Examples of org.myphotodiary.model.User

org.myphotodiary.model.User

   * @param session
   * @param authDataReq
   * @return
   */
  private JsonAuthData.Rsp login(HttpSession session, JsonAuthData.Req authDataReq) {
    User user = null;
    EntityManager em = null;
    String userName = null;
    String userPwd = null;
    JsonAuthData.Rsp authDataRsp = new JsonAuthData.Rsp(false);
    
    try {
      em = ModelFactory.getEntityManager();
      
      // 1) check first if a known user is already logged-in
      try {
        user = (User) session.getAttribute(Configuration.userAttribute);
        if (user != null) {
          user = em.find(User.class, user.getUserName());
          if (user != null) {
            // logged-in, return OK
            authDataRsp.setAuthenticated(true);
            return authDataRsp;
          }
        }
      }
      catch(Exception ex) {
        // Not logged-in yet
      }


      // 2) Not logged-in => check if user credentials are good
      userName = (authDataReq.getUser() == null ? "" : authDataReq.getUser().trim());
      userPwd = (authDataReq.getPwd() == null ? "" : authDataReq.getPwd().trim());
      if ("".equals(userName)) {
        getServletContext().log("Authentication failure, missing user name");
        return authDataRsp;
      }


      user = em.find(User.class, userName);
      
      if (user == null) {
        String msg = "Authentication failure, unknown user name: " + userName;
        getServletContext().log(msg);
        throw new AuthenticationException(msg);
      }
      if (userPwd.equals(user.getPassword())) {
        getServletContext().log("Authentication sucess for user: " + userName);
        session.setAttribute(Configuration.userAttribute, user);
        authDataRsp.setAuthenticated(true);
        return authDataRsp;
      }

View Full Code Here

      JsonUserAdminCmd.RecordRsp jsonRsp = new JsonUserAdminCmd.RecordRsp();
      try {
        // RBAC
        AccessController.checkAuthorization(request, Action.createUser, null);
        
        User user = ModelFactory.createUser(request, getServletContext(), null, null);
        jsonRsp.setResult("OK");
        jsonRsp.setRecord(user);
      }
      catch (ModelException ex) {
        getServletContext().log("User creation failure", ex);

View Full Code Here

    if ("".equals(userName)) {
      getServletContext().log("Authentication failure, missing user name");
      return authDataRsp;
    }
    // Try to authenticate new user
    User user = null;
    EntityManager em = null;
    
    try {
      em = ModelFactory.getEntityManager();


      // Check if userName exists
      user = em.find(User.class, userName);
      
      if (user == null) {
        String msg = "Authentication failure, unknown user name: " + userName;
        getServletContext().log(msg);
        throw new AuthenticationException(msg);
      }
      if (userPwd.equals(user.getPassword())) {
        getServletContext().log("Authentication sucess for user: " + userName);
        session.setAttribute(Configuration.userAttribute, user);
        authDataRsp.setAuthenticated(true);
        return authDataRsp;
      }

View Full Code Here

    HttpSession session = req.getSession(false);
    if (session == null) {
      throw new AuthenticationException("No user session");
    }
    // Check that user is properly authenticated
    User user = (User) session.getAttribute(Configuration.userAttribute);
    if (user == null) {
      throw new AuthenticationException("No authenticated user");
    }
    if (path == null) {
      throw new BadRequestException("Invalid resource path");
    }


    // Check if that directory path is indexed
    Directory directory;
    boolean closeEm = false;
    if (em == null) {
      em = ModelFactory.getEntityManager();
      closeEm = true;
    }
    try {
      try {
        directory = em
            .createQuery(
                "select directory from Directory directory where directory.path = ?1",
                Directory.class).setParameter(1, path)
            .getSingleResult();
      } catch (NoResultException ex) {
        // non indexed directories are public (to allow navigation)
        return;
      }


      // Refresh user and roles assignment
      List<RoleAssignment> roles;
      try {
        user = em.find(User.class, user.getUserName());
        roles = user.getRoleAssignments();
      } catch (NoResultException ex) {
        // User is no longer registered,
        throw new AuthenticationException("Unknown user");
      }


      // Check if directory group can be accessed by this user
      for (RoleAssignment roleAssignment : roles) {
        if (!roleAssignment.getGroupName().equals(directory.getGroup().getGroupName())) {
          continue;
        }
        Role.isPermitted(roleAssignment.getRole(), action);
        return;
      }
    } finally {
      if (closeEm) {
        // Close method managed EntityManager
        em.close();
      }
    }


    throw new AuthorizationException("Unauthorized user " + user.getUserName() + " for path " + path);
  }

View Full Code Here

    HttpSession session = req.getSession(false);
    if (session == null) {
      throw new AuthenticationException("No user session");
    }
    // Check that user is properly authenticated
    User user = (User) session.getAttribute(Configuration.userAttribute);
    if (user == null) {
      throw new AuthenticationException("No authenticated user");
    }


    // Non indexed directories are public
    if (directory == null) {
      return;
    }
    
    boolean closeEm = false;
    if (em == null) {
      em = ModelFactory.getEntityManager();
      closeEm = true;
    }
    try {
      // Refresh user and roles assignment
      List<RoleAssignment> roles;
      try {
        user = em.find(User.class, user.getUserName());
        roles = user.getRoleAssignments();
      } catch (NoResultException ex) {
        // User is no longer registered,
        throw new AuthenticationException("Unknown user");
      }


      // Check if directory group can be accessed by this user
      for (RoleAssignment roleAssignment : roles) {
        if (!roleAssignment.getGroupName().equals(directory.getGroup().getGroupName())) {
          continue;
        }
        Role.isPermitted(roleAssignment.getRole(), action);
        return;
      }
    } finally {
      if (closeEm) {
        // Close method managed EntityManager
        em.close();
      }
    }


    throw new AuthorizationException("Unauthorized user " + user.getUserName() + " for path " + directory.getPath());
  }

View Full Code Here

    HttpSession session = req.getSession(false);
    if (session == null) {
      throw new AuthenticationException("No user session");
    }
    // Check that user is properly authenticated
    User user = (User) session.getAttribute(Configuration.userAttribute);
    if (user == null) {
      throw new AuthenticationException("No authenticated user");
    }
    if (group == null) {
      throw new AuthorizationException("Unknown group");
    }
    String groupName = group.getGroupName();


    boolean closeEm = false;
    if (em == null) {
      em = ModelFactory.getEntityManager();
      closeEm = true;
    }
    try {
      // Refresh user and roles assignment
      List<RoleAssignment> roles;
      try {
        user = em.find(User.class, user.getUserName());
        roles = user.getRoleAssignments();
      } catch (NoResultException ex) {
        // User is no longer registered,
        throw new AuthenticationException("Unknown user");
      }


      // Check if directory group can be accessed by this user
      for (RoleAssignment roleAssignment : roles) {
        if (!roleAssignment.getGroupName().equals(groupName)) {
          continue;
        }
        Role.isPermitted(roleAssignment.getRole(), action);
        return;
      }
    } finally {
      if (closeEm) {
        // Close method managed EntityManager
        em.close();
      }
    }


    throw new AuthorizationException("Unauthorized user " + user.getUserName() + " for group " + groupName);
  }

View Full Code Here

    HttpSession session = req.getSession(false);
    if (session == null) {
      throw new AuthenticationException("No user session");
    }
    // Check that user is properly authenticated
    User user = (User) session.getAttribute(Configuration.userAttribute);
    if (user == null) {
      throw new AuthenticationException("No authenticated user");
    }


    boolean closeEm = false;
    if (em == null) {
      em = ModelFactory.getEntityManager();
      closeEm = true;
    }
    try {
      // Refresh user and roles assignment
      List<RoleAssignment> roles;
      try {
        user = em.find(User.class, user.getUserName());
        roles = user.getRoleAssignments();
      } catch (NoResultException ex) {
        // User is no longer registered,
        throw new AuthenticationException("Unknown user");
      }


      // Check if directory group can be accessed by this user
      for (RoleAssignment roleAssignment : roles) {
        Role.isPermitted(roleAssignment.getRole(), action);
        return;
      }
    } finally {
      if (closeEm) {
        // Close method managed EntityManager
        em.close();
      }
    }


    throw new AuthorizationException("Unauthorized user " + user.getUserName() + " for group ALL ");
  }

View Full Code Here

0 1

TOP

Related Classes of org.myphotodiary.model.User

org.myphotodiary.svr.AccessController

org.myphotodiary.svr.AuthenticationSvr

org.myphotodiary.svr.SessionConfigurationSvr

org.myphotodiary.svr.UserAdminSvr

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.