in security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java [1055:1214]
public VXUser updateXUser(VXUser vXUser) {
if (vXUser == null || vXUser.getName() == null || "null".equalsIgnoreCase(vXUser.getName()) || vXUser.getName().trim().isEmpty()) {
throw restErrorUtil.createRESTException("Please provide a valid " + "username.", MessageEnums.INVALID_INPUT_DATA);
}
String firstName = vXUser.getFirstName();
if (firstName == null || "null".equalsIgnoreCase(firstName) || firstName.trim().isEmpty()) {
throw restErrorUtil.createRESTException("Please provide a valid first name.", MessageEnums.INVALID_INPUT_DATA);
}
checkAccess(vXUser);
xaBizUtil.blockAuditorRoleUser();
VXPortalUser oldUserProfile = userMgr.getUserProfileByLoginId(vXUser.getName());
if (oldUserProfile == null) {
throw restErrorUtil.createRESTException("user " + vXUser.getName() + " does not exist.", MessageEnums.INVALID_INPUT_DATA);
}
VXPortalUser vXPortalUser = new VXPortalUser();
if (oldUserProfile.getId() != null) {
vXPortalUser.setId(oldUserProfile.getId());
}
vXPortalUser.setFirstName(vXUser.getFirstName());
if ("null".equalsIgnoreCase(vXPortalUser.getFirstName())) {
vXPortalUser.setFirstName("");
}
vXPortalUser.setLastName(vXUser.getLastName());
if ("null".equalsIgnoreCase(vXPortalUser.getLastName())) {
vXPortalUser.setLastName("");
}
vXPortalUser.setEmailAddress(vXUser.getEmailAddress());
vXPortalUser.setLoginId(vXUser.getName());
vXPortalUser.setStatus(vXUser.getStatus());
vXPortalUser.setUserRoleList(vXUser.getUserRoleList());
if (vXPortalUser.getFirstName() != null && vXPortalUser.getLastName() != null && !vXPortalUser.getFirstName().trim().isEmpty() && !vXPortalUser.getLastName().trim().isEmpty()) {
vXPortalUser.setPublicScreenName(vXPortalUser.getFirstName() + " " + vXPortalUser.getLastName());
} else {
vXPortalUser.setPublicScreenName(vXUser.getName());
}
vXPortalUser.setUserSource(oldUserProfile.getUserSource());
String hiddenPasswordString = PropertiesUtil.getProperty("ranger.password.hidden", "*****");
String password = vXUser.getPassword();
if (password != null && password.equals(hiddenPasswordString)) {
vXPortalUser.setPassword(oldUserProfile.getPassword());
} else if (oldUserProfile.getUserSource() == RangerCommonEnums.USER_EXTERNAL && password != null) {
vXPortalUser.setPassword(oldUserProfile.getPassword());
logger.debug("User is trrying to change external user password which we are not allowing it to change");
} else if (password != null) {
validatePassword(vXUser);
vXPortalUser.setPassword(password);
}
Collection<Long> groupIdList = vXUser.getGroupIdList();
VXUser existing = xUserService.readResource(vXUser.getId());
XXPortalUser xXPortalUser = userMgr.updateUserWithPass(vXPortalUser);
//update permissions start
Collection<String> roleListUpdatedProfile = new ArrayList<>();
if (oldUserProfile.getId() != null) {
if (vXUser.getUserRoleList() != null) {
Collection<String> roleListOldProfile = oldUserProfile.getUserRoleList();
Collection<String> roleListNewProfile = vXUser.getUserRoleList();
if (roleListNewProfile != null && roleListOldProfile != null) {
for (String role : roleListNewProfile) {
if (role != null && !roleListOldProfile.contains(role)) {
roleListUpdatedProfile.add(role);
}
}
}
}
}
if (!roleListUpdatedProfile.isEmpty()) {
vXPortalUser.setUserRoleList(roleListUpdatedProfile);
List<XXUserPermission> xuserPermissionList = daoManager.getXXUserPermission().findByUserPermissionId(vXPortalUser.getId());
if (xuserPermissionList != null && !xuserPermissionList.isEmpty()) {
for (XXUserPermission xXUserPermission : xuserPermissionList) {
if (xXUserPermission != null) {
try {
xUserPermissionService.deleteResource(xXUserPermission.getId());
} catch (Exception e) {
logger.error(e.getMessage());
}
}
}
}
assignPermissionToUser(vXPortalUser, true);
}
//update permissions end
Collection<String> roleList = new ArrayList<>();
if (xXPortalUser != null) {
roleList = userMgr.getRolesForUser(xXPortalUser);
}
if (roleList == null || roleList.isEmpty()) {
roleList = new ArrayList<>();
roleList.add(RangerConstants.ROLE_USER);
}
// TODO I've to get the transaction log from here.
// There is nothing to log anything in XXUser so far.
vXUser = xUserService.updateResource(vXUser);
vXUser.setUserRoleList(roleList);
if (oldUserProfile.getUserSource() == RangerCommonEnums.USER_APP) {
vXUser.setPassword(password);
} else if (oldUserProfile.getUserSource() == RangerCommonEnums.USER_EXTERNAL) {
vXUser.setPassword(oldUserProfile.getPassword());
}
if (password == null) {
vXUser.setPassword(hiddenPasswordString); //To stop Auditing Password transaction log, when it is not edited.
}
List<XXTrxLogV2> trxLogList = xUserService.getTransactionLog(vXUser, existing, OPERATION_UPDATE_CONTEXT);
vXUser.setPassword(hiddenPasswordString);
Long userId = vXUser.getId();
List<Long> groupUsersToRemove = new ArrayList<>();
List<XXTrxLogV2> groupUserTrxLogs = createOrDelGrpUserWithUpdatedGrpId(vXUser, groupIdList, userId, groupUsersToRemove);
if (CollectionUtils.isNotEmpty(groupUserTrxLogs)) {
if (trxLogList == null) {
trxLogList = new ArrayList<>();
}
trxLogList.addAll(groupUserTrxLogs);
}
xaBizUtil.createTrxLog(trxLogList);
updateUserStoreVersion("updateXUser(" + vXUser.getName() + ")");
return vXUser;
}