KEYCLOAK-1083: Provide a way for admin to unlock user account

2015-06-11 15:32:03 -04:00 · 2015-06-11 15:32:03 -04:00 · d6e64a2c5e
commit d6e64a2c5e
parent 0095968a73
9 changed files with 56 additions and 13 deletions
--- a/model/api/src/main/java/org/keycloak/models/entities/UsernameLoginFailureEntity.java
+++ b/model/api/src/main/java/org/keycloak/models/entities/UsernameLoginFailureEntity.java
@ -60,4 +60,11 @@ public class UsernameLoginFailureEntity extends AbstractIdentifiableEntity {
    public void setRealmId(String realmId) {
        this.realmId = realmId;
    }
    public void clearFailures() {
        this.numFailures = 0;
        this.lastFailure = 0;
        this.lastIPFailure = null;
        this.failedLoginNotBefore = 0;
    }
 }
--- a/model/sessions-infinispan/src/main/java/org/keycloak/models/sessions/infinispan/UsernameLoginFailureAdapter.java
+++ b/model/sessions-infinispan/src/main/java/org/keycloak/models/sessions/infinispan/UsernameLoginFailureAdapter.java
@ -51,7 +51,7 @@ public class UsernameLoginFailureAdapter implements UsernameLoginFailureModel {
    @Override
    public void clearFailures() {
-        entity.setNumFailures(0);
+        entity.clearFailures();
        update();
    }
--- a/model/sessions-infinispan/src/main/java/org/keycloak/models/sessions/infinispan/entities/LoginFailureEntity.java
+++ b/model/sessions-infinispan/src/main/java/org/keycloak/models/sessions/infinispan/entities/LoginFailureEntity.java
@ -62,4 +62,10 @@ public class LoginFailureEntity implements Serializable {
        this.lastIPFailure = lastIPFailure;
    }
    public void clearFailures() {
        this.failedLoginNotBefore = 0;
        this.numFailures = 0;
        this.lastFailure = 0;
        this.lastIPFailure = null;
    }
 }
--- a/model/sessions-jpa/src/main/java/org/keycloak/models/sessions/jpa/UsernameLoginFailureAdapter.java
+++ b/model/sessions-jpa/src/main/java/org/keycloak/models/sessions/jpa/UsernameLoginFailureAdapter.java
@ -43,7 +43,7 @@ public class UsernameLoginFailureAdapter implements UsernameLoginFailureModel
   @Override
   public void clearFailures() {
-      user.setNumFailures(0);
+      user.clearFailures();
   }
   @Override
--- a/model/sessions-jpa/src/main/java/org/keycloak/models/sessions/jpa/entities/UsernameLoginFailureEntity.java
+++ b/model/sessions-jpa/src/main/java/org/keycloak/models/sessions/jpa/entities/UsernameLoginFailureEntity.java
@ -91,6 +91,13 @@ public class UsernameLoginFailureEntity {
        this.realmId = realmId;
    }
    public void clearFailures() {
        setFailedLoginNotBefore(0);
        setLastFailure(0);
        setLastIPFailure(null);
        setNumFailures(0);
    }
    public static class Key implements Serializable {
        private String realmId;
--- a/model/sessions-mem/src/main/java/org/keycloak/models/sessions/mem/UsernameLoginFailureAdapter.java
+++ b/model/sessions-mem/src/main/java/org/keycloak/models/sessions/mem/UsernameLoginFailureAdapter.java
@ -45,7 +45,7 @@ public class UsernameLoginFailureAdapter implements UsernameLoginFailureModel {
    @Override
    public void clearFailures() {
-        entity.getNumFailures().set(0);
+        entity.clearFailures();
    }
    @Override
--- a/model/sessions-mem/src/main/java/org/keycloak/models/sessions/mem/entities/UsernameLoginFailureEntity.java
+++ b/model/sessions-mem/src/main/java/org/keycloak/models/sessions/mem/entities/UsernameLoginFailureEntity.java
@ -62,4 +62,11 @@ public class UsernameLoginFailureEntity {
        this.lastIpFailure = lastIpFailure;
    }
    public void clearFailures() {
        this.failedLoginNotBefore = new AtomicInteger();
        this.lastFailure = new AtomicLong();
        this.lastIpFailure = new AtomicReference<String>();
        this.numFailures = new AtomicInteger();
    }
 }
--- a/model/sessions-mongo/src/main/java/org/keycloak/models/sessions/mongo/UsernameLoginFailureAdapter.java
+++ b/model/sessions-mongo/src/main/java/org/keycloak/models/sessions/mongo/UsernameLoginFailureAdapter.java
@ -50,7 +50,7 @@ public class UsernameLoginFailureAdapter  extends AbstractMongoAdapter<MongoUser
    @Override
    public void clearFailures() {
-        user.setNumFailures(0);
+        user.clearFailures();
        updateMongoEntity();
    }
--- a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
@ -68,6 +68,8 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 import java.util.concurrent.TimeUnit;
 import org.keycloak.models.UsernameLoginFailureModel;
 import org.keycloak.services.managers.BruteForceProtector;
 /**
 * Base resource for managing users
@ -96,6 +98,9 @@ public class UsersResource {
    @Context
    protected HttpHeaders headers;
    @Context
    protected BruteForceProtector protector;
    public UsersResource(RealmModel realm, RealmAuth auth, TokenManager tokenManager, AdminEventBuilder adminEvent) {
        this.auth = auth;
        this.realm = realm;
@ -131,6 +136,13 @@ public class UsersResource {
                attrsToRemove = Collections.emptySet();
            }
            if (rep.isEnabled()) {
                UsernameLoginFailureModel failureModel = session.sessions().getUserLoginFailure(realm, rep.getUsername());
                if (failureModel != null) {
                    failureModel.clearFailures();
                }
            }
            updateUserFromRep(user, rep, attrsToRemove);
            adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success();
@ -251,6 +263,10 @@ public class UsersResource {
            }
        }
        if ((protector != null) && protector.isTemporarilyDisabled(session, realm, rep.getUsername())) {
            rep.setEnabled(false);
        }
        return rep;
    }