Package org.damour.base.client.exceptions

Examples of org.damour.base.client.exceptions.SimpleMessageException


      response.addCookie(userAuthCookie);
      response.addCookie(voterCookie);
    } else {
      destroyAuthCookies(request, response);
      if (user != null && !isAccountValidated(user)) {
        throw new SimpleMessageException("Could not login.  Account is not validated.");
      }
      throw new SimpleMessageException("Could not login.  Invalid username or password.");
    }
    return user;
  }
View Full Code Here


        if (StringUtils.isEmpty(captchaText)) {
          captchaText = "INVALID!";
        }
        Captcha captcha = (Captcha) getThreadLocalRequest().getSession().getAttribute("captcha");
        if (captcha != null && !captcha.isValid(captchaText)) {
          throw new SimpleMessageException("CAPTCHA validation failed");
        }

        User newUser = new User();
        newUser.setUsername(inUser.getUsername().toLowerCase());
        if (password != null && !"".equals(password)) {
          MD5 md5 = new MD5();
          md5.Update(password);
          newUser.setPasswordHash(md5.asHex());
        }
        if (authUser != null && authUser.isAdministrator()) {
          newUser.setAdministrator(inUser.isAdministrator());
        }
        newUser.setFirstname(inUser.getFirstname());
        newUser.setLastname(inUser.getLastname());
        newUser.setEmail(inUser.getEmail());
        newUser.setBirthday(inUser.getBirthday());
        newUser.setPasswordHint(inUser.getPasswordHint());

        newUser.setValidated(!BaseSystem.requireAccountValidation());
        if (authUser != null && authUser.isAdministrator()) {
          // admin can automatically create/validate accounts
          newUser.setValidated(true);
        }

        session.get().save(newUser);

        UserGroup userGroup = new UserGroup();
        userGroup.setName(newUser.getUsername());
        userGroup.setVisible(true);
        userGroup.setAutoJoin(false);
        userGroup.setLocked(false);
        userGroup.setOwner(newUser);

        session.get().save(userGroup);

        GroupMembership groupMembership = new GroupMembership();
        groupMembership.setUser(newUser);
        groupMembership.setUserGroup(userGroup);
        session.get().save(groupMembership);

        tx.commit();

        // if a new user is creating a new account, login if new user account is validated
        if (authUser == null && isAccountValidated(newUser)) {
          destroyAuthCookies(getThreadLocalRequest(), getThreadLocalResponse());
          if (login(session.get(), getThreadLocalRequest(), getThreadLocalResponse(), newUser.getUsername(), newUser.getPasswordHash(), true) != null) {
            return newUser;
          }
        } else if (authUser == null && !isAccountValidated(newUser)) {
          // send user a validation email, where, upon clicking the link, their account will be validated
          // the validation code in the URL will simply be a hash of their email address
          MD5 md5 = new MD5();
          md5.Update(newUser.getEmail());
          md5.Update(newUser.getPasswordHash());

          String portStr = "";
          if (getThreadLocalRequest().getLocalPort() != 80) {
            portStr = ":" + getThreadLocalRequest().getLocalPort();
          }
          String url = getThreadLocalRequest().getScheme() + "://" + getThreadLocalRequest().getServerName() + portStr + "/?u=" + newUser.getUsername() + "&v="
              + md5.asHex();

          String text = "Thank you for signing up with " + BaseSystem.getDomainName()
              + ".<BR><BR>Please confirm your account by clicking the following link:<BR><BR>";
          text += "<A HREF=\"";
          text += url;
          text += "\">" + url + "</A>";
          BaseSystem.getEmailService().sendMessage(BaseSystem.getSmtpHost(), BaseSystem.getAdminEmailAddress(), BaseSystem.getDomainName() + " validator",
              newUser.getEmail(), BaseSystem.getDomainName() + " account validation", text);
        }
        return newUser;
      } else if (authUser != null && (authUser.isAdministrator() || authUser.getId().equals(dbUser.getId()))) {
        // edit an existing account
        // the following conditions must be met to be here:
        // -authentication
        // -we are the administrator
        // -we are editing our own account
        if (password != null && !"".equals(password)) {
          MD5 md5 = new MD5();
          md5.Update(password);
          dbUser.setPasswordHash(md5.asHex());
        }
        if (authUser.isAdministrator()) {
          dbUser.setAdministrator(inUser.isAdministrator());
        }
        dbUser.setUsername(inUser.getUsername());
        dbUser.setFirstname(inUser.getFirstname());
        dbUser.setLastname(inUser.getLastname());
        dbUser.setEmail(inUser.getEmail());
        dbUser.setBirthday(inUser.getBirthday());
        dbUser.setPasswordHint(inUser.getPasswordHint());

        // only admin can validate directly
        if (authUser.isAdministrator()) {
          dbUser.setValidated(inUser.isValidated());
        }

        session.get().save(dbUser);
        tx.commit();

        // if we are editing our own account, then re-authenticate
        if (authUser.getId().equals(dbUser.getId())) {
          destroyAuthCookies(getThreadLocalRequest(), getThreadLocalResponse());
          if (login(session.get(), getThreadLocalRequest(), getThreadLocalResponse(), dbUser.getUsername(), dbUser.getPasswordHash(), true) != null) {
            return dbUser;
          }
        }
        return dbUser;
      }
      throw new SimpleMessageException("Could not edit account.");
    } catch (Exception ex) {
      Logger.log(ex);
      try {
        tx.rollback();
      } catch (Exception exx) {
      }
      if (ex.getCause() != null) {
        throw new SimpleMessageException(ex.getCause().getMessage());
      } else {
        throw new SimpleMessageException(ex.getMessage());
      }
    }
  }
View Full Code Here

  }

  public String getLoginHint(String username) throws SimpleMessageException {
    User user = UserHelper.getUser(session.get(), username.toLowerCase());
    if (user == null) {
      throw new SimpleMessageException("Could not get login hint.");
    }
    return user.getPasswordHint();
  }
View Full Code Here

  }

  public List<User> getUsers(UserGroup group) throws SimpleMessageException {
    User authUser = getAuthenticatedUser(session.get());
    if (authUser == null) {
      throw new SimpleMessageException("User is not authenticated.");
    }
    group = (UserGroup) session.get().load(UserGroup.class, group.getId());
    // only the group owner, group members and administrator can see the users in a group
    if (authUser.isAdministrator() || authUser.equals(group.getOwner())) {
      return SecurityHelper.getUsersInUserGroup(session.get(), group);
    }
    // now check the groups for the user against the group
    List<GroupMembership> memberships = SecurityHelper.getGroupMemberships(session.get(), authUser);
    if (memberships.contains(group)) {
      return SecurityHelper.getUsersInUserGroup(session.get(), group);
    }
    throw new SimpleMessageException("User is not authorized to list users in group.");
  }
View Full Code Here

  public GroupMembership addUserToGroup(User user, UserGroup group) throws SimpleMessageException {
    Transaction tx = null;
    try {
      User authUser = getAuthenticatedUser(session.get());
      if (authUser == null) {
        throw new SimpleMessageException("Could not join group, attempt to join with unauthorized client.");
      }
      group = (UserGroup) session.get().load(UserGroup.class, group.getId());
      user = (User) session.get().load(User.class, user.getId());

      if (group == null || user == null) {
        throw new SimpleMessageException("Could not join group, user and group not found.");
      }

      // the group owner and an administrator may add users to groups without obeying the 'lock'
      if (group.isLocked() && !authUser.isAdministrator() && !group.getOwner().getId().equals(authUser.getId())) {
        throw new SimpleMessageException("This group is currently not accepting new members.");
      }

      if (authUser.isAdministrator() || group.isAutoJoin() || group.getOwner().getId().equals(authUser.getId())) {
        tx = session.get().beginTransaction();
        GroupMembership groupMembership = new GroupMembership();
        groupMembership.setUser(user);
        groupMembership.setUserGroup(group);
        session.get().save(groupMembership);
        tx.commit();
        return groupMembership;
      } else if (!group.isAutoJoin()) {
        tx = session.get().beginTransaction();
        PendingGroupMembership groupMembership = new PendingGroupMembership();
        groupMembership.setUser(user);
        groupMembership.setUserGroup(group);
        session.get().save(groupMembership);
        tx.commit();
        // send email to group owner
        BaseSystem.getEmailService().sendMessage(BaseSystem.getSmtpHost(), BaseSystem.getAdminEmailAddress(), BaseSystem.getAdminEmailAddress(),
            group.getOwner().getEmail(), "Group join request from " + user.getUsername(),
            "[" + BaseSystem.getDomainName() + "] " + user.getUsername() + " has requested permission to join your group " + group.getName());
        throw new SimpleMessageException("Could not join group, request submitted to group owner.");
      }
      throw new SimpleMessageException("Could not join group.");
    } catch (org.hibernate.exception.ConstraintViolationException e) {
      try {
        tx.rollback();
      } catch (Throwable tt) {
      }
      throw new SimpleMessageException("Could not join group, user already a member or add request pending.");
    }
  }
View Full Code Here

  public List<PendingGroupMembership> getPendingGroupMemberships(User user) throws SimpleMessageException {
    try {
      User authUser = getAuthenticatedUser(session.get());
      if (authUser == null) {
        throw new SimpleMessageException("Could not join group, attempt to join with unauthorized client.");
      }
      user = (User) session.get().load(User.class, user.getId());

      if (user == null) {
        throw new SimpleMessageException("Could not get pending groups for supplied user.");
      }

      if (authUser.isAdministrator() || user.getId().equals(authUser.getId())) {
        // remember, administrator owns all
        return SecurityHelper.getPendingGroupMemberships(session.get(), user);
      } else {
        throw new SimpleMessageException("Could not get pending group memberships.");
      }

    } catch (Throwable t) {
      throw new SimpleMessageException(t.getMessage());
    }
  }
View Full Code Here

  public List<PendingGroupMembership> submitPendingGroupMembershipApproval(User user, Set<PendingGroupMembership> members, boolean approve)
      throws SimpleMessageException {

    if (members == null || members.size() == 0) {
      throw new SimpleMessageException("List of members provided was empty.");
    }

    if (user == null) {
      throw new SimpleMessageException("User not supplied.");
    }

    Transaction tx = session.get().beginTransaction();
    try {
      User authUser = getAuthenticatedUser(session.get());
      if (authUser == null) {
        throw new SimpleMessageException("Cannot approve or deny requests without authentication.");
      }

      // only the authenticated: admin or user themselves
      if (authUser.isAdministrator() || user.getId().equals(authUser.getId())) {
        for (PendingGroupMembership pendingGroupMembership : members) {
          // if we are the admin or to be sure that the user actually owns the group for this pending request
          if (authUser.isAdministrator() || user.getId().equals(pendingGroupMembership.getUserGroup().getOwner().getId())) {
            // approve/deny request
            if (approve) {
              GroupMembership realGroupMembership = new GroupMembership();
              realGroupMembership.setUser(pendingGroupMembership.getUser());
              realGroupMembership.setUserGroup(pendingGroupMembership.getUserGroup());
              session.get().save(realGroupMembership);
            }
            session.get().delete(pendingGroupMembership);
          }
        }
        tx.commit();
        // send back the new list
        return SecurityHelper.getPendingGroupMemberships(session.get(), user);
      } else {
        throw new SimpleMessageException("Cannot approve or deny requests without proper authentication.");
      }
    } catch (Throwable t) {
      Logger.log(t);
      try {
        tx.rollback();
      } catch (Throwable tt) {
      }
      throw new SimpleMessageException(t.getMessage());
    }
  }
View Full Code Here

          // new group
          // before we save, let's make sure the user doesn't already have a group by this name
          List<UserGroup> existingGroups = SecurityHelper.getOwnedUserGroups(session.get(), group.getOwner());
          for (UserGroup existingGroup : existingGroups) {
            if (existingGroup.getName().equalsIgnoreCase(group.getName())) {
              throw new SimpleMessageException("A group already exists with this name.");
            }
          }
          session.get().save(group);
          // default is to create membership for the owner
          GroupMembership groupMembership = new GroupMembership();
          groupMembership.setUser(group.getOwner());
          groupMembership.setUserGroup(group);
          session.get().save(groupMembership);
        } else {
          // let's make sure that if we are changing the group name that
          // the only group with this name (for the group owner) is this group
          session.get().saveOrUpdate(group);
        }

        tx.commit();
        return group;
      }
      return null;
    } catch (Throwable t) {
      try {
        tx.rollback();
      } catch (Throwable tt) {
      }
      throw new SimpleMessageException(t.getMessage());
    }
  }
View Full Code Here

  }

  public void deleteUser(User user, UserGroup group) throws SimpleMessageException {
    User authUser = getAuthenticatedUser(session.get());
    if (authUser == null) {
      throw new SimpleMessageException("Could not remove user from group, attempt made with unauthorized client.");
    }
    group = (UserGroup) session.get().load(UserGroup.class, group.getId());
    user = (User) session.get().load(User.class, user.getId());

    if (group == null || user == null) {
      throw new SimpleMessageException("Could not remove user from group, user or group not found.");
    }

    if (authUser.isAdministrator() || group.isAutoJoin() || group.getOwner().getId().equals(authUser.getId())) {
      Transaction tx = session.get().beginTransaction();
      GroupMembership groupMembership = SecurityHelper.getGroupMembership(session.get(), user, group);
View Full Code Here

      Transaction tx = session.get().beginTransaction();
      group = (UserGroup) session.get().load(UserGroup.class, group.getId());
      SecurityHelper.deleteUserGroup(session.get(), group);
      tx.commit();
    } else {
      throw new SimpleMessageException("Could not delete group, insufficient privilidges.");
    }
  }
View Full Code Here

TOP

Related Classes of org.damour.base.client.exceptions.SimpleMessageException

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.