public static UserAccount getPrincipal() {
UserAccount result;
SecurityContext context;
Authentication authentication;
Object principal;
// If the asserts in this method fail, then you're
// likely to have your Tomcat's working directory
// corrupt. Please, clear your browser's cache, stop
// Tomcat, update your Maven's project configuration,
// clean your project, clean Tomcat's working directory,
// republish your project, and start it over.
context = SecurityContextHolder.getContext();
Assert.notNull(context);
authentication = context.getAuthentication();
Assert.notNull(authentication);
principal = authentication.getPrincipal();
Assert.isTrue(principal instanceof UserAccount);
result = (UserAccount) principal;
Assert.notNull(result);
Assert.isTrue(result.getId() != 0);
return result;
}
public ActionForward executeInContext(
UserContext uc,
ActionMapping mapping,
ActionForm actionForm,
HttpServletRequest request,
HttpServletResponse response) {
int uid = Integer.parseInt(request.getParameter(Constants.USER_ID_FULL));
int custID = Integer.parseInt(request.getParameter(Constants.CUSTOMER_ID));
IUserManager um = ManagementContainer.getInstance().getUserManager();
UserAccount user = um.getUserAccount(custID, uid);
if (user == null) {
return mapping.findForward(FAILURE);
}
try {
um.deleteEpaUser(user.getPrimaryEmail());
} catch (Exception ex) {
reportSingleError(
request, ActionMessages.GLOBAL_MESSAGE, "error.epa.user.delete.error", ex.getMessage());
return mapping.findForward(FAILURE);
}
IAuditManager auditManager = ManagementContainer.getInstance().getAuditManager();
auditManager.saveAudit(
IAuditManager.AuditCategory.EPA_MGMT,
"Removed EPA user " + user.getDisplayName() + " ( " + user.getPrimaryEmail() + " )",
"Remove EPA User Audit",
null,
uc.getCurrentUser().getPrimaryEmail());
return mapping.findForward(SUCCESS);
}
public UserAccount authenticateUser(String username, String password) {
for (UserAccount ua : userAccountList)
if (ua.getUsername().equals(username) && ua.getPassword().equals(password)) {
return ua;
}
return null;
}
/** Tests bundle creation. */
public void testConvertAccountToBundle() {
final UserAccount account =
new UserAccount(
TEST_AUTH_TOKEN,
TEST_REFRESH_TOKEN,
TEST_LOGIN_URL,
TEST_IDENTITY_URL,
TEST_INSTANCE_URL,
TEST_ORG_ID,
TEST_USER_ID,
TEST_USERNAME,
TEST_ACCOUNT_NAME,
TEST_CLIENT_ID,
TEST_COMMUNITY_ID,
TEST_COMMUNITY_URL,
TEST_FIRST_NAME,
TEST_LAST_NAME,
TEST_DISPLAY_NAME,
TEST_EMAIL,
TEST_PHOTO_URL,
TEST_THUMBNAIL_URL,
createAdditionalOauthValues());
final Bundle bundle = account.toBundle();
final Bundle expectedBundle = createTestAccountBundle();
assertTrue(equalBundles(bundle, expectedBundle));
}
@Test
public void loginSetsAuthToken() {
ArgumentCaptor<String> captor = ArgumentCaptor.forClass(String.class);
doNothing().when(authTokenPreference).set(captor.capture());
userAccount.login("AuthToken");
when(authTokenPreference.get()).thenReturn(captor.getValue());
assertThat(userAccount.getAuthToken()).isEqualTo("AuthToken");
}
@Test
public void userIdIsStored() {
ArgumentCaptor<String> captor = ArgumentCaptor.forClass(String.class);
doNothing().when(userIdPreference).set(captor.capture());
userAccount.setUserId("UserId");
when(userIdPreference.get()).thenReturn(captor.getValue());
assertThat(userAccount.getUserId()).isEqualTo("UserId");
}
public UserAccount createUserAccount(
String username, String password, Employee employee, Role role) {
UserAccount userAccount = new UserAccount();
userAccount.setUsername(username);
userAccount.setPassword(password);
userAccount.setEmployee(employee);
userAccount.setRole(role);
userAccountList.add(userAccount);
return userAccount;
}
public boolean isUserNameExist(String userName) {
for (UserAccount account : userAccounts) {
if (account.getUserName().equalsIgnoreCase(userName)) {
return true;
}
}
return false;
}
public UserAccount authenticateUser(String userName, String password) {
for (UserAccount account : userAccounts) {
if (account.getUserName().equalsIgnoreCase(userName)
&& account.getPassword().equals(password)) {
return account;
}
}
return null;
}
public HashSet<UserAccount> getUserAccounts() {
HashSet<UserAccount> userAccounts = new HashSet<UserAccount>();
for (User user : this.userManager.getUsers()) {
UserAccount userAccount = new UserAccount();
String sipUserId = user.getProperties().get(SIP_UID);
userAccount.setXmppUserName(user.getUsername());
userAccount.setSipUserName(sipUserId);
userAccounts.add(userAccount);
}
return userAccounts;
}
@Test
@UsingDataSet("single-user.xml")
public void should_find_user_using_xml_dataset() throws Exception {
// given
String expectedUsername = "******";
// when
UserAccount user = em.find(UserAccount.class, 1L);
// then
assertThat(user.getUsername()).isEqualTo(expectedUsername);
}
public UserAccount[] balanceAccounts(UserAccount[] users, Double amount) {
int totalUsers = users.length;
for (UserAccount user : users) {
if (user.isPayable()) {
double amtRec = amount - (amount / totalUsers);
user.setAmountReceivable(amtRec);
} else {
user.setAmountOwed(amount / totalUsers);
}
}
return users;
}
private void storeLoginAttributes() {
currentAccount = new UserAccount(firstName, lastName, username, password);
String username = currentAccount.getUsername();
String welcomeName = currentAccount.getName();
String firstName = currentAccount.getFirstName();
String lastName = currentAccount.getLastName();
Attributes.storeAttribute(Attributes.WELCOME_NAME, welcomeName);
Attributes.storeAttribute("firstName", firstName);
Attributes.storeAttribute("lastName", lastName);
Attributes.storeAttribute("username", username);
AccountForm.changeAccountSettings(currentAccount);
}
@Test
@UsingDataSet("datasets/single-user.yml")
public void should_have_timestamp_populated() throws Exception {
// given
final Date expectedOpenDate =
new SimpleDateFormat("yyyy-mm-dd hh:mm:ss").parse("2001-01-01 00:00:00");
// when
UserAccount user = em.find(UserAccount.class, 1L);
// then
assertThat(user.getOpenDate()).isEqualTo(expectedOpenDate);
}
@Test
@ApplyScriptBefore("clark-kent-with-nickname.sql")
@ShouldMatchDataSet("clark-kent-without-nickname.json")
public void should_compare_null_value_defined_in_json_data_set() throws Exception {
// given
UserAccount clarkKent = em.find(UserAccount.class, 2L);
// when
clarkKent.setNickname(null);
clarkKent = em.merge(clarkKent);
// then
// verified by DataSet comparison
}
@Test
@CleanupUsingScript("delete-users.sql")
@ApplyScriptBefore("clark-kent-with-nickname.sql")
@ShouldMatchDataSet("clark-kent-without-nickname.yml")
public void should_clean_database_before_test_using_custom_script() throws Exception {
// given
UserAccount clarkKent = em.find(UserAccount.class, 2L);
// when
clarkKent.setNickname(null);
clarkKent = em.merge(clarkKent);
// then
// verified by DataSet comparison
}
@Test
@UsingDataSet("user-with-address.yml")
public void should_have_address_linked_to_user_account() throws Exception {
// given
String expectedCity = "Metropolis";
long userAccountId = 1L;
// when
UserAccount user = em.find(UserAccount.class, userAccountId);
Address address = user.getAddresses().iterator().next();
// then
assertThat(user.getAddresses()).hasSize(1);
assertThat(address.getCity()).isEqualTo(expectedCity);
}
public CardInfo getCardInfo(Long pan) {
CardInfo cardInfo = new CardInfo();
UserAccount userAccount = new UserAccount();
userAccount.setId(1l);
userAccount.setUsername("*****@*****.**");
userAccount.setCurrency(Currency.CZK);
userAccount.setRedemptionType(RedemptionType.NONE);
cardInfo.setUserAccount(userAccount);
cardInfo.setPanToken("aaaa");
cardInfo.setPartnerBankCard(true);
cardInfo.setCardStatus(CardState.ACTIVE);
cardInfo.setCardVerificationStatus(CardVerificationState.VERIFIED);
return cardInfo;
}
@Test
@UsingDataSet({"single-user.xml", "address.yml"})
// Convention over configuration - no need to specify 'datasets' folder
public void should_have_address_linked_to_user_account_using_multiple_files() throws Exception {
// given
String expectedCity = "Metropolis";
UserAccount user = em.find(UserAccount.class, 1L);
// when
Address address = user.getAddresses().iterator().next();
// then
assertThat(user.getAddresses()).hasSize(1);
assertThat(address.getCity()).isEqualTo(expectedCity);
}
@Test
@ApplyScriptBefore("users.sql")
@ShouldMatchDataSet("expected-users.yml")
public void should_change_password_using_sql_to_seed_data() throws Exception {
// given
String expectedPassword = "******";
UserAccount user = em.find(UserAccount.class, 2L);
// when
user.setPassword("LexLuthor");
user = em.merge(user);
// then
assertThat(user.getPassword()).isEqualTo(expectedPassword);
}
@Test
@UsingDataSet("users.json")
@ShouldMatchDataSet("expected-users.json")
public void should_change_user_password_using_json_data_sets() throws Exception {
// given
String expectedPassword = "******";
UserAccount user = em.find(UserAccount.class, 2L);
// when
user.setPassword("LexLuthor");
user = em.merge(user);
// then
assertThat(user.getPassword()).isEqualTo(expectedPassword);
}
@Test
@UsingDataSet("single-user.xml")
@ShouldMatchDataSet({"single-user.xls", "datasets/expected-address.yml"})
public void should_add_address_to_user_account_and_verify_using_multiple_files()
throws Exception {
// given
UserAccount user = em.find(UserAccount.class, 1L);
Address address = new Address("Testing Street", 7, "JavaPolis", 1234);
// when
user.addAddress(address);
user = em.merge(user);
// then
assertThat(user.getAddresses()).hasSize(1);
}
@Test
@ApplyScriptBefore("clark-kent-with-nickname.sql")
@ShouldMatchDataSet("clark-kent-without-nickname.xml")
// This test will fail if replaceable set is not used
// See http://www.dbunit.org/apidocs/org/dbunit/dataset/ReplacementDataSet.html
public void should_compare_null_value_defined_in_flat_xml_data_set() throws Exception {
// given
UserAccount clarkKent = em.find(UserAccount.class, 2L);
// when
clarkKent.setNickname(null);
clarkKent = em.merge(clarkKent);
// then
// verified by DataSet comparison
}
/** Write user account to DB */
public static void writeToDb(UserAccount userAccount) {
if (!useMongoDB) {
virtualDB.put(userAccount.getUserId(), userAccount);
return;
}
if (db == null) {
try {
connect();
} catch (ParseException e) {
e.printStackTrace();
}
}
db.getCollection("user_accounts")
.insertOne(
new Document("userID", userAccount.getUserId())
.append("userName", userAccount.getUserName())
.append("additionalInfo", userAccount.getAdditionalInfo()));
}
public CacheFileNames getCacheFileNames(final UserAccount user) {
SecureHashKeyResult toRet =
executeWithConnection(
new ConnectionExecuteFunction<SecureHashKeyResult>() {
public SecureHashKeyResult execute(Connection c) throws SQLException {
return getSecureHashKey(user, c);
}
});
if (toRet == null) {
// A DB error should have been logged.
return null;
}
// EMSDEV-7854. Signal file manipulation is done outside of a DB transaction.
String stateFile = null;
String newmailFile = null;
ClientHashSupport hash = null;
byte[] key = toRet.getKey();
if (key != null) {
hash = new ClientHashSupport();
hash.setCustomerId(user.getCustomerID());
hash.setHashKey(key);
hash.setUserId(user.getUserID());
hash.getStateCachePath();
hash.setLastActivationId(user.getLastActivationId());
// Lines below don't hit the spindle.
File stateFileF = new File(getCacheBase(), hash.getStateCachePath());
stateFile = stateFileF.getAbsolutePath();
File newmailFileF = new File(getCacheBase(), hash.getNewMailCachePath());
newmailFile = newmailFileF.getAbsolutePath();
if (toRet.isJustCreated()) {
// If Webmail doesn't find the signal file, it polls the database,
// so ensure the files are there.
updateSignalFiles(hash, user.getUserState(), user.isDeleted());
}
}
return new CacheFileNames(stateFile, newmailFile);
}
private static synchronized void populateTestAccounts(
Collection<TestAccount> testAccounts, Collection<UserAccount> userAccounts) {
// We get different sets of data from each of these queries. We want to combine them into a
// single data
// structure. We have added a Name property to the TestAccount interface, even though we don't
// really get
// a name back from the service from that query. We stick the Name from the corresponding
// UserAccount in it.
for (TestAccount testAccount : testAccounts) {
storeTestAccount(testAccount);
}
for (UserAccount userAccount : userAccounts) {
TestAccount testAccount = appTestAccounts.get(userAccount.getUid());
if (testAccount != null) {
testAccount.setName(userAccount.getName());
}
}
}
private void donebutton2MouseClicked(java.awt.event.ActionEvent evt)
throws SQLException { // GEN-FIRST:event_donebutton2MouseClicked
// TODO add your handling code here:
// Check title
String bank = namefield.getText().toString();
String add = addressfield.getText().toString();
String accnum = accountfield.getText().toString();
String rou_bal = routingfield.getText().toString();
String acctype = acctypefield.getText().toString();
Boolean done = true;
if (bank.length() == 0) {
JOptionPane.showMessageDialog(null, "Please enter a bank name!");
return;
} else if (add.length() == 0) {
JOptionPane.showMessageDialog(null, "Please enter an address");
return;
} else if (accnum.length() == 0) {
JOptionPane.showMessageDialog(null, "Please enter an account number");
return;
} else if (rou_bal.length() == 0) {
JOptionPane.showMessageDialog(null, "Please enter a routing number");
return;
} else if (acctype.length() == 0) {
JOptionPane.showMessageDialog(null, "Please enter an account type");
return;
}
if (!isUpdating) {
int result = helpers.newBank(bank, accnum, rou_bal, add, acctype);
if (result == -1) {
JOptionPane.showMessageDialog(
null, "An entry with the given account number already exists");
return;
}
done = true;
} else {
if (helpers.updateBank(data_id, bank, accnum, rou_bal, add, acctype) == -1) {
JOptionPane.showMessageDialog(null, "There was an issue updating the database.");
done = false;
} else {
done = true;
}
}
if (done == true) {
// new UserAccount(helpers).setVisible(true);
// dispose
parent.refreshBanksList();
dispose();
}
} // GEN-LAST:event_donebutton2MouseClicked
/** Return the user's secure_hash_key. If one wasn't found create one on the fly. */
private SecureHashKeyResult getSecureHashKey(UserAccount user, Connection c) throws SQLException {
PreparedStatement select = null;
// Create lazily.
PreparedStatement update = null;
int userId = user.getUserID();
boolean justCreated = false;
byte[] key = null;
try {
// TODO: consider having UserManager returning secure_hash_key.
// TODO: We have similar logic in several places for creating secure_hash_key just-in-time.
// D.R.Y. this out. Sorry I couldn't resist using this cliche :)
select = c.prepareStatement("SELECT secure_hash_key FROM dat_user_account WHERE object_id=?");
select.setInt(1, userId);
ResultSet rs = select.executeQuery();
if (!rs.next()) {
LogMessageGen lmg = new LogMessageGen();
lmg.setSubject("dat_user_account row not found");
lmg.param(LoggingConsts.USER_ID, userId);
// possible that the user simply disappeared by the time we got here.
m_logCategory.warn(lmg.toString());
} else {
key = rs.getBytes(1);
if (key == null || key.length == 0) {
// hash key not found; create one on the fly.
update =
c.prepareStatement("UPDATE dat_user_account SET secure_hash_key=? WHERE object_id=?");
key = createNewRandomKey();
update.setBytes(1, key);
update.setInt(2, userId);
int ct = update.executeUpdate();
if (ct != 1) {
LogMessageGen lmg = new LogMessageGen();
lmg.setSubject("Unable to update dat_user_account.secure_hash_key");
lmg.param(LoggingConsts.USER_ID, userId);
m_logCategory.error(lmg.toString());
} else {
justCreated = true;
}
} // needed to set key.
} // user found
} finally {
DbUtils.safeClose(select);
DbUtils.safeClose(update);
}
return new SecureHashKeyResult(key, justCreated);
}
/** Return the hash algorithm to be used for new accounts */
@Override
protected void checkLegalPassword(String newPwd, String hash, boolean isAdmin)
throws IllegalPasswordChange {
super.checkLegalPassword(newPwd, hash, isAdmin);
if (StringUtil.hasRepeatedChar(newPwd)) {
throw new IllegalPassword("Password may not contain consecutive repeated characters");
}
if (!hasRequiredCharacterMix(newPwd)) {
throw new IllegalPassword(
"Password must contain mix of upper, lower, numeric and special characters");
}
}
public boolean execute(CommandLine cmdLine) {
ICustomerManager cm = m_container.getCustomerManager();
List<String> domains = Collections.singletonList(ICustomerManager.EPA_CUSTOMER_DOMAIN);
IIslandManager im = m_container.getIslandManager();
int defaultIslandID = im.getDefaultIsland().getId();
Customer cust =
cm.createCustomer(
ICustomerManager.EPA_CUSTOMER_NAME,
"System", // fromAddress
"System", // backendID
"System", // templateID
"System", // channel
domains,
"emsRootPW", // emsRootPassword
false, // isPartialEnabled
"System", // activeBrandKey
"System", // externalID
defaultIslandID,
defaultIslandID,
false);
PasswordPolicy policy = new PasswordPolicy();
policy.setUseStrongPasswords(true);
cust.setPasswordPolicy(policy);
cm.updateCustomers(Collections.singletonList(cust));
IUserManager um = ManagementContainer.getInstance().getUserManager();
UserAccount emsRoot = um.getUser("emsroot@" + ICustomerManager.EPA_CUSTOMER_DOMAIN);
IAuthenticationManager am = ManagementContainer.getInstance().getAuthenticationManager();
long seconds = 31556926; // Seconds in a year
long time =
System.currentTimeMillis() + (seconds * 100 * 1000L); // Lock the account for 100 years
am.lockUserAccount(
cust.getCustID(), emsRoot.getUserID(), "Locked from user details", "Unknown", time);
return (cust != null);
}
