@Override public int getItemCount() throws Exception { return (int) DB.exec(db -> { UserManager mgr = new UserManager(db); return mgr.getItemCount(); }); }
/** * @param nick name. * @param pass hash * @return the user * @throws BLException if invalid user/pass * @throws HibernateException on low level hibernate related exception */ public User getUserByNick (String nick, String pass) throws Exception { User u = getUserByNick(nick); assertNotNull (u, "User does not exist"); assertTrue(checkPassword(u, pass), "Invalid password"); return u; }
public boolean upgradePassword (User u, String clearpass) throws Exception { assertNotNull(clearpass, "Invalid pass"); String passwordHash = u.getPasswordHash(); assertNotNull(passwordHash, "Password is null"); HashVersion v = HashVersion.getVersion(passwordHash); if (v == HashVersion.ZERO && checkV0Password(passwordHash, u.getId(), clearpass)) { setPassword(u, clearpass, null, HashVersion.ONE); return true; } return false; }
public User getUserByNick (String nick, boolean includeDeleted) throws HibernateException { return getItemByParam("nick",nick,!includeDeleted); }
public void checkUser() throws Exception { db.beginTransaction(); UserManager mgr = new UserManager(db, HashVersion.ZERO); User u = mgr.getUserByNick("admin"); assertNotNull("User can't be null", u); assertTrue("User has 'login' permission", u.hasPermission("login")); assertFalse("User don't have 'superuser' permission", u.hasPermission("superuser")); assertTrue("User password is 'test'", mgr.checkPassword(u, "test")); assertEquals("User hash is correct", "ee89026a6c5603c51b4504d218ac60f6874b7750", u.getPasswordHash()); assertFalse("Password has to be in history", mgr.checkNewPassword(u, "test")); mgr.upgradePassword(u, "test"); assertNotEquals("User hash has changed", "ee89026a6c5603c51b4504d218ac60f6874b7750", u.getPasswordHash()); assertTrue("User password is still 'test'", mgr.checkPassword(u, "test")); assertNotEquals("User hash has changed", "ee89026a6c5603c51b4504d218ac60f6874b7750", u.getPasswordHash()); assertFalse("Password has to be in history", mgr.checkNewPassword(u, "test")); mgr.setPassword(u, "test1"); mgr.setPassword(u, "test2"); mgr.setPassword(u, "test3"); assertFalse("Password 1 has to be in history", mgr.checkNewPassword(u, "test1")); assertFalse("Password 2 has to be in history", mgr.checkNewPassword(u, "test2")); assertFalse("Password 3 has to be in history", mgr.checkNewPassword(u, "test3")); assertTrue("User password is now 'test3'", mgr.checkPassword(u, "test3")); mgr.setPassword(u, "test"); assertTrue("User password is back to 'test'", mgr.checkPassword(u, "test")); assertEquals ("History size is ", 5, u.getPasswordhistory().size()); db.commit();
try { userUpdated = (boolean) DB.execWithTransaction((db) -> { UserManager mgr = new UserManager(db); User oldUser = (User) ((User)getOriginalEntity()).clone(); if (binder.writeBeanIfValid(getOriginalEntity())) { boolean newPasswordOK = false; passwordOK = mgr.checkPassword(user, currentPass); newPasswordOK = mgr.checkNewPassword(user, newClearPass); if (passwordOK && newPasswordOK) { mgr.setPassword(user, newClearPass); updated = true; } else if (!newPasswordOK) {
public User getUserByNick (String nick, boolean includeDeleted) { try { return (User) DB.exec((db) -> { UserManager mgr = new UserManager(db); return mgr.getUserByNick(nick,includeDeleted); }); } catch (Exception e) { getApp().getLog().error(e); return null; } }
public boolean saveUser (Binder binder, String clearPass) throws BLException { User u = (User) getOriginalEntity(); if (binder.writeBeanIfValid(getOriginalEntity())) { try { return (boolean) DB.execWithTransaction((db) -> { db.save(u); if (clearPass != null && !clearPass.isEmpty()) { UserManager mgr = new UserManager(db); try { mgr.setPassword(u, clearPass); } catch (BLException e) { return false; } addRevisionCreated(db, getEntityName(), u.getId().toString()); u.setForcePasswordChange(true); db.session().update(u); return true; } return false; }); } catch (Exception e) { getApp().getLog().error(e); return false; } } else { throw new BLException("Invalid user"); } }
db.open(); db.beginTransaction(); UserManager mgr = new UserManager(db); User u = mgr.getUserByNick(args[1], true); if (u != null) { cli.println ("User already exists" + (u.isDeleted() ? " (soft-deleted)" : "")); db.session().save(user); if (line.hasOption('p')) { mgr.setPassword(user, line.getOptionValue('p'));
public Validator getCurrentPasswordMatchValidator() { return (Validator<String>) (value, context) -> { try { boolean passwordOk = (boolean) DB.exec((db) -> { UserManager mgr = new UserManager(db); try { return mgr.checkPassword((User) getOriginalEntity(), (String) value); } catch (BLException e) { return false; } }); return passwordOk ? ValidationResult.ok() : ValidationResult.error(getApp().getMessage("error.invalidPassword")); } catch (Exception e) { getApp().getLog().error(e); return ValidationResult.error(e.getMessage()); } }; } public Validator getNewPasswordNotUsedValidator() {
/** * @param u the user * @param clearpass new password in clear * @return true if password is in PasswordHistory */ public boolean checkNewPassword (User u, String clearpass) throws Exception { if (checkPassword (u, clearpass)) { return false; // same password not allowed } for (PasswordHistory p : u.getPasswordhistory()) { HashVersion v = HashVersion.getVersion(p.getValue()); switch (v) { case ZERO: if (checkV0Password(p.getValue(), u.getId(), clearpass)) return false; case ONE: if (checkV1Password (p.getValue(), clearpass)) return false; } } return true; }
@Override public void showSpecificView (final String parameter) { String[] params = parameter.split("\\?user="); if (params.length > 1) { String userId = params[1]; try { this.selectedUser = (User) DB.exec(db -> { UserManager mgr = new UserManager(db); return mgr.getItemByParam("id",userId,false); }); } catch (Exception e) { getApp().getLog().error(e); } super.showSpecificView(parameter); } else if (parameter.contains("new")){ getApp().displayError("Invalid User","Must select a User"); getApp().getNavigator().navigateTo(getGeneralRoute()); } else { super.showSpecificView(parameter); } }
public Validator getNewPasswordNotUsedValidator() { return (Validator<String>) (value, context) -> { if (getOriginalEntity() != null) { try { boolean ok = (boolean) DB.exec((db) -> { db.session().refresh(getOriginalEntity()); UserManager mgr = new UserManager(db); try { return mgr.checkNewPassword((User) getOriginalEntity(), (String) value); } catch (BLException e) { return false; } }); return ok ? ValidationResult.ok() : ValidationResult.error(getApp().getMessage("error.passwordUsed")); } catch (Exception e) { getApp().getLog().error(e); } } return ValidationResult.ok(); }; }
@Override public Stream getAll(int offset, int limit, Map<String, Boolean> orders) throws Exception { List<User> all = (List<User>) DB.exec(db -> { UserManager mgr = new UserManager(db); return mgr.getAll(offset,limit,orders); }); return all.stream(); }
public boolean checkPassword (User u, String clearpass) throws Exception { assertNotNull(clearpass, "Invalid pass"); String passwordHash = u.getPasswordHash(); assertNotNull(passwordHash, "Password is null"); HashVersion v = HashVersion.getVersion(passwordHash); assertTrue(v != HashVersion.UNKNOWN, "Unknown password"); switch (v) { case ZERO: return checkV0Password(passwordHash, u.getId(), clearpass); case ONE: return checkV1Password(passwordHash, clearpass); } return false; }
public void setPassword (User u, String clearpass, User author) throws Exception { setPassword(u, clearpass, author, version); }
public User getUserById(long id, boolean includeDeleted) throws HibernateException { return getItemByParam("id",id,!includeDeleted); }
private void setV0Password (User u, String clearpass) throws Exception { assertNotNull(clearpass, "Invalid password"); u.setPasswordHash(HashVersion.ZERO.hash(Long.toString(u.getId()), clearpass, null)); } }
@Override public void exec(CLIContext cli, String[] args) throws Exception { if (args.length != 2) { cli.println("Usage: rmuser <user>"); return; } try (DB db = new DB()) { db.open(); db.beginTransaction(); UserManager mgr = new UserManager(db); User u = mgr.getUserByNick(args[1]); if (u != null) { u.setDeleted(true); } db.commit(); cli.println(u != null ? "User " + u.getNickAndId() + " has been deleted" : "User does not exist"); } catch (Exception e) { cli.println(e.getMessage()); } } }
public String resetUserPassword (User user) { String generatedPassword = PasswordGenerator.generateRandomPassword(); try { DB.execWithTransaction((db) -> { db.session().refresh(user); user.getPasswordhistory(); // hack to avoid LazyInitialization UserManager mgr = new UserManager(db); try { mgr.setPassword(user, generatedPassword); } catch (BLException e) { getApp().displayNotification("errorMessage.resetPassword"); return false; } user.setForcePasswordChange(true); user.setLoginAttempts(0); // reset login attempts db.session().saveOrUpdate(user); return true; }); } catch (Exception e) { getApp().getLog().error(e); return null; } return generatedPassword; }