[New] Requiring TX for privilege services
This commit is contained in:
parent
7d189ad7ae
commit
282bbba3aa
|
|
@ -15,6 +15,9 @@
|
|||
*/
|
||||
package li.strolch.rest.endpoint;
|
||||
|
||||
import static li.strolch.privilege.handler.PrivilegeHandler.PRIVILEGE_ACTION;
|
||||
import static li.strolch.privilege.handler.PrivilegeHandler.PRIVILEGE_ACTION_GET_POLICIES;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.ws.rs.GET;
|
||||
import javax.ws.rs.Path;
|
||||
|
|
@ -26,8 +29,10 @@ import java.util.Map;
|
|||
|
||||
import com.google.gson.JsonObject;
|
||||
import li.strolch.agent.api.ComponentContainer;
|
||||
import li.strolch.persistence.api.StrolchTransaction;
|
||||
import li.strolch.privilege.handler.PrivilegeHandler;
|
||||
import li.strolch.privilege.model.Certificate;
|
||||
import li.strolch.privilege.model.SimpleRestrictable;
|
||||
import li.strolch.rest.RestfulStrolchComponent;
|
||||
import li.strolch.rest.StrolchRestfulConstants;
|
||||
|
||||
|
|
@ -44,12 +49,20 @@ public class PrivilegePoliciesService {
|
|||
return container.getPrivilegeHandler().getPrivilegeHandler();
|
||||
}
|
||||
|
||||
private static String getContext() {
|
||||
StackTraceElement element = new Throwable().getStackTrace()[2];
|
||||
return element.getClassName() + "." + element.getMethodName();
|
||||
}
|
||||
|
||||
@GET
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public Response getRoles(@Context HttpServletRequest request) {
|
||||
public Response getPrivilegePolicies(@Context HttpServletRequest request) {
|
||||
Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
|
||||
PrivilegeHandler privilegeHandler = getPrivilegeHandler();
|
||||
|
||||
try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
|
||||
tx.validateAction(new SimpleRestrictable(PRIVILEGE_ACTION, PRIVILEGE_ACTION_GET_POLICIES));
|
||||
|
||||
Map<String, String> policyDefs = privilegeHandler.getPolicyDefs(cert);
|
||||
|
||||
JsonObject policiesJ = new JsonObject();
|
||||
|
|
@ -58,4 +71,5 @@ public class PrivilegePoliciesService {
|
|||
}
|
||||
return Response.ok(policiesJ.toString(), MediaType.APPLICATION_JSON).build();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@
|
|||
package li.strolch.rest.endpoint;
|
||||
|
||||
import static java.util.Comparator.comparing;
|
||||
import static li.strolch.privilege.handler.PrivilegeHandler.PRIVILEGE_GET_ROLE;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.ws.rs.*;
|
||||
|
|
@ -27,6 +28,7 @@ import com.google.gson.JsonArray;
|
|||
import li.strolch.agent.api.ComponentContainer;
|
||||
import li.strolch.model.json.PrivilegeElementFromJsonVisitor;
|
||||
import li.strolch.model.json.PrivilegeElementToJsonVisitor;
|
||||
import li.strolch.persistence.api.StrolchTransaction;
|
||||
import li.strolch.privilege.handler.PrivilegeHandler;
|
||||
import li.strolch.privilege.model.Certificate;
|
||||
import li.strolch.privilege.model.PrivilegeRep;
|
||||
|
|
@ -48,12 +50,20 @@ public class PrivilegeRolesService {
|
|||
return container.getPrivilegeHandler().getPrivilegeHandler();
|
||||
}
|
||||
|
||||
private static String getContext() {
|
||||
StackTraceElement element = new Throwable().getStackTrace()[2];
|
||||
return element.getClassName() + "." + element.getMethodName();
|
||||
}
|
||||
|
||||
@GET
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public Response getRoles(@Context HttpServletRequest request) {
|
||||
Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
|
||||
PrivilegeHandler privilegeHandler = getPrivilegeHandler();
|
||||
|
||||
try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
|
||||
tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_ROLE);
|
||||
|
||||
PrivilegeElementToJsonVisitor visitor = new PrivilegeElementToJsonVisitor();
|
||||
JsonArray rolesJ = privilegeHandler.getRoles(cert).stream() //
|
||||
.sorted(comparing(roleRep -> roleRep.getName().toLowerCase())) //
|
||||
|
|
@ -63,6 +73,7 @@ public class PrivilegeRolesService {
|
|||
|
||||
return Response.ok(rolesJ.toString(), MediaType.APPLICATION_JSON).build();
|
||||
}
|
||||
}
|
||||
|
||||
@GET
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
|
|
@ -71,9 +82,12 @@ public class PrivilegeRolesService {
|
|||
Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
|
||||
PrivilegeHandler privilegeHandler = getPrivilegeHandler();
|
||||
|
||||
try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
|
||||
tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_ROLE);
|
||||
|
||||
RoleRep role = privilegeHandler.getRole(cert, rolename);
|
||||
return Response.ok(role.accept(new PrivilegeElementToJsonVisitor()).toString(), MediaType.APPLICATION_JSON)
|
||||
.build();
|
||||
return Response.ok(role.accept(new PrivilegeElementToJsonVisitor()).toString(), MediaType.APPLICATION_JSON).build();
|
||||
}
|
||||
}
|
||||
|
||||
@POST
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@
|
|||
package li.strolch.rest.endpoint;
|
||||
|
||||
import static java.util.Comparator.comparing;
|
||||
import static li.strolch.privilege.handler.PrivilegeHandler.PRIVILEGE_GET_USER;
|
||||
import static li.strolch.rest.helper.RestfulHelper.toJson;
|
||||
import static li.strolch.search.SearchBuilder.buildSimpleValueSearch;
|
||||
|
||||
|
|
@ -34,6 +35,7 @@ import com.google.gson.*;
|
|||
import li.strolch.agent.api.ComponentContainer;
|
||||
import li.strolch.model.json.PrivilegeElementFromJsonVisitor;
|
||||
import li.strolch.model.json.PrivilegeElementToJsonVisitor;
|
||||
import li.strolch.persistence.api.StrolchTransaction;
|
||||
import li.strolch.privilege.handler.PrivilegeHandler;
|
||||
import li.strolch.privilege.model.Certificate;
|
||||
import li.strolch.privilege.model.UserRep;
|
||||
|
|
@ -65,12 +67,20 @@ public class PrivilegeUsersService {
|
|||
return container.getPrivilegeHandler().getPrivilegeHandler();
|
||||
}
|
||||
|
||||
private static String getContext() {
|
||||
StackTraceElement element = new Throwable().getStackTrace()[2];
|
||||
return element.getClassName() + "." + element.getMethodName();
|
||||
}
|
||||
|
||||
@GET
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public Response queryUsers(@Context HttpServletRequest request, @BeanParam QueryData queryData) {
|
||||
Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
|
||||
PrivilegeHandler privilegeHandler = getPrivilegeHandler();
|
||||
|
||||
try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
|
||||
tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_USER);
|
||||
|
||||
String query = queryData.getQuery();
|
||||
List<UserRep> users = privilegeHandler.getUsers(cert);
|
||||
SearchResult<UserRep> result = buildSimpleValueSearch(new ValueSearch<UserRep>(), query, Arrays.asList( //
|
||||
|
|
@ -87,6 +97,7 @@ public class PrivilegeUsersService {
|
|||
Gson gson = new GsonBuilder().setPrettyPrinting().create();
|
||||
return Response.ok(gson.toJson(root), MediaType.APPLICATION_JSON).build();
|
||||
}
|
||||
}
|
||||
|
||||
@POST
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
|
|
@ -96,6 +107,9 @@ public class PrivilegeUsersService {
|
|||
Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
|
||||
PrivilegeHandler privilegeHandler = getPrivilegeHandler();
|
||||
|
||||
try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
|
||||
tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_USER);
|
||||
|
||||
PrivilegeElementToJsonVisitor visitor = new PrivilegeElementToJsonVisitor();
|
||||
|
||||
UserRep queryRep = new PrivilegeElementFromJsonVisitor().userRepFromJson(query);
|
||||
|
|
@ -107,6 +121,7 @@ public class PrivilegeUsersService {
|
|||
|
||||
return Response.ok(usersArr.toString(), MediaType.APPLICATION_JSON).build();
|
||||
}
|
||||
}
|
||||
|
||||
@GET
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
|
|
@ -115,9 +130,12 @@ public class PrivilegeUsersService {
|
|||
Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
|
||||
PrivilegeHandler privilegeHandler = getPrivilegeHandler();
|
||||
|
||||
try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
|
||||
tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_USER);
|
||||
|
||||
UserRep user = privilegeHandler.getUser(cert, username);
|
||||
return Response.ok(user.accept(new PrivilegeElementToJsonVisitor()).toString(), MediaType.APPLICATION_JSON)
|
||||
.build();
|
||||
return Response.ok(user.accept(new PrivilegeElementToJsonVisitor()).toString(), MediaType.APPLICATION_JSON).build();
|
||||
}
|
||||
}
|
||||
|
||||
@POST
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@
|
|||
package li.strolch.rest.endpoint;
|
||||
|
||||
import static li.strolch.rest.helper.RestfulHelper.toJson;
|
||||
import static li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants.PRIVILEGE_GET_SESSION;
|
||||
import static li.strolch.search.SearchBuilder.buildSimpleValueSearch;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
|
@ -31,6 +32,7 @@ import java.util.Locale;
|
|||
import com.google.gson.Gson;
|
||||
import com.google.gson.GsonBuilder;
|
||||
import com.google.gson.JsonObject;
|
||||
import li.strolch.persistence.api.StrolchTransaction;
|
||||
import li.strolch.privilege.model.Certificate;
|
||||
import li.strolch.rest.RestfulStrolchComponent;
|
||||
import li.strolch.rest.StrolchRestfulConstants;
|
||||
|
|
@ -48,6 +50,11 @@ public class UserSessionsService {
|
|||
|
||||
private static final Logger logger = LoggerFactory.getLogger(UserSessionsService.class);
|
||||
|
||||
private static String getContext() {
|
||||
StackTraceElement element = new Throwable().getStackTrace()[2];
|
||||
return element.getClassName() + "." + element.getMethodName();
|
||||
}
|
||||
|
||||
@GET
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public Response querySessions(@Context HttpServletRequest request, @BeanParam QueryData queryData) {
|
||||
|
|
@ -56,6 +63,9 @@ public class UserSessionsService {
|
|||
logger.info("[" + cert.getUsername() + "] Querying user sessions...");
|
||||
StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler();
|
||||
|
||||
try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
|
||||
tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_SESSION);
|
||||
|
||||
String query = queryData.getQuery();
|
||||
List<UserSession> sessions = sessionHandler.getSessions(cert, source);
|
||||
|
||||
|
|
@ -70,6 +80,7 @@ public class UserSessionsService {
|
|||
Gson gson = new GsonBuilder().setPrettyPrinting().create();
|
||||
return Response.ok(gson.toJson(root), MediaType.APPLICATION_JSON).build();
|
||||
}
|
||||
}
|
||||
|
||||
@GET
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
|
|
@ -79,9 +90,14 @@ public class UserSessionsService {
|
|||
String source = (String) request.getAttribute(StrolchRestfulConstants.STROLCH_REQUEST_SOURCE);
|
||||
logger.info("[" + cert.getUsername() + "] Returning session " + sessionId);
|
||||
StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler();
|
||||
|
||||
try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
|
||||
tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_SESSION);
|
||||
|
||||
UserSession session = sessionHandler.getSession(cert, source, sessionId);
|
||||
return Response.ok(session.toJson().toString(), MediaType.APPLICATION_JSON).build();
|
||||
}
|
||||
}
|
||||
|
||||
@DELETE
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
|
|
@ -90,9 +106,14 @@ public class UserSessionsService {
|
|||
Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
|
||||
logger.info("[" + cert.getUsername() + "] Invalidating session " + sessionId);
|
||||
StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler();
|
||||
|
||||
try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
|
||||
tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_SESSION);
|
||||
|
||||
sessionHandler.invalidate(cert, sessionId);
|
||||
return ResponseUtil.toResponse();
|
||||
}
|
||||
}
|
||||
|
||||
@PUT
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
|
|
|
|||
|
|
@ -46,11 +46,13 @@ public class PrivilegeAddOrReplacePrivilegeOnRoleService
|
|||
li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
|
||||
PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
|
||||
|
||||
RoleRep role = privilegeHandler.addOrReplacePrivilegeOnRole(getCertificate(), arg.roleName, arg.privilegeRep);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
RoleRep role;
|
||||
try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_MODIFY_ROLE)) {
|
||||
tx.setSuppressAudits(true);
|
||||
|
||||
role = privilegeHandler.addOrReplacePrivilegeOnRole(getCertificate(), arg.roleName, arg.privilegeRep);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
Audit audit = tx
|
||||
.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.ROLE,
|
||||
role.getName());
|
||||
|
|
|
|||
|
|
@ -44,11 +44,13 @@ public class PrivilegeAddRoleService extends AbstractService<PrivilegeRoleArgume
|
|||
li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
|
||||
PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
|
||||
|
||||
RoleRep role = privilegeHandler.addRole(getCertificate(), arg.role);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
RoleRep role;
|
||||
try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_ADD_ROLE)) {
|
||||
tx.setSuppressAudits(true);
|
||||
|
||||
role = privilegeHandler.addRole(getCertificate(), arg.role);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
Audit audit = tx
|
||||
.auditFrom(AccessType.CREATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.ROLE,
|
||||
role.getName());
|
||||
|
|
|
|||
|
|
@ -46,11 +46,13 @@ public class PrivilegeRemovePrivilegeFromRoleService
|
|||
li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
|
||||
PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
|
||||
|
||||
RoleRep role = privilegeHandler.removePrivilegeFromRole(getCertificate(), arg.roleName, arg.privilegeName);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
RoleRep role;
|
||||
try (StrolchTransaction tx = openArgOrUserTx(arg, StrolchPrivilegeConstants.PRIVILEGE_MODIFY_ROLE)) {
|
||||
tx.setSuppressAudits(true);
|
||||
|
||||
role = privilegeHandler.removePrivilegeFromRole(getCertificate(), arg.roleName, arg.privilegeName);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
Audit audit = tx
|
||||
.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.ROLE,
|
||||
role.getName());
|
||||
|
|
|
|||
|
|
@ -45,11 +45,13 @@ public class PrivilegeRemoveRoleService extends AbstractService<PrivilegeRoleNam
|
|||
li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
|
||||
PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
|
||||
|
||||
RoleRep role = privilegeHandler.removeRole(getCertificate(), arg.roleName);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
RoleRep role;
|
||||
try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_REMOVE_ROLE)) {
|
||||
tx.setSuppressAudits(true);
|
||||
|
||||
role = privilegeHandler.removeRole(getCertificate(), arg.roleName);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
Audit audit = tx
|
||||
.auditFrom(AccessType.DELETE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.ROLE,
|
||||
role.getName());
|
||||
|
|
|
|||
|
|
@ -45,11 +45,13 @@ public class PrivilegeUpdateRoleService extends AbstractService<PrivilegeRoleArg
|
|||
li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
|
||||
PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
|
||||
|
||||
RoleRep role = privilegeHandler.replaceRole(getCertificate(), arg.role);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
RoleRep role;
|
||||
try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_MODIFY_ROLE)) {
|
||||
tx.setSuppressAudits(true);
|
||||
|
||||
role = privilegeHandler.replaceRole(getCertificate(), arg.role);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
Audit audit = tx
|
||||
.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.ROLE,
|
||||
role.getName());
|
||||
|
|
|
|||
|
|
@ -46,11 +46,13 @@ public class PrivilegeAddRoleToUserService
|
|||
li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
|
||||
PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
|
||||
|
||||
UserRep user = privilegeHandler.addRoleToUser(getCertificate(), arg.username, arg.rolename);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
UserRep user;
|
||||
try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_ADD_ROLE_TO_USER)) {
|
||||
tx.setSuppressAudits(true);
|
||||
|
||||
user = privilegeHandler.addRoleToUser(getCertificate(), arg.username, arg.rolename);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
Audit audit = tx
|
||||
.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.USER,
|
||||
user.getUsername());
|
||||
|
|
|
|||
|
|
@ -45,11 +45,13 @@ public class PrivilegeRemoveRoleFromUserService
|
|||
li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
|
||||
PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
|
||||
|
||||
UserRep user = privilegeHandler.removeRoleFromUser(getCertificate(), arg.username, arg.rolename);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
UserRep user;
|
||||
try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_REMOVE_ROLE_FROM_USER)) {
|
||||
tx.setSuppressAudits(true);
|
||||
|
||||
user = privilegeHandler.removeRoleFromUser(getCertificate(), arg.username, arg.rolename);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
Audit audit = tx
|
||||
.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.USER,
|
||||
user.getUsername());
|
||||
|
|
|
|||
|
|
@ -45,11 +45,13 @@ public class PrivilegeRemoveUserService extends AbstractService<PrivilegeUserNam
|
|||
li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
|
||||
PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
|
||||
|
||||
UserRep user = privilegeHandler.removeUser(getCertificate(), arg.username);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
UserRep user;
|
||||
try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_REMOVE_USER)) {
|
||||
tx.setSuppressAudits(true);
|
||||
|
||||
user = privilegeHandler.removeUser(getCertificate(), arg.username);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
Audit audit = tx
|
||||
.auditFrom(AccessType.DELETE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.USER,
|
||||
user.getUsername());
|
||||
|
|
|
|||
|
|
@ -46,11 +46,13 @@ public class PrivilegeSetUserLocaleService
|
|||
li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
|
||||
PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
|
||||
|
||||
UserRep user = privilegeHandler.setUserLocale(getCertificate(), arg.username, arg.locale);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
UserRep user;
|
||||
try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_SET_USER_LOCALE)) {
|
||||
tx.setSuppressAudits(true);
|
||||
|
||||
user = privilegeHandler.setUserLocale(getCertificate(), arg.username, arg.locale);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
Audit audit = tx
|
||||
.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.USER,
|
||||
user.getUsername());
|
||||
|
|
@ -59,14 +61,4 @@ public class PrivilegeSetUserLocaleService
|
|||
|
||||
return new PrivilegeUserResult(user);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getPrivilegeName() {
|
||||
return StrolchPrivilegeConstants.PRIVILEGE_SET_USER_LOCALE;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getPrivilegeValue() {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -42,19 +42,20 @@ public class PrivilegeSetUserPasswordService extends AbstractService<PrivilegeSe
|
|||
@Override
|
||||
protected ServiceResult internalDoService(PrivilegeSetUserPasswordArgument arg) throws Exception {
|
||||
|
||||
li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
|
||||
try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_SET_USER_PASSWORD)) {
|
||||
tx.setSuppressAudits(true);
|
||||
|
||||
li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer()
|
||||
.getPrivilegeHandler();
|
||||
PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
|
||||
privilegeHandler.setUserPassword(getCertificate(), arg.username, arg.password);
|
||||
|
||||
// only persist if not setting own password
|
||||
if (!getCertificate().getUsername().equals(arg.username) && getPrivilegeContext().getPrivilegeNames()
|
||||
.contains(PrivilegeHandler.PRIVILEGE_ACTION_PERSIST)) {
|
||||
|
||||
privilegeHandler.persist(getCertificate());
|
||||
}
|
||||
|
||||
try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_SET_USER_PASSWORD)) {
|
||||
tx.setSuppressAudits(true);
|
||||
Audit audit = tx
|
||||
.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.USER,
|
||||
arg.username);
|
||||
|
|
|
|||
|
|
@ -45,11 +45,13 @@ public class PrivilegeSetUserStateService extends AbstractService<PrivilegeSetUs
|
|||
li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
|
||||
PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
|
||||
|
||||
UserRep user = privilegeHandler.setUserState(getCertificate(), arg.username, arg.userState);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
UserRep user;
|
||||
try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_SET_USER_STATE)) {
|
||||
tx.setSuppressAudits(true);
|
||||
|
||||
user = privilegeHandler.setUserState(getCertificate(), arg.username, arg.userState);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
Audit audit = tx
|
||||
.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.USER,
|
||||
user.getUsername());
|
||||
|
|
@ -58,14 +60,4 @@ public class PrivilegeSetUserStateService extends AbstractService<PrivilegeSetUs
|
|||
|
||||
return new PrivilegeUserResult(user);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getPrivilegeName() {
|
||||
return StrolchPrivilegeConstants.PRIVILEGE_SET_USER_STATE;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getPrivilegeValue() {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -55,7 +55,12 @@ public class PrivilegeUpdateUserRolesService extends AbstractService<JsonService
|
|||
rolesE.forEach(e -> roles.add(e.getAsString()));
|
||||
|
||||
String username = arg.objectId;
|
||||
UserRep user = privilegeHandler.getUser(getCertificate(), username);
|
||||
|
||||
UserRep user;
|
||||
try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_ADD_ROLE_TO_USER)) {
|
||||
tx.setSuppressAudits(true);
|
||||
|
||||
user = privilegeHandler.getUser(getCertificate(), username);
|
||||
|
||||
// first add new roles
|
||||
boolean changed = false;
|
||||
|
|
@ -75,8 +80,6 @@ public class PrivilegeUpdateUserRolesService extends AbstractService<JsonService
|
|||
}
|
||||
|
||||
if (changed) {
|
||||
try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_ADD_ROLE_TO_USER)) {
|
||||
tx.setSuppressAudits(true);
|
||||
Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE,
|
||||
StrolchPrivilegeConstants.USER, user.getUsername());
|
||||
tx.getAuditTrail().add(tx, audit);
|
||||
|
|
|
|||
|
|
@ -45,11 +45,13 @@ public class PrivilegeUpdateUserService extends AbstractService<PrivilegeUserArg
|
|||
li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
|
||||
PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
|
||||
|
||||
UserRep user = privilegeHandler.updateUser(getCertificate(), arg.user);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
UserRep user;
|
||||
try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_MODIFY_USER)) {
|
||||
tx.setSuppressAudits(true);
|
||||
|
||||
user = privilegeHandler.updateUser(getCertificate(), arg.user);
|
||||
privilegeHandler.persist(getCertificate());
|
||||
|
||||
Audit audit = tx
|
||||
.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.USER,
|
||||
user.getUsername());
|
||||
|
|
|
|||
Loading…
Reference in New Issue