multi user
This commit is contained in:
@@ -2,6 +2,8 @@ package de.jottyfan.timetrack.modules;
|
||||
|
||||
import java.sql.SQLException;
|
||||
|
||||
import javax.faces.application.FacesMessage;
|
||||
|
||||
import org.jooq.DSLContext;
|
||||
import org.jooq.TableLike;
|
||||
|
||||
@@ -22,11 +24,20 @@ public class JooqGateway {
|
||||
public DSLContext getJooq() throws ClassNotFoundException, SQLException {
|
||||
return (DSLContext) facesContext.getJooq();
|
||||
}
|
||||
|
||||
public void addToSessionMap(String key, Object value) {
|
||||
facesContext.getExternalContext().getSessionMap().put(key, value);
|
||||
}
|
||||
|
||||
public Integer getFkLogin() {
|
||||
// TODO: make a login, add the profile id to the session and read it here from
|
||||
// facesContext
|
||||
return 1;
|
||||
SessionBean bean = (SessionBean) facesContext.getExternalContext().getSessionMap().get("sessionBean");
|
||||
if (bean == null) {
|
||||
facesContext.addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, "schwerer Anwendungsfehler",
|
||||
"no sessionBean found in session, therefore, set fkLogin to 1"));
|
||||
bean = new SessionBean();
|
||||
bean.setLogin(1);
|
||||
}
|
||||
return bean.getLogin();
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
package de.jottyfan.timetrack.modules;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.enterprise.context.SessionScoped;
|
||||
import javax.inject.Named;
|
||||
@@ -17,12 +19,17 @@ import org.jasypt.util.password.StrongPasswordEncryptor;
|
||||
public class SessionBean implements Serializable {
|
||||
private static final long serialVersionUID = 1L;
|
||||
|
||||
private Set<String> privileges;
|
||||
private Integer login;
|
||||
private String username;
|
||||
private String secret;
|
||||
private String forename;
|
||||
private String surname;
|
||||
|
||||
public SessionBean() {
|
||||
this.privileges = new HashSet<>();
|
||||
}
|
||||
|
||||
public Boolean getHasLogin() {
|
||||
return login != null;
|
||||
}
|
||||
@@ -39,6 +46,10 @@ public class SessionBean implements Serializable {
|
||||
this.login = login;
|
||||
}
|
||||
|
||||
public Boolean hasPrivilege(String privilege) {
|
||||
return privileges.contains(privilege);
|
||||
}
|
||||
|
||||
public String getSecret() {
|
||||
StrongPasswordEncryptor spe = new StrongPasswordEncryptor();
|
||||
return spe.encryptPassword(secret);
|
||||
@@ -48,7 +59,7 @@ public class SessionBean implements Serializable {
|
||||
StrongPasswordEncryptor spe = new StrongPasswordEncryptor();
|
||||
return spe.checkPassword(secret, encrypted);
|
||||
}
|
||||
|
||||
|
||||
public void setSecret(String secret) {
|
||||
this.secret = secret;
|
||||
}
|
||||
@@ -76,4 +87,11 @@ public class SessionBean implements Serializable {
|
||||
public void setUsername(String username) {
|
||||
this.username = username;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the privileges
|
||||
*/
|
||||
public Set<String> getPrivileges() {
|
||||
return privileges;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package de.jottyfan.timetrack.modules;
|
||||
|
||||
import javax.enterprise.context.RequestScoped;
|
||||
import javax.faces.application.FacesMessage;
|
||||
import javax.faces.context.FacesContext;
|
||||
import javax.inject.Inject;
|
||||
import javax.inject.Named;
|
||||
@@ -20,6 +21,9 @@ public class SessionControl {
|
||||
@Inject
|
||||
private SessionBean sessionBean;
|
||||
|
||||
private String secretNew1;
|
||||
private String secretNew2;
|
||||
|
||||
public String doLogin() {
|
||||
SessionModel model = new SessionModel();
|
||||
model.doLogin((JooqFacesContext) FacesContext.getCurrentInstance(), sessionBean);
|
||||
@@ -32,6 +36,56 @@ public class SessionControl {
|
||||
sessionBean.setForename(null);
|
||||
sessionBean.setSurname(null);
|
||||
sessionBean.setUsername(null);
|
||||
sessionBean.getPrivileges().clear();
|
||||
return Pages.START.get();
|
||||
}
|
||||
|
||||
public String doChangePassword() {
|
||||
if (!secretNew1.equals(secretNew2)) {
|
||||
FacesMessage msg = new FacesMessage(FacesMessage.SEVERITY_ERROR, "error on changing password",
|
||||
"passwords are not equal");
|
||||
FacesContext.getCurrentInstance().addMessage(null, msg);
|
||||
return "";
|
||||
} else if (new SessionModel().doChangePassword((JooqFacesContext) FacesContext.getCurrentInstance(), secretNew1)) {
|
||||
FacesMessage msg = new FacesMessage(FacesMessage.SEVERITY_INFO, "successfully changed password",
|
||||
"the new password has been saved");
|
||||
FacesContext.getCurrentInstance().addMessage(null, msg);
|
||||
return Pages.START.get();
|
||||
} else {
|
||||
FacesMessage msg = new FacesMessage(FacesMessage.SEVERITY_ERROR, "error on changing password",
|
||||
"database change was not successful");
|
||||
FacesContext.getCurrentInstance().addMessage(null, msg);
|
||||
return "";
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the secretNew1
|
||||
*/
|
||||
public String getSecretNew1() {
|
||||
return secretNew1;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param secretNew1
|
||||
* the secretNew1 to set
|
||||
*/
|
||||
public void setSecretNew1(String secretNew1) {
|
||||
this.secretNew1 = secretNew1;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the secretNew2
|
||||
*/
|
||||
public String getSecretNew2() {
|
||||
return secretNew2;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param secretNew2
|
||||
* the secretNew2 to set
|
||||
*/
|
||||
public void setSecretNew2(String secretNew2) {
|
||||
this.secretNew2 = secretNew2;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,17 +1,21 @@
|
||||
package de.jottyfan.timetrack.modules;
|
||||
|
||||
import static de.jottyfan.timetrack.db.profile.Tables.T_LOGIN;
|
||||
import static de.jottyfan.timetrack.db.profile.Tables.V_LOGINROLE;
|
||||
|
||||
import java.sql.SQLException;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.jooq.DSLContext;
|
||||
import org.jooq.Record1;
|
||||
import org.jooq.Record4;
|
||||
import org.jooq.SelectConditionStep;
|
||||
import org.jooq.UpdateConditionStep;
|
||||
import org.jooq.exception.DataAccessException;
|
||||
|
||||
import de.jooqFaces.JooqFacesContext;
|
||||
import de.jottyfan.timetrack.db.profile.tables.records.TLoginRecord;
|
||||
|
||||
/**
|
||||
*
|
||||
@@ -31,9 +35,9 @@ public class SessionGateway extends JooqGateway {
|
||||
* @param bean
|
||||
* the bean
|
||||
* @return true or false
|
||||
* @throws SQLException
|
||||
* @throws ClassNotFoundException
|
||||
* @throws DataAccessException
|
||||
* @throws SQLException
|
||||
* @throws ClassNotFoundException
|
||||
* @throws DataAccessException
|
||||
*/
|
||||
public boolean seekAndSetLogin(SessionBean bean) throws DataAccessException, ClassNotFoundException, SQLException {
|
||||
try (DSLContext jooq = getJooq()) {
|
||||
@@ -54,6 +58,18 @@ public class SessionGateway extends JooqGateway {
|
||||
bean.setLogin(r.get(T_LOGIN.PK));
|
||||
bean.setForename(r.get(T_LOGIN.FORENAME));
|
||||
bean.setSurname(r.get(T_LOGIN.SURNAME));
|
||||
|
||||
SelectConditionStep<Record1<String>> sql2 = jooq
|
||||
// @formatter:off
|
||||
.select(V_LOGINROLE.ROLE_NAME)
|
||||
.from(V_LOGINROLE)
|
||||
.where(V_LOGINROLE.LOGIN.eq(bean.getUsername()));
|
||||
// @formatter:on
|
||||
LOGGER.debug(sql2.toString());
|
||||
for (Record1<String> privilege : sql2.fetch()) {
|
||||
bean.getPrivileges().add(privilege.get(V_LOGINROLE.ROLE_NAME));
|
||||
}
|
||||
addToSessionMap("sessionBean", bean);
|
||||
return true;
|
||||
} else {
|
||||
throw new DataAccessException("wrong password");
|
||||
@@ -64,4 +80,29 @@ public class SessionGateway extends JooqGateway {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* change the password
|
||||
*
|
||||
* @param bean
|
||||
* the bean containing the new password
|
||||
* @return true or false
|
||||
* @throws SQLException
|
||||
* @throws ClassNotFoundException
|
||||
* @throws DataAccessException
|
||||
*/
|
||||
public boolean changePassword(SessionBean bean, String newPassword)
|
||||
throws DataAccessException, ClassNotFoundException, SQLException {
|
||||
bean.setSecret(newPassword);
|
||||
String encryptedPassword = bean.getSecret();
|
||||
try (DSLContext jooq = getJooq()) {
|
||||
UpdateConditionStep<TLoginRecord> sql = jooq
|
||||
// @formatter:off
|
||||
.update(T_LOGIN)
|
||||
.set(T_LOGIN.PASSWORD, encryptedPassword)
|
||||
.where(T_LOGIN.PK.eq(bean.getLogin()));
|
||||
// @formatter:on
|
||||
LOGGER.debug("updating password, disable log here");
|
||||
return sql.execute() == 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -25,4 +25,14 @@ public class SessionModel {
|
||||
}
|
||||
}
|
||||
|
||||
public boolean doChangePassword(JooqFacesContext facesContext, String secretNew) {
|
||||
try {
|
||||
SessionBean bean = (SessionBean) facesContext.getExternalContext().getSessionMap().get("sessionBean");
|
||||
return new SessionGateway(facesContext).changePassword(bean, secretNew);
|
||||
} catch (DataAccessException | ClassNotFoundException | SQLException e) {
|
||||
FacesMessage msg = new FacesMessage(FacesMessage.SEVERITY_ERROR, "error on changing password", e.getMessage());
|
||||
facesContext.addMessage(null, msg);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
||||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:ui="http://java.sun.com/jsf/facelets" xmlns:h="http://java.sun.com/jsf/html"
|
||||
xmlns:f="http://java.sun.com/jsf/core" xmlns:my="http://xmlns.jcp.org/jsf/composite/my" xmlns:b="http://bootsfaces.net/ui">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:ui="http://java.sun.com/jsf/facelets" xmlns:h="http://java.sun.com/jsf/html" xmlns:f="http://java.sun.com/jsf/core"
|
||||
xmlns:my="http://xmlns.jcp.org/jsf/composite/my" xmlns:b="http://bootsfaces.net/ui">
|
||||
<h:head>
|
||||
</h:head>
|
||||
<h:body>
|
||||
@@ -11,12 +11,31 @@
|
||||
</ui:define>
|
||||
<ui:define name="main">
|
||||
<b:panel title="Einstellungen" collapsed="true" rendered="#{sessionBean.hasLogin}">
|
||||
<b:form>
|
||||
<b:selectOneMenu value="#{themeBean.currentTheme}">
|
||||
<f:selectItems value="#{themeBean.validThemes}" var="t" itemValue="#{t}" itemLabel="#{t}" />
|
||||
</b:selectOneMenu>
|
||||
<b:commandButton action="#{doneControl.toStart}" value="ändern" iconAwesome="pencil" look="warning" />
|
||||
</b:form>
|
||||
<b:accordion expandedPanels="layout">
|
||||
<b:panel id="layout" title="Layout">
|
||||
<b:form>
|
||||
<b:selectOneMenu value="#{themeBean.currentTheme}">
|
||||
<f:selectItems value="#{themeBean.validThemes}" var="t" itemValue="#{t}" itemLabel="#{t}" />
|
||||
</b:selectOneMenu>
|
||||
<b:commandButton action="#{doneControl.toStart}" value="ändern" iconAwesome="pencil" look="warning" />
|
||||
</b:form>
|
||||
</b:panel>
|
||||
<b:panel id="password" title="Passwort">
|
||||
<b:form>
|
||||
<b:inputSecret value="#{sessionControl.secretNew1}" required="true" requiredMessage="Das Feld Passwort muss ausgefüllt werden.">
|
||||
<f:facet name="prepend">
|
||||
<h:outputText value="Passwort" />
|
||||
</f:facet>
|
||||
</b:inputSecret>
|
||||
<b:inputSecret value="#{sessionControl.secretNew2}" required="true" requiredMessage="Das Feld Passwort nochmal muss ausgefüllt werden.">
|
||||
<f:facet name="prepend">
|
||||
<h:outputText value="Passwort nochmal" />
|
||||
</f:facet>
|
||||
</b:inputSecret>
|
||||
<b:commandButton action="#{sessionControl.doChangePassword}" value="übernehmen" look="warning" />
|
||||
</b:form>
|
||||
</b:panel>
|
||||
</b:accordion>
|
||||
</b:panel>
|
||||
<b:panel title="Login" rendered="#{sessionBean.hasNoLogin}" styleClass="loginpanel">
|
||||
<b:form>
|
||||
@@ -25,6 +44,7 @@
|
||||
<h:outputText value="Username" />
|
||||
</f:facet>
|
||||
<f:selectItem itemValue="henkej" itemLabel="Jörg Henke" />
|
||||
<f:selectItem itemValue="piontekm" itemLabel="Michael Piontek" />
|
||||
</b:selectOneMenu>
|
||||
<b:inputSecret value="#{sessionBean.secret}">
|
||||
<f:facet name="prepend">
|
||||
@@ -38,11 +58,11 @@
|
||||
<ui:define name="navigation">
|
||||
<b:form rendered="#{sessionBean.hasLogin}">
|
||||
<b:buttonGroup>
|
||||
<b:commandButton action="#{noteControl.toList}" value="#{noteControl.amount} Notizen verwalten" look="primary"
|
||||
iconAwesome="comments-o" />
|
||||
<b:commandButton action="#{contactControl.toList}" value="#{contactControl.amount} Kontakte verwalten" look="primary"
|
||||
iconAwesome="group" />
|
||||
<b:commandButton action="#{doneControl.toList}" value="Arbeitszeit verwalten" look="primary" iconAwesome="clock-o" />
|
||||
<b:commandButton action="#{noteControl.toList}" value="#{noteControl.amount} Notizen verwalten" look="primary" iconAwesome="comments-o"
|
||||
rendered="#{sessionBean.hasPrivilege('write_note')}" />
|
||||
<b:commandButton action="#{contactControl.toList}" value="#{contactControl.amount} Kontakte verwalten" look="primary" iconAwesome="group"
|
||||
rendered="#{sessionBean.hasPrivilege('write_contact')}" />
|
||||
<b:commandButton action="#{doneControl.toList}" value="Arbeitszeit verwalten" look="primary" iconAwesome="clock-o" rendered="#{sessionBean.hasPrivilege('write_done')}" />
|
||||
<b:commandButton action="#{sessionControl.doLogout}" value="abmelden" look="danger" iconAwesome="sign-out" />
|
||||
</b:buttonGroup>
|
||||
</b:form>
|
||||
|
||||
Reference in New Issue
Block a user