Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Genesys PGR
Genesys Backend
Commits
df678a93
Commit
df678a93
authored
Apr 27, 2018
by
Matija Obreza
Browse files
User management update
- Scrub and archive user accounts - Deleted account name labeled "USER ACCOUNT DELETED"
parent
8d06b5f6
Changes
5
Hide whitespace changes
Inline
Side-by-side
src/main/java/org/genesys2/server/service/UserService.java
View file @
df678a93
...
...
@@ -71,4 +71,12 @@ public interface UserService extends BasicUserService<UserRole, User> {
* @throws UserException
*/
void
disableMyAccount
()
throws
UserException
;
/**
* Disables the account and removes personally identifiable data.
*
* @param user
* @throws UserException
*/
void
archiveUser
(
User
user
)
throws
UserException
;
}
src/main/java/org/genesys2/server/service/impl/UserServiceImpl.java
View file @
df678a93
...
...
@@ -407,4 +407,33 @@ public class UserServiceImpl extends BasicUserServiceImpl<UserRole, User> implem
userRepository
.
save
(
u
);
}
@Override
@Transactional
public
void
archiveUser
(
User
user
)
throws
UserException
{
user
=
userRepository
.
findOne
(
user
.
getId
());
if
(
user
.
hasRole
(
UserRole
.
ADMINISTRATOR
.
getName
()))
{
throw
new
UserException
(
"Refusing to disable active administrator account"
);
}
LOG
.
warn
(
"Archiving user {}"
,
user
.
getEmail
());
Date
now
=
new
Date
();
user
.
setAccountExpires
(
now
);
user
.
setActive
(
false
);
user
.
setAccountType
(
AccountType
.
LOCAL
);
// user.setAccountType(AccountType.DELETED);
user
.
setEmail
(
"deleted@"
+
now
.
getTime
());
user
.
setPassword
(
THIS_IS_NOT_A_PASSWORD
);
user
.
setFtpPassword
(
null
);
user
.
setFullName
(
"USER ACCOUNT DELETED"
);
user
.
setShortName
(
"deleted"
+
now
.
getTime
());
user
.
setPasswordExpires
(
now
);
user
.
getRoles
().
clear
();
userRepository
.
save
(
user
);
LOG
.
warn
(
"Removing ACL entries for {}"
,
user
.
getEmail
());
aclEntryRepository
.
delete
(
user
.
getAclEntries
());
}
}
src/main/java/org/genesys2/server/servlet/controller/admin/UserProfileController.java
View file @
df678a93
...
...
@@ -198,6 +198,30 @@ public class UserProfileController extends BaseController {
return
"redirect:"
+
URLBASE
+
user
.
getUuid
();
}
@RequestMapping
(
value
=
"/{uuid:.+}/delete"
,
method
=
RequestMethod
.
POST
)
public
String
delete
(
ModelMap
model
,
@PathVariable
(
"uuid"
)
String
uuid
)
throws
UserException
{
final
User
user
=
userService
.
getUserByUuid
(
uuid
);
if
(
user
==
null
)
{
throw
new
ResourceNotFoundException
();
}
// if (user.getAccountType() == AccountType.DELETED) {
// LOG.warn("Account already archived.");
// return "redirect:" + VIEWBASE;
// }
if
(!
user
.
isAccountNonExpired
())
{
LOG
.
warn
(
"Account already expired."
);
return
"redirect:"
+
VIEWBASE
;
}
LOG
.
warn
(
"Archiving user account {}"
,
user
.
getEmail
());
userService
.
archiveUser
(
user
);
return
"redirect:"
+
VIEWBASE
;
}
@RequestMapping
(
value
=
"/{uuid:.+}/update-roles"
,
method
=
{
RequestMethod
.
POST
})
public
String
updateRoles
(
ModelMap
model
,
@PathVariable
(
"uuid"
)
String
uuid
,
@RequestParam
(
"role"
)
Set
<
UserRole
>
selectedRoles
)
{
final
User
user
=
userService
.
getUserByUuid
(
uuid
);
...
...
src/main/webapp/WEB-INF/jsp/admin/users/index.jsp
View file @
df678a93
...
...
@@ -20,10 +20,9 @@
<c:forEach
items=
"
${
pagedData
.
content
}
"
var=
"user"
varStatus=
"status"
>
<tr>
<td
class=
"col-xs-5"
><c:if
test=
"
${
user
.
accountType
!=
'SYSTEM'
}
"
>
<a
href=
"
<c:url
value=
"/admin/users/${user.uuid}"
/>
"
><c:out
value=
"
${
user
.
fullName
}
"
/></a>
<c:out
value=
"
${
user
.
fullName
}
"
/>
</c:if></td>
<td
class=
"col-xs-5"
><c:out
value=
"
${
user
.
email
}
"
/></td>
<td
class=
"col-xs-5"
><
a
href=
"
<c:url
value=
"/admin/users/${user.uuid}"
/>
"
><
c:out
value=
"
${
user
.
email
}
"
/></
a></
td>
<td
class=
"col-xs-2"
><c:if
test=
"
${
user
.
accountType
==
'SYSTEM'
}
"
>
SYSTEM
</c:if>
<c:if
test=
"
${
not
user
.
enabled
}
"
>
DISABLED
</c:if>
<c:if
test=
"
${
user
.
accountLocked
}
"
>
LOCKED
</c:if></td>
...
...
src/main/webapp/WEB-INF/jsp/admin/users/profile.jsp
View file @
df678a93
...
...
@@ -22,6 +22,13 @@
<label
for=
"password"
class=
"col-lg-2 control-label"
><spring:message
code=
"user.email"
/></label>
<div
class=
"col-lg-5 form-control-static"
><c:out
value=
"
${
user
.
email
}
"
/></div>
</div>
<div
class=
"form-group"
>
<label
class=
"col-lg-2 control-label"
><spring:message
code=
"user.login-type"
/></label>
<div
class=
"col-lg-5 form-control-static"
>
<c:out
value=
"
${
user
.
accountType
}
"
/>
</div>
</div>
<div
class=
"form-group"
>
<label
class=
"col-lg-2 control-label"
><spring:message
code=
"user.account-status"
/></label>
...
...
@@ -58,6 +65,7 @@
<security:authorize
access=
"hasRole('ADMINISTRATOR')"
>
<c:if
test=
"
${
user
.
accountNonExpired
}
"
>
<div
class=
"form-group"
>
<button
class=
"btn btn-default"
id=
"acccount-lock"
>
Lock
</button>
<button
class=
"btn btn-default"
id=
"acccount-unlock"
>
Unlock
</button>
...
...
@@ -65,22 +73,30 @@
<button
class=
"btn btn-default"
id=
"acccount-disable"
>
Disable
</button>
<button
class=
"btn btn-default"
id=
"acccount-enable"
>
Enable
</button>
</div>
</c:if>
</security:authorize>
<div
class=
"form-group"
>
<security:authorize
access=
"hasRole('ADMINISTRATOR') || (isAuthenticated() && principal.id == #user.id)"
>
<a
href=
"
<c:url
value=
"/management/user/${user.uuid}/tokens"
/>
"
class=
"btn btn-default"
><spring:message
code=
"oauth-client.issued.tokens"
/></a>
</security:authorize
>
<security:authorize
acc
es
s
=
"
hasRole('ADMINISTRATOR') || principal.id == #user.id
"
>
<c:if
test=
"
${
not
user
.
hasRole
(
'VALIDATEDUSER'
)
}
"
>
<
a
href=
"
<c:url
value=
"/admin/users/${user.uuid}/send"
/>
"
class=
"btn btn-default"
/>
Send validation email
</a
>
<c:if
test=
"
${
user
.
accountNonExpired
}
"
>
<c:if
t
es
t
=
"
${
not
user
.
hasRole
(
'VALIDATEDUSER'
)
}
"
>
<a
href=
"
<c:url
value=
"/admin/users/${user.uuid}/send"
/>
"
class=
"btn btn-default"
/>
Send validation email
</a
>
<
/c:if
>
</c:if>
</security:authorize>
<security:authorize
access=
"hasRole('ADMINISTRATOR')"
>
<c:if
test=
"
${
not
user
.
hasRole
(
'VETTEDUSER'
)
}
"
>
<a
href=
"
<c:url
value=
"/admin/users/${user.uuid}/vetted-user"
/>
"
class=
"btn btn-default"
/>
Vetted user
</a>
</c:if>
<c:if
test=
"
${
user
.
accountNonExpired
}
"
>
<c:if
test=
"
${
not
user
.
hasRole
(
'VETTEDUSER'
)
}
"
>
<a
href=
"
<c:url
value=
"/admin/users/${user.uuid}/vetted-user"
/>
"
class=
"btn btn-default"
/>
Vetted user
</a>
</c:if>
<form
style=
"display: inline-block"
method=
"post"
action=
"
<c:url
value=
"/admin/users/${user.uuid}/delete"
/>
"
>
<input
type=
"hidden"
name=
"${_csrf.parameterName}"
value=
"${_csrf.token}"
/>
<input
class=
"btn btn-default"
type=
"submit"
value=
"delete"
value=
"Delete"
>
</form>
</c:if>
</security:authorize>
</div>
<h3><spring:message
code=
"team.user-teams"
/></h3>
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment