You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@usergrid.apache.org by sn...@apache.org on 2016/02/04 18:57:36 UTC
[12/50] [abbrv] usergrid git commit: USERGRID-1241: org-specific
redirection handling
USERGRID-1241: org-specific redirection handling
Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/fbac7e84
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/fbac7e84
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/fbac7e84
Branch: refs/heads/asf-site
Commit: fbac7e84802459be44d588465ceb97817e40f560
Parents: 586dad0
Author: Mike Dunker <md...@apigee.com>
Authored: Wed Jan 27 16:24:54 2016 -0800
Committer: Mike Dunker <md...@apigee.com>
Committed: Wed Jan 27 16:24:54 2016 -0800
----------------------------------------------------------------------
.../main/resources/usergrid-default.properties | 5 ++
.../usergrid/rest/AbstractContextResource.java | 52 +++++++++++++++-
.../rest/applications/ApplicationResource.java | 10 ++--
.../rest/applications/ServiceResource.java | 12 ++--
.../rest/applications/users/UserResource.java | 41 ++++++-------
.../rest/applications/users/UsersResource.java | 14 ++---
.../rest/management/ManagementResource.java | 5 +-
.../organizations/OrganizationResource.java | 14 ++---
.../rest/management/users/UserResource.java | 62 ++++++++++++--------
.../usergrid/management/ManagementService.java | 13 ++++
.../usergrid/management/OrganizationConfig.java | 27 +++++----
.../management/OrganizationConfigProps.java | 4 ++
.../cassandra/ManagementServiceImpl.java | 44 ++++++++++++--
.../cassandra/OrganizationConfigPropsImpl.java | 45 +++++++++++---
14 files changed, 252 insertions(+), 96 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/config/src/main/resources/usergrid-default.properties
----------------------------------------------------------------------
diff --git a/stack/config/src/main/resources/usergrid-default.properties b/stack/config/src/main/resources/usergrid-default.properties
index 915d798..94d02ff 100644
--- a/stack/config/src/main/resources/usergrid-default.properties
+++ b/stack/config/src/main/resources/usergrid-default.properties
@@ -658,6 +658,11 @@ usergrid.admin.sysadmin.email=
usergrid.api.url.base=http://localhost:8080/ROOT
+# org config property name regex
+# don't use backslashes in the regex, as they don't play well in properties files
+# instead, use character class ([.] instead of backslash-period)
+usergrid.org.config.property.regex=usergrid[.]view[.].*
+
########################### Usergrid Email Templates ########################
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/rest/src/main/java/org/apache/usergrid/rest/AbstractContextResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/AbstractContextResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/AbstractContextResource.java
index 68c894b..1d86631 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/AbstractContextResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/AbstractContextResource.java
@@ -25,6 +25,7 @@ import net.tanesha.recaptcha.ReCaptcha;
import net.tanesha.recaptcha.ReCaptchaFactory;
import org.apache.commons.lang.StringUtils;
import org.apache.usergrid.management.ManagementService;
+import org.apache.usergrid.management.OrganizationConfig;
import org.apache.usergrid.mq.QueueManagerFactory;
import org.apache.usergrid.persistence.EntityManagerFactory;
import org.apache.usergrid.rest.exceptions.RedirectionException;
@@ -43,6 +44,7 @@ import javax.xml.ws.spi.http.HttpContext;
import java.io.IOException;
import java.util.List;
import java.util.Map;
+import java.util.UUID;
public abstract class AbstractContextResource {
@@ -163,6 +165,51 @@ public abstract class AbstractContextResource {
public Viewable handleViewable(String template, Object model) {
+ return handleViewable(template, model, management.getOrganizationConfigDefaultsOnly());
+ }
+
+
+ public Viewable handleViewable(String template, Object model, String organizationName) {
+ OrganizationConfig orgConfig;
+ try {
+ if (!StringUtils.isBlank(organizationName)) {
+ orgConfig = management.getOrganizationConfigByName(organizationName);
+ } else {
+ orgConfig = management.getOrganizationConfigDefaultsOnly();
+ }
+ }
+ catch (Exception e) {
+ // fall back to non-org
+ if (logger.isInfoEnabled()) {
+ logger.info("handleViewable: unable to retrieve org config by org name: " + organizationName);
+ }
+ orgConfig = management.getOrganizationConfigDefaultsOnly();
+ }
+ return handleViewable(template, model, orgConfig);
+ }
+
+
+ public Viewable handleViewable(String template, Object model, UUID organizationId) {
+ OrganizationConfig orgConfig;
+ try {
+ if (organizationId != null) {
+ orgConfig = management.getOrganizationConfigByUuid(organizationId);
+ } else {
+ orgConfig = management.getOrganizationConfigDefaultsOnly();
+ }
+ }
+ catch (Exception e) {
+ // fall back to non-org
+ if (logger.isInfoEnabled() && organizationId != null) {
+ logger.info("handleViewable: unable to retrieve org config by org UUID: " + organizationId.toString());
+ }
+ orgConfig = management.getOrganizationConfigDefaultsOnly();
+ }
+ return handleViewable(template, model, orgConfig);
+ }
+
+
+ public Viewable handleViewable(String template, Object model, OrganizationConfig orgConfig) {
String className = this.getClass().getName().toLowerCase();
String packageName = AbstractContextResource.class.getPackage().getName();
@@ -171,7 +218,7 @@ public abstract class AbstractContextResource {
StringUtils.removeEnd(className.toLowerCase(), "resource")
.substring(packageName.length()) + "." + template.toLowerCase();
- String redirect_url = properties.getProperty(template_property);
+ String redirect_url = orgConfig.getProperty(template_property);
if (StringUtils.isNotBlank(redirect_url)) {
if (logger.isDebugEnabled()) {
@@ -184,8 +231,7 @@ public abstract class AbstractContextResource {
logger.debug("Dispatching to viewable with template: {}", template, template_property);
}
- Viewable viewable = new Viewable(template, model);
- return viewable;
+ return new Viewable(template, model);
}
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ApplicationResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ApplicationResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ApplicationResource.java
index 5d76b3b..cc111eb 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ApplicationResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ApplicationResource.java
@@ -44,12 +44,10 @@ import org.apache.usergrid.rest.applications.events.EventsResource;
import org.apache.usergrid.rest.applications.queues.QueueResource;
import org.apache.usergrid.rest.applications.users.UsersResource;
import org.apache.usergrid.rest.exceptions.AuthErrorInfo;
-import org.apache.usergrid.rest.exceptions.NotFoundExceptionMapper;
import org.apache.usergrid.rest.exceptions.RedirectionException;
import org.apache.usergrid.rest.exceptions.UnsupportedRestOperationException;
import org.apache.usergrid.rest.security.annotations.RequireApplicationAccess;
import org.apache.usergrid.rest.security.annotations.RequireOrganizationAccess;
-import org.apache.usergrid.rest.security.annotations.RequireSystemAccess;
import org.apache.usergrid.security.oauth.AccessInfo;
import org.apache.usergrid.security.oauth.ClientCredentialsInfo;
import org.glassfish.jersey.server.mvc.Viewable;
@@ -429,13 +427,13 @@ public class ApplicationResource extends ServiceResource {
ApplicationInfo app = management.getApplicationInfo( applicationId );
applicationName = app.getName();
- return handleViewable( "authorize_form", this );
+ return handleViewable( "authorize_form", this, getOrganizationName() );
}
catch ( RedirectionException e ) {
throw e;
}
catch ( Exception e ) {
- return handleViewable( "error", e );
+ return handleViewable( "error", e, getOrganizationName() );
}
}
@@ -491,14 +489,14 @@ public class ApplicationResource extends ServiceResource {
ApplicationInfo app = management.getApplicationInfo( applicationId );
applicationName = app.getName();
- return Response.ok( handleViewable( "authorize_form", this ) ).build() ;
+ return Response.ok( handleViewable( "authorize_form", this, getOrganizationName() ) ).build() ;
}
catch ( RedirectionException e ) {
throw e;
}
catch ( Exception e ) {
logger.error("handleAuthorizeForm failed", e);
- return Response.ok( handleViewable( "error", this ) ).build() ;
+ return Response.ok( handleViewable( "error", this, getOrganizationName() ) ).build() ;
}
}
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ServiceResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ServiceResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ServiceResource.java
index 70adf35..af6ec44 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ServiceResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ServiceResource.java
@@ -17,7 +17,6 @@
package org.apache.usergrid.rest.applications;
-import com.amazonaws.AmazonClientException;
import com.amazonaws.AmazonServiceException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.jaxrs.json.annotation.JSONP;
@@ -130,6 +129,11 @@ public class ServiceResource extends AbstractContextResource {
}
+ public String getOrganizationName() {
+ return services.getApplication().getOrganizationName();
+ }
+
+
public List<ServiceParameter> getServiceParameters() {
if ( serviceParameters != null ) {
return serviceParameters;
@@ -137,7 +141,7 @@ public class ServiceResource extends AbstractContextResource {
if ( getServiceResourceParent() != null ) {
return getServiceResourceParent().getServiceParameters();
}
- serviceParameters = new ArrayList<ServiceParameter>();
+ serviceParameters = new ArrayList<>();
return serviceParameters;
}
@@ -648,7 +652,7 @@ public class ServiceResource extends AbstractContextResource {
// collect form data values
List<BodyPart> bodyParts = multiPart.getBodyParts();
- HashMap<String, Object> data = new HashMap<String, Object>();
+ HashMap<String, Object> data = new HashMap<>();
for ( BodyPart bp : bodyParts ) {
FormDataBodyPart bodyPart = ( FormDataBodyPart ) bp;
if ( bodyPart.getMediaType().equals( MediaType.TEXT_PLAIN_TYPE ) ) {
@@ -791,7 +795,7 @@ public class ServiceResource extends AbstractContextResource {
boolean range = StringUtils.isNotBlank( rangeHeader );
long start = 0, end = 0, contentLength = 0;
- InputStream inputStream = null;
+ InputStream inputStream;
if ( range ) { // honor range request, calculate start & end
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UserResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UserResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UserResource.java
index 77ba756..6de65f1 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UserResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UserResource.java
@@ -71,9 +71,7 @@ import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
import static javax.servlet.http.HttpServletResponse.SC_FORBIDDEN;
import static javax.servlet.http.HttpServletResponse.SC_OK;
-import static org.apache.usergrid.security.shiro.utils.SubjectUtils.getSubjectUserId;
-import static org.apache.usergrid.security.shiro.utils.SubjectUtils.isApplicationAdmin;
-import static org.apache.usergrid.security.shiro.utils.SubjectUtils.isApplicationUser;
+import static org.apache.usergrid.security.shiro.utils.SubjectUtils.*;
import static org.apache.usergrid.utils.ConversionUtils.string;
@@ -222,6 +220,8 @@ public class UserResource extends ServiceResource {
ApiResponse response = createApiResponse();
response.setAction( "set user credentials" );
+
+ @SuppressWarnings("unchecked")
Map<String, Object> credentialsJson = ( Map<String, Object> ) json.get( "credentials" );
@@ -398,17 +398,17 @@ public class UserResource extends ServiceResource {
this.token = token;
try {
if ( management.checkPasswordResetTokenForAppUser( getApplicationId(), getUserUuid(), token ) ) {
- return handleViewable( "resetpw_set_form", this );
+ return handleViewable( "resetpw_set_form", this, getOrganizationName() );
}
else {
- return handleViewable( "resetpw_email_form", this );
+ return handleViewable( "resetpw_email_form", this, getOrganizationName() );
}
}
catch ( RedirectionException e ) {
throw e;
}
catch ( Exception e ) {
- return handleViewable( "error", e );
+ return handleViewable( "error", e, getOrganizationName() );
}
}
@@ -433,22 +433,22 @@ public class UserResource extends ServiceResource {
if ( ( password1 != null ) && password1.equals( password2 ) ) {
management.setAppUserPassword( getApplicationId(), getUser().getUuid(), password1 );
management.revokeAccessTokenForAppUser( token );
- return handleViewable( "resetpw_set_success", this );
+ return handleViewable( "resetpw_set_success", this, getOrganizationName() );
}
else {
errorMsg = "Passwords didn't match, let's try again...";
- return handleViewable( "resetpw_set_form", this );
+ return handleViewable( "resetpw_set_form", this, getOrganizationName() );
}
}
else {
errorMsg = "Sorry, you have an invalid token. Let's try again...";
- return handleViewable( "resetpw_email_form", this );
+ return handleViewable( "resetpw_email_form", this, getOrganizationName() );
}
}
if ( !useReCaptcha() ) {
management.startAppUserPasswordResetFlow( getApplicationId(), getUser() );
- return handleViewable( "resetpw_email_success", this );
+ return handleViewable( "resetpw_email_success", this, getOrganizationName() );
}
ReCaptchaImpl reCaptcha = new ReCaptchaImpl();
@@ -459,18 +459,18 @@ public class UserResource extends ServiceResource {
if ( reCaptchaResponse.isValid() ) {
management.startAppUserPasswordResetFlow( getApplicationId(), getUser() );
- return handleViewable( "resetpw_email_success", this );
+ return handleViewable( "resetpw_email_success", this, getOrganizationName() );
}
else {
errorMsg = "Incorrect Captcha";
- return handleViewable( "resetpw_email_form", this );
+ return handleViewable( "resetpw_email_form", this, getOrganizationName() );
}
}
catch ( RedirectionException e ) {
throw e;
}
catch ( Exception e ) {
- return handleViewable( "error", e );
+ return handleViewable( "error", e, getOrganizationName() );
}
}
@@ -515,16 +515,16 @@ public class UserResource extends ServiceResource {
try {
management.handleActivationTokenForAppUser( getApplicationId(), getUserUuid(), token );
- return handleViewable( "activate", this );
+ return handleViewable( "activate", this, getOrganizationName() );
}
catch ( TokenException e ) {
- return handleViewable( "bad_activation_token", this );
+ return handleViewable( "bad_activation_token", this, getOrganizationName() );
}
catch ( RedirectionException e ) {
throw e;
}
catch ( Exception e ) {
- return handleViewable( "error", e );
+ return handleViewable( "error", e, getOrganizationName() );
}
}
@@ -538,18 +538,18 @@ public class UserResource extends ServiceResource {
ActivationState state =
management.handleConfirmationTokenForAppUser( getApplicationId(), getUserUuid(), token );
if ( state == ActivationState.CONFIRMED_AWAITING_ACTIVATION ) {
- return handleViewable( "confirm", this );
+ return handleViewable( "confirm", this, getOrganizationName() );
}
- return handleViewable( "activate", this );
+ return handleViewable( "activate", this, getOrganizationName() );
}
catch ( TokenException e ) {
- return handleViewable( "bad_confirmation_token", this );
+ return handleViewable( "bad_confirmation_token", this, getOrganizationName() );
}
catch ( RedirectionException e ) {
throw e;
}
catch ( Exception e ) {
- return handleViewable( "error", e );
+ return handleViewable( "error", e, getOrganizationName() );
}
}
@@ -684,6 +684,7 @@ public class UserResource extends ServiceResource {
extensionResource = getSubResource( extensionCls );
}
catch ( Exception e ) {
+ // intentionally empty
}
if ( extensionResource != null ) {
return extensionResource;
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UsersResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UsersResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UsersResource.java
index 81cf59a..e224cfc 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UsersResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UsersResource.java
@@ -120,7 +120,7 @@ public class UsersResource extends ServiceResource {
@Path("resetpw")
@Produces(MediaType.TEXT_HTML)
public Viewable showPasswordResetForm( @Context UriInfo ui ) {
- return handleViewable( "resetpw_email_form", this );
+ return handleViewable( "resetpw_email_form", this, getOrganizationName() );
}
@@ -141,30 +141,30 @@ public class UsersResource extends ServiceResource {
if ( isBlank( email ) ) {
errorMsg = "No email provided, try again...";
- return handleViewable( "resetpw_email_form", this );
+ return handleViewable( "resetpw_email_form", this, getOrganizationName() );
}
if ( !useReCaptcha() || reCaptchaResponse.isValid() ) {
user = management.getAppUserByIdentifier( getApplicationId(), Identifier.fromEmail( email ) );
if ( user != null ) {
management.startAppUserPasswordResetFlow( getApplicationId(), user );
- return handleViewable( "resetpw_email_success", this );
+ return handleViewable( "resetpw_email_success", this, getOrganizationName() );
}
else {
errorMsg = "We don't recognize that email, try again...";
- return handleViewable( "resetpw_email_form", this );
+ return handleViewable( "resetpw_email_form", this, getOrganizationName() );
}
}
else {
errorMsg = "Incorrect Captcha, try again...";
- return handleViewable( "resetpw_email_form", this );
+ return handleViewable( "resetpw_email_form", this, getOrganizationName() );
}
}
catch ( RedirectionException e ) {
throw e;
}
catch ( Exception e ) {
- return handleViewable( "resetpw_email_form", e );
+ return handleViewable( "resetpw_email_form", e, getOrganizationName() );
}
}
@@ -249,7 +249,7 @@ public class UsersResource extends ServiceResource {
}
}
- ApiResponse response = ( ApiResponse ) super.executePostWithObject( ui, json, callback );
+ ApiResponse response = super.executePostWithObject( ui, json, callback );
if ( ( response.getEntities() != null ) && ( response.getEntities().size() == 1 ) ) {
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
index 11fd897..721235e 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
@@ -268,7 +268,7 @@ public class ManagementResource extends AbstractContextResource {
}
catch ( UnconfirmedAdminUserException uaue ) {
errorDescription = "User must be confirmed to authenticate";
- logger.warn( "Responding with HTTP 403 forbidden response for unconfirmed user {}" , user);
+ logger.warn("Responding with HTTP 403 forbidden response for unconfirmed user");
OAuthResponse response = OAuthResponse.errorResponse( SC_FORBIDDEN )
.setError( OAuthError.TokenResponse.INVALID_GRANT )
@@ -469,6 +469,7 @@ public class ManagementResource extends AbstractContextResource {
user = management.verifyAdminUserPasswordCredentials( username, password );
}
catch ( Exception e1 ) {
+ // intentionally empty
}
if ( ( user != null ) && isNotBlank( redirect_uri ) ) {
if ( !redirect_uri.contains( "?" ) ) {
@@ -584,7 +585,7 @@ public class ManagementResource extends AbstractContextResource {
if ( ttl == -1 ) {
throw new IllegalArgumentException("ttl must be specified");
}
- AccessInfo accessInfo = null;
+ AccessInfo accessInfo;
Timer processingTimer = getMetricsFactory().getTimer(
ManagementResource.class, SSO_PROCESSING_TIME );
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationResource.java
index f777637..77239f3 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationResource.java
@@ -130,16 +130,16 @@ public class OrganizationResource extends AbstractContextResource {
try {
management.handleActivationTokenForOrganization( organization.getUuid(), token );
- return handleViewable( "activate", this );
+ return handleViewable( "activate", this, organization.getName() );
}
catch ( TokenException e ) {
- return handleViewable( "bad_activation_token", this );
+ return handleViewable( "bad_activation_token", this, organization.getName() );
}
catch ( RedirectionException e ) {
throw e;
}
catch ( Exception e ) {
- return handleViewable( "error", e );
+ return handleViewable( "error", e, organization.getName() );
}
}
@@ -152,18 +152,18 @@ public class OrganizationResource extends AbstractContextResource {
try {
ActivationState state = management.handleActivationTokenForOrganization( organization.getUuid(), token );
if ( state == ActivationState.CONFIRMED_AWAITING_ACTIVATION ) {
- return handleViewable( "confirm", this );
+ return handleViewable( "confirm", this, organization.getName() );
}
- return handleViewable( "activate", this );
+ return handleViewable( "activate", this, organization.getName() );
}
catch ( TokenException e ) {
- return handleViewable( "bad_activation_token", this );
+ return handleViewable( "bad_activation_token", this, organization.getName() );
}
catch ( RedirectionException e ) {
throw e;
}
catch ( Exception e ) {
- return handleViewable( "error", e );
+ return handleViewable( "error", e, organization.getName() );
}
}
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
index 188567b..a968508 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
@@ -29,7 +29,7 @@ import org.apache.usergrid.rest.exceptions.RedirectionException;
import org.apache.usergrid.rest.management.ManagementResource;
import org.apache.usergrid.rest.management.users.organizations.OrganizationsResource;
import org.apache.usergrid.rest.security.annotations.RequireAdminUserAccess;
-import org.apache.usergrid.security.shiro.utils.SubjectUtils;
+import org.apache.usergrid.security.tokens.TokenInfo;
import org.apache.usergrid.security.tokens.exceptions.TokenException;
import org.apache.usergrid.services.ServiceResults;
import org.glassfish.jersey.server.mvc.Viewable;
@@ -191,7 +191,7 @@ public class UserResource extends AbstractContextResource {
ApiResponse response = createApiResponse();
response.setAction( "get admin user" );
- String token = management.getAccessTokenForAdminUser( SubjectUtils.getUser().getUuid(), ttl );
+ String token = management.getAccessTokenForAdminUser( user.getUuid(), ttl );
Map<String, Object> userOrganizationData = management.getAdminUserOrganizationData( user, !shallow );
userOrganizationData.put( "token", token );
response.setData( userOrganizationData );
@@ -214,21 +214,25 @@ public class UserResource extends AbstractContextResource {
properties.getProperty( ManagementResource.USERGRID_CENTRAL_URL ) );
}
+ UUID organizationId = null;
+
try {
this.token = token;
+ TokenInfo tokenInfo = management.getPasswordResetTokenInfoForAdminUser(token);
+ organizationId = tokenInfo.getWorkflowOrgId();
- if ( management.checkPasswordResetTokenForAdminUser( user.getUuid(), token ) ) {
- return handleViewable( "resetpw_set_form", this );
+ if ( management.checkPasswordResetTokenForAdminUser( user.getUuid(), tokenInfo ) ) {
+ return handleViewable( "resetpw_set_form", this, organizationId );
}
else {
- return handleViewable( "resetpw_email_form", this );
+ return handleViewable( "resetpw_email_form", this, organizationId );
}
}
catch ( RedirectionException e ) {
throw e;
}
catch ( Exception e ) {
- return handleViewable( "error", e );
+ return handleViewable( "error", e, organizationId );
}
}
@@ -255,8 +259,12 @@ public class UserResource extends AbstractContextResource {
properties.getProperty( ManagementResource.USERGRID_CENTRAL_URL ) );
}
+ UUID organizationId = null;
+
try {
this.token = token;
+ TokenInfo tokenInfo = management.getPasswordResetTokenInfoForAdminUser(token);
+ organizationId = tokenInfo.getWorkflowOrgId();
// if(user == null) {
// errorMsg = "Incorrect username entered";
@@ -264,26 +272,26 @@ public class UserResource extends AbstractContextResource {
// }
if ( ( password1 != null ) || ( password2 != null ) ) {
- if ( management.checkPasswordResetTokenForAdminUser( user.getUuid(), token ) ) {
+ if ( management.checkPasswordResetTokenForAdminUser( user.getUuid(), tokenInfo ) ) {
if ( ( password1 != null ) && password1.equals( password2 ) ) {
management.setAdminUserPassword( user.getUuid(), password1 );
management.revokeAccessTokenForAdminUser( user.getUuid(), token );
- return handleViewable( "resetpw_set_success", this );
+ return handleViewable( "resetpw_set_success", this, organizationId );
}
else {
errorMsg = "Passwords didn't match, let's try again...";
- return handleViewable( "resetpw_set_form", this );
+ return handleViewable( "resetpw_set_form", this, organizationId );
}
}
else {
errorMsg = "Sorry, you have an invalid token. Let's try again...";
- return handleViewable( "resetpw_email_form", this );
+ return handleViewable( "resetpw_email_form", this, organizationId );
}
}
if ( !useReCaptcha() ) {
management.startAdminUserPasswordResetFlow( null, user );
- return handleViewable( "resetpw_email_success", this );
+ return handleViewable( "resetpw_email_success", this, organizationId );
}
ReCaptchaImpl reCaptcha = new ReCaptchaImpl();
@@ -294,18 +302,18 @@ public class UserResource extends AbstractContextResource {
if ( reCaptchaResponse.isValid() ) {
management.startAdminUserPasswordResetFlow( null, user );
- return handleViewable( "resetpw_email_success", this );
+ return handleViewable( "resetpw_email_success", this, organizationId );
}
else {
errorMsg = "Incorrect Captcha";
- return handleViewable( "resetpw_email_form", this );
+ return handleViewable( "resetpw_email_form", this, organizationId );
}
}
catch ( RedirectionException e ) {
throw e;
}
catch ( Exception e ) {
- return handleViewable( "error", e );
+ return handleViewable( "error", e, organizationId );
}
}
@@ -338,18 +346,22 @@ public class UserResource extends AbstractContextResource {
properties.getProperty( ManagementResource.USERGRID_CENTRAL_URL ) );
}
+ UUID organizationId = null;
+
try {
- management.handleActivationTokenForAdminUser( user.getUuid(), token );
- return handleViewable( "activate", this );
+ TokenInfo tokenInfo = management.getActivationTokenInfoForAdminUser(token) ;
+ organizationId = tokenInfo.getWorkflowOrgId();
+ management.handleActivationTokenForAdminUser( user.getUuid(), tokenInfo );
+ return handleViewable( "activate", this, organizationId );
}
catch ( TokenException e ) {
- return handleViewable( "bad_activation_token", this );
+ return handleViewable( "bad_activation_token", this, organizationId );
}
catch ( RedirectionException e ) {
throw e;
}
catch ( Exception e ) {
- return handleViewable( "error", e );
+ return handleViewable( "error", e, organizationId );
}
}
@@ -367,21 +379,25 @@ public class UserResource extends AbstractContextResource {
properties.getProperty( ManagementResource.USERGRID_CENTRAL_URL ) );
}
+ UUID organizationId = null;
+
try {
- ActivationState state = management.handleConfirmationTokenForAdminUser( user.getUuid(), token );
+ TokenInfo tokenInfo = management.getConfirmationTokenInfoForAdminUser(token) ;
+ organizationId = tokenInfo.getWorkflowOrgId();
+ ActivationState state = management.handleConfirmationTokenForAdminUser( user.getUuid(), tokenInfo );
if ( state == ActivationState.CONFIRMED_AWAITING_ACTIVATION ) {
- return handleViewable( "confirm", this );
+ return handleViewable( "confirm", this, organizationId );
}
- return handleViewable( "activate", this );
+ return handleViewable( "activate", this, organizationId );
}
catch ( TokenException e ) {
- return handleViewable( "bad_confirmation_token", this );
+ return handleViewable( "bad_confirmation_token", this, organizationId );
}
catch ( RedirectionException e ) {
throw e;
}
catch ( Exception e ) {
- return new Viewable( "error", e );
+ return handleViewable( "error", e, organizationId );
}
}
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/services/src/main/java/org/apache/usergrid/management/ManagementService.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/management/ManagementService.java b/stack/services/src/main/java/org/apache/usergrid/management/ManagementService.java
index 1352dad..2f2d10f 100644
--- a/stack/services/src/main/java/org/apache/usergrid/management/ManagementService.java
+++ b/stack/services/src/main/java/org/apache/usergrid/management/ManagementService.java
@@ -33,6 +33,7 @@ import org.apache.usergrid.persistence.entities.User;
import org.apache.usergrid.persistence.model.entity.Id;
import org.apache.usergrid.security.oauth.AccessInfo;
import org.apache.usergrid.security.shiro.PrincipalCredentialsToken;
+import org.apache.usergrid.security.tokens.TokenInfo;
import org.apache.usergrid.services.ServiceResults;
import com.google.common.collect.BiMap;
@@ -50,12 +51,24 @@ public interface ManagementService {
AccessInfo authorizeClient( String clientId, String clientSecret, long ttl ) throws Exception;
+ TokenInfo getConfirmationTokenInfoForAdminUser( String token ) throws Exception;
+
ActivationState handleConfirmationTokenForAdminUser( UUID userId, String token ) throws Exception;
+ ActivationState handleConfirmationTokenForAdminUser( UUID userId, TokenInfo tokenInfo ) throws Exception;
+
+ TokenInfo getActivationTokenInfoForAdminUser( String token ) throws Exception;
+
ActivationState handleActivationTokenForAdminUser( UUID userId, String token ) throws Exception;
+ ActivationState handleActivationTokenForAdminUser( UUID userId, TokenInfo tokenInfo ) throws Exception;
+
ActivationState handleActivationTokenForOrganization( UUID organizationId, String token ) throws Exception;
+ TokenInfo getPasswordResetTokenInfoForAdminUser( String token ) throws Exception;
+
+ boolean checkPasswordResetTokenForAdminUser( UUID userId, TokenInfo tokenInfo ) throws Exception;
+
boolean checkPasswordResetTokenForAdminUser( UUID userId, String token ) throws Exception;
UserInfo createAdminUser( UUID organizationId, String username, String name, String email, String password,
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfig.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfig.java b/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfig.java
index 2730eac..b327682 100644
--- a/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfig.java
+++ b/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfig.java
@@ -28,10 +28,8 @@ import java.util.*;
public class OrganizationConfig {
private OrganizationConfigProps configProps;
- //private Map<String, String> defaultProperties;
private UUID id;
private String name;
- //private Map<String, String> orgProperties;
// shouldn't use the default constructor
@@ -52,10 +50,8 @@ public class OrganizationConfig {
public OrganizationConfig(OrganizationConfigProps configFileProperties, UUID id, String name) {
this.configProps = new OrganizationConfigPropsImpl(configFileProperties);
- //defaultProperties = configFileProperties.getOrgPropertyMap();
this.id = id;
this.name = name;
- //this.orgProperties = new HashMap<>();
}
public OrganizationConfig(OrganizationConfigProps configFileProperties) {
@@ -78,24 +74,33 @@ public class OrganizationConfig {
}
private void orgPropertyValidate(Map<String, Object> entityProperties) throws IllegalArgumentException {
- Set<String> entityPropertyKeys = new HashSet<>(entityProperties.keySet());
- entityPropertyKeys.removeAll(configProps.getOrgPropertyNames());
- // if anything remains in the key set, it is not a valid property
- if (entityPropertyKeys.size() > 0) {
- throw new IllegalArgumentException("Invalid organization config keys: " + String.join(", ", entityPropertyKeys));
+ Set<String> invalidKeys = new HashSet<>();
+ entityProperties.keySet().forEach((k) -> {
+ if (!configProps.orgPropertyNameValid(k)) {
+ invalidKeys.add(k);
+ }
+ });
+
+ if (invalidKeys.size() > 0) {
+ throw new IllegalArgumentException("Invalid organization config keys: " + String.join(", ", invalidKeys));
}
+ invalidKeys.clear();
entityProperties.forEach((k,v) -> {
if (!v.getClass().equals(String.class)) {
- throw new IllegalArgumentException("Organization config values must be strings.");
+ invalidKeys.add(k);
}
});
+
+ if (invalidKeys.size() > 0) {
+ throw new IllegalArgumentException("Organization config value(s) not strings: " + String.join(", ", invalidKeys));
+ }
}
private void addOrgProperties(Map<String, Object> newOrgProperties) {
newOrgProperties.forEach((k,v) -> {
// only take valid properties, validation (if required) happened earlier
- if (configProps.getOrgPropertyNames().contains(k)) {
+ if (configProps.orgPropertyNameValid(k)) {
// ignore non-strings, validation happened earlier
if (v.getClass().equals(String.class)) {
this.configProps.setProperty(k, v.toString());
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfigProps.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfigProps.java b/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfigProps.java
index f50705f..226e3a3 100644
--- a/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfigProps.java
+++ b/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfigProps.java
@@ -50,6 +50,8 @@ public interface OrganizationConfigProps {
Map<String, String> getOrgPropertiesMap();
+ String getOrgPropertyNameRegex();
+
String getProperty(String name);
String getProperty(String name, String defaultValue);
@@ -66,4 +68,6 @@ public interface OrganizationConfigProps {
String getFullUrl(WorkflowUrl urlType, Object ... arguments);
+ boolean orgPropertyNameValid(String name);
+
}
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
index 558b718..cc5fc9c 100644
--- a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
+++ b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
@@ -2197,10 +2197,22 @@ public class ManagementServiceImpl implements ManagementService {
@Override
+ public TokenInfo getPasswordResetTokenInfoForAdminUser( String token ) throws Exception {
+ return getTokenInfoFromAccessToken(token, TOKEN_TYPE_PASSWORD_RESET, ADMIN_USER);
+ }
+
+
+ @Override
public boolean checkPasswordResetTokenForAdminUser( UUID userId, String token ) throws Exception {
+ return checkPasswordResetTokenForAdminUser(userId, getPasswordResetTokenInfoForAdminUser(token));
+ }
+
+
+ @Override
+ public boolean checkPasswordResetTokenForAdminUser( UUID userId, TokenInfo tokenInfo ) throws Exception {
AuthPrincipalInfo principal = null;
try {
- principal = getPrincipalFromAccessToken( token, TOKEN_TYPE_PASSWORD_RESET, ADMIN_USER );
+ principal = tokenInfo.getPrincipal();
}
catch ( Exception e ) {
logger.error( "Unable to verify token", e );
@@ -2470,9 +2482,20 @@ public class ManagementServiceImpl implements ManagementService {
@Override
- // token may contain the workflow organization id
+ public TokenInfo getConfirmationTokenInfoForAdminUser( String token ) throws Exception {
+ return getTokenInfoFromAccessToken(token, TOKEN_TYPE_CONFIRM, ADMIN_USER);
+ }
+
+
+ @Override
public ActivationState handleConfirmationTokenForAdminUser( UUID userId, String token ) throws Exception {
- TokenInfo tokenInfo = getTokenInfoFromAccessToken(token, TOKEN_TYPE_CONFIRM, ADMIN_USER);
+ return handleConfirmationTokenForAdminUser(userId, getConfirmationTokenInfoForAdminUser(token));
+ }
+
+
+ @Override
+ // token may contain the workflow organization id
+ public ActivationState handleConfirmationTokenForAdminUser( UUID userId, TokenInfo tokenInfo ) throws Exception {
if (tokenInfo != null) {
AuthPrincipalInfo principal = tokenInfo.getPrincipal();
if ((principal != null) && userId.equals(principal.getUuid())) {
@@ -2496,9 +2519,20 @@ public class ManagementServiceImpl implements ManagementService {
@Override
- // token may contain the workflow organization id
+ public TokenInfo getActivationTokenInfoForAdminUser( String token ) throws Exception {
+ return getTokenInfoFromAccessToken(token, TOKEN_TYPE_ACTIVATION, ADMIN_USER);
+ }
+
+
+ @Override
public ActivationState handleActivationTokenForAdminUser( UUID userId, String token ) throws Exception {
- TokenInfo tokenInfo = getTokenInfoFromAccessToken(token, TOKEN_TYPE_ACTIVATION, ADMIN_USER);
+ return handleActivationTokenForAdminUser(userId, getActivationTokenInfoForAdminUser(token));
+ }
+
+
+ @Override
+ // token may contain the workflow organization id
+ public ActivationState handleActivationTokenForAdminUser( UUID userId, TokenInfo tokenInfo ) throws Exception {
if (tokenInfo != null) {
AuthPrincipalInfo principal = tokenInfo.getPrincipal();
if ((principal != null) && userId.equals(principal.getUuid())) {
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/services/src/main/java/org/apache/usergrid/management/cassandra/OrganizationConfigPropsImpl.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/OrganizationConfigPropsImpl.java b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/OrganizationConfigPropsImpl.java
index 56c1e12..5d2c256 100644
--- a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/OrganizationConfigPropsImpl.java
+++ b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/OrganizationConfigPropsImpl.java
@@ -18,13 +18,21 @@ package org.apache.usergrid.management.cassandra;
import org.apache.usergrid.management.OrganizationConfigProps;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import java.util.*;
+import java.util.regex.Pattern;
+import java.util.regex.PatternSyntaxException;
import static org.apache.commons.lang.StringUtils.isBlank;
public class OrganizationConfigPropsImpl implements OrganizationConfigProps {
+ private static final Logger logger = LoggerFactory.getLogger( OrganizationConfigPropsImpl.class );
+
+ private static final String REGEX_PROPERTY_NAME = "usergrid.org.config.property.regex";
+ private static final String DEFAULT_REGEX = "usergrid[.]view[.].*";
private static final String DEFAULTVALUE_API_URL_BASE = "http://localhost:8080";
private static final String DEFAULTVALUE_DEFAULT_CONNECTION_PARAM = "all";
@@ -61,6 +69,9 @@ public class OrganizationConfigPropsImpl implements OrganizationConfigProps {
protected final Map<String, String> defaultProperties;
protected final Map<String, String> orgProperties;
+ protected final String propertyNameRegex;
+ protected Pattern propertyNameRegexPattern;
+
public OrganizationConfigPropsImpl(Properties properties) {
this(properties, null);
@@ -70,29 +81,42 @@ public class OrganizationConfigPropsImpl implements OrganizationConfigProps {
this.properties = new Properties(properties);
this.properties.putAll(properties);
+ String regex = properties.getProperty(REGEX_PROPERTY_NAME);
+ this.propertyNameRegex = !regex.isEmpty() ? regex : DEFAULT_REGEX;
+ try {
+ this.propertyNameRegexPattern = Pattern.compile(this.propertyNameRegex);
+ }
+ catch(PatternSyntaxException e) {
+ if (logger.isInfoEnabled()) {
+ logger.info("Invalid regex in " + REGEX_PROPERTY_NAME + " property: " + propertyNameRegex);
+ }
+ this.propertyNameRegexPattern = null;
+ }
+
this.defaultProperties = new HashMap<>(noConfigDefaults);
- // add any corresponding properties to default props map
- noConfigDefaults.keySet().forEach((k) -> {
- String value = properties.getProperty(k);
- // ok if value is empty string
- if (value != null) {
- this.defaultProperties.put(k, value);
+ // add any corresponding properties to default props map
+ this.properties.forEach((k,v) -> {
+ if (orgPropertyNameValid(k.toString()) && v != null) {
+ this.defaultProperties.put(k.toString(), v.toString());
}
});
this.orgProperties = map != null ? new HashMap<>(map) : new HashMap<>();
- //noConfigDefaults.forEach((k,v) -> map.put(k, properties.getProperty(k, v)));
}
public OrganizationConfigPropsImpl(OrganizationConfigProps orgConfigProps) {
this.properties = orgConfigProps.getPropertiesMap();
this.defaultProperties = orgConfigProps.getDefaultPropertiesMap();
this.orgProperties = orgConfigProps.getOrgPropertiesMap();
+ this.propertyNameRegex = orgConfigProps.getOrgPropertyNameRegex();
+ this.propertyNameRegexPattern = Pattern.compile(this.propertyNameRegex);
}
+ @Override
public boolean orgPropertyNameValid(String name) {
- return noConfigDefaults.containsKey(name);
+ return noConfigDefaults.containsKey(name) ||
+ (propertyNameRegexPattern != null && propertyNameRegexPattern.matcher(name).matches());
}
@Override
@@ -117,6 +141,11 @@ public class OrganizationConfigPropsImpl implements OrganizationConfigProps {
return new HashMap<>(orgProperties);
}
+ @Override
+ public String getOrgPropertyNameRegex() {
+ return propertyNameRegex;
+ }
+
//
// 1. return from orgProperties (if it exists)
// 2. return from properties (if it exists)