CeON / dataverse / 992

Build # 992

Build Type

push

jenkins

Committed by GitHub

Commit Message

Closes #2352: Enable account info change (#2358)

Run Details

28 of 28 new or added lines in 7 files covered. (100.0%)

21198 of 69119 relevant lines covered (30.67%)

0.31 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/dataverse-webapp/src/main/java/edu/harvard/iq/dataverse/authorization/AuthenticationProvider.java

package edu.harvard.iq.dataverse.authorization;

import edu.harvard.iq.dataverse.common.BundleUtil;
import edu.harvard.iq.dataverse.persistence.user.AuthenticatedUser;
import edu.harvard.iq.dataverse.persistence.user.AuthenticatedUserDisplayInfo;

import java.util.Set;

/**
 * Objects that can authenticate users. The authentication process yields a unique
 * identifier for the user in the user directory this provider represents.
 * <p>
 * Providers can have optional functionalities, such as updating user data and verifying email addresses. This abilities
 * can be queried using the {@code isXXXAllowed()} methods. If an implementation returns {@code true}
 * from one of these methods, it has to implement the matching methods.
 * <p>
 * Note: If you are adding an implementation of this interface, please add a "friendly" name to the bundles.
 * Example:  ShibAuthenticationProvider implements this interface.
 * (a)  ShibAuthenticationProvider.getID() returns "ship"
 * (b)  Construct bundle name using String id "shib" from (a):
 * "authenticationProvider.name." + "ship" ->
 * (c)  Bundle.properties entry: "authenticationProvider.name.shib=Shibboleth"
 * <p>
 * {@code AuthenticationPrvider}s are normally registered at startup in {@link AuthenticationServiceBean#startup()}.
 *
 * @author michael
 */
public interface AuthenticationProvider {

    String getId();

    AuthenticationProviderDisplayInfo getInfo();

    default boolean isPasswordUpdateAllowed() {
        return false;
    }

    default boolean isUserInfoUpdateAllowed() {
        return false;
    }

    default boolean isUserDeletionAllowed() {
        return false;
    }

    default boolean isOAuthProvider() {
        return false;
    }

    /** @todo Consider moving some or all of these to AuthenticationProviderDisplayInfo.*/
    /**
     * The identifier is only displayed in the UI if it's meaningful, such as an ORCID iD.
     */
    default boolean isDisplayIdentifier() {
        return false;
    }

    /**
     * ORCID calls their persistent id an "ORCID iD".
     */
    default String getPersistentIdName() {
        return null;
    }

    /**
     * ORCID has special language to describe their ID: http://members.orcid.org/logos-web-graphics
     */
    default String getPersistentIdDescription() {
        return null;
    }

    /**
     * An ORCID example would be the "http://orcid.org/" part of http://orcid.org/0000-0002-7874-374X
     */
    default String getPersistentIdUrlPrefix() {
        return null;
    }

    default String getLogo() {
        return null;
    }


    /**
     * Some providers (e.g organizational ones) provide verified email addresses.
     *
     * @return {@code true} if we can treat email addresses coming from this provider as verified, {@code false} otherwise.
     */
    default boolean isEmailVerified() {
        return false;
    }


    /**
     * Updates the password of the user whose id is passed.
     *
     * @param userIdInProvider User id in the provider. NOT the {@link AuthenticatedUser#id}, which is internal to the installation.
     * @param newPassword      password, in clear text
     * @throws UnsupportedOperationException if the provider does not support updating passwords.
     * @see #isPasswordUpdateAllowed()
     */
    default void updatePassword(String userIdInProvider, String newPassword) {
        throw new UnsupportedOperationException(this.toString() + " does not implement password updates");
    }

    /**
     * Verifies that the passed password matches the user's. Note that this method is has tri-state return
     * value ({@link Boolean} rather than a {@code boolean}). A {@code null} returned means that the user
     * was not found.
     *
     * @param userIdInProvider User id in the provider. NOT the {@link AuthenticatedUser#id}, which is internal to the installation.
     * @param password         The password string we test
     * @return {@code True} if the passwords match; {@code False} if they don't; {@code null} if the user was not found.
     * @throws UnsupportedOperationException if the provider does not support updating passwords.
     * @see #isPasswordUpdateAllowed()
     */
    default Boolean verifyPassword(String userIdInProvider, String password) {
        throw new UnsupportedOperationException(this.toString() + " does not implement password updates");
    }

    /**
     * Updates the password of the user whose id is passed.
     *
     * @param userIdInProvider User id in the provider. NOT the {@link AuthenticatedUser#id}, which is internal to the installation.
     * @param updatedUserData
     * @throws UnsupportedOperationException
     * @see #isUserInfoUpdateAllowed()
     */
    default void updateUserInfo(String userIdInProvider, AuthenticatedUserDisplayInfo updatedUserData) {
        throw new UnsupportedOperationException(this.toString() + " does not implement account detail updates");
    }

    default void deleteUser(String userIdInProvider) {
        throw new UnsupportedOperationException(this.toString() + " does not implement account deletions");
    }

    /**
     * Given the AuthenticationProvider id,
     * return the friendly name using the static method
     */
    default String getFriendlyName() {
        // call static method
        return BundleUtil.getStringFromBundle("authentication.human_readable." + this.getId());
    }

    /**
     * Returns the set of fields that user can edit after account creation is done.
     */
    default Set<EditableAccountField> getEditableFields() {
        return isUserInfoUpdateAllowed() ? EditableAccountFieldSets.allFields() : EditableAccountFieldSets.noFields();
    }
}


1	package edu.harvard.iq.dataverse.authorization;
2
3	import edu.harvard.iq.dataverse.common.BundleUtil;
4	import edu.harvard.iq.dataverse.persistence.user.AuthenticatedUser;
5	import edu.harvard.iq.dataverse.persistence.user.AuthenticatedUserDisplayInfo;
6
7	import java.util.Set;
8
9	/**
10	* Objects that can authenticate users. The authentication process yields a unique
11	* identifier for the user in the user directory this provider represents.
12	* <p>
13	* Providers can have optional functionalities, such as updating user data and verifying email addresses. This abilities
14	* can be queried using the {@code isXXXAllowed()} methods. If an implementation returns {@code true}
15	* from one of these methods, it has to implement the matching methods.
16	* <p>
17	* Note: If you are adding an implementation of this interface, please add a "friendly" name to the bundles.
18	* Example: ShibAuthenticationProvider implements this interface.
19	* (a) ShibAuthenticationProvider.getID() returns "ship"
20	* (b) Construct bundle name using String id "shib" from (a):
21	* "authenticationProvider.name." + "ship" ->
22	* (c) Bundle.properties entry: "authenticationProvider.name.shib=Shibboleth"
23	* <p>
24	* {@code AuthenticationPrvider}s are normally registered at startup in {@link AuthenticationServiceBean#startup()}.
25	*
26	* @author michael
27	*/
28	public interface AuthenticationProvider {
29
30	String getId();
31
32	AuthenticationProviderDisplayInfo getInfo();
33
34	default boolean isPasswordUpdateAllowed() {
35	return false;	×
36	}
37
38	default boolean isUserInfoUpdateAllowed() {
39	return false;	×
40	}
41
42	default boolean isUserDeletionAllowed() {
43	return false;	×
44	}
45
46	default boolean isOAuthProvider() {
47	return false;	×
48	}
49
50	/** @todo Consider moving some or all of these to AuthenticationProviderDisplayInfo.*/
51	/**
52	* The identifier is only displayed in the UI if it's meaningful, such as an ORCID iD.
53	*/
54	default boolean isDisplayIdentifier() {
55	return false;	×
56	}
57
58	/**
59	* ORCID calls their persistent id an "ORCID iD".
60	*/
61	default String getPersistentIdName() {
62	return null;	×
63	}
64
65	/**
66	* ORCID has special language to describe their ID: http://members.orcid.org/logos-web-graphics
67	*/
68	default String getPersistentIdDescription() {
69	return null;	×
70	}
71
72	/**
73	* An ORCID example would be the "http://orcid.org/" part of http://orcid.org/0000-0002-7874-374X
74	*/
75	default String getPersistentIdUrlPrefix() {
76	return null;	×
77	}
78
79	default String getLogo() {
80	return null;	×
81	}
82
83
84	/**
85	* Some providers (e.g organizational ones) provide verified email addresses.
86	*
87	* @return {@code true} if we can treat email addresses coming from this provider as verified, {@code false} otherwise.
88	*/
89	default boolean isEmailVerified() {
90	return false;	×
91	}
92
93
94	/**
95	* Updates the password of the user whose id is passed.
96	*
97	* @param userIdInProvider User id in the provider. NOT the {@link AuthenticatedUser#id}, which is internal to the installation.
98	* @param newPassword password, in clear text
99	* @throws UnsupportedOperationException if the provider does not support updating passwords.
100	* @see #isPasswordUpdateAllowed()
101	*/
102	default void updatePassword(String userIdInProvider, String newPassword) {
103	throw new UnsupportedOperationException(this.toString() + " does not implement password updates");	×
104	}
105
106	/**
107	* Verifies that the passed password matches the user's. Note that this method is has tri-state return
108	* value ({@link Boolean} rather than a {@code boolean}). A {@code null} returned means that the user
109	* was not found.
110	*
111	* @param userIdInProvider User id in the provider. NOT the {@link AuthenticatedUser#id}, which is internal to the installation.
112	* @param password The password string we test
113	* @return {@code True} if the passwords match; {@code False} if they don't; {@code null} if the user was not found.
114	* @throws UnsupportedOperationException if the provider does not support updating passwords.
115	* @see #isPasswordUpdateAllowed()
116	*/
117	default Boolean verifyPassword(String userIdInProvider, String password) {
118	throw new UnsupportedOperationException(this.toString() + " does not implement password updates");	×
119	}
120
121	/**
122	* Updates the password of the user whose id is passed.
123	*
124	* @param userIdInProvider User id in the provider. NOT the {@link AuthenticatedUser#id}, which is internal to the installation.
125	* @param updatedUserData
126	* @throws UnsupportedOperationException
127	* @see #isUserInfoUpdateAllowed()
128	*/
129	default void updateUserInfo(String userIdInProvider, AuthenticatedUserDisplayInfo updatedUserData) {
130	throw new UnsupportedOperationException(this.toString() + " does not implement account detail updates");	×
131	}
132
133	default void deleteUser(String userIdInProvider) {
134	throw new UnsupportedOperationException(this.toString() + " does not implement account deletions");	×
135	}
136
137	/**
138	* Given the AuthenticationProvider id,
139	* return the friendly name using the static method
140	*/
141	default String getFriendlyName() {
142	// call static method
143	return BundleUtil.getStringFromBundle("authentication.human_readable." + this.getId());	×
144	}
145
146	/**
147	* Returns the set of fields that user can edit after account creation is done.
148	*/
149	default Set<EditableAccountField> getEditableFields() {
150	return isUserInfoUpdateAllowed() ? EditableAccountFieldSets.allFields() : EditableAccountFieldSets.noFields();	×
151	}
152	}
153

CeON / dataverse / 992

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous