Java UserManager Exemples

Exemple #1

Fichier : DefaultSecuritySystem.java Projet : haidongdong/nexus-oss

  /**
   * We need to order the UserManagers the same way as the Realms are ordered. We need to be able to
   * find a user based on the ID.
   *
   * <p>This my never go away, but the current reason why we need it is:
   * https://issues.apache.org/jira/browse/KI-77 There is no (clean) way to resolve a realms roles
   * into permissions. take a look at the issue and VOTE!
   *
   * @return the list of UserManagers in the order (as close as possible) to the list of realms.
   */
  private List<UserManager> orderUserManagers() {
    List<UserManager> orderedLocators = new ArrayList<>();

    List<UserManager> unOrderdLocators = new ArrayList<>(getUserManagers());

    Map<String, UserManager> realmToUserManagerMap = new HashMap<>();

    for (UserManager userManager : getUserManagers()) {
      if (userManager.getAuthenticationRealmName() != null) {
        realmToUserManagerMap.put(userManager.getAuthenticationRealmName(), userManager);
      }
    }

    // get the sorted order of realms from the realm locator
    Collection<Realm> realms = realmSecurityManager.getRealms();

    for (Realm realm : realms) {
      // now user the realm.name to find the UserManager
      if (realmToUserManagerMap.containsKey(realm.getName())) {
        UserManager userManager = realmToUserManagerMap.get(realm.getName());
        // remove from unorderd and add to orderd
        unOrderdLocators.remove(userManager);
        orderedLocators.add(userManager);
      }
    }

    // now add all the un-ordered ones to the ordered ones, this way they will be at the end of the
    // ordered list
    orderedLocators.addAll(unOrderdLocators);

    return orderedLocators;
  }

Exemple #2

Fichier : DefaultSecuritySystem.java Projet : haidongdong/nexus-oss

  @Override
  public void setUsersRoles(String userId, String source, Set<RoleIdentifier> roleIdentifiers)
      throws UserNotFoundException {
    // TODO: this is a bit sticky, what we really want to do is just expose the
    // RoleMappingUserManagers this way (i
    // think), maybe this is too generic

    boolean foundUser = false;

    for (UserManager userManager : getUserManagers()) {
      if (RoleMappingUserManager.class.isInstance(userManager)) {
        RoleMappingUserManager roleMappingUserManager = (RoleMappingUserManager) userManager;
        try {
          foundUser = true;
          roleMappingUserManager.setUsersRoles(
              userId,
              source,
              RoleIdentifier.getRoleIdentifiersForSource(userManager.getSource(), roleIdentifiers));
        } catch (UserNotFoundException e) {
          log.debug(
              "User '{}' is not managed by the user-manager: {}", userId, userManager.getSource());
        }
      }
    }

    if (!foundUser) {
      throw new UserNotFoundException(userId);
    }
    // clear the authz realm caches
    eventBus.post(new AuthorizationConfigurationChanged());
  }

Exemple #3

Fichier : DefaultSecuritySystem.java Projet : haidongdong/nexus-oss

  @Override
  public Set<User> searchUsers(UserSearchCriteria criteria) {
    Set<User> result = new HashSet<>();

    // if the source is not set search all realms.
    if (Strings2.isBlank(criteria.getSource())) {
      // search all user managers
      for (UserManager userManager : getUserManagers()) {
        Set<User> users = userManager.searchUsers(criteria);
        if (users != null) {
          result.addAll(users);
        }
      }
    } else {
      try {
        result.addAll(getUserManager(criteria.getSource()).searchUsers(criteria));
      } catch (NoSuchUserManagerException e) {
        log.warn("UserManager: {} was not found.", criteria.getSource(), e);
      }
    }

    // now add all the roles to the users
    for (User user : result) {
      // add roles from other user managers
      addOtherRolesToUser(user);
    }

    return result;
  }

Exemple #4

Fichier : DefaultSecuritySystem.java Projet : haidongdong/nexus-oss

  @Override
  public Set<User> listUsers() {
    Set<User> result = new HashSet<>();

    for (UserManager userManager : getUserManagers()) {
      result.addAll(userManager.listUsers());
    }

    // now add all the roles to the users
    for (User user : result) {
      // add roles from other user managers
      addOtherRolesToUser(user);
    }

    return result;
  }

Exemple #5

Fichier : DefaultSecuritySystem.java Projet : haidongdong/nexus-oss

  @Override
  public void changePassword(String userId, String newPassword) throws UserNotFoundException {
    User user = getUser(userId);

    try {
      UserManager userManager = getUserManager(user.getSource());
      userManager.changePassword(userId, newPassword);
    } catch (NoSuchUserManagerException e) {
      // this should NEVER happen
      log.warn(
          "User '{}' with source: '{}' but could not find the user-manager for that source.",
          userId,
          user.getSource());
    }

    // flush authc
    eventBus.post(new UserPrincipalsExpired(userId, user.getSource()));
  }

Exemple #6

Fichier : DefaultSecuritySystem.java Projet : haidongdong/nexus-oss

  @Override
  public void deleteUser(String userId, String source)
      throws UserNotFoundException, NoSuchUserManagerException {
    checkNotNull(userId, "User ID may not be null");

    Subject subject = getSubject();
    if (subject.getPrincipal() != null && userId.equals(subject.getPrincipal().toString())) {
      throw new IllegalArgumentException("Can not delete currently signed in user");
    }

    AnonymousConfiguration anonymousConfiguration = anonymousManager.getConfiguration();
    if (anonymousConfiguration.isEnabled() && userId.equals(anonymousConfiguration.getUserId())) {
      throw new IllegalArgumentException("Can not delete anonymous user");
    }

    UserManager userManager = getUserManager(source);
    userManager.deleteUser(userId);

    // flush authc
    eventBus.post(new UserPrincipalsExpired(userId, source));
  }

Exemple #7

Fichier : DefaultSecuritySystem.java Projet : haidongdong/nexus-oss

 private void addOtherRolesToUser(final User user) {
   // then save the users Roles
   for (UserManager userManager : getUserManagers()) {
     // skip the user manager that owns the user, we already did that
     // these user managers will only have roles
     if (!userManager.getSource().equals(user.getSource())
         && RoleMappingUserManager.class.isInstance(userManager)) {
       try {
         RoleMappingUserManager roleMappingUserManager = (RoleMappingUserManager) userManager;
         Set<RoleIdentifier> roleIdentifiers =
             roleMappingUserManager.getUsersRoles(user.getUserId(), user.getSource());
         if (roleIdentifiers != null) {
           user.addAllRoles(roleIdentifiers);
         }
       } catch (UserNotFoundException e) {
         log.debug(
             "User '{}' is not managed by the user-manager: {}",
             user.getUserId(),
             userManager.getSource());
       }
     }
   }
 }

Exemple #8

Fichier : DefaultSecuritySystem.java Projet : haidongdong/nexus-oss

  private User findUser(String userId, UserManager userManager) throws UserNotFoundException {
    log.trace("Finding user: {} in user-manager: {}", userId, userManager);

    User user = userManager.getUser(userId);
    if (user == null) {
      throw new UserNotFoundException(userId);
    }
    log.trace("Found user: {}", user);

    // add roles from other user managers
    addOtherRolesToUser(user);

    return user;
  }

Exemple #9

Fichier : DefaultSecuritySystem.java Projet : haidongdong/nexus-oss

  @Override
  public User updateUser(User user) throws UserNotFoundException, NoSuchUserManagerException {
    // first update the user
    // this is the UserManager that owns the user
    UserManager userManager = getUserManager(user.getSource());

    if (!userManager.supportsWrite()) {
      throw new ConfigurationException(
          "UserManager: " + userManager.getSource() + " does not support writing.");
    }

    final User oldUser = userManager.getUser(user.getUserId());
    userManager.updateUser(user);
    if (oldUser.getStatus() == UserStatus.active && user.getStatus() != oldUser.getStatus()) {
      // clear the realm authc caches as user got disabled
      eventBus.post(new UserPrincipalsExpired(user.getUserId(), user.getSource()));
    }

    // then save the users Roles
    for (UserManager tmpUserManager : getUserManagers()) {
      // skip the user manager that owns the user, we already did that
      // these user managers will only save roles
      if (!tmpUserManager.getSource().equals(user.getSource())
          && RoleMappingUserManager.class.isInstance(tmpUserManager)) {
        try {
          RoleMappingUserManager roleMappingUserManager = (RoleMappingUserManager) tmpUserManager;
          roleMappingUserManager.setUsersRoles(
              user.getUserId(),
              user.getSource(),
              RoleIdentifier.getRoleIdentifiersForSource(user.getSource(), user.getRoles()));
        } catch (UserNotFoundException e) {
          log.debug(
              "User '{}' is not managed by the user-manager: {}",
              user.getUserId(),
              tmpUserManager.getSource());
        }
      }
    }

    // clear the realm authz caches as user might get roles changed
    eventBus.post(new AuthorizationConfigurationChanged());

    return user;
  }

Exemple #10

Fichier : DefaultSecuritySystem.java Projet : haidongdong/nexus-oss

  @Override
  public User addUser(User user, String password) throws NoSuchUserManagerException {
    // first save the user
    // this is the UserManager that owns the user
    UserManager userManager = getUserManager(user.getSource());

    if (!userManager.supportsWrite()) {
      throw new ConfigurationException(
          "UserManager: " + userManager.getSource() + " does not support writing.");
    }

    userManager.addUser(user, password);

    // then save the users Roles
    for (UserManager tmpUserManager : getUserManagers()) {
      // skip the user manager that owns the user, we already did that
      // these user managers will only save roles
      if (!tmpUserManager.getSource().equals(user.getSource())
          && RoleMappingUserManager.class.isInstance(tmpUserManager)) {
        try {
          RoleMappingUserManager roleMappingUserManager = (RoleMappingUserManager) tmpUserManager;
          roleMappingUserManager.setUsersRoles(
              user.getUserId(),
              user.getSource(),
              RoleIdentifier.getRoleIdentifiersForSource(user.getSource(), user.getRoles()));
        } catch (UserNotFoundException e) {
          log.debug(
              "User '{}' is not managed by the user-manager: {}",
              user.getUserId(),
              tmpUserManager.getSource());
        }
      }
    }

    return user;
  }