public UserAuthorityGroupCanIssueFilter( User user, boolean canGrantOwnUserAuthorityGroups ) { if ( user != null && user.getUserCredentials() != null ) { this.userCredentials = user.getUserCredentials(); this.canGrantOwnUserAuthorityGroups = canGrantOwnUserAuthorityGroups; } }
@Override public void encodeAndSetPassword( User user, String rawPassword ) { encodeAndSetPassword( user.getUserCredentials(), rawPassword ); }
@Override public void preCreate( IdentifiableObject object, ObjectBundle bundle ) { if ( !User.class.isInstance( object ) || ((User) object).getUserCredentials() == null ) return; User user = (User) object; bundle.putExtras( user, "uc", user.getUserCredentials() ); user.setUserCredentials( null ); }
@Override public void deleteUser( User user ) { userCredentialsStore.delete( user.getUserCredentials() ); } }
@Override public Set<String> getCurrentUserAuthorities() { return Sets.newHashSet( currentUser.getUserCredentials().getAllAuthorities() ); }
@Override public UserCredentials getUserCredentialsByUsername( String username ) { for ( User user : users ) { if ( user.getUsername().equals( username ) ) { return user.getUserCredentials(); } } return null; }
protected void saveAndInjectUserSecurityContext( User user ) { userService.addUser( user ); userService.addUserCredentials( user.getUserCredentials() ); List<GrantedAuthority> grantedAuthorities = user.getUserCredentials().getAllAuthorities() .stream().map( SimpleGrantedAuthority::new ).collect( Collectors.toList() ); UserDetails userDetails = new org.springframework.security.core.userdetails.User( user.getUserCredentials().getUsername(), user.getUserCredentials().getPassword(), grantedAuthorities ); Authentication authentication = new UsernamePasswordAuthenticationToken( userDetails, "", grantedAuthorities ); SecurityContextHolder.getContext().setAuthentication( authentication ); }
@Override public boolean isAccessible( App app, User user ) { if ( user == null || user.getUserCredentials() == null || app == null || app.getName() == null ) { return false; } Set<String> auths = user.getUserCredentials().getAllAuthorities(); return auths.contains( "ALL" ) || auths.contains( "M_dhis-web-maintenance-appmanager" ) || auths.contains( app.getSeeAppAuthority() ); }
@Override public boolean hasAnyAuthority( String... authorities ) { User user = currentUserService.getCurrentUser(); if ( user != null && user.getUserCredentials() != null ) { UserCredentials userCredentials = user.getUserCredentials(); for ( String authority : authorities ) { if ( userCredentials.isAuthorized( authority ) ) { return true; } } } return false; }
protected void injectSecurityContext( User user ) { List<GrantedAuthority> grantedAuthorities = user.getUserCredentials().getAllAuthorities() .stream().map( SimpleGrantedAuthority::new ).collect( Collectors.toList() ); UserDetails userDetails = new org.springframework.security.core.userdetails.User( user.getUserCredentials().getUsername(), user.getUserCredentials().getPassword(), grantedAuthorities ); Authentication authentication = new UsernamePasswordAuthenticationToken( userDetails, "", grantedAuthorities ); SecurityContext context = SecurityContextHolder.createEmptyContext(); context.setAuthentication( authentication ); SecurityContextHolder.setContext( context ); }
@Override public boolean canAddOrRemoveMember( String uid, User currentUser ) { UserGroup userGroup = getUserGroup( uid ); if ( userGroup == null || currentUser == null || currentUser.getUserCredentials() == null ) { return false; } boolean canUpdate = aclService.canUpdate( currentUser, userGroup ); boolean canAddMember = currentUser.getUserCredentials().isAuthorized( UserGroup.AUTH_ADD_MEMBERS_TO_READ_ONLY_USER_GROUPS ); return canUpdate || canAddMember; }
protected User createAndInjectAdminUser( String... authorities ) { User user = createAdminUser( authorities ); List<GrantedAuthority> grantedAuthorities = user.getUserCredentials().getAllAuthorities() .stream().map( SimpleGrantedAuthority::new ).collect( Collectors.toList() ); UserDetails userDetails = new org.springframework.security.core.userdetails.User( user.getUserCredentials().getUsername(), user.getUserCredentials().getPassword(), grantedAuthorities ); Authentication authentication = new UsernamePasswordAuthenticationToken( userDetails, "", grantedAuthorities ); SecurityContext context = SecurityContextHolder.createEmptyContext(); context.setAuthentication( authentication ); SecurityContextHolder.setContext( context ); return user; }
@Override @Transactional public boolean currentUserIsAuthorized( String auth ) { User user = getCurrentUser(); return user != null && user.getUserCredentials().isAuthorized( auth ); } }
private String createText( User user ) { return String.format( TEXT, user.getUsername(), getRemainingDays( user.getUserCredentials() ) ); }
public void set2FA( User user, Boolean twoFa ) { user.getUserCredentials().setTwoFA( twoFa ); updateUser( user ); } }
private boolean haveAuthority( User user, Collection<String> anyAuthorities ) { return containsAny( user.getUserCredentials().getAllAuthorities(), anyAuthorities ); }
@Override public void deleteUser( User user ) { UserCredentials credentials = user.getUserCredentials(); for ( UserAuthorityGroup group : credentials.getUserAuthorityGroups() ) { group.getMembers().remove( credentials ); userService.updateUserAuthorityGroup( group ); } } }
public static UserInfo fromUser( User user ) { if ( user == null ) { return null; } UserCredentials credentials = user.getUserCredentials(); return new UserInfo( credentials.getId(), credentials.getUsername(), credentials.getAllAuthorities() ); }
@Override public UserInfo getCurrentUserInfo() { return new UserInfo( currentUser.getId(), currentUser.getUsername(), currentUser.getUserCredentials().getAllAuthorities() ); }
@Override public void execute() throws Exception { UserQueryParams userQueryParams = new UserQueryParams( currentUserService.getCurrentUser() ); userQueryParams.setNot2FA( true ); userService.getUsers( userQueryParams ).forEach( user -> { user.getUserCredentials().setSecret( null ); userService.updateUser( user ); } ); } }