/**
   * Update user password.
   *
   * @param headers
   * @param username
   * @return
   * @throws IOException
   * @throws JargonException
   */
  @RequestMapping(value = "/services/users/{username}/updatepwd", method = RequestMethod.GET)
  @ResponseBody
  public IBIOMESResponse updateUserPassword(
      @PathVariable("username") String username,
      @RequestParam("oldPwd") String oldPwd,
      @RequestParam("newPwd") String newPwd)
      throws JargonException, IOException {
    IRODSAccount irodsAccount =
        (IRODSAccount) request.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
    UserAO userAO = irodsAccessObjectFactory.getUserAO(irodsAccount);
    try {
      userAO.changeAUserPasswordByThatUser(username, oldPwd, newPwd);

      // create new iRODS account object to reflect changes
      IRODSAccount newAccount =
          IRODSAccount.instance(
              irodsAccount.getHost(),
              irodsAccount.getPort(),
              irodsAccount.getUserName(),
              newPwd,
              irodsAccount.getHomeDirectory(),
              irodsAccount.getZone(),
              irodsAccount.getDefaultStorageResource());

      IRODSSession session = irodsAccessObjectFactory.getIrodsSession();

      // TODO UPDATE SESSION INFO!!! OR SOEMTHING WRONG HERE...

      AuthResponse authResponse = null;
      IRODSAccessObjectFactory accessAO = IRODSAccessObjectFactoryImpl.instance(session);
      try {
        request.getSession().removeAttribute("SPRING_SECURITY_CONTEXT");
        authResponse = accessAO.authenticateIRODSAccount(newAccount);
        session.currentConnection(authResponse.getAuthenticatedIRODSAccount());
        request
            .getSession()
            .setAttribute("SPRING_SECURITY_CONTEXT", authResponse.getAuthenticatedIRODSAccount());
      } catch (JargonException e) {
        e.printStackTrace();
        return new IBIOMESResponse(
            false,
            "Cannot update session information. Exception: " + e.getLocalizedMessage(),
            null);
      }

    } catch (AuthenticationException exc) {
      return new IBIOMESResponse(false, "Current password is not correct", null);
    }

    return new IBIOMESResponse(true, "Password successfully updated", null);
  }
 /**
  * Retrieve list of iBIOMES users.
  *
  * @param usertype User type (admins, users, or groups)
  * @return User list
  * @throws JargonException
  * @throws IOException
  * @throws Exception
  */
 @RequestMapping(value = "/services/users", method = RequestMethod.GET)
 @ResponseBody
 public UserListMetadata getUsers() throws JargonException, IOException {
   IRODSAccount irodsAccount =
       (IRODSAccount) request.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
   UserAO userAO = irodsAccessObjectFactory.getUserAO(irodsAccount);
   UserListMetadata users = new UserListMetadata(userAO.findAll());
   return users;
 }
 /**
  * Retrieve info for particular iBIOMES user.
  *
  * @param headers
  * @param username
  * @return
  * @throws IOException
  * @throws JargonException
  */
 @RequestMapping(value = "/services/users/{username}", method = RequestMethod.GET)
 @ResponseBody
 public UserMetadata getUser(@PathVariable("username") String username)
     throws JargonException, IOException {
   IRODSAccount irodsAccount =
       (IRODSAccount) request.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
   UserAO userAO = irodsAccessObjectFactory.getUserAO(irodsAccount);
   UserMetadata user = new UserMetadata(userAO.findByName(username));
   return user;
 }
 /**
  * Retrieve list of user groups.
  *
  * @param headers
  * @param username
  * @return
  * @throws IOException
  * @throws JargonException
  */
 @RequestMapping(value = "/services/usergroups/{groupname}/users", method = RequestMethod.GET)
 @ResponseBody
 public UserListMetadata getUserGroupMembers(@PathVariable("groupname") String groupname)
     throws JargonException, IOException {
   IRODSAccount irodsAccount =
       (IRODSAccount) request.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
   UserGroupAO userGroupAO = irodsAccessObjectFactory.getUserGroupAO(irodsAccount);
   UserListMetadata users = new UserListMetadata(userGroupAO.listUserGroupMembers(groupname));
   return users;
 }
 /**
  * Create temporary user password.
  *
  * @return
  * @throws JargonException
  */
 @RequestMapping(value = "/services/user/getTmpPassword", method = RequestMethod.GET)
 @ResponseBody
 public IBIOMESResponse getTemporaryPassword() throws JargonException {
   IRODSAccount irodsAccount =
       (IRODSAccount) request.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
   if (irodsAccount.isAnonymousAccount()) {
     return new IBIOMESResponse(true, "", "");
   } else {
     UserAO userAO = irodsAccessObjectFactory.getUserAO(irodsAccount);
     try {
       String password = userAO.getTemporaryPasswordForConnectedUser();
       return new IBIOMESResponse(true, "", password);
     } catch (AuthenticationException exc) {
       return new IBIOMESResponse(
           false,
           "Could not generate temporary password for user '" + irodsAccount.getUserName() + "'",
           null);
     }
   }
 }
  @Test
  public void testAddUserDuplicateByAdmin() throws Exception {

    String testUser = "******";
    String testPassword = "******";
    IRODSAccount irodsAccount =
        testingPropertiesHelper.buildIRODSAccountFromTestProperties(testingProperties);

    IRODSAccessObjectFactory accessObjectFactory = irodsFileSystem.getIRODSAccessObjectFactory();

    UserAO userAO = accessObjectFactory.getUserAO(irodsAccount);
    userAO.deleteUser(testUser);
    User user = new User();
    user.setName(testUser);
    user.setUserType(UserTypeEnum.RODS_USER);
    userAO.addUser(user);

    StringBuilder sb = new StringBuilder();
    sb.append("http://localhost:");
    sb.append(
        testingPropertiesHelper.getPropertyValueAsInt(
            testingProperties, RestTestingProperties.REST_PORT_PROPERTY));
    sb.append("/user/");

    DefaultHttpClientAndContext clientAndContext =
        RestAuthUtils.httpClientSetup(irodsAccount, testingProperties);
    try {

      HttpPut httpPut = new HttpPut(sb.toString());
      httpPut.addHeader("accept", "application/json");
      httpPut.addHeader("Content-Type", "application/json");

      ObjectMapper mapper = new ObjectMapper();
      UserAddByAdminRequest addRequest = new UserAddByAdminRequest();
      addRequest.setDistinguishedName("dn here");
      addRequest.setTempPassword(testPassword);
      addRequest.setUserName(testUser);
      String body = mapper.writeValueAsString(addRequest);

      System.out.println(body);

      httpPut.setEntity(new StringEntity(body));

      HttpResponse response =
          clientAndContext.getHttpClient().execute(httpPut, clientAndContext.getHttpContext());
      HttpEntity entity = response.getEntity();
      Assert.assertEquals(200, response.getStatusLine().getStatusCode());
      String entityData = EntityUtils.toString(entity);

      System.out.println(entityData);

      UserAddActionResponse actual = mapper.readValue(entityData, UserAddActionResponse.class);
      Assert.assertEquals(testUser, actual.getUserName());
      Assert.assertEquals(
          UserAddActionResponse.UserAddActionResponseCode.USER_NAME_IS_TAKEN,
          actual.getUserAddActionResponse());
      Assert.assertEquals(
          UserAddActionResponse.UserAddActionResponseCode.USER_NAME_IS_TAKEN.ordinal(),
          actual.getUserAddActionResponseNumericCode());

    } finally {
      // When HttpClient instance is no longer needed,
      // shut down the connection manager to ensure
      // immediate deallocation of all system resources
      clientAndContext.getHttpClient().getConnectionManager().shutdown();
    }
  }
  @Test
  public void testAddUserByAdminLongDn() throws Exception {

    String testUser = "******";
    String testPassword = "******";
    String testDN =
        "/CN=xxxxxyyxx-64f0-4d49-a0a9-508a8a5328cd/emailAddress=xxxxxxxxxxthismaynotshowup";
    IRODSAccount irodsAccount =
        testingPropertiesHelper.buildIRODSAccountFromTestProperties(testingProperties);

    IRODSAccount userAccount =
        testingPropertiesHelper.buildIRODSAccountForIRODSUserFromTestPropertiesForGivenUser(
            testingProperties, testUser, testPassword);

    IRODSAccessObjectFactory accessObjectFactory = irodsFileSystem.getIRODSAccessObjectFactory();

    UserAO userAO = accessObjectFactory.getUserAO(irodsAccount);

    try {
      userAO.findByName(testUser);
      String homeDir = MiscIRODSUtils.computeHomeDirectoryForIRODSAccount(userAccount);
      IRODSFile userHomeDir =
          irodsFileSystem.getIRODSFileFactory(userAccount).instanceIRODSFile(homeDir);

      for (File homeDirFile : userHomeDir.listFiles()) {
        homeDirFile.delete();
      }
      userAO.deleteUser(testUser);

    } catch (DataNotFoundException dnf) {
      // OK
    }

    StringBuilder sb = new StringBuilder();
    sb.append("http://localhost:");
    sb.append(
        testingPropertiesHelper.getPropertyValueAsInt(
            testingProperties, RestTestingProperties.REST_PORT_PROPERTY));
    sb.append("/user/");

    DefaultHttpClientAndContext clientAndContext =
        RestAuthUtils.httpClientSetup(irodsAccount, testingProperties);
    try {

      HttpPut httpPut = new HttpPut(sb.toString());
      httpPut.addHeader("accept", "application/json");
      httpPut.addHeader("Content-Type", "application/json");

      ObjectMapper mapper = new ObjectMapper();
      UserAddByAdminRequest addRequest = new UserAddByAdminRequest();
      addRequest.setDistinguishedName(testDN);
      addRequest.setTempPassword(testPassword);
      addRequest.setUserName(testUser);
      String body = mapper.writeValueAsString(addRequest);

      System.out.println(body);

      httpPut.setEntity(new StringEntity(body));

      HttpResponse response =
          clientAndContext.getHttpClient().execute(httpPut, clientAndContext.getHttpContext());
      HttpEntity entity = response.getEntity();
      Assert.assertEquals(200, response.getStatusLine().getStatusCode());
      String entityData = EntityUtils.toString(entity);

      System.out.println(entityData);

      UserAddActionResponse actual = mapper.readValue(entityData, UserAddActionResponse.class);
      Assert.assertEquals(testUser, actual.getUserName());
      Assert.assertEquals(
          UserAddActionResponse.UserAddActionResponseCode.SUCCESS,
          actual.getUserAddActionResponse());
      Assert.assertEquals(
          UserAddActionResponse.UserAddActionResponseCode.SUCCESS.ordinal(),
          actual.getUserAddActionResponseNumericCode());

    } finally {
      // When HttpClient instance is no longer needed,
      // shut down the connection manager to ensure
      // immediate deallocation of all system resources
      clientAndContext.getHttpClient().getConnectionManager().shutdown();
    }

    User user = userAO.findByName(testUser);
    Assert.assertNotNull("user not added", user);
    Assert.assertEquals("dn not set", testDN, user.getUserDN());
  }