@Override public Response read() { Pair<String, UserTO> self = logic.selfRead(); return Response.ok(). header(RESTHeaders.RESOURCE_KEY, self.getRight().getKey()). header(RESTHeaders.OWNED_ENTITLEMENTS, self.getLeft()). entity(self.getRight()). build(); }
@Override protected Details<UserTO> addOptionalDetailsPanel(final AnyWrapper<UserTO> modelObject) { return new UserDetails( UserWrapper.class.cast(modelObject), mode == AjaxWizard.Mode.TEMPLATE, modelObject.getInnerObject().getKey() != null, UserFormLayoutInfo.class.cast(formLayoutInfo).isPasswordManagement(), pageRef); }
@Override public void onClick(final AjaxRequestTarget target, final UserTO ignore) { try { restClient.delete(model.getObject().getETagValue(), model.getObject().getKey()); SyncopeConsoleSession.get().info(getString(Constants.OPERATION_SUCCEEDED)); target.add(container); } catch (Exception e) { LOG.error("While deleting object {}", model.getObject().getKey(), e); SyncopeConsoleSession.get().error( StringUtils.isBlank(e.getMessage()) ? e.getClass().getName() : e.getMessage()); } ((BasePage) pageRef.getPage()).getNotificationPanel().refresh(target); }
protected ProvisioningResult<UserTO> doDelete( final UserTO userTO, final boolean self, final boolean nullPriorityAsync) { Pair<UserTO, List<LogicActions>> before = beforeDelete(userTO); if (!self) { Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_DELETE), before.getLeft().getRealm()); securityChecks(effectiveRealms, before.getLeft().getRealm(), before.getLeft().getKey()); } List<Group> ownedGroups = groupDAO.findOwnedByUser(before.getLeft().getKey()); if (!ownedGroups.isEmpty()) { SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.GroupOwnership); sce.getElements().addAll(ownedGroups.stream(). map(group -> group.getKey() + " " + group.getName()).collect(Collectors.toList())); throw sce; } List<PropagationStatus> statuses = provisioningManager.delete(before.getLeft().getKey(), nullPriorityAsync); UserTO deletedTO; if (userDAO.find(before.getLeft().getKey()) == null) { deletedTO = new UserTO(); deletedTO.setKey(before.getLeft().getKey()); } else { deletedTO = binder.getUserTO(before.getLeft().getKey()); } return afterDelete(binder.returnUserTO(deletedTO), statuses, before.getRight()); }
@Override public void onClick(final AjaxRequestTarget target, final UserTO ignore) { try { UserRestClient.class.cast(restClient).mustChangePassword( model.getObject().getETagValue(), !model.getObject().isMustChangePassword(), model.getObject().getKey()); SyncopeConsoleSession.get().info(getString(Constants.OPERATION_SUCCEEDED)); target.add(container); } catch (Exception e) { LOG.error("While actioning object {}", model.getObject().getKey(), e); SyncopeConsoleSession.get().error( StringUtils.isBlank(e.getMessage()) ? e.getClass().getName() : e.getMessage()); } ((BasePage) pageRef.getPage()).getNotificationPanel().refresh(target); } }, ActionType.MUSTCHANGEPASSWORD, StandardEntitlement.USER_UPDATE).
@PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')") public ProvisioningResult<UserTO> status(final StatusPatch statusPatch, final boolean nullPriorityAsync) { // security checks UserTO toUpdate = binder.getUserTO(statusPatch.getKey()); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE), toUpdate.getRealm()); securityChecks(effectiveRealms, toUpdate.getRealm(), toUpdate.getKey()); // ensures the actual user key is effectively on the patch - as the binder.getUserTO(statusPatch.getKey()) // call above works with username as well statusPatch.setKey(toUpdate.getKey()); Pair<String, List<PropagationStatus>> updated = setStatusOnWfAdapter(statusPatch, nullPriorityAsync); return afterUpdate( binder.returnUserTO(binder.getUserTO(updated.getKey())), updated.getRight(), Collections.<LogicActions>emptyList(), false, Collections.<String>emptySet()); }
@Override public void onClick(final AjaxRequestTarget target, final UserTO ignore) { try { SyncopeConsoleSession.get().getAnonymousClient().getService(UserSelfService.class). requestPasswordReset(model.getObject().getUsername(), null); SyncopeConsoleSession.get().info(getString(Constants.OPERATION_SUCCEEDED)); target.add(container); } catch (Exception e) { LOG.error("While actioning object {}", model.getObject().getKey(), e); SyncopeConsoleSession.get().error( StringUtils.isBlank(e.getMessage()) ? e.getClass().getName() : e.getMessage()); } ((BasePage) pageRef.getPage()).getNotificationPanel().refresh(target); } }, ActionType.REQUEST_PASSWORD_RESET, StandardEntitlement.USER_UPDATE).
key = (String) args[i]; } else if (args[i] instanceof UserTO) { key = ((UserTO) args[i]).getKey(); } else if (args[i] instanceof UserPatch) { key = ((UserPatch) args[i]).getKey();
@Override public void onClick(final AjaxRequestTarget target, final UserTO ignore) { target.add(utilityModal.setContent(new AnyPropagationTasks( utilityModal, AnyTypeKind.USER, model.getObject().getKey(), pageRef))); utilityModal.header(new StringResourceModel("any.propagation.tasks", model)); utilityModal.show(true); } }, ActionType.PROPAGATION_TASKS, StandardEntitlement.TASK_LIST);
@Override public String getObject() { if (groupWrapper.getInnerObject().getUserOwner() == null) { return StringUtils.EMPTY; } else { UserTO userTO = userRestClient.read(groupWrapper.getInnerObject().getUserOwner()); if (userTO == null) { return StringUtils.EMPTY; } else { return String.format("[%s] %s", userTO.getKey(), userTO.getUsername()); } } }
@PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')") @Override public ProvisioningResult<UserTO> unassign( final String key, final Collection<String> resources, final boolean nullPriorityAsync) { // security checks UserTO user = binder.getUserTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE), user.getRealm()); securityChecks(effectiveRealms, user.getRealm(), user.getKey()); UserPatch patch = new UserPatch(); patch.setKey(key); patch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.DELETE).value(resource).build()). collect(Collectors.toList())); return update(patch, nullPriorityAsync); }
@PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')") @Override public UserTO link(final String key, final Collection<String> resources) { // security checks UserTO user = binder.getUserTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE), user.getRealm()); securityChecks(effectiveRealms, user.getRealm(), user.getKey()); UserPatch patch = new UserPatch(); patch.setKey(key); patch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(resource).build()). collect(Collectors.toList())); return binder.returnUserTO(binder.getUserTO(provisioningManager.link(patch))); }
@PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')") @Override public UserTO unlink(final String key, final Collection<String> resources) { // security checks UserTO user = binder.getUserTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE), user.getRealm()); securityChecks(effectiveRealms, user.getRealm(), user.getKey()); UserPatch patch = new UserPatch(); patch.setKey(key); patch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.DELETE).value(resource).build()). collect(Collectors.toList())); return binder.returnUserTO(binder.getUserTO(provisioningManager.unlink(patch))); }
@Override public Response update(final UserTO userTO) { userTO.setKey(getActualKey(getAnyDAO(), userTO.getKey())); UserTO before = logic.read(userTO.getKey()); checkETag(before.getETagValue()); ProvisioningResult<UserTO> updated = logic.update(AnyOperations.diff(userTO, before, false), isNullPriorityAsync()); return modificationResponse(updated); }
@Override public void onClick(final AjaxRequestTarget target, final UserTO ignore) { target.add(utilityModal.setContent( new NotificationTasks(AnyTypeKind.USER, model.getObject().getKey(), pageRef))); utilityModal.header(new StringResourceModel("any.notification.tasks", model)); utilityModal.show(true); target.add(utilityModal); } }, ActionType.NOTIFICATION_TASKS, StandardEntitlement.TASK_LIST);
@Override public void onClick(final AjaxRequestTarget target, final UserTO ignore) { send(UserDirectoryPanel.this, Broadcast.EXACT, new AjaxWizard.EditItemActionEvent<>( new UserWrapper(new UserRestClient().read(model.getObject().getKey())), target)); } }, ActionType.EDIT,
@PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')") @Override public ProvisioningResult<UserTO> deprovision( final String key, final Collection<String> resources, final boolean nullPriorityAsync) { // security checks UserTO user = binder.getUserTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE), user.getRealm()); securityChecks(effectiveRealms, user.getRealm(), user.getKey()); List<PropagationStatus> statuses = provisioningManager.deprovision(key, resources, nullPriorityAsync); ProvisioningResult<UserTO> result = new ProvisioningResult<>(); result.setEntity(binder.returnUserTO(binder.getUserTO(key))); result.getPropagationStatuses().addAll(statuses); return result; }
@PreAuthorize("isAuthenticated() " + "and not(hasRole('" + StandardEntitlement.ANONYMOUS + "')) " + "and not(hasRole('" + StandardEntitlement.MUST_CHANGE_PASSWORD + "'))") public ProvisioningResult<UserTO> selfUpdate(final UserPatch userPatch, final boolean nullPriorityAsync) { UserTO userTO = binder.getAuthenticatedUserTO(); userPatch.setKey(userTO.getKey()); ProvisioningResult<UserTO> updated = doUpdate(userPatch, true, nullPriorityAsync); // Ensures that, if the self update above moves the user into a status from which no authentication // is possible, the existing Access Token is clean up to avoid issues with future authentications if (!confDAO.getValuesAsStrings("authentication.statuses").contains(updated.getEntity().getStatus())) { String accessToken = accessTokenDAO.findByOwner(updated.getEntity().getUsername()).getKey(); if (accessToken != null) { accessTokenDAO.delete(accessToken); } } return updated; }
@PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')") @Override public ProvisioningResult<UserTO> provision( final String key, final Collection<String> resources, final boolean changePwd, final String password, final boolean nullPriorityAsync) { // security checks UserTO user = binder.getUserTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE), user.getRealm()); securityChecks(effectiveRealms, user.getRealm(), user.getKey()); List<PropagationStatus> statuses = provisioningManager.provision(key, changePwd, password, resources, nullPriorityAsync); ProvisioningResult<UserTO> result = new ProvisioningResult<>(); result.setEntity(binder.returnUserTO(binder.getUserTO(key))); result.getPropagationStatuses().addAll(statuses); return result; }
@PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')") @Override public ProvisioningResult<UserTO> assign( final String key, final Collection<String> resources, final boolean changepwd, final String password, final boolean nullPriorityAsync) { // security checks UserTO user = binder.getUserTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE), user.getRealm()); securityChecks(effectiveRealms, user.getRealm(), user.getKey()); UserPatch patch = new UserPatch(); patch.setKey(key); patch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(resource).build()). collect(Collectors.toList())); if (changepwd) { patch.setPassword(new PasswordPatch.Builder(). value(password).onSyncope(false).resources(resources).build()); } return update(patch, nullPriorityAsync); }