Stirling-PDF/src/main/java/stirling/software/SPDF/config/security/UserService.java

package stirling.software.SPDF.config.security;

import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import java.util.UUID;
import java.util.stream.Collectors;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.MessageSource;
import org.springframework.context.i18n.LocaleContextHolder;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;

import stirling.software.SPDF.controller.api.pipeline.UserServiceInterface;
import stirling.software.SPDF.model.AuthenticationType;
import stirling.software.SPDF.model.Authority;
import stirling.software.SPDF.model.Role;
import stirling.software.SPDF.model.User;
import stirling.software.SPDF.repository.AuthorityRepository;
import stirling.software.SPDF.repository.UserRepository;

@Service
public class UserService implements UserServiceInterface {

    @Autowired private UserRepository userRepository;

    @Autowired private AuthorityRepository authorityRepository;

    @Autowired private PasswordEncoder passwordEncoder;

    @Autowired private MessageSource messageSource;

    // Handle OAUTH2 login and user auto creation.
    public boolean processOAuth2PostLogin(String username, boolean autoCreateUser) {
        if (!isUsernameValidWithReturn(username).equals(username)) {
            return false;
        }
        Optional<User> existUser = userRepository.findByUsernameIgnoreCase(username);
        if (existUser.isPresent()) {
            return true;
        }
        if (autoCreateUser) {
            saveUser(username, AuthenticationType.OAUTH2);
            return true;
        }
        return false;
    }

    public Authentication getAuthentication(String apiKey) {
        User user = getUserByApiKey(apiKey);
        if (user == null) {
            throw new UsernameNotFoundException("API key is not valid");
        }

        // Convert the user into an Authentication object
        return new UsernamePasswordAuthenticationToken(
                user, // principal (typically the user)
                null, // credentials (we don't expose the password or API key here)
                getAuthorities(user) // user's authorities (roles/permissions)
                );
    }

    private Collection<? extends GrantedAuthority> getAuthorities(User user) {
        // Convert each Authority object into a SimpleGrantedAuthority object.
        return user.getAuthorities().stream()
                .map((Authority authority) -> new SimpleGrantedAuthority(authority.getAuthority()))
                .collect(Collectors.toList());
    }

    private String generateApiKey() {
        String apiKey;
        do {
            apiKey = UUID.randomUUID().toString();
        } while (userRepository.findByApiKey(apiKey) != null); // Ensure uniqueness
        return apiKey;
    }

    public User addApiKeyToUser(String username) {
        User user =
                userRepository
                        .findByUsernameIgnoreCase(username)
                        .orElseThrow(() -> new UsernameNotFoundException("User not found"));

        user.setApiKey(generateApiKey());
        return userRepository.save(user);
    }

    public User refreshApiKeyForUser(String username) {
        return addApiKeyToUser(username); // reuse the add API key method for refreshing
    }

    public String getApiKeyForUser(String username) {
        User user =
                userRepository
                        .findByUsernameIgnoreCase(username)
                        .orElseThrow(() -> new UsernameNotFoundException("User not found"));
        return user.getApiKey();
    }

    public boolean isValidApiKey(String apiKey) {
        return userRepository.findByApiKey(apiKey) != null;
    }

    public User getUserByApiKey(String apiKey) {
        return userRepository.findByApiKey(apiKey);
    }

    public UserDetails loadUserByApiKey(String apiKey) {
        User userOptional = userRepository.findByApiKey(apiKey);
        if (userOptional != null) {
            User user = userOptional;
            // Convert your User entity to a UserDetails object with authorities
            return new org.springframework.security.core.userdetails.User(
                    user.getUsername(),
                    user.getPassword(), // you might not need this for API key auth
                    getAuthorities(user));
        }
        return null; // or throw an exception
    }

    public boolean validateApiKeyForUser(String username, String apiKey) {
        Optional<User> userOpt = userRepository.findByUsernameIgnoreCase(username);
        return userOpt.isPresent() && userOpt.get().getApiKey().equals(apiKey);
    }

    public void saveUser(String username, AuthenticationType authenticationType)
            throws IllegalArgumentException {
        User user = new User();
        user.setUsername(isUsernameValidWithReturn(username));
        user.setEnabled(true);
        user.setFirstLogin(false);
        user.addAuthority(new Authority(Role.USER.getRoleId(), user));
        user.setAuthenticationType(authenticationType);
        userRepository.save(user);
    }

    public void saveUser(String username, String password) throws IllegalArgumentException {
        User user = new User();
        user.setUsername(isUsernameValidWithReturn(username));
        user.setPassword(passwordEncoder.encode(password));
        user.setEnabled(true);
        user.setAuthenticationType(AuthenticationType.WEB);
        userRepository.save(user);
    }

    public void saveUser(String username, String password, String role, boolean firstLogin)
            throws IllegalArgumentException {
        User user = new User();
        user.setUsername(isUsernameValidWithReturn(username));
        user.setPassword(passwordEncoder.encode(password));
        user.addAuthority(new Authority(role, user));
        user.setEnabled(true);
        user.setAuthenticationType(AuthenticationType.WEB);
        user.setFirstLogin(firstLogin);
        userRepository.save(user);
    }

    public void saveUser(String username, String password, String role)
            throws IllegalArgumentException {
        User user = new User();
        user.setUsername(isUsernameValidWithReturn(username));
        user.setPassword(passwordEncoder.encode(password));
        user.addAuthority(new Authority(role, user));
        user.setEnabled(true);
        user.setAuthenticationType(AuthenticationType.WEB);
        user.setFirstLogin(false);
        userRepository.save(user);
    }

    public void deleteUser(String username) {
        Optional<User> userOpt = userRepository.findByUsernameIgnoreCase(username);
        if (userOpt.isPresent()) {
            for (Authority authority : userOpt.get().getAuthorities()) {
                if (authority.getAuthority().equals(Role.INTERNAL_API_USER.getRoleId())) {
                    return;
                }
            }
            userRepository.delete(userOpt.get());
        }
    }

    public boolean usernameExists(String username) {
        return userRepository.findByUsername(username).isPresent();
    }

    public boolean usernameExistsIgnoreCase(String username) {
        return userRepository.findByUsernameIgnoreCase(username).isPresent();
    }

    public boolean hasUsers() {
        return userRepository.count() > 0;
    }

    public void updateUserSettings(String username, Map<String, String> updates) {
        Optional<User> userOpt = userRepository.findByUsernameIgnoreCase(username);
        if (userOpt.isPresent()) {
            User user = userOpt.get();
            Map<String, String> settingsMap = user.getSettings();

            if (settingsMap == null) {
                settingsMap = new HashMap<String, String>();
            }
            settingsMap.clear();
            settingsMap.putAll(updates);
            user.setSettings(settingsMap);

            userRepository.save(user);
        }
    }

    public Optional<User> findByUsername(String username) {
        return userRepository.findByUsername(username);
    }

    public Optional<User> findByUsernameIgnoreCase(String username) {
        return userRepository.findByUsernameIgnoreCase(username);
    }

    public Authority findRole(User user) {
        return authorityRepository.findByUserId(user.getId());
    }

    public void changeUsername(User user, String newUsername) throws IllegalArgumentException {
        user.setUsername(isUsernameValidWithReturn(newUsername));
        userRepository.save(user);
    }

    public void changePassword(User user, String newPassword) {
        user.setPassword(passwordEncoder.encode(newPassword));
        userRepository.save(user);
    }

    public void changeFirstUse(User user, boolean firstUse) {
        user.setFirstLogin(firstUse);
        userRepository.save(user);
    }

    public void changeRole(User user, String newRole) {
        Authority userAuthority = this.findRole(user);
        userAuthority.setAuthority(newRole);
        authorityRepository.save(userAuthority);
    }

    public boolean isPasswordCorrect(User user, String currentPassword) {
        return passwordEncoder.matches(currentPassword, user.getPassword());
    }

    public boolean isUsernameValid(String username) {
        // Checks whether the simple username is formatted correctly
        boolean isValidSimpleUsername =
                username.matches("^[a-zA-Z0-9][a-zA-Z0-9@._+-]*[a-zA-Z0-9]$");
        // Checks whether the email address is formatted correctly
        boolean isValidEmail =
                username.matches(
                        "^(?=.{1,64}@)[A-Za-z0-9]+(\\.[A-Za-z0-9_+.-]+)*@[^-][A-Za-z0-9-]+(\\.[A-Za-z0-9-]+)*(\\.[A-Za-z]{2,})$");
        return isValidSimpleUsername || isValidEmail;
    }

    public String isUsernameValidWithReturn(String username) throws IllegalArgumentException {
        if (!isUsernameValid(username)) {
            String message =
                    messageSource.getMessage(
                            "invalidUsernameMessage", null, LocaleContextHolder.getLocale());
            throw new IllegalArgumentException(message);
        }
        return username;
    }

    public boolean hasPassword(String username) {
        Optional<User> user = userRepository.findByUsernameIgnoreCase(username);
        if (user.isPresent() && user.get().hasPassword()) {
            return true;
        }
        return false;
    }

    public boolean isAuthenticationTypeByUsername(
            String username, AuthenticationType authenticationType) {
        Optional<User> user = userRepository.findByUsernameIgnoreCase(username);
        if (user.isPresent() && user.get().getAuthenticationType() != null) {
            return user.get().getAuthenticationType().equalsIgnoreCase(authenticationType.name());
        }
        return false;
    }
}
eol 2024-01-03 17:59:04 +00:00			`package stirling.software.SPDF.config.security;`

			`import java.util.Collection;`
			`import java.util.HashMap;`
			`import java.util.Map;`
			`import java.util.Optional;`
			`import java.util.UUID;`
			`import java.util.stream.Collectors;`

			`import org.springframework.beans.factory.annotation.Autowired;`
extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`import org.springframework.context.MessageSource;`
			`import org.springframework.context.i18n.LocaleContextHolder;`
eol 2024-01-03 17:59:04 +00:00			`import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;`
			`import org.springframework.security.core.Authentication;`
			`import org.springframework.security.core.GrantedAuthority;`
			`import org.springframework.security.core.authority.SimpleGrantedAuthority;`
			`import org.springframework.security.core.userdetails.UserDetails;`
			`import org.springframework.security.core.userdetails.UsernameNotFoundException;`
			`import org.springframework.security.crypto.password.PasswordEncoder;`
			`import org.springframework.stereotype.Service;`

			`import stirling.software.SPDF.controller.api.pipeline.UserServiceInterface;`
extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`import stirling.software.SPDF.model.AuthenticationType;`
eol 2024-01-03 17:59:04 +00:00			`import stirling.software.SPDF.model.Authority;`
			`import stirling.software.SPDF.model.Role;`
			`import stirling.software.SPDF.model.User;`
Change User Roles (#1153) * Modify user service and controller * Modify Template * Add messages * Fix Username output * Add tooltip * Change Role Modify logic * Add Roles from database to existing users * Add default select Fillers * Indent JS * Add Change Role Related Translations * Remove unnecessary Whitespace and imports 2024-05-02 14:52:50 -06:00			`import stirling.software.SPDF.repository.AuthorityRepository;`
eol 2024-01-03 17:59:04 +00:00			`import stirling.software.SPDF.repository.UserRepository;`

			`@Service`
			`public class UserService implements UserServiceInterface {`

			`@Autowired private UserRepository userRepository;`

Change User Roles (#1153) * Modify user service and controller * Modify Template * Add messages * Fix Username output * Add tooltip * Change Role Modify logic * Add Roles from database to existing users * Add default select Fillers * Indent JS * Add Change Role Related Translations * Remove unnecessary Whitespace and imports 2024-05-02 14:52:50 -06:00			`@Autowired private AuthorityRepository authorityRepository;`

eol 2024-01-03 17:59:04 +00:00			`@Autowired private PasswordEncoder passwordEncoder;`

extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`@Autowired private MessageSource messageSource;`

Add OAUTH2 OIDC login support (#1140) * Somewhat working * Change Autocreate logic * Add OAuth Error Message if Auto create Disabled * Display OAUTH2 username(email) in Account Settings * Disable Change user/pass for Oauth2 user * Hide SSO Button if SSO login Disabled * Remove some spaces and comments * Add OAUTH2 Login example docker-compose file * Add Some Comments * Hide Printing of Client secret * Remove OAUTH2 Beans and replace with applicationProperties * Add conditional annotation to Bean Creation * Update settings.yml.template Add OAUTH2 enabling template. * Update messages_en_GB.properties 2024-04-29 15:01:22 -06:00			`// Handle OAUTH2 login and user auto creation.`
			`public boolean processOAuth2PostLogin(String username, boolean autoCreateUser) {`
extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`if (!isUsernameValidWithReturn(username).equals(username)) {`
			`return false;`
			`}`
Add OAUTH2 OIDC login support (#1140) * Somewhat working * Change Autocreate logic * Add OAuth Error Message if Auto create Disabled * Display OAUTH2 username(email) in Account Settings * Disable Change user/pass for Oauth2 user * Hide SSO Button if SSO login Disabled * Remove some spaces and comments * Add OAUTH2 Login example docker-compose file * Add Some Comments * Hide Printing of Client secret * Remove OAUTH2 Beans and replace with applicationProperties * Add conditional annotation to Bean Creation * Update settings.yml.template Add OAUTH2 enabling template. * Update messages_en_GB.properties 2024-04-29 15:01:22 -06:00			`Optional<User> existUser = userRepository.findByUsernameIgnoreCase(username);`
			`if (existUser.isPresent()) {`
			`return true;`
			`}`
			`if (autoCreateUser) {`
extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`saveUser(username, AuthenticationType.OAUTH2);`
Add OAUTH2 OIDC login support (#1140) * Somewhat working * Change Autocreate logic * Add OAuth Error Message if Auto create Disabled * Display OAUTH2 username(email) in Account Settings * Disable Change user/pass for Oauth2 user * Hide SSO Button if SSO login Disabled * Remove some spaces and comments * Add OAUTH2 Login example docker-compose file * Add Some Comments * Hide Printing of Client secret * Remove OAUTH2 Beans and replace with applicationProperties * Add conditional annotation to Bean Creation * Update settings.yml.template Add OAUTH2 enabling template. * Update messages_en_GB.properties 2024-04-29 15:01:22 -06:00			`return true;`
			`}`
			`return false;`
			`}`

eol 2024-01-03 17:59:04 +00:00			`public Authentication getAuthentication(String apiKey) {`
			`User user = getUserByApiKey(apiKey);`
			`if (user == null) {`
			`throw new UsernameNotFoundException("API key is not valid");`
			`}`

			`// Convert the user into an Authentication object`
			`return new UsernamePasswordAuthenticationToken(`
			`user, // principal (typically the user)`
			`null, // credentials (we don't expose the password or API key here)`
			`getAuthorities(user) // user's authorities (roles/permissions)`
			`);`
			`}`

			`private Collection<? extends GrantedAuthority> getAuthorities(User user) {`
			`// Convert each Authority object into a SimpleGrantedAuthority object.`
			`return user.getAuthorities().stream()`
			`.map((Authority authority) -> new SimpleGrantedAuthority(authority.getAuthority()))`
			`.collect(Collectors.toList());`
			`}`

			`private String generateApiKey() {`
			`String apiKey;`
			`do {`
			`apiKey = UUID.randomUUID().toString();`
			`} while (userRepository.findByApiKey(apiKey) != null); // Ensure uniqueness`
			`return apiKey;`
			`}`

			`public User addApiKeyToUser(String username) {`
			`User user =`
			`userRepository`
Fix: Resolve Username Case Sensitivity Issue in Login Flow (#1070) * Fix: Username changing The only situation where the username must be unique is when changing the username. * Update UserController.java 2024-04-14 23:07:03 +02:00			`.findByUsernameIgnoreCase(username)`
eol 2024-01-03 17:59:04 +00:00			`.orElseThrow(() -> new UsernameNotFoundException("User not found"));`

			`user.setApiKey(generateApiKey());`
			`return userRepository.save(user);`
			`}`

			`public User refreshApiKeyForUser(String username) {`
			`return addApiKeyToUser(username); // reuse the add API key method for refreshing`
			`}`

			`public String getApiKeyForUser(String username) {`
			`User user =`
			`userRepository`
Fix: Resolve Username Case Sensitivity Issue in Login Flow (#1070) * Fix: Username changing The only situation where the username must be unique is when changing the username. * Update UserController.java 2024-04-14 23:07:03 +02:00			`.findByUsernameIgnoreCase(username)`
eol 2024-01-03 17:59:04 +00:00			`.orElseThrow(() -> new UsernameNotFoundException("User not found"));`
			`return user.getApiKey();`
			`}`

			`public boolean isValidApiKey(String apiKey) {`
			`return userRepository.findByApiKey(apiKey) != null;`
			`}`

			`public User getUserByApiKey(String apiKey) {`
			`return userRepository.findByApiKey(apiKey);`
			`}`

			`public UserDetails loadUserByApiKey(String apiKey) {`
			`User userOptional = userRepository.findByApiKey(apiKey);`
			`if (userOptional != null) {`
			`User user = userOptional;`
			`// Convert your User entity to a UserDetails object with authorities`
			`return new org.springframework.security.core.userdetails.User(`
			`user.getUsername(),`
			`user.getPassword(), // you might not need this for API key auth`
			`getAuthorities(user));`
			`}`
			`return null; // or throw an exception`
			`}`

			`public boolean validateApiKeyForUser(String username, String apiKey) {`
Fix: Resolve Username Case Sensitivity Issue in Login Flow (#1070) * Fix: Username changing The only situation where the username must be unique is when changing the username. * Update UserController.java 2024-04-14 23:07:03 +02:00			`Optional<User> userOpt = userRepository.findByUsernameIgnoreCase(username);`
eol 2024-01-03 17:59:04 +00:00			`return userOpt.isPresent() && userOpt.get().getApiKey().equals(apiKey);`
			`}`

extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`public void saveUser(String username, AuthenticationType authenticationType)`
			`throws IllegalArgumentException {`
eol 2024-01-03 17:59:04 +00:00			`User user = new User();`
extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`user.setUsername(isUsernameValidWithReturn(username));`
			`user.setEnabled(true);`
			`user.setFirstLogin(false);`
			`user.addAuthority(new Authority(Role.USER.getRoleId(), user));`
			`user.setAuthenticationType(authenticationType);`
			`userRepository.save(user);`
			`}`

			`public void saveUser(String username, String password) throws IllegalArgumentException {`
			`User user = new User();`
			`user.setUsername(isUsernameValidWithReturn(username));`
eol 2024-01-03 17:59:04 +00:00			`user.setPassword(passwordEncoder.encode(password));`
			`user.setEnabled(true);`
extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`user.setAuthenticationType(AuthenticationType.WEB);`
eol 2024-01-03 17:59:04 +00:00			`userRepository.save(user);`
			`}`

extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`public void saveUser(String username, String password, String role, boolean firstLogin)`
			`throws IllegalArgumentException {`
eol 2024-01-03 17:59:04 +00:00			`User user = new User();`
extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`user.setUsername(isUsernameValidWithReturn(username));`
eol 2024-01-03 17:59:04 +00:00			`user.setPassword(passwordEncoder.encode(password));`
			`user.addAuthority(new Authority(role, user));`
			`user.setEnabled(true);`
extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`user.setAuthenticationType(AuthenticationType.WEB);`
eol 2024-01-03 17:59:04 +00:00			`user.setFirstLogin(firstLogin);`
			`userRepository.save(user);`
			`}`

extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`public void saveUser(String username, String password, String role)`
			`throws IllegalArgumentException {`
eol 2024-01-03 17:59:04 +00:00			`User user = new User();`
extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`user.setUsername(isUsernameValidWithReturn(username));`
eol 2024-01-03 17:59:04 +00:00			`user.setPassword(passwordEncoder.encode(password));`
			`user.addAuthority(new Authority(role, user));`
			`user.setEnabled(true);`
extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`user.setAuthenticationType(AuthenticationType.WEB);`
eol 2024-01-03 17:59:04 +00:00			`user.setFirstLogin(false);`
			`userRepository.save(user);`
			`}`

			`public void deleteUser(String username) {`
Fix: Resolve Username Case Sensitivity Issue in Login Flow (#1070) * Fix: Username changing The only situation where the username must be unique is when changing the username. * Update UserController.java 2024-04-14 23:07:03 +02:00			`Optional<User> userOpt = userRepository.findByUsernameIgnoreCase(username);`
eol 2024-01-03 17:59:04 +00:00			`if (userOpt.isPresent()) {`
			`for (Authority authority : userOpt.get().getAuthorities()) {`
			`if (authority.getAuthority().equals(Role.INTERNAL_API_USER.getRoleId())) {`
			`return;`
			`}`
			`}`
			`userRepository.delete(userOpt.get());`
			`}`
			`}`

			`public boolean usernameExists(String username) {`
			`return userRepository.findByUsername(username).isPresent();`
			`}`

Fix: Resolve Username Case Sensitivity Issue in Login Flow (#1070) * Fix: Username changing The only situation where the username must be unique is when changing the username. * Update UserController.java 2024-04-14 23:07:03 +02:00			`public boolean usernameExistsIgnoreCase(String username) {`
			`return userRepository.findByUsernameIgnoreCase(username).isPresent();`
			`}`

eol 2024-01-03 17:59:04 +00:00			`public boolean hasUsers() {`
			`return userRepository.count() > 0;`
			`}`

			`public void updateUserSettings(String username, Map<String, String> updates) {`
Fix: Resolve Username Case Sensitivity Issue in Login Flow (#1070) * Fix: Username changing The only situation where the username must be unique is when changing the username. * Update UserController.java 2024-04-14 23:07:03 +02:00			`Optional<User> userOpt = userRepository.findByUsernameIgnoreCase(username);`
eol 2024-01-03 17:59:04 +00:00			`if (userOpt.isPresent()) {`
			`User user = userOpt.get();`
			`Map<String, String> settingsMap = user.getSettings();`

			`if (settingsMap == null) {`
			`settingsMap = new HashMap<String, String>();`
			`}`
			`settingsMap.clear();`
			`settingsMap.putAll(updates);`
			`user.setSettings(settingsMap);`

			`userRepository.save(user);`
			`}`
			`}`

			`public Optional<User> findByUsername(String username) {`
			`return userRepository.findByUsername(username);`
			`}`

Enforcing Username Uniqueness (#906) * Enforcing Username Uniqueness Changes in UserService.java: Added a new method findByUsername to allow searching for usernames regardless of case sensitivity. Added a new method isUsernameValid to validate the username. Changes in UserController.java: Updated the changeUsername method to ensure the new username is valid before changing it. Updated the editUser method to ensure the new username is unique and valid. Changes in UserRepository.java: Added a custom JPQL query to search for usernames regardless of case sensitivity. Changes in HTML templates (account.html and addUsers.html): Error messages are displayed if a username is invalid or already exists. * JPAs auto 2024-03-13 23:09:16 +01:00			`public Optional<User> findByUsernameIgnoreCase(String username) {`
			`return userRepository.findByUsernameIgnoreCase(username);`
			`}`

Change User Roles (#1153) * Modify user service and controller * Modify Template * Add messages * Fix Username output * Add tooltip * Change Role Modify logic * Add Roles from database to existing users * Add default select Fillers * Indent JS * Add Change Role Related Translations * Remove unnecessary Whitespace and imports 2024-05-02 14:52:50 -06:00			`public Authority findRole(User user) {`
			`return authorityRepository.findByUserId(user.getId());`
			`}`

extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`public void changeUsername(User user, String newUsername) throws IllegalArgumentException {`
			`user.setUsername(isUsernameValidWithReturn(newUsername));`
eol 2024-01-03 17:59:04 +00:00			`userRepository.save(user);`
			`}`

			`public void changePassword(User user, String newPassword) {`
			`user.setPassword(passwordEncoder.encode(newPassword));`
			`userRepository.save(user);`
			`}`

			`public void changeFirstUse(User user, boolean firstUse) {`
			`user.setFirstLogin(firstUse);`
			`userRepository.save(user);`
			`}`

Change User Roles (#1153) * Modify user service and controller * Modify Template * Add messages * Fix Username output * Add tooltip * Change Role Modify logic * Add Roles from database to existing users * Add default select Fillers * Indent JS * Add Change Role Related Translations * Remove unnecessary Whitespace and imports 2024-05-02 14:52:50 -06:00			`public void changeRole(User user, String newRole) {`
			`Authority userAuthority = this.findRole(user);`
			`userAuthority.setAuthority(newRole);`
			`authorityRepository.save(userAuthority);`
			`}`

eol 2024-01-03 17:59:04 +00:00			`public boolean isPasswordCorrect(User user, String currentPassword) {`
			`return passwordEncoder.matches(currentPassword, user.getPassword());`
			`}`
Enforcing Username Uniqueness (#906) * Enforcing Username Uniqueness Changes in UserService.java: Added a new method findByUsername to allow searching for usernames regardless of case sensitivity. Added a new method isUsernameValid to validate the username. Changes in UserController.java: Updated the changeUsername method to ensure the new username is valid before changing it. Updated the editUser method to ensure the new username is unique and valid. Changes in UserRepository.java: Added a custom JPQL query to search for usernames regardless of case sensitivity. Changes in HTML templates (account.html and addUsers.html): Error messages are displayed if a username is invalid or already exists. * JPAs auto 2024-03-13 23:09:16 +01:00
			`public boolean isUsernameValid(String username) {`
extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`// Checks whether the simple username is formatted correctly`
			`boolean isValidSimpleUsername =`
			`username.matches("^[a-zA-Z0-9][a-zA-Z0-9@._+-]*[a-zA-Z0-9]$");`
			`// Checks whether the email address is formatted correctly`
			`boolean isValidEmail =`
			`username.matches(`
			`"^(?=.{1,64}@)[A-Za-z0-9]+(\\.[A-Za-z0-9_+.-]+)@[^-][A-Za-z0-9-]+(\\.[A-Za-z0-9-]+)(\\.[A-Za-z]{2,})$");`
			`return isValidSimpleUsername \|\| isValidEmail;`
			`}`

			`public String isUsernameValidWithReturn(String username) throws IllegalArgumentException {`
			`if (!isUsernameValid(username)) {`
			`String message =`
			`messageSource.getMessage(`
			`"invalidUsernameMessage", null, LocaleContextHolder.getLocale());`
			`throw new IllegalArgumentException(message);`
			`}`
			`return username;`
			`}`

			`public boolean hasPassword(String username) {`
			`Optional<User> user = userRepository.findByUsernameIgnoreCase(username);`
			`if (user.isPresent() && user.get().hasPassword()) {`
			`return true;`
			`}`
			`return false;`
			`}`

			`public boolean isAuthenticationTypeByUsername(`
			`String username, AuthenticationType authenticationType) {`
			`Optional<User> user = userRepository.findByUsernameIgnoreCase(username);`
			`if (user.isPresent() && user.get().getAuthenticationType() != null) {`
			`return user.get().getAuthenticationType().equalsIgnoreCase(authenticationType.name());`
			`}`
			`return false;`
Enforcing Username Uniqueness (#906) * Enforcing Username Uniqueness Changes in UserService.java: Added a new method findByUsername to allow searching for usernames regardless of case sensitivity. Added a new method isUsernameValid to validate the username. Changes in UserController.java: Updated the changeUsername method to ensure the new username is valid before changing it. Updated the editUser method to ensure the new username is unique and valid. Changes in UserRepository.java: Added a custom JPQL query to search for usernames regardless of case sensitivity. Changes in HTML templates (account.html and addUsers.html): Error messages are displayed if a username is invalid or already exists. * JPAs auto 2024-03-13 23:09:16 +01:00			`}`
eol 2024-01-03 17:59:04 +00:00			`}`