[New] Added clear user password REST API and service

This commit is contained in:
Robert von Burg 2021-02-22 23:16:59 +01:00
parent 7c82f21ee4
commit a88b6edf66
2 changed files with 102 additions and 1 deletions

View File

@ -134,7 +134,8 @@ public class PrivilegeUsersService {
tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_USER);
UserRep user = privilegeHandler.getUser(cert, username);
return Response.ok(user.accept(new PrivilegeElementToJsonVisitor()).toString(), MediaType.APPLICATION_JSON).build();
return Response.ok(user.accept(new PrivilegeElementToJsonVisitor()).toString(), MediaType.APPLICATION_JSON)
.build();
}
}
@ -331,6 +332,39 @@ public class PrivilegeUsersService {
}
}
@DELETE
@Produces(MediaType.APPLICATION_JSON)
@Path("{username}/password")
public Response clearUserPassword(@PathParam("username") String username, @Context HttpServletRequest request) {
Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
try {
ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class);
ClearUserPasswordService svc = new ClearUserPasswordService();
PrivilegeUserNameArgument arg = svc.getArgumentInstance();
arg.username = username;
ServiceResult svcResult = svcHandler.doService(cert, svc, arg);
if (svcResult.isNok())
return ResponseUtil.toResponse(svcResult);
// if user changes their own password, then invalidate the session
if (cert.getUsername().equals(username)) {
StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler();
sessionHandler.invalidate(cert);
}
return ResponseUtil.toResponse();
} catch (Exception e) {
logger.error(e.getMessage(), e);
String msg = e.getMessage();
return ResponseUtil.toResponse("Failed to clear password: ",
MessageFormat.format("{0}: {1}", e.getClass().getName(), msg));
}
}
private Response handleServiceResult(PrivilegeUserResult svcResult) {
if (svcResult.isOk()) {
UserRep userRep = svcResult.getUser();

View File

@ -0,0 +1,67 @@
/*
* Copyright 2015 Robert von Burg <eitch@eitchnet.ch>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package li.strolch.service.privilege.users;
import li.strolch.model.audit.AccessType;
import li.strolch.model.audit.Audit;
import li.strolch.persistence.api.StrolchTransaction;
import li.strolch.privilege.handler.PrivilegeHandler;
import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants;
import li.strolch.service.api.AbstractService;
import li.strolch.service.api.ServiceResult;
import li.strolch.service.api.ServiceResultState;
/**
* @author Robert von Burg <eitch@eitchnet.ch>
*/
public class ClearUserPasswordService extends AbstractService<PrivilegeUserNameArgument, ServiceResult> {
@Override
protected ServiceResult getResultInstance() {
return new ServiceResult(ServiceResultState.FAILED);
}
@Override
public PrivilegeUserNameArgument getArgumentInstance() {
return new PrivilegeUserNameArgument();
}
@Override
protected ServiceResult internalDoService(PrivilegeUserNameArgument arg) throws Exception {
try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_SET_USER_PASSWORD)) {
tx.setSuppressAudits(true);
li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer()
.getPrivilegeHandler();
PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
privilegeHandler.setUserPassword(getCertificate(), arg.username, null);
// only persist if not setting own password
if (!getCertificate().getUsername().equals(arg.username) && getPrivilegeContext().getPrivilegeNames()
.contains(PrivilegeHandler.PRIVILEGE_ACTION_PERSIST)) {
privilegeHandler.persist(getCertificate());
}
Audit audit = tx
.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.USER,
arg.username);
tx.getAuditTrail().add(tx, audit);
}
return ServiceResult.success();
}
}