-// $Id$\r
/**\r
* Copyright (C) 2007 EDIT\r
* European Distributed Institute of Taxonomy\r
import org.hibernate.NonUniqueResultException;\r
import org.hibernate.criterion.Criterion;\r
import org.springframework.beans.factory.annotation.Autowired;\r
+import org.springframework.context.annotation.Lazy;\r
import org.springframework.dao.DataAccessException;\r
import org.springframework.dao.IncorrectResultSizeDataAccessException;\r
import org.springframework.security.access.AccessDeniedException;\r
import org.springframework.transaction.annotation.Transactional;\r
import org.springframework.util.Assert;\r
\r
-import eu.etaxonomy.cdm.model.common.GrantedAuthorityImpl;\r
-import eu.etaxonomy.cdm.model.common.Group;\r
-import eu.etaxonomy.cdm.model.common.User;\r
-import eu.etaxonomy.cdm.persistence.dao.common.IGrantedAuthorityDao;\r
-import eu.etaxonomy.cdm.persistence.dao.common.IGroupDao;\r
-import eu.etaxonomy.cdm.persistence.dao.common.IUserDao;\r
+import eu.etaxonomy.cdm.model.permission.GrantedAuthorityImpl;\r
+import eu.etaxonomy.cdm.model.permission.User;\r
+import eu.etaxonomy.cdm.persistence.dao.permission.IGrantedAuthorityDao;\r
+import eu.etaxonomy.cdm.persistence.dao.permission.IGroupDao;\r
+import eu.etaxonomy.cdm.persistence.dao.permission.IUserDao;\r
import eu.etaxonomy.cdm.persistence.query.MatchMode;\r
import eu.etaxonomy.cdm.persistence.query.OrderHint;\r
\r
/**\r
- * Note: All group related functionality has been refactored into a GroupService. The will be removed in a future version.\r
+ * Note: All group related functionality has been refactored into a GroupService.\r
+ * The will be removed in a future version.\r
*/\r
@Service\r
@Transactional(readOnly = true)\r
}\r
\r
@Autowired(required= false)\r
+ @Lazy // avoid dependency cycle coming from OAuth2ServerConfiguration.AuthorizationServerConfiguration.authenticationManager\r
public void setAuthenticationManager(AuthenticationManager authenticationManager) {\r
this.authenticationManager = authenticationManager;\r
}\r
\r
// check if old password is valid\r
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(user.getUsername(), oldPassword));\r
-\r
- // make new password and set it\r
- Object salt = this.saltSource.getSalt(user);\r
- String password = passwordEncoder.encodePassword(newPassword, salt);\r
- user.setPassword(password);\r
+ encodeUserPassword(user, newPassword);\r
dao.update(user);\r
\r
// authenticate the user again with the new password\r
}\r
}\r
\r
+ /**\r
+ * make new password salt, encode and set it for the passed user\r
+ *\r
+ * @param user\r
+ * The user to set the new password for.\r
+ * @param newPassword\r
+ * the new password to be encoded and set for the <code>user</code>\r
+ */\r
+ @Override\r
+ public void encodeUserPassword(User user, String newPassword) {\r
+ Object salt = this.saltSource.getSalt(user);\r
+ String password = passwordEncoder.encodePassword(newPassword, salt);\r
+ user.setPassword(password);\r
+ }\r
+\r
@Override\r
@Transactional(readOnly=false)\r
@PreAuthorize("#username == authentication.name or hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
throw new UsernameNotFoundException(username);\r
}\r
\r
- Object salt = this.saltSource.getSalt(user);\r
-\r
- String password = passwordEncoder.encodePassword(newPassword, salt);\r
- user.setPassword(password);\r
-\r
+ encodeUserPassword(user, newPassword);\r
dao.update(user);\r
userCache.removeUserFromCache(user.getUsername());\r
} catch(NonUniqueResultException nure) {\r
@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
public void createUser(UserDetails user) {\r
Assert.isInstanceOf(User.class, user);\r
-\r
- String rawPassword = user.getPassword();\r
- Object salt = this.saltSource.getSalt(user);\r
-\r
- String password = passwordEncoder.encodePassword(rawPassword, salt);\r
- ((User)user).setPassword(password);\r
-\r
+ encodeUserPassword((User)user, user.getPassword());\r
dao.save((User)user);\r
}\r
\r
userCache.removeUserFromCache(username);\r
}\r
\r
- /* (non-Javadoc)\r
- * @see org.springframework.security.provisioning.UserDetailsManager#updateUser(org.springframework.security.core.userdetails.UserDetails)\r
- */\r
@Override\r
@Transactional(readOnly=false)\r
@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
userCache.removeUserFromCache(user.getUsername());\r
}\r
\r
- /* (non-Javadoc)\r
- * @see org.springframework.security.provisioning.UserDetailsManager#userExists(java.lang.String)\r
- */\r
@Override\r
public boolean userExists(String username) {\r
Assert.hasText(username);\r
}\r
}\r
\r
- /* (non-Javadoc)\r
- * @see org.springframework.security.provisioning.GroupManager#addGroupAuthority(java.lang.String, org.springframework.security.core.GrantedAuthority)\r
- */\r
- @Override\r
- @Deprecated // use GroupService instead\r
- @Transactional(readOnly=false)\r
- @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
- public void addGroupAuthority(String groupName, GrantedAuthority authority) {\r
- Assert.hasText(groupName);\r
- Assert.notNull(authority);\r
-\r
- Group group = groupDao.findGroupByName(groupName);\r
- if(group.getGrantedAuthorities().add(authority)) {\r
- groupDao.update(group);\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.springframework.security.provisioning.GroupManager#addUserToGroup(java.lang.String, java.lang.String)\r
- */\r
- @Override\r
- @Deprecated // use GroupService instead\r
- @Transactional(readOnly=false)\r
- @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
- public void addUserToGroup(String username, String groupName) {\r
- Assert.hasText(username);\r
- Assert.hasText(groupName);\r
-\r
- Group group = groupDao.findGroupByName(groupName);\r
- User user = dao.findUserByUsername(username);\r
-\r
- if(group.addMember(user)) {\r
- groupDao.update(group);\r
- userCache.removeUserFromCache(user.getUsername());\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.springframework.security.provisioning.GroupManager#createGroup(java.lang.String, java.util.List)\r
- */\r
- @Override\r
- @Deprecated // use GroupService instead\r
- @Transactional(readOnly=false)\r
- @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
- public void createGroup(String groupName, List<GrantedAuthority> authorities) {\r
- Assert.hasText(groupName);\r
- Assert.notNull(authorities);\r
-\r
- Group group = Group.NewInstance(groupName);\r
-\r
- for(GrantedAuthority authority : authorities) {\r
- group.getGrantedAuthorities().add(authority);\r
- }\r
\r
- groupDao.save(group);\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.springframework.security.provisioning.GroupManager#deleteGroup(java.lang.String)\r
- */\r
- @Override\r
- @Deprecated // use GroupService instead\r
- @Transactional(readOnly=false)\r
- @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
- public void deleteGroup(String groupName) {\r
- Assert.hasText(groupName);\r
-\r
- Group group = groupDao.findGroupByName(groupName);\r
- groupDao.delete(group);\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.springframework.security.provisioning.GroupManager#findAllGroups()\r
- */\r
- @Override\r
- @Deprecated // use GroupService instead\r
- @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
- public List<String> findAllGroups() {\r
- return groupDao.listNames(null,null);\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.springframework.security.provisioning.GroupManager#findGroupAuthorities(java.lang.String)\r
- */\r
- @Override\r
- @Deprecated // use GroupService instead\r
- @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
- public List<GrantedAuthority> findGroupAuthorities(String groupName) {\r
- Assert.hasText(groupName);\r
- Group group = groupDao.findGroupByName(groupName);\r
-\r
- return new ArrayList<GrantedAuthority>(group.getGrantedAuthorities());\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.springframework.security.provisioning.GroupManager#findUsersInGroup(java.lang.String)\r
- */\r
- @Override\r
- @Deprecated // use GroupService instead\r
- @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
- public List<String> findUsersInGroup(String groupName) {\r
- Assert.hasText(groupName);\r
- Group group = groupDao.findGroupByName(groupName);\r
-\r
- List<String> users = groupDao.listMembers(group, null, null);\r
-\r
- return users;\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.springframework.security.provisioning.GroupManager#removeGroupAuthority(java.lang.String, org.springframework.security.core.GrantedAuthority)\r
- */\r
- @Override\r
- @Deprecated // use GroupService instead\r
- @Transactional(readOnly=false)\r
- @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
- public void removeGroupAuthority(String groupName, GrantedAuthority authority) {\r
- Assert.hasText(groupName);\r
- Assert.notNull(authority);\r
-\r
- Group group = groupDao.findGroupByName(groupName);\r
-\r
- if(group.getGrantedAuthorities().remove(authority)) {\r
- groupDao.update(group);\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.springframework.security.provisioning.GroupManager#removeUserFromGroup(java.lang.String, java.lang.String)\r
- */\r
- @Override\r
- @Deprecated // use GroupService instead\r
- @Transactional(readOnly=false)\r
- @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
- public void removeUserFromGroup(String username, String groupName) {\r
- Assert.hasText(username);\r
- Assert.hasText(groupName);\r
-\r
- Group group = groupDao.findGroupByName(groupName);\r
- User user = dao.findUserByUsername(username);\r
-\r
- if(group.removeMember(user)) {\r
- groupDao.update(group);\r
- userCache.removeUserFromCache(user.getUsername());\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.springframework.security.provisioning.GroupManager#renameGroup(java.lang.String, java.lang.String)\r
- */\r
- @Override\r
- @Deprecated // use GroupService instead\r
- @Transactional(readOnly=false)\r
- @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
- public void renameGroup(String oldName, String newName) {\r
- Assert.hasText(oldName);\r
- Assert.hasText(newName);\r
-\r
- Group group = groupDao.findGroupByName(oldName);\r
-\r
- group.setName(newName);\r
- groupDao.update(group);\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see eu.etaxonomy.cdm.api.service.ServiceBase#save(eu.etaxonomy.cdm.model.common.CdmBase)\r
- */\r
@Override\r
@Transactional(readOnly=false)\r
// @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_RUN_AS_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
return user;\r
}\r
\r
- /* (non-Javadoc)\r
- * @see eu.etaxonomy.cdm.api.service.ServiceBase#update(eu.etaxonomy.cdm.model.common.CdmBase)\r
- */\r
@Override\r
@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
public UUID update(User user) {\r
return user.getUuid();\r
}\r
\r
- /* (non-Javadoc)\r
- * @see eu.etaxonomy.cdm.api.service.IUserService#saveGrantedAuthority(org.springframework.security.core.GrantedAuthority)\r
- */\r
@Override\r
@Transactional(readOnly=false)\r
@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
\r
\r
\r
- /* (non-Javadoc)\r
- * @see eu.etaxonomy.cdm.api.service.IUserService#listByUsername(java.lang.String, eu.etaxonomy.cdm.persistence.query.MatchMode, java.util.List, java.lang.Integer, java.lang.Integer, java.util.List, java.util.List)\r
- */\r
@Override\r
@Transactional(readOnly = true)\r
public List<User> listByUsername(String queryString,MatchMode matchmode, List<Criterion> criteria, Integer pageSize, Integer pageNumber, List<OrderHint> orderHints, List<String> propertyPaths) {\r
- Integer numberOfResults = dao.countByUsername(queryString, matchmode, criteria);\r
+ long numberOfResults = dao.countByUsername(queryString, matchmode, criteria);\r
\r
- List<User> results = new ArrayList<User>();\r
+ List<User> results = new ArrayList<>();\r
if(numberOfResults > 0) {\r
results = dao.findByUsername(queryString, matchmode, criteria, pageSize, pageNumber, orderHints, propertyPaths);\r
}\r
@Override\r
@Transactional(readOnly=false)\r
@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_USER_MANAGER')")\r
- public Map<UUID, User> save(Collection<User> newInstances) {\r
+ public Map<UUID, User> save(Collection<? extends User> newInstances) {\r
Map<UUID, User> users = new HashMap<UUID, User>();\r
for (User user: newInstances){\r
createUser(user);\r