=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java' --- dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java 2015-10-16 20:17:09 +0000 +++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java 2015-11-07 17:11:20 +0000 @@ -95,6 +95,8 @@ boolean hideUnapprovedDataInAnalytics(); + boolean isOpenIdConfigured(); + String googleAnalyticsUA(); Integer credentialsExpires(); === modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java' --- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java 2015-11-03 03:22:58 +0000 +++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java 2015-11-07 17:11:20 +0000 @@ -441,13 +441,13 @@ } /** - * Indicates whether the LDAP identifier is present. + * Indicates whether a password is set. */ - public boolean hasLdapId() + public boolean hasPassword() { - return ldapId != null && !ldapId.isEmpty(); + return password != null; } - + // ------------------------------------------------------------------------- // hashCode and equals // ------------------------------------------------------------------------- === modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentialsStore.java' --- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentialsStore.java 2015-01-17 07:41:26 +0000 +++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentialsStore.java 2015-11-07 17:11:20 +0000 @@ -54,5 +54,14 @@ * @param openId open ID. * @return the UserCredentials. */ - UserCredentials getUserCredentialsByOpenID( String openId ); + UserCredentials getUserCredentialsByOpenId( String openId ); + + /** + * Retrieves the UserCredentials associated with the User with the given + * LDAP ID. + * + * @param ldapId LDAP ID. + * @return the UserCredentials. + */ + UserCredentials getUserCredentialsByLdapId( String ldapId ); } === modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java' --- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java 2015-09-16 14:49:50 +0000 +++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java 2015-11-07 17:11:20 +0000 @@ -219,7 +219,16 @@ * @param openId the openId of the User. * @return the UserCredentials. */ - UserCredentials getUserCredentialsByOpenID( String openId ); + UserCredentials getUserCredentialsByOpenId( String openId ); + + /** + * Retrieves the UserCredentials associated with the User with the given + * LDAP ID. + * + * @param ldapId the ldapId of the User. + * @return the UserCredentials. + */ + UserCredentials getUserCredentialsByLdapId( String ldapId ); /** * Retrieves all UserCredentials. === modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultUserDetailsService.java' --- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultUserDetailsService.java 2015-11-03 04:47:50 +0000 +++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultUserDetailsService.java 2015-11-07 17:11:20 +0000 @@ -1,5 +1,6 @@ package org.hisp.dhis.security; +import org.hisp.dhis.common.CodeGenerator; import org.hisp.dhis.system.util.SecurityUtils; import org.hisp.dhis.user.UserCredentials; import org.hisp.dhis.user.UserService; @@ -46,7 +47,7 @@ if ( credentials == null ) { - credentials = userService.getUserCredentialsByOpenID( username ); + credentials = userService.getUserCredentialsByOpenId( username ); if ( credentials == null ) { @@ -55,12 +56,20 @@ } // --------------------------------------------------------------------- - // UserDetails + // If password is null, assume external authentication (OpenID, LDAP) + // and set not encoded, random password to satisfy Spring Security // --------------------------------------------------------------------- + String password = credentials.getPassword(); + + if ( !credentials.hasPassword() ) + { + password = CodeGenerator.generateCode( 60 ); + } + boolean credentialsExpired = userService.credentialsNonExpired( credentials ); - return new User( credentials.getUsername(), credentials.getPassword(), + return new User( credentials.getUsername(), password, !credentials.isDisabled(), true, credentialsExpired, true, SecurityUtils.getGrantedAuthorities( credentials ) ); } } === modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/setting/DefaultSystemSettingManager.java' --- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/setting/DefaultSystemSettingManager.java 2015-10-16 20:17:09 +0000 +++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/setting/DefaultSystemSettingManager.java 2015-11-07 17:11:20 +0000 @@ -370,6 +370,12 @@ } @Override + public boolean isOpenIdConfigured() + { + return getSystemSetting( Setting.OPENID_PROVIDER ) != null && getSystemSetting( Setting.OPENID_PROVIDER_LABEL ) != null; + } + + @Override public String googleAnalyticsUA() { return StringUtils.trimToNull( (String) getSystemSetting( Setting.GOOGLE_ANALYTICS_UA ) ); === modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java' --- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java 2015-10-06 18:24:42 +0000 +++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java 2015-11-07 17:11:20 +0000 @@ -583,9 +583,15 @@ } @Override - public UserCredentials getUserCredentialsByOpenID( String openId ) - { - return userCredentialsStore.getUserCredentialsByOpenID( openId ); + public UserCredentials getUserCredentialsByOpenId( String openId ) + { + return userCredentialsStore.getUserCredentialsByOpenId( openId ); + } + + @Override + public UserCredentials getUserCredentialsByLdapId( String ldapId ) + { + return userCredentialsStore.getUserCredentialsByLdapId( ldapId ); } @Override === modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserCredentialsStore.java' --- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserCredentialsStore.java 2015-01-17 07:41:26 +0000 +++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserCredentialsStore.java 2015-11-07 17:11:20 +0000 @@ -49,10 +49,17 @@ } @Override - public UserCredentials getUserCredentialsByOpenID( String openId ) + public UserCredentials getUserCredentialsByOpenId( String openId ) { Query query = getQuery( "from UserCredentials uc where uc.openId = :openId" ); query.setString( "openId", openId ); return (UserCredentials) query.uniqueResult(); } + + public UserCredentials getUserCredentialsByLdapId( String ldapId ) + { + Query query = getQuery( "from UserCredentials uc where uc.ldapId = :ldapId" ); + query.setString( "ldapId", ldapId ); + return (UserCredentials) query.uniqueResult(); + } } === modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/ValidateUserAction.java' --- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/ValidateUserAction.java 2015-01-17 07:41:26 +0000 +++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/ValidateUserAction.java 2015-11-07 17:11:20 +0000 @@ -83,6 +83,13 @@ this.openId = openId; } + private String ldapId; + + public void setLdapId( String ldapId ) + { + this.ldapId = ldapId; + } + private String inviteUsername; public void setInviteUsername( String inviteUsername ) @@ -123,7 +130,7 @@ if ( openId != null ) { - UserCredentials match = userService.getUserCredentialsByOpenID( openId ); + UserCredentials match = userService.getUserCredentialsByOpenId( openId ); if ( match != null && (id == null || match.getId() != id) ) { @@ -133,6 +140,18 @@ } } + if ( ldapId != null ) + { + UserCredentials match = userService.getUserCredentialsByLdapId( ldapId ); + + if ( match != null && (id == null || match.getId() != id) ) + { + message = i18n.getString( "ldap_in_use" ); + + return ERROR; + } + } + if ( inviteUsername != null ) { UserCredentials match = userService.getUserCredentialsByUsername( inviteUsername ); === modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/org/hisp/dhis/user/i18n_module.properties' --- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/org/hisp/dhis/user/i18n_module.properties 2015-11-03 03:22:58 +0000 +++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/org/hisp/dhis/user/i18n_module.properties 2015-11-07 17:11:20 +0000 @@ -383,4 +383,5 @@ resend_invitation=Resend invitation invitation_sent=Invitation sent programs = Programs -ldap_id=LDAP identifier \ No newline at end of file +ldap_id=LDAP identifier +ldap_in_use=LDAP identifier in use \ No newline at end of file === modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm' --- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm 2015-11-03 03:22:58 +0000 +++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm 2015-11-07 17:11:20 +0000 @@ -28,6 +28,7 @@ checkValueIsExist("username", "validateUser.action"); checkValueIsExist("openId", "validateUser.action"); + checkValueIsExist("ldapId", "validateUser.action"); checkValueIsExist("inviteUsername", "validateUser.action"); ouwtSelected = selection.getSelected();