This project has retired. For details please refer to its
Attic page.
DefaultUserService xref
1 package org.apache.archiva.redback.rest.services;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 import net.sf.ehcache.CacheManager;
23 import org.apache.archiva.redback.authentication.AuthenticationException;
24 import org.apache.archiva.redback.authentication.TokenBasedAuthenticationDataSource;
25 import org.apache.archiva.redback.components.cache.Cache;
26 import org.apache.archiva.redback.configuration.UserConfiguration;
27 import org.apache.archiva.redback.configuration.UserConfigurationKeys;
28 import org.apache.archiva.redback.integration.filter.authentication.HttpAuthenticator;
29 import org.apache.archiva.redback.integration.mail.Mailer;
30 import org.apache.archiva.redback.integration.security.role.RedbackRoleConstants;
31 import org.apache.archiva.redback.keys.AuthenticationKey;
32 import org.apache.archiva.redback.keys.KeyManager;
33 import org.apache.archiva.redback.keys.KeyManagerException;
34 import org.apache.archiva.redback.keys.KeyNotFoundException;
35 import org.apache.archiva.redback.policy.AccountLockedException;
36 import org.apache.archiva.redback.policy.MustChangePasswordException;
37 import org.apache.archiva.redback.policy.PasswordEncoder;
38 import org.apache.archiva.redback.policy.UserSecurityPolicy;
39 import org.apache.archiva.redback.rbac.RBACManager;
40 import org.apache.archiva.redback.rbac.RbacManagerException;
41 import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
42 import org.apache.archiva.redback.rbac.UserAssignment;
43 import org.apache.archiva.redback.rest.api.model.ErrorMessage;
44 import org.apache.archiva.redback.rest.api.model.Operation;
45 import org.apache.archiva.redback.rest.api.model.Permission;
46 import org.apache.archiva.redback.rest.api.model.RegistrationKey;
47 import org.apache.archiva.redback.rest.api.model.ResetPasswordRequest;
48 import org.apache.archiva.redback.rest.api.model.Resource;
49 import org.apache.archiva.redback.rest.api.model.User;
50 import org.apache.archiva.redback.rest.api.model.UserRegistrationRequest;
51 import org.apache.archiva.redback.rest.api.services.RedbackServiceException;
52 import org.apache.archiva.redback.rest.api.services.UserService;
53 import org.apache.archiva.redback.rest.services.utils.PasswordValidator;
54 import org.apache.archiva.redback.role.RoleManager;
55 import org.apache.archiva.redback.role.RoleManagerException;
56 import org.apache.archiva.redback.system.SecuritySystem;
57 import org.apache.archiva.redback.users.UserManager;
58 import org.apache.archiva.redback.users.UserManagerException;
59 import org.apache.archiva.redback.users.UserNotFoundException;
60 import org.apache.commons.lang.StringUtils;
61 import org.slf4j.Logger;
62 import org.slf4j.LoggerFactory;
63 import org.springframework.stereotype.Service;
64
65 import javax.inject.Inject;
66 import javax.inject.Named;
67 import javax.mail.internet.AddressException;
68 import javax.mail.internet.InternetAddress;
69 import javax.servlet.http.HttpServletRequest;
70 import javax.ws.rs.core.Context;
71 import javax.ws.rs.core.Response;
72 import java.util.ArrayList;
73 import java.util.Arrays;
74 import java.util.Collection;
75 import java.util.List;
76 import java.util.Set;
77
78 @Service("userService#rest")
79 public class DefaultUserService
80 implements UserService
81 {
82
83 private Logger log = LoggerFactory.getLogger( getClass() );
84
85 private static final String VALID_USERNAME_CHARS = "[a-zA-Z_0-9\\-.@]*";
86
87 private UserManager userManager;
88
89 private SecuritySystem securitySystem;
90
91 @Inject
92 @Named(value = "userConfiguration#default")
93 private UserConfiguration config;
94
95 @Inject
96 private RoleManager roleManager;
97
98
99
100
101 @Inject
102 @Named(value = "cache#userAssignments")
103 private Cache userAssignmentsCache;
104
105
106
107
108 @Inject
109 @Named(value = "cache#userPermissions")
110 private Cache userPermissionsCache;
111
112
113
114
115 @Inject
116 @Named(value = "cache#users")
117 private Cache usersCache;
118
119 @Inject
120 private Mailer mailer;
121
122 @Inject
123 @Named(value = "rbacManager#default")
124 private RBACManager rbacManager;
125
126 private HttpAuthenticator httpAuthenticator;
127
128 @Inject
129 private PasswordValidator passwordValidator;
130
131 @Context
132 private HttpServletRequest httpServletRequest;
133
134 @Inject
135 public DefaultUserService( @Named(value = "userManager#default") UserManager userManager,
136 SecuritySystem securitySystem,
137 @Named("httpAuthenticator#basic") HttpAuthenticator httpAuthenticator )
138 {
139 this.userManager = userManager;
140 this.securitySystem = securitySystem;
141 this.httpAuthenticator = httpAuthenticator;
142 }
143
144
145 public Boolean createUser( User user )
146 throws RedbackServiceException
147 {
148
149 try
150 {
151 org.apache.archiva.redback.users.User u = userManager.findUser( user.getUsername() );
152 if ( u != null )
153 {
154 throw new RedbackServiceException(
155 new ErrorMessage( "user " + user.getUsername() + " already exists" ) );
156 }
157 }
158 catch ( UserNotFoundException e )
159 {
160
161 log.debug( "user {} not exists", user.getUsername() );
162 }
163 catch ( UserManagerException e )
164 {
165 throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
166 }
167
168
169 if ( StringUtils.isEmpty( user.getUsername() ) )
170 {
171 throw new RedbackServiceException( new ErrorMessage( "username cannot be empty" ) );
172 }
173
174 if ( StringUtils.isEmpty( user.getFullName() ) )
175 {
176 throw new RedbackServiceException( new ErrorMessage( "fullName cannot be empty" ) );
177 }
178
179 if ( StringUtils.isEmpty( user.getEmail() ) )
180 {
181 throw new RedbackServiceException( new ErrorMessage( "email cannot be empty" ) );
182 }
183
184 try
185 {
186
187 org.apache.archiva.redback.users.User u =
188 userManager.createUser( user.getUsername(), user.getFullName(), user.getEmail() );
189 u.setPassword( user.getPassword() );
190 u.setLocked( user.isLocked() );
191 u.setPasswordChangeRequired( user.isPasswordChangeRequired() );
192 u.setPermanent( user.isPermanent() );
193 u.setValidated( user.isValidated() );
194 u = userManager.addUser( u );
195 if ( !user.isPasswordChangeRequired() )
196 {
197 u.setPasswordChangeRequired( false );
198 try
199 {
200 u = userManager.updateUser( u );
201 log.debug( "user {} created", u.getUsername() );
202 }
203 catch ( UserNotFoundException e )
204 {
205 throw new RedbackServiceException( e.getMessage() );
206 }
207 }
208
209 roleManager.assignRole( RedbackRoleConstants.REGISTERED_USER_ROLE_ID, u.getUsername() );
210 }
211 catch ( RoleManagerException rpe )
212 {
213 log.error( "RoleProfile Error: " + rpe.getMessage(), rpe );
214 throw new RedbackServiceException( new ErrorMessage( "assign.role.failure", null ) );
215 }
216 catch ( UserManagerException e )
217 {
218 throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
219 }
220 return Boolean.TRUE;
221 }
222
223 public Boolean deleteUser( String username )
224 throws RedbackServiceException
225 {
226
227 try
228 {
229
230 if ( rbacManager.userAssignmentExists( username ) )
231 {
232 UserAssignment assignment = rbacManager.getUserAssignment( username );
233 rbacManager.removeUserAssignment( assignment );
234 }
235
236 }
237 catch ( RbacManagerException e )
238 {
239 log.error( e.getMessage(), e );
240 throw new RedbackServiceException( e.getMessage() );
241 }
242 try
243 {
244 userManager.deleteUser( username );
245 return Boolean.TRUE;
246 }
247 catch ( UserNotFoundException e )
248 {
249 log.error( e.getMessage(), e );
250 throw new RedbackServiceException( e.getMessage() );
251 }
252 catch ( UserManagerException e )
253 {
254 throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
255 }
256 finally
257 {
258 removeFromCache( username );
259 }
260 }
261
262
263 public User getUser( String username )
264 throws RedbackServiceException
265 {
266 try
267 {
268 org.apache.archiva.redback.users.User user = userManager.findUser( username );
269 return getSimpleUser( user );
270 }
271 catch ( UserNotFoundException e )
272 {
273 return null;
274 }
275 catch ( UserManagerException e )
276 {
277 throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
278 }
279 }
280
281 public List<User> getUsers()
282 throws RedbackServiceException
283 {
284 try
285 {
286 List<org.apache.archiva.redback.users.User> users = userManager.getUsers();
287 List<User> simpleUsers = new ArrayList<User>( users.size() );
288
289 for ( org.apache.archiva.redback.users.User user : users )
290 {
291 simpleUsers.add( getSimpleUser( user ) );
292 }
293
294 return simpleUsers;
295 }
296 catch ( UserManagerException e )
297 {
298 throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
299 }
300 }
301
302 public Boolean updateMe( User user )
303 throws RedbackServiceException
304 {
305
306 RedbackRequestInformation redbackRequestInformation = RedbackAuthenticationThreadLocal.get();
307 if ( redbackRequestInformation == null || redbackRequestInformation.getUser() == null )
308 {
309 throw new RedbackServiceException( new ErrorMessage( "you must be logged to update your profile" ),
310 Response.Status.FORBIDDEN.getStatusCode() );
311 }
312 if ( user == null )
313 {
314 throw new RedbackServiceException( new ErrorMessage( "user parameter is mandatory" ),
315 Response.Status.BAD_REQUEST.getStatusCode() );
316 }
317 if ( !StringUtils.equals( redbackRequestInformation.getUser().getUsername(), user.getUsername() ) )
318 {
319 throw new RedbackServiceException( new ErrorMessage( "you can update only your profile" ),
320 Response.Status.FORBIDDEN.getStatusCode() );
321 }
322
323 if ( StringUtils.isEmpty( user.getPreviousPassword() ) )
324 {
325 throw new RedbackServiceException( new ErrorMessage( "previous password is empty" ),
326 Response.Status.BAD_REQUEST.getStatusCode() );
327 }
328
329 User realUser = getUser( user.getUsername() );
330 try
331 {
332 String previousEncodedPassword =
333 securitySystem.getUserManager().findUser( user.getUsername() ).getEncodedPassword();
334
335
336
337 PasswordEncoder encoder = securitySystem.getPolicy().getPasswordEncoder();
338
339 if ( !encoder.isPasswordValid( previousEncodedPassword, user.getPreviousPassword() ) )
340 {
341
342 throw new RedbackServiceException( new ErrorMessage( "password.provided.does.not.match.existing" ),
343 Response.Status.BAD_REQUEST.getStatusCode() );
344 }
345 }
346 catch ( UserNotFoundException e )
347 {
348 throw new RedbackServiceException( new ErrorMessage( "user not found" ),
349 Response.Status.BAD_REQUEST.getStatusCode() );
350 }
351 catch ( UserManagerException e )
352 {
353 throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
354 }
355
356 realUser.setFullName( user.getFullName() );
357 realUser.setEmail( user.getEmail() );
358
359 if ( StringUtils.isNotBlank( user.getPassword() ) )
360 {
361 passwordValidator.validatePassword( user.getPassword(), user.getUsername() );
362
363 realUser.setPassword( user.getPassword() );
364 }
365
366 updateUser( realUser );
367
368 return Boolean.TRUE;
369 }
370
371 public Boolean updateUser( User user )
372 throws RedbackServiceException
373 {
374 try
375 {
376 org.apache.archiva.redback.users.User rawUser = userManager.findUser( user.getUsername() );
377 rawUser.setFullName( user.getFullName() );
378 rawUser.setEmail( user.getEmail() );
379 rawUser.setValidated( user.isValidated() );
380 rawUser.setLocked( user.isLocked() );
381 rawUser.setPassword( user.getPassword() );
382 rawUser.setPasswordChangeRequired( user.isPasswordChangeRequired() );
383 rawUser.setPermanent( user.isPermanent() );
384
385 userManager.updateUser( rawUser );
386 return Boolean.TRUE;
387 }
388 catch ( UserNotFoundException e )
389 {
390 throw new RedbackServiceException( e.getMessage() );
391 }
392 catch ( UserManagerException e )
393 {
394 throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
395 }
396 }
397
398 public int removeFromCache( String userName )
399 throws RedbackServiceException
400 {
401 if ( userAssignmentsCache != null )
402 {
403 userAssignmentsCache.remove( userName );
404 }
405 if ( userPermissionsCache != null )
406 {
407 userPermissionsCache.remove( userName );
408 }
409 if ( usersCache != null )
410 {
411 usersCache.remove( userName );
412 }
413
414 CacheManager cacheManager = CacheManager.getInstance();
415 String[] caches = cacheManager.getCacheNames();
416 for ( String cacheName : caches )
417 {
418 if ( StringUtils.startsWith( cacheName, "org.apache.archiva.redback.rbac.jdo" ) )
419 {
420 cacheManager.getCache( cacheName ).removeAll();
421 }
422 }
423
424 return 0;
425 }
426
427 public User getGuestUser()
428 throws RedbackServiceException
429 {
430 try
431 {
432 org.apache.archiva.redback.users.User user = userManager.getGuestUser();
433 return getSimpleUser( user );
434 }
435 catch ( Exception e )
436 {
437 return null;
438 }
439 }
440
441 public User createGuestUser()
442 throws RedbackServiceException
443 {
444 User u = getGuestUser();
445 if ( u != null )
446 {
447 return u;
448 }
449
450 try
451 {
452 securitySystem.getPolicy().setEnabled( false );
453 org.apache.archiva.redback.users.User user = userManager.createGuestUser();
454 user.setPasswordChangeRequired( false );
455 user = userManager.updateUser( user, false );
456 roleManager.assignRole( config.getString( UserConfigurationKeys.DEFAULT_GUEST ), user.getUsername() );
457 return getSimpleUser( user );
458 }
459 catch ( RoleManagerException e )
460 {
461 log.error( e.getMessage(), e );
462 throw new RedbackServiceException( e.getMessage() );
463 }
464 catch ( UserNotFoundException e )
465 {
466
467 log.error( e.getMessage(), e );
468 throw new RedbackServiceException( e.getMessage() );
469 }
470 catch ( UserManagerException e )
471 {
472 throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
473 }
474 finally
475 {
476
477 if ( !securitySystem.getPolicy().isEnabled() )
478 {
479 securitySystem.getPolicy().setEnabled( true );
480 }
481 }
482 }
483
484 public Boolean ping()
485 throws RedbackServiceException
486 {
487 return Boolean.TRUE;
488 }
489
490 private User getSimpleUser( org.apache.archiva.redback.users.User user )
491 {
492 if ( user == null )
493 {
494 return null;
495 }
496 return new User( user );
497 }
498
499 public Boolean createAdminUser( User adminUser )
500 throws RedbackServiceException
501 {
502 if ( isAdminUserExists() )
503 {
504 return Boolean.FALSE;
505 }
506
507 try
508 {
509 org.apache.archiva.redback.users.User user =
510 userManager.createUser( RedbackRoleConstants.ADMINISTRATOR_ACCOUNT_NAME, adminUser.getFullName(),
511 adminUser.getEmail() );
512 user.setPassword( adminUser.getPassword() );
513
514 user.setLocked( false );
515 user.setPasswordChangeRequired( false );
516 user.setPermanent( true );
517 user.setValidated( true );
518
519 userManager.addUser( user );
520 roleManager.assignRole( "system-administrator", user.getUsername() );
521 }
522 catch ( RoleManagerException e )
523 {
524 throw new RedbackServiceException( e.getMessage() );
525 }
526 catch ( UserManagerException e )
527 {
528 throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
529 }
530 return Boolean.TRUE;
531 }
532
533 public Boolean isAdminUserExists()
534 throws RedbackServiceException
535 {
536 try
537 {
538 userManager.findUser( config.getString( UserConfigurationKeys.DEFAULT_ADMIN ) );
539 return Boolean.TRUE;
540 }
541 catch ( UserNotFoundException e )
542 {
543
544 }
545 catch ( UserManagerException e )
546 {
547 Throwable cause = e.getCause();
548
549 if ( cause != null && cause instanceof UserNotFoundException )
550 {
551 return Boolean.FALSE;
552 }
553 throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
554 }
555 return Boolean.FALSE;
556 }
557
558 public Boolean resetPassword( ResetPasswordRequest resetPasswordRequest )
559 throws RedbackServiceException
560 {
561 String username = resetPasswordRequest.getUsername();
562 if ( StringUtils.isEmpty( username ) )
563 {
564 throw new RedbackServiceException( new ErrorMessage( "username.cannot.be.empty" ) );
565 }
566
567 UserManager userManager = securitySystem.getUserManager();
568 KeyManager keyManager = securitySystem.getKeyManager();
569 UserSecurityPolicy policy = securitySystem.getPolicy();
570
571 try
572 {
573 org.apache.archiva.redback.users.User user = userManager.findUser( username );
574
575 AuthenticationKey authkey = keyManager.createKey( username, "Password Reset Request",
576 policy.getUserValidationSettings().getEmailValidationTimeout() );
577
578 String applicationUrl = resetPasswordRequest.getApplicationUrl();
579 if ( StringUtils.isBlank( applicationUrl ) )
580 {
581 applicationUrl = getBaseUrl();
582 }
583
584 mailer.sendPasswordResetEmail( Arrays.asList( user.getEmail() ), authkey, applicationUrl );
585 log.info( "password reset request for username {}", username );
586 }
587 catch ( UserNotFoundException e )
588 {
589 log.info( "Password Reset on non-existant user [{}].", username );
590 throw new RedbackServiceException( new ErrorMessage( "password.reset.failure" ) );
591 }
592 catch ( KeyManagerException e )
593 {
594 log.info( "Unable to issue password reset.", e );
595 throw new RedbackServiceException( new ErrorMessage( "password.reset.email.generation.failure" ) );
596 }
597 catch ( UserManagerException e )
598 {
599 throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
600 }
601
602 return Boolean.TRUE;
603 }
604
605 public RegistrationKey registerUser( UserRegistrationRequest userRegistrationRequest )
606 throws RedbackServiceException
607 {
608 User user = userRegistrationRequest.getUser();
609 if ( user == null )
610 {
611 throw new RedbackServiceException( new ErrorMessage( "invalid.user.credentials", null ) );
612
613 }
614
615 UserSecurityPolicy securityPolicy = securitySystem.getPolicy();
616
617 boolean emailValidationRequired = securityPolicy.getUserValidationSettings().isEmailValidationRequired();
618
619 if ( emailValidationRequired )
620 {
621 validateCredentialsLoose( user );
622 }
623 else
624 {
625 validateCredentialsStrict( user );
626 }
627
628 org.apache.archiva.redback.users.User u = null;
629
630 try
631 {
632
633
634
635 if ( userManager.userExists( user.getUsername() ) )
636 {
637 throw new RedbackServiceException(
638 new ErrorMessage( "user.already.exists", new String[]{ user.getUsername() } ) );
639 }
640
641 u = userManager.createUser( user.getUsername(), user.getFullName(), user.getEmail() );
642 u.setPassword( user.getPassword() );
643 u.setValidated( false );
644 u.setLocked( false );
645
646 roleManager.assignRole( RedbackRoleConstants.REGISTERED_USER_ROLE_ID, u.getUsername() );
647 }
648 catch ( RoleManagerException rpe )
649 {
650 log.error( "RoleProfile Error: " + rpe.getMessage(), rpe );
651 throw new RedbackServiceException( new ErrorMessage( "assign.role.failure", null ) );
652 }
653 catch ( UserManagerException e )
654 {
655 throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
656 }
657
658 if ( emailValidationRequired )
659 {
660 u.setLocked( true );
661
662 try
663 {
664 AuthenticationKey authkey =
665 securitySystem.getKeyManager().createKey( u.getUsername(), "New User Email Validation",
666 securityPolicy.getUserValidationSettings().getEmailValidationTimeout() );
667
668 String baseUrl = userRegistrationRequest.getApplicationUrl();
669 if ( StringUtils.isBlank( baseUrl ) )
670 {
671 baseUrl = getBaseUrl();
672 }
673
674 log.debug( "register user {} with email {} and app url {}", u.getUsername(), u.getEmail(), baseUrl );
675
676 mailer.sendAccountValidationEmail( Arrays.asList( u.getEmail() ), authkey, baseUrl );
677
678 securityPolicy.setEnabled( false );
679 userManager.addUser( u );
680 return new RegistrationKey( authkey.getKey() );
681
682 }
683 catch ( KeyManagerException e )
684 {
685 log.error( "Unable to register a new user.", e );
686 throw new RedbackServiceException( new ErrorMessage( "cannot.register.user", null ) );
687 }
688 catch ( UserManagerException e )
689 {
690 throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
691 }
692 finally
693 {
694 securityPolicy.setEnabled( true );
695 }
696 }
697 else
698 {
699 try
700 {
701 userManager.addUser( u );
702 return new RegistrationKey( "-1" );
703 }
704 catch ( UserManagerException e )
705 {
706 throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
707 }
708 }
709
710
711
712
713
714
715
716
717 }
718
719 public Boolean validateUserFromKey( String key )
720 throws RedbackServiceException
721 {
722 String principal = null;
723 try
724 {
725 AuthenticationKey authkey = securitySystem.getKeyManager().findKey( key );
726
727 org.apache.archiva.redback.users.User user =
728 securitySystem.getUserManager().findUser( authkey.getForPrincipal() );
729
730 user.setValidated( true );
731 user.setLocked( false );
732 user.setPasswordChangeRequired( true );
733 user.setEncodedPassword( "" );
734
735 principal = user.getUsername();
736
737 TokenBasedAuthenticationDataSource authsource = new TokenBasedAuthenticationDataSource();
738 authsource.setPrincipal( principal );
739 authsource.setToken( authkey.getKey() );
740 authsource.setEnforcePasswordChange( false );
741
742 securitySystem.getUserManager().updateUser( user );
743
744 httpAuthenticator.authenticate( authsource, httpServletRequest.getSession( true ) );
745
746 log.info( "account validated for user {}", user.getUsername() );
747
748 return Boolean.TRUE;
749 }
750 catch ( MustChangePasswordException e )
751 {
752 throw new RedbackServiceException( e.getMessage(), Response.Status.FORBIDDEN.getStatusCode() );
753 }
754 catch ( KeyNotFoundException e )
755 {
756 log.info( "Invalid key requested: {}", key );
757 throw new RedbackServiceException( new ErrorMessage( "cannot.find.key" ) );
758 }
759 catch ( KeyManagerException e )
760 {
761 throw new RedbackServiceException( new ErrorMessage( "cannot.find.key.at.the.momment" ) );
762
763 }
764 catch ( UserNotFoundException e )
765 {
766 throw new RedbackServiceException( new ErrorMessage( "cannot.find.user", new String[]{ principal } ) );
767
768 }
769 catch ( AccountLockedException e )
770 {
771 throw new RedbackServiceException( e.getMessage(), Response.Status.FORBIDDEN.getStatusCode() );
772 }
773 catch ( AuthenticationException e )
774 {
775 throw new RedbackServiceException( e.getMessage(), Response.Status.FORBIDDEN.getStatusCode() );
776 }
777 catch ( UserManagerException e )
778 {
779 throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
780 }
781 }
782
783 public Collection<Permission> getCurrentUserPermissions()
784 throws RedbackServiceException
785 {
786 RedbackRequestInformation redbackRequestInformation = RedbackAuthenticationThreadLocal.get();
787 String userName = UserManager.GUEST_USERNAME;
788 if ( redbackRequestInformation != null && redbackRequestInformation.getUser() != null )
789 {
790 userName = redbackRequestInformation.getUser().getUsername();
791 }
792
793 return getUserPermissions( userName );
794 }
795
796 public Collection<Operation> getCurrentUserOperations()
797 throws RedbackServiceException
798 {
799 RedbackRequestInformation redbackRequestInformation = RedbackAuthenticationThreadLocal.get();
800 String userName = UserManager.GUEST_USERNAME;
801 if ( redbackRequestInformation != null && redbackRequestInformation.getUser() != null )
802 {
803 userName = redbackRequestInformation.getUser().getUsername();
804 }
805
806 return getUserOperations( userName );
807 }
808
809 public Collection<Operation> getUserOperations( String userName )
810 throws RedbackServiceException
811 {
812 Collection<Permission> permissions = getUserPermissions( userName );
813 List<Operation> operations = new ArrayList<Operation>( permissions.size() );
814 for ( Permission permission : permissions )
815 {
816 if ( permission.getOperation() != null )
817 {
818 Operation operation = new Operation();
819 operation.setName( permission.getOperation().getName() );
820 operations.add( operation );
821 }
822 }
823 return operations;
824 }
825
826 public Collection<Permission> getUserPermissions( String userName )
827 throws RedbackServiceException
828 {
829 try
830 {
831 Set<org.apache.archiva.redback.rbac.Permission> permissions =
832 rbacManager.getAssignedPermissions( userName );
833
834 List<Permission> userPermissions = new ArrayList<Permission>( permissions.size() );
835 for ( org.apache.archiva.redback.rbac.Permission p : permissions )
836 {
837 Permission permission = new Permission();
838 permission.setName( p.getName() );
839
840 if ( p.getOperation() != null )
841 {
842 Operation operation = new Operation();
843 operation.setName( p.getOperation().getName() );
844 permission.setOperation( operation );
845 }
846
847 if ( p.getResource() != null )
848 {
849 Resource resource = new Resource();
850 resource.setIdentifier( p.getResource().getIdentifier() );
851 resource.setPattern( p.getResource().isPattern() );
852 permission.setResource( resource );
853 }
854
855 userPermissions.add( permission );
856 }
857 return userPermissions;
858 }
859 catch ( RbacObjectNotFoundException e )
860 {
861 log.error( e.getMessage(), e );
862 throw new RedbackServiceException( e.getMessage() );
863 }
864 catch ( RbacManagerException e )
865 {
866 log.error( e.getMessage(), e );
867 throw new RedbackServiceException( e.getMessage() );
868 }
869 }
870
871 public void validateCredentialsLoose( User user )
872 throws RedbackServiceException
873 {
874 RedbackServiceException redbackServiceException =
875 new RedbackServiceException( "issues during validating user" );
876 if ( StringUtils.isEmpty( user.getUsername() ) )
877 {
878 redbackServiceException.addErrorMessage( new ErrorMessage( "username.required", null ) );
879 }
880 else
881 {
882 if ( !user.getUsername().matches( VALID_USERNAME_CHARS ) )
883 {
884 redbackServiceException.addErrorMessage( new ErrorMessage( "username.invalid.characters", null ) );
885 }
886 }
887
888 if ( StringUtils.isEmpty( user.getFullName() ) )
889 {
890 redbackServiceException.addErrorMessage( new ErrorMessage( "fullName.required", null ) );
891 }
892
893 if ( StringUtils.isEmpty( user.getEmail() ) )
894 {
895 redbackServiceException.addErrorMessage( new ErrorMessage( "email.required", null ) );
896 }
897
898 if ( !StringUtils.equals( user.getPassword(), user.getConfirmPassword() ) )
899 {
900 redbackServiceException.addErrorMessage( new ErrorMessage( "passwords.does.not.match", null ) );
901 }
902
903 try
904 {
905 if ( !org.codehaus.plexus.util.StringUtils.isEmpty( user.getEmail() ) )
906 {
907 new InternetAddress( user.getEmail(), true );
908 }
909 }
910 catch ( AddressException e )
911 {
912 redbackServiceException.addErrorMessage( new ErrorMessage( "email.invalid", null ) );
913 }
914 if ( !redbackServiceException.getErrorMessages().isEmpty() )
915 {
916 throw redbackServiceException;
917 }
918 }
919
920 public void validateCredentialsStrict( User user )
921 throws RedbackServiceException
922 {
923 validateCredentialsLoose( user );
924 try
925 {
926 org.apache.archiva.redback.users.User tmpuser =
927 userManager.createUser( user.getUsername(), user.getFullName(), user.getEmail() );
928
929 user.setPassword( user.getPassword() );
930
931 securitySystem.getPolicy().validatePassword( tmpuser );
932
933 if ( ( org.codehaus.plexus.util.StringUtils.isEmpty( user.getPassword() ) ) )
934 {
935 throw new RedbackServiceException( new ErrorMessage( "password.required", null ) );
936 }
937 }
938 catch ( UserManagerException e )
939 {
940 throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
941 }
942 }
943
944 private String getBaseUrl()
945 {
946 if ( httpServletRequest != null )
947 {
948 if ( httpServletRequest != null )
949 {
950 return httpServletRequest.getScheme() + "://" + httpServletRequest.getServerName() + (
951 httpServletRequest.getServerPort() == 80
952 ? ""
953 : ":" + httpServletRequest.getServerPort() ) + httpServletRequest.getContextPath();
954 }
955 }
956 return null;
957 }
958
959 public Boolean unlockUser( String username )
960 throws RedbackServiceException
961 {
962 User user = getUser( username );
963 if ( user != null )
964 {
965 user.setLocked( false );
966 updateUser( user );
967 return Boolean.TRUE;
968 }
969 return Boolean.FALSE;
970 }
971
972 public Boolean lockUser( String username )
973 throws RedbackServiceException
974 {
975 User user = getUser( username );
976 if ( user != null )
977 {
978 user.setLocked( true );
979 updateUser( user );
980 return Boolean.TRUE;
981 }
982 return Boolean.FALSE;
983 }
984
985 public Boolean passwordChangeRequired( String username )
986 throws RedbackServiceException
987 {
988 User user = getUser( username );
989 if ( user == null )
990 {
991 user.setPasswordChangeRequired( true );
992 updateUser( user );
993 return Boolean.TRUE;
994 }
995 return Boolean.FALSE;
996 }
997
998 public Boolean passwordChangeNotRequired( String username )
999 throws RedbackServiceException
1000 {
1001 User user = getUser( username );
1002 if ( user == null )
1003 {
1004 user.setPasswordChangeRequired( false );
1005 updateUser( user );
1006 return Boolean.TRUE;
1007 }
1008 return Boolean.FALSE;
1009 }
1010 }