Java Code Examples for org.flowable.idm.api.User#setPassword()

The following examples show how to use org.flowable.idm.api.User#setPassword() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: PasswordEncoderTest.java    From flowable-engine with Apache License 2.0 6 votes vote down vote up
@Test
public void testSaltPasswordEncoderInstance() {
    PasswordEncoder passwordEncoder = idmEngineConfiguration.getPasswordEncoder();
    idmEngineConfiguration.setPasswordEncoder(new ApacheDigester(Digester.MD5));

    User user = idmIdentityService.newUser("johndoe");
    user.setPassword("xxx");
    idmIdentityService.saveUser(user);

    String noSalt = idmIdentityService.createUserQuery().userId("johndoe").list().get(0).getPassword();
    assertThat(idmIdentityService.checkPassword("johndoe", "xxx")).isTrue();
    idmIdentityService.deleteUser("johndoe");

    idmEngineConfiguration.setPasswordSalt(new PasswordSaltImpl("salt"));
    user = idmIdentityService.newUser("johndoe1");
    user.setPassword("xxx");
    idmIdentityService.saveUser(user);

    String salt = idmIdentityService.createUserQuery().userId("johndoe1").list().get(0).getPassword();
    assertThat(idmIdentityService.checkPassword("johndoe1", "xxx")).isTrue();

    assertThat(salt).isNotEqualTo(noSalt);
    idmIdentityService.deleteUser("johndoe1");

    idmEngineConfiguration.setPasswordEncoder(passwordEncoder);
}
 
Example 2
Source File: BaseSpringRestTestCase.java    From flowable-engine with Apache License 2.0 6 votes vote down vote up
protected void createUsers() {
    User user = identityService.newUser("kermit");
    user.setFirstName("Kermit");
    user.setLastName("the Frog");
    user.setPassword("kermit");
    identityService.saveUser(user);

    Group group = identityService.newGroup("admin");
    group.setName("Administrators");
    identityService.saveGroup(group);
    
    identityService.createMembership(user.getId(), group.getId());
    
    user = identityService.newUser("aSalesUser");
    user.setFirstName("Sales");
    user.setLastName("User");
    user.setPassword("sales");
    identityService.saveUser(user);
    
    Group salesGroup = identityService.newGroup("sales");
    salesGroup.setName("Administrators");
    identityService.saveGroup(salesGroup);
    
    identityService.createMembership(user.getId(), salesGroup.getId());
}
 
Example 3
Source File: CreateUserAndMembershipTestDelegate.java    From flowable-engine with Apache License 2.0 6 votes vote down vote up
@Override
public void execute(DelegateExecution execution) {

    IdentityService identityService = Context.getProcessEngineConfiguration().getIdentityService();

    String username = "Kermit";
    User user = identityService.newUser(username);
    user.setPassword("123");
    user.setFirstName("Manually");
    user.setLastName("created");
    identityService.saveUser(user);

    // Add admin group
    Group group = identityService.newGroup("admin");
    identityService.saveGroup(group);

    identityService.createMembership(username, "admin");
}
 
Example 4
Source File: FlowableIdmApplicationSecurityTest.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
private void createTestUser(IdmIdentityService idmIdentityService) {
    User user = idmIdentityService.newUser("test-user");
    user.setPassword("test");
    idmIdentityService.saveUser(user);

    User idm = idmIdentityService.newUser("test-idm");
    idm.setPassword("test");
    idmIdentityService.saveUser(idm);

    User rest = idmIdentityService.newUser("test-rest");
    rest.setPassword("test");
    idmIdentityService.saveUser(rest);

    User admin = idmIdentityService.newUser("test-admin");
    admin.setPassword("test");
    idmIdentityService.saveUser(admin);

    Privilege adminAccess = idmIdentityService.createPrivilegeQuery().privilegeName(DefaultPrivileges.ACCESS_ADMIN).singleResult();
    if (adminAccess == null) {
        adminAccess = idmIdentityService.createPrivilege(DefaultPrivileges.ACCESS_ADMIN);
    }

    idmIdentityService.addUserPrivilegeMapping(adminAccess.getId(), "test-admin");

    Privilege idmAccess = idmIdentityService.createPrivilegeQuery().privilegeName(DefaultPrivileges.ACCESS_IDM).singleResult();
    if (idmAccess == null) {
        idmAccess = idmIdentityService.createPrivilege(DefaultPrivileges.ACCESS_IDM);
    }

    idmIdentityService.addUserPrivilegeMapping(idmAccess.getId(), "test-idm");

    Privilege restAccess = idmIdentityService.createPrivilegeQuery().privilegeName(DefaultPrivileges.ACCESS_REST_API).singleResult();
    if (restAccess == null) {
        restAccess = idmIdentityService.createPrivilege(DefaultPrivileges.ACCESS_REST_API);
    }

    idmIdentityService.addUserPrivilegeMapping(restAccess.getId(), "test-rest");
}
 
Example 5
Source File: UserResource.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
@ApiOperation(value = "Update a user", tags = { "Users" }, notes = "All request values are optional. "
        + "For example, you can only include the firstName attribute in the request body JSON-object, only updating the firstName of the user, leaving all other fields unaffected. "
        + "When an attribute is explicitly included and is set to null, the user-value will be updated to null. "
        + "Example: {\"firstName\" : null} will clear the firstName of the user).")
@ApiResponses(value = {
        @ApiResponse(code = 200, message = "Indicates the user was updated."),
        @ApiResponse(code = 404, message = "Indicates the requested user was not found."),
        @ApiResponse(code = 409, message = "Indicates the requested user was updated simultaneously.")
})
@PutMapping(value = "/identity/users/{userId}", produces = "application/json")
public UserResponse updateUser(@ApiParam(name = "userId") @PathVariable String userId, @RequestBody UserRequest userRequest, HttpServletRequest request) {
    User user = getUserFromRequest(userId);
    if (userRequest.isEmailChanged()) {
        user.setEmail(userRequest.getEmail());
    }
    if (userRequest.isFirstNameChanged()) {
        user.setFirstName(userRequest.getFirstName());
    }
    if (userRequest.isDisplayNameChanged()) {
        user.setDisplayName(userRequest.getDisplayName());
    }
    if (userRequest.isLastNameChanged()) {
        user.setLastName(userRequest.getLastName());
    }
    if (userRequest.isPasswordChanged()) {
        user.setPassword(userRequest.getPassword());
        identityService.updateUserPassword(user);
    } else {
        identityService.saveUser(user);
    }

    return restResponseFactory.createUserResponse(user, false);
}
 
Example 6
Source File: SecurityAutoConfigurationTest.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
protected User user(String userName, String f, String l) {
    User u = identityService.newUser(userName);
    u.setFirstName(f);
    u.setLastName(l);
    u.setPassword("password");
    identityService.saveUser(u);
    return u;
}
 
Example 7
Source File: UserCollectionResource.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
@ApiOperation(value = "Create a user", tags = { "Users" })
@ApiResponses(value = {
        @ApiResponse(code = 201, message = "Indicates the user was created."),
        @ApiResponse(code = 400, message = "Indicates the id of the user was missing.")

})
@PostMapping(value = "/identity/users", produces = "application/json")
public UserResponse createUser(@RequestBody UserRequest userRequest, HttpServletRequest request, HttpServletResponse response) {
    if (userRequest.getId() == null) {
        throw new FlowableIllegalArgumentException("Id cannot be null.");
    }
    
    if (restApiInterceptor != null) {
        restApiInterceptor.createUser(userRequest);
    }

    // Check if a user with the given ID already exists so we return a CONFLICT
    if (identityService.createUserQuery().userId(userRequest.getId()).count() > 0) {
        throw new FlowableConflictException("A user with id '" + userRequest.getId() + "' already exists.");
    }

    User created = identityService.newUser(userRequest.getId());
    created.setEmail(userRequest.getEmail());
    created.setFirstName(userRequest.getFirstName());
    created.setLastName(userRequest.getLastName());
    created.setDisplayName(userRequest.getDisplayName());
    created.setPassword(userRequest.getPassword());
    created.setTenantId(userRequest.getTenantId());
    identityService.saveUser(created);

    response.setStatus(HttpStatus.CREATED.value());

    return restResponseFactory.createUserResponse(created, true);
}
 
Example 8
Source File: Sample15RestApplication.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
@Bean
public CommandLineRunner usersAndGroupsInitializer(final IdentityService identityService) {
    return args -> {
        // install groups & users
        Group group = identityService.newGroup("user");
        group.setName("users");
        group.setType("security-role");
        identityService.saveGroup(group);

        User joram = identityService.newUser("jbarrez");
        joram.setFirstName("Joram");
        joram.setLastName("Barrez");
        joram.setPassword("password");
        identityService.saveUser(joram);

        User filip = identityService.newUser("filiphr");
        filip.setFirstName("Filip");
        filip.setLastName("Hrisafov");
        filip.setPassword("password");
        identityService.saveUser(filip);

        User josh = identityService.newUser("jlong");
        josh.setFirstName("Josh");
        josh.setLastName("Long");
        josh.setPassword("password");
        identityService.saveUser(josh);

        identityService.createMembership("jbarrez", "user");
        identityService.createMembership("filiphr", "user");
        identityService.createMembership("jlong", "user");
    };
}
 
Example 9
Source File: SerializableVariablesDiabledTest.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
@Before
public void setupServer() {
    if (serverUrlPrefix == null) {
        TestServer testServer = TestServerUtil.createAndStartServer(ObjectVariableSerializationDisabledApplicationConfiguration.class);
        serverUrlPrefix = testServer.getServerUrlPrefix();

        this.repositoryService = testServer.getApplicationContext().getBean(RepositoryService.class);
        this.runtimeService = testServer.getApplicationContext().getBean(RuntimeService.class);
        this.identityService = testServer.getApplicationContext().getBean(IdentityService.class);
        this.taskService = testServer.getApplicationContext().getBean(TaskService.class);

        User user = identityService.newUser("kermit");
        user.setFirstName("Kermit");
        user.setLastName("the Frog");
        user.setPassword("kermit");
        identityService.saveUser(user);

        Group group = identityService.newGroup("admin");
        group.setName("Administrators");
        identityService.saveGroup(group);

        identityService.createMembership(user.getId(), group.getId());

        this.testUserId = user.getId();
        this.testGroupId = group.getId();
    }
}
 
Example 10
Source File: UserResource.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
@ApiOperation(value = "Update a user", tags = { "Users" }, notes = "All request values are optional. "
        + "For example, you can only include the firstName attribute in the request body JSON-object, only updating the firstName of the user, leaving all other fields unaffected. "
        + "When an attribute is explicitly included and is set to null, the user-value will be updated to null. "
        + "Example: {\"firstName\" : null} will clear the firstName of the user).")
@ApiResponses(value = {
        @ApiResponse(code = 200, message = "Indicates the user was updated."),
        @ApiResponse(code = 404, message = "Indicates the requested user was not found."),
        @ApiResponse(code = 409, message = "Indicates the requested user was updated simultaneously.")
})
@PutMapping(value = "/users/{userId}", produces = "application/json")
public UserResponse updateUser(@ApiParam(name = "userId") @PathVariable String userId, @RequestBody UserRequest userRequest, HttpServletRequest request) {
    User user = getUserFromRequest(userId);
    if (userRequest.isEmailChanged()) {
        user.setEmail(userRequest.getEmail());
    }
    if (userRequest.isFirstNameChanged()) {
        user.setFirstName(userRequest.getFirstName());
    }
    if (userRequest.isLastNameChanged()) {
        user.setLastName(userRequest.getLastName());
    }
    if (userRequest.isDisplayNameChanged()) {
        user.setDisplayName(userRequest.getDisplayName());
    }
    if (userRequest.isPasswordChanged()) {
        user.setPassword(userRequest.getPassword());
        identityService.updateUserPassword(user);
    } else {
        identityService.saveUser(user);
    }

    return restResponseFactory.createUserResponse(user, false);
}
 
Example 11
Source File: SpringPasswordEncoderTest.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
private void validatePassword() {
    User user = autoWiredIdmIdentityService.newUser("johndoe");
    user.setPassword("xxx");
    autoWiredIdmIdentityService.saveUser(user);

    User johndoe = autoWiredIdmIdentityService.createUserQuery().userId("johndoe").list().get(0);
    LOGGER.info("Hash Password = {}", johndoe.getPassword());

    assertThat(johndoe.getPassword()).isNotEqualTo("xxx");
    assertThat(autoWiredIdmIdentityService.checkPassword("johndoe", "xxx")).isTrue();
    assertThat(autoWiredIdmIdentityService.checkPassword("johndoe", "invalid pwd")).isFalse();

    autoWiredIdmIdentityService.deleteUser("johndoe");

}
 
Example 12
Source File: SpringIdmTransactionsTest.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
@Override
public void execute(DelegateExecution execution) {

    ManagementService managementService = Context.getProcessEngineConfiguration().getManagementService();
    managementService.executeCommand(new Command<Void>() {

        @Override
        public Void execute(CommandContext commandContext) {
            return null;
        }
    });

    IdentityService identityService = Context.getProcessEngineConfiguration().getIdentityService();

    String username = "Kermit";
    User user = identityService.newUser(username);
    user.setPassword("123");
    user.setFirstName("Manually");
    user.setLastName("created");
    identityService.saveUser(user);

    // Add admin group
    Group group = identityService.newGroup("admin");
    identityService.saveGroup(group);

    identityService.createMembership(username, "admin");
}
 
Example 13
Source File: BaseSpringRestTestCase.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
protected void createUsers() {
    User user = idmIdentityService.newUser("kermit");
    user.setFirstName("Kermit");
    user.setLastName("the Frog");
    user.setPassword("kermit");
    idmIdentityService.saveUser(user);

    Group group = idmIdentityService.newGroup("admin");
    group.setName("Administrators");
    idmIdentityService.saveGroup(group);

    idmIdentityService.createMembership(user.getId(), group.getId());
}
 
Example 14
Source File: ProfileServiceImpl.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
public void changePassword(String originalPassword, String newPassword) {
    User user = identityService.createUserQuery().userId(SecurityUtils.getCurrentUserId()).singleResult();
    if (!user.getPassword().equals(originalPassword)) {
        throw new NotFoundException();
    }
    user.setPassword(newPassword);
    identityService.updateUserPassword(user);
}
 
Example 15
Source File: UserServiceImpl.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
@Override
public User createNewUser(String id, String firstName, String lastName, String email, String password, String tenantId) {
    if (StringUtils.isBlank(id) ||
        StringUtils.isBlank(password) ||
        StringUtils.isBlank(firstName)) {
        throw new BadRequestException("Id, password and first name are required");
    }

    if (StringUtils.isNotBlank(email) && identityService.createUserQuery().userEmail(email).count() > 0) {
        throw new ConflictingRequestException("User already registered", "ACCOUNT.SIGNUP.ERROR.ALREADY-REGISTERED");
    }
    
    if (identityService.createUserQuery().userId(id).count() > 0) {
        throw new ConflictingRequestException("User already registered", "ACCOUNT.SIGNUP.ERROR.ALREADY-REGISTERED");
    }

    User user = identityService.newUser(id);
    user.setFirstName(firstName);
    user.setLastName(lastName);
    user.setEmail(email);
    user.setTenantId(tenantId);
    identityService.saveUser(user);

    User savedUser = identityService.createUserQuery().userId(id).singleResult();
    savedUser.setPassword(password);
    identityService.updateUserPassword(savedUser);

    return user;
}
 
Example 16
Source File: FlowableUserDetailsServiceTest.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
private User createUser(String id, String firstName, String lastName, String displayName, String email) {
    User user = idmIdentityService.newUser(id);
    user.setFirstName(firstName);
    user.setLastName(lastName);
    user.setDisplayName(displayName);
    user.setEmail(email);
    user.setPassword(id);
    idmIdentityService.saveUser(user);
    return user;
}
 
Example 17
Source File: BaseSpringRestTestCase.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
protected void createUsers() {
    User user = identityService.newUser("kermit");
    user.setFirstName("Kermit");
    user.setLastName("the Frog");
    user.setPassword("kermit");
    identityService.saveUser(user);

    Group group = identityService.newGroup("admin");
    group.setName("Administrators");
    identityService.saveGroup(group);

    identityService.createMembership(user.getId(), group.getId());
}
 
Example 18
Source File: PasswordEncoderTest.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
private void validatePassword() {
    User user = idmIdentityService.newUser("johndoe");
    user.setPassword("xxx");
    idmIdentityService.saveUser(user);

    User johndoe = idmIdentityService.createUserQuery().userId("johndoe").list().get(0);
    LOGGER.info("Hash Password = {}", johndoe.getPassword());

    assertThat(johndoe.getPassword()).isNotEqualTo("xxx");
    assertThat(idmIdentityService.checkPassword("johndoe", "xxx")).isTrue();
    assertThat(idmIdentityService.checkPassword("johndoe", "invalid pwd")).isFalse();

    idmIdentityService.deleteUser("johndoe");
}
 
Example 19
Source File: FlowableIdmApplicationDefaultAuthenticationTest.java    From flowable-engine with Apache License 2.0 4 votes vote down vote up
private void createTestUser(IdmIdentityService idmIdentityService) {
    User user = idmIdentityService.newUser("my-admin");
    user.setPassword("my-pass");
    idmIdentityService.saveUser(user);
}
 
Example 20
Source File: FlowableRestApplicationSecurityTest.java    From flowable-engine with Apache License 2.0 4 votes vote down vote up
private void createTestUser(IdmIdentityService idmIdentityService) {
    User user = idmIdentityService.newUser("test-user");
    user.setPassword("test");
    idmIdentityService.saveUser(user);
}