public boolean isPwdResetRequiringSecurityQuestions() { return confDAO.find("passwordReset.securityQuestion", true); }
@PreAuthorize("hasRole('" + StandardEntitlement.CONFIGURATION_DELETE + "')") public void delete(final String schema) { Optional<? extends CPlainAttr> conf = confDAO.find(schema); if (!conf.isPresent()) { PlainSchema plainSchema = plainSchemaDAO.find(schema); if (plainSchema == null) { throw new NotFoundException("Configuration schema " + schema); } } confDAO.delete(schema); }
@Override public List<AttrTO> getConfTO() { return confDAO.get().getPlainAttrs().stream().map(attr -> getAttrTO(attr)).collect(Collectors.toList()); }
User user = null; Optional<? extends CPlainAttr> authAttrs = confDAO.find("authentication.attributes"); List<String> authAttrValues = authAttrs.isPresent() ? authAttrs.get().getValuesAsStrings() if (!confDAO.getValuesAsStrings("authentication.statuses").contains(user.getStatus())) { throw new DisabledException("User " + user.getUsername() + " not allowed to authenticate"); authenticated = AuthDataAccessor.this.authenticate(user, authentication.getCredentials().toString()); if (authenticated) { if (confDAO.find("log.lastlogindate", true)) { user.setLastLoginDate(new Date()); userModified = true;
@PreAuthorize("isAuthenticated() " + "and not(hasRole('" + StandardEntitlement.ANONYMOUS + "')) " + "and not(hasRole('" + StandardEntitlement.MUST_CHANGE_PASSWORD + "'))") public ProvisioningResult<UserTO> selfUpdate(final UserPatch userPatch, final boolean nullPriorityAsync) { UserTO userTO = binder.getAuthenticatedUserTO(); userPatch.setKey(userTO.getKey()); ProvisioningResult<UserTO> updated = doUpdate(userPatch, true, nullPriorityAsync); // Ensures that, if the self update above moves the user into a status from which no authentication // is possible, the existing Access Token is clean up to avoid issues with future authentications if (!confDAO.getValuesAsStrings("authentication.statuses").contains(updated.getEntity().getStatus())) { String accessToken = accessTokenDAO.findByOwner(updated.getEntity().getUsername()).getKey(); if (accessToken != null) { accessTokenDAO.delete(accessToken); } } return updated; }
@PreAuthorize("hasRole('" + StandardEntitlement.CONFIGURATION_SET + "')") public void set(final AttrTO value) { confDAO.save(binder.getAttr(value)); }
User user = null; Optional<? extends CPlainAttr> authAttrs = confDAO.find("authentication.attributes"); List<String> authAttrValues = authAttrs.isPresent() ? authAttrs.get().getValuesAsStrings() if (!confDAO.getValuesAsStrings("authentication.statuses").contains(user.getStatus())) { throw new DisabledException("User " + user.getUsername() + " not allowed to authenticate"); authenticated = AuthDataAccessor.this.authenticate(user, authentication.getCredentials().toString()); if (authenticated) { if (confDAO.find("log.lastlogindate", true)) { user.setLastLoginDate(new Date()); userModified = true;
if (!confDAO.getValuesAsStrings("authentication.statuses").contains(user.getStatus())) { throw new DisabledException("User " + username + " not allowed to authenticate");
public boolean isSelfRegAllowed() { return confDAO.find("selfRegistration.allowed", false); }
if (!confDAO.getValuesAsStrings("authentication.statuses").contains(user.getStatus())) { throw new DisabledException("User " + username + " not allowed to authenticate");
protected Map<String, String> findAllSyncopeConfs() { return confDAO.get().getPlainAttrs().stream().collect( Collectors.toMap(attr -> attr.getSchema().getKey(), attr -> attr.getValuesAsStrings().get(0))); } }
public boolean isPwdResetAllowed() { return confDAO.find("passwordReset.allowed", false); }
JexlUtils.addPlainAttrsToContext(confDAO.get().getPlainAttrs(), jexlContext);
@Transactional(readOnly = true) @Override public long getMaxRetries() { return confDAO.find("notification.maxRetries", 0L); }
@Transactional(readOnly = true) @Override public UserTO returnUserTO(final UserTO userTO) { if (!confDAO.find("return.password.value", false)) { userTO.setPassword(null); } return userTO; }
@PreAuthorize("hasRole('" + StandardEntitlement.CONFIGURATION_GET + "')") @Transactional(readOnly = true) public AttrTO get(final String schema) { AttrTO result; Optional<? extends CPlainAttr> conf = confDAO.find(schema); if (conf.isPresent()) { result = binder.getAttrTO(conf.get()); } else { PlainSchema plainSchema = plainSchemaDAO.find(schema); if (plainSchema == null) { throw new NotFoundException("Configuration schema " + schema); } result = new AttrTO(); result.setSchema(schema); } return result; }
private void setPassword(final User user, final String password, final SyncopeClientCompositeException scce) { try { String algorithm = confDAO.find("password.cipher.algorithm", CipherAlgorithm.AES.name()); user.setPassword(password, CipherAlgorithm.valueOf(algorithm)); } catch (IllegalArgumentException e) { SyncopeClientException invalidCiperAlgorithm = SyncopeClientException.build(ClientExceptionType.NotFound); invalidCiperAlgorithm.getElements().add(e.getMessage()); scce.addException(invalidCiperAlgorithm); throw scce; } }
@PreAuthorize("hasRole('" + StandardEntitlement.REPORT_CREATE + "')") public ReportTO create(final ReportTO reportTO) { Report report = entityFactory.newEntity(Report.class); binder.getReport(report, reportTO); report = reportDAO.save(report); try { jobManager.register( report, null, confDAO.find("tasks.interruptMaxRetries", 1L)); } catch (Exception e) { LOG.error("While registering quartz job for report " + report.getKey(), e); SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.Scheduling); sce.getElements().add(e.getMessage()); throw sce; } return binder.getReportTO(report); }
private AccessToken replace( final String subject, final Map<String, Object> claims, final byte[] authorities, final AccessToken accessToken) { Pair<String, Date> generated = generateJWT( accessToken.getKey(), subject, confDAO.find("jwt.lifetime.minutes", 120L), claims); accessToken.setBody(generated.getLeft()); accessToken.setExpiryTime(generated.getRight()); accessToken.setOwner(subject); if (!adminUser.equals(accessToken.getOwner())) { accessToken.setAuthorities(authorities); } return accessTokenDAO.save(accessToken); }
String notificationJobCronExpression = StringUtils.EMPTY; Optional<? extends CPlainAttr> notificationJobCronExp = confDAO.find("notificationjob.cronExpression"); if (!notificationJobCronExp.isPresent()) { notificationJobCronExpression = NotificationJob.DEFAULT_CRON_EXP; long interruptMaxRetries = confDAO.find("tasks.interruptMaxRetries", 1L);