Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Genesys PGR
Genesys Backend
Commits
c24519a4
Commit
c24519a4
authored
Jan 08, 2014
by
Matija Obreza
Browse files
Enable User account locking and disabling
parent
122f3c8d
Changes
10
Hide whitespace changes
Inline
Side-by-side
src/main/java/org/genesys2/server/model/impl/User.java
View file @
c24519a4
...
...
@@ -16,6 +16,7 @@
package
org.genesys2.server.model.impl
;
import
java.beans.Transient
;
import
java.util.HashSet
;
import
java.util.Set
;
import
java.util.UUID
;
...
...
@@ -84,6 +85,12 @@ public class User extends BusinessModel {
@Column
(
nullable
=
false
,
updatable
=
false
,
name
=
"sys"
)
private
boolean
systemAccount
;
@Column
private
boolean
enabled
;
@Column
private
boolean
locked
;
@PrePersist
void
ensureUUID
()
{
...
...
@@ -176,4 +183,33 @@ public class User extends BusinessModel {
public
boolean
isSystemAccount
()
{
return
systemAccount
;
}
public
boolean
isEnabled
()
{
return
this
.
enabled
;
}
public
void
setEnabled
(
boolean
enabled
)
{
this
.
enabled
=
enabled
;
}
public
boolean
isAccountLocked
()
{
return
this
.
locked
;
}
public
void
setAccountLocked
(
boolean
locked
)
{
this
.
locked
=
locked
;
}
@Transient
public
boolean
isAccountExpired
()
{
// We don't support account expiration
return
false
;
}
@Transient
public
boolean
isPasswordExpired
()
{
// We don't support password expiration
return
false
;
}
}
src/main/java/org/genesys2/server/service/UserService.java
View file @
c24519a4
...
...
@@ -44,11 +44,11 @@ public interface UserService {
@PreAuthorize
(
"isAuthenticated()"
)
User
getMe
();
User
getUserByEmail
(
String
email
);
User
getUserByUuid
(
String
uuid
);
User
getUserById
(
long
userId
)
throws
UserException
;
boolean
exists
(
String
username
)
throws
UserException
;
...
...
@@ -58,10 +58,14 @@ public interface UserService {
UserWrapper
getWrappedById
(
long
userId
)
throws
UserException
;
@PreAuthorize
(
"hasRole('ADMINISTRATOR') || principal.user.id == #userId"
)
User
updateData
(
long
userId
,
String
name
);
User
updateData
(
long
userId
,
String
name
,
String
email
);
User
getSystemUser
(
String
string
);
Page
<
User
>
listUsers
(
Pageable
pageable
);
void
setAccountLock
(
String
uuid
,
boolean
locked
);
void
setAccountEnabled
(
String
uuid
,
boolean
enabled
);
}
src/main/java/org/genesys2/server/service/impl/AuthUserDetailsService.java
View file @
c24519a4
...
...
@@ -47,7 +47,13 @@ public class AuthUserDetailsService implements UserDetailsService {
return
null
;
}
AuthUserDetails
userDetails
=
new
AuthUserDetails
(
user
.
getUuid
(),
user
.
getPassword
(),
getGrantedAuthorities
(
user
));
boolean
enabled
=
user
.
isEnabled
();
boolean
accountNonExpired
=
!
user
.
isAccountExpired
();
boolean
credentialsNonExpired
=
!
user
.
isPasswordExpired
();
boolean
accountNonLocked
=
!
user
.
isAccountLocked
();
AuthUserDetails
userDetails
=
new
AuthUserDetails
(
user
.
getUuid
(),
user
.
getPassword
(),
enabled
,
accountNonExpired
,
credentialsNonExpired
,
accountNonLocked
,
getGrantedAuthorities
(
user
));
// set actual DB user for possible further purposes
userDetails
.
setUser
(
user
);
...
...
src/main/java/org/genesys2/server/service/impl/UserServiceImpl.java
View file @
c24519a4
...
...
@@ -162,9 +162,10 @@ public class UserServiceImpl implements UserService {
@Override
@PreAuthorize
(
"hasRole('ADMINISTRATOR') || principal.user.id == #userId"
)
@Transactional
(
readOnly
=
false
)
public
User
updateData
(
long
userId
,
String
name
)
{
public
User
updateData
(
long
userId
,
String
name
,
String
email
)
{
User
user
=
userPersistence
.
findOne
(
userId
);
user
.
setName
(
name
);
user
.
setEmail
(
email
);
userPersistence
.
save
(
user
);
return
user
;
}
...
...
@@ -177,6 +178,28 @@ public class UserServiceImpl implements UserService {
userPersistence
.
save
(
user
);
}
@Override
@Transactional
(
readOnly
=
false
)
@PreAuthorize
(
"hasRole('ADMINISTRATOR')"
)
public
void
setAccountEnabled
(
String
uuid
,
boolean
enabled
)
{
User
user
=
userPersistence
.
findByUuid
(
uuid
);
if
(!
enabled
&&
user
.
getRoles
().
contains
(
UserRole
.
ADMINISTRATOR
))
throw
new
SecurityException
(
"Can't disable ADMINISTRATOR accounts"
);
user
.
setEnabled
(
enabled
);
userPersistence
.
save
(
user
);
}
@Override
@Transactional
(
readOnly
=
false
)
@PreAuthorize
(
"hasRole('ADMINISTRATOR')"
)
public
void
setAccountLock
(
String
uuid
,
boolean
locked
)
{
User
user
=
userPersistence
.
findByUuid
(
uuid
);
if
(
locked
&&
user
.
getRoles
().
contains
(
UserRole
.
ADMINISTRATOR
))
throw
new
SecurityException
(
"Can't lock ADMINISTRATOR accounts"
);
user
.
setAccountLocked
(
locked
);
userPersistence
.
save
(
user
);
}
private
void
setPassword
(
User
user
,
String
rawPassword
)
{
// encrypt password
user
.
setPassword
(
passwordEncoder
.
encode
(
rawPassword
));
...
...
src/main/java/org/genesys2/server/servlet/controller/UserProfileController.java
View file @
c24519a4
...
...
@@ -93,15 +93,15 @@ public class UserProfileController extends BaseController {
return
"/user/edit"
;
}
@
PreAuthorize
(
"isAuthenticated()"
)
@
RequestMapping
(
value
=
"/update"
,
metho
d
=
{
RequestMethod
.
POST
}
)
public
String
update
Me
(
ModelMap
model
,
@
RequestParam
(
"name"
)
String
name
,
@RequestParam
(
"pwd1"
)
String
pwd1
,
@RequestParam
(
"pwd2"
)
String
pwd2
)
{
User
user
=
userService
.
get
Me
(
);
@
RequestMapping
(
value
=
"/{uuid:.+}/update"
,
method
=
{
RequestMethod
.
POST
}
)
@
PreAuthorize
(
"hasRole('ADMINISTRATOR') || principal.user.uui
d =
=
#uuid"
)
public
String
update
(
ModelMap
model
,
@
PathVariable
(
"uuid"
)
String
uuid
,
@RequestParam
(
"name"
)
String
name
,
@RequestParam
(
"email"
)
String
email
,
@RequestParam
(
"pwd1"
)
String
pwd1
,
@RequestParam
(
"pwd2"
)
String
pwd2
)
{
User
user
=
userService
.
get
UserByUuid
(
uuid
);
if
(
user
==
null
)
{
throw
new
ResourceNotFoundException
();
}
userService
.
updateData
(
user
.
getId
(),
name
);
userService
.
updateData
(
user
.
getId
(),
name
,
email
);
if
(
StringUtils
.
isNotBlank
(
pwd1
))
{
if
(
pwd1
.
equals
(
pwd2
))
{
...
...
@@ -117,6 +117,6 @@ public class UserProfileController extends BaseController {
}
}
return
"redirect:/profile
"
;
return
"redirect:/profile
/"
+
user
.
getUuid
()
;
}
}
src/main/java/org/genesys2/server/servlet/controller/rest/UserController.java
View file @
c24519a4
...
...
@@ -77,6 +77,21 @@ public class UserController extends RestController {
LOG
.
info
(
"Creating team "
+
teamJson
);
return
OAuth2Cleanup
.
clean
(
teamService
.
addTeam
(
teamJson
.
name
));
}
@RequestMapping
(
value
=
"/user/{uuid}/locked"
,
method
=
RequestMethod
.
POST
,
produces
=
MediaType
.
APPLICATION_JSON_VALUE
)
public
@ResponseBody
boolean
changeLock
(
@PathVariable
(
"uuid"
)
String
uuid
,
@RequestBody
boolean
locked
)
{
userService
.
setAccountLock
(
uuid
,
locked
);
return
true
;
}
@RequestMapping
(
value
=
"/user/{uuid}/enabled"
,
method
=
RequestMethod
.
POST
,
produces
=
MediaType
.
APPLICATION_JSON_VALUE
)
public
@ResponseBody
boolean
changeEnabled
(
@PathVariable
(
"uuid"
)
String
uuid
,
@RequestBody
boolean
enabled
)
{
userService
.
setAccountEnabled
(
uuid
,
enabled
);
return
true
;
}
@RequestMapping
(
value
=
"/me/teams/{teamId}/leave"
,
method
=
RequestMethod
.
POST
,
produces
=
MediaType
.
APPLICATION_JSON_VALUE
)
public
@ResponseBody
...
...
src/main/resources/content/language.properties
View file @
c24519a4
...
...
@@ -93,6 +93,7 @@ user.pulldown.heading=You are {0}
user.create-new-account
=
Create an account
user.full-name
=
Full Name
user.email
=
E-mail Address
user.account-status
=
Account Status
userprofile.page.title
=
User profile
userprofile.update.title
=
Update your profile
...
...
src/main/webapp/WEB-INF/jsp/user/edit.jsp
View file @
c24519a4
...
...
@@ -11,7 +11,7 @@
<spring:message
code=
"userprofile.update.title"
/>
</h1>
<form
role=
"form"
class=
"form-horizontal validate"
action=
"
<c:url
value=
"/profile/update"
/>
"
method=
"post"
>
<form
role=
"form"
class=
"form-horizontal validate"
action=
"
<c:url
value=
"/profile/
${user.uuid}/
update"
/>
"
method=
"post"
>
<div
class=
"form-group"
>
<label
for=
"name"
class=
"col-lg-2 control-label"
><spring:message
code=
"registration.full-name"
/></label>
<div
class=
"col-lg-3"
>
...
...
src/main/webapp/WEB-INF/jsp/user/index.jsp
View file @
c24519a4
...
...
@@ -23,7 +23,11 @@
<td><c:if
test=
"
${
not
user
.
systemAccount
}
"
><a
href=
"
<c:url
value=
"/profile/${user.uuid}"
/>
"
><c:out
value=
"
${
user
.
name
}
"
/></a></c:if></td>
<td>
${user.uuid}
</td>
<td>
${user.email}
</td>
<td>
${user.systemAccount ? 'SYSTEM' : ''}
</td>
<td>
<c:if
test=
"
${
user
.
systemAccount
}
"
>
SYSTEM
</c:if>
<c:if
test=
"
${
not
user
.
enabled
}
"
>
DISABLED
</c:if>
<c:if
test=
"
${
user
.
accountLocked
}
"
>
LOCKED
</c:if>
</td>
</tr>
</c:forEach>
</table>
...
...
src/main/webapp/WEB-INF/jsp/user/profile.jsp
View file @
c24519a4
...
...
@@ -26,9 +26,28 @@
<label
for=
"password"
class=
"col-lg-2 control-label"
><spring:message
code=
"user.email"
/></label>
<div
class=
"col-lg-3"
>
${user.email}
</div>
</div>
<div
class=
"form-group"
>
<label
class=
"col-lg-2 control-label"
><spring:message
code=
"user.account-status"
/></label>
<div
class=
"col-lg-3"
>
<c:if
test=
"
${
user
.
systemAccount
}
"
>
SYSTEM
</c:if>
<c:if
test=
"
${
not
user
.
enabled
}
"
>
DISABLED
</c:if>
<c:if
test=
"
${
user
.
accountLocked
}
"
>
LOCKED
</c:if>
</div>
</div>
</security:authorize>
</div>
<security:authorize
access=
"hasRole('ADMINISTRATOR')"
>
<div
class=
"form-group"
>
<button
class=
"btn"
id=
"acccount-lock"
>
Lock
</button>
<button
class=
"btn"
id=
"acccount-unlock"
>
Unlock
</button>
<button
class=
"btn"
id=
"acccount-disable"
>
Disable
</button>
<button
class=
"btn"
id=
"acccount-enable"
>
Enable
</button>
</div>
</security:authorize>
<h3><spring:message
code=
"team.user-teams"
/></h3>
<ul
class=
"funny-list"
>
...
...
@@ -53,11 +72,15 @@
</div>
</div>
</form>
</security:authorize>
<security:authorize
access=
"isAuthenticated()"
>
<script
src=
"
<c:url
value=
"/html/js/main.js"
/>
"
></script>
<script
src=
"
<c:url
value=
"/html/js/jsonclient.js"
/>
"
></script>
<script
type=
"text/javascript"
>
jQuery
(
document
).
ready
(
function
()
{
<security:authorize
access=
"principal.user.id == #user.id"
>
$
(
"
#new-team-form input[type=submit]
"
).
on
(
"
click
"
,
function
(
e
)
{
e
.
preventDefault
();
x01
(
"
<c:url
value=
"/json/v0/me/teams"
/>
"
,
{
success
:
function
(
e
)
{
...
...
@@ -72,10 +95,37 @@
window
.
location
.
reload
();
}});
});
</security:authorize>
<security:authorize
access=
"hasRole('ADMINISTRATOR')"
>
$
(
"
button#acccount-enable
"
).
on
(
"
click
"
,
function
(
e
)
{
e
.
preventDefault
();
x01
(
"
<c:url
value=
"/json/v0/user/${user.uuid}/enabled"
/>
"
,
{
success
:
function
(
e
)
{
window
.
location
.
reload
();
}},
true
);
});
$
(
"
button#acccount-disable
"
).
on
(
"
click
"
,
function
(
e
)
{
e
.
preventDefault
();
x01
(
"
<c:url
value=
"/json/v0/user/${user.uuid}/enabled"
/>
"
,
{
success
:
function
(
e
)
{
window
.
location
.
reload
();
}},
false
);
});
$
(
"
button#acccount-lock
"
).
on
(
"
click
"
,
function
(
e
)
{
e
.
preventDefault
();
x01
(
"
<c:url
value=
"/json/v0/user/${user.uuid}/locked"
/>
"
,
{
success
:
function
(
e
)
{
window
.
location
.
reload
();
}},
true
);
});
$
(
"
button#acccount-unlock
"
).
on
(
"
click
"
,
function
(
e
)
{
e
.
preventDefault
();
x01
(
"
<c:url
value=
"/json/v0/user/${user.uuid}/locked"
/>
"
,
{
success
:
function
(
e
)
{
window
.
location
.
reload
();
}},
false
);
});
</security:authorize>
});
</script>
</security:authorize>
</security:authorize>
</body>
</html>
\ No newline at end of file
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment