usergrid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From snoopd...@apache.org
Subject [12/50] [abbrv] usergrid git commit: USERGRID-1241: org-specific redirection handling
Date Thu, 04 Feb 2016 17:57:36 GMT
USERGRID-1241: org-specific redirection handling


Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/fbac7e84
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/fbac7e84
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/fbac7e84

Branch: refs/heads/asf-site
Commit: fbac7e84802459be44d588465ceb97817e40f560
Parents: 586dad0
Author: Mike Dunker <mdunker@apigee.com>
Authored: Wed Jan 27 16:24:54 2016 -0800
Committer: Mike Dunker <mdunker@apigee.com>
Committed: Wed Jan 27 16:24:54 2016 -0800

----------------------------------------------------------------------
 .../main/resources/usergrid-default.properties  |  5 ++
 .../usergrid/rest/AbstractContextResource.java  | 52 +++++++++++++++-
 .../rest/applications/ApplicationResource.java  | 10 ++--
 .../rest/applications/ServiceResource.java      | 12 ++--
 .../rest/applications/users/UserResource.java   | 41 ++++++-------
 .../rest/applications/users/UsersResource.java  | 14 ++---
 .../rest/management/ManagementResource.java     |  5 +-
 .../organizations/OrganizationResource.java     | 14 ++---
 .../rest/management/users/UserResource.java     | 62 ++++++++++++--------
 .../usergrid/management/ManagementService.java  | 13 ++++
 .../usergrid/management/OrganizationConfig.java | 27 +++++----
 .../management/OrganizationConfigProps.java     |  4 ++
 .../cassandra/ManagementServiceImpl.java        | 44 ++++++++++++--
 .../cassandra/OrganizationConfigPropsImpl.java  | 45 +++++++++++---
 14 files changed, 252 insertions(+), 96 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/config/src/main/resources/usergrid-default.properties
----------------------------------------------------------------------
diff --git a/stack/config/src/main/resources/usergrid-default.properties b/stack/config/src/main/resources/usergrid-default.properties
index 915d798..94d02ff 100644
--- a/stack/config/src/main/resources/usergrid-default.properties
+++ b/stack/config/src/main/resources/usergrid-default.properties
@@ -658,6 +658,11 @@ usergrid.admin.sysadmin.email=
 usergrid.api.url.base=http://localhost:8080/ROOT
 
 
+# org config property name regex
+# don't use backslashes in the regex, as they don't play well in properties files
+# instead, use character class ([.] instead of backslash-period)
+usergrid.org.config.property.regex=usergrid[.]view[.].*
+
 
 
 ###########################  Usergrid Email Templates  ########################

http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/rest/src/main/java/org/apache/usergrid/rest/AbstractContextResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/AbstractContextResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/AbstractContextResource.java
index 68c894b..1d86631 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/AbstractContextResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/AbstractContextResource.java
@@ -25,6 +25,7 @@ import net.tanesha.recaptcha.ReCaptcha;
 import net.tanesha.recaptcha.ReCaptchaFactory;
 import org.apache.commons.lang.StringUtils;
 import org.apache.usergrid.management.ManagementService;
+import org.apache.usergrid.management.OrganizationConfig;
 import org.apache.usergrid.mq.QueueManagerFactory;
 import org.apache.usergrid.persistence.EntityManagerFactory;
 import org.apache.usergrid.rest.exceptions.RedirectionException;
@@ -43,6 +44,7 @@ import javax.xml.ws.spi.http.HttpContext;
 import java.io.IOException;
 import java.util.List;
 import java.util.Map;
+import java.util.UUID;
 
 
 public abstract class AbstractContextResource {
@@ -163,6 +165,51 @@ public abstract class AbstractContextResource {
 
 
     public Viewable handleViewable(String template, Object model) {
+        return handleViewable(template, model, management.getOrganizationConfigDefaultsOnly());
+    }
+
+
+    public Viewable handleViewable(String template, Object model, String organizationName) {
+        OrganizationConfig orgConfig;
+        try {
+            if (!StringUtils.isBlank(organizationName)) {
+                orgConfig = management.getOrganizationConfigByName(organizationName);
+            } else {
+                orgConfig = management.getOrganizationConfigDefaultsOnly();
+            }
+        }
+        catch (Exception e) {
+            // fall back to non-org
+            if (logger.isInfoEnabled()) {
+                logger.info("handleViewable: unable to retrieve org config by org name: " + organizationName);
+            }
+            orgConfig = management.getOrganizationConfigDefaultsOnly();
+        }
+        return handleViewable(template, model, orgConfig);
+    }
+
+
+    public Viewable handleViewable(String template, Object model, UUID organizationId) {
+        OrganizationConfig orgConfig;
+        try {
+            if (organizationId != null) {
+                orgConfig = management.getOrganizationConfigByUuid(organizationId);
+            } else {
+                orgConfig = management.getOrganizationConfigDefaultsOnly();
+            }
+        }
+        catch (Exception e) {
+            // fall back to non-org
+            if (logger.isInfoEnabled() && organizationId != null) {
+                logger.info("handleViewable: unable to retrieve org config by org UUID: " + organizationId.toString());
+            }
+            orgConfig = management.getOrganizationConfigDefaultsOnly();
+        }
+        return handleViewable(template, model, orgConfig);
+    }
+
+
+    public Viewable handleViewable(String template, Object model, OrganizationConfig orgConfig) {
 
         String className = this.getClass().getName().toLowerCase();
         String packageName = AbstractContextResource.class.getPackage().getName();
@@ -171,7 +218,7 @@ public abstract class AbstractContextResource {
             StringUtils.removeEnd(className.toLowerCase(), "resource")
                 .substring(packageName.length()) + "." + template.toLowerCase();
 
-        String redirect_url = properties.getProperty(template_property);
+        String redirect_url = orgConfig.getProperty(template_property);
 
         if (StringUtils.isNotBlank(redirect_url)) {
             if (logger.isDebugEnabled()) {
@@ -184,8 +231,7 @@ public abstract class AbstractContextResource {
             logger.debug("Dispatching to viewable with template: {}", template, template_property);
         }
 
-        Viewable viewable = new Viewable(template, model);
-        return viewable;
+        return new Viewable(template, model);
     }
 
 

http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ApplicationResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ApplicationResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ApplicationResource.java
index 5d76b3b..cc111eb 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ApplicationResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ApplicationResource.java
@@ -44,12 +44,10 @@ import org.apache.usergrid.rest.applications.events.EventsResource;
 import org.apache.usergrid.rest.applications.queues.QueueResource;
 import org.apache.usergrid.rest.applications.users.UsersResource;
 import org.apache.usergrid.rest.exceptions.AuthErrorInfo;
-import org.apache.usergrid.rest.exceptions.NotFoundExceptionMapper;
 import org.apache.usergrid.rest.exceptions.RedirectionException;
 import org.apache.usergrid.rest.exceptions.UnsupportedRestOperationException;
 import org.apache.usergrid.rest.security.annotations.RequireApplicationAccess;
 import org.apache.usergrid.rest.security.annotations.RequireOrganizationAccess;
-import org.apache.usergrid.rest.security.annotations.RequireSystemAccess;
 import org.apache.usergrid.security.oauth.AccessInfo;
 import org.apache.usergrid.security.oauth.ClientCredentialsInfo;
 import org.glassfish.jersey.server.mvc.Viewable;
@@ -429,13 +427,13 @@ public class ApplicationResource extends ServiceResource {
             ApplicationInfo app = management.getApplicationInfo( applicationId );
             applicationName = app.getName();
 
-            return handleViewable( "authorize_form", this );
+            return handleViewable( "authorize_form", this, getOrganizationName() );
         }
         catch ( RedirectionException e ) {
             throw e;
         }
         catch ( Exception e ) {
-            return handleViewable( "error", e );
+            return handleViewable( "error", e, getOrganizationName() );
         }
     }
 
@@ -491,14 +489,14 @@ public class ApplicationResource extends ServiceResource {
             ApplicationInfo app = management.getApplicationInfo( applicationId );
             applicationName = app.getName();
 
-            return Response.ok( handleViewable( "authorize_form", this ) ).build() ;
+            return Response.ok( handleViewable( "authorize_form", this, getOrganizationName() ) ).build() ;
         }
         catch ( RedirectionException e ) {
             throw e;
         }
         catch ( Exception e ) {
             logger.error("handleAuthorizeForm failed", e);
-            return Response.ok( handleViewable( "error", this ) ).build() ;
+            return Response.ok( handleViewable( "error", this, getOrganizationName() ) ).build() ;
         }
     }
 

http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ServiceResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ServiceResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ServiceResource.java
index 70adf35..af6ec44 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ServiceResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ServiceResource.java
@@ -17,7 +17,6 @@
 package org.apache.usergrid.rest.applications;
 
 
-import com.amazonaws.AmazonClientException;
 import com.amazonaws.AmazonServiceException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.jaxrs.json.annotation.JSONP;
@@ -130,6 +129,11 @@ public class ServiceResource extends AbstractContextResource {
     }
 
 
+    public String getOrganizationName() {
+        return services.getApplication().getOrganizationName();
+    }
+
+
     public List<ServiceParameter> getServiceParameters() {
         if ( serviceParameters != null ) {
             return serviceParameters;
@@ -137,7 +141,7 @@ public class ServiceResource extends AbstractContextResource {
         if ( getServiceResourceParent() != null ) {
             return getServiceResourceParent().getServiceParameters();
         }
-        serviceParameters = new ArrayList<ServiceParameter>();
+        serviceParameters = new ArrayList<>();
         return serviceParameters;
     }
 
@@ -648,7 +652,7 @@ public class ServiceResource extends AbstractContextResource {
 
         // collect form data values
         List<BodyPart> bodyParts = multiPart.getBodyParts();
-        HashMap<String, Object> data = new HashMap<String, Object>();
+        HashMap<String, Object> data = new HashMap<>();
         for ( BodyPart bp : bodyParts ) {
             FormDataBodyPart bodyPart = ( FormDataBodyPart ) bp;
             if ( bodyPart.getMediaType().equals( MediaType.TEXT_PLAIN_TYPE ) ) {
@@ -791,7 +795,7 @@ public class ServiceResource extends AbstractContextResource {
 
         boolean range = StringUtils.isNotBlank( rangeHeader );
         long start = 0, end = 0, contentLength = 0;
-        InputStream inputStream = null;
+        InputStream inputStream;
 
         if ( range ) { // honor range request, calculate start & end
 

http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UserResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UserResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UserResource.java
index 77ba756..6de65f1 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UserResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UserResource.java
@@ -71,9 +71,7 @@ import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
 import static javax.servlet.http.HttpServletResponse.SC_FORBIDDEN;
 import static javax.servlet.http.HttpServletResponse.SC_OK;
 
-import static org.apache.usergrid.security.shiro.utils.SubjectUtils.getSubjectUserId;
-import static org.apache.usergrid.security.shiro.utils.SubjectUtils.isApplicationAdmin;
-import static org.apache.usergrid.security.shiro.utils.SubjectUtils.isApplicationUser;
+import static org.apache.usergrid.security.shiro.utils.SubjectUtils.*;
 import static org.apache.usergrid.utils.ConversionUtils.string;
 
 
@@ -222,6 +220,8 @@ public class UserResource extends ServiceResource {
 
         ApiResponse response = createApiResponse();
         response.setAction( "set user credentials" );
+
+        @SuppressWarnings("unchecked")
         Map<String, Object> credentialsJson = ( Map<String, Object> ) json.get( "credentials" );
 
 
@@ -398,17 +398,17 @@ public class UserResource extends ServiceResource {
         this.token = token;
         try {
             if ( management.checkPasswordResetTokenForAppUser( getApplicationId(), getUserUuid(), token ) ) {
-                return handleViewable( "resetpw_set_form", this );
+                return handleViewable( "resetpw_set_form", this, getOrganizationName() );
             }
             else {
-                return handleViewable( "resetpw_email_form", this );
+                return handleViewable( "resetpw_email_form", this, getOrganizationName() );
             }
         }
         catch ( RedirectionException e ) {
             throw e;
         }
         catch ( Exception e ) {
-            return handleViewable( "error", e );
+            return handleViewable( "error", e, getOrganizationName() );
         }
     }
 
@@ -433,22 +433,22 @@ public class UserResource extends ServiceResource {
                     if ( ( password1 != null ) && password1.equals( password2 ) ) {
                         management.setAppUserPassword( getApplicationId(), getUser().getUuid(), password1 );
                         management.revokeAccessTokenForAppUser( token );
-                        return handleViewable( "resetpw_set_success", this );
+                        return handleViewable( "resetpw_set_success", this, getOrganizationName() );
                     }
                     else {
                         errorMsg = "Passwords didn't match, let's try again...";
-                        return handleViewable( "resetpw_set_form", this );
+                        return handleViewable( "resetpw_set_form", this, getOrganizationName() );
                     }
                 }
                 else {
                     errorMsg = "Sorry, you have an invalid token. Let's try again...";
-                    return handleViewable( "resetpw_email_form", this );
+                    return handleViewable( "resetpw_email_form", this, getOrganizationName() );
                 }
             }
 
             if ( !useReCaptcha() ) {
                 management.startAppUserPasswordResetFlow( getApplicationId(), getUser() );
-                return handleViewable( "resetpw_email_success", this );
+                return handleViewable( "resetpw_email_success", this, getOrganizationName() );
             }
 
             ReCaptchaImpl reCaptcha = new ReCaptchaImpl();
@@ -459,18 +459,18 @@ public class UserResource extends ServiceResource {
 
             if ( reCaptchaResponse.isValid() ) {
                 management.startAppUserPasswordResetFlow( getApplicationId(), getUser() );
-                return handleViewable( "resetpw_email_success", this );
+                return handleViewable( "resetpw_email_success", this, getOrganizationName() );
             }
             else {
                 errorMsg = "Incorrect Captcha";
-                return handleViewable( "resetpw_email_form", this );
+                return handleViewable( "resetpw_email_form", this, getOrganizationName() );
             }
         }
         catch ( RedirectionException e ) {
             throw e;
         }
         catch ( Exception e ) {
-            return handleViewable( "error", e );
+            return handleViewable( "error", e, getOrganizationName() );
         }
     }
 
@@ -515,16 +515,16 @@ public class UserResource extends ServiceResource {
 
         try {
             management.handleActivationTokenForAppUser( getApplicationId(), getUserUuid(), token );
-            return handleViewable( "activate", this );
+            return handleViewable( "activate", this, getOrganizationName() );
         }
         catch ( TokenException e ) {
-            return handleViewable( "bad_activation_token", this );
+            return handleViewable( "bad_activation_token", this, getOrganizationName() );
         }
         catch ( RedirectionException e ) {
             throw e;
         }
         catch ( Exception e ) {
-            return handleViewable( "error", e );
+            return handleViewable( "error", e, getOrganizationName() );
         }
     }
 
@@ -538,18 +538,18 @@ public class UserResource extends ServiceResource {
             ActivationState state =
                     management.handleConfirmationTokenForAppUser( getApplicationId(), getUserUuid(), token );
             if ( state == ActivationState.CONFIRMED_AWAITING_ACTIVATION ) {
-                return handleViewable( "confirm", this );
+                return handleViewable( "confirm", this, getOrganizationName() );
             }
-            return handleViewable( "activate", this );
+            return handleViewable( "activate", this, getOrganizationName() );
         }
         catch ( TokenException e ) {
-            return handleViewable( "bad_confirmation_token", this );
+            return handleViewable( "bad_confirmation_token", this, getOrganizationName() );
         }
         catch ( RedirectionException e ) {
             throw e;
         }
         catch ( Exception e ) {
-            return handleViewable( "error", e );
+            return handleViewable( "error", e, getOrganizationName() );
         }
     }
 
@@ -684,6 +684,7 @@ public class UserResource extends ServiceResource {
             extensionResource = getSubResource( extensionCls );
         }
         catch ( Exception e ) {
+            // intentionally empty
         }
         if ( extensionResource != null ) {
             return extensionResource;

http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UsersResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UsersResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UsersResource.java
index 81cf59a..e224cfc 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UsersResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UsersResource.java
@@ -120,7 +120,7 @@ public class UsersResource extends ServiceResource {
     @Path("resetpw")
     @Produces(MediaType.TEXT_HTML)
     public Viewable showPasswordResetForm( @Context UriInfo ui ) {
-        return handleViewable( "resetpw_email_form", this );
+        return handleViewable( "resetpw_email_form", this, getOrganizationName() );
     }
 
 
@@ -141,30 +141,30 @@ public class UsersResource extends ServiceResource {
 
             if ( isBlank( email ) ) {
                 errorMsg = "No email provided, try again...";
-                return handleViewable( "resetpw_email_form", this );
+                return handleViewable( "resetpw_email_form", this, getOrganizationName() );
             }
 
             if ( !useReCaptcha() || reCaptchaResponse.isValid() ) {
                 user = management.getAppUserByIdentifier( getApplicationId(), Identifier.fromEmail( email ) );
                 if ( user != null ) {
                     management.startAppUserPasswordResetFlow( getApplicationId(), user );
-                    return handleViewable( "resetpw_email_success", this );
+                    return handleViewable( "resetpw_email_success", this, getOrganizationName() );
                 }
                 else {
                     errorMsg = "We don't recognize that email, try again...";
-                    return handleViewable( "resetpw_email_form", this );
+                    return handleViewable( "resetpw_email_form", this, getOrganizationName() );
                 }
             }
             else {
                 errorMsg = "Incorrect Captcha, try again...";
-                return handleViewable( "resetpw_email_form", this );
+                return handleViewable( "resetpw_email_form", this, getOrganizationName() );
             }
         }
         catch ( RedirectionException e ) {
             throw e;
         }
         catch ( Exception e ) {
-            return handleViewable( "resetpw_email_form", e );
+            return handleViewable( "resetpw_email_form", e, getOrganizationName() );
         }
     }
 
@@ -249,7 +249,7 @@ public class UsersResource extends ServiceResource {
             }
         }
 
-        ApiResponse response = ( ApiResponse ) super.executePostWithObject( ui, json, callback );
+        ApiResponse response = super.executePostWithObject( ui, json, callback );
 
         if ( ( response.getEntities() != null ) && ( response.getEntities().size() == 1 ) ) {
 

http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
index 11fd897..721235e 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
@@ -268,7 +268,7 @@ public class ManagementResource extends AbstractContextResource {
                     }
                     catch ( UnconfirmedAdminUserException uaue ) {
                         errorDescription = "User must be confirmed to authenticate";
-                        logger.warn( "Responding with HTTP 403 forbidden response for unconfirmed user {}" , user);
+                        logger.warn("Responding with HTTP 403 forbidden response for unconfirmed user");
 
                         OAuthResponse response = OAuthResponse.errorResponse( SC_FORBIDDEN )
                                                               .setError( OAuthError.TokenResponse.INVALID_GRANT )
@@ -469,6 +469,7 @@ public class ManagementResource extends AbstractContextResource {
                 user = management.verifyAdminUserPasswordCredentials( username, password );
             }
             catch ( Exception e1 ) {
+                // intentionally empty
             }
             if ( ( user != null ) && isNotBlank( redirect_uri ) ) {
                 if ( !redirect_uri.contains( "?" ) ) {
@@ -584,7 +585,7 @@ public class ManagementResource extends AbstractContextResource {
         if ( ttl == -1 ) {
             throw new IllegalArgumentException("ttl must be specified");
         }
-        AccessInfo accessInfo = null;
+        AccessInfo accessInfo;
 
         Timer processingTimer = getMetricsFactory().getTimer(
             ManagementResource.class, SSO_PROCESSING_TIME );

http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationResource.java
index f777637..77239f3 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationResource.java
@@ -130,16 +130,16 @@ public class OrganizationResource extends AbstractContextResource {
 
         try {
             management.handleActivationTokenForOrganization( organization.getUuid(), token );
-            return handleViewable( "activate", this );
+            return handleViewable( "activate", this, organization.getName() );
         }
         catch ( TokenException e ) {
-            return handleViewable( "bad_activation_token", this );
+            return handleViewable( "bad_activation_token", this, organization.getName() );
         }
         catch ( RedirectionException e ) {
             throw e;
         }
         catch ( Exception e ) {
-            return handleViewable( "error", e );
+            return handleViewable( "error", e, organization.getName() );
         }
     }
 
@@ -152,18 +152,18 @@ public class OrganizationResource extends AbstractContextResource {
         try {
             ActivationState state = management.handleActivationTokenForOrganization( organization.getUuid(), token );
             if ( state == ActivationState.CONFIRMED_AWAITING_ACTIVATION ) {
-                return handleViewable( "confirm", this );
+                return handleViewable( "confirm", this, organization.getName() );
             }
-            return handleViewable( "activate", this );
+            return handleViewable( "activate", this, organization.getName() );
         }
         catch ( TokenException e ) {
-            return handleViewable( "bad_activation_token", this );
+            return handleViewable( "bad_activation_token", this, organization.getName() );
         }
         catch ( RedirectionException e ) {
             throw e;
         }
         catch ( Exception e ) {
-            return handleViewable( "error", e );
+            return handleViewable( "error", e, organization.getName() );
         }
     }
 

http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
index 188567b..a968508 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
@@ -29,7 +29,7 @@ import org.apache.usergrid.rest.exceptions.RedirectionException;
 import org.apache.usergrid.rest.management.ManagementResource;
 import org.apache.usergrid.rest.management.users.organizations.OrganizationsResource;
 import org.apache.usergrid.rest.security.annotations.RequireAdminUserAccess;
-import org.apache.usergrid.security.shiro.utils.SubjectUtils;
+import org.apache.usergrid.security.tokens.TokenInfo;
 import org.apache.usergrid.security.tokens.exceptions.TokenException;
 import org.apache.usergrid.services.ServiceResults;
 import org.glassfish.jersey.server.mvc.Viewable;
@@ -191,7 +191,7 @@ public class UserResource extends AbstractContextResource {
         ApiResponse response = createApiResponse();
         response.setAction( "get admin user" );
 
-        String token = management.getAccessTokenForAdminUser( SubjectUtils.getUser().getUuid(), ttl );
+        String token = management.getAccessTokenForAdminUser( user.getUuid(), ttl );
         Map<String, Object> userOrganizationData = management.getAdminUserOrganizationData( user, !shallow );
         userOrganizationData.put( "token", token );
         response.setData( userOrganizationData );
@@ -214,21 +214,25 @@ public class UserResource extends AbstractContextResource {
                     properties.getProperty( ManagementResource.USERGRID_CENTRAL_URL ) );
         }
 
+        UUID organizationId = null;
+
         try {
             this.token = token;
+            TokenInfo tokenInfo = management.getPasswordResetTokenInfoForAdminUser(token);
+            organizationId = tokenInfo.getWorkflowOrgId();
 
-            if ( management.checkPasswordResetTokenForAdminUser( user.getUuid(), token ) ) {
-                return handleViewable( "resetpw_set_form", this );
+            if ( management.checkPasswordResetTokenForAdminUser( user.getUuid(), tokenInfo ) ) {
+                return handleViewable( "resetpw_set_form", this, organizationId );
             }
             else {
-                return handleViewable( "resetpw_email_form", this );
+                return handleViewable( "resetpw_email_form", this, organizationId );
             }
         }
         catch ( RedirectionException e ) {
             throw e;
         }
         catch ( Exception e ) {
-            return handleViewable( "error", e );
+            return handleViewable( "error", e, organizationId );
         }
     }
 
@@ -255,8 +259,12 @@ public class UserResource extends AbstractContextResource {
                     properties.getProperty( ManagementResource.USERGRID_CENTRAL_URL ) );
         }
 
+        UUID organizationId = null;
+
         try {
             this.token = token;
+            TokenInfo tokenInfo = management.getPasswordResetTokenInfoForAdminUser(token);
+            organizationId = tokenInfo.getWorkflowOrgId();
 
             //      if(user == null) {
             //        errorMsg = "Incorrect username entered";
@@ -264,26 +272,26 @@ public class UserResource extends AbstractContextResource {
             //      }
 
             if ( ( password1 != null ) || ( password2 != null ) ) {
-                if ( management.checkPasswordResetTokenForAdminUser( user.getUuid(), token ) ) {
+                if ( management.checkPasswordResetTokenForAdminUser( user.getUuid(), tokenInfo ) ) {
                     if ( ( password1 != null ) && password1.equals( password2 ) ) {
                         management.setAdminUserPassword( user.getUuid(), password1 );
                         management.revokeAccessTokenForAdminUser( user.getUuid(), token );
-                        return handleViewable( "resetpw_set_success", this );
+                        return handleViewable( "resetpw_set_success", this, organizationId );
                     }
                     else {
                         errorMsg = "Passwords didn't match, let's try again...";
-                        return handleViewable( "resetpw_set_form", this );
+                        return handleViewable( "resetpw_set_form", this, organizationId );
                     }
                 }
                 else {
                     errorMsg = "Sorry, you have an invalid token. Let's try again...";
-                    return handleViewable( "resetpw_email_form", this );
+                    return handleViewable( "resetpw_email_form", this, organizationId );
                 }
             }
 
             if ( !useReCaptcha() ) {
                 management.startAdminUserPasswordResetFlow( null, user );
-                return handleViewable( "resetpw_email_success", this );
+                return handleViewable( "resetpw_email_success", this, organizationId );
             }
 
             ReCaptchaImpl reCaptcha = new ReCaptchaImpl();
@@ -294,18 +302,18 @@ public class UserResource extends AbstractContextResource {
 
             if ( reCaptchaResponse.isValid() ) {
                 management.startAdminUserPasswordResetFlow( null, user );
-                return handleViewable( "resetpw_email_success", this );
+                return handleViewable( "resetpw_email_success", this, organizationId );
             }
             else {
                 errorMsg = "Incorrect Captcha";
-                return handleViewable( "resetpw_email_form", this );
+                return handleViewable( "resetpw_email_form", this, organizationId );
             }
         }
         catch ( RedirectionException e ) {
             throw e;
         }
         catch ( Exception e ) {
-            return handleViewable( "error", e );
+            return handleViewable( "error", e, organizationId );
         }
     }
 
@@ -338,18 +346,22 @@ public class UserResource extends AbstractContextResource {
                     properties.getProperty( ManagementResource.USERGRID_CENTRAL_URL ) );
         }
 
+        UUID organizationId = null;
+
         try {
-            management.handleActivationTokenForAdminUser( user.getUuid(), token );
-            return handleViewable( "activate", this );
+            TokenInfo tokenInfo = management.getActivationTokenInfoForAdminUser(token) ;
+            organizationId = tokenInfo.getWorkflowOrgId();
+            management.handleActivationTokenForAdminUser( user.getUuid(), tokenInfo );
+            return handleViewable( "activate", this, organizationId );
         }
         catch ( TokenException e ) {
-            return handleViewable( "bad_activation_token", this );
+            return handleViewable( "bad_activation_token", this, organizationId );
         }
         catch ( RedirectionException e ) {
             throw e;
         }
         catch ( Exception e ) {
-            return handleViewable( "error", e );
+            return handleViewable( "error", e, organizationId );
         }
     }
 
@@ -367,21 +379,25 @@ public class UserResource extends AbstractContextResource {
                     properties.getProperty( ManagementResource.USERGRID_CENTRAL_URL ) );
         }
 
+        UUID organizationId = null;
+
         try {
-            ActivationState state = management.handleConfirmationTokenForAdminUser( user.getUuid(), token );
+            TokenInfo tokenInfo = management.getConfirmationTokenInfoForAdminUser(token) ;
+            organizationId = tokenInfo.getWorkflowOrgId();
+            ActivationState state = management.handleConfirmationTokenForAdminUser( user.getUuid(), tokenInfo );
             if ( state == ActivationState.CONFIRMED_AWAITING_ACTIVATION ) {
-                return handleViewable( "confirm", this );
+                return handleViewable( "confirm", this, organizationId );
             }
-            return handleViewable( "activate", this );
+            return handleViewable( "activate", this, organizationId );
         }
         catch ( TokenException e ) {
-            return handleViewable( "bad_confirmation_token", this );
+            return handleViewable( "bad_confirmation_token", this, organizationId );
         }
         catch ( RedirectionException e ) {
             throw e;
         }
         catch ( Exception e ) {
-            return new Viewable( "error", e );
+            return handleViewable( "error", e, organizationId );
         }
     }
 

http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/services/src/main/java/org/apache/usergrid/management/ManagementService.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/management/ManagementService.java b/stack/services/src/main/java/org/apache/usergrid/management/ManagementService.java
index 1352dad..2f2d10f 100644
--- a/stack/services/src/main/java/org/apache/usergrid/management/ManagementService.java
+++ b/stack/services/src/main/java/org/apache/usergrid/management/ManagementService.java
@@ -33,6 +33,7 @@ import org.apache.usergrid.persistence.entities.User;
 import org.apache.usergrid.persistence.model.entity.Id;
 import org.apache.usergrid.security.oauth.AccessInfo;
 import org.apache.usergrid.security.shiro.PrincipalCredentialsToken;
+import org.apache.usergrid.security.tokens.TokenInfo;
 import org.apache.usergrid.services.ServiceResults;
 
 import com.google.common.collect.BiMap;
@@ -50,12 +51,24 @@ public interface ManagementService {
 
 	AccessInfo authorizeClient( String clientId, String clientSecret, long ttl ) throws Exception;
 
+	TokenInfo getConfirmationTokenInfoForAdminUser( String token ) throws Exception;
+
 	ActivationState handleConfirmationTokenForAdminUser( UUID userId, String token ) throws Exception;
 
+	ActivationState handleConfirmationTokenForAdminUser( UUID userId, TokenInfo tokenInfo ) throws Exception;
+
+	TokenInfo getActivationTokenInfoForAdminUser( String token ) throws Exception;
+
 	ActivationState handleActivationTokenForAdminUser( UUID userId, String token ) throws Exception;
 
+	ActivationState handleActivationTokenForAdminUser( UUID userId, TokenInfo tokenInfo ) throws Exception;
+
 	ActivationState handleActivationTokenForOrganization( UUID organizationId, String token ) throws Exception;
 
+	TokenInfo getPasswordResetTokenInfoForAdminUser( String token ) throws Exception;
+
+	boolean checkPasswordResetTokenForAdminUser( UUID userId, TokenInfo tokenInfo ) throws Exception;
+
 	boolean checkPasswordResetTokenForAdminUser( UUID userId, String token ) throws Exception;
 
 	UserInfo createAdminUser( UUID organizationId, String username, String name, String email, String password,

http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfig.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfig.java b/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfig.java
index 2730eac..b327682 100644
--- a/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfig.java
+++ b/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfig.java
@@ -28,10 +28,8 @@ import java.util.*;
 public class OrganizationConfig {
 
     private OrganizationConfigProps configProps;
-    //private Map<String, String> defaultProperties;
     private UUID id;
     private String name;
-    //private Map<String, String> orgProperties;
 
 
     // shouldn't use the default constructor
@@ -52,10 +50,8 @@ public class OrganizationConfig {
 
     public OrganizationConfig(OrganizationConfigProps configFileProperties, UUID id, String name) {
         this.configProps = new OrganizationConfigPropsImpl(configFileProperties);
-        //defaultProperties = configFileProperties.getOrgPropertyMap();
         this.id = id;
         this.name = name;
-        //this.orgProperties = new HashMap<>();
     }
 
     public OrganizationConfig(OrganizationConfigProps configFileProperties) {
@@ -78,24 +74,33 @@ public class OrganizationConfig {
     }
 
     private void orgPropertyValidate(Map<String, Object> entityProperties) throws IllegalArgumentException {
-        Set<String> entityPropertyKeys = new HashSet<>(entityProperties.keySet());
-        entityPropertyKeys.removeAll(configProps.getOrgPropertyNames());
-        // if anything remains in the key set, it is not a valid property
-        if (entityPropertyKeys.size() > 0) {
-            throw new IllegalArgumentException("Invalid organization config keys: " + String.join(", ", entityPropertyKeys));
+        Set<String> invalidKeys = new HashSet<>();
+        entityProperties.keySet().forEach((k) -> {
+           if (!configProps.orgPropertyNameValid(k)) {
+               invalidKeys.add(k);
+           }
+        });
+
+        if (invalidKeys.size() > 0) {
+            throw new IllegalArgumentException("Invalid organization config keys: " + String.join(", ", invalidKeys));
         }
 
+        invalidKeys.clear();
         entityProperties.forEach((k,v) -> {
             if (!v.getClass().equals(String.class)) {
-                throw new IllegalArgumentException("Organization config values must be strings.");
+                invalidKeys.add(k);
             }
         });
+
+        if (invalidKeys.size() > 0) {
+            throw new IllegalArgumentException("Organization config value(s) not strings: " + String.join(", ", invalidKeys));
+        }
     }
 
     private void addOrgProperties(Map<String, Object> newOrgProperties) {
         newOrgProperties.forEach((k,v) -> {
             // only take valid properties, validation (if required) happened earlier
-            if (configProps.getOrgPropertyNames().contains(k)) {
+            if (configProps.orgPropertyNameValid(k)) {
                 // ignore non-strings, validation happened earlier
                 if (v.getClass().equals(String.class)) {
                     this.configProps.setProperty(k, v.toString());

http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfigProps.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfigProps.java b/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfigProps.java
index f50705f..226e3a3 100644
--- a/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfigProps.java
+++ b/stack/services/src/main/java/org/apache/usergrid/management/OrganizationConfigProps.java
@@ -50,6 +50,8 @@ public interface OrganizationConfigProps {
 
     Map<String, String> getOrgPropertiesMap();
 
+    String getOrgPropertyNameRegex();
+
     String getProperty(String name);
 
     String getProperty(String name, String defaultValue);
@@ -66,4 +68,6 @@ public interface OrganizationConfigProps {
 
     String getFullUrl(WorkflowUrl urlType, Object ... arguments);
 
+    boolean orgPropertyNameValid(String name);
+
 }

http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
index 558b718..cc5fc9c 100644
--- a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
+++ b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
@@ -2197,10 +2197,22 @@ public class ManagementServiceImpl implements ManagementService {
 
 
     @Override
+    public TokenInfo getPasswordResetTokenInfoForAdminUser( String token ) throws Exception {
+        return getTokenInfoFromAccessToken(token, TOKEN_TYPE_PASSWORD_RESET, ADMIN_USER);
+    }
+
+
+    @Override
     public boolean checkPasswordResetTokenForAdminUser( UUID userId, String token ) throws Exception {
+        return checkPasswordResetTokenForAdminUser(userId, getPasswordResetTokenInfoForAdminUser(token));
+    }
+
+
+    @Override
+    public boolean checkPasswordResetTokenForAdminUser( UUID userId, TokenInfo tokenInfo ) throws Exception {
         AuthPrincipalInfo principal = null;
         try {
-            principal = getPrincipalFromAccessToken( token, TOKEN_TYPE_PASSWORD_RESET, ADMIN_USER );
+            principal = tokenInfo.getPrincipal();
         }
         catch ( Exception e ) {
             logger.error( "Unable to verify token", e );
@@ -2470,9 +2482,20 @@ public class ManagementServiceImpl implements ManagementService {
 
 
     @Override
-    // token may contain the workflow organization id
+    public TokenInfo getConfirmationTokenInfoForAdminUser( String token ) throws Exception {
+        return getTokenInfoFromAccessToken(token, TOKEN_TYPE_CONFIRM, ADMIN_USER);
+    }
+
+
+    @Override
     public ActivationState handleConfirmationTokenForAdminUser( UUID userId, String token ) throws Exception {
-        TokenInfo tokenInfo = getTokenInfoFromAccessToken(token, TOKEN_TYPE_CONFIRM, ADMIN_USER);
+        return handleConfirmationTokenForAdminUser(userId, getConfirmationTokenInfoForAdminUser(token));
+    }
+
+
+    @Override
+    // token may contain the workflow organization id
+    public ActivationState handleConfirmationTokenForAdminUser( UUID userId, TokenInfo tokenInfo ) throws Exception {
         if (tokenInfo != null) {
             AuthPrincipalInfo principal = tokenInfo.getPrincipal();
             if ((principal != null) && userId.equals(principal.getUuid())) {
@@ -2496,9 +2519,20 @@ public class ManagementServiceImpl implements ManagementService {
 
 
     @Override
-    // token may contain the workflow organization id
+    public TokenInfo getActivationTokenInfoForAdminUser( String token ) throws Exception {
+        return getTokenInfoFromAccessToken(token, TOKEN_TYPE_ACTIVATION, ADMIN_USER);
+    }
+
+
+    @Override
     public ActivationState handleActivationTokenForAdminUser( UUID userId, String token ) throws Exception {
-        TokenInfo tokenInfo = getTokenInfoFromAccessToken(token, TOKEN_TYPE_ACTIVATION, ADMIN_USER);
+        return handleActivationTokenForAdminUser(userId, getActivationTokenInfoForAdminUser(token));
+    }
+
+
+    @Override
+    // token may contain the workflow organization id
+    public ActivationState handleActivationTokenForAdminUser( UUID userId, TokenInfo tokenInfo ) throws Exception {
         if (tokenInfo != null) {
             AuthPrincipalInfo principal = tokenInfo.getPrincipal();
             if ((principal != null) && userId.equals(principal.getUuid())) {

http://git-wip-us.apache.org/repos/asf/usergrid/blob/fbac7e84/stack/services/src/main/java/org/apache/usergrid/management/cassandra/OrganizationConfigPropsImpl.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/OrganizationConfigPropsImpl.java b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/OrganizationConfigPropsImpl.java
index 56c1e12..5d2c256 100644
--- a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/OrganizationConfigPropsImpl.java
+++ b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/OrganizationConfigPropsImpl.java
@@ -18,13 +18,21 @@ package org.apache.usergrid.management.cassandra;
 
 
 import org.apache.usergrid.management.OrganizationConfigProps;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.util.*;
+import java.util.regex.Pattern;
+import java.util.regex.PatternSyntaxException;
 
 import static org.apache.commons.lang.StringUtils.isBlank;
 
 
 public class OrganizationConfigPropsImpl implements OrganizationConfigProps {
+    private static final Logger logger = LoggerFactory.getLogger( OrganizationConfigPropsImpl.class );
+
+    private static final String REGEX_PROPERTY_NAME = "usergrid.org.config.property.regex";
+    private static final String DEFAULT_REGEX = "usergrid[.]view[.].*";
 
     private static final String DEFAULTVALUE_API_URL_BASE = "http://localhost:8080";
     private static final String DEFAULTVALUE_DEFAULT_CONNECTION_PARAM = "all";
@@ -61,6 +69,9 @@ public class OrganizationConfigPropsImpl implements OrganizationConfigProps {
     protected final Map<String, String> defaultProperties;
     protected final Map<String, String> orgProperties;
 
+    protected final String propertyNameRegex;
+    protected Pattern propertyNameRegexPattern;
+
 
     public OrganizationConfigPropsImpl(Properties properties) {
         this(properties, null);
@@ -70,29 +81,42 @@ public class OrganizationConfigPropsImpl implements OrganizationConfigProps {
         this.properties = new Properties(properties);
         this.properties.putAll(properties);
 
+        String regex = properties.getProperty(REGEX_PROPERTY_NAME);
+        this.propertyNameRegex = !regex.isEmpty() ? regex : DEFAULT_REGEX;
+        try {
+            this.propertyNameRegexPattern = Pattern.compile(this.propertyNameRegex);
+        }
+        catch(PatternSyntaxException e) {
+            if (logger.isInfoEnabled()) {
+                logger.info("Invalid regex in " + REGEX_PROPERTY_NAME + " property: " + propertyNameRegex);
+            }
+            this.propertyNameRegexPattern = null;
+        }
+
         this.defaultProperties = new HashMap<>(noConfigDefaults);
-        // add any corresponding properties to default props map
-        noConfigDefaults.keySet().forEach((k) -> {
-            String value = properties.getProperty(k);
 
-            // ok if value is empty string
-            if (value != null) {
-                this.defaultProperties.put(k, value);
+        // add any corresponding properties to default props map
+        this.properties.forEach((k,v) -> {
+            if (orgPropertyNameValid(k.toString()) && v != null) {
+                this.defaultProperties.put(k.toString(), v.toString());
             }
         });
 
         this.orgProperties = map != null ? new HashMap<>(map) : new HashMap<>();
-        //noConfigDefaults.forEach((k,v) -> map.put(k, properties.getProperty(k, v)));
     }
 
     public OrganizationConfigPropsImpl(OrganizationConfigProps orgConfigProps) {
         this.properties = orgConfigProps.getPropertiesMap();
         this.defaultProperties = orgConfigProps.getDefaultPropertiesMap();
         this.orgProperties = orgConfigProps.getOrgPropertiesMap();
+        this.propertyNameRegex = orgConfigProps.getOrgPropertyNameRegex();
+        this.propertyNameRegexPattern = Pattern.compile(this.propertyNameRegex);
     }
 
+    @Override
     public boolean orgPropertyNameValid(String name) {
-        return noConfigDefaults.containsKey(name);
+        return noConfigDefaults.containsKey(name) ||
+                (propertyNameRegexPattern != null && propertyNameRegexPattern.matcher(name).matches());
     }
 
     @Override
@@ -117,6 +141,11 @@ public class OrganizationConfigPropsImpl implements OrganizationConfigProps {
         return new HashMap<>(orgProperties);
     }
 
+    @Override
+    public String getOrgPropertyNameRegex() {
+        return propertyNameRegex;
+    }
+
     //
     // 1. return from orgProperties (if it exists)
     // 2. return from properties (if it exists)


Mime
View raw message