Merge remote-tracking branch 'pwm-project/master'

pom.xml

@@ -62,6 +62,7 @@
             <properties>
                 <maven.javadoc.skip>true</maven.javadoc.skip>
                 <source.skip>true</source.skip>
+				<jspc.skip>true</jspc.skip>
             </properties>
         </profile>
     </profiles>

src/main/java/password/pwm/AppProperty.java

@@ -61,6 +61,7 @@ public enum AppProperty {
     CONFIG_EDITOR_QUERY_FILTER_TEST_LIMIT           ("configEditor.queryFilter.testLimit"),
     CONFIG_EDITOR_IDLE_TIMEOUT                      ("configEditor.idleTimeoutSeconds"),
     CONFIG_GUIDE_IDLE_TIMEOUT                       ("configGuide.idleTimeoutSeconds"),
+    CONFIG_GUIDE_THEME                              ("configGuide.theme"),
     CONFIG_MANAGER_ZIPDEBUG_MAXLOGLINES             ("configManager.zipDebug.maxLogLines"),
     CONFIG_MANAGER_ZIPDEBUG_MAXLOGSECONDS           ("configManager.zipDebug.maxLogSeconds"),
     FORM_EMAIL_REGEX                                ("form.email.regexTest"),

src/main/java/password/pwm/bean/pub/PublicUserInfoBean.java

@@ -22,14 +22,20 @@
 
 package password.pwm.bean.pub;
 
+import java.io.Serializable;
+import java.util.Collections;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+
 import password.pwm.bean.PasswordStatus;
 import password.pwm.bean.UserInfoBean;
 import password.pwm.config.Configuration;
 import password.pwm.config.profile.PwmPasswordRule;
 import password.pwm.http.tag.PasswordRequirementsTag;
-
-import java.io.Serializable;
-import java.util.*;
+import password.pwm.util.macro.MacroMachine;
 
 public class PublicUserInfoBean implements Serializable {
     public String userDN;
@@ -48,7 +54,7 @@ public class PublicUserInfoBean implements Serializable {
     public List<String> passwordRules;
     public Map<String, String> attributes;
 
-    public static PublicUserInfoBean fromUserInfoBean(final UserInfoBean userInfoBean, final Configuration config, final Locale locale) {
+    public static PublicUserInfoBean fromUserInfoBean(final UserInfoBean userInfoBean, final Configuration config, final Locale locale, final MacroMachine macroMachine) {
         final PublicUserInfoBean publicUserInfoBean = new PublicUserInfoBean();
         publicUserInfoBean.userDN = (userInfoBean.getUserIdentity() == null) ? "" : userInfoBean.getUserIdentity().getUserDN();
         publicUserInfoBean.ldapProfile = (userInfoBean.getUserIdentity() == null) ? "" : userInfoBean.getUserIdentity().getLdapProfileID();
@@ -75,7 +81,8 @@ public static PublicUserInfoBean fromUserInfoBean(final UserInfoBean userInfoBea
         publicUserInfoBean.passwordRules = PasswordRequirementsTag.getPasswordRequirementsStrings(
                 userInfoBean.getPasswordPolicy(),
                 config,
-                locale
+                locale,
+                macroMachine
         );
 
         if (userInfoBean.getCachedAttributeValues() != null && !userInfoBean.getCachedAttributeValues().isEmpty()) {

src/main/java/password/pwm/config/profile/PwmPasswordPolicy.java

@@ -22,21 +22,31 @@
 
 package password.pwm.config.profile;
 
-import com.novell.ldapchai.ChaiPasswordPolicy;
-import com.novell.ldapchai.ChaiPasswordRule;
-import com.novell.ldapchai.util.DefaultChaiPasswordPolicy;
-import com.novell.ldapchai.util.PasswordRuleHelper;
-import com.novell.ldapchai.util.StringHelper;
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Set;
+import java.util.regex.Pattern;
+import java.util.regex.PatternSyntaxException;
+
 import password.pwm.config.UserPermission;
 import password.pwm.config.option.ADPolicyComplexity;
 import password.pwm.health.HealthMessage;
 import password.pwm.health.HealthRecord;
 import password.pwm.util.logging.PwmLogger;
+import password.pwm.util.macro.MacroMachine;
 
-import java.io.Serializable;
-import java.util.*;
-import java.util.regex.Pattern;
-import java.util.regex.PatternSyntaxException;
+import com.novell.ldapchai.ChaiPasswordPolicy;
+import com.novell.ldapchai.ChaiPasswordRule;
+import com.novell.ldapchai.util.DefaultChaiPasswordPolicy;
+import com.novell.ldapchai.util.PasswordRuleHelper;
+import com.novell.ldapchai.util.StringHelper;
 
 
 /**

src/main/java/password/pwm/http/PwmHttpRequestWrapper.java

@@ -66,7 +66,7 @@ public boolean isJsonRequest() {
 
     public boolean isHtmlRequest() {
         final String acceptHeader = this.readHeaderValueAsString(PwmConstants.HttpHeader.Accept);
-        return acceptHeader.contains(PwmConstants.AcceptValue.json.getHeaderValue());
+        return acceptHeader.contains(PwmConstants.AcceptValue.html.getHeaderValue());
     }
 
     public String getContextPath() {

src/main/java/password/pwm/http/PwmRequest.java

@@ -147,7 +147,11 @@ public void respondWithError(
     )
             throws IOException, ServletException
     {
-        getPwmResponse().respondWithError(errorInformation, forceLogout);
+        if (forceLogout) {
+            getPwmResponse().respondWithError(errorInformation, PwmResponse.Flag.ForceLogout);
+        } else {
+            getPwmResponse().respondWithError(errorInformation);
+        }
     }
 
     public void sendRedirect(final String redirectURL)

src/main/java/password/pwm/http/PwmResponse.java

@@ -49,7 +49,8 @@ public class PwmResponse extends PwmHttpResponseWrapper {
     final private PwmRequest pwmRequest;
 
     public enum Flag {
-        AlwaysShowMessage
+        AlwaysShowMessage,
+        ForceLogout,
     }
 
     public PwmResponse(
@@ -99,11 +100,10 @@ public void forwardToSuccessPage(final String message, final Flag... flags)
 
         if (showMessage) {
             LOGGER.trace(pwmSession, "skipping success page due to configuration setting.");
-            final StringBuilder redirectURL = new StringBuilder();
-            redirectURL.append(pwmRequest.getContextPath());
-            redirectURL.append(PwmServletDefinition.Command.servletUrl());
-            redirectURL.append("?processAction=continue");
-            sendRedirect(redirectURL.toString());
+            final String redirectUrl = pwmRequest.getContextPath()
+                    +  PwmServletDefinition.Command.servletUrl()
+                    + "?processAction=continue";
+            sendRedirect(redirectUrl);
             return;
         }
 
@@ -116,23 +116,16 @@ public void forwardToSuccessPage(final String message, final Flag... flags)
 
     public void respondWithError(
             final ErrorInformation errorInformation,
-            final boolean forceLogout
+            final Flag... flags
     )
             throws IOException, ServletException
     {
         LOGGER.error(pwmRequest.getSessionLabel(), errorInformation);
 
         pwmRequest.setResponseError(errorInformation);
 
-        {
-            boolean showDetail = Helper.determineIfDetailErrorMsgShown(pwmRequest.getPwmApplication());
-            final String errorStatusText = showDetail
-                    ? errorInformation.toDebugStr()
-                    : errorInformation.toUserStr(pwmRequest.getPwmSession(),pwmRequest.getPwmApplication());
-            getHttpServletResponse().sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, errorStatusText);
-        }
-
-        if (forceLogout) {
+        if (Helper.enumArrayContainsValue(flags, Flag.ForceLogout)) {
+            LOGGER.debug(pwmRequest, "forcing logout due to error " + errorInformation.toDebugStr());
             pwmRequest.getPwmSession().unauthenticateUser(pwmRequest);
         }
 
@@ -144,8 +137,13 @@ public void respondWithError(
             } catch (PwmUnrecoverableException e) {
                 LOGGER.error("unexpected error sending user to error page: " + e.toString());
             }
+        } else {
+            boolean showDetail = Helper.determineIfDetailErrorMsgShown(pwmRequest.getPwmApplication());
+            final String errorStatusText = showDetail
+                    ? errorInformation.toDebugStr()
+                    : errorInformation.toUserStr(pwmRequest.getPwmSession(),pwmRequest.getPwmApplication());
+            getHttpServletResponse().sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, errorStatusText);
         }
-
     }
 
 

src/main/java/password/pwm/http/servlet/ActivateUserServlet.java

@@ -117,7 +117,7 @@ protected ActivateUserAction readProcessAction(final PwmRequest request)
     protected void processAction(final PwmRequest pwmRequest)
             throws ServletException, ChaiUnavailableException, IOException, PwmUnrecoverableException
     {
-        //Fetch the session state bean.
+            //Fetch the session state bean.
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
 
@@ -182,7 +182,7 @@ public void handleActivationRequest(final PwmRequest pwmRequest)
         pwmApplication.getSessionStateService().clearBean(pwmRequest, ActivateUserBean.class);
         final List<FormConfiguration> configuredActivationForm = config.readSettingAsForm(PwmSetting.ACTIVATE_USER_FORM);
 
-        Map<FormConfiguration,String> formValues = new HashMap();
+        Map<FormConfiguration,String> formValues = new HashMap<>();
         try {
             //read the values from the request
             formValues = FormUtility.readFormValuesFromRequest(pwmRequest, configuredActivationForm,

src/main/java/password/pwm/http/servlet/configguide/ConfigGuideServlet.java

@@ -127,7 +127,9 @@ protected void processAction(final PwmRequest pwmRequest)
 
         if (pwmApplication.getSessionStateService().getBean(pwmRequest, ConfigGuideBean.class).getStep() == GuideStep.START) {
             pwmApplication.getSessionStateService().clearBean(pwmRequest, ConfigGuideBean.class);
-            pwmSession.getSessionStateBean().setTheme(null);
+            if (pwmSession.getSessionStateBean().getTheme() == null) {
+                pwmSession.getSessionStateBean().setTheme(pwmRequest.getConfig().readAppProperty(AppProperty.CONFIG_GUIDE_THEME));
+            }
         }
 
         final ConfigGuideBean configGuideBean = pwmApplication.getSessionStateService().getBean(pwmRequest, ConfigGuideBean.class);
@@ -479,6 +481,7 @@ private void restGotoStep(final PwmRequest pwmRequest, final ConfigGuideBean con
             final ContextManager contextManager = ContextManager.getContextManager(pwmRequest);
             try {
                 writeConfig(contextManager, configGuideBean);
+                pwmRequest.getPwmSession().getSessionStateBean().setTheme(null);
             } catch (PwmException e) {
                 final RestResultBean restResultBean = RestResultBean.fromError(e.getErrorInformation(), pwmRequest);
                 pwmRequest.outputJsonResult(restResultBean);

src/main/java/password/pwm/http/servlet/forgottenpw/RemoteVerificationMethod.java

@@ -38,6 +38,7 @@
 import password.pwm.http.client.PwmHttpClientResponse;
 import password.pwm.util.JsonUtil;
 import password.pwm.util.logging.PwmLogger;
+import password.pwm.util.macro.MacroMachine;
 import password.pwm.util.secure.PwmRandom;
 
 import java.util.*;
@@ -126,7 +127,8 @@ private void sendRemoteRequest(final Map<String, String> userResponses) throws P
 
         RemoteVerificationRequestBean remoteVerificationRequestBean = new RemoteVerificationRequestBean();
         remoteVerificationRequestBean.setResponseSessionID(this.remoteSessionID);
-        remoteVerificationRequestBean.setUserInfo(PublicUserInfoBean.fromUserInfoBean(userInfoBean, pwmApplication.getConfig(), locale));
+        MacroMachine macroMachine = MacroMachine.forUser(pwmApplication, PwmConstants.DEFAULT_LOCALE, SessionLabel.SYSTEM_LABEL, userInfoBean.getUserIdentity());
+        remoteVerificationRequestBean.setUserInfo(PublicUserInfoBean.fromUserInfoBean(userInfoBean, pwmApplication.getConfig(), locale, macroMachine));
         remoteVerificationRequestBean.setUserResponses(userResponses);
 
         PwmHttpClientRequest pwmHttpClientRequest = new PwmHttpClientRequest(

src/main/java/password/pwm/http/tag/PasswordRequirementsTag.java

@@ -23,6 +23,8 @@
 package password.pwm.http.tag;
 
 import password.pwm.PwmApplication;
+import password.pwm.PwmConstants;
+import password.pwm.bean.SessionLabel;
 import password.pwm.config.Configuration;
 import password.pwm.config.option.ADPolicyComplexity;
 import password.pwm.config.profile.NewUserProfile;
@@ -36,11 +38,13 @@
 import password.pwm.util.LocaleHelper;
 import password.pwm.util.StringUtil;
 import password.pwm.util.logging.PwmLogger;
+import password.pwm.util.macro.MacroMachine;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.jsp.JspTagException;
 import javax.servlet.jsp.tagext.TagSupport;
+
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Locale;
@@ -62,7 +66,8 @@ public class PasswordRequirementsTag extends TagSupport {
     public static List<String> getPasswordRequirementsStrings(
             final PwmPasswordPolicy pwordPolicy,
             final Configuration config,
-            final Locale locale
+            final Locale locale,
+            final MacroMachine macroMachine
     ) {
         final List<String> returnValues = new ArrayList<>();
         final ADPolicyComplexity ADPolicyLevel = pwordPolicy.getRuleHelper().getADComplexityLevel();
@@ -213,7 +218,9 @@ public static List<String> getPasswordRequirementsStrings(
                 final StringBuilder fieldValue = new StringBuilder();
                 for (final String loopValue : setValue) {
                     fieldValue.append(" ");
-                    fieldValue.append(StringUtil.escapeHtml(loopValue));
+
+                    String expandedValue = macroMachine.expandMacros(loopValue);
+                    fieldValue.append(StringUtil.escapeHtml(expandedValue));
                 }
                 returnValues.add(
                         getLocalString(Message.Requirement_DisAllowedValues, fieldValue.toString(), locale, config));
@@ -334,12 +341,14 @@ public int doEndTag()
             final PwmSession pwmSession = pwmRequest.getPwmSession();
             final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
             final Configuration config = pwmApplication.getConfig();
+            final Locale locale = pwmSession.getSessionStateBean().getLocale();
 
+            pwmSession.getSessionManager().getMacroMachine(pwmApplication);
 
             final PwmPasswordPolicy passwordPolicy;
             if (getForm() != null && getForm().equalsIgnoreCase("newuser")) {
                 final NewUserProfile newUserProfile = NewUserServlet.getNewUserProfile(pwmRequest);
-                passwordPolicy = newUserProfile.getNewUserPasswordPolicy(pwmApplication, pwmSession.getSessionStateBean().getLocale());
+                passwordPolicy = newUserProfile.getNewUserPasswordPolicy(pwmApplication, locale);
             } else {
                 passwordPolicy = pwmSession.getUserInfoBean().getPasswordPolicy();
             }
@@ -348,9 +357,11 @@ public int doEndTag()
             if (configuredRuleText != null && configuredRuleText.length() > 0) {
                 pageContext.getOut().write(configuredRuleText);
             } else {
+                MacroMachine macroMachine = pwmSession.getSessionManager().getMacroMachine(pwmApplication);
+
                 final String pre = prepend != null && prepend.length() > 0 ? prepend : "";
                 final String sep = separator != null && separator.length() > 0 ? separator : "<br/>";
-                final List<String> requirementsList = getPasswordRequirementsStrings(passwordPolicy, config, pwmSession.getSessionStateBean().getLocale());
+                final List<String> requirementsList = getPasswordRequirementsStrings(passwordPolicy, config, locale, macroMachine);
 
                 final StringBuilder requirementsText = new StringBuilder();
                 for (final String requirementStatement : requirementsList) {

src/main/java/password/pwm/http/tag/PwmIfTest.java

@@ -7,7 +7,10 @@
 import password.pwm.PwmConstants;
 import password.pwm.config.PwmSetting;
 import password.pwm.error.PwmUnrecoverableException;
+import password.pwm.health.HealthMonitor;
+import password.pwm.health.HealthStatus;
 import password.pwm.http.PwmRequest;
+import password.pwm.svc.PwmService;
 import password.pwm.util.Helper;
 
 public enum PwmIfTest {
@@ -43,6 +46,11 @@ public enum PwmIfTest {
     trialMode(new TrialModeTest()),
     configMode(new ConfigModeTest()),
 
+    healthWarningsPresent(new HealthWarningsPresentTest()),
+    usernameHasValue(new UsernameHasValueTest()),
+
+    headerMenuIsVisible(new HeaderMenuIsVisibleTest()),
+
     ;
 
 
@@ -237,6 +245,50 @@ public boolean test(PwmRequest pwmRequest, Options options) throws ChaiUnavailab
         }
     }
 
+    private static class HealthWarningsPresentTest implements Test {
+        @Override
+        public boolean test(PwmRequest pwmRequest, Options options) throws ChaiUnavailableException, PwmUnrecoverableException {
+            final HealthMonitor healthMonitor = pwmRequest.getPwmApplication().getHealthMonitor();
+            if (healthMonitor != null && healthMonitor.status() == PwmService.STATUS.OPEN) {
+                if (healthMonitor.getMostSevereHealthStatus() == HealthStatus.WARN) {
+                    return true;
+                }
+            }
+            return false;
+        }
+    }
+
+    private static class UsernameHasValueTest implements Test {
+        @Override
+        public boolean test(PwmRequest pwmRequest, Options options) throws ChaiUnavailableException, PwmUnrecoverableException {
+            final String usernameValue = PwmValue.username.getValueOutput().valueOutput(pwmRequest, null);
+            return usernameValue != null && !usernameValue.isEmpty();
+        }
+    }
+
+
+    private static class HeaderMenuIsVisibleTest implements Test {
+        @Override
+        public boolean test(PwmRequest pwmRequest, Options options) throws ChaiUnavailableException, PwmUnrecoverableException {
+            if (PwmConstants.TRIAL_MODE) {
+                return true;
+            }
+
+            if (pwmRequest.getPwmApplication().getApplicationMode() != PwmApplication.MODE.RUNNING) {
+                return true;
+            }
+
+            if (pwmRequest.isAuthenticated()) {
+                if (pwmRequest.getPwmSession().getSessionManager().checkPermission(pwmRequest.getPwmApplication(), Permission.PWMADMIN)) {
+                    return true;
+                }
+            }
+
+            return false;
+        }
+    }
+
+
     static class Options {
         private boolean negate;
         private Permission permission;