org.broadleafcommerce.openadmin.server.security.service

Class AdminSecurityServiceImpl

java.lang.Object

org.broadleafcommerce.openadmin.server.security.service.AdminSecurityServiceImpl

All Implemented Interfaces:

AdminSecurityService

@Service(value="blAdminSecurityService")
public class AdminSecurityServiceImpl
extends java.lang.Object
implements AdminSecurityService

Author:

jfischer

Field Summary

Fields

Modifier and Type	Field and Description
protected AdminRoleDao	adminRoleDao
protected AdminUserDao	adminUserDao
protected EmailService	emailService
protected ForgotPasswordSecurityTokenDao	forgotPasswordSecurityTokenDao
protected org.springframework.security.authentication.encoding.PasswordEncoder	passwordEncoder
protected EmailInfo	resetPasswordEmailInfo
protected java.lang.String	resetPasswordURL
protected java.lang.String	salt Optional password salt to be used with the passwordEncoder
protected EmailInfo	sendUsernameEmailInfo
protected int	tokenExpiredMinutes

Constructor Summary

Constructors

Constructor and Description
AdminSecurityServiceImpl()

Method Summary

Modifier and Type	Method and Description
AdminUser	changePassword(PasswordChange passwordChange)
GenericResponse	changePassword(java.lang.String username, java.lang.String oldPassword, java.lang.String password, java.lang.String confirmPassword)
protected void	checkExistingPassword(java.lang.String password, AdminUser user, GenericResponse response)
protected void	checkPassword(java.lang.String password, java.lang.String confirmPassword, GenericResponse response)
protected void	checkUser(AdminUser user, GenericResponse response)
void	deleteAdminPermission(AdminPermission permission)
void	deleteAdminRole(AdminRole role)
void	deleteAdminUser(AdminUser user)
boolean	doesOperationExistForCeilingEntity(PermissionType permissionType, java.lang.String ceilingEntityFullyQualifiedName)
static int	getPASSWORD_TOKEN_LENGTH()
EmailInfo	getResetPasswordEmailInfo()
java.lang.String	getResetPasswordURL()
java.lang.String	getSalt()
java.lang.String	getSalt(AdminUser user) Optionally provide a salt based on a a specific AdminUser.
EmailInfo	getSendUsernameEmailInfo()
int	getTokenExpiredMinutes()
protected boolean	isTokenExpired(ForgotPasswordSecurityToken fpst)
boolean	isUserQualifiedForOperationOnCeilingEntity(AdminUser adminUser, PermissionType permissionType, java.lang.String ceilingEntityFullyQualifiedName)
AdminPermission	readAdminPermissionById(java.lang.Long id)
AdminRole	readAdminRoleById(java.lang.Long id)
AdminUser	readAdminUserById(java.lang.Long id)
AdminUser	readAdminUserByUserName(java.lang.String userName)
java.util.List<AdminPermission>	readAllAdminPermissions()
java.util.List<AdminRole>	readAllAdminRoles()
java.util.List<AdminUser>	readAllAdminUsers()
GenericResponse	resetPasswordUsingToken(java.lang.String username, java.lang.String token, java.lang.String password, java.lang.String confirmPassword) Updates the password for the passed in user only if the passed in token is valid for that user.
AdminPermission	saveAdminPermission(AdminPermission permission)
AdminRole	saveAdminRole(AdminRole role)
AdminUser	saveAdminUser(AdminUser user)
GenericResponse	sendForgotUsernameNotification(java.lang.String emailAddress) Looks up the corresponding AdminUser and emails the address on file with the associated username.
GenericResponse	sendResetPasswordNotification(java.lang.String username) Generates an access token and then emails the user.
static void	setPASSWORD_TOKEN_LENGTH(int PASSWORD_TOKEN_LENGTH)
void	setResetPasswordEmailInfo(EmailInfo resetPasswordEmailInfo)
void	setResetPasswordURL(java.lang.String resetPasswordURL)
void	setSalt(java.lang.String salt)
void	setSendUsernameEmailInfo(EmailInfo sendUsernameEmailInfo)
void	setTokenExpiredMinutes(int tokenExpiredMinutes)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

adminRoleDao

protected AdminRoleDao adminRoleDao

adminUserDao

protected AdminUserDao adminUserDao

forgotPasswordSecurityTokenDao

protected ForgotPasswordSecurityTokenDao forgotPasswordSecurityTokenDao

passwordEncoder

protected org.springframework.security.authentication.encoding.PasswordEncoder passwordEncoder

salt

protected java.lang.String salt

Optional password salt to be used with the passwordEncoder

emailService

protected EmailService emailService

resetPasswordEmailInfo

protected EmailInfo resetPasswordEmailInfo

sendUsernameEmailInfo

protected EmailInfo sendUsernameEmailInfo

tokenExpiredMinutes

@Value(value="${tokenExpiredMinutes}")
protected int tokenExpiredMinutes

resetPasswordURL

@Value(value="${resetPasswordURL}")
protected java.lang.String resetPasswordURL

Constructor Detail

AdminSecurityServiceImpl

public AdminSecurityServiceImpl()

Method Detail

deleteAdminPermission

@Transactional(value="blTransactionManager")
public void deleteAdminPermission(AdminPermission permission)

Specified by:

deleteAdminPermission in interface AdminSecurityService

deleteAdminRole

@Transactional(value="blTransactionManager")
public void deleteAdminRole(AdminRole role)

Specified by:

deleteAdminRole in interface AdminSecurityService

deleteAdminUser

@Transactional(value="blTransactionManager")
public void deleteAdminUser(AdminUser user)

Specified by:

deleteAdminUser in interface AdminSecurityService

readAdminPermissionById

public AdminPermission readAdminPermissionById(java.lang.Long id)

Specified by:

readAdminPermissionById in interface AdminSecurityService

readAdminRoleById

public AdminRole readAdminRoleById(java.lang.Long id)

Specified by:

readAdminRoleById in interface AdminSecurityService

readAdminUserById

public AdminUser readAdminUserById(java.lang.Long id)

Specified by:

readAdminUserById in interface AdminSecurityService

saveAdminPermission

@Transactional(value="blTransactionManager")
public AdminPermission saveAdminPermission(AdminPermission permission)

Specified by:

saveAdminPermission in interface AdminSecurityService

saveAdminRole

@Transactional(value="blTransactionManager")
public AdminRole saveAdminRole(AdminRole role)

Specified by:

saveAdminRole in interface AdminSecurityService

saveAdminUser

@Transactional(value="blTransactionManager")
public AdminUser saveAdminUser(AdminUser user)

Specified by:

saveAdminUser in interface AdminSecurityService

changePassword

@Transactional(value="blTransactionManager")
public AdminUser changePassword(PasswordChange passwordChange)

Specified by:

changePassword in interface AdminSecurityService

isUserQualifiedForOperationOnCeilingEntity

public boolean isUserQualifiedForOperationOnCeilingEntity(AdminUser adminUser,
                                                          PermissionType permissionType,
                                                          java.lang.String ceilingEntityFullyQualifiedName)

Specified by:

isUserQualifiedForOperationOnCeilingEntity in interface AdminSecurityService

doesOperationExistForCeilingEntity

public boolean doesOperationExistForCeilingEntity(PermissionType permissionType,
                                                  java.lang.String ceilingEntityFullyQualifiedName)

Specified by:

doesOperationExistForCeilingEntity in interface AdminSecurityService

readAdminUserByUserName

public AdminUser readAdminUserByUserName(java.lang.String userName)

Specified by:

readAdminUserByUserName in interface AdminSecurityService

readAllAdminUsers

public java.util.List<AdminUser> readAllAdminUsers()

Specified by:

readAllAdminUsers in interface AdminSecurityService

readAllAdminRoles

public java.util.List<AdminRole> readAllAdminRoles()

Specified by:

readAllAdminRoles in interface AdminSecurityService

readAllAdminPermissions

public java.util.List<AdminPermission> readAllAdminPermissions()

Specified by:

readAllAdminPermissions in interface AdminSecurityService

sendForgotUsernameNotification

@Transactional(value="blTransactionManager")
public GenericResponse sendForgotUsernameNotification(java.lang.String emailAddress)

Description copied from interface: AdminSecurityService

Looks up the corresponding AdminUser and emails the address on file with the associated username.

Specified by:

sendForgotUsernameNotification in interface AdminSecurityService

Returns:

Response can contain errors including (notFound)

sendResetPasswordNotification

@Transactional(value="blTransactionManager")
public GenericResponse sendResetPasswordNotification(java.lang.String username)

Description copied from interface: AdminSecurityService

Generates an access token and then emails the user.

Specified by:

sendResetPasswordNotification in interface AdminSecurityService

Returns:

Response can contain errors including (invalidEmail, invalidUsername, inactiveUser)

resetPasswordUsingToken

@Transactional(value="blTransactionManager")
public GenericResponse resetPasswordUsingToken(java.lang.String username,
                                                                                            java.lang.String token,
                                                                                            java.lang.String password,
                                                                                            java.lang.String confirmPassword)

Description copied from interface: AdminSecurityService

Updates the password for the passed in user only if the passed in token is valid for that user.

Specified by:

resetPasswordUsingToken in interface AdminSecurityService

Parameters:

username - Name of the user

token - Valid reset token

password - new password

Returns:

Response can contain errors including (invalidUsername, inactiveUser, invalidToken, invalidPassword, tokenExpired, passwordMismatch)

checkUser

protected void checkUser(AdminUser user,
                         GenericResponse response)

checkPassword

protected void checkPassword(java.lang.String password,
                             java.lang.String confirmPassword,
                             GenericResponse response)

checkExistingPassword

protected void checkExistingPassword(java.lang.String password,
                                     AdminUser user,
                                     GenericResponse response)

isTokenExpired

protected boolean isTokenExpired(ForgotPasswordSecurityToken fpst)

getTokenExpiredMinutes

public int getTokenExpiredMinutes()

setTokenExpiredMinutes

public void setTokenExpiredMinutes(int tokenExpiredMinutes)

getPASSWORD_TOKEN_LENGTH

public static int getPASSWORD_TOKEN_LENGTH()

setPASSWORD_TOKEN_LENGTH

public static void setPASSWORD_TOKEN_LENGTH(int PASSWORD_TOKEN_LENGTH)

getResetPasswordURL

public java.lang.String getResetPasswordURL()

setResetPasswordURL

public void setResetPasswordURL(java.lang.String resetPasswordURL)

getSendUsernameEmailInfo

public EmailInfo getSendUsernameEmailInfo()

setSendUsernameEmailInfo

public void setSendUsernameEmailInfo(EmailInfo sendUsernameEmailInfo)

getResetPasswordEmailInfo

public EmailInfo getResetPasswordEmailInfo()

setResetPasswordEmailInfo

public void setResetPasswordEmailInfo(EmailInfo resetPasswordEmailInfo)

getSalt

public java.lang.String getSalt(AdminUser user)

Optionally provide a salt based on a a specific AdminUser. By default, this returns the salt property of this class

Parameters:

customer -

Returns:

See Also:

AdminSecurityServiceImpl#getSalt()}

getSalt

public java.lang.String getSalt()

setSalt

public void setSalt(java.lang.String salt)

changePassword

@Transactional(value="blTransactionManager")
public GenericResponse changePassword(java.lang.String username,
                                                                                   java.lang.String oldPassword,
                                                                                   java.lang.String password,
                                                                                   java.lang.String confirmPassword)

Specified by:

changePassword in interface AdminSecurityService