Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
S
set_password_api
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Alina Habibulina
set_password_api
Commits
a05fb38a
Commit
a05fb38a
authored
Jun 22, 2018
by
Alina Habibulina
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
fix 9
parent
687dfc70
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
48 additions
and
69 deletions
+48
-69
src/main/java/kz/arta/ext/sap/db/UserManager.java
src/main/java/kz/arta/ext/sap/db/UserManager.java
+21
-35
src/main/java/kz/arta/ext/sap/service/PasswordSetService.java
...main/java/kz/arta/ext/sap/service/PasswordSetService.java
+3
-3
src/main/java/kz/arta/ext/sap/service/SecurityInterceptor.java
...ain/java/kz/arta/ext/sap/service/SecurityInterceptor.java
+5
-5
src/main/java/kz/arta/ext/sap/service/SynergyUser.java
src/main/java/kz/arta/ext/sap/service/SynergyUser.java
+19
-26
No files found.
src/main/java/kz/arta/ext/sap/db/UserManager.java
View file @
a05fb38a
...
...
@@ -23,8 +23,9 @@ import java.sql.ResultSet;
public
class
UserManager
{
private
static
final
Logger
LOGGER
=
LoggerFactory
.
getLogger
(
UserManager
.
class
);
private
static
final
String
IS_ADMIN
=
"isadmin"
;
private
static
final
String
IS_AUTH
=
"isauth"
;
private
static
final
String
AUTH
=
"auth"
;
private
static
final
String
EXIST
=
"exist"
;
private
static
final
String
ISADMIN
=
"isadmin"
;
/**
*
...
...
@@ -34,7 +35,7 @@ public class UserManager {
*/
public
static
int
setPass
(
String
login
,
String
new_pass
)
{
if
(
UserManager
.
dbInteraction
(
login
,
null
,
"isExist"
).
get
isExist
())
{
if
(
UserManager
.
selectFromUsersQuery
(
login
,
null
,
"exist"
).
isExist
())
{
Connection
con
=
null
;
PreparedStatement
updatePassword
=
null
;
...
...
@@ -66,13 +67,12 @@ public class UserManager {
/**
*
* @param login Логин пользователя
* @param field Поле для поиска записей в базе
* @param value Значение, по которому нужно искать
* @param requestType Может принимать значения "
isadmin", "isauth", или любое другое для проверки существования пользователя
;
* @param requestType Может принимать значения "
auth", или "exist"
;
* @return Объект класса SynergyUser
*/
public
static
SynergyUser
dbInteraction
(
String
login
,
String
value
,
String
requestType
)
{
public
static
SynergyUser
selectFromUsersQuery
(
String
login
,
String
value
,
String
requestType
)
{
Connection
con
=
null
;
PreparedStatement
ps
=
null
;
ResultSet
rs
=
null
;
...
...
@@ -81,33 +81,32 @@ public class UserManager {
try
{
con
=
ConnectionPool
.
getConnection
();
if
(
requestType
.
equals
(
IS_AUTH
))
{
if
(
requestType
.
equals
(
AUTH
))
{
ps
=
con
.
prepareStatement
(
"SELECT * FROM users WHERE login = ? AND password = md5( ? )"
);
ps
.
setString
(
2
,
value
);
}
else
if
(
requestType
.
equals
(
IS_ADMIN
)){
ps
=
con
.
prepareStatement
(
"SELECT * FROM users WHERE login = ? AND isadmin = 1"
);
}
else
ps
=
con
.
prepareStatement
(
"SELECT * FROM users WHERE login = ? "
);
}
else
if
(
requestType
.
equals
(
EXIST
)){
ps
=
con
.
prepareStatement
(
"SELECT * FROM users WHERE login = ?"
);
ps
.
setString
(
1
,
login
);
}
ps
.
setString
(
1
,
login
);
rs
=
ps
.
executeQuery
();
if
(
rs
.
next
())
{
if
(
requestType
.
equals
(
IS_AUTH
)){
user
.
setIsAuth
(
true
);
}
else
if
(
requestType
.
equals
(
IS_ADMIN
))
{
user
.
setIsAdmin
(
true
);
user
.
setIsAuth
(
true
);
}
else
{
user
.
setAdmin
(
rs
.
getBoolean
(
ISADMIN
));
user
.
setAuth
(
true
);
user
.
setExist
(
true
);
}
}
return
user
;
}
catch
(
SQLException
|
NamingException
e
)
{
LOGGER
.
error
(
""
,
e
);
user
.
set
Is
Error
(
500
);
user
.
setError
(
500
);
return
user
;
}
finally
{
if
(
rs
!=
null
)
{
...
...
@@ -131,16 +130,3 @@ public class UserManager {
}
src/main/java/kz/arta/ext/sap/service/PasswordSetService.java
View file @
a05fb38a
...
...
@@ -45,11 +45,11 @@ public class PasswordSetService {
@POST
@Path
(
"/set_password"
)
@Produces
(
MediaType
.
APPLICATION_JSON
+
"; charset=utf-8"
)
public
String
setPassword
(
@HeaderParam
(
"authorization"
)
String
authParam
,
@QueryParam
(
"currentUserLogin"
)
String
currentUserLogin
,
@QueryParam
(
"login"
)
String
login
,
@QueryParam
(
"new_password"
)
String
new_pass
){
public
String
setPassword
(
@HeaderParam
(
"authorization"
)
String
authParam
,
@QueryParam
(
"currentUserLogin"
)
String
currentUserLogin
,
@QueryParam
(
"
currentUserPass"
)
String
currentUserPass
,
@QueryParam
(
"
login"
)
String
login
,
@QueryParam
(
"new_password"
)
String
new_pass
){
try
{
boolean
su
=
UserManager
.
dbInteraction
(
currentUserLogin
,
null
,
"isadmin"
).
getI
sAdmin
();
boolean
su
=
UserManager
.
selectFromUsersQuery
(
currentUserLogin
,
currentUserPass
,
"auth"
).
i
sAdmin
();
if
(
su
)
{
if
(
su
)
{
return
PasswordSetService
.
errorMessagesHandler
(
UserManager
.
setPass
(
login
,
new_pass
));
...
...
src/main/java/kz/arta/ext/sap/service/SecurityInterceptor.java
View file @
a05fb38a
...
...
@@ -19,7 +19,6 @@ import javax.servlet.http.HttpServletRequest;
import
javax.servlet.http.HttpServletResponse
;
import
javax.ws.rs.WebApplicationException
;
import
javax.ws.rs.core.Context
;
import
javax.ws.rs.core.HttpHeaders
;
import
javax.ws.rs.ext.Provider
;
/**
...
...
@@ -68,15 +67,16 @@ public class SecurityInterceptor implements PreProcessInterceptor {
String
currentUserLogin
=
authArray
[
0
];
String
currentUserPass
=
authArray
[
1
];
SynergyUser
su
=
UserManager
.
dbInteraction
(
currentUserLogin
,
currentUserPass
,
"is
auth"
);
SynergyUser
su
=
UserManager
.
selectFromUsersQuery
(
currentUserLogin
,
currentUserPass
,
"
auth"
);
if
(
su
.
get
Is
Error
()
==
500
)
{
if
(
su
.
getError
()
==
500
)
{
return
DB_ERROR
;
}
else
if
(!
su
.
getI
sAuth
()){
}
else
if
(!
su
.
i
sAuth
()){
return
ACCESS_DENIED
;
}
httpRequest
.
getUri
().
getQueryParameters
().
add
(
"currentUserLogin"
,
currentUserLogin
);
httpRequest
.
getUri
().
getQueryParameters
().
add
(
"currentUserPass"
,
currentUserPass
);
}
return
null
;
...
...
src/main/java/kz/arta/ext/sap/service/SynergyUser.java
View file @
a05fb38a
package
kz.arta.ext.sap.service
;
public
class
SynergyUser
{
private
boolean
isA
dmin
;
private
boolean
isA
uth
;
private
boolean
isE
xist
;
private
int
isE
rror
;
private
boolean
a
dmin
;
private
boolean
a
uth
;
private
boolean
e
xist
;
private
int
e
rror
;
public
SynergyUser
()
{
this
.
isAdmin
=
false
;
this
.
isAuth
=
false
;
this
.
isExist
=
false
;
this
.
isError
=
0
;
public
boolean
isAdmin
()
{
return
admin
;
}
public
boolean
getIsAdmin
(
)
{
return
isAdmin
;
public
void
setAdmin
(
boolean
isAdmin
)
{
this
.
admin
=
isAdmin
;
}
public
void
setIsAdmin
(
boolean
isAdmin
)
{
this
.
isAdmin
=
isAdmin
;
public
boolean
isAuth
(
)
{
return
auth
;
}
public
boolean
getIsAuth
(
)
{
return
isAuth
;
public
void
setAuth
(
boolean
isAuth
)
{
this
.
auth
=
isAuth
;
}
public
void
setIsAuth
(
boolean
isAuth
)
{
this
.
isAuth
=
isAuth
;
public
int
getError
(
)
{
return
error
;
}
public
int
getIsError
(
)
{
return
isError
;
public
void
setError
(
int
isError
)
{
this
.
error
=
isError
;
}
public
void
setIsError
(
int
isError
)
{
this
.
isError
=
isError
;
}
public
boolean
getisExist
()
{
return
isExist
;
public
boolean
isExist
()
{
return
exist
;
}
public
void
setExist
(
boolean
isExist
)
{
this
.
isE
xist
=
isExist
;
this
.
e
xist
=
isExist
;
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment