Example #1
0
  @TransactionAttribute(TransactionAttributeType.NOT_SUPPORTED)
  public User createUser(@NotNull User user, String password) {
    if (user.getId() != null) {
      throw new HiveException(Messages.ID_NOT_ALLOWED, BAD_REQUEST.getStatusCode());
    }
    user.setLogin(StringUtils.trim(user.getLogin()));
    User existing = userDAO.findByLogin(user.getLogin());
    if (existing != null) {
      throw new HiveException(Messages.DUPLICATE_LOGIN, FORBIDDEN.getStatusCode());
    }
    if (StringUtils.isEmpty(password)) {
      throw new HiveException(Messages.PASSWORD_REQUIRED, BAD_REQUEST.getStatusCode());
    }
    String salt = passwordService.generateSalt();
    String hash = passwordService.hashPassword(password, salt);
    user.setPasswordSalt(salt);
    user.setPasswordHash(hash);
    user.setLoginAttempts(Constants.INITIAL_LOGIN_ATTEMPTS);

    hiveValidator.validate(user);
    return userDAO.create(user);
  }
Example #2
0
  @TransactionAttribute(TransactionAttributeType.NOT_SUPPORTED)
  public User updateUser(@NotNull Long id, UserUpdate userToUpdate) {
    User existing = userDAO.findById(id);

    if (existing == null) {
      throw new HiveException(
          String.format(Messages.USER_NOT_FOUND, id), NOT_FOUND.getStatusCode());
    }
    if (userToUpdate == null) {
      return existing;
    }
    if (userToUpdate.getLogin() != null) {
      String newLogin = StringUtils.trim(userToUpdate.getLogin().getValue());
      User withSuchLogin = userDAO.findByLogin(newLogin);
      if (withSuchLogin != null && !withSuchLogin.getId().equals(id)) {
        throw new HiveException(Messages.DUPLICATE_LOGIN, FORBIDDEN.getStatusCode());
      }
      existing.setLogin(newLogin);
    }
    if (userToUpdate.getPassword() != null) {
      if (StringUtils.isEmpty(userToUpdate.getPassword().getValue())) {
        throw new HiveException(Messages.PASSWORD_REQUIRED, BAD_REQUEST.getStatusCode());
      }
      String salt = passwordService.generateSalt();
      String hash = passwordService.hashPassword(userToUpdate.getPassword().getValue(), salt);
      existing.setPasswordSalt(salt);
      existing.setPasswordHash(hash);
    }
    if (userToUpdate.getRole() != null) {
      existing.setRole(userToUpdate.getRoleEnum());
    }
    if (userToUpdate.getStatus() != null) {
      existing.setStatus(userToUpdate.getStatusEnum());
    }

    hiveValidator.validate(existing);
    return userDAO.update(existing);
  }