| | |
|---|
| | | private static final String USER = "user";
|
|---|
| | |
|
|---|
| | | private static final String PASSWORD = "password";
|
|---|
| | | |
|---|
| | | private static final String DISPLAYNAME = "displayName";
|
|---|
| | | |
|---|
| | | private static final String EMAILADDRESS = "emailAddress";
|
|---|
| | | |
|---|
| | | private static final String COOKIE = "cookie";
|
|---|
| | |
|
|---|
| | | private static final String REPOSITORY = "repository";
|
|---|
| | |
|
|---|
| | |
|---|
| | | public boolean supportsCredentialChanges() {
|
|---|
| | | return true;
|
|---|
| | | }
|
|---|
| | | |
|---|
| | |
|
|---|
| | | /**
|
|---|
| | | * Does the user service support changes to user display name?
|
|---|
| | | * |
|---|
| | | * @return true or false
|
|---|
| | | * @since 1.0.0
|
|---|
| | | */
|
|---|
| | | @Override
|
|---|
| | | public boolean supportsDisplayNameChanges() {
|
|---|
| | | return true;
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | /**
|
|---|
| | | * Does the user service support changes to user email address?
|
|---|
| | | * |
|---|
| | | * @return true or false
|
|---|
| | | * @since 1.0.0
|
|---|
| | | */
|
|---|
| | | @Override
|
|---|
| | | public boolean supportsEmailAddressChanges() {
|
|---|
| | | return true;
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | /**
|
|---|
| | | * Does the user service support changes to team memberships?
|
|---|
| | | *
|
|---|
| | |
|---|
| | | * @return cookie value
|
|---|
| | | */
|
|---|
| | | @Override
|
|---|
| | | public char[] getCookie(UserModel model) {
|
|---|
| | | public String getCookie(UserModel model) {
|
|---|
| | | if (!StringUtils.isEmpty(model.cookie)) {
|
|---|
| | | return model.cookie;
|
|---|
| | | }
|
|---|
| | | read();
|
|---|
| | | UserModel storedModel = users.get(model.username.toLowerCase());
|
|---|
| | | String cookie = StringUtils.getSHA1(model.username + storedModel.password);
|
|---|
| | | return cookie.toCharArray();
|
|---|
| | | return storedModel.cookie;
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | /**
|
|---|
| | |
|---|
| | | */
|
|---|
| | | @Override
|
|---|
| | | public boolean updateUserModel(String username, UserModel model) {
|
|---|
| | | UserModel originalUser = null;
|
|---|
| | | try {
|
|---|
| | | read();
|
|---|
| | | UserModel oldUser = users.remove(username.toLowerCase());
|
|---|
| | | originalUser = users.remove(username.toLowerCase());
|
|---|
| | | users.put(model.username.toLowerCase(), model);
|
|---|
| | | // null check on "final" teams because JSON-sourced UserModel
|
|---|
| | | // can have a null teams object
|
|---|
| | |
|---|
| | | }
|
|---|
| | |
|
|---|
| | | // check for implicit team removal
|
|---|
| | | if (oldUser != null) {
|
|---|
| | | for (TeamModel team : oldUser.teams) {
|
|---|
| | | if (originalUser != null) {
|
|---|
| | | for (TeamModel team : originalUser.teams) {
|
|---|
| | | if (!model.isTeamMember(team.name)) {
|
|---|
| | | team.removeUser(username);
|
|---|
| | | }
|
|---|
| | |
|---|
| | | write();
|
|---|
| | | return true;
|
|---|
| | | } catch (Throwable t) {
|
|---|
| | | if (originalUser != null) {
|
|---|
| | | // restore original user
|
|---|
| | | users.put(originalUser.username.toLowerCase(), originalUser);
|
|---|
| | | } else {
|
|---|
| | | // drop attempted add
|
|---|
| | | users.remove(model.username.toLowerCase());
|
|---|
| | | }
|
|---|
| | | logger.error(MessageFormat.format("Failed to update user model {0}!", model.username),
|
|---|
| | | t);
|
|---|
| | | }
|
|---|
| | |
|---|
| | | */
|
|---|
| | | @Override
|
|---|
| | | public boolean updateTeamModel(String teamname, TeamModel model) {
|
|---|
| | | TeamModel original = null;
|
|---|
| | | try {
|
|---|
| | | read();
|
|---|
| | | teams.remove(teamname.toLowerCase());
|
|---|
| | | original = teams.remove(teamname.toLowerCase());
|
|---|
| | | teams.put(model.name.toLowerCase(), model);
|
|---|
| | | write();
|
|---|
| | | return true;
|
|---|
| | | } catch (Throwable t) {
|
|---|
| | | if (original != null) {
|
|---|
| | | // restore original team
|
|---|
| | | teams.put(original.name.toLowerCase(), original);
|
|---|
| | | } else {
|
|---|
| | | // drop attempted add
|
|---|
| | | teams.remove(model.name.toLowerCase());
|
|---|
| | | }
|
|---|
| | | logger.error(MessageFormat.format("Failed to update team model {0}!", model.name), t);
|
|---|
| | | }
|
|---|
| | | return false;
|
|---|
| | |
|---|
| | | if (!StringUtils.isEmpty(model.password)) {
|
|---|
| | | config.setString(USER, model.username, PASSWORD, model.password);
|
|---|
| | | }
|
|---|
| | | if (!StringUtils.isEmpty(model.cookie)) {
|
|---|
| | | config.setString(USER, model.username, COOKIE, model.cookie);
|
|---|
| | | }
|
|---|
| | | if (!StringUtils.isEmpty(model.displayName)) {
|
|---|
| | | config.setString(USER, model.username, DISPLAYNAME, model.displayName);
|
|---|
| | | }
|
|---|
| | | if (!StringUtils.isEmpty(model.emailAddress)) {
|
|---|
| | | config.setString(USER, model.username, EMAILADDRESS, model.emailAddress);
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | // user roles
|
|---|
| | | List<String> roles = new ArrayList<String>();
|
|---|
| | | if (model.canAdmin) {
|
|---|
| | | roles.add(Constants.ADMIN_ROLE);
|
|---|
| | | }
|
|---|
| | | if (model.canFork) {
|
|---|
| | | roles.add(Constants.FORK_ROLE);
|
|---|
| | | }
|
|---|
| | | if (model.excludeFromFederation) {
|
|---|
| | | roles.add(Constants.NOT_FEDERATED_ROLE);
|
|---|
| | | }
|
|---|
| | | if (roles.size() == 0) {
|
|---|
| | | // we do this to ensure that user record with no password
|
|---|
| | | // is written. otherwise, StoredConfig optimizes that account
|
|---|
| | | // away. :(
|
|---|
| | | roles.add(Constants.NO_ROLE);
|
|---|
| | | }
|
|---|
| | | config.setStringList(USER, model.username, ROLE, roles);
|
|---|
| | |
|
|---|
| | |
|---|
| | | Set<String> usernames = config.getSubsections(USER);
|
|---|
| | | for (String username : usernames) {
|
|---|
| | | UserModel user = new UserModel(username.toLowerCase());
|
|---|
| | | user.password = config.getString(USER, username, PASSWORD);
|
|---|
| | | user.password = config.getString(USER, username, PASSWORD); |
|---|
| | | user.displayName = config.getString(USER, username, DISPLAYNAME);
|
|---|
| | | user.emailAddress = config.getString(USER, username, EMAILADDRESS);
|
|---|
| | | user.cookie = config.getString(USER, username, COOKIE);
|
|---|
| | | if (StringUtils.isEmpty(user.cookie) && !StringUtils.isEmpty(user.password)) {
|
|---|
| | | user.cookie = StringUtils.getSHA1(user.username + user.password);
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | // user roles
|
|---|
| | | Set<String> roles = new HashSet<String>(Arrays.asList(config.getStringList(
|
|---|
| | | USER, username, ROLE)));
|
|---|
| | | user.canAdmin = roles.contains(Constants.ADMIN_ROLE);
|
|---|
| | | user.canFork = roles.contains(Constants.FORK_ROLE);
|
|---|
| | | user.excludeFromFederation = roles.contains(Constants.NOT_FEDERATED_ROLE);
|
|---|
| | |
|
|---|
| | | // repository memberships
|
|---|
| | |
|---|
| | |
|
|---|
| | | // update cache
|
|---|
| | | users.put(user.username, user);
|
|---|
| | | cookies.put(StringUtils.getSHA1(user.username + user.password), user);
|
|---|
| | | if (!StringUtils.isEmpty(user.cookie)) {
|
|---|
| | | cookies.put(user.cookie, user);
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | // load the teams
|
|---|
