From bd4291b483a73c835adbbedbb0983ab6b6fdd50f Mon Sep 17 00:00:00 2001 From: Robert von Burg Date: Sun, 5 Apr 2015 00:16:30 +0200 Subject: [PATCH] [Major] Moved privilege management into separate services - instead of just calling the methods from the REST API, now we call services - this allows auditing who changes which privileges --- ch.eitchnet.privilege | 2 +- .../agent/impl/ComponentContainerImpl.java | 2 +- .../li/strolch/runtime/StrolchConstants.java | 32 +++ .../DefaultStrolchPrivilegeHandler.java | 7 +- .../runtime/privilege/PrivilegeHandler.java | 3 - .../strolch/service/api/AbstractService.java | 104 ++++++- .../java/li/strolch/service/api/Service.java | 11 + .../li/strolch/service/api/ServiceResult.java | 1 - .../rest/DefaultStrolchSessionHandler.java | 5 +- .../rest/StrolchRestfulExceptionMapper.java | 2 +- .../rest/endpoint/AuthenticationService.java | 7 +- .../rest/endpoint/PrivilegeRolesService.java | 136 ++++----- .../rest/endpoint/PrivilegeUsersService.java | 266 +++++++++--------- .../filters/AuthenicationRequestFilter.java | 4 +- .../inspector/test/AuthenticationTest.java | 4 +- ...geAddOrReplacePrivilegeOnRoleArgument.java | 10 + ...egeAddOrReplacePrivilegeOnRoleService.java | 66 +++++ .../roles/PrivilegeAddRoleService.java | 65 +++++ ...vilegeRemovePrivilegeFromRoleArgument.java | 9 + ...ivilegeRemovePrivilegeFromRoleService.java | 66 +++++ .../roles/PrivilegeRemoveRoleService.java | 65 +++++ .../roles/PrivilegeRoleArgument.java | 9 + .../roles/PrivilegeRoleNameArgument.java | 8 + .../privilege/roles/PrivilegeRoleResult.java | 32 +++ .../roles/PrivilegeUpdateRoleService.java | 65 +++++ .../users/PrivilegeAddRoleToUserService.java | 65 +++++ .../users/PrivilegeAddUserService.java | 65 +++++ .../PrivilegeRemoveRoleFromUserService.java | 66 +++++ .../users/PrivilegeRemoveUserService.java | 65 +++++ .../users/PrivilegeRoleUserNamesArgument.java | 9 + .../users/PrivilegeSetUserLocaleArgument.java | 11 + .../users/PrivilegeSetUserLocaleService.java | 65 +++++ .../PrivilegeSetUserPasswordArgument.java | 9 + .../PrivilegeSetUserPasswordService.java | 65 +++++ .../users/PrivilegeSetUserStateArgument.java | 10 + .../users/PrivilegeSetUserStateService.java | 65 +++++ .../users/PrivilegeUpdateUserService.java | 65 +++++ .../users/PrivilegeUserArgument.java | 9 + .../users/PrivilegeUserNameArgument.java | 8 + .../privilege/users/PrivilegeUserResult.java | 32 +++ 40 files changed, 1353 insertions(+), 237 deletions(-) create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddOrReplacePrivilegeOnRoleArgument.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddOrReplacePrivilegeOnRoleService.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddRoleService.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemovePrivilegeFromRoleArgument.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemovePrivilegeFromRoleService.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemoveRoleService.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRoleArgument.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRoleNameArgument.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRoleResult.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeUpdateRoleService.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddRoleToUserService.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddUserService.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveRoleFromUserService.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveUserService.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRoleUserNamesArgument.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserLocaleArgument.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserLocaleService.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordArgument.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordService.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserStateArgument.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserStateService.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUpdateUserService.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUserArgument.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUserNameArgument.java create mode 100644 li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUserResult.java diff --git a/ch.eitchnet.privilege b/ch.eitchnet.privilege index 2607bbef3..4c6434f47 160000 --- a/ch.eitchnet.privilege +++ b/ch.eitchnet.privilege @@ -1 +1 @@ -Subproject commit 2607bbef3fc7df863548820665d8ed133e524c39 +Subproject commit 4c6434f475dc40e73b54890540eaf943f21e1084 diff --git a/li.strolch.agent/src/main/java/li/strolch/agent/impl/ComponentContainerImpl.java b/li.strolch.agent/src/main/java/li/strolch/agent/impl/ComponentContainerImpl.java index 7defa4f79..8022b776d 100644 --- a/li.strolch.agent/src/main/java/li/strolch/agent/impl/ComponentContainerImpl.java +++ b/li.strolch.agent/src/main/java/li/strolch/agent/impl/ComponentContainerImpl.java @@ -131,7 +131,7 @@ public class ComponentContainerImpl implements ComponentContainer { StrolchConstants.PROP_REALM, realmName), e); } } - + private void setupComponent(Map, StrolchComponent> componentMap, Map controllerMap, ComponentConfiguration componentConfiguration) { diff --git a/li.strolch.agent/src/main/java/li/strolch/runtime/StrolchConstants.java b/li.strolch.agent/src/main/java/li/strolch/runtime/StrolchConstants.java index 3368f8b3b..d8a91ccb4 100644 --- a/li.strolch.agent/src/main/java/li/strolch/runtime/StrolchConstants.java +++ b/li.strolch.agent/src/main/java/li/strolch/runtime/StrolchConstants.java @@ -19,6 +19,7 @@ import static ch.eitchnet.utils.helper.StringHelper.DOT; import li.strolch.agent.api.ObserverHandler; import li.strolch.model.StrolchModelConstants; import li.strolch.persistence.api.PersistenceHandler; +import ch.eitchnet.privilege.handler.PrivilegeHandler; /** * @author Robert von Burg @@ -58,4 +59,35 @@ public class StrolchConstants { realmKey += DOT + realmName; return realmKey; } + + /** + * Constants used for Privilege management, configuration, etc. + * + * @author Robert von Burg + */ + public static class StrolchPrivilegeConstants { + + public static final String PRIVILEGE = "Privilege"; //$NON-NLS-1$ + public static final String CERTIFICATE = "Certificate"; //$NON-NLS-1$ + public static final String ROLE = "Role"; //$NON-NLS-1$ + public static final String USER = "User"; //$NON-NLS-1$ + + public static final String PRIVILEGE_GET_ROLE = PrivilegeHandler.PRIVILEGE_GET_ROLE; + public static final String PRIVILEGE_ADD_ROLE = PrivilegeHandler.PRIVILEGE_ADD_ROLE; + public static final String PRIVILEGE_REMOVE_ROLE = PrivilegeHandler.PRIVILEGE_REMOVE_ROLE; + public static final String PRIVILEGE_MODIFY_ROLE = PrivilegeHandler.PRIVILEGE_MODIFY_ROLE; + + public static final String PRIVILEGE_GET_USER = PrivilegeHandler.PRIVILEGE_GET_USER; + public static final String PRIVILEGE_ADD_USER = PrivilegeHandler.PRIVILEGE_ADD_USER; + public static final String PRIVILEGE_REMOVE_USER = PrivilegeHandler.PRIVILEGE_REMOVE_USER; + public static final String PRIVILEGE_MODIFY_USER = PrivilegeHandler.PRIVILEGE_MODIFY_USER; + public static final String PRIVILEGE_ADD_ROLE_TO_USER = PrivilegeHandler.PRIVILEGE_ADD_ROLE_TO_USER; + public static final String PRIVILEGE_REMOVE_ROLE_FROM_USER = PrivilegeHandler.PRIVILEGE_REMOVE_ROLE_FROM_USER; + public static final String PRIVILEGE_SET_USER_LOCALE = PrivilegeHandler.PRIVILEGE_SET_USER_LOCALE; + public static final String PRIVILEGE_SET_USER_STATE = PrivilegeHandler.PRIVILEGE_SET_USER_STATE; + public static final String PRIVILEGE_SET_USER_PASSWORD = PrivilegeHandler.PRIVILEGE_SET_USER_PASSWORD; + + public static final String PRIVILEGE_INVALIDATE_SESSION = "InvalidateSession"; + public static final String PRIVILEGE_GET_SESSION = "GetSession"; + } } diff --git a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java index 94a22c0e8..b81113b51 100644 --- a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java +++ b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java @@ -27,6 +27,7 @@ import li.strolch.exception.StrolchException; import li.strolch.model.audit.AccessType; import li.strolch.model.audit.Audit; import li.strolch.persistence.api.StrolchTransaction; +import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants; import li.strolch.runtime.configuration.ComponentConfiguration; import li.strolch.runtime.configuration.RuntimeConfiguration; import ch.eitchnet.privilege.base.AccessDeniedException; @@ -119,7 +120,8 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements try (StrolchTransaction tx = realm.openTx(certificate, getClass())) { tx.setSuppressDoNothingLogging(true); tx.setSuppressAudits(true); - Audit audit = tx.auditFrom(AccessType.CREATE, PRIVILEGE, CERTIFICATE, username); + Audit audit = tx.auditFrom(AccessType.CREATE, StrolchPrivilegeConstants.PRIVILEGE, + StrolchPrivilegeConstants.CERTIFICATE, username); tx.getAuditTrail().add(tx, audit); } return certificate; @@ -148,7 +150,8 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements try (StrolchTransaction tx = realm.openTx(certificate, getClass())) { tx.setSuppressDoNothingLogging(true); tx.setSuppressAudits(true); - Audit audit = tx.auditFrom(AccessType.DELETE, PRIVILEGE, CERTIFICATE, certificate.getUsername()); + Audit audit = tx.auditFrom(AccessType.DELETE, StrolchPrivilegeConstants.PRIVILEGE, + StrolchPrivilegeConstants.CERTIFICATE, certificate.getUsername()); tx.getAuditTrail().add(tx, audit); } return invalidateSession; diff --git a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java index a47b50d6a..0175dc083 100644 --- a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java +++ b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/PrivilegeHandler.java @@ -25,9 +25,6 @@ import ch.eitchnet.privilege.model.PrivilegeContext; */ public interface PrivilegeHandler { - public static final String PRIVILEGE = "Privilege"; //$NON-NLS-1$ - public static final String CERTIFICATE = "Certificate"; //$NON-NLS-1$ - /** * @param username * @param password diff --git a/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java b/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java index 91a118a4d..573fcd414 100644 --- a/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java +++ b/li.strolch.agent/src/main/java/li/strolch/service/api/AbstractService.java @@ -18,6 +18,7 @@ package li.strolch.service.api; import java.text.MessageFormat; import li.strolch.agent.api.ComponentContainer; +import li.strolch.agent.api.StrolchComponent; import li.strolch.agent.api.StrolchRealm; import li.strolch.exception.StrolchException; import li.strolch.persistence.api.StrolchTransaction; @@ -42,6 +43,8 @@ public abstract class AbstractService V getComponent(Class clazz) { return this.container.getComponent(clazz); } /** - * @return + * Returns the Strolch {@link RuntimeConfiguration} + * + * @return the Strolch {@link RuntimeConfiguration} */ protected final RuntimeConfiguration getRuntimeConfiguration() { return this.container.getAgent().getStrolchConfiguration().getRuntimeConfiguration(); } /** + * Returns the {@link StrolchRealm} with the given name. If the realm does not exist, then a + * {@link StrolchException} is thrown + * * @param realm - * @return + * the name of the {@link StrolchRealm} to return + * @return the {@link StrolchRealm} with the given name + * + * @throws StrolchException + * if the {@link StrolchRealm} does not exist with the given name */ - protected final StrolchRealm getRealm(String realm) { + protected final StrolchRealm getRealm(String realm) throws StrolchException { return this.container.getRealm(realm); } /** + * Opens a {@link StrolchTransaction} for the given realm, the action for the TX is this implementation's class + * name. This transaction should be used in a try-with-resource clause so it is properly closed + * * @param realm - * @return + * the name of the realm to return + * + * @return the realm with the given name + * + * @throws StrolchException + * if the {@link StrolchRealm} does not exist with the given name */ - protected final StrolchTransaction openTx(String realm) { + protected StrolchTransaction openTx(String realm) throws StrolchException { return this.container.getRealm(realm).openTx(getCertificate(), getClass()); } /** + * Opens a {@link StrolchTransaction} for the given realm. This transaction should be used in a try-with-resource + * clause so it is properly closed + * * @param realm + * the name of the realm to return * @param action - * @return + * the action to use for the opened TX + * + * @return the realm with the given name + * + * @throws StrolchException + * if the {@link StrolchRealm} does not exist with the given name */ - protected final StrolchTransaction openTx(String realm, String action) { + protected StrolchTransaction openTx(String realm, String action) throws StrolchException { return this.container.getRealm(realm).openTx(getCertificate(), action); } + /** + * Opens a {@link StrolchTransaction} where the realm retrieved using + * {@link ComponentContainer#getRealm(Certificate)}, the action for the TX is this implementation's class name. This + * transaction should be used in a try-with-resource clause so it is properly closed + * + * @return the realm with the given name + * + * @throws StrolchException + * if the {@link StrolchRealm} does not exist with the given name + */ + protected StrolchTransaction openUserTx() throws StrolchException { + return this.container.getRealm(getCertificate()).openTx(getCertificate(), getClass()); + } + + /** + * Opens a {@link StrolchTransaction} where the realm retrieved using + * {@link ComponentContainer#getRealm(Certificate)}. This transaction should be used in a try-with-resource clause + * so it is properly closed + * + * @param realm + * the name of the realm to return + * @param action + * the action to use for the opened TX + * + * @return the realm with the given name + * + * @throws StrolchException + * if the {@link StrolchRealm} does not exist with the given name + */ + protected StrolchTransaction openUserTx(String action) throws StrolchException { + return this.container.getRealm(getCertificate()).openTx(getCertificate(), action); + } + + /** + * This method is final as it enforces that the argument is valid, and catches all exceptions and enforces that a + * service result is returned. A concrete implementation will implement the business logic in + * {@link #internalDoService(ServiceArgument)} + */ @Override public final U doService(T argument) { @@ -155,6 +238,8 @@ public abstract class AbstractService */ public interface Service extends Serializable, Restrictable { + /** + * Performs the actual service + * + * @param argument + * the argument for the service + * + * @return the service result + */ public U doService(T argument); } diff --git a/li.strolch.agent/src/main/java/li/strolch/service/api/ServiceResult.java b/li.strolch.agent/src/main/java/li/strolch/service/api/ServiceResult.java index 73921cd3d..b3ffe1e87 100644 --- a/li.strolch.agent/src/main/java/li/strolch/service/api/ServiceResult.java +++ b/li.strolch.agent/src/main/java/li/strolch/service/api/ServiceResult.java @@ -42,7 +42,6 @@ public class ServiceResult implements Serializable { * @param message */ public ServiceResult(ServiceResultState state, String message) { - super(); this.state = state; this.message = message; } diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/DefaultStrolchSessionHandler.java b/li.strolch.rest/src/main/java/li/strolch/rest/DefaultStrolchSessionHandler.java index 90de8c7fa..fc9ae4b60 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/DefaultStrolchSessionHandler.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/DefaultStrolchSessionHandler.java @@ -15,6 +15,9 @@ */ package li.strolch.rest; +import static li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants.PRIVILEGE_GET_SESSION; +import static li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants.PRIVILEGE_INVALIDATE_SESSION; + import java.text.MessageFormat; import java.time.Instant; import java.time.LocalDateTime; @@ -53,8 +56,6 @@ import ch.eitchnet.utils.dbc.DBC; */ public class DefaultStrolchSessionHandler extends StrolchComponent implements StrolchSessionHandler { - public static final String PRIVILEGE_INVALIDATE_SESSION = "InvalidateSession"; - public static final String PRIVILEGE_GET_SESSION = "GetSession"; public static final String PARAM_SESSION_TTL_MINUTES = "session.ttl.minutes"; //$NON-NLS-1$ private static final Logger logger = LoggerFactory.getLogger(DefaultStrolchSessionHandler.class); diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/StrolchRestfulExceptionMapper.java b/li.strolch.rest/src/main/java/li/strolch/rest/StrolchRestfulExceptionMapper.java index 6b79858ea..5cafd9ce8 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/StrolchRestfulExceptionMapper.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/StrolchRestfulExceptionMapper.java @@ -42,7 +42,7 @@ public class StrolchRestfulExceptionMapper implements ExceptionMapper sb.append(restrictable.getPrivilegeValue()); } - return Response.status(Status.FORBIDDEN).entity(sb.toString()).type(MediaType.TEXT_PLAIN).build(); + return Response.status(Status.UNAUTHORIZED).entity(sb.toString()).type(MediaType.TEXT_PLAIN).build(); } return Response.serverError().entity(new Result(ex)).type(MediaType.APPLICATION_JSON).build(); diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java index d98994260..38aa8f5ff 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java @@ -43,6 +43,7 @@ import li.strolch.runtime.privilege.PrivilegeHandler; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import ch.eitchnet.privilege.base.AccessDeniedException; import ch.eitchnet.privilege.base.PrivilegeException; import ch.eitchnet.privilege.model.Certificate; import ch.eitchnet.privilege.model.IPrivilege; @@ -111,10 +112,14 @@ public class AuthenticationService { .header(HttpHeaders.AUTHORIZATION, certificate.getAuthToken())// .build(); - } catch (StrolchException | PrivilegeException e) { + } catch (AccessDeniedException e) { logger.error(e.getMessage(), e); loginResult.setMsg(MessageFormat.format("Could not log in due to: {0}", e.getMessage())); //$NON-NLS-1$ return Response.status(Status.UNAUTHORIZED).entity(loginResult).build(); + } catch (StrolchException | PrivilegeException e) { + logger.error(e.getMessage(), e); + loginResult.setMsg(MessageFormat.format("Could not log in due to: {0}", e.getMessage())); //$NON-NLS-1$ + return Response.status(Status.FORBIDDEN).entity(loginResult).build(); } catch (Exception e) { logger.error(e.getMessage(), e); String msg = e.getMessage(); diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeRolesService.java b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeRolesService.java index d606e3da9..6007c64be 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeRolesService.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeRolesService.java @@ -36,10 +36,17 @@ import li.strolch.agent.api.ComponentContainer; import li.strolch.rest.RestfulStrolchComponent; import li.strolch.rest.StrolchRestfulConstants; import li.strolch.rest.model.Result; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - +import li.strolch.service.api.ServiceHandler; +import li.strolch.service.privilege.roles.PrivilegeAddOrReplacePrivilegeOnRoleArgument; +import li.strolch.service.privilege.roles.PrivilegeAddOrReplacePrivilegeOnRoleService; +import li.strolch.service.privilege.roles.PrivilegeAddRoleService; +import li.strolch.service.privilege.roles.PrivilegeRemovePrivilegeFromRoleArgument; +import li.strolch.service.privilege.roles.PrivilegeRemovePrivilegeFromRoleService; +import li.strolch.service.privilege.roles.PrivilegeRemoveRoleService; +import li.strolch.service.privilege.roles.PrivilegeRoleArgument; +import li.strolch.service.privilege.roles.PrivilegeRoleNameArgument; +import li.strolch.service.privilege.roles.PrivilegeRoleResult; +import li.strolch.service.privilege.roles.PrivilegeUpdateRoleService; import ch.eitchnet.privilege.base.AccessDeniedException; import ch.eitchnet.privilege.base.PrivilegeException; import ch.eitchnet.privilege.handler.PrivilegeHandler; @@ -53,8 +60,6 @@ import ch.eitchnet.privilege.model.RoleRep; @Path("strolch/privilege/roles") public class PrivilegeRolesService { - private static final Logger logger = LoggerFactory.getLogger(PrivilegeRolesService.class); - private PrivilegeHandler getPrivilegeHandler(Certificate cert) { ComponentContainer container = RestfulStrolchComponent.getInstance().getContainer(); return container.getPrivilegeHandler().getPrivilegeHandler(cert); @@ -88,21 +93,14 @@ public class PrivilegeRolesService { @Produces(MediaType.APPLICATION_JSON) public Response addRole(RoleRep newRole, @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); - try { - PrivilegeHandler privilegeHandler = getPrivilegeHandler(cert); - RoleRep role = privilegeHandler.addRole(cert, newRole); - return Response.ok(role, MediaType.APPLICATION_JSON).build(); + ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); + PrivilegeAddRoleService svc = new PrivilegeAddRoleService(); + PrivilegeRoleArgument arg = new PrivilegeRoleArgument(); + arg.role = newRole; - } catch (AccessDeniedException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.UNAUTHORIZED).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } catch (PrivilegeException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.FORBIDDEN).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } + PrivilegeRoleResult svcResult = svcHandler.doService(cert, svc, arg); + return handleServiceResult(svcResult); } @PUT @@ -112,25 +110,18 @@ public class PrivilegeRolesService { public Response replaceRole(@PathParam("rolename") String rolename, RoleRep updatedRole, @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); - try { - if (!rolename.equals(updatedRole.getName())) - return Response.serverError().entity(new Result("Path rolename and data do not have same role name!")) - .type(MediaType.APPLICATION_JSON).build(); - - PrivilegeHandler privilegeHandler = getPrivilegeHandler(cert); - RoleRep role = privilegeHandler.replaceRole(cert, updatedRole); - return Response.ok(role, MediaType.APPLICATION_JSON).build(); - - } catch (AccessDeniedException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.UNAUTHORIZED).entity(new Result(e.getMessage())) + if (!rolename.equals(updatedRole.getName())) + return Response.serverError().entity(new Result("Path rolename and data do not have same role name!")) .type(MediaType.APPLICATION_JSON).build(); - } catch (PrivilegeException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.FORBIDDEN).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } + + ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); + PrivilegeUpdateRoleService svc = new PrivilegeUpdateRoleService(); + PrivilegeRoleArgument arg = new PrivilegeRoleArgument(); + arg.role = updatedRole; + + PrivilegeRoleResult svcResult = svcHandler.doService(cert, svc, arg); + return handleServiceResult(svcResult); } @DELETE @@ -139,21 +130,14 @@ public class PrivilegeRolesService { @Path("{rolename}") public Response removeRole(@PathParam("rolename") String rolename, @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); - try { - PrivilegeHandler privilegeHandler = getPrivilegeHandler(cert); - RoleRep role = privilegeHandler.removeRole(cert, rolename); - return Response.ok(role, MediaType.APPLICATION_JSON).build(); + ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); + PrivilegeRemoveRoleService svc = new PrivilegeRemoveRoleService(); + PrivilegeRoleNameArgument arg = new PrivilegeRoleNameArgument(); + arg.roleName = rolename; - } catch (AccessDeniedException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.UNAUTHORIZED).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } catch (PrivilegeException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.FORBIDDEN).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } + PrivilegeRoleResult svcResult = svcHandler.doService(cert, svc, arg); + return handleServiceResult(svcResult); } @PUT @@ -163,21 +147,15 @@ public class PrivilegeRolesService { public Response addOrReplacePrivilegeOnRole(@PathParam("rolename") String rolename, PrivilegeRep privilegeRep, @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); - try { - PrivilegeHandler privilegeHandler = getPrivilegeHandler(cert); - RoleRep updatedRole = privilegeHandler.addOrReplacePrivilegeOnRole(cert, rolename, privilegeRep); - return Response.ok(updatedRole, MediaType.APPLICATION_JSON).build(); + ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); + PrivilegeAddOrReplacePrivilegeOnRoleService svc = new PrivilegeAddOrReplacePrivilegeOnRoleService(); + PrivilegeAddOrReplacePrivilegeOnRoleArgument arg = new PrivilegeAddOrReplacePrivilegeOnRoleArgument(); + arg.roleName = rolename; + arg.privilegeRep = privilegeRep; - } catch (AccessDeniedException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.UNAUTHORIZED).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } catch (PrivilegeException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.FORBIDDEN).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } + PrivilegeRoleResult svcResult = svcHandler.doService(cert, svc, arg); + return handleServiceResult(svcResult); } @DELETE @@ -187,20 +165,30 @@ public class PrivilegeRolesService { public Response removePrivilegeFromRole(@PathParam("rolename") String rolename, @PathParam("privilege") String privilege, @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); - try { - PrivilegeHandler privilegeHandler = getPrivilegeHandler(cert); - RoleRep updatedRole = privilegeHandler.removePrivilegeFromRole(cert, rolename, privilege); - return Response.ok(updatedRole, MediaType.APPLICATION_JSON).build(); + ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); + PrivilegeRemovePrivilegeFromRoleService svc = new PrivilegeRemovePrivilegeFromRoleService(); + PrivilegeRemovePrivilegeFromRoleArgument arg = new PrivilegeRemovePrivilegeFromRoleArgument(); + arg.roleName = rolename; + arg.privilegeName = privilege; - } catch (AccessDeniedException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.UNAUTHORIZED).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } catch (PrivilegeException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.FORBIDDEN).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); + PrivilegeRoleResult svcResult = svcHandler.doService(cert, svc, arg); + return handleServiceResult(svcResult); + } + + private Response handleServiceResult(PrivilegeRoleResult svcResult) { + if (svcResult.isOk()) { + return Response.ok(svcResult.getRole(), MediaType.APPLICATION_JSON).build(); + } else if (svcResult.getThrowable() != null) { + Throwable t = svcResult.getThrowable(); + if (t instanceof AccessDeniedException) { + return Response.status(Status.FORBIDDEN).entity(new Result(t.getMessage())) + .type(MediaType.APPLICATION_JSON).build(); + } else if (t instanceof PrivilegeException) { + return Response.status(Status.UNAUTHORIZED).entity(new Result(t.getMessage())).build(); + } } + + return Response.status(Status.INTERNAL_SERVER_ERROR).entity(new Result(svcResult.getMessage())).build(); } } diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java index 782f17ea3..8b3aef74d 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java @@ -37,12 +37,26 @@ import javax.ws.rs.core.Response.Status; import li.strolch.agent.api.ComponentContainer; import li.strolch.rest.RestfulStrolchComponent; import li.strolch.rest.StrolchRestfulConstants; +import li.strolch.rest.StrolchSessionHandler; import li.strolch.rest.model.PasswordField; import li.strolch.rest.model.Result; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - +import li.strolch.service.api.ServiceHandler; +import li.strolch.service.api.ServiceResult; +import li.strolch.service.privilege.users.PrivilegeAddRoleToUserService; +import li.strolch.service.privilege.users.PrivilegeAddUserService; +import li.strolch.service.privilege.users.PrivilegeRemoveRoleFromUserService; +import li.strolch.service.privilege.users.PrivilegeRemoveUserService; +import li.strolch.service.privilege.users.PrivilegeRoleUserNamesArgument; +import li.strolch.service.privilege.users.PrivilegeSetUserLocaleArgument; +import li.strolch.service.privilege.users.PrivilegeSetUserLocaleService; +import li.strolch.service.privilege.users.PrivilegeSetUserPasswordArgument; +import li.strolch.service.privilege.users.PrivilegeSetUserPasswordService; +import li.strolch.service.privilege.users.PrivilegeSetUserStateArgument; +import li.strolch.service.privilege.users.PrivilegeSetUserStateService; +import li.strolch.service.privilege.users.PrivilegeUpdateUserService; +import li.strolch.service.privilege.users.PrivilegeUserArgument; +import li.strolch.service.privilege.users.PrivilegeUserNameArgument; +import li.strolch.service.privilege.users.PrivilegeUserResult; import ch.eitchnet.privilege.base.AccessDeniedException; import ch.eitchnet.privilege.base.PrivilegeException; import ch.eitchnet.privilege.handler.PrivilegeHandler; @@ -56,8 +70,6 @@ import ch.eitchnet.privilege.model.UserState; @Path("strolch/privilege/users") public class PrivilegeUsersService { - private static final Logger logger = LoggerFactory.getLogger(PrivilegeUsersService.class); - private PrivilegeHandler getPrivilegeHandler(Certificate cert) { ComponentContainer container = RestfulStrolchComponent.getInstance().getContainer(); return container.getPrivilegeHandler().getPrivilegeHandler(cert); @@ -105,21 +117,14 @@ public class PrivilegeUsersService { @Produces(MediaType.APPLICATION_JSON) public Response addUser(UserRep newUser, @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); - try { - PrivilegeHandler privilegeHandler = getPrivilegeHandler(cert); - UserRep user = privilegeHandler.addUser(cert, newUser, null); - return Response.ok(user, MediaType.APPLICATION_JSON).build(); + ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); + PrivilegeAddUserService svc = new PrivilegeAddUserService(); + PrivilegeUserArgument arg = new PrivilegeUserArgument(); + arg.user = newUser; - } catch (AccessDeniedException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.UNAUTHORIZED).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } catch (PrivilegeException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.FORBIDDEN).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } + PrivilegeUserResult svcResult = svcHandler.doService(cert, svc, arg); + return handleServiceResult(svcResult); } @DELETE @@ -128,21 +133,14 @@ public class PrivilegeUsersService { @Path("{username}") public Response removeUser(@PathParam("username") String username, @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); - try { - PrivilegeHandler privilegeHandler = getPrivilegeHandler(cert); - UserRep user = privilegeHandler.removeUser(cert, username); - return Response.ok(user, MediaType.APPLICATION_JSON).build(); + ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); + PrivilegeRemoveUserService svc = new PrivilegeRemoveUserService(); + PrivilegeUserNameArgument arg = new PrivilegeUserNameArgument(); + arg.username = username; - } catch (AccessDeniedException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.UNAUTHORIZED).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } catch (PrivilegeException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.FORBIDDEN).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } + PrivilegeUserResult svcResult = svcHandler.doService(cert, svc, arg); + return handleServiceResult(svcResult); } @PUT @@ -152,25 +150,14 @@ public class PrivilegeUsersService { public Response updateUser(@PathParam("username") String username, UserRep updatedFields, @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); - try { - if (!username.equals(updatedFields.getUsername())) - return Response.serverError().entity(new Result("Path username and data do not have same username!")) - .type(MediaType.APPLICATION_JSON).build(); + ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); + PrivilegeUpdateUserService svc = new PrivilegeUpdateUserService(); + PrivilegeUserArgument arg = new PrivilegeUserArgument(); + arg.user = updatedFields; - PrivilegeHandler privilegeHandler = getPrivilegeHandler(cert); - UserRep updatedUser = privilegeHandler.updateUser(cert, updatedFields); - return Response.ok(updatedUser, MediaType.APPLICATION_JSON).build(); - - } catch (AccessDeniedException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.UNAUTHORIZED).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } catch (PrivilegeException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.FORBIDDEN).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } + PrivilegeUserResult svcResult = svcHandler.doService(cert, svc, arg); + return handleServiceResult(svcResult); } @PUT @@ -180,21 +167,15 @@ public class PrivilegeUsersService { public Response addRoleToUser(@PathParam("username") String username, @PathParam("rolename") String rolename, @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); - try { - PrivilegeHandler privilegeHandler = getPrivilegeHandler(cert); - UserRep updatedUser = privilegeHandler.addRoleToUser(cert, username, rolename); - return Response.ok(updatedUser, MediaType.APPLICATION_JSON).build(); + ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); + PrivilegeAddRoleToUserService svc = new PrivilegeAddRoleToUserService(); + PrivilegeRoleUserNamesArgument arg = new PrivilegeRoleUserNamesArgument(); + arg.username = username; + arg.rolename = rolename; - } catch (AccessDeniedException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.UNAUTHORIZED).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } catch (PrivilegeException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.FORBIDDEN).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } + PrivilegeUserResult svcResult = svcHandler.doService(cert, svc, arg); + return handleServiceResult(svcResult); } @DELETE @@ -204,21 +185,15 @@ public class PrivilegeUsersService { public Response removeRoleFromUser(@PathParam("username") String username, @PathParam("rolename") String rolename, @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); - try { - PrivilegeHandler privilegeHandler = getPrivilegeHandler(cert); - UserRep updatedUser = privilegeHandler.removeRoleFromUser(cert, username, rolename); - return Response.ok(updatedUser, MediaType.APPLICATION_JSON).build(); + ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); + PrivilegeRemoveRoleFromUserService svc = new PrivilegeRemoveRoleFromUserService(); + PrivilegeRoleUserNamesArgument arg = new PrivilegeRoleUserNamesArgument(); + arg.username = username; + arg.rolename = rolename; - } catch (AccessDeniedException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.UNAUTHORIZED).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } catch (PrivilegeException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.FORBIDDEN).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } + PrivilegeUserResult svcResult = svcHandler.doService(cert, svc, arg); + return handleServiceResult(svcResult); } @PUT @@ -227,54 +202,39 @@ public class PrivilegeUsersService { public Response setUserState(@PathParam("username") String username, @PathParam("state") String state, @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); + + UserState userState; try { - - UserState userState; - try { - userState = UserState.valueOf(state); - } catch (Exception e) { - String msg = MessageFormat.format("UserState {0} is not valid!", state); - return Response.serverError().entity(new Result(msg)).type(MediaType.APPLICATION_JSON).build(); - } - - PrivilegeHandler privilegeHandler = getPrivilegeHandler(cert); - UserRep updatedUser = privilegeHandler.setUserState(cert, username, userState); - return Response.ok(updatedUser, MediaType.APPLICATION_JSON).build(); - - } catch (AccessDeniedException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.UNAUTHORIZED).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } catch (PrivilegeException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.FORBIDDEN).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); + userState = UserState.valueOf(state); + } catch (Exception e) { + String msg = MessageFormat.format("UserState {0} is not valid!", state); + return Response.serverError().entity(new Result(msg)).type(MediaType.APPLICATION_JSON).build(); } + + ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); + PrivilegeSetUserStateService svc = new PrivilegeSetUserStateService(); + PrivilegeSetUserStateArgument arg = new PrivilegeSetUserStateArgument(); + arg.username = username; + arg.userState = userState; + + PrivilegeUserResult svcResult = svcHandler.doService(cert, svc, arg); + return handleServiceResult(svcResult); } - @PUT - @Produces(MediaType.APPLICATION_JSON) - @Path("{username}/password") - public Response setUserPassword(@PathParam("username") String username, PasswordField passwordField, - @Context HttpServletRequest request) { - Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); - try { - - // if user changing own password, then no need for StrolchPrivilegeAdmin - PrivilegeHandler privilegeHandler = getPrivilegeHandler(cert); - - privilegeHandler.setUserPassword(cert, username, passwordField.getPassword().getBytes()); - return Response.ok(new Result(), MediaType.APPLICATION_JSON).build(); - - } catch (AccessDeniedException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.UNAUTHORIZED).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } catch (PrivilegeException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.FORBIDDEN).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); + private Response handleServiceResult(PrivilegeUserResult svcResult) { + if (svcResult.isOk()) { + return Response.ok(svcResult.getUser(), MediaType.APPLICATION_JSON).build(); + } else if (svcResult.getThrowable() != null) { + Throwable t = svcResult.getThrowable(); + if (t instanceof AccessDeniedException) { + return Response.status(Status.FORBIDDEN).entity(new Result(t.getMessage())) + .type(MediaType.APPLICATION_JSON).build(); + } else if (t instanceof PrivilegeException) { + return Response.status(Status.UNAUTHORIZED).entity(new Result(t.getMessage())).build(); + } } + + return Response.status(Status.INTERNAL_SERVER_ERROR).entity(new Result(svcResult.getMessage())).build(); } @PUT @@ -283,30 +243,60 @@ public class PrivilegeUsersService { public Response setUserLocale(@PathParam("username") String username, @PathParam("locale") String localeS, @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); - try { - Locale locale; - try { - locale = new Locale(localeS); - } catch (Exception e) { - String msg = MessageFormat.format("Locale {0} is not valid!", localeS); - return Response.serverError().entity(new Result(msg)).type(MediaType.APPLICATION_JSON).build(); + Locale locale; + try { + locale = new Locale(localeS); + } catch (Exception e) { + String msg = MessageFormat.format("Locale {0} is not valid!", localeS); + return Response.serverError().entity(new Result(msg)).type(MediaType.APPLICATION_JSON).build(); + } + + ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); + PrivilegeSetUserLocaleService svc = new PrivilegeSetUserLocaleService(); + PrivilegeSetUserLocaleArgument arg = new PrivilegeSetUserLocaleArgument(); + arg.username = username; + arg.locale = locale; + + PrivilegeUserResult svcResult = svcHandler.doService(cert, svc, arg); + return handleServiceResult(svcResult); + } + + @PUT + @Produces(MediaType.APPLICATION_JSON) + @Path("{username}/password") + public Response setUserPassword(@PathParam("username") String username, PasswordField passwordField, + @Context HttpServletRequest request) { + Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); + + ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); + PrivilegeSetUserPasswordService svc = new PrivilegeSetUserPasswordService(); + PrivilegeSetUserPasswordArgument arg = new PrivilegeSetUserPasswordArgument(); + arg.username = username; + arg.password = passwordField.getPassword().getBytes(); + + ServiceResult svcResult = svcHandler.doService(cert, svc, arg); + if (svcResult.isOk()) { + + // if user changes their own password, then invalidate the session + if (cert.getUsername().equals(username)) { + StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler(); + sessionHandler.invalidate(cert); } - // if user changing own locale, then no need for StrolchPrivilegeAdmin - PrivilegeHandler privilegeHandler = getPrivilegeHandler(cert); + // TODO invalidate any other sessions for this user - UserRep updatedUser = privilegeHandler.setUserLocale(cert, username, locale); - return Response.ok(updatedUser, MediaType.APPLICATION_JSON).build(); - - } catch (AccessDeniedException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.UNAUTHORIZED).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); - } catch (PrivilegeException e) { - logger.error(e.getMessage(), e); - return Response.status(Status.FORBIDDEN).entity(new Result(e.getMessage())) - .type(MediaType.APPLICATION_JSON).build(); + return Response.ok(new Result(), MediaType.APPLICATION_JSON).build(); + } else if (svcResult.getThrowable() != null) { + Throwable t = svcResult.getThrowable(); + if (t instanceof AccessDeniedException) { + return Response.status(Status.UNAUTHORIZED).entity(new Result(t.getMessage())) + .type(MediaType.APPLICATION_JSON).build(); + } else if (t instanceof PrivilegeException) { + return Response.status(Status.FORBIDDEN).entity(new Result(t.getMessage())).build(); + } } + + return Response.status(Status.INTERNAL_SERVER_ERROR).entity(new Result(svcResult.getMessage())).build(); } } diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/filters/AuthenicationRequestFilter.java b/li.strolch.rest/src/main/java/li/strolch/rest/filters/AuthenicationRequestFilter.java index 518cfeea9..fe9e701d9 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/filters/AuthenicationRequestFilter.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/filters/AuthenicationRequestFilter.java @@ -46,7 +46,7 @@ public class AuthenicationRequestFilter implements ContainerRequestFilter { String sessionId = requestContext.getHeaderString(HttpHeaders.AUTHORIZATION); if (StringHelper.isEmpty(sessionId)) { logger.error("No SessionID on request to URL " + requestContext.getUriInfo().getPath()); - requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED) + requestContext.abortWith(Response.status(Response.Status.FORBIDDEN) .header(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_PLAIN).entity("Missing Authorization!").build()); //$NON-NLS-1$ return; } @@ -58,7 +58,7 @@ public class AuthenicationRequestFilter implements ContainerRequestFilter { requestContext.setProperty(STROLCH_CERTIFICATE, certificate); } catch (Exception e) { logger.error(e.getMessage(), e); - requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED) + requestContext.abortWith(Response.status(Response.Status.FORBIDDEN) .header(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_PLAIN) .entity("User cannot access the resource.").build()); //$NON-NLS-1$ } diff --git a/li.strolch.rest/src/test/java/li/strolch/rest/inspector/test/AuthenticationTest.java b/li.strolch.rest/src/test/java/li/strolch/rest/inspector/test/AuthenticationTest.java index 2f93d486f..ede763357 100644 --- a/li.strolch.rest/src/test/java/li/strolch/rest/inspector/test/AuthenticationTest.java +++ b/li.strolch.rest/src/test/java/li/strolch/rest/inspector/test/AuthenticationTest.java @@ -109,7 +109,7 @@ public class AuthenticationTest extends AbstractRestfulTest { login.setPassword("blalba"); Entity loginEntity = Entity.entity(login, MediaType.APPLICATION_JSON); Response result = target().path(ROOT_PATH).request(MediaType.APPLICATION_JSON).post(loginEntity); - assertEquals(Status.UNAUTHORIZED.getStatusCode(), result.getStatus()); + assertEquals(Status.FORBIDDEN.getStatusCode(), result.getStatus()); LogoutResult logoutResult = result.readEntity(LogoutResult.class); assertNotNull(logoutResult); assertEquals("Could not log in due to: Authentication credentials are invalid", logoutResult.getMsg()); @@ -133,7 +133,7 @@ public class AuthenticationTest extends AbstractRestfulTest { // logout result = target().path(ROOT_PATH + "/blabla").request(MediaType.APPLICATION_JSON).delete(); - assertEquals(Status.UNAUTHORIZED.getStatusCode(), result.getStatus()); + assertEquals(Status.FORBIDDEN.getStatusCode(), result.getStatus()); LogoutResult logoutResult = result.readEntity(LogoutResult.class); assertNotNull(logoutResult); assertThat(logoutResult.getMsg(), containsString("No certificate exists for sessionId blabla")); diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddOrReplacePrivilegeOnRoleArgument.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddOrReplacePrivilegeOnRoleArgument.java new file mode 100644 index 000000000..5f4858c11 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddOrReplacePrivilegeOnRoleArgument.java @@ -0,0 +1,10 @@ +package li.strolch.service.privilege.roles; + +import ch.eitchnet.privilege.model.PrivilegeRep; +import li.strolch.service.api.ServiceArgument; + +public class PrivilegeAddOrReplacePrivilegeOnRoleArgument extends ServiceArgument { + private static final long serialVersionUID = 1L; + public String roleName; + public PrivilegeRep privilegeRep; +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddOrReplacePrivilegeOnRoleService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddOrReplacePrivilegeOnRoleService.java new file mode 100644 index 000000000..07f2fb680 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddOrReplacePrivilegeOnRoleService.java @@ -0,0 +1,66 @@ +/* + * Copyright 2013 Robert von Burg + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package li.strolch.service.privilege.roles; + +import li.strolch.model.audit.AccessType; +import li.strolch.model.audit.Audit; +import li.strolch.persistence.api.StrolchTransaction; +import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants; +import li.strolch.service.api.AbstractService; +import ch.eitchnet.privilege.handler.PrivilegeHandler; +import ch.eitchnet.privilege.model.RoleRep; + +/** + * @author Robert von Burg + */ +public class PrivilegeAddOrReplacePrivilegeOnRoleService extends + AbstractService { + + private static final long serialVersionUID = 1L; + + @Override + protected PrivilegeRoleResult getResultInstance() { + return new PrivilegeRoleResult(); + } + + @Override + protected PrivilegeRoleResult internalDoService(PrivilegeAddOrReplacePrivilegeOnRoleArgument arg) throws Exception { + + li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler(); + PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler(getCertificate()); + + RoleRep role = privilegeHandler.addOrReplacePrivilegeOnRole(getCertificate(), arg.roleName, arg.privilegeRep); + + try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_MODIFY_ROLE)) { + tx.setSuppressAudits(true); + Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, + StrolchPrivilegeConstants.ROLE, role.getName()); + tx.getAuditTrail().add(tx, audit); + } + + return new PrivilegeRoleResult(role); + } + + @Override + public String getPrivilegeName() { + return StrolchPrivilegeConstants.PRIVILEGE_MODIFY_ROLE; + } + + @Override + public Object getPrivilegeValue() { + return null; + } +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddRoleService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddRoleService.java new file mode 100644 index 000000000..4bf0ba0f0 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddRoleService.java @@ -0,0 +1,65 @@ +/* + * Copyright 2013 Robert von Burg + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package li.strolch.service.privilege.roles; + +import li.strolch.model.audit.AccessType; +import li.strolch.model.audit.Audit; +import li.strolch.persistence.api.StrolchTransaction; +import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants; +import li.strolch.service.api.AbstractService; +import ch.eitchnet.privilege.handler.PrivilegeHandler; +import ch.eitchnet.privilege.model.RoleRep; + +/** + * @author Robert von Burg + */ +public class PrivilegeAddRoleService extends AbstractService { + + private static final long serialVersionUID = 1L; + + @Override + protected PrivilegeRoleResult getResultInstance() { + return new PrivilegeRoleResult(); + } + + @Override + protected PrivilegeRoleResult internalDoService(PrivilegeRoleArgument arg) throws Exception { + + li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler(); + PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler(getCertificate()); + + RoleRep role = privilegeHandler.addRole(getCertificate(), arg.role); + + try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_ADD_ROLE)) { + tx.setSuppressAudits(true); + Audit audit = tx.auditFrom(AccessType.CREATE, StrolchPrivilegeConstants.PRIVILEGE, + StrolchPrivilegeConstants.ROLE, role.getName()); + tx.getAuditTrail().add(tx, audit); + } + + return new PrivilegeRoleResult(role); + } + + @Override + public String getPrivilegeName() { + return StrolchPrivilegeConstants.PRIVILEGE_ADD_ROLE; + } + + @Override + public Object getPrivilegeValue() { + return null; + } +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemovePrivilegeFromRoleArgument.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemovePrivilegeFromRoleArgument.java new file mode 100644 index 000000000..a134d7812 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemovePrivilegeFromRoleArgument.java @@ -0,0 +1,9 @@ +package li.strolch.service.privilege.roles; + +import li.strolch.service.api.ServiceArgument; + +public class PrivilegeRemovePrivilegeFromRoleArgument extends ServiceArgument { + private static final long serialVersionUID = 1L; + public String roleName; + public String privilegeName; +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemovePrivilegeFromRoleService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemovePrivilegeFromRoleService.java new file mode 100644 index 000000000..9ca2961f9 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemovePrivilegeFromRoleService.java @@ -0,0 +1,66 @@ +/* + * Copyright 2013 Robert von Burg + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package li.strolch.service.privilege.roles; + +import li.strolch.model.audit.AccessType; +import li.strolch.model.audit.Audit; +import li.strolch.persistence.api.StrolchTransaction; +import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants; +import li.strolch.service.api.AbstractService; +import ch.eitchnet.privilege.handler.PrivilegeHandler; +import ch.eitchnet.privilege.model.RoleRep; + +/** + * @author Robert von Burg + */ +public class PrivilegeRemovePrivilegeFromRoleService extends + AbstractService { + + private static final long serialVersionUID = 1L; + + @Override + protected PrivilegeRoleResult getResultInstance() { + return new PrivilegeRoleResult(); + } + + @Override + protected PrivilegeRoleResult internalDoService(PrivilegeRemovePrivilegeFromRoleArgument arg) throws Exception { + + li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler(); + PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler(getCertificate()); + + RoleRep role = privilegeHandler.removePrivilegeFromRole(getCertificate(), arg.roleName, arg.privilegeName); + + try (StrolchTransaction tx = openUserTx(StrolchPrivilegeConstants.PRIVILEGE_MODIFY_ROLE)) { + tx.setSuppressAudits(true); + Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, + StrolchPrivilegeConstants.ROLE, role.getName()); + tx.getAuditTrail().add(tx, audit); + } + + return new PrivilegeRoleResult(role); + } + + @Override + public String getPrivilegeName() { + return StrolchPrivilegeConstants.PRIVILEGE_MODIFY_ROLE; + } + + @Override + public Object getPrivilegeValue() { + return null; + } +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemoveRoleService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemoveRoleService.java new file mode 100644 index 000000000..572c03288 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemoveRoleService.java @@ -0,0 +1,65 @@ +/* + * Copyright 2013 Robert von Burg + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package li.strolch.service.privilege.roles; + +import li.strolch.model.audit.AccessType; +import li.strolch.model.audit.Audit; +import li.strolch.persistence.api.StrolchTransaction; +import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants; +import li.strolch.service.api.AbstractService; +import ch.eitchnet.privilege.handler.PrivilegeHandler; +import ch.eitchnet.privilege.model.RoleRep; + +/** + * @author Robert von Burg + */ +public class PrivilegeRemoveRoleService extends AbstractService { + + private static final long serialVersionUID = 1L; + + @Override + protected PrivilegeRoleResult getResultInstance() { + return new PrivilegeRoleResult(); + } + + @Override + protected PrivilegeRoleResult internalDoService(PrivilegeRoleNameArgument arg) throws Exception { + + li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler(); + PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler(getCertificate()); + + RoleRep role = privilegeHandler.removeRole(getCertificate(), arg.roleName); + + try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_REMOVE_ROLE)) { + tx.setSuppressAudits(true); + Audit audit = tx.auditFrom(AccessType.DELETE, StrolchPrivilegeConstants.PRIVILEGE, + StrolchPrivilegeConstants.ROLE, role.getName()); + tx.getAuditTrail().add(tx, audit); + } + + return new PrivilegeRoleResult(role); + } + + @Override + public String getPrivilegeName() { + return StrolchPrivilegeConstants.PRIVILEGE_REMOVE_ROLE; + } + + @Override + public Object getPrivilegeValue() { + return null; + } +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRoleArgument.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRoleArgument.java new file mode 100644 index 000000000..e9e114c69 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRoleArgument.java @@ -0,0 +1,9 @@ +package li.strolch.service.privilege.roles; + +import li.strolch.service.api.ServiceArgument; +import ch.eitchnet.privilege.model.RoleRep; + +public class PrivilegeRoleArgument extends ServiceArgument { + private static final long serialVersionUID = 1L; + public RoleRep role; +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRoleNameArgument.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRoleNameArgument.java new file mode 100644 index 000000000..4ac65838b --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRoleNameArgument.java @@ -0,0 +1,8 @@ +package li.strolch.service.privilege.roles; + +import li.strolch.service.api.ServiceArgument; + +public class PrivilegeRoleNameArgument extends ServiceArgument { + private static final long serialVersionUID = 1L; + public String roleName; +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRoleResult.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRoleResult.java new file mode 100644 index 000000000..affba4bd8 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRoleResult.java @@ -0,0 +1,32 @@ +package li.strolch.service.privilege.roles; + +import li.strolch.service.api.ServiceResult; +import li.strolch.service.api.ServiceResultState; +import ch.eitchnet.privilege.model.RoleRep; + +public class PrivilegeRoleResult extends ServiceResult { + private static final long serialVersionUID = 1L; + + private RoleRep role; + + public PrivilegeRoleResult() { + super(); + } + + public PrivilegeRoleResult(ServiceResultState state, String message) { + super(state, message); + } + + public PrivilegeRoleResult(ServiceResultState state) { + super(state); + } + + public PrivilegeRoleResult(RoleRep role) { + setState(ServiceResultState.SUCCESS); + this.role = role; + } + + public RoleRep getRole() { + return role; + } +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeUpdateRoleService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeUpdateRoleService.java new file mode 100644 index 000000000..69c757a77 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeUpdateRoleService.java @@ -0,0 +1,65 @@ +/* + * Copyright 2013 Robert von Burg + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package li.strolch.service.privilege.roles; + +import li.strolch.model.audit.AccessType; +import li.strolch.model.audit.Audit; +import li.strolch.persistence.api.StrolchTransaction; +import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants; +import li.strolch.service.api.AbstractService; +import ch.eitchnet.privilege.handler.PrivilegeHandler; +import ch.eitchnet.privilege.model.RoleRep; + +/** + * @author Robert von Burg + */ +public class PrivilegeUpdateRoleService extends AbstractService { + + private static final long serialVersionUID = 1L; + + @Override + protected PrivilegeRoleResult getResultInstance() { + return new PrivilegeRoleResult(); + } + + @Override + protected PrivilegeRoleResult internalDoService(PrivilegeRoleArgument arg) throws Exception { + + li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler(); + PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler(getCertificate()); + + RoleRep role = privilegeHandler.replaceRole(getCertificate(), arg.role); + + try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_MODIFY_ROLE)) { + tx.setSuppressAudits(true); + Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, + StrolchPrivilegeConstants.ROLE, role.getName()); + tx.getAuditTrail().add(tx, audit); + } + + return new PrivilegeRoleResult(role); + } + + @Override + public String getPrivilegeName() { + return StrolchPrivilegeConstants.PRIVILEGE_MODIFY_ROLE; + } + + @Override + public Object getPrivilegeValue() { + return null; + } +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddRoleToUserService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddRoleToUserService.java new file mode 100644 index 000000000..56a641bcd --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddRoleToUserService.java @@ -0,0 +1,65 @@ +/* + * Copyright 2013 Robert von Burg + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package li.strolch.service.privilege.users; + +import li.strolch.model.audit.AccessType; +import li.strolch.model.audit.Audit; +import li.strolch.persistence.api.StrolchTransaction; +import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants; +import li.strolch.service.api.AbstractService; +import ch.eitchnet.privilege.handler.PrivilegeHandler; +import ch.eitchnet.privilege.model.UserRep; + +/** + * @author Robert von Burg + */ +public class PrivilegeAddRoleToUserService extends AbstractService { + + private static final long serialVersionUID = 1L; + + @Override + protected PrivilegeUserResult getResultInstance() { + return new PrivilegeUserResult(); + } + + @Override + protected PrivilegeUserResult internalDoService(PrivilegeRoleUserNamesArgument arg) throws Exception { + + li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler(); + PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler(getCertificate()); + + UserRep user = privilegeHandler.addRoleToUser(getCertificate(), arg.username, arg.rolename); + + try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_ADD_ROLE_TO_USER)) { + tx.setSuppressAudits(true); + Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, + StrolchPrivilegeConstants.USER, user.getUsername()); + tx.getAuditTrail().add(tx, audit); + } + + return new PrivilegeUserResult(user); + } + + @Override + public String getPrivilegeName() { + return StrolchPrivilegeConstants.PRIVILEGE_ADD_ROLE_TO_USER; + } + + @Override + public Object getPrivilegeValue() { + return null; + } +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddUserService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddUserService.java new file mode 100644 index 000000000..4db95c49a --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddUserService.java @@ -0,0 +1,65 @@ +/* + * Copyright 2013 Robert von Burg + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package li.strolch.service.privilege.users; + +import li.strolch.model.audit.AccessType; +import li.strolch.model.audit.Audit; +import li.strolch.persistence.api.StrolchTransaction; +import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants; +import li.strolch.service.api.AbstractService; +import ch.eitchnet.privilege.handler.PrivilegeHandler; +import ch.eitchnet.privilege.model.UserRep; + +/** + * @author Robert von Burg + */ +public class PrivilegeAddUserService extends AbstractService { + + private static final long serialVersionUID = 1L; + + @Override + protected PrivilegeUserResult getResultInstance() { + return new PrivilegeUserResult(); + } + + @Override + protected PrivilegeUserResult internalDoService(PrivilegeUserArgument arg) throws Exception { + + li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler(); + PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler(getCertificate()); + + UserRep user = privilegeHandler.addUser(getCertificate(), arg.user, null); + + try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_ADD_USER)) { + tx.setSuppressAudits(true); + Audit audit = tx.auditFrom(AccessType.CREATE, StrolchPrivilegeConstants.PRIVILEGE, + StrolchPrivilegeConstants.USER, user.getUsername()); + tx.getAuditTrail().add(tx, audit); + } + + return new PrivilegeUserResult(user); + } + + @Override + public String getPrivilegeName() { + return StrolchPrivilegeConstants.PRIVILEGE_ADD_USER; + } + + @Override + public Object getPrivilegeValue() { + return null; + } +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveRoleFromUserService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveRoleFromUserService.java new file mode 100644 index 000000000..c254f3668 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveRoleFromUserService.java @@ -0,0 +1,66 @@ +/* + * Copyright 2013 Robert von Burg + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package li.strolch.service.privilege.users; + +import li.strolch.model.audit.AccessType; +import li.strolch.model.audit.Audit; +import li.strolch.persistence.api.StrolchTransaction; +import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants; +import li.strolch.service.api.AbstractService; +import ch.eitchnet.privilege.handler.PrivilegeHandler; +import ch.eitchnet.privilege.model.UserRep; + +/** + * @author Robert von Burg + */ +public class PrivilegeRemoveRoleFromUserService extends + AbstractService { + + private static final long serialVersionUID = 1L; + + @Override + protected PrivilegeUserResult getResultInstance() { + return new PrivilegeUserResult(); + } + + @Override + protected PrivilegeUserResult internalDoService(PrivilegeRoleUserNamesArgument arg) throws Exception { + + li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler(); + PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler(getCertificate()); + + UserRep user = privilegeHandler.removeRoleFromUser(getCertificate(), arg.username, arg.rolename); + + try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_REMOVE_ROLE_FROM_USER)) { + tx.setSuppressAudits(true); + Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, + StrolchPrivilegeConstants.USER, user.getUsername()); + tx.getAuditTrail().add(tx, audit); + } + + return new PrivilegeUserResult(user); + } + + @Override + public String getPrivilegeName() { + return StrolchPrivilegeConstants.PRIVILEGE_REMOVE_ROLE_FROM_USER; + } + + @Override + public Object getPrivilegeValue() { + return null; + } +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveUserService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveUserService.java new file mode 100644 index 000000000..7c101a6f7 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveUserService.java @@ -0,0 +1,65 @@ +/* + * Copyright 2013 Robert von Burg + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package li.strolch.service.privilege.users; + +import li.strolch.model.audit.AccessType; +import li.strolch.model.audit.Audit; +import li.strolch.persistence.api.StrolchTransaction; +import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants; +import li.strolch.service.api.AbstractService; +import ch.eitchnet.privilege.handler.PrivilegeHandler; +import ch.eitchnet.privilege.model.UserRep; + +/** + * @author Robert von Burg + */ +public class PrivilegeRemoveUserService extends AbstractService { + + private static final long serialVersionUID = 1L; + + @Override + protected PrivilegeUserResult getResultInstance() { + return new PrivilegeUserResult(); + } + + @Override + protected PrivilegeUserResult internalDoService(PrivilegeUserNameArgument arg) throws Exception { + + li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler(); + PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler(getCertificate()); + + UserRep user = privilegeHandler.removeUser(getCertificate(), arg.username); + + try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_REMOVE_USER)) { + tx.setSuppressAudits(true); + Audit audit = tx.auditFrom(AccessType.DELETE, StrolchPrivilegeConstants.PRIVILEGE, + StrolchPrivilegeConstants.USER, user.getUsername()); + tx.getAuditTrail().add(tx, audit); + } + + return new PrivilegeUserResult(user); + } + + @Override + public String getPrivilegeName() { + return StrolchPrivilegeConstants.PRIVILEGE_REMOVE_USER; + } + + @Override + public Object getPrivilegeValue() { + return null; + } +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRoleUserNamesArgument.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRoleUserNamesArgument.java new file mode 100644 index 000000000..245c1ac17 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRoleUserNamesArgument.java @@ -0,0 +1,9 @@ +package li.strolch.service.privilege.users; + +import li.strolch.service.api.ServiceArgument; + +public class PrivilegeRoleUserNamesArgument extends ServiceArgument { + private static final long serialVersionUID = 1L; + public String username; + public String rolename; +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserLocaleArgument.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserLocaleArgument.java new file mode 100644 index 000000000..45cef2830 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserLocaleArgument.java @@ -0,0 +1,11 @@ +package li.strolch.service.privilege.users; + +import java.util.Locale; + +import li.strolch.service.api.ServiceArgument; + +public class PrivilegeSetUserLocaleArgument extends ServiceArgument { + private static final long serialVersionUID = 1L; + public String username; + public Locale locale; +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserLocaleService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserLocaleService.java new file mode 100644 index 000000000..e67b6c0c8 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserLocaleService.java @@ -0,0 +1,65 @@ +/* + * Copyright 2013 Robert von Burg + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package li.strolch.service.privilege.users; + +import li.strolch.model.audit.AccessType; +import li.strolch.model.audit.Audit; +import li.strolch.persistence.api.StrolchTransaction; +import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants; +import li.strolch.service.api.AbstractService; +import ch.eitchnet.privilege.handler.PrivilegeHandler; +import ch.eitchnet.privilege.model.UserRep; + +/** + * @author Robert von Burg + */ +public class PrivilegeSetUserLocaleService extends AbstractService { + + private static final long serialVersionUID = 1L; + + @Override + protected PrivilegeUserResult getResultInstance() { + return new PrivilegeUserResult(); + } + + @Override + protected PrivilegeUserResult internalDoService(PrivilegeSetUserLocaleArgument arg) throws Exception { + + li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler(); + PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler(getCertificate()); + + UserRep user = privilegeHandler.setUserLocale(getCertificate(), arg.username, arg.locale); + + try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_MODIFY_USER)) { + tx.setSuppressAudits(true); + Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, + StrolchPrivilegeConstants.USER, user.getUsername()); + tx.getAuditTrail().add(tx, audit); + } + + return new PrivilegeUserResult(user); + } + + @Override + public String getPrivilegeName() { + return StrolchPrivilegeConstants.PRIVILEGE_MODIFY_USER; + } + + @Override + public Object getPrivilegeValue() { + return null; + } +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordArgument.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordArgument.java new file mode 100644 index 000000000..02ab6bea9 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordArgument.java @@ -0,0 +1,9 @@ +package li.strolch.service.privilege.users; + +import li.strolch.service.api.ServiceArgument; + +public class PrivilegeSetUserPasswordArgument extends ServiceArgument { + private static final long serialVersionUID = 1L; + public String username; + public byte[] password; +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordService.java new file mode 100644 index 000000000..f6857e45a --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordService.java @@ -0,0 +1,65 @@ +/* + * Copyright 2013 Robert von Burg + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package li.strolch.service.privilege.users; + +import li.strolch.model.audit.AccessType; +import li.strolch.model.audit.Audit; +import li.strolch.persistence.api.StrolchTransaction; +import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants; +import li.strolch.service.api.AbstractService; +import li.strolch.service.api.ServiceResult; +import ch.eitchnet.privilege.handler.PrivilegeHandler; + +/** + * @author Robert von Burg + */ +public class PrivilegeSetUserPasswordService extends AbstractService { + + private static final long serialVersionUID = 1L; + + @Override + protected ServiceResult getResultInstance() { + return new ServiceResult(); + } + + @Override + protected ServiceResult internalDoService(PrivilegeSetUserPasswordArgument arg) throws Exception { + + li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler(); + PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler(getCertificate()); + + privilegeHandler.setUserPassword(getCertificate(), arg.username, arg.password); + + try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_MODIFY_USER)) { + tx.setSuppressAudits(true); + Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, + StrolchPrivilegeConstants.USER, arg.username); + tx.getAuditTrail().add(tx, audit); + } + + return ServiceResult.success(); + } + + @Override + public String getPrivilegeName() { + return StrolchPrivilegeConstants.PRIVILEGE_MODIFY_USER; + } + + @Override + public Object getPrivilegeValue() { + return null; + } +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserStateArgument.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserStateArgument.java new file mode 100644 index 000000000..838600b5b --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserStateArgument.java @@ -0,0 +1,10 @@ +package li.strolch.service.privilege.users; + +import li.strolch.service.api.ServiceArgument; +import ch.eitchnet.privilege.model.UserState; + +public class PrivilegeSetUserStateArgument extends ServiceArgument { + private static final long serialVersionUID = 1L; + public String username; + public UserState userState; +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserStateService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserStateService.java new file mode 100644 index 000000000..460705f42 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserStateService.java @@ -0,0 +1,65 @@ +/* + * Copyright 2013 Robert von Burg + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package li.strolch.service.privilege.users; + +import li.strolch.model.audit.AccessType; +import li.strolch.model.audit.Audit; +import li.strolch.persistence.api.StrolchTransaction; +import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants; +import li.strolch.service.api.AbstractService; +import ch.eitchnet.privilege.handler.PrivilegeHandler; +import ch.eitchnet.privilege.model.UserRep; + +/** + * @author Robert von Burg + */ +public class PrivilegeSetUserStateService extends AbstractService { + + private static final long serialVersionUID = 1L; + + @Override + protected PrivilegeUserResult getResultInstance() { + return new PrivilegeUserResult(); + } + + @Override + protected PrivilegeUserResult internalDoService(PrivilegeSetUserStateArgument arg) throws Exception { + + li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler(); + PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler(getCertificate()); + + UserRep user = privilegeHandler.setUserState(getCertificate(), arg.username, arg.userState); + + try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_MODIFY_USER)) { + tx.setSuppressAudits(true); + Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, + StrolchPrivilegeConstants.USER, user.getUsername()); + tx.getAuditTrail().add(tx, audit); + } + + return new PrivilegeUserResult(user); + } + + @Override + public String getPrivilegeName() { + return StrolchPrivilegeConstants.PRIVILEGE_MODIFY_USER; + } + + @Override + public Object getPrivilegeValue() { + return null; + } +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUpdateUserService.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUpdateUserService.java new file mode 100644 index 000000000..bfe2e9c5d --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUpdateUserService.java @@ -0,0 +1,65 @@ +/* + * Copyright 2013 Robert von Burg + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package li.strolch.service.privilege.users; + +import li.strolch.model.audit.AccessType; +import li.strolch.model.audit.Audit; +import li.strolch.persistence.api.StrolchTransaction; +import li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants; +import li.strolch.service.api.AbstractService; +import ch.eitchnet.privilege.handler.PrivilegeHandler; +import ch.eitchnet.privilege.model.UserRep; + +/** + * @author Robert von Burg + */ +public class PrivilegeUpdateUserService extends AbstractService { + + private static final long serialVersionUID = 1L; + + @Override + protected PrivilegeUserResult getResultInstance() { + return new PrivilegeUserResult(); + } + + @Override + protected PrivilegeUserResult internalDoService(PrivilegeUserArgument arg) throws Exception { + + li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler(); + PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler(getCertificate()); + + UserRep user = privilegeHandler.updateUser(getCertificate(), arg.user); + + try (StrolchTransaction tx = openUserTx(PrivilegeHandler.PRIVILEGE_MODIFY_USER)) { + tx.setSuppressAudits(true); + Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, + StrolchPrivilegeConstants.USER, user.getUsername()); + tx.getAuditTrail().add(tx, audit); + } + + return new PrivilegeUserResult(user); + } + + @Override + public String getPrivilegeName() { + return StrolchPrivilegeConstants.PRIVILEGE_MODIFY_USER; + } + + @Override + public Object getPrivilegeValue() { + return null; + } +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUserArgument.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUserArgument.java new file mode 100644 index 000000000..e37481a40 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUserArgument.java @@ -0,0 +1,9 @@ +package li.strolch.service.privilege.users; + +import li.strolch.service.api.ServiceArgument; +import ch.eitchnet.privilege.model.UserRep; + +public class PrivilegeUserArgument extends ServiceArgument { + private static final long serialVersionUID = 1L; + public UserRep user; +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUserNameArgument.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUserNameArgument.java new file mode 100644 index 000000000..6e2ffa0af --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUserNameArgument.java @@ -0,0 +1,8 @@ +package li.strolch.service.privilege.users; + +import li.strolch.service.api.ServiceArgument; + +public class PrivilegeUserNameArgument extends ServiceArgument { + private static final long serialVersionUID = 1L; + public String username; +} diff --git a/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUserResult.java b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUserResult.java new file mode 100644 index 000000000..0662f07d7 --- /dev/null +++ b/li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUserResult.java @@ -0,0 +1,32 @@ +package li.strolch.service.privilege.users; + +import li.strolch.service.api.ServiceResult; +import li.strolch.service.api.ServiceResultState; +import ch.eitchnet.privilege.model.UserRep; + +public class PrivilegeUserResult extends ServiceResult { + private static final long serialVersionUID = 1L; + + private UserRep user; + + public PrivilegeUserResult() { + super(); + } + + public PrivilegeUserResult(ServiceResultState state, String message) { + super(state, message); + } + + public PrivilegeUserResult(ServiceResultState state) { + super(state); + } + + public PrivilegeUserResult(UserRep user) { + setState(ServiceResultState.SUCCESS); + this.user = user; + } + + public UserRep getUser() { + return user; + } +}