if (!userAccount.getState().equalsIgnoreCase(Account.State.enabled.toString()) || !userAccount.getAccountState().equalsIgnoreCase(Account.State.enabled.toString())) { if (s_logger.isInfoEnabled()) { s_logger.info("User " + username + " in domain " + domainName + " is disabled/locked (or account is disabled/locked)"); if (userAccount.getState().equalsIgnoreCase(Account.State.enabled.toString())) { if (!isInternalAccount(userAccount.getId())) {
final Account account = userAcctPair.second(); if (user.getState() != Account.State.enabled || !account.getState().equals(Account.State.enabled)) { s_logger.info("disabled or locked user accessing the api, userid = " + user.getId() + "; name = " + user.getUsername() + "; state: " + user.getState() + "; accountState: " + account.getState());
@Override public Pair<User, Account> findUserAccountByApiKey(String apiKey) { TransactionLegacy txn = TransactionLegacy.currentTxn(); PreparedStatement pstmt = null; Pair<User, Account> userAcctPair = null; try { String sql = FIND_USER_ACCOUNT_BY_API_KEY; pstmt = txn.prepareAutoCloseStatement(sql); pstmt.setString(1, apiKey); ResultSet rs = pstmt.executeQuery(); // TODO: make sure we don't have more than 1 result? ApiKey had better be unique if (rs.next()) { User u = new UserVO(rs.getLong(1)); u.setUsername(rs.getString(2)); u.setAccountId(rs.getLong(3)); u.setSecretKey(DBEncryptionUtil.decrypt(rs.getString(4))); u.setState(State.valueOf(rs.getString(5))); AccountVO a = new AccountVO(rs.getLong(6)); a.setAccountName(rs.getString(7)); a.setType(rs.getShort(8)); a.setRoleId(rs.getLong(9)); a.setDomainId(rs.getLong(10)); a.setState(State.valueOf(rs.getString(11))); userAcctPair = new Pair<User, Account>(u, a); } } catch (Exception e) { s_logger.warn("Exception finding user/acct by api key: " + apiKey, e); } return userAcctPair; }
if (possibleUserAccount.getAccountState().equals(Account.State.enabled.toString())) { userAccount = possibleUserAccount; break;
final Domain domain = _domainDao.findByUuid(domainUuid); final UserAccount nextUserAccount = _accountService.getUserAccountById(user.getId()); if (nextUserAccount != null && !nextUserAccount.getAccountState().equals(Account.State.enabled.toString())) { throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.PARAM_ERROR.getHttpCode(), "The requested user account is locked and cannot be switched to, please contact your administrator.", || !nextUserAccount.getAccountState().equals(Account.State.enabled.toString()) || !nextUserAccount.getUsername().equals(currentUserAccount.getUsername()) || !nextUserAccount.getExternalEntity().equals(currentUserAccount.getExternalEntity())
Account account = userAcctPair.second(); if (!user.getState().equals(Account.State.enabled) || !account.getState().equals(Account.State.enabled)) { s_logger.debug("disabled or locked user accessing the api, userid = " + user.getId() + "; name = " + user.getUsername() + "; state: " + user.getState() + "; accountState: " + account.getState());
if (user.getState().equals(State.locked)) { } else if (user.getState().equals(State.enabled)) { success = doSetUserStatus(user.getId(), State.locked); List<UserVO> allUsersByAccount = _userDao.listByAccount(user.getAccountId()); for (UserVO oneUser : allUsersByAccount) { if (oneUser.getState().equals(State.enabled)) { lockAccount = false; break;
if ((account == null) || (account.getState().equals(State.disabled) && !account.getNeedsCleanup())) { success = true; } else {
accountResponse.setDomainId(account.getDomainUuid()); accountResponse.setDomainName(account.getDomainName()); accountResponse.setState(account.getState().toString()); accountResponse.setNetworkDomain(account.getNetworkDomain()); accountResponse.setDefaultZone(account.getDataCenterUuid());
protected boolean lockAccount(long accountId) { boolean success = false; Account account = _accountDao.findById(accountId); if (account != null) { if (account.getState().equals(State.locked)) { return true; // already locked, no-op } else if (account.getState().equals(State.enabled)) { AccountVO acctForUpdate = _accountDao.createForUpdate(); acctForUpdate.setState(State.locked); success = _accountDao.update(Long.valueOf(accountId), acctForUpdate); } else { if (s_logger.isInfoEnabled()) { s_logger.info("Attempting to lock a non-enabled account, current state is " + account.getState() + " (accountId: " + accountId + "), locking failed."); } } } else { s_logger.warn("Failed to lock account " + accountId + ", account not found."); } return success; }
public boolean verifyUser(Long userId) { // copy from ApiServer.java, a bit ugly here User user = _accountMgr.getUserIncludingRemoved(userId); Account account = null; if (user != null) { account = _accountMgr.getAccount(user.getAccountId()); } if ((user == null) || (user.getRemoved() != null) || !user.getState().equals(Account.State.enabled) || (account == null) || !account.getState().equals(Account.State.enabled)) { s_logger.warn("Deleted/Disabled/Locked user with id=" + userId + " attempting to access public API"); return false; } return true; }
@Override public boolean verifyUser(final Long userId) { final User user = accountMgr.getUserIncludingRemoved(userId); Account account = null; if (user != null) { account = accountMgr.getAccount(user.getAccountId()); } if ((user == null) || (user.getRemoved() != null) || !user.getState().equals(Account.State.enabled) || (account == null) || !account.getState().equals(Account.State.enabled)) { s_logger.warn("Deleted/Disabled/Locked user with id=" + userId + " attempting to access public API"); return false; } return true; }
@Override public void doInTransactionWithoutResult(TransactionStatus status) { UserAccountVO user = null; user = _userAccountDao.lockRow(id, true); user.setLoginAttempts(attempts); if (toDisable) { user.setState(State.disabled.toString()); } _userAccountDao.update(id, user); } });
private void enableUserInCloudStack(UserAccount user) { if(user != null && (user.getState().equalsIgnoreCase(Account.State.disabled.toString()))) { _accountManager.enableUser(user.getId()); } }