Examples of net.webpasswordsafe.common.model.User

• net.webpasswordsafe.common.model.User
  Domain model POJO for a user @author Josh Drummond

    }

    @Transactional(propagation=Propagation.REQUIRED)
    private void verifyAdminUserExists()
    {
        User adminUser = getAdminUser();
        if (null == adminUser)
        {
            adminUser = User.newActiveUser(ADMIN_USER_NAME, ADMIN_USER_NAME, ADMIN_USER_NAME,
                    ADMIN_USER_NAME+"@"+ADMIN_USER_NAME+".com");
            adminUser.addGroup(getEveryoneGroup());
            addUserInternal(adminUser);
        }
    }

    @Override
    @Transactional(propagation=Propagation.REQUIRED)
    public void addGroup(Group group)
    {
        Date now = new Date();
        User loggedInUser = getLoggedInUser();
        if (authorizer.isAuthorized(loggedInUser, Function.ADD_GROUP.name()))
        {
            addGroupInternal(group);
        }
        else

        {
            ServerSessionUtil.setIP(request.getRemoteAddr());
            boolean isAuthnValid = loginService.login(authnUsername, authnPassword);
            if (isAuthnValid)
            {
                User user = new User();
                user.setUsername(Utils.safeString(userMap.get("username")));
                user.updateAuthnPasswordValue(Utils.safeString(userMap.get("password")));
                user.setFullname(Utils.safeString(userMap.get("fullname")));
                user.setEmail(Utils.safeString(userMap.get("email")));
                String activeFlag = Utils.safeString(userMap.get("active")).toLowerCase();
                user.setActiveFlag(activeFlag.equals("true") || activeFlag.equals("yes") || activeFlag.equals("y"));

                boolean isUserTaken = userService.isUserTaken(user.getUsername());
                if (!isUserTaken)
                {
                    userService.addUser(user);
                    userId = String.valueOf(user.getId());
                    isSuccess = true;
                }
                else
                {
                    message = "Username already exists";

        {
            ServerSessionUtil.setIP(request.getRemoteAddr());
            boolean isAuthnValid = loginService.login(authnUsername, authnPassword);
            if (isAuthnValid)
            {
                User loggedInUser = loginService.getLogin();
                Password password = new Password();
                password.setName(Utils.safeString(passwordMap.get("title")));
                password.setUsername(Utils.safeString(passwordMap.get("username")));
                PasswordData passwordDataItem = new PasswordData();
                passwordDataItem.setPassword(Utils.safeString(passwordMap.get("password")));

    @Transactional(propagation=Propagation.REQUIRED)
    public void addPassword(Password password)
    {
        Date now = new Date();
        String action = "add password";
        User loggedInUser = getLoggedInUser();
        if (authorizer.isAuthorized(loggedInUser, Function.ADD_PASSWORD.name()))
        {
            if (password.getPermissions().size() > 0)
            {
                password.setUserCreated(loggedInUser);
                password.setDateCreated(now);
                password.setUserLastUpdate(loggedInUser);
                password.setDateLastUpdate(now);
                password.getCurrentPasswordData().setUserCreated(loggedInUser);
                password.getCurrentPasswordData().setDateCreated(now);
                password.getCurrentPasswordData().setPassword(encryptor.encrypt(password.getCurrentPasswordData().getPassword()));

                // update tags
                Set<Tag> tags = new HashSet<Tag>(password.getTags());
                password.removeTags();
                for (Tag tag : tags)
                {
                    Tag pTag = tagDAO.findTagByName(tag.getName());
                    if (null != pTag)
                    {
                        password.addTag(pTag);
                    }
                    else
                    {
                        password.addTag(tag);
                    }
                }

                passwordDAO.makePersistent(password);
                auditLogger.log(now, loggedInUser.getUsername(), ServerSessionUtil.getIP(), action, passwordTarget(password), true, "");
            }
            else
            {
                auditLogger.log(now, ServerSessionUtil.getUsername(), ServerSessionUtil.getIP(), action, passwordTarget(password), false, "missing permissions");
                throw new RuntimeException("Missing Permissions");

    public void updatePassword(Password updatePassword)
    {
        LOG.debug("updating password");
        Date now = new Date();
        String action = "update password";
        User loggedInUser = getLoggedInUser();
        Password password = passwordDAO.findAllowedPasswordById(updatePassword.getId(), loggedInUser, AccessLevel.WRITE);
        if (password != null)
        {
            if (updatePassword.getPermissions().size() > 0)
            {
                String passwordMessage = (updatePassword.getName().equals(password.getName())) ? "" : ("was: "+passwordTarget(password));
                // update simple fields
                password.setName(updatePassword.getName());
                password.setUsername(updatePassword.getUsername());
                password.setNotes(updatePassword.getNotes());
                password.setDateLastUpdate(now);
                password.setUserLastUpdate(loggedInUser);
                password.setActive(updatePassword.isActive());
                password.setMaxHistory(updatePassword.getMaxHistory());

                // update tags
                password.removeTags();
                for (Tag tag : updatePassword.getTags())
                {
                    Tag pTag = tagDAO.findTagByName(tag.getName());
                    if (null != pTag)
                    {
                        password.addTag(pTag);
                    }
                    else
                    {
                        password.addTag(tag);
                    }
                }

                // update password data, push others back in history if applicable
                PasswordData updatePasswordData = updatePassword.getCurrentPasswordData();
                String updatePasswordVal = updatePasswordData.getPassword();
                // if user entered a password value and its not the same as the current one...
                if (!"".equals(updatePasswordVal))
                {
                    String currentPasswordVal = encryptor.decrypt(password.getCurrentPasswordData().getPassword());
                    if (!updatePasswordVal.equals(currentPasswordVal))
                    {
                        updatePasswordData.setUserCreated(loggedInUser);
                        updatePasswordData.setDateCreated(now);
                        updatePasswordData.setPassword(encryptor.encrypt(updatePasswordVal));
                        password.addPasswordData(updatePasswordData);
                    }
                }
                // trim history if not infinite
                password.pruneDataHistory();

                // update permissions if allowed to grant
                if (passwordDAO.findAllowedPasswordById(updatePassword.getId(), loggedInUser, AccessLevel.GRANT) != null)
                {
                    // keep the permissions that haven't changed
                    password.getPermissions().retainAll(updatePassword.getPermissions());
                    // add the permissions that have changed
                    for (Permission permission : updatePassword.getPermissions())
                    {
                        if (permission.getId() == 0)
                        {
                            password.addPermission(permission);
                        }
                    }
                }
                else
                {
                    LOG.debug("no access to grant permissions");
                }
                auditLogger.log(now, loggedInUser.getUsername(), ServerSessionUtil.getIP(), action, passwordTarget(updatePassword), true, passwordMessage);
            }
            else
            {
                auditLogger.log(now, loggedInUser.getUsername(), ServerSessionUtil.getIP(), action, passwordTarget(updatePassword), false, "missing permissions");
                throw new RuntimeException("Missing Permissions");
            }
        }
        else
        {
            auditLogger.log(now, loggedInUser.getUsername(), ServerSessionUtil.getIP(), action, passwordTarget(updatePassword), false, "write access denied");
        }
    }

    @Transactional(propagation=Propagation.REQUIRED, readOnly=true)
    public List<Password> searchPassword(String query, boolean activeOnly, Collection<Tag> tags, Match tagMatch)
    {
        query = Utils.safeString(query);
        Date now = new Date();
        User loggedInUser = getLoggedInUser();
        List<Password> passwords = passwordDAO.findPasswordByFuzzySearch(query, loggedInUser, activeOnly, tags, tagMatch);
        auditLogger.log(now, loggedInUser.getUsername(), ServerSessionUtil.getIP(), "search password", "query=["+query+"] activeOnly=["+activeOnly+"] tags=["+tags+"] tagMatch=["+tagMatch+"]", true, "found "+passwords.size());
        return passwords;
    }

        return clientSessionUtil;
    }

    private ClientSessionUtil()
    {
        user = new User();
        isLoggedIn = false;
        authorizations = new HashMap<Function, Boolean>();
        reports = new ArrayList<Map<String,Object>>();
    }

    public String getCurrentPassword(long passwordId)
    {
        String currentPasswordValue = "";
        Date now = new Date();
        String action = "get current password value";
        User loggedInUser = getLoggedInUser();
        Password password = passwordDAO.findAllowedPasswordById(passwordId, loggedInUser, AccessLevel.READ);
        if (password != null)
        {
            auditLogger.log(now, loggedInUser.getUsername(), ServerSessionUtil.getIP(), action, passwordTarget(password), true, "");
            currentPasswordValue = encryptor.decrypt(password.getCurrentPasswordData().getPassword());
            createPasswordAccessAuditEntry(password, loggedInUser);
        }
        else
        {
            auditLogger.log(now, loggedInUser.getUsername(), ServerSessionUtil.getIP(), action, passwordTarget(passwordId), false, "invalid id or no access");
        }
        return currentPasswordValue;
    }

    @Transactional(propagation=Propagation.REQUIRED, readOnly=true)
    public Password getPassword(long passwordId)
    {
        Date now = new Date();
        String action = "get password";
        User loggedInUser = getLoggedInUser();
        Password password = passwordDAO.findAllowedPasswordById(passwordId, loggedInUser, AccessLevel.READ);
        if (password != null)
        {
            password.setMaxEffectiveAccessLevel(passwordDAO.getMaxEffectiveAccessLevel(password, loggedInUser));
            auditLogger.log(now, loggedInUser.getUsername(), ServerSessionUtil.getIP(), action, passwordTarget(password), true, "");
        }
        else
        {
            auditLogger.log(now, loggedInUser.getUsername(), ServerSessionUtil.getIP(), action, passwordTarget(passwordId), false, "invalid id or no access");
        }
        return password;
    }