourceLineNo">436</span><a id="line.436"> catch ( Exception e )</a>
<span class="sourceLineNo">437</span><a id="line.437"> {</a>
<span class="sourceLineNo">438</span><a id="line.438"> return null;</a>
<span class="sourceLineNo">439</span><a id="line.439"> }</a>
<span class="sourceLineNo">440</span><a id="line.440"> }</a>
<span class="sourceLineNo">441</span><a id="line.441"></a>
<span class="sourceLineNo">442</span><a id="line.442"> @Override</a>
<span class="sourceLineNo">443</span><a id="line.443"> public User createGuestUser()</a>
<span class="sourceLineNo">444</span><a id="line.444"> throws RedbackServiceException</a>
<span class="sourceLineNo">445</span><a id="line.445"> {</a>
<span class="sourceLineNo">446</span><a id="line.446"> User u = getGuestUser();</a>
<span class="sourceLineNo">447</span><a id="line.447"> if ( u != null )</a>
<span class="sourceLineNo">448</span><a id="line.448"> {</a>
<span class="sourceLineNo">449</span><a id="line.449"> return u;</a>
<span class="sourceLineNo">450</span><a id="line.450"> }</a>
<span class="sourceLineNo">451</span><a id="line.451"> // temporary disable policy during guest creation as no password !</a>
<span class="sourceLineNo">452</span><a id="line.452"> try</a>
<span class="sourceLineNo">453</span><a id="line.453"> {</a>
<span class="sourceLineNo">454</span><a id="line.454"> securitySystem.getPolicy().setEnabled( false );</a>
<span class="sourceLineNo">455</span><a id="line.455"> org.apache.archiva.redback.users.User user = userManager.createGuestUser();</a>
<span class="sourceLineNo">456</span><a id="line.456"> user.setPasswordChangeRequired( false );</a>
<span class="sourceLineNo">457</span><a id="line.457"> user = userManager.updateUser( user, false );</a>
<span class="sourceLineNo">458</span><a id="line.458"> roleManager.assignRole( config.getString( UserConfigurationKeys.DEFAULT_GUEST ), user.getUsername() );</a>
<span class="sourceLineNo">459</span><a id="line.459"> return getSimpleUser( user );</a>
<span class="sourceLineNo">460</span><a id="line.460"> }</a>
<span class="sourceLineNo">461</span><a id="line.461"> catch ( RoleManagerException | UserNotFoundException e )</a>
<span class="sourceLineNo">462</span><a id="line.462"> {</a>
<span class="sourceLineNo">463</span><a id="line.463"> log.error( e.getMessage(), e );</a>
<span class="sourceLineNo">464</span><a id="line.464"> throw new RedbackServiceException( e.getMessage() );</a>
<span class="sourceLineNo">465</span><a id="line.465"> }</a>
<span class="sourceLineNo">466</span><a id="line.466"> catch ( UserManagerException e )</a>
<span class="sourceLineNo">467</span><a id="line.467"> {</a>
<span class="sourceLineNo">468</span><a id="line.468"> throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );</a>
<span class="sourceLineNo">469</span><a id="line.469"> }</a>
<span class="sourceLineNo">470</span><a id="line.470"> finally</a>
<span class="sourceLineNo">471</span><a id="line.471"> {</a>
<span class="sourceLineNo">472</span><a id="line.472"></a>
<span class="sourceLineNo">473</span><a id="line.473"> if ( !securitySystem.getPolicy().isEnabled() )</a>
<span class="sourceLineNo">474</span><a id="line.474"> {</a>
<span class="sourceLineNo">475</span><a id="line.475"> securitySystem.getPolicy().setEnabled( true );</a>
<span class="sourceLineNo">476</span><a id="line.476"> }</a>
<span class="sourceLineNo">477</span><a id="line.477"> }</a>
<span class="sourceLineNo">478</span><a id="line.478"> }</a>
<span class="sourceLineNo">479</span><a id="line.479"></a>
<span class="sourceLineNo">480</span><a id="line.480"> @Override</a>
<span class="sourceLineNo">481</span><a id="line.481"> public Boolean ping()</a>
<span class="sourceLineNo">482</span><a id="line.482"> throws RedbackServiceException</a>
<span class="sourceLineNo">483</span><a id="line.483"> {</a>
<span class="sourceLineNo">484</span><a id="line.484"> return Boolean.TRUE;</a>
<span class="sourceLineNo">485</span><a id="line.485"> }</a>
<span class="sourceLineNo">486</span><a id="line.486"></a>
<span class="sourceLineNo">487</span><a id="line.487"> private User getSimpleUser( org.apache.archiva.redback.users.User user )</a>
<span class="sourceLineNo">488</span><a id="line.488"> {</a>
<span class="sourceLineNo">489</span><a id="line.489"> if ( user == null )</a>
<span class="sourceLineNo">490</span><a id="line.490"> {</a>
<span class="sourceLineNo">491</span><a id="line.491"> return null;</a>
<span class="sourceLineNo">492</span><a id="line.492"> }</a>
<span class="sourceLineNo">493</span><a id="line.493"> return new User( user );</a>
<span class="sourceLineNo">494</span><a id="line.494"> }</a>
<span class="sourceLineNo">495</span><a id="line.495"></a>
<span class="sourceLineNo">496</span><a id="line.496"> @Override</a>
<span class="sourceLineNo">497</span><a id="line.497"> public Boolean createAdminUser( User adminUser )</a>
<span class="sourceLineNo">498</span><a id="line.498"> throws RedbackServiceException</a>
<span class="sourceLineNo">499</span><a id="line.499"> {</a>
<span class="sourceLineNo">500</span><a id="line.500"> if ( isAdminUserExists() )</a>
<span class="sourceLineNo">501</span><a id="line.501"> {</a>
<span class="sourceLineNo">502</span><a id="line.502"> log.warn( "Admin user exists already" );</a>
<span class="sourceLineNo">503</span><a id="line.503"> return Boolean.FALSE;</a>
<span class="sourceLineNo">504</span><a id="line.504"> }</a>
<span class="sourceLineNo">505</span><a id="line.505"> log.debug("Creating admin admin user '{}'", adminUser.getUsername());</a>
<span class="sourceLineNo">506</span><a id="line.506"> if (!RedbackRoleConstants.ADMINISTRATOR_ACCOUNT_NAME.equals(adminUser.getUsername())) {</a>
<span class="sourceLineNo">507</span><a id="line.507"> log.error("Wrong admin user name {}", adminUser.getUsername());</a>
<span class="sourceLineNo">508</span><a id="line.508"> throw new RedbackServiceException(new ErrorMessage("admin.wrongUsername"));</a>
<span class="sourceLineNo">509</span><a id="line.509"> }</a>
<span class="sourceLineNo">510</span><a id="line.510"></a>
<span class="sourceLineNo">511</span><a id="line.511"> try</a>
<span class="sourceLineNo">512</span><a id="line.512"> {</a>
<span class="sourceLineNo">513</span><a id="line.513"> org.apache.archiva.redback.users.User user =</a>
<span class="sourceLineNo">514</span><a id="line.514"> userManager.createUser( RedbackRoleConstants.ADMINISTRATOR_ACCOUNT_NAME, adminUser.getFullName(),</a>
<span class="sourceLineNo">515</span><a id="line.515"> adminUser.getEmail() );</a>
<span class="sourceLineNo">516</span><a id="line.516"> user.setPassword( adminUser.getPassword() );</a>
<span class="sourceLineNo">517</span><a id="line.517"></a>
<span class="sourceLineNo">518</span><a id="line.518"> user.setLocked( false );</a>
<span class="sourceLineNo">519</span><a id="line.519"> user.setPasswordChangeRequired( false );</a>
<span class="sourceLineNo">520</span><a id="line.520"> user.setPermanent( true );</a>
<span class="sourceLineNo">521</span><a id="line.521"> user.setValidated( true );</a>
<span class="sourceLineNo">522</span><a id="line.522"></a>
<span class="sourceLineNo">523</span><a id="line.523"> userManager.addUser( user );</a>
<span class="sourceLineNo">524</span><a id="line.524"> roleManager.assignRole( "system-administrator", user.getUsername() );</a>
<span class="sourceLineNo">525</span><a id="line.525"> }</a>
<span class="sourceLineNo">526</span><a id="line.526"> catch ( RoleManagerException e )</a>
<span class="sourceLineNo">527</span><a id="line.527"> {</a>
<span class="sourceLineNo">528</span><a id="line.528"> throw new RedbackServiceException( e.getMessage() );</a>
<span class="sourceLineNo">529</span><a id="line.529"> }</a>
<span class="sourceLineNo">530</span><a id="line.530"> catch ( UserManagerException e )</a>
<span class="sourceLineNo">531</span><a id="line.531"> {</a>
<span class="sourceLineNo">532</span><a id="line.532"> throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );</a>
<span class="sourceLineNo">533</span><a id="line.533"> }</a>
<span class="sourceLineNo">534</span><a id="line.534"> return Boolean.TRUE;</a>
<span class="sourceLineNo">535</span><a id="line.535"> }</a>
<span class="sourceLineNo">536</span><a id="line.536"></a>
<span class="sourceLineNo">537</span><a id="line.537"> @Override</a>
<span class="sourceLineNo">538</span><a id="line.538"> public Boolean isAdminUserExists()</a>
<span class="sourceLineNo">539</span><a id="line.539"> throws RedbackServiceException</a>
<span class="sourceLineNo">540</span><a id="line.540"> {</a>
<span class="sourceLineNo">541</span><a id="line.541"> try</a>
<span class="sourceLineNo">542</span><a id="line.542"> {</a>
<span class="sourceLineNo">543</span><a id="line.543"> userManager.findUser( config.getString( UserConfigurationKeys.DEFAULT_ADMIN ) );</a>
<span class="sourceLineNo">544</span><a id="line.544"> return Boolean.TRUE;</a>
<span class="sourceLineNo">545</span><a id="line.545"> }</a>
<span class="sourceLineNo">546</span><a id="line.546"> catch ( UserNotFoundException e )</a>
<span class="sourceLineNo">547</span><a id="line.547"> {</a>
<span class="sourceLineNo">548</span><a id="line.548"> // ignore</a>
<span class="sourceLineNo">549</span><a id="line.549"> }</a>
<span class="sourceLineNo">550</span><a id="line.550"> catch ( UserManagerException e )</a>
<span class="sourceLineNo">551</span><a id="line.551"> {</a>
<span class="sourceLineNo">552</span><a id="line.552"> Throwable cause = e.getCause();</a>
<span class="sourceLineNo">553</span><a id="line.553"></a>
<span class="sourceLineNo">554</span><a id="line.554"> if ( cause != null &amp;&amp; cause instanceof UserNotFoundException )</a>
<span class="sourceLineNo">555</span><a id="line.555"> {</a>
<span class="sourceLineNo">556</span><a id="line.556"> return Boolean.FALSE;</a>
<span class="sourceLineNo">557</span><a id="line.557"> }</a>
<span class="sourceLineNo">558</span><a id="line.558"> throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );</a>
<span class="sourceLineNo">559</span><a id="line.559"> }</a>
<span class="sourceLineNo">560</span><a id="line.560"> return Boolean.FALSE;</a>
<span class="sourceLineNo">561</span><a id="line.561"> }</a>
<span class="sourceLineNo">562</span><a id="line.562"></a>
<span class="sourceLineNo">563</span><a id="line.563"> @Override</a>
<span class="sourceLineNo">564</span><a id="line.564"> public Boolean resetPassword( ResetPasswordRequest resetPasswordRequest )</a>
<span class="sourceLineNo">565</span><a id="line.565"> throws RedbackServiceException</a>
<span class="sourceLineNo">566</span><a id="line.566"> {</a>
<span class="sourceLineNo">567</span><a id="line.567"> String username = resetPasswordRequest.getUsername();</a>
<span class="sourceLineNo">568</span><a id="line.568"> if ( StringUtils.isEmpty( username ) )</a>
<span class="sourceLineNo">569</span><a id="line.569"> {</a>
<span class="sourceLineNo">570</span><a id="line.570"> throw new RedbackServiceException( new ErrorMessage( "username.cannot.be.empty" ) );</a>
<span class="sourceLineNo">571</span><a id="line.571"> }</a>
<span class="sourceLineNo">572</span><a id="line.572"></a>
<span class="sourceLineNo">573</span><a id="line.573"> UserManager userManager = securitySystem.getUserManager();</a>
<span class="sourceLineNo">574</span><a id="line.574"> KeyManager keyManager = securitySystem.getKeyManager();</a>
<span class="sourceLineNo">575</span><a id="line.575"> UserSecurityPolicy policy = securitySystem.getPolicy();</a>
<span class="sourceLineNo">576</span><a id="line.576"></a>
<span class="sourceLineNo">577</span><a id="line.577"> try</a>
<span class="sourceLineNo">578</span><a id="line.578"> {</a>
<span class="sourceLineNo">579</span><a id="line.579"> org.apache.archiva.redback.users.User user = userManager.findUser( username );</a>
<span class="sourceLineNo">580</span><a id="line.580"></a>
<span class="sourceLineNo">581</span><a id="line.581"> AuthenticationKey authkey = keyManager.createKey( username, "Password Reset Request",</a>
<span class="sourceLineNo">582</span><a id="line.582"> policy.getUserValidationSettings().getEmailValidationTimeout() );</a>
<span class="sourceLineNo">583</span><a id="line.583"></a>
<span class="sourceLineNo">584</span><a id="line.584"> String applicationUrl = resetPasswordRequest.getApplicationUrl();</a>
<span class="sourceLineNo">585</span><a id="line.585"> if ( StringUtils.isBlank( applicationUrl ) )</a>
<span class="sourceLineNo">586</span><a id="line.586"> {</a>
<span class="sourceLineNo">587</span><a id="line.587"> applicationUrl = getBaseUrl();</a>
<span class="sourceLineNo">588</span><a id="line.588"> }</a>
<span class="sourceLineNo">589</span><a id="line.589"></a>
<span class="sourceLineNo">590</span><a id="line.590"> mailer.sendPasswordResetEmail( Arrays.asList( user.getEmail() ), authkey, applicationUrl );</a>
<span class="sourceLineNo">591</span><a id="line.591"> log.info( "password reset request for username {}", username );</a>
<span class="sourceLineNo">592</span><a id="line.592"> }</a>
<span class="sourceLineNo">593</span><a id="line.593"> catch ( UserNotFoundException e )</a>
<span class="sourceLineNo">594</span><a id="line.594"> {</a>
<span class="sourceLineNo">595</span><a id="line.595"> log.info( "Password Reset on non-existant user [{}].", username );</a>
<span class="sourceLineNo">596</span><a id="line.596"> throw new RedbackServiceException( new ErrorMessage( "password.reset.failure" ) );</a>
<span class="sourceLineNo">597</span><a id="line.597"> }</a>
<span class="sourceLineNo">598</span><a id="line.598"> catch ( KeyManagerException e )</a>
<span class="sourceLineNo">599</span><a id="line.599"> {</a>
<span class="sourceLineNo">600</span><a id="line.600"> log.info( "Unable to issue password reset.", e );</a>
<span class="sourceLineNo">601</span><a id="line.601"> throw new RedbackServiceException( new ErrorMessage( "password.reset.email.generation.failure" ) );</a>
<span class="sourceLineNo">602</span><a id="line.602"> }</a>
<span class="sourceLineNo">603</span><a id="line.603"> catch ( UserManagerException e )</a>
<span class="sourceLineNo">604</span><a id="line.604"> {</a>
<span class="sourceLineNo">605</span><a id="line.605"> throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );</a>
<span class="sourceLineNo">606</span><a id="line.606"> }</a>
<span class="sourceLineNo">607</span><a id="line.607"></a>
<span class="sourceLineNo">608</span><a id="line.608"> return Boolean.TRUE;</a>
<span class="sourceLineNo">609</span><a id="line.609"> }</a>
<span class="sourceLineNo">610</span><a id="line.610"></a>
<span class="sourceLineNo">611</span><a id="line.611"> @Override</a>
<span class="sourceLineNo">612</span><a id="line.612"> public RegistrationKey registerUser( UserRegistrationRequest userRegistrationRequest )</a>
<span class="sourceLineNo">613</span><a id="line.613"> throws RedbackServiceException</a>
<span class="sourceLineNo">614</span><a id="line.614"> {</a>
<span class="sourceLineNo">615</span><a id="line.615"> User user = userRegistrationRequest.getUser();</a>
<span class="sourceLineNo">616</span><a id="line.616"> if ( user == null )</a>
<span class="sourceLineNo">617</span><a id="line.617"> {</a>
<span class="sourceLineNo">618</span><a id="line.618"> throw new RedbackServiceException( new ErrorMessage( "invalid.user.credentials", null ) );</a>
<span class="sourceLineNo">619</span><a id="line.619"></a>
<span class="sourceLineNo">620</span><a id="line.620"> }</a>
<span class="sourceLineNo">621</span><a id="line.621"></a>
<span class="sourceLineNo">622</span><a id="line.622"> UserSecurityPolicy securityPolicy = securitySystem.getPolicy();</a>
<span class="sourceLineNo">623</span><a id="line.623"></a>
<span class="sourceLineNo">624</span><a id="line.624"> boolean emailValidationRequired = securityPolicy.getUserValidationSettings().isEmailValidationRequired();</a>
<span class="sourceLineNo">625</span><a id="line.625"></a>
<span class="sourceLineNo">626</span><a id="line.626"> if ( emailValidationRequired )</a>
<span class="sourceLineNo">627</span><a id="line.627"> {</a>
<span class="sourceLineNo">628</span><a id="line.628"> validateCredentialsLoose( user );</a>
<span class="sourceLineNo">629</span><a id="line.629"> }</a>
<span class="sourceLineNo">630</span><a id="line.630"> else</a>
<span class="sourceLineNo">631</span><a id="line.631"> {</a>
<span class="sourceLineNo">632</span><a id="line.632"> validateCredentialsStrict( user );</a>
<span class="sourceLineNo">633</span><a id="line.633"> }</a>
<span class="sourceLineNo">634</span><a id="line.634"></a>
<span class="sourceLineNo">635</span><a id="line.635"> org.apache.archiva.redback.users.User u = null;</a>
<span class="sourceLineNo">636</span><a id="line.636"></a>
<span class="sourceLineNo">637</span><a id="line.637"> try</a>
<span class="sourceLineNo">638</span><a id="line.638"> {</a>
<span class="sourceLineNo">639</span><a id="line.639"></a>
<span class="sourceLineNo">640</span><a id="line.640"> // NOTE: Do not perform Password Rules Validation Here.</a>
<span class="sourceLineNo">641</span><a id="line.641"></a>
<span class="sourceLineNo">642</span><a id="line.642"> if ( userManager.userExists( user.getUsername() ) )</a>
<span class="sourceLineNo">643</span><a id="line.643"> {</a>
<span class="sourceLineNo">644</span><a id="line.644"> throw new RedbackServiceException(</a>
<span class="sourceLineNo">645</span><a id="line.645"> new ErrorMessage( "user.already.exists", new String[]{ user.getUsername() } ) );</a>
<span class="sourceLineNo">646</span><a id="line.646"> }</a>
<span class="sourceLineNo">647</span><a id="line.647"></a>
<span class="sourceLineNo">648</span><a id="line.648"> u = userManager.createUser( user.getUsername(), user.getFullName(), user.getEmail() );</a>
<span class="sourceLineNo">649</span><a id="line.649"> u.setPassword( user.getPassword() );</a>
<span class="sourceLineNo">650</span><a id="line.650"> u.setValidated( false );</a>
<span class="sourceLineNo">651</span><a id="line.651"> u.setLocked( false );</a>
<span class="sourceLineNo">652</span><a id="line.652"></a>
<span class="sourceLineNo">653</span><a id="line.653"> roleManager.assignRole( RedbackRoleConstants.REGISTERED_USER_ROLE_ID, u.getUsername() );</a>
<span class="sourceLineNo">654</span><a id="line.654"> }</a>
<span class="sourceLineNo">655</span><a id="line.655"> catch ( RoleManagerException rpe )</a>
<span class="sourceLineNo">656</span><a id="line.656"> {</a>
<span class="sourceLineNo">657</span><a id="line.657"> log.error( "RoleProfile Error: {}", rpe.getMessage(), rpe );</a>
<span class="sourceLineNo">658</span><a id="line.658"> throw new RedbackServiceException( new ErrorMessage( "assign.role.failure", null ) );</a>
<span class="sourceLineNo">659</span><a id="line.659"> }</a>
<span class="sourceLineNo">660</span><a id="line.660"> catch ( UserManagerException e )</a>
<span class="sourceLineNo">661</span><a id="line.661"> {</a>
<span class="sourceLineNo">662</span><a id="line.662"> throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );</a>
<span class="sourceLineNo">663</span><a id="line.663"> }</a>
<span class="sourceLineNo">664</span><a id="line.664"></a>
<span class="sourceLineNo">665</span><a id="line.665"> if ( emailValidationRequired )</a>
<span class="sourceLineNo">666</span><a id="line.666"> {</a>
<span class="sourceLineNo">667</span><a id="line.667"> u.setLocked( true );</a>
<span class="sourceLineNo">668</span><a id="line.668"></a>
<span class="sourceLineNo">669</span><a id="line.669"> try</a>
<span class="sourceLineNo">670</span><a id="line.670"> {</a>
<span class="sourceLineNo">671</span><a id="line.671"> AuthenticationKey authkey =</a>
<span class="sourceLineNo">672</span><a id="line.672"> securitySystem.getKeyManager().createKey( u.getUsername(), "New User Email Validation",</a>
<span class="sourceLineNo">673</span><a id="line.673"> securityPolicy.getUserValidationSettings().getEmailValidationTimeout() );</a>
<span class="sourceLineNo">674</span><a id="line.674"></a>
<span class="sourceLineNo">675</span><a id="line.675"> String baseUrl = userRegistrationRequest.getApplicationUrl();</a>
<span class="sourceLineNo">676</span><a id="line.676"> if ( StringUtils.isBlank( baseUrl ) )</a>
<span class="sourceLineNo">677</span><a id="line.677"> {</a>
<span class="sourceLineNo">678</span><a id="line.678"> baseUrl = getBaseUrl();</a>
<span class="sourceLineNo">679</span><a id="line.679"> }</a>
<span class="sourceLineNo">680</span><a id="line.680"></a>
<span class="sourceLineNo">681</span><a id="line.681"> log.debug( "register user {} with email {} and app url {}", u.getUsername(), u.getEmail(), baseUrl );</a>
<span class="sourceLineNo">682</span><a id="line.682"></a>
<span class="sourceLineNo">683</span><a id="line.683"> mailer.sendAccountValidationEmail( Arrays.asList( u.getEmail() ), authkey, baseUrl );</a>
<span class="sourceLineNo">684</span><a id="line.684"></a>
<span class="sourceLineNo">685</span><a id="line.685"> securityPolicy.setEnabled( false );</a>
<span class="sourceLineNo">686</span><a id="line.686"> userManager.addUser( u );</a>
<span class="sourceLineNo">687</span><a id="line.687"> return new RegistrationKey( authkey.getKey() );</a>
<span class="sourceLineNo">688</span><a id="line.688"></a>
<span class="sourceLineNo">689</span><a id="line.689"> }</a>
<span class="sourceLineNo">690</span><a id="line.690"> catch ( KeyManagerException e )</a>
<span class="sourceLineNo">691</span><a id="line.691"> {</a>
<span class="sourceLineNo">692</span><a id="line.692"> log.error( "Unable to register a new user.", e );</a>
<span class="sourceLineNo">693</span><a id="line.693"> throw new RedbackServiceException( new ErrorMessage( "cannot.register.user", null ) );</a>
<span class="sourceLineNo">694</span><a id="line.694"> }</a>
<span class="sourceLineNo">695</span><a id="line.695"> catch ( UserManagerException e )</a>
<span class="sourceLineNo">696</span><a id="line.696"> {</a>
<span class="sourceLineNo">697</span><a id="line.697"> throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );</a>
<span class="sourceLineNo">698</span><a id="line.698"> }</a>
<span class="sourceLineNo">699</span><a id="line.699"> finally</a>
<span class="sourceLineNo">700</span><a id="line.700"> {</a>
<span class="sourceLineNo">701</span><a id="line.701"> securityPolicy.setEnabled( true );</a>
<span class="sourceLineNo">702</span><a id="line.702"> }</a>
<span class="sourceLineNo">703</span><a id="line.703"> }</a>
<span class="sourceLineNo">704</span><a id="line.704"> else</a>
<span class="sourceLineNo">705</span><a id="line.705"> {</a>
<span class="sourceLineNo">706</span><a id="line.706"> try</a>
<span class="sourceLineNo">707</span><a id="line.707"> {</a>
<span class="sourceLineNo">708</span><a id="line.708"> userManager.addUser( u );</a>
<span class="sourceLineNo">709</span><a id="line.709"> return new RegistrationKey( "-1" );</a>
<span class="sourceLineNo">710</span><a id="line.710"> }</a>
<span class="sourceLineNo">711</span><a id="line.711"> catch ( UserManagerException e )</a>
<span class="sourceLineNo">712</span><a id="line.712"> {</a>
<span class="sourceLineNo">713</span><a id="line.713"> throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );</a>
<span class="sourceLineNo">714</span><a id="line.714"> }</a>
<span class="sourceLineNo">715</span><a id="line.715"> }</a>
<span class="sourceLineNo">716</span><a id="line.716"></a>
<span class="sourceLineNo">717</span><a id="line.717"> // FIXME log this event</a>
<span class="sourceLineNo">718</span><a id="line.718"> /*</a>
<span class="sourceLineNo">719</span><a id="line.719"> AuditEvent event = new AuditEvent( getText( "log.account.create" ) );</a>
<span class="sourceLineNo">720</span><a id="line.720"> event.setAffectedUser( username );</a>
<span class="sourceLineNo">721</span><a id="line.721"> event.log();</a>
<span class="sourceLineNo">722</span><a id="line.722"> */</a>
<span class="sourceLineNo">723</span><a id="line.723"></a>
<span class="sourceLineNo">724</span><a id="line.724"> }</a>
<span class="sourceLineNo">725</span><a id="line.725"></a>
<span class="sourceLineNo">726</span><a id="line.726"> @Override</a>
<span class="sourceLineNo">727</span><a id="line.727"> public Boolean validateUserFromKey( String key )</a>
<span class="sourceLineNo">728</span><a id="line.728"> throws RedbackServiceException</a>
<span class="sourceLineNo">729</span><a id="line.729"> {</a>
<span class="sourceLineNo">730</span><a id="line.730"> String principal = null;</a>
<span class="sourceLineNo">731</span><a id="line.731"> try</a>
<span class="sourceLineNo">732</span><a id="line.732"> {</a>
<span class="sourceLineNo">733</span><a id="line.733"> AuthenticationKey authkey = securitySystem.getKeyManager().findKey( key );</a>
<span class="sourceLineNo">734</span><a id="line.734"></a>
<span class="sourceLineNo">735</span><a id="line.735"> org.apache.archiva.redback.users.User user =</a>
<span class="sourceLineNo">736</span><a id="line.736"> securitySystem.getUserManager().findUser( authkey.getForPrincipal() );</a>
<span class="sourceLineNo">737</span><a id="line.737"></a>
<span class="sourceLineNo">738</span><a id="line.738"> user.setValidated( true );</a>
<span class="sourceLineNo">739</span><a id="line.739"> user.setLocked( false );</a>
<span class="sourceLineNo">740</span><a id="line.740"> user.setPasswordChangeRequired( true );</a>
<span class="sourceLineNo">741</span><a id="line.741"> user.setEncodedPassword( "" );</a>
<span class="sourceLineNo">742</span><a id="line.742"></a>
<span class="sourceLineNo">743</span><a id="line.743"> principal = user.getUsername();</a>
<span class="sourceLineNo">744</span><a id="line.744"></a>
<span class="sourceLineNo">745</span><a id="line.745"> TokenBasedAuthenticationDataSource authsource = new TokenBasedAuthenticationDataSource();</a>
<span class="sourceLineNo">746</span><a id="line.746"> authsource.setPrincipal( principal );</a>
<span class="sourceLineNo">747</span><a id="line.747"> authsource.setToken( authkey.getKey() );</a>
<span class="sourceLineNo">748</span><a id="line.748"> authsource.setEnforcePasswordChange( false );</a>
<span class="sourceLineNo">749</span><a id="line.749"></a>
<span class="sourceLineNo">750</span><a id="line.750"> securitySystem.getUserManager().updateUser( user );</a>
<span class="sourceLineNo">751</span><a id="line.751"></a>
<span class="sourceLineNo">752</span><a id="line.752"> httpAuthenticator.authenticate( authsource, httpServletRequest.getSession( true ) );</a>
<span class="sourceLineNo">753</span><a id="line.753"></a>
<span class="sourceLineNo">754</span><a id="line.754"> log.info( "account validated for user {}", user.getUsername() );</a>
<span class="sourceLineNo">755</span><a id="line.755"></a>
<span class="sourceLineNo">756</span><a id="line.756"> return Boolean.TRUE;</a>
<span class="sourceLineNo">757</span><a id="line.757"> }</a>
<span class="sourceLineNo">758</span><a id="line.758"> catch ( MustChangePasswordException | AccountLockedException | AuthenticationException e )</a>
<span class="sourceLineNo">759</span><a id="line.759"> {</a>
<span class="sourceLineNo">760</span><a id="line.760"> throw new RedbackServiceException( e.getMessage(), Response.Status.FORBIDDEN.getStatusCode() );</a>
<span class="sourceLineNo">761</span><a id="line.761"> }</a>
<span class="sourceLineNo">762</span><a id="line.762"> catch ( KeyNotFoundException e )</a>
<span class="sourceLineNo">763</span><a id="line.763"> {</a>
<span class="sourceLineNo">764</span><a id="line.764"> log.info( "Invalid key requested: {}", key );</a>
<span class="sourceLineNo">765</span><a id="line.765"> throw new RedbackServiceException( new ErrorMessage( "cannot.find.key" ) );</a>
<span class="sourceLineNo">766</span><a id="line.766"> }</a>
<span class="sourceLineNo">767</span><a id="line.767"> catch ( KeyManagerException e )</a>
<span class="sourceLineNo">768</span><a id="line.768"> {</a>
<span class="sourceLineNo">769</span><a id="line.769"> throw new RedbackServiceException( new ErrorMessage( "cannot.find.key.at.the.momment" ) );</a>
<span class="sourceLineNo">770</span><a id="line.770"></a>
<span class="sourceLineNo">771</span><a id="line.771"> }</a>
<span class="sourceLineNo">772</span><a id="line.772"> catch ( UserNotFoundException e )</a>
<span class="sourceLineNo">773</span><a id="line.773"> {</a>
<span class="sourceLineNo">774</span><a id="line.774"> throw new RedbackServiceException( new ErrorMessage( "cannot.find.user", new String[]{ principal } ) );</a>
<span class="sourceLineNo">775</span><a id="line.775"></a>
<span class="sourceLineNo">776</span><a id="line.776"> }</a>
<span class="sourceLineNo">777</span><a id="line.777"> catch ( UserManagerException e )</a>
<span class="sourceLineNo">778</span><a id="line.778"> {</a>
<span class="sourceLineNo">779</span><a id="line.779"> throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );</a>
<span class="sourceLineNo">780</span><a id="line.780"> }</a>
<span class="sourceLineNo">781</span><a id="line.781"> }</a>
<span class="sourceLineNo">782</span><a id="line.782"></a>
<span class="sourceLineNo">783</span><a id="line.783"> @Override</a>
<span class="sourceLineNo">784</span><a id="line.784"> public Collection&lt;Permission&gt; getCurrentUserPermissions()</a>
<span class="sourceLineNo">785</span><a id="line.785"> throws RedbackServiceException</a>
<span class="sourceLineNo">786</span><a id="line.786"> {</a>
<span class="sourceLineNo">787</span><a id="line.787"> RedbackRequestInformation redbackRequestInformation = RedbackAuthenticationThreadLocal.get();</a>
<span class="sourceLineNo">788</span><a id="line.788"> String userName = UserManager.GUEST_USERNAME;</a>
<span class="sourceLineNo">789</span><a id="line.789"> if ( redbackRequestInformation != null &amp;&amp; redbackRequestInformation.getUser() != null )</a>
<span class="sourceLineNo">790</span><a id="line.790"> {</a>
<span class="sourceLineNo">791</span><a id="line.791"> userName = redbackRequestInformation.getUser().getUsername();</a>
<span class="sourceLineNo">792</span><a id="line.792"> }</a>
<span class="sourceLineNo">793</span><a id="line.793"> else</a>
<span class="sourceLineNo">794</span><a id="line.794"> {</a>
<span class="sourceLineNo">795</span><a id="line.795"> log.warn( "RedbackRequestInformation from ThreadLocal is null" );</a>
<span class="sourceLineNo">796</span><a id="line.796"> }</a>
<span class="sourceLineNo">797</span><a id="line.797"></a>
<span class="sourceLineNo">798</span><a id="line.798"> return getUserPermissions( userName );</a>
<span class="sourceLineNo">799</span><a id="line.799"> }</a>
<span class="sourceLineNo">800</span><a id="line.800"></a>
<span class="sourceLineNo">801</span><a id="line.801"> @Override</a>
<span class="sourceLineNo">802</span><a id="line.802"> public Collection&lt;Operation&gt; getCurrentUserOperations()</a>
<span class="sourceLineNo">803</span><a id="line.803"> throws RedbackServiceException</a>
<span class="sourceLineNo">804</span><a id="line.804"> {</a>
<span class="sourceLineNo">805</span><a id="line.805"> RedbackRequestInformation redbackRequestInformation = RedbackAuthenticationThreadLocal.get();</a>
<span class="sourceLineNo">806</span><a id="line.806"> String userName = UserManager.GUEST_USERNAME;</a>
<span class="sourceLineNo">807</span><a id="line.807"> if ( redbackRequestInformation != null &amp;&amp; redbackRequestInformation.getUser() != null )</a>
<span class="sourceLineNo">808</span><a id="line.808"> {</a>
<span class="sourceLineNo">809</span><a id="line.809"> userName = redbackRequestInformation.getUser().getUsername();</a>
<span class="sourceLineNo">810</span><a id="line.810"> }</a>
<span class="sourceLineNo">811</span><a id="line.811"> else</a>
<span class="sourceLineNo">812</span><a id="line.812"> {</a>
<span class="sourceLineNo">813</span><a id="line.813"> log.warn( "RedbackRequestInformation from ThreadLocal is null" );</a>
<span class="sourceLineNo">814</span><a id="line.814"> }</a>
<span class="sourceLineNo">815</span><a id="line.815"></a>
<span class="sourceLineNo">816</span><a id="line.816"> return getUserOperations( userName );</a>
<span class="sourceLineNo">817</span><a id="line.817"> }</a>
<span class="sourceLineNo">818</span><a id="line.818"></a>
<span class="sourceLineNo">819</span><a id="line.819"> @Override</a>
<span class="sourceLineNo">820</span><a id="line.820"> public Collection&lt;Operation&gt; getUserOperations( String userName )</a>
<span class="sourceLineNo">821</span><a id="line.821"> throws RedbackServiceException</a>
<span class="sourceLineNo">822</span><a id="line.822"> {</a>
<span class="sourceLineNo">823</span><a id="line.823"> Collection&lt;Permission&gt; permissions = getUserPermissions( userName );</a>
<span class="sourceLineNo">824</span><a id="line.824"> List&lt;Operation&gt; operations = new ArrayList&lt;&gt;( permissions.size( ) );</a>
<span class="sourceLineNo">825</span><a id="line.825"> for ( Permission permission : permissions )</a>
<span class="sourceLineNo">826</span><a id="line.826"> {</a>
<span class="sourceLineNo">827</span><a id="line.827"> if ( permission.getOperation() != null )</a>
<span class="sourceLineNo">828</span><a id="line.828"> {</a>
<span class="sourceLineNo">829</span><a id="line.829"> Operation operation = new Operation();</a>
<span class="sourceLineNo">830</span><a id="line.830"> operation.setName( permission.getOperation().getName() );</a>
<span class="sourceLineNo">831</span><a id="line.831"> operations.add( operation );</a>
<span class="sourceLineNo">832</span><a id="line.832"> }</a>
<span class="sourceLineNo">833</span><a id="line.833"> }</a>
<span class="sourceLineNo">834</span><a id="line.834"> return operations;</a>
<span class="sourceLineNo">835</span><a id="line.835"> }</a>
<span class="sourceLineNo">836</span><a id="line.836"></a>
<span class="sourceLineNo">837</span><a id="line.837"> @Override</a>
<span class="sourceLineNo">838</span><a id="line.838"> public Collection&lt;Permission&gt; getUserPermissions( String userName )</a>
<span class="sourceLineNo">839</span><a id="line.839"> throws RedbackServiceException</a>
<span class="sourceLineNo">840</span><a id="line.840"> {</a>
<span class="sourceLineNo">841</span><a id="line.841"> try</a>
<span class="sourceLineNo">842</span><a id="line.842"> {</a>
<span class="sourceLineNo">843</span><a id="line.843"> Set&lt;? extends org.apache.archiva.redback.rbac.Permission&gt; permissions =</a>
<span class="sourceLineNo">844</span><a id="line.844"> rbacManager.getAssignedPermissions( userName );</a>
<span class="sourceLineNo">845</span><a id="line.845"> // FIXME return guest permissions !!</a>
<span class="sourceLineNo">846</span><a id="line.846"> List&lt;Permission&gt; userPermissions = new ArrayList&lt;&gt;( permissions.size( ) );</a>
<span class="sourceLineNo">847</span><a id="line.847"> for ( org.apache.archiva.redback.rbac.Permission p : permissions )</a>
<span class="sourceLineNo">848</span><a id="line.848"> {</a>
<span class="sourceLineNo">849</span><a id="line.849"> Permission permission = new Permission();</a>
<span class="sourceLineNo">850</span><a id="line.850"> permission.setName( p.getName() );</a>
<span class="sourceLineNo">851</span><a id="line.851"></a>
<span class="sourceLineNo">852</span><a id="line.852"> if ( p.getOperation() != null )</a>
<span class="sourceLineNo">853</span><a id="line.853"> {</a>
<span class="sourceLineNo">854</span><a id="line.854"> Operation operation = new Operation();</a>
<span class="sourceLineNo">855</span><a id="line.855"> operation.setName( p.getOperation().getName() );</a>
<span class="sourceLineNo">856</span><a id="line.856"> permission.setOperation( operation );</a>
<span class="sourceLineNo">857</span><a id="line.857"> }</a>
<span class="sourceLineNo">858</span><a id="line.858"></a>
<span class="sourceLineNo">859</span><a id="line.859"> if ( p.getResource() != null )</a>
<span class="sourceLineNo">860</span><a id="line.860"> {</a>
<span class="sourceLineNo">861</span><a id="line.861"> Resource resource = new Resource();</a>
<span class="sourceLineNo">862</span><a id="line.862"> resource.setIdentifier( p.getResource().getIdentifier() );</a>
<span class="sourceLineNo">863</span><a id="line.863"> resource.setPattern( p.getResource().isPattern() );</a>
<span class="sourceLineNo">864</span><a id="line.864"> permission.setResource( resource );</a>
<span class="sourceLineNo">865</span><a id="line.865"> }</a>
<span class="sourceLineNo">866</span><a id="line.866"></a>
<span class="sourceLineNo">867</span><a id="line.867"> userPermissions.add( permission );</a>
<span class="sourceLineNo">868</span><a id="line.868"> }</a>
<span class="sourceLineNo">869</span><a id="line.869"> return userPermissions;</a>
<span class="sourceLineNo">870</span><a id="line.870"> }</a>
<span class="sourceLineNo">871</span><a id="line.871"> catch ( RbacManagerException e )</a>
<span class="sourceLineNo">872</span><a id="line.872"> {</a>
<span class="sourceLineNo">873</span><a id="line.873"> log.error( e.getMessage(), e );</a>
<span class="sourceLineNo">874</span><a id="line.874"> throw new RedbackServiceException( e.getMessage() );</a>
<span class="sourceLineNo">875</span><a id="line.875"> }</a>
<span class="sourceLineNo">876</span><a id="line.876"> }</a>
<span class="sourceLineNo">877</span><a id="line.877"></a>
<span class="sourceLineNo">878</span><a id="line.878"> public void validateCredentialsLoose( User user )</a>
<span class="sourceLineNo">879</span><a id="line.879"> throws RedbackServiceException</a>
<span class="sourceLineNo">880</span><a id="line.880"> {</a>
<span class="sourceLineNo">881</span><a id="line.881"> RedbackServiceException redbackServiceException =</a>
<span class="sourceLineNo">882</span><a id="line.882"> new RedbackServiceException( "issues during validating user" );</a>
<span class="sourceLineNo">883</span><a id="line.883"> if ( StringUtils.isEmpty( user.getUsername() ) )</a>
<span class="sourceLineNo">884</span><a id="line.884"> {</a>
<span class="sourceLineNo">885</span><a id="line.885"> redbackServiceException.addErrorMessage( new ErrorMessage( "username.required", null ) );</a>
<span class="sourceLineNo">886</span><a id="line.886"> }</a>
<span class="sourceLineNo">887</span><a id="line.887"> else</a>
<span class="sourceLineNo">888</span><a id="line.888"> {</a>
<span class="sourceLineNo">889</span><a id="line.889"> if ( !user.getUsername().matches( VALID_USERNAME_CHARS ) )</a>
<span class="sourceLineNo">890</span><a id="line.890"> {</a>
<span class="sourceLineNo">891</span><a id="line.891"> redbackServiceException.addErrorMessage( new ErrorMessage( "username.invalid.characters", null ) );</a>
<span class="sourceLineNo">892</span><a id="line.892"> }</a>
<span class="sourceLineNo">893</span><a id="line.893"> }</a>
<span class="sourceLineNo">894</span><a id="line.894"></a>
<span class="sourceLineNo">895</span><a id="line.895"> if ( StringUtils.isEmpty( user.getFullName() ) )</a>
<span class="sourceLineNo">896</span><a id="line.896"> {</a>
<span class="sourceLineNo">897</span><a id="line.897"> redbackServiceException.addErrorMessage( new ErrorMessage( "fullName.required", null ) );</a>
<span class="sourceLineNo">898</span><a id="line.898"> }</a>
<span class="sourceLineNo">899</span><a id="line.899"></a>
<span class="sourceLineNo">900</span><a id="line.900"> if ( StringUtils.isEmpty( user.getEmail() ) )</a>
<span class="sourceLineNo">901</span><a id="line.901"> {</a>
<span class="sourceLineNo">902</span><a id="line.902"> redbackServiceException.addErrorMessage( new ErrorMessage( "email.required", null ) );</a>
<span class="sourceLineNo">903</span><a id="line.903"> }</a>
<span class="sourceLineNo">904</span><a id="line.904"></a>
<span class="sourceLineNo">905</span><a id="line.905"> if ( !StringUtils.equals( user.getPassword(), user.getConfirmPassword() ) )</a>
<span class="sourceLineNo">906</span><a id="line.906"> {</a>
<span class="sourceLineNo">907</span><a id="line.907"> redbackServiceException.addErrorMessage( new ErrorMessage( "passwords.do.not.match", null ) );</a>
<span class="sourceLineNo">908</span><a id="line.908"> }</a>
<span class="sourceLineNo">909</span><a id="line.909"></a>
<span class="sourceLineNo">910</span><a id="line.910"> try</a>
<span class="sourceLineNo">911</span><a id="line.911"> {</a>
<span class="sourceLineNo">912</span><a id="line.912"> if ( !StringUtils.isEmpty( user.getEmail() ) )</a>
<span class="sourceLineNo">913</span><a id="line.913"> {</a>
<span class="sourceLineNo">914</span><a id="line.914"> new InternetAddress( user.getEmail(), true );</a>
<span class="sourceLineNo">915</span><a id="line.915"> }</a>
<span class="sourceLineNo">916</span><a id="line.916"> }</a>
<span class="sourceLineNo">917</span><a id="line.917"> catch ( AddressException e )</a>
<span class="sourceLineNo">918</span><a id="line.918"> {</a>
<span class="sourceLineNo">919</span><a id="line.919"> redbackServiceException.addErrorMessage( new ErrorMessage( "email.invalid", null ) );</a>
<span class="sourceLineNo">920</span><a id="line.920"> }</a>
<span class="sourceLineNo">921</span><a id="line.921"> if ( !redbackServiceException.getErrorMessages().isEmpty() )</a>
<span class="sourceLineNo">922</span><a id="line.922"> {</a>
<span class="sourceLineNo">923</span><a id="line.923"> throw redbackServiceException;</a>
<span class="sourceLineNo">924</span><a id="line.924"> }</a>
<span class="sourceLineNo">925</span><a id="line.925"> }</a>
<span class="sourceLineNo">926</span><a id="line.926"></a>
<span class="sourceLineNo">927</span><a id="line.927"> public void validateCredentialsStrict( User user )</a>
<span class="sourceLineNo">928</span><a id="line.928"> throws RedbackServiceException</a>
<span class="sourceLineNo">929</span><a id="line.929"> {</a>
<span class="sourceLineNo">930</span><a id="line.930"> validateCredentialsLoose( user );</a>
<span class="sourceLineNo">931</span><a id="line.931"> try</a>
<span class="sourceLineNo">932</span><a id="line.932"> {</a>
<span class="sourceLineNo">933</span><a id="line.933"> org.apache.archiva.redback.users.User tmpuser =</a>
<span class="sourceLineNo">934</span><a id="line.934"> userManager.createUser( user.getUsername(), user.getFullName(), user.getEmail() );</a>
<span class="sourceLineNo">935</span><a id="line.935"></a>
<span class="sourceLineNo">936</span><a id="line.936"> user.setPassword( user.getPassword() );</a>
<span class="sourceLineNo">937</span><a id="line.937"></a>
<span class="sourceLineNo">938</span><a id="line.938"> securitySystem.getPolicy().validatePassword( tmpuser );</a>
<span class="sourceLineNo">939</span><a id="line.939"></a>
<span class="sourceLineNo">940</span><a id="line.940"> if ( ( StringUtils.isEmpty( user.getPassword() ) ) )</a>
<span class="sourceLineNo">941</span><a id="line.941"> {</a>
<span class="sourceLineNo">942</span><a id="line.942"> throw new RedbackServiceException( new ErrorMessage( "password.required", null ) );</a>
<span class="sourceLineNo">943</span><a id="line.943"> }</a>
<span class="sourceLineNo">944</span><a id="line.944"> }</a>
<span class="sourceLineNo">945</span><a id="line.945"> catch ( UserManagerException e )</a>
<span class="sourceLineNo">946</span><a id="line.946"> {</a>
<span class="sourceLineNo">947</span><a id="line.947"> throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );</a>
<span class="sourceLineNo">948</span><a id="line.948"> }</a>
<span class="sourceLineNo">949</span><a id="line.949"> }</a>
<span class="sourceLineNo">950</span><a id="line.950"></a>
<span class="sourceLineNo">951</span><a id="line.951"> private String getBaseUrl()</a>
<span class="sourceLineNo">952</span><a id="line.952"> {</a>
<span class="sourceLineNo">953</span><a id="line.953"> if ( httpServletRequest != null )</a>
<span class="sourceLineNo">954</span><a id="line.954"> {</a>
<span class="sourceLineNo">955</span><a id="line.955"> if ( httpServletRequest != null )</a>
<span class="sourceLineNo">956</span><a id="line.956"> {</a>
<span class="sourceLineNo">957</span><a id="line.957"> return httpServletRequest.getScheme() + "://" + httpServletRequest.getServerName() + (</a>
<span class="sourceLineNo">958</span><a id="line.958"> httpServletRequest.getServerPort() == 80</a>
<span class="sourceLineNo">959</span><a id="line.959"> ? ""</a>
<span class="sourceLineNo">960</span><a id="line.960"> : ":" + httpServletRequest.getServerPort() ) + httpServletRequest.getContextPath();</a>
<span class="sourceLineNo">961</span><a id="line.961"> }</a>
<span class="sourceLineNo">962</span><a id="line.962"> }</a>
<span class="sourceLineNo">963</span><a id="line.963"> return null;</a>
<span class="sourceLineNo">964</span><a id="line.964"> }</a>
<span class="sourceLineNo">965</span><a id="line.965"></a>
<span class="sourceLineNo">966</span><a id="line.966"> @Override</a>
<span class="sourceLineNo">967</span><a id="line.967"> public Boolean unlockUser( String username )</a>
<span class="sourceLineNo">968</span><a id="line.968"> throws RedbackServiceException</a>
<span class="sourceLineNo">969</span><a id="line.969"> {</a>
<span class="sourceLineNo">970</span><a id="line.970"> User user = getUser( username );</a>
<span class="sourceLineNo">971</span><a id="line.971"> if ( user != null )</a>
<span class="sourceLineNo">972</span><a id="line.972"> {</a>
<span class="sourceLineNo">973</span><a id="line.973"> user.setLocked( false );</a>
<span class="sourceLineNo">974</span><a id="line.974"> updateUser( user );</a>
<span class="sourceLineNo">975</span><a id="line.975"> return Boolean.TRUE;</a>
<span class="sourceLineNo">976</span><a id="line.976"> }</a>
<span class="sourceLineNo">977</span><a id="line.977"> return Boolean.FALSE;</a>
<span class="sourceLineNo">978</span><a id="line.978"> }</a>
<span class="sourceLineNo">979</span><a id="line.979"></a>
<span class="sourceLineNo">980</span><a id="line.980"> @Override</a>
<span class="sourceLineNo">981</span><a id="line.981"> public Boolean lockUser( String username )</a>
<span class="sourceLineNo">982</span><a id="line.982"> throws RedbackServiceException</a>
<span class="sourceLineNo">983</span><a id="line.983"> {</a>
<span class="sourceLineNo">984</span><a id="line.984"> User user = getUser( username );</a>
<span class="sourceLineNo">985</span><a id="line.985"> if ( user != null )</a>
<span class="sourceLineNo">986</span><a id="line.986"> {</a>
<span class="sourceLineNo">987</span><a id="line.987"> user.setLocked( true );</a>
<span class="sourceLineNo">988</span><a id="line.988"> updateUser( user );</a>
<span class="sourceLineNo">989</span><a id="line.989"> return Boolean.TRUE;</a>
<span class="sourceLineNo">990</span><a id="line.990"> }</a>
<span class="sourceLineNo">991</span><a id="line.991"> return Boolean.FALSE;</a>
<span class="sourceLineNo">992</span><a id="line.992"> }</a>
<span class="sourceLineNo">993</span><a id="line.993"></a>
<span class="sourceLineNo">994</span><a id="line.994"> @Override</a>
<span class="sourceLineNo">995</span><a id="line.995"> public Boolean passwordChangeRequired( String username )</a>
<span class="sourceLineNo">996</span><a id="line.996"> throws RedbackServiceException</a>
<span class="sourceLineNo">997</span><a id="line.997"> {</a>
<span class="sourceLineNo">998</span><a id="line.998"> User user = getUser( username );</a>
<span class="sourceLineNo">999</span><a id="line.999"> if ( user == null )</a>
<span class="sourceLineNo">1000</span><a id="line.1000"> {</a>
<span class="sourceLineNo">1001</span><a id="line.1001"> user.setPasswordChangeRequired( true );</a>
<span class="sourceLineNo">1002</span><a id="line.1002"> updateUser( user );</a>
<span class="sourceLineNo">1003</span><a id="line.1003"> return Boolean.TRUE;</a>
<span class="sourceLineNo">1004</span><a id="line.1004"> }</a>
<span class="sourceLineNo">1005</span><a id="line.1005"> return Boolean.FALSE;</a>
<span class="sourceLineNo">1006</span><a id="line.1006"> }</a>
<span class="sourceLineNo">1007</span><a id="line.1007"></a>
<span class="sourceLineNo">1008</span><a id="line.1008"> @Override</a>
<span class="sourceLineNo">1009</span><a id="line.1009"> public Boolean passwordChangeNotRequired( String username )</a>
<span class="sourceLineNo">1010</span><a id="line.1010"> throws RedbackServiceException</a>
<span class="sourceLineNo">1011</span><a id="line.1011"> {</a>
<span class="sourceLineNo">1012</span><a id="line.1012"> User user = getUser( username );</a>
<span class="sourceLineNo">1013</span><a id="line.1013"> if ( user == null )</a>
<span class="sourceLineNo">1014</span><a id="line.1014"> {</a>
<span class="sourceLineNo">1015</span><a id="line.1015"> user.setPasswordChangeRequired( false );</a>
<span class="sourceLineNo">1016</span><a id="line.1016"> updateUser( user );</a>
<span class="sourceLineNo">1017</span><a id="line.1017"> return Boolean.TRUE;</a>
<span class="sourceLineNo">1018</span><a id="line.1018"> }</a>
<span class="sourceLineNo">1019</span><a id="line.1019"> return Boolean.FALSE;</a>
<span class="sourceLineNo">1020</span><a id="line.1020"> }</a>
<span class="sourceLineNo">1021</span><a id="line.1021">}</a>
</pre>
</div>
</main>
</body>
</html>