Commit 66305db0 authored by Matija Obreza's avatar Matija Obreza
Browse files

Updated to latest app-blocks

parent 435bf7e5
......@@ -20,6 +20,7 @@ import java.util.HashSet;
import java.util.Set;
import org.genesys.blocks.security.UserException;
import org.genesys.blocks.security.model.BasicUser.AccountType;
import org.genesys.blocks.security.service.PasswordPolicy.PasswordPolicyException;
import org.genesys2.server.listener.RunAsAdminListener;
import org.genesys2.server.model.UserRole;
......@@ -44,21 +45,18 @@ public class CreateAdminListener extends RunAsAdminListener {
}
if (userService.getSystemUser("SYSTEM") == null) {
createAdmin(true, "SYSTEM", null, "SYSTEM");
createAdmin("SYSTEM", "SYSTEM", null, AccountType.SYSTEM);
}
}
private void createDefaultAccounts() throws UserException, PasswordPolicyException {
createAdmin(true, "SYSTEM", null, "SYSTEM");
createAdmin(false, "admin@example.com", "Admin123!", "First Admin");
createAdmin("SYSTEM", "SYSTEM", null, AccountType.SYSTEM);
createAdmin("admin@example.com", "First Admin", "Admin123!", AccountType.LOCAL);
}
private void createAdmin(boolean systemAccount, String email, String passwd, String name) throws UserException, PasswordPolicyException {
final User user = new User();
user.setSystemAccount(systemAccount);
user.setEmail(email);
user.setPassword(passwd);
user.setFullName(name);
private void createAdmin(String email, String fullName, String password, AccountType accountType) throws UserException, PasswordPolicyException {
final User user = userService.createUser(email, fullName, password, accountType);
final Set<UserRole> userRoles = new HashSet<UserRole>();
userRoles.add(UserRole.ADMINISTRATOR);
user.setRoles(userRoles);
......
......@@ -17,12 +17,9 @@
package org.genesys2.server.model.impl;
import java.beans.Transient;
import java.util.UUID;
import javax.persistence.Cacheable;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.PrePersist;
import javax.persistence.Table;
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
......@@ -39,44 +36,11 @@ public class User extends BasicUser<UserRole> {
private static final long serialVersionUID = 4564013753931115445L;
@Column(length = 36, unique = true)
private String uuid;
/**
* System accounts cannot log in through web or otherwise.
*/
@Column(nullable = false, updatable = false, name = "sys")
private boolean systemAccount = false;
@PrePersist
void ensureUUID() {
if (this.uuid == null) {
this.uuid = UUID.nameUUIDFromBytes(getEmail().getBytes()).toString();
}
}
@Override
public String toString() {
return "User id=" + getId() + " email=" + getEmail();
}
public String getUuid() {
return uuid;
}
public void setUuid(String uuid) {
this.uuid = uuid;
}
public void setSystemAccount(boolean systemAccount) {
this.systemAccount = systemAccount;
}
public boolean isSystemAccount() {
// TODO move to app-blocks model
return systemAccount;
}
public boolean isAccountExpired() {
// We don't support account expiration
return false;
......@@ -88,15 +52,6 @@ public class User extends BasicUser<UserRole> {
return false;
}
/**
* This is used by Spring Security (as ACL SID)
*/
@Override
public String getUsername() {
// TODO update app-blocks model
return uuid;
}
public boolean hasRole(String roleName) {
for (final UserRole userRole : getRoles()) {
if (userRole.getName().equalsIgnoreCase(roleName)) {
......
......@@ -27,15 +27,15 @@ import org.springframework.transaction.annotation.Transactional;
@Transactional
public interface UserRepository extends JpaRepository<User, Long> {
@Query("select u from User u where u.email = ?1 and u.systemAccount = false")
@Query("select u from User u where u.email = ?1 and u.accountType != 'SYSTEM'")
User findByEmail(String email);
@Query("select u from User u where u.email = ?1 and u.systemAccount = true")
@Query("select u from User u where u.email = ?1 and u.accountType = 'SYSTEM'")
User findSystemUser(String username);
User findByUuid(String uuid);
@Query("select u from User u where u.email like ?1 and u.systemAccount = false")
@Query("select u from User u where u.email like ?1 and u.accountType != 'SYSTEM'")
List<User> autocompleteByEmail(String email, Pageable pageable);
}
......@@ -37,10 +37,10 @@ public interface UserService extends BasicUserService<UserRole, User> {
@PreAuthorize("hasRole('ADMINISTRATOR')")
void addUser(User user) throws UserException, PasswordPolicyException;
@PreAuthorize("hasRole('ADMINISTRATOR') || hasPermission(#user, 'WRITE')")
@PreAuthorize("hasRole('ADMINISTRATOR')")
void updateUser(User user) throws UserException;
@PreAuthorize("hasRole('ADMINISTRATOR') || hasPermission(#user, 'WRITE')")
@PreAuthorize("hasRole('ADMINISTRATOR')")
void removeUserById(long userId) throws UserException;
@PreAuthorize("isAuthenticated()")
......
......@@ -182,9 +182,7 @@ public class UserServiceImpl extends BasicUserServiceImpl<UserRole, User> implem
@Transactional(readOnly = false, rollbackFor = NotUniqueUserException.class)
public void addUser(User user) throws UserException, PasswordPolicyException {
try {
if (user.isSystemAccount()) {
user.setPassword(THIS_IS_NOT_A_PASSWORD);
} else {
if (user.getAccountType()==AccountType.LOCAL) {
changePassword(user, user.getPassword());
}
// save user
......
......@@ -139,7 +139,6 @@ databaseChangeLog:
tableName: classpk
# Country Boundingbox
- changeSet:
id: 1496779094288-1
author: matijaobreza (generated)
......@@ -159,3 +158,23 @@ databaseChangeLog:
- column:
name: maxLatitude
type: double
# System accounts
- changeSet:
id: 1497558768000-1
author: matijaobreza (generated)
changes:
- sql:
comment: if user#sys==1 convert to accountType#SYSTEM
sql: update user set accountType = 'SYSTEM' where sys = 1;
- dropColumn:
tableName: user
columnName: sys
rollback:
- addColumn:
tableName: user
columnName: sys
type: boolean
- sql:
comment: accountType#SYSTEM to user#sys==1
sql: update user set sys = 1 where accountType = 'SYSTEM';
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment