Package com.logicaldoc.web.service

Class SecurityServiceImpl

java.lang.Object
jakarta.servlet.GenericServlet
jakarta.servlet.http.HttpServlet
com.google.gwt.user.server.rpc.jakarta.AbstractRemoteServiceServlet
com.google.gwt.user.server.rpc.jakarta.RemoteServiceServlet
com.logicaldoc.web.service.AbstractRemoteService
com.logicaldoc.web.service.SecurityServiceImpl
All Implemented Interfaces:
com.google.gwt.user.client.rpc.RemoteService, com.google.gwt.user.server.rpc.SerializationPolicyProvider, SecurityService, jakarta.servlet.Servlet, jakarta.servlet.ServletConfig, Serializable
public class SecurityServiceImpl extends AbstractRemoteService implements SecurityService
Implementation of the SecurityService
Since:
6.0
Author:
Marco Meschieri - LogicalDOC
See Also:

  • Constructor Details

    • SecurityServiceImpl

      public SecurityServiceImpl()

  • Method Details

    • getTenant

      public static GUITenant getTenant(long tenantId)

    • fromTenant

      public static GUITenant fromTenant(Tenant tenant)

    • getTenant

      public static GUITenant getTenant(String tenantName) throws PersistenceException
      Throws:
      PersistenceException

    • loadSession

      public GUISession loadSession(Session session, String locale) throws ServerException
      Used internally by login procedures, instantiates a new GUISession by a given authenticated user
      Parameters:
      session - the current session
      locale - the current locale
      Returns:
      session details
      Throws:
      ServerException - a generic error

    • getSession

      public GUISession getSession(String locale, String sid)
      Description copied from interface: SecurityService
      Logs-in a user by an existing session ID (session reuse)
      Specified by:
      getSession in interface SecurityService
      Parameters:
      locale - the currently used language specification
      sid - the session ID (optional), if not provided it is taken by cookies
      Returns:
      session informations

    • logout

      public void logout()
      Description copied from interface: SecurityService
      Logs out the current user
      Specified by:
      logout in interface SecurityService

    • changePassword

      public GUIValue changePassword(Long requestorUserId, long userId, String oldPassword, String newPassword, boolean notify)
      Description copied from interface: SecurityService
      Changes the password of a user
      Specified by:
      changePassword in interface SecurityService
      Parameters:
      requestorUserId - The user Identifier of the requestor
      userId - The user Identifier
      oldPassword - can be null
      newPassword - the new password
      notify - If the new credentials have to be notified
      Returns:
      the error code and message. 0 if all went ok, 1 if the password is incorrect, 2 if the new password cannot be notified, 3 if the password has been already used, otherwise a positive number grater than 3

    • addUserToGroup

      public void addUserToGroup(long groupId, long userId) throws ServerException
      Description copied from interface: SecurityService
      Adds a user to a group
      Specified by:
      addUserToGroup in interface SecurityService
      Parameters:
      groupId - identifier of the group
      userId - identifier of the user
      Throws:
      ServerException - error generated in the server application

    • deleteGroup

      public void deleteGroup(long groupId) throws ServerException
      Description copied from interface: SecurityService
      Deletes a given group
      Specified by:
      deleteGroup in interface SecurityService
      Parameters:
      groupId - identifier of the group
      Throws:
      ServerException - error generated in the server application

    • deleteUser

      public void deleteUser(long userId) throws ServerException
      Description copied from interface: SecurityService
      Deletes a given user
      Specified by:
      deleteUser in interface SecurityService
      Parameters:
      userId - identifier of the user
      Throws:
      ServerException - error generated in the server application

    • getGroup

      public GUIGroup getGroup(long groupId) throws ServerException
      Description copied from interface: SecurityService
      Loads a given group from the database
      Specified by:
      getGroup in interface SecurityService
      Parameters:
      groupId - identifier of the group
      Returns:
      group retrieved from the server application
      Throws:
      ServerException - error generated in the server application

    • getUser

      public GUIUser getUser(long userId) throws ServerException
      Description copied from interface: SecurityService
      Loads a given user from the database
      Specified by:
      getUser in interface SecurityService
      Parameters:
      userId - identifier of the user
      Returns:
      the user retrieved from the server application
      Throws:
      ServerException - error generated in the server application

    • removeFromGroup

      public void removeFromGroup(long groupId, List<Long> userIds) throws ServerException
      Description copied from interface: SecurityService
      Removes users from a group
      Specified by:
      removeFromGroup in interface SecurityService
      Parameters:
      groupId - identifier of the group
      userIds - user identifiers
      Throws:
      ServerException - error generated in the server application

    • saveGroup

      public GUIGroup saveGroup(GUIGroup group) throws ServerException
      Description copied from interface: SecurityService
      Creates or updates a group
      Specified by:
      saveGroup in interface SecurityService
      Parameters:
      group - the group to save
      Returns:
      the updated group
      Throws:
      ServerException - error generated in the server application

    • saveUser

      public GUIUser saveUser(GUIUser guiUser, GUIInfo info) throws ServerException
      Description copied from interface: SecurityService
      Creates or updates a user
      Specified by:
      saveUser in interface SecurityService
      Parameters:
      guiUser - the user to save
      info - informations about the User Interface
      Returns:
      the saved user
      Throws:
      ServerException - error generated in the server application

    • saveProfile

      public GUIUser saveProfile(GUIUser guiUser) throws ServerException
      Description copied from interface: SecurityService
      Saves the profile data only
      Specified by:
      saveProfile in interface SecurityService
      Parameters:
      guiUser - the user to save
      Returns:
      the updated user
      Throws:
      ServerException - error generated in the server application

    • saveInterfaceSettings

      public GUIUser saveInterfaceSettings(GUIUser user) throws ServerException
      Description copied from interface: SecurityService
      Saves the interface settings only
      Specified by:
      saveInterfaceSettings in interface SecurityService
      Parameters:
      user - the user to save
      Returns:
      the updated user
      Throws:
      ServerException - error generated in the server application

    • kill

      public void kill(String sid)
      Description copied from interface: SecurityService
      Kill the session with the given sid
      Specified by:
      kill in interface SecurityService
      Parameters:
      sid - identifier of the session

    • loadSettings

      public GUISecuritySettings loadSettings() throws ServerException
      Description copied from interface: SecurityService
      Loads security settings
      Specified by:
      loadSettings in interface SecurityService
      Returns:
      the security settings
      Throws:
      ServerException - error generated in the server application

    • saveSettings

      public boolean saveSettings(GUISecuritySettings settings) throws ServerException
      Description copied from interface: SecurityService
      Saves security settings
      Specified by:
      saveSettings in interface SecurityService
      Parameters:
      settings - settings about security
      Returns:
      True if the application has to be restarted
      Throws:
      ServerException - error generated in the server application

    • saveACL

      public void saveACL(GUIMenu menu) throws ServerException
      Description copied from interface: SecurityService
      Applies all security settings to menu
      Specified by:
      saveACL in interface SecurityService
      Parameters:
      menu - the menu
      Throws:
      ServerException - error generated in the server application

    • deleteMenu

      public void deleteMenu(long menuId) throws ServerException
      Description copied from interface: SecurityService
      Deletes a menu but only if is not a legacy menu (type not 0)
      Specified by:
      deleteMenu in interface SecurityService
      Parameters:
      menuId - the menu to delete
      Throws:
      ServerException - error generated in the server application

    • saveMenus

      public void saveMenus(List<GUIMenu> menus, String locale) throws ServerException
      Description copied from interface: SecurityService
      Saves a set of menus
      Specified by:
      saveMenus in interface SecurityService
      Parameters:
      menus - the menus to save
      locale - currently selected locale
      Throws:
      ServerException - error generated in the server application

    • saveMenu

      public GUIMenu saveMenu(GUIMenu guiMenu, String locale) throws ServerException
      Description copied from interface: SecurityService
      Saves a menu
      Specified by:
      saveMenu in interface SecurityService
      Parameters:
      guiMenu - the menu to save
      locale - currently selected locale
      Returns:
      the saved menu
      Throws:
      ServerException - error generated in the server application

    • getMenus

      public List<GUIMenu> getMenus(long parentId, String locale, boolean enabledOnly) throws ServerException
      Description copied from interface: SecurityService
      Retrieves the accessible menus children of a given parent
      Specified by:
      getMenus in interface SecurityService
      Parameters:
      parentId - identifier of the parent menu
      locale - currently selected locale
      enabledOnly - to retrieve just the enabled menus
      Returns:
      the accessible children
      Throws:
      ServerException - error generated in the server application

    • getMenu

      public GUIMenu getMenu(long menuId, String locale) throws ServerException
      Description copied from interface: SecurityService
      Retrieves the specified menu
      Specified by:
      getMenu in interface SecurityService
      Parameters:
      menuId - identifier of the menu
      locale - currently selected locale
      Returns:
      the menu retrieved from the server application
      Throws:
      ServerException - error generated in the server application

    • searchUsers

      public List<GUIUser> searchUsers(String username, String groupId) throws ServerException
      Description copied from interface: SecurityService
      Searches for users
      Specified by:
      searchUsers in interface SecurityService
      Parameters:
      username - The username used in the like operator (optional)
      groupId - The group ID (optional)
      Returns:
      Array of found users
      Throws:
      ServerException - error generated in the server application

    • loadBlockedEntities

      public List<GUISequence> loadBlockedEntities() throws ServerException
      Description copied from interface: SecurityService
      Retrieves the list of actually blocked usernames and IPs detected as Brute Force Attack
      Specified by:
      loadBlockedEntities in interface SecurityService
      Returns:
      the array of blocked usernames and IPs
      Throws:
      ServerException - error generated in the server application

    • removeBlockedEntities

      public void removeBlockedEntities(List<Long> ids) throws ServerException
      Description copied from interface: SecurityService
      Removes blocked entries detected as Brute Force Attack
      Specified by:
      removeBlockedEntities in interface SecurityService
      Parameters:
      ids - identifiers of entities from the BFA list
      Throws:
      ServerException - error generated in the server application

    • replicateUsersSettings

      public void replicateUsersSettings(long masterUserId, List<Long> userIds, boolean gui, boolean groups) throws ServerException
      Description copied from interface: SecurityService
      Replicates the settings of a given user to a selection of other users
      Specified by:
      replicateUsersSettings in interface SecurityService
      Parameters:
      masterUserId - identifier of the user with the settings you want to replicate
      userIds - identifiers of the users to replicate the settings to
      gui - if the user interface settings must be replicated
      groups - if the groups must be replicated(the read-only users will not be affected by this flag)
      Throws:
      ServerException - error generated in the server application

    • updateDeviceLabel

      public void updateDeviceLabel(long deviceId, String label) throws ServerException
      Description copied from interface: SecurityService
      Updates the label of a device
      Specified by:
      updateDeviceLabel in interface SecurityService
      Parameters:
      deviceId - identifier of the device to update
      label - label to assign to the current device
      Throws:
      ServerException - error generated in the server application

    • trustDevice

      public String trustDevice(String label) throws ServerException
      Description copied from interface: SecurityService
      Permanently trusts the current device for the current user
      Specified by:
      trustDevice in interface SecurityService
      Parameters:
      label - optional label to assign to the current device
      Returns:
      the ID of the trusted device
      Throws:
      ServerException - error generated in the server application

    • isTrustedDevice

      public Boolean isTrustedDevice(String deviceId) throws ServerException
      Description copied from interface: SecurityService
      Check if the saved device ID is trusted for the current user
      Specified by:
      isTrustedDevice in interface SecurityService
      Parameters:
      deviceId - identifier of the device
      Returns:
      if the device is trusted or not
      Throws:
      ServerException - error generated in the server application

    • deleteTrustedDevices

      public void deleteTrustedDevices(List<Long> ids) throws ServerException
      Description copied from interface: SecurityService
      Deletes a set of trusted devices for the current user
      Specified by:
      deleteTrustedDevices in interface SecurityService
      Parameters:
      ids - identifiers of the devices to delete
      Throws:
      ServerException - error generated in the server application

    • syncGeolocationDB

      public String syncGeolocationDB(String key) throws ServerException
      Description copied from interface: SecurityService
      Downloads the most recent version of the Geolocation database
      Specified by:
      syncGeolocationDB in interface SecurityService
      Parameters:
      key - the API key
      Returns:
      the current database version
      Throws:
      ServerException - error generated in the server application

    • saveAvatar

      public void saveAvatar(long userId) throws ServerException
      Description copied from interface: SecurityService
      Saves an uploaded image as the user's avatar
      Specified by:
      saveAvatar in interface SecurityService
      Parameters:
      userId - Identifier of the user
      Throws:
      ServerException - error generated in the server application

    • resetAvatar

      public void resetAvatar(long userId) throws ServerException
      Description copied from interface: SecurityService
      Resets the avatar to the default one
      Specified by:
      resetAvatar in interface SecurityService
      Parameters:
      userId - Identifier of the user
      Throws:
      ServerException - error generated in the server application

    • cloneWorkTimes

      public void cloneWorkTimes(long srcUserId, List<Long> userIds, List<Long> groupIds) throws ServerException
      Description copied from interface: SecurityService
      Clones a work time to a set of other users
      Specified by:
      cloneWorkTimes in interface SecurityService
      Parameters:
      srcUserId - identifier of the user with the work time you want to clone
      userIds - direct ids of users to clone the working time to
      groupIds - the groups of users to clone the working time to
      Throws:
      ServerException - generic error

    • changeStatus

      public void changeStatus(long userId, boolean enabled) throws ServerException
      Description copied from interface: SecurityService
      Changes the status of a user
      Specified by:
      changeStatus in interface SecurityService
      Parameters:
      userId - The user Identifier
      enabled - If the user must be enabled or not
      Throws:
      ServerException - error generated in the server application

    • generatePassword

      public String generatePassword() throws InvalidSessionServerException
      Description copied from interface: SecurityService
      Generates a password using the configured policies.
      Specified by:
      generatePassword in interface SecurityService
      Returns:
      the generated password
      Throws:
      InvalidSessionServerException

    • generatePassword2

      public String generatePassword2(int length, int uppercaseChars, int lowercaseChars, int digits, int specialChars, int maxSequenceSize, int maxOccurrences)
      Description copied from interface: SecurityService
      Generates a password
      Specified by:
      generatePassword2 in interface SecurityService
      Parameters:
      length - dimension of the password
      uppercaseChars - minimum number of upper case chars
      lowercaseChars - minimum number of lower case chars
      digits - minimum number of digits
      specialChars - minimum number of special chars
      maxSequenceSize - maximum size of a sequence
      maxOccurrences - maximum number of occurrences of the same char
      Returns:
      the generated password

    • validatePassword

      public List<String> validatePassword(String password, int minLength, int uppercaseChars, int lowercaseChars, int digits, int specialChars, int maxSequenceSize, int maxOccurrences)
      Description copied from interface: SecurityService
      Validates a password
      Specified by:
      validatePassword in interface SecurityService
      Parameters:
      password - the password to validate
      minLength - dimension of the password
      uppercaseChars - minimum number of upper case chars
      lowercaseChars - minimum number of lower case chars
      digits - minimum number of digits
      specialChars - minimum number of special chars
      maxSequenceSize - maximum size of a sequence
      maxOccurrences - maximum number of occurrences of the same char
      Returns:
      the reasons for the failure or empty

    • createApiKey

      public String createApiKey(String name) throws ServerException
      Description copied from interface: SecurityService
      Creates a new API Key for the current user
      Specified by:
      createApiKey in interface SecurityService
      Parameters:
      name - The name to give to the new key
      Returns:
      The newly generated key
      Throws:
      ServerException - error generated in the server application

    • deleteApiKey

      public void deleteApiKey(long keyId) throws ServerException
      Description copied from interface: SecurityService
      Deletes an API Key
      Specified by:
      deleteApiKey in interface SecurityService
      Parameters:
      keyId - Identifier of the API Key
      Throws:
      ServerException - error generated in the server application

    • updateApiKey

      public void updateApiKey(long keyId, String newName) throws ServerException
      Description copied from interface: SecurityService
      Updates an API Key
      Specified by:
      updateApiKey in interface SecurityService
      Parameters:
      keyId - Identifier of the API Key
      newName - The new name to assign
      Throws:
      ServerException - error generated in the server application