import org.springframework.beans.factory.annotation.Autowired;\r
import org.springframework.dao.DataAccessException;\r
import org.springframework.dao.IncorrectResultSizeDataAccessException;\r
-import org.springframework.security.AccessDeniedException;\r
-import org.springframework.security.Authentication;\r
-import org.springframework.security.AuthenticationManager;\r
-import org.springframework.security.GrantedAuthority;\r
-import org.springframework.security.context.SecurityContextHolder;\r
-import org.springframework.security.providers.UsernamePasswordAuthenticationToken;\r
-import org.springframework.security.providers.dao.SaltSource;\r
-import org.springframework.security.providers.dao.UserCache;\r
-import org.springframework.security.providers.dao.cache.NullUserCache;\r
-import org.springframework.security.providers.dao.salt.ReflectionSaltSource;\r
-import org.springframework.security.providers.encoding.Md5PasswordEncoder;\r
-import org.springframework.security.providers.encoding.PasswordEncoder;\r
-import org.springframework.security.userdetails.GroupManager;\r
-import org.springframework.security.userdetails.UserDetails;\r
-import org.springframework.security.userdetails.UserDetailsManager;\r
-import org.springframework.security.userdetails.UsernameNotFoundException;\r
+\r
+import org.springframework.security.access.AccessDeniedException;\r
+import org.springframework.security.authentication.AuthenticationManager;\r
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;\r
+import org.springframework.security.authentication.dao.ReflectionSaltSource;\r
+import org.springframework.security.authentication.dao.SaltSource;\r
+import org.springframework.security.authentication.encoding.Md5PasswordEncoder;\r
+import org.springframework.security.authentication.encoding.PasswordEncoder;\r
+import org.springframework.security.core.Authentication;\r
+import org.springframework.security.core.GrantedAuthority;\r
+import org.springframework.security.core.context.SecurityContextHolder;\r
+import org.springframework.security.core.userdetails.UserCache;\r
+import org.springframework.security.core.userdetails.UserDetails;\r
+import org.springframework.security.core.userdetails.UsernameNotFoundException;\r
+import org.springframework.security.core.userdetails.cache.NullUserCache;\r
import org.springframework.stereotype.Service;\r
+import org.springframework.transaction.annotation.Propagation;\r
import org.springframework.transaction.annotation.Transactional;\r
import org.springframework.util.Assert;\r
\r
-import eu.etaxonomy.cdm.api.service.pager.Pager;\r
-import eu.etaxonomy.cdm.api.service.pager.impl.DefaultPagerImpl;\r
-import eu.etaxonomy.cdm.model.common.Group;\r
import eu.etaxonomy.cdm.model.common.GrantedAuthorityImpl;\r
+import eu.etaxonomy.cdm.model.common.Group;\r
import eu.etaxonomy.cdm.model.common.User;\r
-import eu.etaxonomy.cdm.model.taxon.TaxonBase;\r
-import eu.etaxonomy.cdm.persistence.dao.common.IGroupDao;\r
import eu.etaxonomy.cdm.persistence.dao.common.IGrantedAuthorityDao;\r
+import eu.etaxonomy.cdm.persistence.dao.common.IGroupDao;\r
import eu.etaxonomy.cdm.persistence.dao.common.IUserDao;\r
-import eu.etaxonomy.cdm.persistence.query.OrderHint;\r
\r
@Service\r
-@Transactional(readOnly=true)\r
+@Transactional(propagation = Propagation.SUPPORTS, readOnly = true)\r
public class UserService extends ServiceBase<User,IUserDao> implements IUserService {\r
\r
protected IGroupDao groupDao;\r
this.saltSource = saltSource;\r
}\r
\r
- @Autowired\r
+ @Autowired(required= false)\r
public void setAuthenticationManager(AuthenticationManager authenticationManager) {\r
this.authenticationManager = authenticationManager;\r
}\r
throw new AccessDeniedException("Can't change password as no Authentication object found in context for current user.");\r
} \r
}\r
+ \r
+ @Transactional(readOnly=false)\r
+ public void changePasswordForUser(String username, String newPassword) {\r
+ Assert.hasText(username);\r
+ Assert.hasText(newPassword);\r
+ \r
+ try {\r
+ User user = dao.findUserByUsername(username);\r
+ if(user == null) {\r
+ throw new UsernameNotFoundException(username);\r
+ }\r
+ \r
+ Object salt = this.saltSource.getSalt(user);\r
+ \r
+ String password = passwordEncoder.encodePassword(newPassword, salt);\r
+ ((User)user).setPassword(password);\r
+ \r
+ dao.update((User)user);\r
+ userCache.removeUserFromCache(user.getUsername());\r
+ } catch(NonUniqueResultException nure) {\r
+ throw new IncorrectResultSizeDataAccessException("More than one user found with name '" + username + "'", 1);\r
+ }\r
+ }\r
\r
@Transactional(readOnly=false)\r
public void createUser(UserDetails user) {\r
return user != null;\r
}\r
\r
+ /**\r
+ * DO NOT CALL THIS METHOD IN LONG RUNNING SESSIONS OR CONVERSATIONS\r
+ * A THROWN UsernameNotFoundException WILL RENDER THE CONVERSATION UNUSABLE\r
+ */\r
public UserDetails loadUserByUsername(String username)\r
throws UsernameNotFoundException, DataAccessException {\r
Assert.hasText(username);\r
}\r
\r
@Transactional(readOnly=false)\r
- public void createGroup(String groupName, GrantedAuthority[] authorities) {\r
+ public void createGroup(String groupName, List<GrantedAuthority> authorities) {\r
Assert.hasText(groupName);\r
Assert.notNull(authorities);\r
\r
groupDao.delete(group);\r
}\r
\r
- public String[] findAllGroups() {\r
- List<String> names = groupDao.listNames(null,null);\r
- return names.toArray(new String[names.size()]);\r
+ public List<String> findAllGroups() {\r
+ return groupDao.listNames(null,null);\r
}\r
\r
- public GrantedAuthority[] findGroupAuthorities(String groupName) {\r
+ public List<GrantedAuthority> findGroupAuthorities(String groupName) {\r
Assert.hasText(groupName);\r
Group group = groupDao.findGroupByName(groupName);\r
\r
- return group.getGrantedAuthorities().toArray(new GrantedAuthority[group.getGrantedAuthorities().size()]);\r
+ return new ArrayList<GrantedAuthority>(group.getGrantedAuthorities());\r
}\r
\r
- public String[] findUsersInGroup(String groupName) {\r
+ public List<String> findUsersInGroup(String groupName) {\r
Assert.hasText(groupName);\r
Group group = groupDao.findGroupByName(groupName);\r
\r
List<String> users = groupDao.listMembers(group, null, null);\r
\r
- return users.toArray(new String[users.size()]);\r
+ return users;\r
}\r
\r
@Transactional(readOnly=false)\r
\r
@Transactional(readOnly=false)\r
public UUID save(User user) {\r
- return dao.save(user);\r
+ if(user.getId() == 0 || dao.load(user.getUuid()) == null){\r
+ createUser(user);\r
+ }else{\r
+ updateUser(user);\r
+ }\r
+ return user.getUuid(); \r
+ }\r
+\r
+ @Override\r
+ public UUID update(User user) {\r
+ updateUser(user);\r
+ return user.getUuid(); \r
}\r
\r
@Transactional(readOnly=false)\r
public UUID saveGroup(Group group) {\r
return groupDao.save(group);\r
}\r
-\r
- public <TYPE extends User> Pager<TYPE> list(Class<TYPE> type, Integer pageSize, Integer pageNumber, List<OrderHint> orderHints, List<String> propertyPaths) {\r
- return null;\r
- }\r
} \r