Package com.logicaldoc.web.service
Class SecurityServiceImpl
- java.lang.Object
-
- javax.servlet.GenericServlet
-
- javax.servlet.http.HttpServlet
-
- com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet
-
- com.google.gwt.user.server.rpc.RemoteServiceServlet
-
- com.logicaldoc.web.service.SecurityServiceImpl
-
- All Implemented Interfaces:
com.google.gwt.user.client.rpc.RemoteService
,com.google.gwt.user.server.rpc.SerializationPolicyProvider
,SecurityService
,Serializable
,javax.servlet.Servlet
,javax.servlet.ServletConfig
public class SecurityServiceImpl extends com.google.gwt.user.server.rpc.RemoteServiceServlet implements SecurityService
Implementation of the SecurityService- Since:
- 6.0
- Author:
- Marco Meschieri - LogicalDOC
- See Also:
- Serialized Form
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface com.logicaldoc.gui.common.client.services.SecurityService
SecurityService.Instance
-
-
Constructor Summary
Constructors Constructor Description SecurityServiceImpl()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addUserToGroup(long groupId, long userId)
Adds a user to a groupvoid
applyRights(GUIMenu menu)
Applies all security settings to menuGUIValue
changePassword(Long requestorUserId, long userId, String oldPassword, String newPassword, boolean notify)
Changes the password of a uservoid
changeStatus(long userId, boolean enabled)
Changes the status of a uservoid
cloneWorkTimes(long srcUserId, long[] userIds, long[] groupIds)
Clones a work time to a set of other usersvoid
deleteGroup(long groupId)
Deletes a given groupvoid
deleteMenu(long menuId)
Deletes a menu but only if is not a legacy menu (type not 0)void
deleteTrustedDevices(String[] ids)
Deletes a set of trusted devices for the current uservoid
deleteUser(long userId)
Deletes a given userstatic GUITenant
fromTenant(Tenant tenant)
String
generatePassword()
Generates a password using the configured policies.String
generatePassword2(int length, int uppercaseChars, int lowercaseChars, int digits, int specialChars, int maxSequenceSize, int maxOccurrences)
Generates a passwordGUIGroup
getGroup(long groupId)
Loads a given group from the databaseGUIMenu
getMenu(long menuId, String locale)
Retrieves the specified menuGUIMenu[]
getMenus(long parentId, String locale, boolean enabledOnly)
Retrieves the accessible menus children of a given parentGUISession
getSession(String locale)
Logs-in a user by an existing session ID (session reuse)static GUITenant
getTenant(long tenantId)
static GUITenant
getTenant(String tenantName)
GUIUser
getUser(long userId)
Loads a given user from the databaseBoolean
isTrustedDevice(String deviceId)
Check if the saved device ID is trusted for the current uservoid
kill(String sid)
Kill the session with the given sidGUISequence[]
loadBlockedEntities()
Retrieves the list of actually blocked usernames and IPs detected as Brute Force AttackGUISession
loadSession(Session sess, String locale)
Used internally by login procedures, instantiates a new GUISession by a given authenticated userGUISecuritySettings
loadSettings()
Loads security settingsvoid
logout()
Logs out the current uservoid
removeBlockedEntities(long[] ids)
Removes blocked entries detected as Brute Force Attackvoid
removeFromGroup(long groupId, long[] userIds)
Removes users from a groupvoid
replicateUsersSettings(long masterUserId, Long[] userIds, boolean gui, boolean groups)
Replicates the settings of a given user to a selection of other usersvoid
resetAvatar(long userId)
Resets tha avatar to the default onevoid
saveAvatar(long userId)
Saves an uploaded image as the user's avatarGUIGroup
saveGroup(GUIGroup group)
Creates or updates a groupGUIUser
saveInterfaceSettings(GUIUser user)
Saves the interface settings onlyGUIMenu
saveMenu(GUIMenu guiMenu, String locale)
Saves a menuvoid
saveMenus(GUIMenu[] menus, String locale)
Saves a set of menusGUIUser
saveProfile(GUIUser user)
Saves the profile data onlyboolean
saveSettings(GUISecuritySettings settings)
Saves security settingsGUIUser
saveUser(GUIUser guiUser, GUIInfo info)
Creates or updates a userGUIUser[]
searchUsers(String username, String groupId)
Searches for usersString
syncGeolocationDB(String key)
Downloads the most recent version of the Geolocation databaseString
trustDevice(String label)
Permanently trusts the current device for the current uservoid
updateDeviceLabel(long deviceId, String label)
Updates the label of a device-
Methods inherited from class com.google.gwt.user.server.rpc.RemoteServiceServlet
getSerializationPolicy, init, processCall, processCall, processPost
-
-
-
-
Method Detail
-
getTenant
public static GUITenant getTenant(long tenantId)
-
loadSession
public GUISession loadSession(Session sess, String locale)
Used internally by login procedures, instantiates a new GUISession by a given authenticated user- Parameters:
sess
- the current sessionlocale
- the current locale- Returns:
- session details
-
getSession
public GUISession getSession(String locale)
Description copied from interface:SecurityService
Logs-in a user by an existing session ID (session reuse)- Specified by:
getSession
in interfaceSecurityService
- Parameters:
locale
- the currently used language specification- Returns:
- session informations
-
logout
public void logout()
Description copied from interface:SecurityService
Logs out the current user- Specified by:
logout
in interfaceSecurityService
-
changePassword
public GUIValue changePassword(Long requestorUserId, long userId, String oldPassword, String newPassword, boolean notify)
Description copied from interface:SecurityService
Changes the password of a user- Specified by:
changePassword
in interfaceSecurityService
- Parameters:
requestorUserId
- The user Identifier of the requestoruserId
- The user IdentifieroldPassword
- can be nullnewPassword
- the new passwordnotify
- If the new credentials have to be notified- Returns:
- the error code and message. 0 if all went ok, 1 if the password is incorrect, 2 if the new password cannot be notified, 3 if the password has been already used, otherwise a positive number grater than 3
-
addUserToGroup
public void addUserToGroup(long groupId, long userId) throws ServerException
Description copied from interface:SecurityService
Adds a user to a group- Specified by:
addUserToGroup
in interfaceSecurityService
- Parameters:
groupId
- identifier of the groupuserId
- identifier of the user- Throws:
ServerException
- error generated in the server application
-
deleteGroup
public void deleteGroup(long groupId) throws ServerException
Description copied from interface:SecurityService
Deletes a given group- Specified by:
deleteGroup
in interfaceSecurityService
- Parameters:
groupId
- identifier of the group- Throws:
ServerException
- error generated in the server application
-
deleteUser
public void deleteUser(long userId) throws ServerException
Description copied from interface:SecurityService
Deletes a given user- Specified by:
deleteUser
in interfaceSecurityService
- Parameters:
userId
- identifier of the user- Throws:
ServerException
- error generated in the server application
-
getGroup
public GUIGroup getGroup(long groupId) throws ServerException
Description copied from interface:SecurityService
Loads a given group from the database- Specified by:
getGroup
in interfaceSecurityService
- Parameters:
groupId
- identifier of the group- Returns:
- group retrieved from the server application
- Throws:
ServerException
- error generated in the server application
-
getUser
public GUIUser getUser(long userId) throws ServerException
Description copied from interface:SecurityService
Loads a given user from the database- Specified by:
getUser
in interfaceSecurityService
- Parameters:
userId
- identifier of the user- Returns:
- the user retrieved from the server application
- Throws:
ServerException
- error generated in the server application
-
removeFromGroup
public void removeFromGroup(long groupId, long[] userIds) throws ServerException
Description copied from interface:SecurityService
Removes users from a group- Specified by:
removeFromGroup
in interfaceSecurityService
- Parameters:
groupId
- identifier of the groupuserIds
- array of user identifiers- Throws:
ServerException
- error generated in the server application
-
saveGroup
public GUIGroup saveGroup(GUIGroup group) throws ServerException
Description copied from interface:SecurityService
Creates or updates a group- Specified by:
saveGroup
in interfaceSecurityService
- Parameters:
group
- the group to save- Returns:
- the updated group
- Throws:
ServerException
- error generated in the server application
-
saveUser
public GUIUser saveUser(GUIUser guiUser, GUIInfo info) throws ServerException
Description copied from interface:SecurityService
Creates or updates a user- Specified by:
saveUser
in interfaceSecurityService
- Parameters:
guiUser
- the user to saveinfo
- informations about the User Interface- Returns:
- the saved user
- Throws:
ServerException
- error generated in the server application
-
saveProfile
public GUIUser saveProfile(GUIUser user) throws ServerException
Description copied from interface:SecurityService
Saves the profile data only- Specified by:
saveProfile
in interfaceSecurityService
- Parameters:
user
- the user to save- Returns:
- the updated user
- Throws:
ServerException
- error generated in the server application
-
saveInterfaceSettings
public GUIUser saveInterfaceSettings(GUIUser user) throws ServerException
Description copied from interface:SecurityService
Saves the interface settings only- Specified by:
saveInterfaceSettings
in interfaceSecurityService
- Parameters:
user
- the user to save- Returns:
- the updated user
- Throws:
ServerException
- error generated in the server application
-
kill
public void kill(String sid)
Description copied from interface:SecurityService
Kill the session with the given sid- Specified by:
kill
in interfaceSecurityService
- Parameters:
sid
- identifier of the session
-
loadSettings
public GUISecuritySettings loadSettings() throws ServerException
Description copied from interface:SecurityService
Loads security settings- Specified by:
loadSettings
in interfaceSecurityService
- Returns:
- the security settings
- Throws:
ServerException
- error generated in the server application
-
saveSettings
public boolean saveSettings(GUISecuritySettings settings) throws ServerException
Description copied from interface:SecurityService
Saves security settings- Specified by:
saveSettings
in interfaceSecurityService
- Parameters:
settings
- settings about security- Returns:
- True if the application has to be restarted
- Throws:
ServerException
- error generated in the server application
-
applyRights
public void applyRights(GUIMenu menu) throws ServerException
Description copied from interface:SecurityService
Applies all security settings to menu- Specified by:
applyRights
in interfaceSecurityService
- Parameters:
menu
- the menu- Throws:
ServerException
- error generated in the server application
-
deleteMenu
public void deleteMenu(long menuId) throws ServerException
Description copied from interface:SecurityService
Deletes a menu but only if is not a legacy menu (type not 0)- Specified by:
deleteMenu
in interfaceSecurityService
- Parameters:
menuId
- the menu to delete- Throws:
ServerException
- error generated in the server application
-
saveMenus
public void saveMenus(GUIMenu[] menus, String locale) throws ServerException
Description copied from interface:SecurityService
Saves a set of menus- Specified by:
saveMenus
in interfaceSecurityService
- Parameters:
menus
- the menus to savelocale
- currently selected locale- Throws:
ServerException
- error generated in the server application
-
saveMenu
public GUIMenu saveMenu(GUIMenu guiMenu, String locale) throws ServerException
Description copied from interface:SecurityService
Saves a menu- Specified by:
saveMenu
in interfaceSecurityService
- Parameters:
guiMenu
- the menu to savelocale
- currently selected locale- Returns:
- the saved menu
- Throws:
ServerException
- error generated in the server application
-
getMenus
public GUIMenu[] getMenus(long parentId, String locale, boolean enabledOnly) throws ServerException
Description copied from interface:SecurityService
Retrieves the accessible menus children of a given parent- Specified by:
getMenus
in interfaceSecurityService
- Parameters:
parentId
- identifier of the parent menulocale
- currently selected localeenabledOnly
- to retrieve just the enabled menus- Returns:
- the accessible children
- Throws:
ServerException
- error generated in the server application
-
getMenu
public GUIMenu getMenu(long menuId, String locale) throws ServerException
Description copied from interface:SecurityService
Retrieves the specified menu- Specified by:
getMenu
in interfaceSecurityService
- Parameters:
menuId
- identifier of the menulocale
- currently selected locale- Returns:
- the menu retrieved from the server application
- Throws:
ServerException
- error generated in the server application
-
searchUsers
public GUIUser[] searchUsers(String username, String groupId) throws ServerException
Description copied from interface:SecurityService
Searches for users- Specified by:
searchUsers
in interfaceSecurityService
- Parameters:
username
- The username used in the like operator (optional)groupId
- The group ID (optional)- Returns:
- Array of found users
- Throws:
ServerException
- error generated in the server application
-
loadBlockedEntities
public GUISequence[] loadBlockedEntities() throws ServerException
Description copied from interface:SecurityService
Retrieves the list of actually blocked usernames and IPs detected as Brute Force Attack- Specified by:
loadBlockedEntities
in interfaceSecurityService
- Returns:
- the array of blocked usernames and IPs
- Throws:
ServerException
- error generated in the server application
-
removeBlockedEntities
public void removeBlockedEntities(long[] ids) throws ServerException
Description copied from interface:SecurityService
Removes blocked entries detected as Brute Force Attack- Specified by:
removeBlockedEntities
in interfaceSecurityService
- Parameters:
ids
- identifiers of entities from the BFA list- Throws:
ServerException
- error generated in the server application
-
replicateUsersSettings
public void replicateUsersSettings(long masterUserId, Long[] userIds, boolean gui, boolean groups) throws ServerException
Description copied from interface:SecurityService
Replicates the settings of a given user to a selection of other users- Specified by:
replicateUsersSettings
in interfaceSecurityService
- Parameters:
masterUserId
- identifier of the user with the settings you want to replicateuserIds
- identifiers of the users to replicate the settings togui
- if the user interface settings must be replicatedgroups
- if the groups must be replicated(the read-only users will not be affected by this flag)- Throws:
ServerException
- error generated in the server application
-
updateDeviceLabel
public void updateDeviceLabel(long deviceId, String label) throws ServerException
Description copied from interface:SecurityService
Updates the label of a device- Specified by:
updateDeviceLabel
in interfaceSecurityService
- Parameters:
deviceId
- identifier of the device to updatelabel
- label to assign to the current device- Throws:
ServerException
- error generated in the server application
-
trustDevice
public String trustDevice(String label) throws ServerException
Description copied from interface:SecurityService
Permanently trusts the current device for the current user- Specified by:
trustDevice
in interfaceSecurityService
- Parameters:
label
- optional label to assign to the current device- Returns:
- the ID of the trusted device
- Throws:
ServerException
- error generated in the server application
-
isTrustedDevice
public Boolean isTrustedDevice(String deviceId) throws ServerException
Description copied from interface:SecurityService
Check if the saved device ID is trusted for the current user- Specified by:
isTrustedDevice
in interfaceSecurityService
- Parameters:
deviceId
- identifier of the device- Returns:
- if the device is trusted or not
- Throws:
ServerException
- error generated in the server application
-
deleteTrustedDevices
public void deleteTrustedDevices(String[] ids) throws ServerException
Description copied from interface:SecurityService
Deletes a set of trusted devices for the current user- Specified by:
deleteTrustedDevices
in interfaceSecurityService
- Parameters:
ids
- identifiers of the devices to delete- Throws:
ServerException
- error generated in the server application
-
syncGeolocationDB
public String syncGeolocationDB(String key) throws ServerException
Description copied from interface:SecurityService
Downloads the most recent version of the Geolocation database- Specified by:
syncGeolocationDB
in interfaceSecurityService
- Parameters:
key
- the API key- Returns:
- the current database version
- Throws:
ServerException
- error generated in the server application
-
saveAvatar
public void saveAvatar(long userId) throws ServerException
Description copied from interface:SecurityService
Saves an uploaded image as the user's avatar- Specified by:
saveAvatar
in interfaceSecurityService
- Parameters:
userId
- Identifier of the user- Throws:
ServerException
- error generated in the server application
-
resetAvatar
public void resetAvatar(long userId) throws ServerException
Description copied from interface:SecurityService
Resets tha avatar to the default one- Specified by:
resetAvatar
in interfaceSecurityService
- Parameters:
userId
- Identifier of the user- Throws:
ServerException
- error generated in the server application
-
cloneWorkTimes
public void cloneWorkTimes(long srcUserId, long[] userIds, long[] groupIds) throws ServerException
Description copied from interface:SecurityService
Clones a work time to a set of other users- Specified by:
cloneWorkTimes
in interfaceSecurityService
- Parameters:
srcUserId
- identifier of the user with the work time you want to cloneuserIds
- direct ids of users to clone the working time togroupIds
- the groups of users to clone the working time to- Throws:
ServerException
- generic error
-
changeStatus
public void changeStatus(long userId, boolean enabled) throws ServerException
Description copied from interface:SecurityService
Changes the status of a user- Specified by:
changeStatus
in interfaceSecurityService
- Parameters:
userId
- The user Identifierenabled
- If the user must be enabled or not- Throws:
ServerException
- error generated in the server application
-
generatePassword
public String generatePassword() throws InvalidSessionException
Description copied from interface:SecurityService
Generates a password using the configured policies.- Specified by:
generatePassword
in interfaceSecurityService
- Returns:
- the generated password
- Throws:
InvalidSessionException
-
generatePassword2
public String generatePassword2(int length, int uppercaseChars, int lowercaseChars, int digits, int specialChars, int maxSequenceSize, int maxOccurrences)
Description copied from interface:SecurityService
Generates a password- Specified by:
generatePassword2
in interfaceSecurityService
- Parameters:
length
- dimension of the passworduppercaseChars
- minimum number of upper case charslowercaseChars
- minimum number of lower case charsdigits
- minimum number of digitsspecialChars
- minimum number of special charsmaxSequenceSize
- maximum size of a sequencemaxOccurrences
- maximum number of occurrences of the same char- Returns:
- the generated password
-
-