mirror of
https://github.com/scm-manager/scm-manager.git
synced 2025-11-12 08:25:44 +01:00
Merge with 2.0.0-m3
This commit is contained in:
René Pfeuffer
@@ -15,7 +15,7 @@ public class ManagerDaoAdapter<T extends ModelObject> {
|
||||
this.dao = dao;
|
||||
}
|
||||
|
||||
public void modify(T object, Function<T, PermissionCheck> permissionCheck, AroundHandler<T> beforeUpdate, AroundHandler<T> afterUpdate) throws NotFoundException {
|
||||
public void modify(T object, Function<T, PermissionCheck> permissionCheck, AroundHandler<T> beforeUpdate, AroundHandler<T> afterUpdate) {
|
||||
T notModified = dao.get(object.getId());
|
||||
if (notModified != null) {
|
||||
permissionCheck.apply(notModified).check();
|
||||
@@ -51,7 +51,7 @@ public class ManagerDaoAdapter<T extends ModelObject> {
|
||||
return newObject;
|
||||
}
|
||||
|
||||
public void delete(T toDelete, Supplier<PermissionCheck> permissionCheck, AroundHandler<T> beforeDelete, AroundHandler<T> afterDelete) throws NotFoundException {
|
||||
public void delete(T toDelete, Supplier<PermissionCheck> permissionCheck, AroundHandler<T> beforeDelete, AroundHandler<T> afterDelete) {
|
||||
permissionCheck.get().check();
|
||||
if (dao.contains(toDelete)) {
|
||||
beforeDelete.handle(toDelete);
|
||||
|
||||
@@ -63,6 +63,6 @@ public class IllegalArgumentExceptionMapper
|
||||
public Response toResponse(IllegalArgumentException exception)
|
||||
{
|
||||
log.info("caught IllegalArgumentException -- mapping to bad request", exception);
|
||||
return Response.status(Status.BAD_REQUEST).build();
|
||||
return Response.status(Status.BAD_REQUEST).entity(exception.getMessage()).build();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -109,7 +109,7 @@ public class ChangePasswordResource
|
||||
@ResponseCode(code = 500, condition = "internal server error")
|
||||
})
|
||||
@Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
|
||||
public Response changePassword(@FormParam("old-password") String oldPassword, @FormParam("new-password") String newPassword) throws NotFoundException, ConcurrentModificationException {
|
||||
public Response changePassword(@FormParam("old-password") String oldPassword, @FormParam("new-password") String newPassword) {
|
||||
AssertUtil.assertIsNotEmpty(oldPassword);
|
||||
AssertUtil.assertIsNotEmpty(newPassword);
|
||||
|
||||
|
||||
@@ -50,7 +50,7 @@ public class DiffRootResource {
|
||||
@ResponseCode(code = 404, condition = "not found, no revision with the specified param for the repository available or repository not found"),
|
||||
@ResponseCode(code = 500, condition = "internal server error")
|
||||
})
|
||||
public Response get(@PathParam("namespace") String namespace, @PathParam("name") String name, @PathParam("revision") String revision) throws NotFoundException {
|
||||
public Response get(@PathParam("namespace") String namespace, @PathParam("name") String name, @PathParam("revision") String revision){
|
||||
HttpUtil.checkForCRLFInjection(revision);
|
||||
try (RepositoryService repositoryService = serviceFactory.create(new NamespaceAndName(namespace, name))) {
|
||||
StreamingOutput responseEntry = output -> {
|
||||
|
||||
@@ -53,7 +53,7 @@ public class GroupResource {
|
||||
@ResponseCode(code = 404, condition = "not found, no group with the specified id/name available"),
|
||||
@ResponseCode(code = 500, condition = "internal server error")
|
||||
})
|
||||
public Response get(@PathParam("id") String id) throws NotFoundException {
|
||||
public Response get(@PathParam("id") String id){
|
||||
return adapter.get(id, groupToGroupDtoMapper::map);
|
||||
}
|
||||
|
||||
@@ -98,7 +98,7 @@ public class GroupResource {
|
||||
@ResponseCode(code = 500, condition = "internal server error")
|
||||
})
|
||||
@TypeHint(TypeHint.NO_CONTENT.class)
|
||||
public Response update(@PathParam("id") String name, @Valid GroupDto groupDto) throws NotFoundException, ConcurrentModificationException {
|
||||
public Response update(@PathParam("id") String name, @Valid GroupDto groupDto) throws ConcurrentModificationException {
|
||||
return adapter.update(name, existing -> dtoToGroupMapper.map(groupDto));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -5,12 +5,10 @@ import sonia.scm.AlreadyExistsException;
|
||||
import sonia.scm.ConcurrentModificationException;
|
||||
import sonia.scm.Manager;
|
||||
import sonia.scm.ModelObject;
|
||||
import sonia.scm.NotFoundException;
|
||||
import sonia.scm.PageResult;
|
||||
|
||||
import javax.ws.rs.core.Response;
|
||||
import java.util.Optional;
|
||||
import java.util.function.Consumer;
|
||||
import java.util.function.Function;
|
||||
import java.util.function.Predicate;
|
||||
import java.util.function.Supplier;
|
||||
@@ -34,20 +32,11 @@ class IdResourceManagerAdapter<MODEL_OBJECT extends ModelObject,
|
||||
collectionAdapter = new CollectionResourceManagerAdapter<>(manager, type);
|
||||
}
|
||||
|
||||
Response get(String id, Function<MODEL_OBJECT, DTO> mapToDto) throws NotFoundException {
|
||||
Response get(String id, Function<MODEL_OBJECT, DTO> mapToDto) {
|
||||
return singleAdapter.get(loadBy(id), mapToDto);
|
||||
}
|
||||
|
||||
public Response update(String id, Function<MODEL_OBJECT, MODEL_OBJECT> applyChanges, Consumer<MODEL_OBJECT> checker) throws NotFoundException, ConcurrentModificationException {
|
||||
return singleAdapter.update(
|
||||
loadBy(id),
|
||||
applyChanges,
|
||||
idStaysTheSame(id),
|
||||
checker
|
||||
);
|
||||
}
|
||||
|
||||
public Response update(String id, Function<MODEL_OBJECT, MODEL_OBJECT> applyChanges) throws NotFoundException, ConcurrentModificationException {
|
||||
public Response update(String id, Function<MODEL_OBJECT, MODEL_OBJECT> applyChanges) throws ConcurrentModificationException {
|
||||
return singleAdapter.update(
|
||||
loadBy(id),
|
||||
applyChanges,
|
||||
|
||||
@@ -5,14 +5,12 @@ import com.webcohesion.enunciate.metadata.rs.StatusCodes;
|
||||
import com.webcohesion.enunciate.metadata.rs.TypeHint;
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.apache.shiro.authc.credential.PasswordService;
|
||||
import sonia.scm.ConcurrentModificationException;
|
||||
import sonia.scm.NotFoundException;
|
||||
import sonia.scm.user.InvalidPasswordException;
|
||||
import sonia.scm.user.User;
|
||||
import sonia.scm.user.UserManager;
|
||||
import sonia.scm.web.VndMediaType;
|
||||
|
||||
import javax.inject.Inject;
|
||||
import javax.validation.Valid;
|
||||
import javax.ws.rs.Consumes;
|
||||
import javax.ws.rs.GET;
|
||||
import javax.ws.rs.PUT;
|
||||
@@ -22,9 +20,6 @@ import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.Request;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.UriInfo;
|
||||
import java.util.function.Consumer;
|
||||
|
||||
import static sonia.scm.user.InvalidPasswordException.INVALID_MATCHING;
|
||||
|
||||
|
||||
/**
|
||||
@@ -60,7 +55,7 @@ public class MeResource {
|
||||
@ResponseCode(code = 401, condition = "not authenticated / invalid credentials"),
|
||||
@ResponseCode(code = 500, condition = "internal server error")
|
||||
})
|
||||
public Response get(@Context Request request, @Context UriInfo uriInfo) throws NotFoundException {
|
||||
public Response get(@Context Request request, @Context UriInfo uriInfo) {
|
||||
|
||||
String id = (String) SecurityUtils.getSubject().getPrincipals().getPrimaryPrincipal();
|
||||
return adapter.get(id, meToUserDtoMapper::map);
|
||||
@@ -78,19 +73,8 @@ public class MeResource {
|
||||
})
|
||||
@TypeHint(TypeHint.NO_CONTENT.class)
|
||||
@Consumes(VndMediaType.PASSWORD_CHANGE)
|
||||
public Response changePassword(PasswordChangeDto passwordChangeDto) throws NotFoundException, ConcurrentModificationException {
|
||||
String name = (String) SecurityUtils.getSubject().getPrincipals().getPrimaryPrincipal();
|
||||
return adapter.update(name, user -> user.changePassword(passwordService.encryptPassword(passwordChangeDto.getNewPassword())), userManager.getUserTypeChecker().andThen(getOldOriginalPasswordChecker(passwordChangeDto.getOldPassword())));
|
||||
}
|
||||
|
||||
/**
|
||||
* Match given old password from the dto with the stored password before updating
|
||||
*/
|
||||
private Consumer<User> getOldOriginalPasswordChecker(String oldPassword) {
|
||||
return user -> {
|
||||
if (!user.getPassword().equals(passwordService.encryptPassword(oldPassword))) {
|
||||
throw new InvalidPasswordException(INVALID_MATCHING);
|
||||
}
|
||||
};
|
||||
public Response changePassword(@Valid PasswordChangeDto passwordChangeDto) {
|
||||
userManager.changePasswordForLoggedInUser(passwordService.encryptPassword(passwordChangeDto.getOldPassword()), passwordService.encryptPassword(passwordChangeDto.getNewPassword()));
|
||||
return Response.noContent().build();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -10,6 +10,7 @@ import org.hibernate.validator.constraints.NotEmpty;
|
||||
@ToString
|
||||
public class PasswordChangeDto {
|
||||
|
||||
@NotEmpty
|
||||
private String oldPassword;
|
||||
|
||||
@NotEmpty
|
||||
|
||||
@@ -0,0 +1,14 @@
|
||||
package sonia.scm.api.v2.resources;
|
||||
|
||||
import lombok.Getter;
|
||||
import lombok.Setter;
|
||||
import lombok.ToString;
|
||||
import org.hibernate.validator.constraints.NotEmpty;
|
||||
|
||||
@Getter
|
||||
@Setter
|
||||
@ToString
|
||||
public class PasswordOverwriteDto {
|
||||
@NotEmpty
|
||||
private String newPassword;
|
||||
}
|
||||
@@ -100,7 +100,7 @@ public class PermissionRootResource {
|
||||
@Produces(VndMediaType.PERMISSION)
|
||||
@TypeHint(PermissionDto.class)
|
||||
@Path("{permission-name}")
|
||||
public Response get(@PathParam("namespace") String namespace, @PathParam("name") String name, @PathParam("permission-name") String permissionName) throws NotFoundException {
|
||||
public Response get(@PathParam("namespace") String namespace, @PathParam("name") String name, @PathParam("permission-name") String permissionName) {
|
||||
Repository repository = load(namespace, name);
|
||||
RepositoryPermissions.permissionRead(repository).check();
|
||||
return Response.ok(
|
||||
@@ -158,7 +158,7 @@ public class PermissionRootResource {
|
||||
public Response update(@PathParam("namespace") String namespace,
|
||||
@PathParam("name") String name,
|
||||
@PathParam("permission-name") String permissionName,
|
||||
@Valid PermissionDto permission) throws NotFoundException, AlreadyExistsException {
|
||||
@Valid PermissionDto permission) throws AlreadyExistsException {
|
||||
log.info("try to update the permission with name: {}. the modified permission is: {}", permissionName, permission);
|
||||
Repository repository = load(namespace, name);
|
||||
RepositoryPermissions.permissionWrite(repository).check();
|
||||
@@ -198,7 +198,7 @@ public class PermissionRootResource {
|
||||
@Path("{permission-name}")
|
||||
public Response delete(@PathParam("namespace") String namespace,
|
||||
@PathParam("name") String name,
|
||||
@PathParam("permission-name") String permissionName) throws NotFoundException {
|
||||
@PathParam("permission-name") String permissionName) {
|
||||
log.info("try to delete the permission with name: {}.", permissionName);
|
||||
Repository repository = load(namespace, name);
|
||||
RepositoryPermissions.modify(repository).check();
|
||||
|
||||
@@ -91,7 +91,7 @@ public class RepositoryResource {
|
||||
@ResponseCode(code = 404, condition = "not found, no repository with the specified name available in the namespace"),
|
||||
@ResponseCode(code = 500, condition = "internal server error")
|
||||
})
|
||||
public Response get(@PathParam("namespace") String namespace, @PathParam("name") String name) throws NotFoundException {
|
||||
public Response get(@PathParam("namespace") String namespace, @PathParam("name") String name){
|
||||
return adapter.get(loadBy(namespace, name), repositoryToDtoMapper::map);
|
||||
}
|
||||
|
||||
@@ -138,7 +138,7 @@ public class RepositoryResource {
|
||||
@ResponseCode(code = 500, condition = "internal server error")
|
||||
})
|
||||
@TypeHint(TypeHint.NO_CONTENT.class)
|
||||
public Response update(@PathParam("namespace") String namespace, @PathParam("name") String name, @Valid RepositoryDto repositoryDto) throws NotFoundException, ConcurrentModificationException {
|
||||
public Response update(@PathParam("namespace") String namespace, @PathParam("name") String name, @Valid RepositoryDto repositoryDto) throws ConcurrentModificationException {
|
||||
return adapter.update(
|
||||
loadBy(namespace, name),
|
||||
existing -> processUpdate(repositoryDto, existing),
|
||||
|
||||
@@ -87,7 +87,7 @@ class ResourceLinks {
|
||||
}
|
||||
|
||||
public String passwordChange(String name) {
|
||||
return userLinkBuilder.method("getUserResource").parameters(name).method("changePassword").parameters().href();
|
||||
return userLinkBuilder.method("getUserResource").parameters(name).method("overwritePassword").parameters().href();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -47,7 +47,7 @@ class SingleResourceManagerAdapter<MODEL_OBJECT extends ModelObject,
|
||||
* Reads the model object for the given id, transforms it to a dto and returns a corresponding http response.
|
||||
* This handles all corner cases, eg. no matching object for the id or missing privileges.
|
||||
*/
|
||||
Response get(Supplier<Optional<MODEL_OBJECT>> reader, Function<MODEL_OBJECT, DTO> mapToDto) throws NotFoundException {
|
||||
Response get(Supplier<Optional<MODEL_OBJECT>> reader, Function<MODEL_OBJECT, DTO> mapToDto) {
|
||||
return reader.get()
|
||||
.map(mapToDto)
|
||||
.map(Response::ok)
|
||||
|
||||
@@ -45,7 +45,7 @@ public class SourceRootResource {
|
||||
@GET
|
||||
@Produces(VndMediaType.SOURCE)
|
||||
@Path("{revision}/{path: .*}")
|
||||
public Response get(@PathParam("namespace") String namespace, @PathParam("name") String name, @PathParam("revision") String revision, @PathParam("path") String path) throws NotFoundException, IOException {
|
||||
public Response get(@PathParam("namespace") String namespace, @PathParam("name") String name, @PathParam("revision") String revision, @PathParam("path") String path) throws IOException {
|
||||
return getSource(namespace, name, path, revision);
|
||||
}
|
||||
|
||||
|
||||
@@ -5,7 +5,6 @@ import com.webcohesion.enunciate.metadata.rs.StatusCodes;
|
||||
import com.webcohesion.enunciate.metadata.rs.TypeHint;
|
||||
import org.apache.shiro.authc.credential.PasswordService;
|
||||
import sonia.scm.ConcurrentModificationException;
|
||||
import sonia.scm.NotFoundException;
|
||||
import sonia.scm.user.User;
|
||||
import sonia.scm.user.UserManager;
|
||||
import sonia.scm.web.VndMediaType;
|
||||
@@ -57,7 +56,7 @@ public class UserResource {
|
||||
@ResponseCode(code = 404, condition = "not found, no user with the specified id/name available"),
|
||||
@ResponseCode(code = 500, condition = "internal server error")
|
||||
})
|
||||
public Response get(@PathParam("id") String id) throws NotFoundException {
|
||||
public Response get(@PathParam("id") String id) {
|
||||
return adapter.get(id, userToDtoMapper::map);
|
||||
}
|
||||
|
||||
@@ -102,7 +101,7 @@ public class UserResource {
|
||||
@ResponseCode(code = 500, condition = "internal server error")
|
||||
})
|
||||
@TypeHint(TypeHint.NO_CONTENT.class)
|
||||
public Response update(@PathParam("id") String name, @Valid UserDto userDto) throws NotFoundException, ConcurrentModificationException {
|
||||
public Response update(@PathParam("id") String name, @Valid UserDto userDto) throws ConcurrentModificationException {
|
||||
return adapter.update(name, existing -> dtoToUserMapper.map(userDto, existing.getPassword()));
|
||||
}
|
||||
|
||||
@@ -111,13 +110,15 @@ public class UserResource {
|
||||
* The oldPassword property of the DTO is not needed here. it will be ignored.
|
||||
* The oldPassword property is needed in the MeResources when the actual user change the own password.
|
||||
*
|
||||
* <strong>Note:</strong> This method requires "user:modify" privilege.
|
||||
* <strong>Note:</strong> This method requires "user:modify" privilege to modify the password of other users.
|
||||
* <strong>Note:</strong> This method requires "user:changeOwnPassword" privilege to modify the own password.
|
||||
*
|
||||
* @param name name of the user to be modified
|
||||
* @param passwordChangeDto change password object to modify password. the old password is here not required
|
||||
* @param passwordOverwriteDto change password object to modify password. the old password is here not required
|
||||
*/
|
||||
@PUT
|
||||
@Path("password")
|
||||
@Consumes(VndMediaType.PASSWORD_CHANGE)
|
||||
@Consumes(VndMediaType.PASSWORD_OVERWRITE)
|
||||
@StatusCodes({
|
||||
@ResponseCode(code = 204, condition = "update success"),
|
||||
@ResponseCode(code = 400, condition = "Invalid body, e.g. the user type is not xml or the given oldPassword do not match the stored one"),
|
||||
@@ -127,8 +128,8 @@ public class UserResource {
|
||||
@ResponseCode(code = 500, condition = "internal server error")
|
||||
})
|
||||
@TypeHint(TypeHint.NO_CONTENT.class)
|
||||
public Response changePassword(@PathParam("id") String name, @Valid PasswordChangeDto passwordChangeDto) throws NotFoundException, ConcurrentModificationException {
|
||||
return adapter.update(name, user -> user.changePassword(passwordService.encryptPassword(passwordChangeDto.getNewPassword())), userManager.getUserTypeChecker());
|
||||
public Response overwritePassword(@PathParam("id") String name, @Valid PasswordOverwriteDto passwordOverwriteDto) {
|
||||
userManager.overwritePassword(name, passwordService.encryptPassword(passwordOverwriteDto.getNewPassword()));
|
||||
return Response.noContent().build();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -39,9 +39,9 @@ public abstract class UserToUserDtoMapper extends BaseMapper<User, UserDto> {
|
||||
}
|
||||
if (UserPermissions.modify(user).isPermitted()) {
|
||||
linksBuilder.single(link("update", resourceLinks.user().update(target.getName())));
|
||||
}
|
||||
if (userManager.isTypeDefault(user)) {
|
||||
linksBuilder.single(link("password", resourceLinks.user().passwordChange(target.getName())));
|
||||
if (userManager.isTypeDefault(user)) {
|
||||
linksBuilder.single(link("password", resourceLinks.user().passwordChange(target.getName())));
|
||||
}
|
||||
}
|
||||
target.add(linksBuilder.build());
|
||||
}
|
||||
|
||||
@@ -125,7 +125,7 @@ public class DefaultGroupManager extends AbstractGroupManager
|
||||
}
|
||||
|
||||
@Override
|
||||
public void delete(Group group) throws NotFoundException {
|
||||
public void delete(Group group){
|
||||
logger.info("delete group {} of type {}", group.getName(), group.getType());
|
||||
managerDaoAdapter.delete(
|
||||
group,
|
||||
@@ -145,7 +145,7 @@ public class DefaultGroupManager extends AbstractGroupManager
|
||||
public void init(SCMContextProvider context) {}
|
||||
|
||||
@Override
|
||||
public void modify(Group group) throws NotFoundException {
|
||||
public void modify(Group group){
|
||||
logger.info("modify group {} of type {}", group.getName(), group.getType());
|
||||
|
||||
managerDaoAdapter.modify(
|
||||
@@ -160,7 +160,7 @@ public class DefaultGroupManager extends AbstractGroupManager
|
||||
}
|
||||
|
||||
@Override
|
||||
public void refresh(Group group) throws NotFoundException {
|
||||
public void refresh(Group group){
|
||||
String name = group.getName();
|
||||
if (logger.isInfoEnabled())
|
||||
{
|
||||
|
||||
@@ -151,7 +151,7 @@ public class DefaultRepositoryManager extends AbstractRepositoryManager {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void delete(Repository repository) throws NotFoundException {
|
||||
public void delete(Repository repository){
|
||||
logger.info("delete repository {}/{} of type {}", repository.getNamespace(), repository.getName(), repository.getType());
|
||||
managerDaoAdapter.delete(
|
||||
repository,
|
||||
@@ -179,7 +179,7 @@ public class DefaultRepositoryManager extends AbstractRepositoryManager {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void modify(Repository repository) throws NotFoundException {
|
||||
public void modify(Repository repository){
|
||||
logger.info("modify repository {}/{} of type {}", repository.getNamespace(), repository.getName(), repository.getType());
|
||||
|
||||
managerDaoAdapter.modify(
|
||||
|
||||
@@ -55,7 +55,7 @@ public final class HealthChecker {
|
||||
this.repositoryManager = repositoryManager;
|
||||
}
|
||||
|
||||
public void check(String id) throws NotFoundException {
|
||||
public void check(String id){
|
||||
RepositoryPermissions.healthCheck(id).check();
|
||||
|
||||
Repository repository = repositoryManager.get(id);
|
||||
@@ -68,7 +68,7 @@ public final class HealthChecker {
|
||||
}
|
||||
|
||||
public void check(Repository repository)
|
||||
throws NotFoundException, ConcurrentModificationException {
|
||||
{
|
||||
RepositoryPermissions.healthCheck(repository).check();
|
||||
|
||||
doCheck(repository);
|
||||
@@ -83,7 +83,7 @@ public final class HealthChecker {
|
||||
if (check.isPermitted(repository)) {
|
||||
try {
|
||||
check(repository);
|
||||
} catch (ConcurrentModificationException | NotFoundException ex) {
|
||||
} catch (NotFoundException ex) {
|
||||
logger.error("health check ends with exception", ex);
|
||||
}
|
||||
} else {
|
||||
@@ -94,7 +94,7 @@ public final class HealthChecker {
|
||||
}
|
||||
}
|
||||
|
||||
private void doCheck(Repository repository) throws NotFoundException {
|
||||
private void doCheck(Repository repository){
|
||||
logger.info("start health check for repository {}", repository.getName());
|
||||
|
||||
HealthCheckResult result = HealthCheckResult.healthy();
|
||||
|
||||
@@ -260,6 +260,7 @@ public class DefaultAuthorizationCollector implements AuthorizationCollector
|
||||
builder.add(canReadOwnUser(user));
|
||||
builder.add(getUserAutocompletePermission());
|
||||
builder.add(getGroupAutocompletePermission());
|
||||
builder.add(getChangeOwnPasswordPermission(user));
|
||||
permissions = builder.build();
|
||||
}
|
||||
|
||||
@@ -272,6 +273,10 @@ public class DefaultAuthorizationCollector implements AuthorizationCollector
|
||||
return GroupPermissions.autocomplete().asShiroString();
|
||||
}
|
||||
|
||||
private String getChangeOwnPasswordPermission(User user) {
|
||||
return UserPermissions.changePassword(user).asShiroString();
|
||||
}
|
||||
|
||||
private String getUserAutocompletePermission() {
|
||||
return UserPermissions.autocomplete().asShiroString();
|
||||
}
|
||||
|
||||
@@ -33,11 +33,10 @@
|
||||
|
||||
package sonia.scm.user;
|
||||
|
||||
//~--- non-JDK imports --------------------------------------------------------
|
||||
|
||||
import com.github.sdorra.ssp.PermissionActionCheck;
|
||||
import com.google.inject.Inject;
|
||||
import com.google.inject.Singleton;
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import sonia.scm.AlreadyExistsException;
|
||||
@@ -64,8 +63,6 @@ import java.util.Collections;
|
||||
import java.util.Comparator;
|
||||
import java.util.List;
|
||||
|
||||
//~--- JDK imports ------------------------------------------------------------
|
||||
|
||||
/**
|
||||
*
|
||||
* @author Sebastian Sdorra
|
||||
@@ -157,7 +154,7 @@ public class DefaultUserManager extends AbstractUserManager
|
||||
}
|
||||
|
||||
@Override
|
||||
public void delete(User user) throws NotFoundException {
|
||||
public void delete(User user) {
|
||||
logger.info("delete user {} of type {}", user.getName(), user.getType());
|
||||
managerDaoAdapter.delete(
|
||||
user,
|
||||
@@ -193,9 +190,8 @@ public class DefaultUserManager extends AbstractUserManager
|
||||
* @throws IOException
|
||||
*/
|
||||
@Override
|
||||
public void modify(User user) throws NotFoundException {
|
||||
public void modify(User user) {
|
||||
logger.info("modify user {} of type {}", user.getName(), user.getType());
|
||||
|
||||
managerDaoAdapter.modify(
|
||||
user,
|
||||
UserPermissions::modify,
|
||||
@@ -212,7 +208,7 @@ public class DefaultUserManager extends AbstractUserManager
|
||||
* @throws IOException
|
||||
*/
|
||||
@Override
|
||||
public void refresh(User user) throws NotFoundException {
|
||||
public void refresh(User user) {
|
||||
if (logger.isInfoEnabled())
|
||||
{
|
||||
logger.info("refresh user {} of type {}", user.getName(), user.getType());
|
||||
@@ -402,6 +398,36 @@ public class DefaultUserManager extends AbstractUserManager
|
||||
|
||||
//~--- methods --------------------------------------------------------------
|
||||
|
||||
@Override
|
||||
public void changePasswordForLoggedInUser(String oldPassword, String newPassword) {
|
||||
User user = get((String) SecurityUtils.getSubject().getPrincipals().getPrimaryPrincipal());
|
||||
|
||||
if (!user.getPassword().equals(oldPassword)) {
|
||||
throw new InvalidPasswordException();
|
||||
}
|
||||
|
||||
user.setPassword(newPassword);
|
||||
|
||||
managerDaoAdapter.modify(
|
||||
user,
|
||||
UserPermissions::changePassword,
|
||||
notModified -> fireEvent(HandlerEventType.BEFORE_MODIFY, user, notModified),
|
||||
notModified -> fireEvent(HandlerEventType.MODIFY, user, notModified));
|
||||
}
|
||||
|
||||
@Override
|
||||
public void overwritePassword(String userId, String newPassword) {
|
||||
User user = get(userId);
|
||||
if (user == null) {
|
||||
throw new NotFoundException();
|
||||
}
|
||||
if (!isTypeDefault(user)) {
|
||||
throw new ChangePasswordNotAllowedException(user.getType());
|
||||
}
|
||||
user.setPassword(newPassword);
|
||||
this.modify(user);
|
||||
}
|
||||
|
||||
/**
|
||||
* Method description
|
||||
*
|
||||
|
||||
Reference in New Issue
Block a user