@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
Hashtable<Object, Object> env = new Hashtable<Object, Object>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
env.put(Context.PROVIDER_URL, t3Dir);
env.put(Context.SECURITY_PRINCIPAL, authentication.getName());
env.put(Context.SECURITY_CREDENTIALS, authentication.getCredentials().toString());
Context ctx;
try {
ctx = new InitialContext(env);
User user =
new User(
authentication.getName(),
authentication.getCredentials().toString(),
true,
true,
true,
true,
authentication.getAuthorities());
ArrayList<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
authorities.add(new GrantedAuthorityImpl("ROLE_ADMIN"));
return new UsernamePasswordAuthenticationToken(
user, authentication.getCredentials(), authorities);
} catch (NamingException e) {
throw new BadCredentialsException("Login or password incorrect");
}
}
public Authentication authenticate(Authentication auth) throws AuthenticationException {
if (auth.getName().equals(auth.getCredentials())) {
return new UsernamePasswordAuthenticationToken(
auth.getName(), auth.getCredentials(), AUTHORITIES);
}
throw new BadCredentialsException("Bad Credentials");
}
@RequestMapping(
value = "/{id}",
method = RequestMethod.GET,
produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
public String readResourceSet(@PathVariable("id") Long id, Model m, Authentication auth) {
ensureOAuthScope(auth, SystemScopeService.UMA_PROTECTION_SCOPE);
ResourceSet rs = resourceSetService.getById(id);
if (rs == null) {
m.addAttribute("code", HttpStatus.NOT_FOUND);
m.addAttribute("error", "not_found");
return JsonErrorView.VIEWNAME;
} else {
rs = validateScopes(rs);
if (!auth.getName().equals(rs.getOwner())) {
logger.warn(
"Unauthorized resource set request from wrong user; expected "
+ rs.getOwner()
+ " got "
+ auth.getName());
// it wasn't issued to this user
m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
return JsonErrorView.VIEWNAME;
} else {
m.addAttribute(JsonEntityView.ENTITY, rs);
return ResourceSetEntityView.VIEWNAME;
}
}
}
@Override
public Authentication attemptAuthentication(
HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
try {
// call to daoAuthenticationProvider
Authentication auth = super.attemptAuthentication(request, response);
// store currentUser in HttpSession
UserCredentials currentUser = userService.findByName(auth.getName());
request.getSession().setAttribute(Constants.CURRENT_USER, currentUser);
// display info about currentUser
Collection<GrantedAuthority> gs = auth.getAuthorities();
StringBuilder sb =
new StringBuilder("===== Authentification Succesful : userName = "******" with roles: ");
for (GrantedAuthority x : gs) {
sb.append(x.getAuthority()).append(",");
}
log.info(sb.toString());
return auth;
} catch (AuthenticationException e) {
log.info("Login wasn't successful for " + obtainUsername(request));
throw e;
}
}
public Authentication authenticate(Authentication auth) throws UsernameNotFoundException {
/** Init a database user object */
try {
employeeEntity = employeeDao.findByLogin(auth.getName());
} catch (RuntimeException e) {
throw new BadCredentialsException(
this.messageSource.getMessage(
"auth.no_user", new Object[] {"userName"}, "Access denied", Locale.getDefault()));
}
/** Checking if user account is active */
if (employeeEntity.getActive() == 0) {
throw new BadCredentialsException(
this.messageSource.getMessage(
"auth.expired", new Object[] {"active"}, "Access denied", Locale.getDefault()));
}
/** Compare passwords Make sure to encode the password first before comparing */
if (!passwordEncoder.isPasswordValid(
employeeEntity.getPassword(), (String) auth.getCredentials(), null)) {
throw new BadCredentialsException(
this.messageSource.getMessage(
"auth.wrong", new Object[] {"password"}, "Access denied", Locale.getDefault()));
}
/**
* main logic of Authentication manager
*
* @return UsernamePasswordAuthenticationToken
*/
userAccessLogger.debug("User is located!");
return new UsernamePasswordAuthenticationToken(
auth.getName(), auth.getCredentials(), getAuthorities(employeeEntity.getAdmin()));
}
@Override
public OAuth2AccessToken getAccessToken(
OAuth2ProtectedResourceDetails resource, Authentication authentication) {
if (authentication instanceof OAuth2Authentication) {
OAuth2AccessToken token = tokenStore.getAccessToken((OAuth2Authentication) authentication);
if (token != null) {
logger.debug("Found token for OAuth2Authentication");
return token;
}
}
Collection<OAuth2AccessToken> tokens = tokenStore.findTokensByClientId(resource.getClientId());
if (tokens == null || tokens.isEmpty()) {
return null;
}
Iterator<OAuth2AccessToken> iter = tokens.iterator();
while (iter.hasNext()) {
OAuth2AccessToken token = iter.next();
OAuth2Authentication oauth2Auth = tokenStore.readAuthentication(token);
if (oauth2Auth != null
&& resource.getClientId().equals(oauth2Auth.getOAuth2Request().getClientId())
&& oauth2Auth.getName().equals(authentication.getName())) {
logger.debug("token for user: "******" found");
return token;
}
}
logger.debug("token not found");
return null;
}
@Override
public Authentication authenticate(Authentication req) throws AuthenticationException {
logger.debug("Processing authentication request for " + req.getName());
if (req.getCredentials() == null) {
BadCredentialsException e = new BadCredentialsException("No password supplied");
publish(new AuthenticationFailureBadCredentialsEvent(req, e));
throw e;
}
UaaUser user;
try {
user = userDatabase.retrieveUserByName(req.getName().toLowerCase(Locale.US));
} catch (UsernameNotFoundException e) {
user = dummyUser;
}
final boolean passwordMatches =
encoder.matches((CharSequence) req.getCredentials(), user.getPassword());
if (!accountLoginPolicy.isAllowed(user, req)) {
logger.warn(
"Login policy rejected authentication for "
+ user.getUsername()
+ ", "
+ user.getId()
+ ". Ignoring login request.");
BadCredentialsException e =
new BadCredentialsException("Login policy rejected authentication");
publish(new AuthenticationFailureLockedEvent(req, e));
throw e;
}
if (passwordMatches) {
logger.debug("Password successfully matched");
Authentication success =
new UaaAuthentication(
new UaaPrincipal(user),
user.getAuthorities(),
(UaaAuthenticationDetails) req.getDetails());
publish(new UserAuthenticationSuccessEvent(user, success));
return success;
}
if (user == dummyUser) {
logger.debug("No user named '" + req.getName() + "' was found");
publish(new UserNotFoundEvent(req));
} else {
logger.debug("Password did not match for user " + req.getName());
publish(new UserAuthenticationFailureEvent(user, req));
}
BadCredentialsException e = new BadCredentialsException("Bad credentials");
publish(new AuthenticationFailureBadCredentialsEvent(req, e));
throw e;
}
@Override
public String getCurrentUser() {
try {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth.getName().equals("anonymousUser")) return null;
return auth.getName();
} catch (NullPointerException e) {
return null;
}
}
@RequestMapping(
value = "/{id}",
method = RequestMethod.PUT,
consumes = MimeTypeUtils.APPLICATION_JSON_VALUE,
produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
public String updateResourceSet(
@PathVariable("id") Long id, @RequestBody String jsonString, Model m, Authentication auth) {
ensureOAuthScope(auth, SystemScopeService.UMA_PROTECTION_SCOPE);
ResourceSet newRs = parseResourceSet(jsonString);
if (newRs == null // there was no resource set in the body
|| Strings.isNullOrEmpty(newRs.getName()) // there was no name (required)
|| newRs.getScopes() == null // there were no scopes (required)
|| newRs.getId() == null
|| !newRs.getId().equals(id) // the IDs didn't match
) {
logger.warn("Resource set registration missing one or more required fields.");
m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
m.addAttribute(
JsonErrorView.ERROR_MESSAGE, "Resource request was missing one or more required fields.");
return JsonErrorView.VIEWNAME;
}
ResourceSet rs = resourceSetService.getById(id);
if (rs == null) {
m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
m.addAttribute(JsonErrorView.ERROR, "not_found");
return JsonErrorView.VIEWNAME;
} else {
if (!auth.getName().equals(rs.getOwner())) {
logger.warn(
"Unauthorized resource set request from bad user; expected "
+ rs.getOwner()
+ " got "
+ auth.getName());
// it wasn't issued to this user
m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
return JsonErrorView.VIEWNAME;
} else {
ResourceSet saved = resourceSetService.update(rs, newRs);
m.addAttribute(JsonEntityView.ENTITY, saved);
m.addAttribute(
ResourceSetEntityAbbreviatedView.LOCATION, config.getIssuer() + URL + "/" + rs.getId());
return ResourceSetEntityAbbreviatedView.VIEWNAME;
}
}
}
@RequestMapping(
value = "/{id}",
method = RequestMethod.DELETE,
produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
public String deleteResourceSet(@PathVariable("id") Long id, Model m, Authentication auth) {
ensureOAuthScope(auth, SystemScopeService.UMA_PROTECTION_SCOPE);
ResourceSet rs = resourceSetService.getById(id);
if (rs == null) {
m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
m.addAttribute(JsonErrorView.ERROR, "not_found");
return JsonErrorView.VIEWNAME;
} else {
if (!auth.getName().equals(rs.getOwner())) {
logger.warn(
"Unauthorized resource set request from bad user; expected "
+ rs.getOwner()
+ " got "
+ auth.getName());
// it wasn't issued to this user
m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
return JsonErrorView.VIEWNAME;
} else if (auth instanceof OAuth2Authentication
&& !((OAuth2Authentication) auth)
.getOAuth2Request()
.getClientId()
.equals(rs.getClientId())) {
logger.warn(
"Unauthorized resource set request from bad client; expected "
+ rs.getClientId()
+ " got "
+ ((OAuth2Authentication) auth).getOAuth2Request().getClientId());
// it wasn't issued to this client
m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
return JsonErrorView.VIEWNAME;
} else {
// user and client matched
resourceSetService.remove(rs);
m.addAttribute(HttpCodeView.CODE, HttpStatus.NO_CONTENT);
return HttpCodeView.VIEWNAME;
}
}
}
Authentication windowsAuthentication(final Authentication authentication) {
String name = authentication.getName();
String password = authentication.getCredentials().toString();
WindowsAuthProviderImpl authenticationProvider = new WindowsAuthProviderImpl();
IWindowsIdentity loggedOnUser = authenticationProvider.logonUser(name, password);
return loggedOnUser.isGuest() ? getAuthentication(authentication) : null;
}
@RolesAllowed("ROLE_SAMPLE")
public void logout() {
final Authentication auth;
auth = SecurityContextHolder.getContext().getAuthentication();
log.info("Logout of user '" + auth.getName() + "'");
}
// 要不要PreApproval??
@Override
public AuthorizationRequest checkForPreApproval(
AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
boolean approved = false;
String clientId = authorizationRequest.getClientId();
Set<String> scopes = authorizationRequest.getScope();
OAuth2Request storedOAuth2Request = requestFactory.createOAuth2Request(authorizationRequest);
OAuth2Authentication authentication =
new OAuth2Authentication(storedOAuth2Request, userAuthentication);
if (logger.isDebugEnabled()) {
StringBuilder builder = new StringBuilder("Looking up existing token for ");
builder.append("client_id=" + clientId);
builder.append(", scope=" + scopes);
builder.append(" and username="******"Existing access token=" + accessToken);
if (accessToken != null && !accessToken.isExpired()) {
logger.debug("User already approved with token=" + accessToken);
approved = true;
} else {
logger.debug("Checking explicit approval");
approved = userAuthentication.isAuthenticated() && approved;
}
authorizationRequest.setApproved(approved);
return authorizationRequest;
}
@Override
protected void onLoginSuccess(
HttpServletRequest request,
HttpServletResponse response,
Authentication successfulAuthentication) {
String login = successfulAuthentication.getName();
log.debug("Creating new persistent login for user {}", login);
PersistentToken token =
userRepository
.findOneByLogin(login)
.map(
u -> {
PersistentToken t = new PersistentToken();
t.setSeries(generateSeriesData());
t.setUser(u);
t.setTokenValue(generateTokenData());
t.setTokenDate(LocalDate.now());
t.setIpAddress(request.getRemoteAddr());
t.setUserAgent(request.getHeader("User-Agent"));
return t;
})
.orElseThrow(
() ->
new UsernameNotFoundException(
"User " + login + " was not found in the database"));
try {
persistentTokenRepository.saveAndFlush(token);
addCookie(token, request, response);
} catch (DataAccessException e) {
log.error("Failed to save persistent token ", e);
}
}
@Override
public UserDetails loadUserDetails(Authentication token) throws UsernameNotFoundException {
ProfileUserDetails userDetails = null;
String username = token.getName();
String password = token.getCredentials().toString();
try {
String appToken =
profileClient.getAppToken(crafterProfileAppUsername, crafterProfileAppPassword);
// Tenant tenant = profileClient.getTenantByName(appToken, crafterProfileAppTenantName);
// authenticate (if the user is inactive, this will also fail)
profileClient.getTicket(appToken, username, password, crafterProfileAppTenantName);
Profile profile =
profileClient.getProfileByUsernameWithAllAttributes(
appToken, username, crafterProfileAppTenantName);
userDetails = new ProfileUserDetails(profile, getAuthorities(profile));
} catch (AppAuthenticationFailedException e) {
log.error("Error authenticating at app level=" + username);
throw new BadCredentialsException("Error authenticating username="******"Error authenticating username="******"Error authenticating username=" + username, e);
}
return userDetails;
}
public Request init(Request request) {
// see if we have an env map already parsed in the request
Object obj = request.getKvp().get("env");
Map<String, Object> envVars = null;
if (obj instanceof Map) {
envVars = (Map) obj;
}
// inject the current user in it
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null && !(auth instanceof AnonymousAuthenticationToken)) {
String name = auth.getName();
if (envVars == null) {
envVars = new HashMap<String, Object>();
}
envVars.put("GSUSER", name);
}
// set it into the EnvFunction
if (envVars != null) {
EnvFunction.setLocalValues(envVars);
}
return request;
}
/**
* Basic implementation just requires the authorization request to be explicitly approved and the
* user to be authenticated.
*
* @param authorizationRequest The authorization request.
* @param userAuthentication the current user authentication
* @return Whether the specified request has been approved by the current user.
*/
public boolean isApproved(
AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
String flag = authorizationRequest.getApprovalParameters().get(approvalParameter);
boolean approved = flag != null && flag.toLowerCase().equals("true");
OAuth2Authentication authentication =
new OAuth2Authentication(authorizationRequest, userAuthentication);
if (logger.isDebugEnabled()) {
StringBuilder builder = new StringBuilder("Looking up existing token for ");
builder.append("client_id=" + authorizationRequest.getClientId());
builder.append(", scope=" + authorizationRequest.getScope());
builder.append(" and username="******"Existing access token=" + accessToken);
if (accessToken != null && !accessToken.isExpired()) {
logger.debug("User already approved with token=" + accessToken);
// A token was already granted and is still valid, so this is already approved
approved = true;
} else {
logger.debug("Checking explicit approval");
approved = userAuthentication.isAuthenticated() && approved;
}
return approved;
}
@RequestMapping(
value = {"/updateapplication/{id}"},
method = {RequestMethod.POST})
public ModelAndView updateapplication(
@PathVariable Long id,
@ModelAttribute("application") Application application,
Model model,
BindingResult bindingResult,
HttpSession session,
Authentication auth) {
ModelAndView mav = new ModelAndView();
Application application1 = mechanicService.getApplicationById(id);
applicationValidator.validate(application, bindingResult);
if (bindingResult.hasErrors()) {
UserPrincipal user = userService.getUserByName(auth.getName());
Number size1 = directorService.getSizeMechanicOnSto(application1.getSto());
int size = Integer.parseInt(size1.toString());
mav.addObject("application", application1);
mav.addObject("statuss", directorService.getStatus());
mav.addObject("mechanics", directorService.getMechanicsOnSto(application1.getSto(), 0, size));
mav.addObject("user", user);
mav.setViewName("director.updateapplication");
return mav;
}
application1.setMechanic(application.getMechanic());
application1.setStatus(application.getStatus());
clientService.addOrUpdateApplication(application1);
mav.setViewName("redirect:/home");
return mav;
}
@PreAuthorize("isFullyAuthenticated()")
@RequestMapping(value = "/getapplication", method = RequestMethod.GET)
public ModelAndView getapplicationlist(
@RequestParam(value = "page", required = false) Integer page,
HttpSession session,
Authentication auth) {
ModelAndView mav = new ModelAndView();
UserPrincipal user = userService.getUserByName(auth.getName());
Status status = clientService.getStatusByName("zajavka ozhidaet obrabotku");
if (page == null) page = 1;
Integer pageSize = 3;
Integer startPage = page;
Integer endPage = page + 5;
Number size1 = directorService.getSizeApplicationByStatus(status);
int size = Integer.parseInt(size1.toString());
Integer lastPage = (size + (pageSize - 1)) / pageSize;
if (endPage >= lastPage) endPage = lastPage;
if (endPage >= 5 && (endPage - startPage) < 5) startPage = endPage - 5;
mav.addObject("page", page);
mav.addObject("startpage", startPage);
mav.addObject("endpage", endPage);
mav.addObject("user", user);
mav.addObject(
"application",
directorService.getApplicationByStatus(status, (page - 1) * pageSize, pageSize));
mav.setViewName("director.applicationlist");
return mav;
};
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String name = authentication.getName();
String password = authentication.getCredentials().toString();
Authentication auth = null;
Iterator<Shop> accounts =
HibernateEntityHelper.all(Shop.class)
.stream()
.filter(a -> a.getLogin().equals(name))
.iterator();
while (accounts.hasNext()) {
Shop account = accounts.next();
Boolean check = false;
try {
check = PasswordHasher.validatePassword(password, account.getPasswordHash());
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
// @TODO
// Hoe vanuit hier een exception opvangen / communiceren naar gebruiker?
}
if (check) {
List<GrantedAuthority> grantedAuths = new ArrayList();
grantedAuths.add(new SimpleGrantedAuthority("ROLE_PHOTOGRAPHER"));
auth = new UsernamePasswordAuthenticationToken(name, password, grantedAuths);
}
}
return auth;
}
@RequestMapping(
value = {"/updateapplicationdetail/{id}"},
method = {RequestMethod.POST})
public ModelAndView updateapplicationdetail(
@PathVariable Long id,
@ModelAttribute("applicationdetails") ApplicationDetail applicationDetail,
BindingResult bindingResult,
Model model,
HttpSession session,
Authentication auth) {
ModelAndView mav = new ModelAndView();
applicationDetailValidator.validate(applicationDetail, bindingResult);
if (bindingResult.hasErrors()) {
UserPrincipal user = userService.getUserByName(auth.getName());
mav.addObject("statuss", directorService.getStatus());
mav.addObject("applicationdetail", directorService.getApplicationDetailById(id));
mav.addObject("user", user);
mav.setViewName("director.updateapplicationdetail");
return mav;
}
ApplicationDetail applicationDetail1 =
directorService.getApplicationDetailById(applicationDetail.getId());
applicationDetail1.setStatus(applicationDetail.getStatus());
applicationDetail1.setDateDelivery(applicationDetail.getDateDelivery());
// applicationDetail.setId(1l);
directorService.saveApplicationDetail(applicationDetail1);
mav.setViewName("redirect:/home");
return mav;
}
@RequestMapping(method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
public String listResourceSets(Model m, Authentication auth) {
ensureOAuthScope(auth, SystemScopeService.UMA_PROTECTION_SCOPE);
String owner = auth.getName();
Collection<ResourceSet> resourceSets = Collections.emptySet();
if (auth instanceof OAuth2Authentication) {
// if it's an OAuth mediated call, it's on behalf of a client, so look that up too
OAuth2Authentication o2a = (OAuth2Authentication) auth;
resourceSets =
resourceSetService.getAllForOwnerAndClient(owner, o2a.getOAuth2Request().getClientId());
} else {
// otherwise get everything for the current user
resourceSets = resourceSetService.getAllForOwner(owner);
}
// build the entity here and send to the display
Set<String> ids = new HashSet<>();
for (ResourceSet resourceSet : resourceSets) {
ids.add(
resourceSet
.getId()
.toString()); // add them all as strings so that gson renders them properly
}
m.addAttribute(JsonEntityView.ENTITY, ids);
return JsonEntityView.VIEWNAME;
}
@PreAuthorize("isFullyAuthenticated()")
@RequestMapping(value = "/mechaniclistbysto/{id}", method = RequestMethod.GET)
public ModelAndView getmechaniclistbysto(
@RequestParam(value = "page", required = false) Integer page,
@PathVariable Long id,
HttpSession session,
Authentication auth) {
ModelAndView mav = new ModelAndView();
UserPrincipal user = userService.getUserByName(auth.getName());
Sto sto = directorService.getStoById(id);
Number size1 = directorService.getSizeMechanicOnSto(sto);
int size = Integer.parseInt(size1.toString());
System.out.println("Test test test" + sto.getName());
if (page == null) page = 1;
Integer pageSize = 3;
Integer startPage = page;
Integer endPage = page + 5;
Integer lastPage = (size + (pageSize - 1)) / pageSize;
if (endPage >= lastPage) endPage = lastPage;
if (endPage >= 5 && (endPage - startPage) < 5) startPage = endPage - 5;
mav.addObject("page", page);
mav.addObject("startpage", startPage);
mav.addObject("endpage", endPage);
mav.addObject("user", user);
mav.addObject(
"mechanic", directorService.getMechanicsOnSto(sto, (page - 1) * pageSize, pageSize));
mav.setViewName("director.mechaniclistbysto");
return mav;
};
@PreAuthorize("isFullyAuthenticated()")
@RequestMapping(value = "/getmechanics", method = RequestMethod.GET)
public ModelAndView getmechaniclist(
@RequestParam(value = "page", required = false) Integer page,
HttpSession session,
Authentication auth) {
ModelAndView mav = new ModelAndView();
UserPrincipal user = userService.getUserByName(auth.getName());
if (page == null) page = 1;
Integer pageSize = 4;
Integer startPage = page;
Integer endPage = page + 5;
Number size1 = directorService.getSizeAllMechanic();
int size = Integer.parseInt(size1.toString());
Integer lastPage = (size + (pageSize - 1)) / pageSize;
if (endPage >= lastPage) endPage = lastPage;
if (endPage >= 5 && (endPage - startPage) < 5) startPage = endPage - 5;
mav.addObject("page", page);
mav.addObject("startpage", startPage);
mav.addObject("endpage", endPage);
mav.addObject("user", user);
mav.addObject("mechanic", directorService.getMechanicsToPage((page - 1) * pageSize, pageSize));
mav.setViewName("director.mechanicslist");
return mav;
};
@RequestMapping(value = "/user", method = RequestMethod.PUT)
@Transactional
public ResponseEntity<Client> doIt(@RequestBody Client client, Authentication authentication) {
List<String> errors = DomainValidator.checkForErrors(client);
if (!errors.isEmpty()) {
return new ResponseEntity<Client>(new Client(client, errors), HttpStatus.BAD_REQUEST);
}
HttpStatus status = null;
List<GrantedAuthority> authorities = new ArrayList<>();
authorities.add(new SimpleGrantedAuthority("USER"));
if (ApplicationSecurity.isRoot(authentication)) {
if (ApplicationSecurity.isRoot(client.getUsername())) {
return new ResponseEntity<Client>(
new Client(client, cannotChangeRootPassword), HttpStatus.BAD_REQUEST);
}
status = upsert(client, authorities);
} else if (StringUtils.equals(client.getUsername(), authentication.getName())) {
if (!userDetailsManager.userExists(client.getUsername())) {
return new ResponseEntity<Client>(new Client(client, mustBeRoot), HttpStatus.BAD_REQUEST);
}
User user = new User(client.getUsername(), client.getPassword(), authorities);
userDetailsManager.updateUser(user);
status = HttpStatus.OK;
} else {
return new ResponseEntity<Client>(HttpStatus.FORBIDDEN);
}
return new ResponseEntity<Client>(new Client(client), status);
}
@Override
public void onAuthenticationSuccess(
HttpServletRequest request, HttpServletResponse response, Authentication auth)
throws IOException, ServletException {
response.setHeader("error", "0");
response.getWriter().print("/MicroblogPL/userpage/" + auth.getName());
}
@RequestMapping(
value = {"/updatesto/{id}"},
method = {RequestMethod.POST})
public ModelAndView updatesto(
@PathVariable Long id,
@ModelAttribute("sto") Sto sto,
BindingResult bindingResult,
Model model,
HttpSession session,
Authentication auth) {
ModelAndView mav = new ModelAndView();
rentValidator.validate(sto, bindingResult);
if (bindingResult.hasErrors()) {
logger.info("Returning updatesto.jsp page");
UserPrincipal user = userService.getUserByName(auth.getName());
mav.addObject("user", user);
mav.addObject("sto", directorService.getStoById(id));
mav.setViewName("director.updatesto");
return mav;
}
Sto sto1 = directorService.getStoById(id);
sto1.setName(sto.getName());
sto1.setPrice(sto.getPrice());
directorService.addSto(sto1);
mav.setViewName("redirect:/home");
return mav;
}
@RequestMapping(value = "/ajax_login_process", method = RequestMethod.POST)
public HttpEntity<LoginStatus> loginAjax(
@RequestParam("nick") final String username,
@RequestParam("passwd") final String password,
HttpServletRequest request,
HttpServletResponse response) {
UsernamePasswordAuthenticationToken token =
new UsernamePasswordAuthenticationToken(username, password);
try {
UserDetailsImpl details = (UserDetailsImpl) userDetailsService.loadUserByUsername(username);
token.setDetails(details);
Authentication auth = authenticationManager.authenticate(token);
UserDetailsImpl userDetails = (UserDetailsImpl) auth.getDetails();
if (!userDetails.getUser().isActivated()) {
return entity(new LoginStatus(false, "User not activated"));
}
SecurityContextHolder.getContext().setAuthentication(auth);
rememberMeServices.loginSuccess(request, response, auth);
AuthUtil.updateLastLogin(auth, userDao);
return entity(new LoginStatus(auth.isAuthenticated(), auth.getName()));
} catch (LockedException e) {
return entity(new LoginStatus(false, "User locked"));
} catch (UsernameNotFoundException e) {
return entity(new LoginStatus(false, "Bad credentials"));
} catch (BadCredentialsException e) {
return entity(new LoginStatus(false, e.getMessage()));
}
}
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String name = authentication.getName();
String password = authentication.getCredentials().toString();
User user = usersService.findByUserName(name);
if (user == null) {
throw new BadCredentialsException("Username not found");
}
if (!password.equals(user.getPassword())) {
throw new BadCredentialsException("Wrong password");
}
List<UserRole> roles = usersService.getRoles(user);
Collection<GrantedAuthorityImpl> impls = new ArrayList<GrantedAuthorityImpl>();
for (UserRole ur : roles) impls.add(new GrantedAuthorityImpl(ur.getRole().getRolename()));
UserDetails userDetails =
new org.springframework.security.core.userdetails.User(name, password, impls);
return new UsernamePasswordAuthenticationToken(userDetails, password, impls);
}
@RequestMapping(
value = {"/addmechanic"},
method = {RequestMethod.POST})
public ModelAndView addmechanic(
@ModelAttribute("mechanic") Mechanic mechanic,
BindingResult bindingResult,
Model model,
HttpSession session,
Authentication auth) {
ModelAndView mav = new ModelAndView();
mechanicValidator.validate(mechanic, bindingResult);
if (bindingResult.hasErrors()) {
UserPrincipal user = userService.getUserByName(auth.getName());
mav.addObject("user", user);
mav.addObject("stos", directorService.getSto());
mav.setViewName("director.addmechanic");
return mav;
}
mechanic.setLogin(mechanic.getName());
mechanic.setRating((float) 0);
mechanic.setRole(UserRole.MECHANIC);
directorService.saveOrUpdateMechanic(mechanic);
mav.setViewName("redirect:/home");
return mav;
}