/**
  * Retrieve list of iBIOMES users.
  *
  * @param usertype User type (admins, users, or groups)
  * @return User list
  * @throws JargonException
  * @throws IOException
  * @throws Exception
  */
 @RequestMapping(value = "/services/users", method = RequestMethod.GET)
 @ResponseBody
 public UserListMetadata getUsers() throws JargonException, IOException {
   IRODSAccount irodsAccount =
       (IRODSAccount) request.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
   UserAO userAO = irodsAccessObjectFactory.getUserAO(irodsAccount);
   UserListMetadata users = new UserListMetadata(userAO.findAll());
   return users;
 }
 /**
  * Retrieve info for particular iBIOMES user.
  *
  * @param headers
  * @param username
  * @return
  * @throws IOException
  * @throws JargonException
  */
 @RequestMapping(value = "/services/users/{username}", method = RequestMethod.GET)
 @ResponseBody
 public UserMetadata getUser(@PathVariable("username") String username)
     throws JargonException, IOException {
   IRODSAccount irodsAccount =
       (IRODSAccount) request.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
   UserAO userAO = irodsAccessObjectFactory.getUserAO(irodsAccount);
   UserMetadata user = new UserMetadata(userAO.findByName(username));
   return user;
 }
  /**
   * Update user password.
   *
   * @param headers
   * @param username
   * @return
   * @throws IOException
   * @throws JargonException
   */
  @RequestMapping(value = "/services/users/{username}/updatepwd", method = RequestMethod.GET)
  @ResponseBody
  public IBIOMESResponse updateUserPassword(
      @PathVariable("username") String username,
      @RequestParam("oldPwd") String oldPwd,
      @RequestParam("newPwd") String newPwd)
      throws JargonException, IOException {
    IRODSAccount irodsAccount =
        (IRODSAccount) request.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
    UserAO userAO = irodsAccessObjectFactory.getUserAO(irodsAccount);
    try {
      userAO.changeAUserPasswordByThatUser(username, oldPwd, newPwd);

      // create new iRODS account object to reflect changes
      IRODSAccount newAccount =
          IRODSAccount.instance(
              irodsAccount.getHost(),
              irodsAccount.getPort(),
              irodsAccount.getUserName(),
              newPwd,
              irodsAccount.getHomeDirectory(),
              irodsAccount.getZone(),
              irodsAccount.getDefaultStorageResource());

      IRODSSession session = irodsAccessObjectFactory.getIrodsSession();

      // TODO UPDATE SESSION INFO!!! OR SOEMTHING WRONG HERE...

      AuthResponse authResponse = null;
      IRODSAccessObjectFactory accessAO = IRODSAccessObjectFactoryImpl.instance(session);
      try {
        request.getSession().removeAttribute("SPRING_SECURITY_CONTEXT");
        authResponse = accessAO.authenticateIRODSAccount(newAccount);
        session.currentConnection(authResponse.getAuthenticatedIRODSAccount());
        request
            .getSession()
            .setAttribute("SPRING_SECURITY_CONTEXT", authResponse.getAuthenticatedIRODSAccount());
      } catch (JargonException e) {
        e.printStackTrace();
        return new IBIOMESResponse(
            false,
            "Cannot update session information. Exception: " + e.getLocalizedMessage(),
            null);
      }

    } catch (AuthenticationException exc) {
      return new IBIOMESResponse(false, "Current password is not correct", null);
    }

    return new IBIOMESResponse(true, "Password successfully updated", null);
  }
Exemplo n.º 4
0
  @GET
  @Path("/{userName}")
  @Produces({"application/xml", "application/json"})
  @Mapped(
      namespaceMap = {
        @XmlNsMap(namespace = "http://irods.org/irods-rest", jsonName = "irods-rest")
      })
  public UserData getUser(
      @HeaderParam("Authorization") final String authorization,
      @PathParam("userName") final String userName,
      @QueryParam("admin") @DefaultValue("false") final boolean isAdmin)
      throws JargonException {

    log.info("getUser()");

    if (authorization == null || authorization.isEmpty()) {
      throw new IllegalArgumentException("null or empty authorization");
    }

    if (userName == null || userName.isEmpty()) {
      throw new IllegalArgumentException("null or empty userName");
    }

    if (getIrodsAccessObjectFactory() == null) {
      throw new IllegalArgumentException("null irodsAccessObjectFactory");
    }

    log.info("as admin?:{}", isAdmin);

    try {
      IRODSAccount irodsAccount =
          RestAuthUtils.getIRODSAccountFromBasicAuthValues(authorization, getRestConfiguration());
      UserAO userAO = getIrodsAccessObjectFactory().getUserAO(irodsAccount);
      log.info("looking up user with name:{}", userName);
      User user = userAO.findByName(userName);
      log.info("user found:{}", user);

      return new UserData(user, getRestConfiguration());
    } finally {
      getIrodsAccessObjectFactory().closeSessionAndEatExceptions();
    }
  }
 /**
  * Create temporary user password.
  *
  * @return
  * @throws JargonException
  */
 @RequestMapping(value = "/services/user/getTmpPassword", method = RequestMethod.GET)
 @ResponseBody
 public IBIOMESResponse getTemporaryPassword() throws JargonException {
   IRODSAccount irodsAccount =
       (IRODSAccount) request.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
   if (irodsAccount.isAnonymousAccount()) {
     return new IBIOMESResponse(true, "", "");
   } else {
     UserAO userAO = irodsAccessObjectFactory.getUserAO(irodsAccount);
     try {
       String password = userAO.getTemporaryPasswordForConnectedUser();
       return new IBIOMESResponse(true, "", password);
     } catch (AuthenticationException exc) {
       return new IBIOMESResponse(
           false,
           "Could not generate temporary password for user '" + irodsAccount.getUserName() + "'",
           null);
     }
   }
 }
Exemplo n.º 6
0
  /**
   * Add a user and set the password based on a {@link UserAddByAdminRequest}, which is expected as
   * a JSON structure in the PUT message body. This method will return a JSON structure reflecting
   * {@link UserAddActionResponse} with error or success details.
   *
   * <p>In iRODS, this method will add the user and set a temporary password as described in the
   * JSON request.
   *
   * <p>Note that any Jargon or other exceptions are trapped and returned to the caller in the
   * response.
   *
   * @param authorization BasicAuth info
   * @param userAddByAdminRequest {@link UserAddByAdminRequest}
   * @return {@link UserAddActionResponse}
   */
  @PUT
  @Consumes("application/json")
  @Mapped(
      namespaceMap = {
        @XmlNsMap(namespace = "http://irods.org/irods-rest", jsonName = "irods-rest")
      })
  public UserAddActionResponse addUser(
      @HeaderParam("Authorization") final String authorization,
      final UserAddByAdminRequest userAddByAdminRequest) {
    log.info("addUser()");
    UserAddActionResponse response = new UserAddActionResponse();

    if (userAddByAdminRequest == null) {
      log.error("request not found");
      response.setUserAddActionResponse(UserAddActionResponseCode.ATTRIBUTES_MISSING);
      response.setMessage("null userAddByAdminRequest");
      return response;
    }

    log.info("userAddByAdminRequest:{}", userAddByAdminRequest);

    if (userAddByAdminRequest.getUserName() == null
        || userAddByAdminRequest.getUserName().isEmpty()) {
      log.error("user name missing");
      response.setMessage("User name is missing in the request");
      response.setUserAddActionResponse(UserAddActionResponseCode.ATTRIBUTES_MISSING);
      return response;
    }

    if (userAddByAdminRequest.getTempPassword() == null
        || userAddByAdminRequest.getTempPassword().isEmpty()) {
      log.error("temp password is missing");
      response.setMessage("temp password is missing in the request");
      response.setUserName(userAddByAdminRequest.getUserName());
      response.setUserAddActionResponse(UserAddActionResponseCode.ATTRIBUTES_MISSING);
      return response;
    }

    try {
      IRODSAccount irodsAccount =
          RestAuthUtils.getIRODSAccountFromBasicAuthValues(authorization, getRestConfiguration());

      UserAO userAO = getIrodsAccessObjectFactory().getUserAO(irodsAccount);

      log.info("adding user based on:{}", userAddByAdminRequest);
      User user = new User();
      user.setName(userAddByAdminRequest.getUserName());
      user.setUserDN(userAddByAdminRequest.getDistinguishedName());
      user.setUserType(UserTypeEnum.RODS_USER);
      userAO.addUser(user);
      log.info("user added... set the password");

      userAO.changeAUserPasswordByAnAdmin(user.getName(), userAddByAdminRequest.getTempPassword());
      log.info("password was set to requested value");

      response.setMessage("success");
      response.setUserName(userAddByAdminRequest.getUserName());
      response.setUserAddActionResponse(UserAddActionResponseCode.SUCCESS);
      response.setIrodsEnv(
          ConfigurationUtils.buildIrodsEnvForConfigAndUser(
              getRestConfiguration(), user.getNameWithZone()));
      response.setWebAccessURL(getRestConfiguration().getWebInterfaceURL());
      return response;
    } catch (DuplicateDataException dde) {
      log.error("duplicate data for user add", dde);
      response.setMessage(dde.getMessage());
      response.setUserName(userAddByAdminRequest.getUserName());
      response.setUserAddActionResponse(UserAddActionResponseCode.USER_NAME_IS_TAKEN);
      return response;
    } catch (JargonException je) {
      log.error("Jargon exception in user add", je);
      response.setMessage(je.getMessage());
      response.setUserName(userAddByAdminRequest.getUserName());
      response.setUserAddActionResponse(UserAddActionResponseCode.INTERNAL_ERROR);
      return response;
    } finally {
      getIrodsAccessObjectFactory().closeSessionAndEatExceptions();
    }
  }
  @Test
  public void testAddUserDuplicateByAdmin() throws Exception {

    String testUser = "******";
    String testPassword = "******";
    IRODSAccount irodsAccount =
        testingPropertiesHelper.buildIRODSAccountFromTestProperties(testingProperties);

    IRODSAccessObjectFactory accessObjectFactory = irodsFileSystem.getIRODSAccessObjectFactory();

    UserAO userAO = accessObjectFactory.getUserAO(irodsAccount);
    userAO.deleteUser(testUser);
    User user = new User();
    user.setName(testUser);
    user.setUserType(UserTypeEnum.RODS_USER);
    userAO.addUser(user);

    StringBuilder sb = new StringBuilder();
    sb.append("http://localhost:");
    sb.append(
        testingPropertiesHelper.getPropertyValueAsInt(
            testingProperties, RestTestingProperties.REST_PORT_PROPERTY));
    sb.append("/user/");

    DefaultHttpClientAndContext clientAndContext =
        RestAuthUtils.httpClientSetup(irodsAccount, testingProperties);
    try {

      HttpPut httpPut = new HttpPut(sb.toString());
      httpPut.addHeader("accept", "application/json");
      httpPut.addHeader("Content-Type", "application/json");

      ObjectMapper mapper = new ObjectMapper();
      UserAddByAdminRequest addRequest = new UserAddByAdminRequest();
      addRequest.setDistinguishedName("dn here");
      addRequest.setTempPassword(testPassword);
      addRequest.setUserName(testUser);
      String body = mapper.writeValueAsString(addRequest);

      System.out.println(body);

      httpPut.setEntity(new StringEntity(body));

      HttpResponse response =
          clientAndContext.getHttpClient().execute(httpPut, clientAndContext.getHttpContext());
      HttpEntity entity = response.getEntity();
      Assert.assertEquals(200, response.getStatusLine().getStatusCode());
      String entityData = EntityUtils.toString(entity);

      System.out.println(entityData);

      UserAddActionResponse actual = mapper.readValue(entityData, UserAddActionResponse.class);
      Assert.assertEquals(testUser, actual.getUserName());
      Assert.assertEquals(
          UserAddActionResponse.UserAddActionResponseCode.USER_NAME_IS_TAKEN,
          actual.getUserAddActionResponse());
      Assert.assertEquals(
          UserAddActionResponse.UserAddActionResponseCode.USER_NAME_IS_TAKEN.ordinal(),
          actual.getUserAddActionResponseNumericCode());

    } finally {
      // When HttpClient instance is no longer needed,
      // shut down the connection manager to ensure
      // immediate deallocation of all system resources
      clientAndContext.getHttpClient().getConnectionManager().shutdown();
    }
  }
  @Test
  public void testAddUserByAdminLongDn() throws Exception {

    String testUser = "******";
    String testPassword = "******";
    String testDN =
        "/CN=xxxxxyyxx-64f0-4d49-a0a9-508a8a5328cd/emailAddress=xxxxxxxxxxthismaynotshowup";
    IRODSAccount irodsAccount =
        testingPropertiesHelper.buildIRODSAccountFromTestProperties(testingProperties);

    IRODSAccount userAccount =
        testingPropertiesHelper.buildIRODSAccountForIRODSUserFromTestPropertiesForGivenUser(
            testingProperties, testUser, testPassword);

    IRODSAccessObjectFactory accessObjectFactory = irodsFileSystem.getIRODSAccessObjectFactory();

    UserAO userAO = accessObjectFactory.getUserAO(irodsAccount);

    try {
      userAO.findByName(testUser);
      String homeDir = MiscIRODSUtils.computeHomeDirectoryForIRODSAccount(userAccount);
      IRODSFile userHomeDir =
          irodsFileSystem.getIRODSFileFactory(userAccount).instanceIRODSFile(homeDir);

      for (File homeDirFile : userHomeDir.listFiles()) {
        homeDirFile.delete();
      }
      userAO.deleteUser(testUser);

    } catch (DataNotFoundException dnf) {
      // OK
    }

    StringBuilder sb = new StringBuilder();
    sb.append("http://localhost:");
    sb.append(
        testingPropertiesHelper.getPropertyValueAsInt(
            testingProperties, RestTestingProperties.REST_PORT_PROPERTY));
    sb.append("/user/");

    DefaultHttpClientAndContext clientAndContext =
        RestAuthUtils.httpClientSetup(irodsAccount, testingProperties);
    try {

      HttpPut httpPut = new HttpPut(sb.toString());
      httpPut.addHeader("accept", "application/json");
      httpPut.addHeader("Content-Type", "application/json");

      ObjectMapper mapper = new ObjectMapper();
      UserAddByAdminRequest addRequest = new UserAddByAdminRequest();
      addRequest.setDistinguishedName(testDN);
      addRequest.setTempPassword(testPassword);
      addRequest.setUserName(testUser);
      String body = mapper.writeValueAsString(addRequest);

      System.out.println(body);

      httpPut.setEntity(new StringEntity(body));

      HttpResponse response =
          clientAndContext.getHttpClient().execute(httpPut, clientAndContext.getHttpContext());
      HttpEntity entity = response.getEntity();
      Assert.assertEquals(200, response.getStatusLine().getStatusCode());
      String entityData = EntityUtils.toString(entity);

      System.out.println(entityData);

      UserAddActionResponse actual = mapper.readValue(entityData, UserAddActionResponse.class);
      Assert.assertEquals(testUser, actual.getUserName());
      Assert.assertEquals(
          UserAddActionResponse.UserAddActionResponseCode.SUCCESS,
          actual.getUserAddActionResponse());
      Assert.assertEquals(
          UserAddActionResponse.UserAddActionResponseCode.SUCCESS.ordinal(),
          actual.getUserAddActionResponseNumericCode());

    } finally {
      // When HttpClient instance is no longer needed,
      // shut down the connection manager to ensure
      // immediate deallocation of all system resources
      clientAndContext.getHttpClient().getConnectionManager().shutdown();
    }

    User user = userAO.findByName(testUser);
    Assert.assertNotNull("user not added", user);
    Assert.assertEquals("dn not set", testDN, user.getUserDN());
  }