1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.syncope.core.logic;
20
21 import java.lang.reflect.Method;
22 import java.util.List;
23 import java.util.stream.Collectors;
24 import org.apache.commons.lang3.ArrayUtils;
25 import org.apache.syncope.common.lib.to.SecurityQuestionTO;
26 import org.apache.syncope.common.lib.types.IdRepoEntitlement;
27 import org.apache.syncope.core.persistence.api.dao.NotFoundException;
28 import org.apache.syncope.core.persistence.api.dao.SecurityQuestionDAO;
29 import org.apache.syncope.core.persistence.api.dao.UserDAO;
30 import org.apache.syncope.core.persistence.api.entity.user.SecurityQuestion;
31 import org.apache.syncope.core.persistence.api.entity.user.User;
32 import org.apache.syncope.core.provisioning.api.data.SecurityQuestionDataBinder;
33 import org.springframework.security.access.prepost.PreAuthorize;
34 import org.springframework.transaction.annotation.Transactional;
35
36 public class SecurityQuestionLogic extends AbstractTransactionalLogic<SecurityQuestionTO> {
37
38 protected final SecurityQuestionDAO securityQuestionDAO;
39
40 protected final UserDAO userDAO;
41
42 protected final SecurityQuestionDataBinder binder;
43
44 public SecurityQuestionLogic(
45 final SecurityQuestionDAO securityQuestionDAO,
46 final UserDAO userDAO,
47 final SecurityQuestionDataBinder binder) {
48
49 this.securityQuestionDAO = securityQuestionDAO;
50 this.userDAO = userDAO;
51 this.binder = binder;
52 }
53
54 @PreAuthorize("isAuthenticated()")
55 @Transactional(readOnly = true)
56 public List<SecurityQuestionTO> list() {
57 return securityQuestionDAO.findAll().stream().map(binder::getSecurityQuestionTO).collect(Collectors.toList());
58 }
59
60 @PreAuthorize("hasRole('" + IdRepoEntitlement.SECURITY_QUESTION_READ + "')")
61 @Transactional(readOnly = true)
62 public SecurityQuestionTO read(final String key) {
63 SecurityQuestion securityQuestion = securityQuestionDAO.find(key);
64 if (securityQuestion == null) {
65 LOG.error("Could not find security question '" + key + '\'');
66
67 throw new NotFoundException(key);
68 }
69
70 return binder.getSecurityQuestionTO(securityQuestion);
71 }
72
73 @PreAuthorize("hasRole('" + IdRepoEntitlement.SECURITY_QUESTION_CREATE + "')")
74 public SecurityQuestionTO create(final SecurityQuestionTO securityQuestionTO) {
75 return binder.getSecurityQuestionTO(securityQuestionDAO.save(binder.create(securityQuestionTO)));
76 }
77
78 @PreAuthorize("hasRole('" + IdRepoEntitlement.SECURITY_QUESTION_UPDATE + "')")
79 public SecurityQuestionTO update(final SecurityQuestionTO securityQuestionTO) {
80 SecurityQuestion securityQuestion = securityQuestionDAO.find(securityQuestionTO.getKey());
81 if (securityQuestion == null) {
82 LOG.error("Could not find security question '" + securityQuestionTO.getKey() + '\'');
83
84 throw new NotFoundException(securityQuestionTO.getKey());
85 }
86
87 binder.update(securityQuestion, securityQuestionTO);
88 securityQuestion = securityQuestionDAO.save(securityQuestion);
89
90 return binder.getSecurityQuestionTO(securityQuestion);
91 }
92
93 @PreAuthorize("hasRole('" + IdRepoEntitlement.SECURITY_QUESTION_DELETE + "')")
94 public SecurityQuestionTO delete(final String key) {
95 SecurityQuestion securityQuestion = securityQuestionDAO.find(key);
96 if (securityQuestion == null) {
97 LOG.error("Could not find security question '" + key + '\'');
98
99 throw new NotFoundException(key);
100 }
101
102 SecurityQuestionTO deleted = binder.getSecurityQuestionTO(securityQuestion);
103 securityQuestionDAO.delete(key);
104 return deleted;
105 }
106
107 @PreAuthorize("hasRole('" + IdRepoEntitlement.ANONYMOUS + "')")
108 public SecurityQuestionTO readByUser(final String username) {
109 if (username == null) {
110 throw new NotFoundException("Null username");
111 }
112 User user = userDAO.findByUsername(username);
113 if (user == null) {
114 throw new NotFoundException("User " + username);
115 }
116
117 if (user.getSecurityQuestion() == null) {
118 LOG.error("Could not find security question for user '" + username + '\'');
119
120 throw new NotFoundException("Security question for user " + username);
121 }
122
123 return binder.getSecurityQuestionTO(user.getSecurityQuestion());
124 }
125
126 @Override
127 protected SecurityQuestionTO resolveReference(final Method method, final Object... args)
128 throws UnresolvedReferenceException {
129
130 String key = null;
131
132 if (ArrayUtils.isNotEmpty(args)) {
133 for (int i = 0; key == null && i < args.length; i++) {
134 if (args[i] instanceof String) {
135 key = (String) args[i];
136 } else if (args[i] instanceof SecurityQuestionTO) {
137 key = ((SecurityQuestionTO) args[i]).getKey();
138 }
139 }
140 }
141
142 if (key != null) {
143 try {
144 return binder.getSecurityQuestionTO(securityQuestionDAO.find(key));
145 } catch (Throwable ignore) {
146 LOG.debug("Unresolved reference", ignore);
147 throw new UnresolvedReferenceException(ignore);
148 }
149 }
150
151 throw new UnresolvedReferenceException();
152 }
153 }