public void deleteUser(String userId) { List<Privilege> privileges = identityService.createPrivilegeQuery().userId(userId).list(); for (Privilege privilege : privileges) { identityService.deleteUserPrivilegeMapping(privilege.getId(), userId); } List<Group> groups = identityService.createGroupQuery().groupMember(userId).list(); if (groups != null && groups.size() > 0) { for (Group group : groups) { identityService.deleteMembership(userId, group.getId()); } } identityService.deleteUser(userId); }
@Override public UserQuery createUserQuery() { return getIdmIdentityService().createUserQuery(); }
public void deleteGroup(String groupId) { Group group = identityService.createGroupQuery().groupId(groupId).singleResult(); if (group == null) { throw new NotFoundException(); } identityService.deleteGroup(groupId); }
protected void clearAllUsersAndGroups() { // Privileges List<Privilege> privileges = idmIdentityService.createPrivilegeQuery().list(); for (Privilege privilege : privileges) { idmIdentityService.deletePrivilege(privilege.getId()); } // Groups List<Group> groups = idmIdentityService.createGroupQuery().list(); for (Group group : groups) { List<User> members = idmIdentityService.createUserQuery().memberOfGroup(group.getId()).list(); for (User member : members) { idmIdentityService.deleteMembership(member.getId(), group.getId()); } idmIdentityService.deleteGroup(group.getId()); } // Users List<User> users = idmIdentityService.createUserQuery().list(); for (User user : users) { idmIdentityService.deleteUser(user.getId()); } }
@Override public GroupQuery createGroupQuery() { return getIdmIdentityService().createGroupQuery(); }
public void deleteGroupMember(String groupId, String userId) { verifyGroupMemberExists(groupId, userId); Group group = identityService.createGroupQuery().groupId(groupId).singleResult(); if (group == null) { throw new NotFoundException(); } User user = identityService.createUserQuery().userId(userId).singleResult(); if (user == null) { throw new NotFoundException(); } identityService.deleteMembership(userId, groupId); }
public void addGroupMember(String groupId, String userId) { verifyGroupMemberExists(groupId, userId); Group group = identityService.createGroupQuery().groupId(groupId).singleResult(); if (group == null) { throw new NotFoundException(); } User user = identityService.createUserQuery().userId(userId).singleResult(); if (user == null) { throw new NotFoundException(); } identityService.createMembership(userId, groupId); }
public User createNewUser(String id, String firstName, String lastName, String email, String password) { if (StringUtils.isBlank(id) || StringUtils.isBlank(password) || StringUtils.isBlank(firstName)) { throw new BadRequestException("Id, password and first name are required"); } if (email != null && identityService.createUserQuery().userEmail(email).count() > 0) { throw new ConflictingRequestException("User already registered", "ACCOUNT.SIGNUP.ERROR.ALREADY-REGISTERED"); } User user = identityService.newUser(id); user.setFirstName(firstName); user.setLastName(lastName); user.setEmail(email); identityService.saveUser(user); User savedUser = identityService.createUserQuery().userEmail(email).singleResult(); savedUser.setPassword(password); identityService.updateUserPassword(savedUser); return user; }
@ApiOperation(value = "Create a group", tags = { "Groups" }) @ApiResponses(value = { @ApiResponse(code = 201, message = "Indicates the group was created."), @ApiResponse(code = 400, message = "Indicates the id of the group was missing.") }) @PostMapping(value = "/groups", produces = "application/json") public GroupResponse createGroup(@RequestBody GroupRequest groupRequest, HttpServletRequest httpRequest, HttpServletResponse response) { if (groupRequest.getId() == null) { throw new FlowableIllegalArgumentException("Id cannot be null."); } // Check if a user with the given ID already exists so we return a CONFLICT if (identityService.createGroupQuery().groupId(groupRequest.getId()).count() > 0) { throw new FlowableConflictException("A group with id '" + groupRequest.getId() + "' already exists."); } Group created = identityService.newGroup(groupRequest.getId()); created.setId(groupRequest.getId()); created.setName(groupRequest.getName()); created.setType(groupRequest.getType()); if (restApiInterceptor != null) { restApiInterceptor.createNewGroup(created); } identityService.saveGroup(created); response.setStatus(HttpStatus.CREATED.value()); return restResponseFactory.createGroupResponse(created); }
@Override public UserInformation getUserInformation(String userId) { User user = identityService.createUserQuery().userId(userId).singleResult(); if (user == null) { throw new NotFoundException(); } List<Privilege> userPrivileges = identityService.createPrivilegeQuery().userId(userId).list(); Set<String> privilegeNames = new HashSet<>(); for (Privilege userPrivilege : userPrivileges) { privilegeNames.add(userPrivilege.getName()); } List<Group> groups = identityService.createGroupQuery().groupMember(userId).list(); if (groups.size() > 0) { List<String> groupIds = new ArrayList<>(); for (Group group : groups) { groupIds.add(group.getId()); } List<Privilege> groupPrivileges = identityService.createPrivilegeQuery().groupIds(groupIds).list(); for (Privilege groupPrivilege : groupPrivileges) { privilegeNames.add(groupPrivilege.getName()); } } return new UserInformation(user, groups, new ArrayList<>(privilegeNames)); }
public Group updateGroupName(String groupId, String name) { if (StringUtils.isBlank(name)) { throw new BadRequestException("Group name required"); } Group group = identityService.createGroupQuery().groupId(groupId).singleResult(); if (group == null) { throw new NotFoundException(); } group.setName(name); identityService.saveGroup(group); return group; }
protected void verifyGroupMemberExists(String groupId, String userId) { // Check existence Group group = identityService.createGroupQuery().groupId(groupId).singleResult(); User user = identityService.createUserQuery().userId(userId).singleResult(); for (User groupMember : identityService.createUserQuery().memberOfGroup(groupId).list()) { if (groupMember.getId().equals(userId)) { user = groupMember; } } if (group == null || user == null) { throw new NotFoundException(); } }
@ApiOperation(value = "Create a user", tags = { "Users" }) @ApiResponses(value = { @ApiResponse(code = 201, message = "Indicates the user was created."), @ApiResponse(code = 400, message = "Indicates the id of the user was missing.") }) @PostMapping(value = "/users", produces = "application/json") public UserResponse createUser(@RequestBody UserRequest userRequest, HttpServletRequest request, HttpServletResponse response) { if (userRequest.getId() == null) { throw new FlowableIllegalArgumentException("Id cannot be null."); } // Check if a user with the given ID already exists so we return a CONFLICT if (identityService.createUserQuery().userId(userRequest.getId()).count() > 0) { throw new FlowableConflictException("A user with id '" + userRequest.getId() + "' already exists."); } User created = identityService.newUser(userRequest.getId()); created.setEmail(userRequest.getEmail()); created.setFirstName(userRequest.getFirstName()); created.setLastName(userRequest.getLastName()); created.setDisplayName(userRequest.getDisplayName()); created.setPassword(userRequest.getPassword()); if (restApiInterceptor != null) { restApiInterceptor.createNewUser(created); } identityService.saveUser(created); response.setStatus(HttpStatus.CREATED.value()); return idmRestResponseFactory.createUserResponse(created, false); }
@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { String name = authentication.getName(); String password = authentication.getCredentials().toString(); boolean authenticated = identityService.checkPassword(name, password); if (authenticated) { List<Group> groups = identityService.createGroupQuery().groupMember(name).list(); Collection<GrantedAuthority> grantedAuthorities = new ArrayList<>(); for (Group group : groups) { grantedAuthorities.add(new SimpleGrantedAuthority(group.getId())); } return new UsernamePasswordAuthenticationToken(name, password, grantedAuthorities); } else { throw new BadCredentialsException("Authentication failed for this username and password"); } }
protected boolean isGroupPrivilege(String privilegeId, String groupId) { Group group = identityService.createGroupQuery().groupId(groupId).singleResult(); if (group == null) { throw new IllegalArgumentException("Invalid group id"); } return identityService.createPrivilegeQuery().privilegeId(privilegeId).groupId(groupId).count() > 0; }
@ApiOperation(value = "Delete a member from a group", tags = { "Groups" }) @ApiResponses(value = { @ApiResponse(code = 204, message = "Indicates the group was found and the member has been deleted. The response body is left empty intentionally."), @ApiResponse(code = 404, message = "Indicates the requested group was not found or that the user is not a member of the group. The status description contains additional information about the error.") }) @DeleteMapping("/groups/{groupId}/members/{userId}") public void deleteMembership(@ApiParam(name = "groupId") @PathVariable("groupId") String groupId, @ApiParam(name = "userId") @PathVariable("userId") String userId, HttpServletRequest request, HttpServletResponse response) { Group group = getGroupFromRequest(groupId); // Check if user is not a member of group since API doesn't return typed exception if (identityService.createUserQuery().memberOfGroup(group.getId()).userId(userId).count() != 1) { throw new FlowableObjectNotFoundException("User '" + userId + "' is not part of group '" + group.getId() + "'.", null); } identityService.deleteMembership(userId, group.getId()); response.setStatus(HttpStatus.NO_CONTENT.value()); } }
public void bulkUpdatePassword(List<String> userIds, String newPassword) { for (String userId : userIds) { User user = identityService.createUserQuery().userId(userId).singleResult(); if (user != null) { user.setPassword(newPassword); identityService.updateUserPassword(user); } } }
public void updateUserDetails(String userId, String firstName, String lastName, String email) { User user = identityService.createUserQuery().userId(userId).singleResult(); if (user != null) { user.setFirstName(firstName); user.setLastName(lastName); user.setEmail(email); identityService.saveUser(user); } }
@ApiOperation(value = "Add a member to a group", tags = { "Groups" }) @ApiResponses(value = { @ApiResponse(code = 201, message = "Indicates the group was found and the member has been added."), @ApiResponse(code = 400, message = "Indicates the userId was not included in the request body."), @ApiResponse(code = 404, message = "Indicates the requested group was not found."), @ApiResponse(code = 409, message = "Indicates the requested user is already a member of the group.") }) @PostMapping(value = "/groups/{groupId}/members", produces = "application/json") public MembershipResponse createMembership(@ApiParam(name = "groupId") @PathVariable String groupId, @RequestBody MembershipRequest memberShip, HttpServletRequest request, HttpServletResponse response) { Group group = getGroupFromRequest(groupId); if (memberShip.getUserId() == null) { throw new FlowableIllegalArgumentException("UserId cannot be null."); } // Check if user is member of group since API doesn't return typed exception if (identityService.createUserQuery().memberOfGroup(group.getId()).userId(memberShip.getUserId()).count() > 0) { throw new FlowableConflictException("User '" + memberShip.getUserId() + "' is already part of group '" + group.getId() + "'."); } identityService.createMembership(memberShip.getUserId(), group.getId()); response.setStatus(HttpStatus.CREATED.value()); return restResponseFactory.createMembershipResponse(memberShip.getUserId(), group.getId()); } }