diff --git a/application-engine/src/main/java/com/netgrif/application/engine/auth/service/RegistrationService.java b/application-engine/src/main/java/com/netgrif/application/engine/auth/service/RegistrationService.java index eeac37df89..23b2195678 100644 --- a/application-engine/src/main/java/com/netgrif/application/engine/auth/service/RegistrationService.java +++ b/application-engine/src/main/java/com/netgrif/application/engine/auth/service/RegistrationService.java @@ -77,7 +77,7 @@ public void resetExpiredToken() { user.setToken(null); user.setExpirationDate(null); }); - userService.saveUsers(users.getContent().stream().map(AbstractUser.class::cast).toList()); + userService.saveUsers(users.getContent().stream().toList()); pageable = pageable.next(); } while (users.hasNext()); @@ -86,7 +86,7 @@ public void resetExpiredToken() { } @Override - public void changePassword(AbstractUser user, String newPassword) { + public void changePassword(User user, String newPassword) { user.setPassword(newPassword); encodeUserPassword(user); userService.saveUser(user, null); @@ -98,7 +98,7 @@ public boolean verifyToken(String token) { try { log.info("Verifying token:" + token); String[] tokenParts = decodeToken(token); - User user = (User) userService.findByEmail(tokenParts[0], null); + User user = userService.findByEmail(tokenParts[0], null); return user != null && Objects.equals(user.getToken(), tokenParts[1]) && user.getExpirationDate().isAfter(LocalDateTime.now()); } catch (InvalidUserTokenException e) { log.error(e.getMessage()); @@ -107,7 +107,7 @@ public boolean verifyToken(String token) { } @Override - public void encodeUserPassword(AbstractUser user) { + public void encodeUserPassword(User user) { String pass = user.getPassword(); if (pass == null) { throw new IllegalArgumentException("User has no password"); @@ -116,14 +116,15 @@ public void encodeUserPassword(AbstractUser user) { } @Override - public boolean stringMatchesUserPassword(AbstractUser user, String passwordToCompare) { - return passwordEncoder.matches(passwordToCompare, user.getPassword()); + public boolean stringMatchesUserPassword(User user, String passwordToCompare) { + String encoded = user.getPassword(); + return encoded != null && passwordEncoder.matches(passwordToCompare, encoded); } @Override @Transactional - public AbstractUser createNewUser(NewUserRequest newUser) { - User user = (User) userService.findByEmail(newUser.email, null); + public User createNewUser(NewUserRequest newUser) { + User user = userService.findByEmail(newUser.email, null); if (user != null) { if (user.isActive()) { return null; @@ -157,10 +158,10 @@ public AbstractUser createNewUser(NewUserRequest newUser) { } @Override - public AbstractUser registerUser(RegistrationRequest registrationRequest) throws InvalidUserTokenException { + public User registerUser(RegistrationRequest registrationRequest) throws InvalidUserTokenException { String email = decodeToken(registrationRequest.token)[0]; log.info("Registering user " + email); - User user = (User) userService.findByEmail(email, null); + User user = userService.findByEmail(email, null); if (user == null) { return null; } @@ -173,11 +174,11 @@ public AbstractUser registerUser(RegistrationRequest registrationRequest) throws user.setExpirationDate(null); user.setState(UserState.ACTIVE); - return (AbstractUser) userService.saveUser(user, null); + return userService.saveUser(user, null); } @Override - public AbstractUser resetPassword(String email) { + public User resetPassword(String email) { log.info("Resetting password of " + email); User user = (User) userService.findByEmail(email, null); if (user == null || !user.isActive()) { @@ -190,13 +191,13 @@ public AbstractUser resetPassword(String email) { user.setPassword(null); user.setToken(generateTokenKey()); user.setExpirationDate(generateExpirationDate()); - return (AbstractUser) userService.saveUser(user, null); + return userService.saveUser(user, null); } @Override - public AbstractUser recover(String email, String newPassword) { + public User recover(String email, String newPassword) { log.info("Recovering user " + email); - User user = (User) userService.findByEmail(email, null); + User user = userService.findByEmail(email, null); if (user == null) { return null; } @@ -206,7 +207,7 @@ public AbstractUser recover(String email, String newPassword) { user.setToken(null); user.setExpirationDate(null); - return (AbstractUser) userService.saveUser(user, null); + return userService.saveUser(user, null); } @Override diff --git a/application-engine/src/main/java/com/netgrif/application/engine/auth/service/interfaces/IRegistrationService.java b/application-engine/src/main/java/com/netgrif/application/engine/auth/service/interfaces/IRegistrationService.java index 25aebd2c20..5bc56d3ea1 100644 --- a/application-engine/src/main/java/com/netgrif/application/engine/auth/service/interfaces/IRegistrationService.java +++ b/application-engine/src/main/java/com/netgrif/application/engine/auth/service/interfaces/IRegistrationService.java @@ -3,7 +3,7 @@ import com.netgrif.application.engine.auth.service.InvalidUserTokenException; import com.netgrif.application.engine.auth.web.requestbodies.NewUserRequest; import com.netgrif.application.engine.auth.web.requestbodies.RegistrationRequest; -import com.netgrif.application.engine.objects.auth.domain.AbstractUser; +import com.netgrif.application.engine.objects.auth.domain.User; import java.time.LocalDateTime; @@ -13,21 +13,21 @@ public interface IRegistrationService { void resetExpiredToken(); - void changePassword(AbstractUser user, String newPassword); + void changePassword(User user, String newPassword); - void encodeUserPassword(AbstractUser user); + void encodeUserPassword(User user); - boolean stringMatchesUserPassword(AbstractUser user, String passwordToCompare); + boolean stringMatchesUserPassword(User user, String passwordToCompare); boolean verifyToken(String token); - AbstractUser createNewUser(NewUserRequest newUser); + User createNewUser(NewUserRequest newUser); - AbstractUser registerUser(RegistrationRequest registrationRequest) throws InvalidUserTokenException; + User registerUser(RegistrationRequest registrationRequest) throws InvalidUserTokenException; - AbstractUser resetPassword(String email); + User resetPassword(String email); - AbstractUser recover(String email, String newPassword); + User recover(String email, String newPassword); String generateTokenKey(); diff --git a/application-engine/src/main/java/com/netgrif/application/engine/auth/web/AuthenticationController.java b/application-engine/src/main/java/com/netgrif/application/engine/auth/web/AuthenticationController.java index e1f1c07b70..97b8e4470c 100644 --- a/application-engine/src/main/java/com/netgrif/application/engine/auth/web/AuthenticationController.java +++ b/application-engine/src/main/java/com/netgrif/application/engine/auth/web/AuthenticationController.java @@ -2,6 +2,7 @@ import com.netgrif.application.engine.objects.auth.domain.AbstractUser; import com.netgrif.application.engine.configuration.properties.SecurityConfigurationProperties; +import com.netgrif.application.engine.objects.auth.domain.User; import com.netgrif.application.engine.workflow.web.responsebodies.MessageResource; import com.netgrif.application.engine.objects.auth.domain.LoggedUser; import com.netgrif.application.engine.auth.service.InvalidUserTokenException; @@ -192,7 +193,7 @@ public MessageResource recoverAccount(@RequestBody RegistrationRequest request) @PostMapping(value = "/changePassword", consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaTypes.HAL_JSON_VALUE) public MessageResource changePassword(Authentication auth, @RequestBody ChangePasswordRequest request) { try { - Optional user = userService.findUserByUsername(request.login, null); + Optional user = userService.findUserByUsername(request.login, null); if (user.isEmpty() || request.password == null || request.newPassword == null) { return MessageResource.errorMessage("Incorrect login!"); } diff --git a/application-engine/src/main/java/com/netgrif/application/engine/auth/web/PublicUserController.java b/application-engine/src/main/java/com/netgrif/application/engine/auth/web/PublicUserController.java index 6d472275a1..177b24731c 100644 --- a/application-engine/src/main/java/com/netgrif/application/engine/auth/web/PublicUserController.java +++ b/application-engine/src/main/java/com/netgrif/application/engine/auth/web/PublicUserController.java @@ -80,7 +80,7 @@ public ResponseEntity getLoggedUser(Authentication auth) { public ResponseEntity> search(@RequestBody UserSearchRequestBody query, Pageable pageable, Authentication auth) { List roles = query.getRoles() == null ? null : query.getRoles().stream().map(ProcessResourceId::new).toList(); List negativeRoles = query.getNegativeRoles() == null ? null : query.getNegativeRoles().stream().map(ProcessResourceId::new).toList(); - Page users = userService.searchAllCoMembers(query.getFulltext(), + Page users = userService.searchAllCoMembers(query.getFulltext(), roles, negativeRoles, (LoggedUser) auth.getPrincipal(), pageable); @@ -127,11 +127,11 @@ public ResponseEntity savePreferences(@RequestBody PreferencesRequest pr } } - private Page changeToResponse(Page users, Pageable pageable) { + private Page changeToResponse(Page users, Pageable pageable) { return new PageImpl<>(changeType(users.getContent()), pageable, users.getTotalElements()); } - public List changeType(List users) { + public List changeType(List users) { return users.stream().map(User::createUser).toList(); } diff --git a/application-engine/src/main/java/com/netgrif/application/engine/auth/web/UserController.java b/application-engine/src/main/java/com/netgrif/application/engine/auth/web/UserController.java index e03c3f168e..a8109a951a 100644 --- a/application-engine/src/main/java/com/netgrif/application/engine/auth/web/UserController.java +++ b/application-engine/src/main/java/com/netgrif/application/engine/auth/web/UserController.java @@ -100,7 +100,7 @@ public ResponseEntity> getAllUsers(@PathVariable String realmId, Page log.error("Realm with id [{}] not found", realmId); return ResponseEntity.badRequest().build(); } - Page users = userService.findAllUsers(realmId, pageable); + Page users = userService.findAllUsers(realmId, pageable); return ResponseEntity.ok(changeToResponse(users, pageable, locale)); } @@ -138,7 +138,7 @@ public ResponseEntity getLoggedUser(Authentication auth, Locale locale) { public ResponseEntity> search(@RequestBody UserSearchRequestBody query, Pageable pageable, Authentication auth, Locale locale) { List roles = query.getRoles() == null ? null : query.getRoles().stream().map(ProcessResourceId::new).toList(); List negativeRoles = query.getNegativeRoles() == null ? null : query.getNegativeRoles().stream().map(ProcessResourceId::new).toList(); - Page users = userService.searchAllCoMembers(query.getFulltext(), + Page users = userService.searchAllCoMembers(query.getFulltext(), roles, negativeRoles, (LoggedUser) auth.getPrincipal(), pageable); @@ -218,7 +218,7 @@ public ResponseEntity getUser(@PathVariable("realmId") String realmId, @Pa }) public ResponseEntity assignRolesToUser(@PathVariable("realmId") String realmId, @PathVariable("id") String userId, @RequestBody Set roleIds, Authentication auth) { try { - AbstractUser user = userService.findById(userId, realmId); + com.netgrif.application.engine.objects.auth.domain.User user = userService.findById(userId, realmId); processRoleService.assignRolesToUser(user, roleIds.stream().map(ProcessResourceId::new).collect(Collectors.toSet()), (LoggedUser) auth.getPrincipal()); log.info("Process roles {} assigned to user with id [{}]", roleIds, userId); return ResponseEntity.ok(ResponseMessage.createSuccessMessage("Selected roles assigned to user " + userId)); @@ -325,11 +325,11 @@ public ResponseEntity savePreferences(@RequestBody PreferencesR } } - private Page changeToResponse(Page users, Pageable pageable, Locale locale) { + private Page changeToResponse(Page users, Pageable pageable, Locale locale) { return new PageImpl<>(changeType(users.getContent(), locale), pageable, users.getTotalElements()); } - public List changeType(List users, Locale locale) { + public List changeType(List users, Locale locale) { return users.stream().map(u -> userFactory.getUser(u, locale)).toList(); } diff --git a/application-engine/src/main/java/com/netgrif/application/engine/auth/web/responsebodies/UserResourceAssembler.java b/application-engine/src/main/java/com/netgrif/application/engine/auth/web/responsebodies/UserResourceAssembler.java index 50e130aca4..9a6740ca95 100644 --- a/application-engine/src/main/java/com/netgrif/application/engine/auth/web/responsebodies/UserResourceAssembler.java +++ b/application-engine/src/main/java/com/netgrif/application/engine/auth/web/responsebodies/UserResourceAssembler.java @@ -1,13 +1,14 @@ package com.netgrif.application.engine.auth.web.responsebodies; import com.netgrif.application.engine.auth.service.UserFactory; -import com.netgrif.application.engine.objects.auth.domain.AbstractUser; +import com.netgrif.application.engine.objects.auth.domain.User; +import org.jetbrains.annotations.NotNull; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.hateoas.server.RepresentationModelAssembler; import java.util.Locale; -public class UserResourceAssembler implements RepresentationModelAssembler { +public class UserResourceAssembler implements RepresentationModelAssembler { @Autowired private UserFactory userFactory; @@ -29,7 +30,7 @@ public void initialize(Locale locale, boolean small, String selfRel) { } @Override - public UserResource toModel(AbstractUser entity) { + public UserResource toModel(@NotNull User entity) { if (!initialized) { throw new IllegalStateException("You must initialize the UserResourceAssembler before calling the toResource method! To initialize the assembler call the initialize method."); } diff --git a/application-engine/src/main/java/com/netgrif/application/engine/impersonation/service/ImpersonationAuthorizationService.java b/application-engine/src/main/java/com/netgrif/application/engine/impersonation/service/ImpersonationAuthorizationService.java index 94b492f20b..624a29e094 100644 --- a/application-engine/src/main/java/com/netgrif/application/engine/impersonation/service/ImpersonationAuthorizationService.java +++ b/application-engine/src/main/java/com/netgrif/application/engine/impersonation/service/ImpersonationAuthorizationService.java @@ -1,16 +1,13 @@ package com.netgrif.application.engine.impersonation.service; import com.netgrif.application.engine.configuration.properties.ImpersonationConfigurationProperties; -import com.netgrif.application.engine.objects.auth.domain.Authority; -import com.netgrif.application.engine.objects.auth.domain.LoggedUser; +import com.netgrif.application.engine.objects.auth.domain.*; import com.netgrif.application.engine.adapter.spring.petrinet.service.ProcessRoleService; import com.netgrif.application.engine.auth.service.AuthorityService; import com.netgrif.application.engine.auth.service.UserService; import com.netgrif.application.engine.elastic.service.interfaces.IElasticCaseService; import com.netgrif.application.engine.elastic.web.requestbodies.CaseSearchRequest; import com.netgrif.application.engine.impersonation.service.interfaces.IImpersonationAuthorizationService; -import com.netgrif.application.engine.objects.auth.domain.AbstractUser; -import com.netgrif.application.engine.objects.auth.domain.ActorTransformer; import com.netgrif.application.engine.objects.petrinet.domain.dataset.UserFieldValue; import com.netgrif.application.engine.objects.petrinet.domain.roles.ProcessRole; import com.netgrif.application.engine.objects.workflow.domain.Case; @@ -53,13 +50,13 @@ public class ImpersonationAuthorizationService implements IImpersonationAuthoriz protected ProcessRoleService processRoleService; @Override - public Page getConfiguredImpersonationUsers(String query, LoggedUser impersonator, Pageable pageable) { + public Page getConfiguredImpersonationUsers(String query, LoggedUser impersonator, Pageable pageable) { if (impersonator.isAdmin()) { return userService.searchAllCoMembers(query, null, null, impersonator, pageable); } else { Page cases = searchConfigs(impersonator.getStringId(), pageable); - List users = cases.getContent().stream() + List users = cases.getContent().stream() .map(c -> ((UserFieldValue) c.getDataSet().get("impersonated").getValue()).getId()) .distinct() .map(id -> userService.findById(id, null)) @@ -76,7 +73,7 @@ public boolean canImpersonate(LoggedUser impersonator, String configId) { @Override public boolean canImpersonateUser(LoggedUser impersonator, String userId) { - AbstractUser impersonated = userService.findById(userId, null); + User impersonated = userService.findById(userId, null); return impersonator.isAdmin() || !searchConfigs(impersonator.getStringId(), impersonated.getStringId()).isEmpty(); } @@ -92,7 +89,7 @@ public List searchConfigs(String impersonatorId, String impersonatedId) { } @Override - public List getAuthorities(Collection configs, AbstractUser impersonated) { + public List getAuthorities(Collection configs, User impersonated) { if (configs.isEmpty()) { return new ArrayList<>(); } @@ -103,7 +100,7 @@ public List getAuthorities(Collection configs, AbstractUser imp } @Override - public List getRoles(Collection configs, AbstractUser impersonated) { + public List getRoles(Collection configs, User impersonated) { List impersonatedRoles = new ArrayList<>(); impersonatedRoles.add(processRoleService.getDefaultRole()); if (configs.isEmpty()) { diff --git a/application-engine/src/main/java/com/netgrif/application/engine/impersonation/service/ImpersonationService.java b/application-engine/src/main/java/com/netgrif/application/engine/impersonation/service/ImpersonationService.java index 62a6567054..ab37b7bc6c 100644 --- a/application-engine/src/main/java/com/netgrif/application/engine/impersonation/service/ImpersonationService.java +++ b/application-engine/src/main/java/com/netgrif/application/engine/impersonation/service/ImpersonationService.java @@ -1,10 +1,7 @@ package com.netgrif.application.engine.impersonation.service; import com.netgrif.application.engine.adapter.spring.auth.domain.AuthorityImpl; -import com.netgrif.application.engine.objects.auth.domain.AbstractUser; -import com.netgrif.application.engine.objects.auth.domain.ActorTransformer; -import com.netgrif.application.engine.objects.auth.domain.Authority; -import com.netgrif.application.engine.objects.auth.domain.LoggedUser; +import com.netgrif.application.engine.objects.auth.domain.*; import com.netgrif.application.engine.auth.service.UserService; import com.netgrif.application.engine.configuration.properties.ImpersonationConfigurationProperties; import com.netgrif.application.engine.objects.event.RunPhase; @@ -58,7 +55,7 @@ public LoggedUser impersonateUser(String impersonatedId) throws ImpersonatedUser throw new IllegalArgumentException("Impersonation is not enabled in app properties"); } LoggedUser loggedUser = ActorTransformer.toLoggedUser(userService.getLoggedUser()); - AbstractUser impersonated = userService.findById(impersonatedId, null); + User impersonated = userService.findById(impersonatedId, null); List configs = impersonationAuthorizationService.searchConfigs(loggedUser.getStringId(), impersonated.getStringId()); LoggedUser impersonatedLogged = ActorTransformer.toLoggedUser(applyRolesAndAuthorities(impersonated, loggedUser.getStringId(), configs)); @@ -73,7 +70,7 @@ public LoggedUser impersonateByConfig(String configId) throws ImpersonatedUserHa } Case config = impersonationAuthorizationService.getConfig(configId); LoggedUser loggedUser = ActorTransformer.toLoggedUser(userService.getLoggedUser()); - AbstractUser impersonated = userService.findById(impersonationAuthorizationService.getImpersonatedUserId(config), null); + User impersonated = userService.findById(impersonationAuthorizationService.getImpersonatedUserId(config), null); LoggedUser impersonatedLogged = ActorTransformer.toLoggedUser(applyRolesAndAuthorities(impersonated, loggedUser.getStringId(), Collections.singletonList(config))); return doImpersonate(loggedUser, impersonatedLogged, Collections.singletonList(config)); @@ -143,7 +140,7 @@ public void onSessionDestroy(LoggedUser impersonator) { } @Override - public AbstractUser reloadImpersonatedUserRoles(AbstractUser impersonated, String impersonatorId) { + public User reloadImpersonatedUserRoles(User impersonated, String impersonatorId) { Optional context = impersonatorRepository.findByImpersonatedId(impersonated.getStringId()); if (context.isPresent()) { List configs = context.get().getConfigIds().stream() @@ -155,8 +152,8 @@ public AbstractUser reloadImpersonatedUserRoles(AbstractUser impersonated, Strin } @Override - public AbstractUser applyRolesAndAuthorities(AbstractUser impersonated, String impersonatorId, List configs) { - if ((Boolean) userService.findById(impersonatorId, null).getAuthoritySet().contains(new AuthorityImpl(Authority.admin))) { + public User applyRolesAndAuthorities(User impersonated, String impersonatorId, List configs) { + if (userService.findById(impersonatorId, null).isAdmin()) { return impersonated; } List authorities = impersonationAuthorizationService.getAuthorities(configs, impersonated); diff --git a/application-engine/src/main/java/com/netgrif/application/engine/impersonation/service/interfaces/IImpersonationAuthorizationService.java b/application-engine/src/main/java/com/netgrif/application/engine/impersonation/service/interfaces/IImpersonationAuthorizationService.java index 9847904243..f2cd905b1c 100644 --- a/application-engine/src/main/java/com/netgrif/application/engine/impersonation/service/interfaces/IImpersonationAuthorizationService.java +++ b/application-engine/src/main/java/com/netgrif/application/engine/impersonation/service/interfaces/IImpersonationAuthorizationService.java @@ -1,8 +1,8 @@ package com.netgrif.application.engine.impersonation.service.interfaces; -import com.netgrif.application.engine.objects.auth.domain.AbstractUser; import com.netgrif.application.engine.objects.auth.domain.Authority; import com.netgrif.application.engine.objects.auth.domain.LoggedUser; +import com.netgrif.application.engine.objects.auth.domain.User; import com.netgrif.application.engine.objects.petrinet.domain.roles.ProcessRole; import com.netgrif.application.engine.objects.workflow.domain.Case; import org.springframework.data.domain.Page; @@ -14,7 +14,7 @@ public interface IImpersonationAuthorizationService { - Page getConfiguredImpersonationUsers(String query, LoggedUser impersonator, Pageable pageable); + Page getConfiguredImpersonationUsers(String query, LoggedUser impersonator, Pageable pageable); boolean canImpersonate(LoggedUser loggedUser, String configId); @@ -24,9 +24,9 @@ public interface IImpersonationAuthorizationService { List searchConfigs(String impersonatorId, String impersonatedId); - List getAuthorities(Collection configs, AbstractUser impersonated); + List getAuthorities(Collection configs, User impersonated); - List getRoles(Collection configs, AbstractUser impersonated); + List getRoles(Collection configs, User impersonated); Case getConfig(String configId); diff --git a/application-engine/src/main/java/com/netgrif/application/engine/impersonation/service/interfaces/IImpersonationService.java b/application-engine/src/main/java/com/netgrif/application/engine/impersonation/service/interfaces/IImpersonationService.java index e08908673b..5cfa8b9757 100644 --- a/application-engine/src/main/java/com/netgrif/application/engine/impersonation/service/interfaces/IImpersonationService.java +++ b/application-engine/src/main/java/com/netgrif/application/engine/impersonation/service/interfaces/IImpersonationService.java @@ -4,6 +4,7 @@ import com.netgrif.application.engine.objects.auth.domain.LoggedUser; import com.netgrif.application.engine.impersonation.domain.Impersonator; import com.netgrif.application.engine.impersonation.exceptions.ImpersonatedUserHasSessionException; +import com.netgrif.application.engine.objects.auth.domain.User; import com.netgrif.application.engine.objects.workflow.domain.Case; import java.util.List; @@ -27,7 +28,7 @@ public interface IImpersonationService { void onSessionDestroy(LoggedUser impersonator); - AbstractUser reloadImpersonatedUserRoles(AbstractUser impersonated, String impersonatorId); + User reloadImpersonatedUserRoles(User impersonated, String impersonatorId); - AbstractUser applyRolesAndAuthorities(AbstractUser impersonated, String impersonatorId, List configs); + User applyRolesAndAuthorities(User impersonated, String impersonatorId, List configs); } diff --git a/application-engine/src/main/java/com/netgrif/application/engine/impersonation/web/ImpersonationController.java b/application-engine/src/main/java/com/netgrif/application/engine/impersonation/web/ImpersonationController.java index 2f2b5b189f..e7f0bbf74f 100644 --- a/application-engine/src/main/java/com/netgrif/application/engine/impersonation/web/ImpersonationController.java +++ b/application-engine/src/main/java/com/netgrif/application/engine/impersonation/web/ImpersonationController.java @@ -4,6 +4,7 @@ import com.netgrif.application.engine.auth.web.responsebodies.UserResourceAssembler; import com.netgrif.application.engine.objects.auth.domain.AbstractUser; import com.netgrif.application.engine.objects.auth.domain.ActorTransformer; +import com.netgrif.application.engine.objects.auth.domain.User; import com.netgrif.application.engine.workflow.web.responsebodies.ResourceLinkAssembler; import com.netgrif.application.engine.objects.auth.domain.LoggedUser; import com.netgrif.application.engine.auth.service.UserService; @@ -65,9 +66,9 @@ protected UserResourceAssembler getUserResourceAssembler(Locale locale, boolean @Operation(summary = "Search impersonable users", security = {@SecurityRequirement(name = "BasicAuth")}) @PostMapping(value = "/search", consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaTypes.HAL_JSON_VALUE) - public PagedModel getImpersonationUserOptions(@RequestBody SearchRequest request, Pageable pageable, PagedResourcesAssembler assembler, Authentication auth, Locale locale) { + public PagedModel getImpersonationUserOptions(@RequestBody SearchRequest request, Pageable pageable, PagedResourcesAssembler assembler, Authentication auth, Locale locale) { LoggedUser loggedUser = (LoggedUser) auth.getPrincipal(); - Page page = impersonationAuthorizationService.getConfiguredImpersonationUsers(request.getQuery(), loggedUser, pageable); + Page page = impersonationAuthorizationService.getConfiguredImpersonationUsers(request.getQuery(), loggedUser, pageable); Link selfLink = WebMvcLinkBuilder.linkTo(WebMvcLinkBuilder.methodOn(ImpersonationController.class) .getImpersonationUserOptions(request, pageable, assembler, auth, locale)).withRel("all"); PagedModel resources = assembler.toModel(page, getUserResourceAssembler(locale, false, "all"), selfLink); diff --git a/application-engine/src/main/java/com/netgrif/application/engine/petrinet/service/ProcessRoleService.java b/application-engine/src/main/java/com/netgrif/application/engine/petrinet/service/ProcessRoleService.java index e4f3fd4b35..4e15ae7792 100644 --- a/application-engine/src/main/java/com/netgrif/application/engine/petrinet/service/ProcessRoleService.java +++ b/application-engine/src/main/java/com/netgrif/application/engine/petrinet/service/ProcessRoleService.java @@ -2,12 +2,9 @@ import com.netgrif.application.engine.adapter.spring.utils.PaginationProperties; import com.netgrif.application.engine.auth.service.GroupService; -import com.netgrif.application.engine.objects.auth.domain.AbstractUser; +import com.netgrif.application.engine.objects.auth.domain.*; import com.netgrif.application.engine.auth.service.RealmService; -import com.netgrif.application.engine.objects.auth.domain.Group; -import com.netgrif.application.engine.objects.auth.domain.LoggedUser; import com.netgrif.application.engine.auth.service.UserService; -import com.netgrif.application.engine.objects.auth.domain.Realm; import com.netgrif.application.engine.objects.event.events.user.UserRoleChangeEvent; import com.netgrif.application.engine.objects.importer.model.EventPhaseType; import com.netgrif.application.engine.objects.petrinet.domain.PetriNet; @@ -104,12 +101,12 @@ public void deleteAll() { @Override - public void assignRolesToUser(AbstractUser user, Collection processResourceIds, LoggedUser loggedUser) { + public void assignRolesToUser(User user, Collection processResourceIds, LoggedUser loggedUser) { assignRolesToUser(user, processResourceIds, loggedUser, new HashMap<>()); } @Override - public void assignRolesToUser(AbstractUser user, Collection requestedRolesIds, LoggedUser loggedUser, Map map) { + public void assignRolesToUser(User user, Collection requestedRolesIds, LoggedUser loggedUser, Map map) { assignRolesToActor(user.getProcessRoles(), requestedRolesIds); saveUserAndReloadContext(user, loggedUser); } @@ -140,7 +137,7 @@ protected void assignRolesToActor(Collection oldActorRoles, Collect oldActorRoles.addAll(updateRequestedRoles(userOldRoles, rolesNewToUser, rolesRemovedFromUser)); } - protected void saveUserAndReloadContext(AbstractUser user, LoggedUser loggedUser) { + protected void saveUserAndReloadContext(User user, LoggedUser loggedUser) { userService.saveUser(user); String userId = user.getStringId(); @@ -243,7 +240,7 @@ private String getPetriNetIdFromFirstRole(Set newRoles) { return newRoles.iterator().next().getProcessId(); } - private void replaceUserRolesAndPublishEvent(Set requestedRolesIds, AbstractUser user, Set requestedRoles) { + private void replaceUserRolesAndPublishEvent(Set requestedRolesIds, User user, Set requestedRoles) { removeOldAndAssignNewRolesToUser(user, requestedRoles); publisher.publishEvent(new UserRoleChangeEvent(user, this.findByIds(requestedRolesIds))); } @@ -314,7 +311,7 @@ private void runActions(List actions, RoleContext roleContext, Map roleActionsRunner.run(action, roleContext, params)); } - private void removeOldAndAssignNewRolesToUser(AbstractUser user, Set requestedRoles) { + private void removeOldAndAssignNewRolesToUser(User user, Set requestedRoles) { user.getProcessRoles().clear(); user.getProcessRoles().addAll(requestedRoles); @@ -410,11 +407,11 @@ public void deleteRolesOfNet(PetriNet net, LoggedUser loggedUser) { realms.forEach(realm -> { Pageable usersPageable = PageRequest.of(0, paginationProperties.getBackendPageSize()); - Page users; + Page users; do { users = this.userService.findAllByProcessRoles(new HashSet<>(deletedRoleIds), realm.getName(), usersPageable); - for (AbstractUser user : users) { + for (User user : users) { log.info("[" + net.getStringId() + "]: Removing deleted roles of Petri net " + net.getIdentifier() + " version " + net.getVersion().toString() + " from user " + user.getFullName() + " with id " + user.getStringId()); if (user.getProcessRoles().isEmpty()) { diff --git a/application-engine/src/main/java/com/netgrif/application/engine/startup/runner/SuperCreatorRunner.java b/application-engine/src/main/java/com/netgrif/application/engine/startup/runner/SuperCreatorRunner.java index d3059fe5a6..0df48fc45b 100644 --- a/application-engine/src/main/java/com/netgrif/application/engine/startup/runner/SuperCreatorRunner.java +++ b/application-engine/src/main/java/com/netgrif/application/engine/startup/runner/SuperCreatorRunner.java @@ -38,7 +38,7 @@ public class SuperCreatorRunner implements ApplicationEngineStartupRunner { private final ProcessRoleService processRoleService; @Getter - private AbstractUser superUser; + private User superUser; @Override public void run(ApplicationArguments strings) { @@ -46,14 +46,14 @@ public void run(ApplicationArguments strings) { createSuperUser(); } - private AbstractUser createSuperUser() { + private User createSuperUser() { Authority adminAuthority = authorityService.getOrCreate(Authority.admin); Authority systemAuthority = authorityService.getOrCreate(Authority.systemAdmin); Set authorities = new HashSet<>(); authorities.add(adminAuthority); authorities.add(systemAuthority); - Optional superUser = userService.findUserByUsername(UserConstants.ADMIN_USER_USERNAME, null); + Optional superUser = userService.findUserByUsername(UserConstants.ADMIN_USER_USERNAME, null); if (superUser.isEmpty()) { User user = new User(); user.setFirstName(UserConstants.ADMIN_USER_FIRST_NAME); diff --git a/application-engine/src/main/java/com/netgrif/application/engine/workflow/service/MongoSearchService.java b/application-engine/src/main/java/com/netgrif/application/engine/workflow/service/MongoSearchService.java index 8e3259e239..cada39b6d3 100644 --- a/application-engine/src/main/java/com/netgrif/application/engine/workflow/service/MongoSearchService.java +++ b/application-engine/src/main/java/com/netgrif/application/engine/workflow/service/MongoSearchService.java @@ -2,6 +2,7 @@ import com.netgrif.application.engine.auth.service.UserService; import com.netgrif.application.engine.objects.auth.domain.AbstractUser; +import com.netgrif.application.engine.objects.auth.domain.User; import com.querydsl.core.BooleanBuilder; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -244,8 +245,8 @@ protected String buildQueryPart(String attribute, Object obj, Map user = userService.findUserByUsername(email, null); - return user.map(AbstractUser::getStringId).orElse(null); + Optional user = userService.findUserByUsername(email, null); + return user.map(User::getStringId).orElse(null); } protected BooleanBuilder constructPredicateTree(List elementaryPredicates, BiFunction nodeOperation) { diff --git a/application-engine/src/test/java/com/netgrif/application/engine/MockService.java b/application-engine/src/test/java/com/netgrif/application/engine/MockService.java index 28f569dca0..5a4c21a788 100644 --- a/application-engine/src/test/java/com/netgrif/application/engine/MockService.java +++ b/application-engine/src/test/java/com/netgrif/application/engine/MockService.java @@ -4,12 +4,12 @@ import com.netgrif.application.engine.objects.auth.domain.Authority; import com.netgrif.application.engine.objects.auth.domain.LoggedUser; import com.netgrif.application.engine.auth.service.AuthorityService; +import com.netgrif.application.engine.objects.auth.domain.enums.UserType; import org.bson.types.ObjectId; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Profile; import org.springframework.stereotype.Component; -import java.util.Collections; import java.util.Set; @Component @@ -21,7 +21,7 @@ public class MockService { public LoggedUser mockLoggedUser() { Authority authorityUser = authorityService.getOrCreate(Authority.user); - LoggedUser loggedUser = new LoggedUserImpl(new ObjectId(), null, "testUsername", "testFirstName", "testMiddleName", "testLastName", "test@email.com", "", null, null, null, null); + LoggedUser loggedUser = new LoggedUserImpl(new ObjectId(), null, "testUsername", "testFirstName", "testMiddleName", "testLastName", "test@email.com", "", null, null, null, null, UserType.INTERNAL); loggedUser.setAuthoritySet(Set.of(authorityUser)); return loggedUser; diff --git a/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/AbstractActor.java b/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/AbstractActor.java index 2b844d7d0e..13c4c757ee 100644 --- a/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/AbstractActor.java +++ b/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/AbstractActor.java @@ -43,12 +43,12 @@ public abstract class AbstractActor implements Serializable { /** Set of group identifiers this actor belongs to */ protected Set groupIds = new HashSet<>(); - public AbstractActor(ObjectId id, String realmId) { + protected AbstractActor(ObjectId id, String realmId) { this.id = id; this.realmId = realmId; } - public AbstractActor(String stringId, String realmId) { + protected AbstractActor(String stringId, String realmId) { this.id = new ObjectId(stringId); this.realmId = realmId; } diff --git a/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/AbstractUser.java b/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/AbstractUser.java index f9efc661c5..6bcfafd578 100644 --- a/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/AbstractUser.java +++ b/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/AbstractUser.java @@ -1,5 +1,6 @@ package com.netgrif.application.engine.objects.auth.domain; +import com.netgrif.application.engine.objects.auth.domain.enums.UserType; import jakarta.validation.constraints.NotNull; import lombok.AllArgsConstructor; import lombok.Data; @@ -53,6 +54,11 @@ public abstract class AbstractUser extends AbstractActor { */ protected String avatar; + /** + * Boolean that marks user as internal + */ + protected UserType type; + /** * Constructs a new user with Object ID. * @@ -64,8 +70,9 @@ public abstract class AbstractUser extends AbstractActor { * @param lastName User's last name * @param email User's email address * @param avatar User's avatar URL/identifier + * @param type User's type defined by enumeration value */ - public AbstractUser(ObjectId id, String realmId, String username, String firstName, String middleName, String lastName, String email, String avatar) { + protected AbstractUser(ObjectId id, String realmId, String username, String firstName, String middleName, String lastName, String email, String avatar, UserType type) { super(id, realmId); this.username = username; this.firstName = firstName; @@ -73,6 +80,7 @@ public AbstractUser(ObjectId id, String realmId, String username, String firstNa this.lastName = lastName; this.email = email; this.avatar = avatar; + this.type = type; } /** @@ -86,8 +94,9 @@ public AbstractUser(ObjectId id, String realmId, String username, String firstNa * @param lastName User's last name * @param email User's email address * @param avatar User's avatar URL/identifier + * @param type User's type defined by enumeration value */ - public AbstractUser(String id, String realmId, String username, String firstName, String middleName, String lastName, String email, String avatar) { + protected AbstractUser(String id, String realmId, String username, String firstName, String middleName, String lastName, String email, String avatar, UserType type) { super(id, realmId); this.username = username; this.firstName = firstName; @@ -95,6 +104,7 @@ public AbstractUser(String id, String realmId, String username, String firstName this.lastName = lastName; this.email = email; this.avatar = avatar; + this.type = type; } /** diff --git a/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/LoggedUser.java b/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/LoggedUser.java index d2209c9f4e..fb80ae999c 100644 --- a/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/LoggedUser.java +++ b/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/LoggedUser.java @@ -1,5 +1,6 @@ package com.netgrif.application.engine.objects.auth.domain; +import com.netgrif.application.engine.objects.auth.domain.enums.UserType; import lombok.AllArgsConstructor; import lombok.Data; import lombok.EqualsAndHashCode; @@ -64,9 +65,10 @@ public abstract class LoggedUser extends AbstractUser implements Serializable { * @param providerOrigin The authentication provider origin * @param mfaMethods The set of enabled MFA methods * @param sessionTimeout The duration of session timeout + * @param type Type of user, defined in {@link UserType} */ - public LoggedUser(ObjectId id, String realmId, String username, String firstName, String middleName, String lastName, String email, String avatar, String workspaceId, String providerOrigin, Set mfaMethods, Duration sessionTimeout) { - super(id, realmId, username, firstName, middleName, lastName, email, avatar); + protected LoggedUser(ObjectId id, String realmId, String username, String firstName, String middleName, String lastName, String email, String avatar, String workspaceId, String providerOrigin, Set mfaMethods, Duration sessionTimeout, UserType type) { + super(id, realmId, username, firstName, middleName, lastName, email, avatar, type); this.workspaceId = workspaceId; this.providerOrigin = providerOrigin; this.mfaMethods = mfaMethods; @@ -88,9 +90,10 @@ public LoggedUser(ObjectId id, String realmId, String username, String firstName * @param providerOrigin The authentication provider origin * @param mfaMethods The set of enabled MFA methods * @param sessionTimeout The duration of session timeout + * @param type Type of user, defined in {@link UserType} */ - public LoggedUser(String id, String realmId, String username, String firstName, String middleName, String lastName, String email, String avatar, String workspaceId, String providerOrigin, Set mfaMethods, Duration sessionTimeout) { - super(id, realmId, username, firstName, middleName, lastName, email, avatar); + protected LoggedUser(String id, String realmId, String username, String firstName, String middleName, String lastName, String email, String avatar, String workspaceId, String providerOrigin, Set mfaMethods, Duration sessionTimeout, UserType type) { + super(id, realmId, username, firstName, middleName, lastName, email, avatar, type); this.workspaceId = workspaceId; this.providerOrigin = providerOrigin; this.mfaMethods = mfaMethods; diff --git a/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/Realm.java b/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/Realm.java index 8720102d5c..979909c5d2 100644 --- a/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/Realm.java +++ b/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/Realm.java @@ -103,12 +103,17 @@ public abstract class Realm implements Serializable { @Positive private int maxSessionsAllowed = 1; + /** + * List of domains allowed in realm + */ + private List domains = new ArrayList<>(); + /** * Constructs a new Realm instance with the specified name. * * @param name the name of the realm */ - public Realm(String name) { + protected Realm(String name) { this.name = name; } diff --git a/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/enums/UserType.java b/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/enums/UserType.java new file mode 100644 index 0000000000..4692c809fd --- /dev/null +++ b/nae-object-library/src/main/java/com/netgrif/application/engine/objects/auth/domain/enums/UserType.java @@ -0,0 +1,9 @@ +package com.netgrif.application.engine.objects.auth.domain.enums; + +public enum UserType { + + INTERNAL, + EXTERNAL, + SYSTEM, + ANONYMOUS +} diff --git a/nae-spring-core-adapter/src/main/java/com/netgrif/application/engine/adapter/spring/auth/domain/AnonymousUser.java b/nae-spring-core-adapter/src/main/java/com/netgrif/application/engine/adapter/spring/auth/domain/AnonymousUser.java index c641917e0c..ff9409690f 100644 --- a/nae-spring-core-adapter/src/main/java/com/netgrif/application/engine/adapter/spring/auth/domain/AnonymousUser.java +++ b/nae-spring-core-adapter/src/main/java/com/netgrif/application/engine/adapter/spring/auth/domain/AnonymousUser.java @@ -3,6 +3,7 @@ import com.netgrif.application.engine.objects.auth.domain.AbstractUser; import com.netgrif.application.engine.objects.auth.domain.Attribute; import com.netgrif.application.engine.objects.auth.domain.Authority; +import com.netgrif.application.engine.objects.auth.domain.enums.UserType; import lombok.Data; import org.bson.types.ObjectId; @@ -41,6 +42,7 @@ public AnonymousUser(AnonymousUserRef ref, Authority anonymousAuthority) { this.username = "anonymous@" + this.realmId; this.firstName = ref.getDisplayName(); this.lastName = ""; + this.type = UserType.ANONYMOUS; this.authoritySet = new HashSet<>(); if (ref.getAuthorities() != null && !ref.getAuthorities().isEmpty()) { diff --git a/nae-spring-core-adapter/src/main/java/com/netgrif/application/engine/adapter/spring/auth/domain/LoggedUserImpl.java b/nae-spring-core-adapter/src/main/java/com/netgrif/application/engine/adapter/spring/auth/domain/LoggedUserImpl.java index a8d970dbb3..a26e078746 100644 --- a/nae-spring-core-adapter/src/main/java/com/netgrif/application/engine/adapter/spring/auth/domain/LoggedUserImpl.java +++ b/nae-spring-core-adapter/src/main/java/com/netgrif/application/engine/adapter/spring/auth/domain/LoggedUserImpl.java @@ -1,6 +1,7 @@ package com.netgrif.application.engine.adapter.spring.auth.domain; import com.netgrif.application.engine.objects.auth.domain.LoggedUser; +import com.netgrif.application.engine.objects.auth.domain.enums.UserType; import lombok.AllArgsConstructor; import org.bson.types.ObjectId; import org.springframework.security.core.GrantedAuthority; @@ -38,12 +39,13 @@ public class LoggedUserImpl extends LoggedUser implements UserDetails { * @param providerOrigin The authentication provider's origin * @param mfaMethods Set of enabled Multi-Factor Authentication methods * @param sessionTimeout Duration after which the user's session times out + * @param type Type of user, defined in {@link UserType} */ public LoggedUserImpl(ObjectId id, String realmId, String username, String firstName, String middleName, String lastName, String email, String avatar, String workspaceId, String providerOrigin, Set mfaMethods, - Duration sessionTimeout) { + Duration sessionTimeout, UserType type) { super(id, realmId, username, firstName, middleName, lastName, email, avatar, workspaceId, providerOrigin, - mfaMethods, sessionTimeout); + mfaMethods, sessionTimeout, type); } /** @@ -61,12 +63,13 @@ public LoggedUserImpl(ObjectId id, String realmId, String username, String first * @param providerOrigin The authentication provider's origin * @param mfaMethods Set of enabled Multi-Factor Authentication methods * @param sessionTimeout Duration after which the user's session times out + * @param type Type of user, defined in {@link UserType} */ public LoggedUserImpl(String id, String realmId, String username, String firstName, String middleName, String lastName, String email, String avatar, String workspaceId, String providerOrigin, Set mfaMethods, - Duration sessionTimeout) { + Duration sessionTimeout, UserType type) { super(id, realmId, username, firstName, middleName, lastName, email, avatar, workspaceId, providerOrigin, - mfaMethods, sessionTimeout); + mfaMethods, sessionTimeout, type); } /** diff --git a/nae-spring-core-adapter/src/main/java/com/netgrif/application/engine/adapter/spring/petrinet/service/ProcessRoleService.java b/nae-spring-core-adapter/src/main/java/com/netgrif/application/engine/adapter/spring/petrinet/service/ProcessRoleService.java index 11d3de4705..6fbad1fb0b 100644 --- a/nae-spring-core-adapter/src/main/java/com/netgrif/application/engine/adapter/spring/petrinet/service/ProcessRoleService.java +++ b/nae-spring-core-adapter/src/main/java/com/netgrif/application/engine/adapter/spring/petrinet/service/ProcessRoleService.java @@ -1,15 +1,18 @@ package com.netgrif.application.engine.adapter.spring.petrinet.service; -import com.netgrif.application.engine.objects.auth.domain.AbstractUser; import com.netgrif.application.engine.objects.auth.domain.Group; -import com.netgrif.application.engine.objects.petrinet.domain.roles.ProcessRole; import com.netgrif.application.engine.objects.auth.domain.LoggedUser; +import com.netgrif.application.engine.objects.auth.domain.User; import com.netgrif.application.engine.objects.petrinet.domain.PetriNet; +import com.netgrif.application.engine.objects.petrinet.domain.roles.ProcessRole; import com.netgrif.application.engine.objects.workflow.domain.ProcessResourceId; import org.springframework.data.domain.Page; import org.springframework.data.domain.Pageable; -import java.util.*; +import java.util.Collection; +import java.util.List; +import java.util.Map; +import java.util.Optional; public interface ProcessRoleService { ProcessRole save(ProcessRole processRole); @@ -19,8 +22,8 @@ public interface ProcessRoleService { void delete(String id); void deleteAll(Collection ids); void deleteAll(); - void assignRolesToUser(AbstractUser user, Collection roleIds, LoggedUser loggedUser); - void assignRolesToUser(AbstractUser user, Collection roleIds, LoggedUser loggedUser, Map params); + void assignRolesToUser(User user, Collection roleIds, LoggedUser loggedUser); + void assignRolesToUser(User user, Collection roleIds, LoggedUser loggedUser, Map params); void assignRolesToGroup(Group group, Collection requestedRolesIds); ProcessRole getDefaultRole(); ProcessRole getAnonymousRole(); diff --git a/nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/GroupServiceImpl.java b/nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/GroupServiceImpl.java index b13df2a032..e9684e5a90 100644 --- a/nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/GroupServiceImpl.java +++ b/nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/GroupServiceImpl.java @@ -4,22 +4,22 @@ import com.netgrif.application.engine.auth.config.GroupConfigurationProperties; import com.netgrif.application.engine.auth.provider.CollectionNameProvider; import com.netgrif.application.engine.auth.repository.GroupRepository; -import com.netgrif.application.engine.objects.auth.domain.AbstractUser; import com.netgrif.application.engine.objects.auth.domain.Group; +import com.netgrif.application.engine.objects.auth.domain.User; import com.netgrif.application.engine.objects.auth.dto.GroupSearchDto; import com.netgrif.application.engine.objects.common.ResourceNotFoundException; import com.netgrif.application.engine.objects.common.ResourceNotFoundExceptionCode; -import org.springframework.data.domain.PageImpl; -import org.springframework.data.mongodb.core.query.Criteria; -import org.springframework.data.mongodb.core.query.Query; import com.querydsl.core.types.Predicate; import lombok.Getter; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.domain.Page; +import org.springframework.data.domain.PageImpl; import org.springframework.data.domain.PageRequest; import org.springframework.data.domain.Pageable; import org.springframework.data.mongodb.core.MongoTemplate; +import org.springframework.data.mongodb.core.query.Criteria; +import org.springframework.data.mongodb.core.query.Query; import org.springframework.data.util.Pair; import java.time.LocalDateTime; @@ -89,7 +89,7 @@ public void delete(Group group) { } if (group.getMemberIds() != null) { Pageable pageable = PageRequest.of(0, paginationProperties.getBackendPageSize()); - Page members; + Page members; do { members = userService.findAllByIds(group.getMemberIds(), group.getRealmId(), pageable); log.debug("Removing group [{}] from members [{}]", group.getStringId(), members); @@ -164,7 +164,7 @@ public Group getDefaultSystemGroup() { } @Override - public Group create(AbstractUser groupOwner) { + public Group create(User groupOwner) { log.info("Creating default group for owner: [{}]", groupOwner.getStringId()); Page userGroups = groupRepository.findByOwnerId(groupOwner.getStringId(), Pageable.ofSize(1)); if (!userGroups.isEmpty() && !Objects.equals(groupOwner.getStringId(), userService.getSystem().getStringId())) { @@ -174,7 +174,7 @@ public Group create(AbstractUser groupOwner) { } @Override - public Group create(String identifier, String title, AbstractUser groupOwner) { + public Group create(String identifier, String title, User groupOwner) { log.info("Creating default group for user: [{}]", groupOwner.getStringId()); Group group = new Group(identifier, groupOwner.getRealmId()); group.setOwnerId(groupOwner.getStringId()); @@ -187,7 +187,7 @@ public Group create(String identifier, String title, AbstractUser groupOwner) { } @Override - public Group getDefaultUserGroup(AbstractUser user) { + public Group getDefaultUserGroup(User user) { String errorMessage = "Default user group for user [%s] does not exist.".formatted(user.getUsername()); // TODO: optimize - use ownerId + groupIdentifier == username (no need for iteration) Pageable pageable = PageRequest.of(0, paginationProperties.getBackendPageSize()); @@ -206,7 +206,7 @@ public Group getDefaultUserGroup(AbstractUser user) { } @Override - public void addUserToDefaultSystemGroup(AbstractUser user) { + public void addUserToDefaultSystemGroup(User user) { log.info("Adding user [{}] to default group", user.getStringId()); addUser(user, getDefaultSystemGroup()); } @@ -218,18 +218,18 @@ public Group addUser(String userId, String groupId, String realmId) { @Override public Group addUser(String userId, Group group, String realmId) { - AbstractUser user = userService.findById(userId, realmId); + User user = userService.findById(userId, realmId); return addUser(user, group); } @Override - public Group addUser(AbstractUser user, String groupIdentifier) { + public Group addUser(User user, String groupIdentifier) { Group group = findByIdentifier(groupIdentifier).orElseThrow(() -> new IllegalArgumentException("Group with identifier [%s] not found. ".formatted(groupIdentifier))); return addUser(user, group); } @Override - public Group addUser(AbstractUser user, Group group) { + public Group addUser(User user, Group group) { log.info("Adding user [{}] to group [{}]", user.getStringId(), group.getStringId()); user.addGroupId(group.getStringId()); group.addMemberId(user.getStringId()); @@ -238,13 +238,13 @@ public Group addUser(AbstractUser user, Group group) { } @Override - public Group removeUser(AbstractUser user, String groupIdentifier) { + public Group removeUser(User user, String groupIdentifier) { Group group = findByIdentifier(groupIdentifier).orElseThrow(() -> new IllegalArgumentException("Group with identifier [%s] not found. ".formatted(groupIdentifier))); return removeUser(user, group); } @Override - public Group removeUser(AbstractUser user, Group group) { + public Group removeUser(User user, Group group) { log.info("Removing user [{}] from group [{}]", user.getStringId(), group.getStringId()); user.removeGroupId(group.getStringId()); group.removeMemberId(user.getStringId()); @@ -382,7 +382,7 @@ public Page search(GroupSearchDto searchDto, Pageable pageable) { ); filters.add(criteria); } - if (searchDto.getRealmId() != null && !searchDto.getRealmId().isBlank()) { + if (searchDto.getRealmId() != null && !searchDto.getRealmId().isBlank()) { filters.add(Criteria.where("realmId").regex(searchDto.getRealmId(), "i")); } Query query = Query.query(filters.isEmpty() ? new Criteria() : new Criteria().andOperator(filters.toArray(new Criteria[0]))); diff --git a/nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/RealmServiceImpl.java b/nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/RealmServiceImpl.java index c162d46ba6..82cbc8cb4c 100644 --- a/nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/RealmServiceImpl.java +++ b/nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/RealmServiceImpl.java @@ -65,6 +65,7 @@ public Realm createRealm(Realm createRequest) { if (createRequest.isDefaultRealm() && getDefaultRealm().isEmpty()) { realm.setDefaultRealm(true); } + realm.setDomains(createRequest.getDomains()); realm = realmRepository.save(realm); String collectionName = collectionNameProvider.getCollectionNameForRealm(realm.getName()); @@ -173,6 +174,7 @@ public Realm updateRealm(String realmId, Realm update) { realm.setPublicSessionTimeout(update.getPublicSessionTimeout()); realm.setEnableLimitSessions(update.isEnableLimitSessions()); realm.setMaxSessionsAllowed(update.getMaxSessionsAllowed()); + realm.setDomains(update.getDomains()); if (update.isDefaultRealm()) { if (!realm.isDefaultRealm() && getDefaultRealm().isEmpty()) { diff --git a/nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/UserServiceImpl.java b/nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/UserServiceImpl.java index 9820e6296b..9f42e141ba 100644 --- a/nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/UserServiceImpl.java +++ b/nae-user-ce/src/main/java/com/netgrif/application/engine/auth/service/UserServiceImpl.java @@ -6,9 +6,11 @@ import com.netgrif.application.engine.auth.config.GroupConfigurationProperties; import com.netgrif.application.engine.auth.provider.CollectionNameProvider; import com.netgrif.application.engine.auth.repository.UserRepository; +import com.netgrif.application.engine.auth.web.requestbodies.UpdateUserRequest; import com.netgrif.application.engine.objects.auth.constants.UserConstants; import com.netgrif.application.engine.objects.auth.domain.*; import com.netgrif.application.engine.objects.auth.domain.enums.UserState; +import com.netgrif.application.engine.objects.auth.domain.enums.UserType; import com.netgrif.application.engine.objects.petrinet.domain.PetriNet; import com.netgrif.application.engine.objects.petrinet.domain.roles.ProcessRole; import com.netgrif.application.engine.objects.workflow.domain.ProcessResourceId; @@ -30,6 +32,8 @@ import java.time.LocalDateTime; import java.util.*; +import java.util.regex.Matcher; +import java.util.regex.Pattern; import java.util.stream.Collectors; @Slf4j @@ -54,11 +58,15 @@ public class UserServiceImpl implements UserService { private GroupConfigurationProperties groupConfigurationProperties; - private AbstractUser systemUser; + private User systemUser; @Getter private PaginationProperties paginationProperties; + private RealmService realmService; + + private static final String EMPTY_VALUE_STRING = "EMPTY_VALUE"; + @Autowired public void setUserRepository(UserRepository userRepository) { this.userRepository = userRepository; @@ -112,34 +120,38 @@ public void setPaginationProperties(PaginationProperties paginationProperties) { this.paginationProperties = paginationProperties; } + @Autowired + public void setRealmService(RealmService realmService) { + this.realmService = realmService; + } + @Override - public AbstractUser saveUser(AbstractUser user, String realmId) { + public User saveUser(User user, String realmId) { user.setRealmId(realmId); return saveUser(user); } @Override - public AbstractUser saveUser(AbstractUser user) { + public User saveUser(User user) { log.debug("Saving user [{}] in realm with id [{}]", user.getUsername(), user.getRealmId()); - if (user instanceof User u) { - u.setModifiedAt(LocalDateTime.now()); - } + user.setModifiedAt(LocalDateTime.now()); String collectionName = collectionNameProvider.getCollectionNameForRealm(user.getRealmId()); - user = userRepository.saveUser((User) user, mongoTemplate, collectionName); + user.setType(resolveUserType(user.getEmail(), user.getRealmId())); + user = userRepository.saveUser(user, mongoTemplate, collectionName); log.trace("User [{}] saved in collection [{}]", user.getUsername(), collectionName); return user; } @Override - public List saveUsers(Collection users) { - return users.stream().map(u -> (User) this.saveUser(u)).collect(Collectors.toList()); + public List saveUsers(Collection users) { + return users.stream().map(this::saveUser).toList(); } @Override - public Optional findUserByUsername(String username, String realmId) { + public Optional findUserByUsername(String username, String realmId) { log.debug("Finding user by username [{}] in realm [{}]", username, realmId); String collectionName = collectionNameProvider.getCollectionNameForRealm(realmId); - Optional userOpt = userRepository.findByUsername(username, mongoTemplate, collectionName).map(user -> (AbstractUser) user); + Optional userOpt = userRepository.findByUsername(username, mongoTemplate, collectionName); if (userOpt.isPresent()) { log.debug("User [{}] found in realm [{}]", username, realmId); } else { @@ -149,7 +161,7 @@ public Optional findUserByUsername(String username, String realmId } @Override - public Page findAllUsersByQuery(Query query, String realmName, Pageable pageable) { + public Page findAllUsersByQuery(Query query, String realmName, Pageable pageable) { log.trace("Retrieving all users in realm [{}]", realmName); String collectionName = collectionNameProvider.getCollectionNameForRealm(realmName); Page users = userRepository.findAllByQuery(query, pageable, mongoTemplate, collectionName); @@ -158,7 +170,7 @@ public Page findAllUsersByQuery(Query query, String realmName, Pag } @Override - public Page findAllUsers(String realmName, Pageable pageable) { + public Page findAllUsers(String realmName, Pageable pageable) { log.trace("Retrieving all users in realm [{}]", realmName); String collectionName = collectionNameProvider.getCollectionNameForRealm(realmName); Page users = userRepository.findAllByQuery(new Query(), pageable, mongoTemplate, collectionName); @@ -167,20 +179,18 @@ public Page findAllUsers(String realmName, Pageable pageable) { } @Override - public AbstractUser createUser(String username, String email, String firstName, String lastName, String rawPassword, String realmId) { + public User createUser(String username, String email, String firstName, String lastName, String rawPassword, String realmId) { User user = initializeNewUser(username, email, firstName, lastName, rawPassword, realmId); return createUser(user, realmId); } @Override - public AbstractUser createUser(AbstractUser user, String realmId) { + public User createUser(User user, String realmId) { log.info("Creating user [{}] in realm [{}]", user.getUsername(), realmId); addDefaultAuthorities(user); addDefaultRole(user); setPassword(user, user.getPassword()); - - String collectionName = collectionNameProvider.getCollectionNameForRealm(realmId); - user = userRepository.saveUser(((User) user), mongoTemplate, collectionName); + user = this.saveUser(user, realmId);; filterImportExportService.createFilterImport(user); filterImportExportService.createFilterExport(user); @@ -191,11 +201,15 @@ public AbstractUser createUser(AbstractUser user, String realmId) { if (groupConfigurationProperties.isSystemEnabled()) groupService.addUserToDefaultSystemGroup(user); - user = userRepository.saveUser(((User) user), mongoTemplate, collectionName); + user = this.saveUser(user, realmId); log.info("User [{}] successfully created in realm [{}]", user.getUsername(), realmId); return user; } + protected UserType resolveUserType(String userMail, String realmId) { + return UserType.INTERNAL; + } + // TODO JOFO: auth methods no longer exists ... use credentials? @Override public User createUserFromThirdParty(String username, String email, String firstName, String lastName, String realmId, String authMethod) { @@ -214,9 +228,7 @@ public User createUserFromThirdParty(String username, String email, String first public void removeAllByStateAndExpirationDateBeforeForRealms(UserState state, LocalDateTime expirationDate, Collection realmIds) { // TODO: delete whole group or change owner of group? if (realmIds == null || realmIds.isEmpty()) { - collectionNameProvider.getCollectionNamesForAllRealm().forEach(collectionName -> { - removeAllByStateAndExpirationDateBeforeFromCollection(state, expirationDate, collectionName); - }); + collectionNameProvider.getCollectionNamesForAllRealm().forEach(collectionName -> removeAllByStateAndExpirationDateBeforeFromCollection(state, expirationDate, collectionName)); } else { realmIds.forEach(realmId -> removeAllByStateAndExpirationDateBefore(state, expirationDate, realmId)); } @@ -261,7 +273,7 @@ public List getUserGroups(AbstractActor actor) { } @Override - public AbstractUser changePassword(AbstractUser user, String newPassword, String oldPassword) { + public User changePassword(User user, String newPassword, String oldPassword) { canUpdatePassword(user, newPassword); if (!verifyPasswords(user, oldPassword)) { @@ -274,7 +286,7 @@ public AbstractUser changePassword(AbstractUser user, String newPassword, String } @Override - public void addDefaultAuthorities(AbstractUser user) { + public void addDefaultAuthorities(User user) { log.trace("Assigning default authorities to user [{}]", user.getUsername()); if (user.getAuthoritySet().isEmpty()) { Set authorities = new HashSet<>(); @@ -287,14 +299,14 @@ public void addDefaultAuthorities(AbstractUser user) { } @Override - public void addDefaultRole(AbstractUser user) { + public void addDefaultRole(User user) { log.trace("Assigning default role to user [{}]", user.getUsername()); user.addProcessRole(processRoleService.getDefaultRole()); saveUser(user); } @Override - public void addAnonymousAuthorities(AbstractUser user) { + public void addAnonymousAuthorities(User user) { log.trace("Assigning anonymous authorities to user [{}]", user.getUsername()); if (user.getAuthoritySet().isEmpty()) { Set authorities = new HashSet<>(); @@ -309,11 +321,11 @@ public void addAnonymousAuthorities(AbstractUser user) { @Override public void addAllRolesToAdminByUsername(String username) { String collectionName = collectionNameProvider.getAdminRealmCollection(); - Optional userOptional = userRepository.findByUsername(username, mongoTemplate, collectionName).map(user -> user); + Optional userOptional = userRepository.findByUsername(username, mongoTemplate, collectionName).map(user -> user); if (userOptional.isEmpty()) { throw new IllegalArgumentException("Admin user with username [%s] cannot be found.".formatted(username)); } - AbstractUser user = userOptional.get(); + User user = userOptional.get(); Page processRoles = processRoleService.findAll(Pageable.unpaged()); user.getProcessRoles().addAll(processRoles.getContent()); @@ -322,13 +334,13 @@ public void addAllRolesToAdminByUsername(String username) { } @Override - public void addAnonymousRole(AbstractUser user) { + public void addAnonymousRole(User user) { log.trace("Assigning anonymous role to user [{}]", user.getUsername()); user.addProcessRole(processRoleService.getAnonymousRole()); } @Override - public AbstractUser findById(String id, String realmId) { + public User findById(String id, String realmId) { log.debug("Finding user by ID [{}]", id); String collectionName = collectionNameProvider.getCollectionNameForRealm(realmId); Optional userOpt = userRepository.findById(new ObjectId(id), mongoTemplate, collectionName); @@ -336,7 +348,7 @@ public AbstractUser findById(String id, String realmId) { } @Override - public void deleteUser(AbstractUser user) { + public void deleteUser(User user) { log.warn("Deleting user [{}]", user.getUsername()); String collectionName = collectionNameProvider.getCollectionNameForRealm(user.getRealmId()); groupService.findAllByIds(user.getGroupIds(), Pageable.unpaged()).forEach(group -> { @@ -362,35 +374,70 @@ public void deleteAllUsers() { } @Override - public AbstractUser findByAuth(Authentication auth, String realmId) { + public User findByAuth(Authentication auth, String realmId) { return findByEmail(auth.getName(), realmId); } @Override - public AbstractUser update(AbstractUser user, AbstractUser updatedUser) { + public User update(User user, User updatedUser) { log.debug("Updating user with ID [{}]", user.getStringId()); UserMapper userMapper = new UserMapperImpl(); - userMapper.update((User) user, (User) updatedUser); + userMapper.update(user, updatedUser); + return saveUser(user); + } + + @Override + public User update(String userId, String realmId, UpdateUserRequest userUpdate) { + if(userId == null) { + log.info("Cannot update user, userId is null"); + return null; + } + User user = findById(userId, realmId); + if(user == null) { + log.info("User with id [{}] does not exist", userId); + return null; + } + return this.update(user, userUpdate); + } + + @Override + public User update(User user, UpdateUserRequest userUpdate) { + log.info("Updating user with id [{}]", user.getStringId()); + user.setAvatar(resolveUserUpdateValue(user.getAvatar(), userUpdate.getAvatar())); + user.setFirstName(resolveUserUpdateValue(user.getFirstName(), userUpdate.getFirstName())); + user.setMiddleName(resolveUserUpdateValue(user.getMiddleName(), userUpdate.getMiddleName())); + user.setLastName(resolveUserUpdateValue(user.getLastName(), userUpdate.getLastName())); + user.setEmail(resolveUserUpdateValue(user.getEmail(), userUpdate.getEmail())); + if(userUpdate.getType() != null) { + user.setType(userUpdate.getType()); + } return saveUser(user); } + private String resolveUserUpdateValue(String oldValue, String newValue) { + if(newValue != null) { + return newValue.equals(EMPTY_VALUE_STRING) ? null : newValue; + } + return oldValue; + } + @Override - public AbstractUser findByEmail(String email, String realmId) { + public User findByEmail(String email, String realmId) { log.debug("Finding user by email [{}]", email); Optional userOpt = userRepository.findByEmail(email, mongoTemplate, collectionNameProvider.getCollectionNameForRealm(realmId)); return userOpt.orElse(null); } @Override - public Page findAllCoMembers(LoggedUser loggedUser, Pageable pageable) { + public Page findAllCoMembers(LoggedUser loggedUser, Pageable pageable) { return this.searchAllCoMembers(null, loggedUser, pageable); } @Override - public Page searchAllCoMembers(String query, LoggedUser loggedUser, Pageable pageable) { -// AbstractUser user = this.findById(loggedUser.getSelfOrImpersonated().getId(), loggedUser.getSelfOrImpersonated().getRealmId()); + public Page searchAllCoMembers(String query, LoggedUser loggedUser, Pageable pageable) { +// User user = this.findById(loggedUser.getSelfOrImpersonated().getId(), loggedUser.getSelfOrImpersonated().getRealmId()); // TODO: impersonation - AbstractUser user = this.findById(loggedUser.getStringId(), loggedUser.getRealmId()); + User user = this.findById(loggedUser.getStringId(), loggedUser.getRealmId()); BooleanExpression predicate = buildPredicate(user, query); String collectionName = collectionNameProvider.getCollectionNameForRealm(loggedUser.getRealmId()); Page users = userRepository.findAllByQuery(predicate, pageable, mongoTemplate, collectionName); @@ -398,14 +445,14 @@ public Page searchAllCoMembers(String query, LoggedUser loggedUser } @Override - public Page searchAllCoMembers(String query, Collection roleIds, Collection negateRoleIds, LoggedUser loggedUser, Pageable pageable) { + public Page searchAllCoMembers(String query, Collection roleIds, Collection negateRoleIds, LoggedUser loggedUser, Pageable pageable) { if ((roleIds == null || roleIds.isEmpty()) && (negateRoleIds == null || negateRoleIds.isEmpty())) { return searchAllCoMembers(query, loggedUser, pageable); } -// AbstractUser user = this.findById(loggedUser.getSelfOrImpersonated().getId(), loggedUser.getSelfOrImpersonated().getRealmId()); +// User user = this.findById(loggedUser.getSelfOrImpersonated().getId(), loggedUser.getSelfOrImpersonated().getRealmId()); // TODO: impersonation - AbstractUser user = this.findById(loggedUser.getStringId(), loggedUser.getRealmId()); + User user = this.findById(loggedUser.getStringId(), loggedUser.getRealmId()); BooleanExpression predicate = buildPredicate(user, query); if (roleIds != null && !roleIds.isEmpty()) { predicate = predicate.and(QUser.user.processRoles.any()._id.in(roleIds)); @@ -420,7 +467,7 @@ public Page searchAllCoMembers(String query, Collection findAllByIds(Collection ids, String realmId, Pageable pageable) { + public Page findAllByIds(Collection ids, String realmId, Pageable pageable) { log.debug("Finding users by collection of IDs [{}]", ids); String collection = collectionNameProvider.getCollectionNameForRealm(realmId); Page users = userRepository.findAllByIds(ids.stream().map(ObjectId::new).toList(), pageable, mongoTemplate, collection); @@ -428,33 +475,33 @@ public Page findAllByIds(Collection ids, String realmId, P } @Override - public Page findAllActiveByProcessRoles(Collection roleIds, Pageable pageable, String realmId) { + public Page findAllActiveByProcessRoles(Collection roleIds, Pageable pageable, String realmId) { String collection = collectionNameProvider.getCollectionNameForRealm(realmId); Page users = userRepository.findDistinctByStateAndProcessRoles__idIn(UserState.ACTIVE, roleIds, pageable, mongoTemplate, collection); return changeType(users, users.getPageable()); } @Override - public Page findAllByProcessRoles(Collection roleIds, String realmId, Pageable pageable) { + public Page findAllByProcessRoles(Collection roleIds, String realmId, Pageable pageable) { String collectionName = collectionNameProvider.getCollectionNameForRealm(realmId); return searchUsersByRoleIds(roleIds, collectionName, pageable); } - protected Page searchUsersByRoleIds(Collection roleIds, String collectionName, Pageable pageable) { + protected Page searchUsersByRoleIds(Collection roleIds, String collectionName, Pageable pageable) { Page users = userRepository.findAllByProcessRoles__idIn(roleIds, pageable, mongoTemplate, collectionName); return changeType(users, users.getPageable()); } @Override - public AbstractUser assignAuthority(String userId, String realmId, String authorityId) { - AbstractUser user = findById(userId, realmId); + public User assignAuthority(String userId, String realmId, String authorityId) { + User user = findById(userId, realmId); Authority authority = authorityService.getOne(authorityId); user.addAuthority(authority); return saveUser(user, realmId); } @Override - public AbstractUser getLoggedOrSystem() { + public User getLoggedOrSystem() { try { if (SecurityContextHolder.getContext().getAuthentication().getPrincipal() instanceof String) { return getSystem(); @@ -466,10 +513,10 @@ public AbstractUser getLoggedOrSystem() { } @Override - public AbstractUser getLoggedUser() { + public User getLoggedUser() { LoggedUser loggedUser = getLoggedUserFromContext(); - Optional userOptional = findUserByUsername(loggedUser.getUsername(), loggedUser.getRealmId()); - AbstractUser user = userOptional.orElseThrow(() -> new IllegalArgumentException("User with username [%s] in realm [%s] is not present in the system.".formatted(loggedUser.getUsername(), loggedUser.getRealmId()))); + Optional userOptional = findUserByUsername(loggedUser.getUsername(), loggedUser.getRealmId()); + User user = userOptional.orElseThrow(() -> new IllegalArgumentException("User with username [%s] in realm [%s] is not present in the system.".formatted(loggedUser.getUsername(), loggedUser.getRealmId()))); // TODO: impersonation // if (loggedUser.isImpersonating()) { // IUser impersonated = transformToUser((LoggedUserImpl) loggedUser.getImpersonated()); @@ -481,7 +528,7 @@ public AbstractUser getLoggedUser() { } @Override - public AbstractUser getSystem() { + public User getSystem() { if (systemUser == null) { systemUser = createSystemUser(); } @@ -495,43 +542,43 @@ public LoggedUser getLoggedUserFromContext() { } @Override - public AbstractUser addRole(AbstractUser user, ProcessResourceId roleStringId) { + public User addRole(User user, ProcessResourceId roleStringId) { ProcessRole role = processRoleService.findById(roleStringId); user.addProcessRole(role); return saveUser(user, user.getRealmId()); } @Override - public AbstractUser addRole(AbstractUser user, String roleString) { + public User addRole(User user, String roleString) { return this.addRole(user, new ProcessResourceId(roleString)); } @Override - public AbstractUser removeRolesById(AbstractUser user, Collection processRolesIds) { + public User removeRolesById(User user, Collection processRolesIds) { Set processRoles = new HashSet<>(processRoleService.findAllByIds(processRolesIds)); return removeRoles(user, processRoles); } @Override - public AbstractUser removeRoles(AbstractUser user, Collection processRoles) { + public User removeRoles(User user, Collection processRoles) { processRoles.forEach(user::removeProcessRole); return saveUser(user); } @Override - public AbstractUser removeRole(AbstractUser user, ProcessRole role) { + public User removeRole(User user, ProcessRole role) { user.removeProcessRole(role); return saveUser(user); } @Override - public AbstractUser removeRole(AbstractUser user, ProcessResourceId roleStringId) { + public User removeRole(User user, ProcessResourceId roleStringId) { ProcessRole role = processRoleService.findById(roleStringId); return removeRole(user, role); } @Override - public AbstractUser removeRole(AbstractUser user, String roleString) { + public User removeRole(User user, String roleString) { return this.removeRole(user, new ProcessResourceId(roleString)); } @@ -545,7 +592,7 @@ public void removeRoleOfDeletedPetriNet(Set petriNetRoles) { String defaultRealmCollection = collectionNameProvider.getDefaultRealmCollection(); Pageable pageable = PageRequest.of(0, paginationProperties.getBackendPageSize()); Collection roleIds = petriNetRoles.stream().map(ProcessRole::get_id).collect(Collectors.toSet()); - Page users; + Page users; do { users = searchUsersByRoleIds(roleIds, defaultRealmCollection, pageable); users.getContent().forEach(u -> removeRoles(u, petriNetRoles)); @@ -554,8 +601,8 @@ public void removeRoleOfDeletedPetriNet(Set petriNetRoles) { } @Override - public AbstractUser createSystemUser() { - User system = (User) findByEmail(UserConstants.SYSTEM_USER_EMAIL, null); + public User createSystemUser() { + User system = findByEmail(UserConstants.SYSTEM_USER_EMAIL, null); if (system == null) { system = new User(); system.setUsername(UserConstants.SYSTEM_USER_EMAIL); @@ -564,18 +611,19 @@ public AbstractUser createSystemUser() { system.setFirstName(UserConstants.SYSTEM_USER_NAME); system.setLastName(UserConstants.SYSTEM_USER_SURNAME); system.setState(UserState.ACTIVE); + system.setType(UserType.SYSTEM); saveUser(system); } return system; } @Override - public AbstractUser transformToUser(ActorRef author) { + public User transformToUser(ActorRef author) { return findById(author.getId(), author.getRealmId()); } @Override - public AbstractUser transformToUser(LoggedUser loggedUser) { + public User transformToUser(LoggedUser loggedUser) { return findById(loggedUser.getStringId(), loggedUser.getRealmId()); } @@ -604,28 +652,28 @@ protected User initializeNewUser(String username, String email, String firstName return user; } - protected void setPassword(AbstractUser user, String password) { + protected void setPassword(User user, String password) { log.trace("Setting password for user [{}]", user.getUsername()); String hashedPassword = passwordEncoder.encode(password); user.setPassword(hashedPassword); log.debug("Password set for user [{}]", user.getUsername()); } - protected void setDisablePassword(AbstractUser user) { + protected void setDisablePassword(User user) { user.setPassword("N/A"); log.debug("Password N/A set for user [{}]", user.getUsername()); } - private Page changeType(Page users, Pageable pageable) { + private Page changeType(Page users, Pageable pageable) { return new PageImpl<>(changeType(new LinkedHashSet<>(users.getContent())), pageable, users.getTotalElements()); } - private List changeType(Collection users) { - return users.stream().map(AbstractUser.class::cast).toList(); + private List changeType(Collection users) { + return users.stream().map(User.class::cast).toList(); } - private BooleanExpression buildPredicate(AbstractUser user, String query) { - AbstractUser system = this.getSystem(); + private BooleanExpression buildPredicate(User user, String query) { + User system = this.getSystem(); BooleanExpression predicate = QUser.user .groupIds.any().in(user.getGroupIds()) .and(QUser.user.id.ne(new ObjectId(system.getStringId()))) @@ -642,11 +690,11 @@ private BooleanExpression buildPredicate(AbstractUser user, String query) { return predicate; } - private void resolveRelatedAuthorities(AbstractUser user) { + private void resolveRelatedAuthorities(User user) { user.getAuthoritySet().addAll(getUserGroups(user).stream().map(Group::getAuthoritySet).flatMap(Set::stream).collect(Collectors.toSet())); } - private void resolveRelatedProcessRoles(AbstractUser user) { + private void resolveRelatedProcessRoles(User user) { user.getAuthoritySet().addAll(getUserGroups(user).stream().map(Group::getAuthoritySet).flatMap(Set::stream).collect(Collectors.toSet())); } diff --git a/nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/GroupService.java b/nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/GroupService.java index 81f5a20714..0b47343166 100644 --- a/nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/GroupService.java +++ b/nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/GroupService.java @@ -1,17 +1,17 @@ package com.netgrif.application.engine.auth.service; -import com.netgrif.application.engine.objects.auth.domain.AbstractUser; import com.netgrif.application.engine.objects.auth.domain.Group; +import com.netgrif.application.engine.objects.auth.domain.User; import com.netgrif.application.engine.objects.auth.dto.GroupSearchDto; -import org.springframework.data.mongodb.core.query.Query; import com.querydsl.core.types.Predicate; import org.springframework.data.domain.Page; import org.springframework.data.domain.Pageable; +import org.springframework.data.mongodb.core.query.Query; import org.springframework.data.util.Pair; import java.util.Collection; -import java.util.Optional; import java.util.List; +import java.util.Optional; /** * Service interface for managing user groups in the application. @@ -34,7 +34,7 @@ public interface GroupService { * @param groupOwner the user for whom to create the group * @return the newly created {@link Group} */ - Group create(AbstractUser groupOwner); + Group create(User groupOwner); /** * Creates a new group with specified parameters. @@ -44,7 +44,7 @@ public interface GroupService { * @param groupOwner the user associated with the group creation * @return the newly created {@link Group} */ - Group create(String identifier, String title, AbstractUser groupOwner); + Group create(String identifier, String title, User groupOwner); /** * Retrieves the default user group for a given user. @@ -52,14 +52,14 @@ public interface GroupService { * @param user the user whose default group is to be retrieved * @return the default {@link Group} for the user */ - Group getDefaultUserGroup(AbstractUser user); + Group getDefaultUserGroup(User user); /** * Adds a user to the default system group. * * @param user the user to be added to the default system group */ - void addUserToDefaultSystemGroup(AbstractUser user); + void addUserToDefaultSystemGroup(User user); /** * Persists a group to the database. @@ -165,7 +165,7 @@ public interface GroupService { * @param groupIdentifier identifier of the target group * @return the updated {@link Group} */ - Group addUser(AbstractUser user, String groupIdentifier); + Group addUser(User user, String groupIdentifier); /** * Adds a user to a specific group. @@ -174,7 +174,7 @@ public interface GroupService { * @param group the group to add the user to * @return the updated {@link Group} */ - Group addUser(AbstractUser user, Group group); + Group addUser(User user, Group group); /** * Removes a user from a group specified by identifier. @@ -183,7 +183,7 @@ public interface GroupService { * @param groupIdentifier identifier of the target group * @return the updated {@link Group} */ - Group removeUser(AbstractUser user, String groupIdentifier); + Group removeUser(User user, String groupIdentifier); /** * Removes a user from a specific group. @@ -192,7 +192,7 @@ public interface GroupService { * @param group the group to remove the user from * @return the updated {@link Group} */ - Group removeUser(AbstractUser user, Group group); + Group removeUser(User user, Group group); /** * Finds groups matching a given predicate with pagination. diff --git a/nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/RealmService.java b/nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/RealmService.java index ff9df20e82..cce937abdf 100644 --- a/nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/RealmService.java +++ b/nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/RealmService.java @@ -8,7 +8,6 @@ import org.springframework.data.domain.Page; import org.springframework.data.domain.Pageable; -import java.util.Map; import java.util.Optional; public interface RealmService { diff --git a/nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/UserService.java b/nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/UserService.java index 63e0111c82..615d1c3853 100644 --- a/nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/UserService.java +++ b/nae-user-common/src/main/java/com/netgrif/application/engine/auth/service/UserService.java @@ -1,5 +1,6 @@ package com.netgrif.application.engine.auth.service; +import com.netgrif.application.engine.auth.web.requestbodies.UpdateUserRequest; import com.netgrif.application.engine.objects.auth.domain.*; import com.netgrif.application.engine.objects.auth.domain.enums.UserState; import com.netgrif.application.engine.objects.petrinet.domain.PetriNet; @@ -9,7 +10,6 @@ import org.springframework.data.domain.Pageable; import org.springframework.data.mongodb.core.query.Query; import org.springframework.security.core.Authentication; -import com.netgrif.application.engine.objects.auth.domain.AbstractUser; import com.netgrif.application.engine.objects.auth.domain.ActorRef; import java.time.LocalDateTime; @@ -32,7 +32,7 @@ public interface UserService { * @param realmId the identifier of the realm * @return the saved user */ - AbstractUser saveUser(AbstractUser user, String realmId); + User saveUser(User user, String realmId); /** * Saves a user without specifying a realm. @@ -40,7 +40,7 @@ public interface UserService { * @param user the user to be saved * @return the saved user */ - AbstractUser saveUser(AbstractUser user); + User saveUser(User user); /** * Saves multiple users in batch. @@ -48,7 +48,7 @@ public interface UserService { * @param users collection of users to be saved * @return list of saved users */ - List saveUsers(Collection users); + List saveUsers(Collection users); /** * Deletes all users from specified realms. @@ -69,9 +69,9 @@ public interface UserService { * @param realmName the name of the realm * @return an Optional containing the user if found */ - Optional findUserByUsername(String username, String realmName); + Optional findUserByUsername(String username, String realmName); - Page findAllUsersByQuery(Query query, String realmName, Pageable pageable); + Page findAllUsersByQuery(Query query, String realmName, Pageable pageable); /** * Retrieves a paginated list of all users in a specific realm. @@ -80,7 +80,7 @@ public interface UserService { * @param pageable pagination information * @return page of users */ - Page findAllUsers(String realmName, Pageable pageable); + Page findAllUsers(String realmName, Pageable pageable); /** * Creates a new user with basic information. @@ -93,7 +93,7 @@ public interface UserService { * @param realmName the realm name * @return the created user */ - AbstractUser createUser(String username, String email, String firstName, String lastName, String password, String realmName); + User createUser(String username, String email, String firstName, String lastName, String password, String realmName); /** * Creates a new user from an existing user object in a specific realm. @@ -102,7 +102,7 @@ public interface UserService { * @param realmId the realm identifier * @return the created user */ - AbstractUser createUser(AbstractUser user, String realmId); + User createUser(User user, String realmId); /** * Creates a user from third-party authentication. @@ -115,21 +115,21 @@ public interface UserService { * @param authMethod the authentication method used * @return the created user */ - AbstractUser createUserFromThirdParty(String username, String email, String firstName, String lastName, String realmId, String authMethod); + User createUserFromThirdParty(String username, String email, String firstName, String lastName, String realmId, String authMethod); /** * Adds default role to a user. * * @param user the user to update */ - void addDefaultRole(AbstractUser user); + void addDefaultRole(User user); /** * Adds anonymous authorities to a user. * * @param user the user to update */ - void addAnonymousAuthorities(AbstractUser user); + void addAnonymousAuthorities(User user); /** * Adds all available roles to an admin user. @@ -143,7 +143,7 @@ public interface UserService { * * @param user the user to update */ - void addAnonymousRole(AbstractUser user); + void addAnonymousRole(User user); /** * Finds a user by ID in a specific realm. @@ -152,14 +152,14 @@ public interface UserService { * @param realmId the realm identifier * @return the found user */ - AbstractUser findById(String id, String realmId); + User findById(String id, String realmId); /** * Deletes a user from the system. * * @param user the user to delete */ - void deleteUser(AbstractUser user); + void deleteUser(User user); /** * Finds a user by authentication in a specific realm. @@ -168,7 +168,7 @@ public interface UserService { * @param realmId the realm identifier * @return the found user */ - AbstractUser findByAuth(Authentication auth, String realmId); + User findByAuth(Authentication auth, String realmId); /** * Updates a user with new information. @@ -177,7 +177,25 @@ public interface UserService { * @param updatedUser the user with updated information * @return the updated user */ - AbstractUser update(AbstractUser user, AbstractUser updatedUser); + User update(User user, User updatedUser); + + /** + * Updates a user with new information. + * + * @param userId user to update + * @param userUpdate user information to be updated + * @return the updated user + */ + User update(String userId, String realmId, UpdateUserRequest userUpdate); + + /** + * Updates a user with new information. + * + * @param user the current user + * @param userUpdate user information to be updated + * @return the updated user + */ + User update(User user, UpdateUserRequest userUpdate); /** * Finds a user by email in a specific realm. @@ -186,7 +204,7 @@ public interface UserService { * @param realmId the realm identifier * @return the found user */ - AbstractUser findByEmail(String email, String realmId); + User findByEmail(String email, String realmId); /** * Finds all users by their IDs in a specific realm. @@ -195,7 +213,7 @@ public interface UserService { * @param realmId the realm identifier * @return list of found users */ - Page findAllByIds(Collection ids, String realmId, Pageable pageable); + Page findAllByIds(Collection ids, String realmId, Pageable pageable); /** * Finds all active users with specific process roles. @@ -204,7 +222,7 @@ public interface UserService { * @param pageable pagination information * @return page of users */ - Page findAllActiveByProcessRoles(Collection roleIds, Pageable pageable, String realmId); + Page findAllActiveByProcessRoles(Collection roleIds, Pageable pageable, String realmId); /** * Finds all users with specific process roles in specific realms. @@ -213,14 +231,14 @@ public interface UserService { * @param realmId realm identifier * @return list of users */ - Page findAllByProcessRoles(Collection roleIds, String realmId, Pageable pageable); + Page findAllByProcessRoles(Collection roleIds, String realmId, Pageable pageable); /** * Adds default authorities to a user. * * @param user the user to update */ - void addDefaultAuthorities(AbstractUser user); + void addDefaultAuthorities(User user); /** * Assigns an authority to a user. @@ -230,28 +248,28 @@ public interface UserService { * @param authorityId the authority identifier * @return the updated user */ - AbstractUser assignAuthority(String userId, String realmId, String authorityId); + User assignAuthority(String userId, String realmId, String authorityId); /** * Gets the currently logged user or system user if no user is logged in. * * @return the logged user or system user */ - AbstractUser getLoggedOrSystem(); + User getLoggedOrSystem(); /** * Gets the currently logged user. * * @return the logged user */ - AbstractUser getLoggedUser(); + User getLoggedUser(); /** * Gets the system user. * * @return the system user */ - AbstractUser getSystem(); + User getSystem(); /** * Gets the logged user from the current security context. @@ -267,7 +285,7 @@ public interface UserService { * @param id the process role identifier * @return the updated user */ - AbstractUser addRole(AbstractUser user, ProcessResourceId id); + User addRole(User user, ProcessResourceId id); /** * Adds a role to a user by string identifier. @@ -276,9 +294,9 @@ public interface UserService { * @param roleStringId the role string identifier * @return the updated user */ - AbstractUser addRole(AbstractUser user, String roleStringId); + User addRole(User user, String roleStringId); - Page findAllCoMembers(LoggedUser loggedUser, Pageable pageable); + Page findAllCoMembers(LoggedUser loggedUser, Pageable pageable); /** * Searches for co-members of a principal user. @@ -288,7 +306,7 @@ public interface UserService { * @param pageable pagination information * @return page of matching co-members */ - Page searchAllCoMembers(String query, LoggedUser principal, Pageable pageable); + Page searchAllCoMembers(String query, LoggedUser principal, Pageable pageable); /** * Advanced search for co-members with role filtering. @@ -300,7 +318,7 @@ public interface UserService { * @param pageable pagination information * @return page of matching co-members */ - Page searchAllCoMembers(String query, Collection roleIds, + Page searchAllCoMembers(String query, Collection roleIds, Collection negateRoleIds, LoggedUser loggedUser, Pageable pageable); /** @@ -310,7 +328,7 @@ Page searchAllCoMembers(String query, Collection processRolesIds); + User removeRolesById(User user, Collection processRolesIds); /** * Removes specified process roles from a user. @@ -319,7 +337,7 @@ Page searchAllCoMembers(String query, Collection processRoles); + User removeRoles(User user, Collection processRoles); /** * Removes a specific process role from a user. @@ -328,7 +346,7 @@ Page searchAllCoMembers(String query, Collection searchAllCoMembers(String query, Collection searchAllCoMembers(String query, Collection searchAllCoMembers(String query, Collection searchAllCoMembers(String query, Collection searchAllCoMembers(String query, Collection searchAllCoMembers(String query, Collection> enabledCredentialsAttribute = new Attribute<>(); @@ -62,6 +64,7 @@ public User(AbstractUser user) { attributes = user.getAttributes() != null ? new java.util.HashMap<>(user.getAttributes()) : new java.util.HashMap<>(); + type = user.getType(); if (enabledCredentialsAttribute.getValue() != null && !enabledCredentialsAttribute.getValue().isEmpty()) { attributes.put(ATTR_ENABLED_CREDENTIALS, enabledCredentialsAttribute); }