-
Notifications
You must be signed in to change notification settings - Fork 2.3k
/
AlterUserPasswordProcedure.java
75 lines (69 loc) · 2.93 KB
/
AlterUserPasswordProcedure.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
/*
* Copyright (c) 2002-2016 "Neo Technology,"
* Network Engine for Objects in Lund AB [http://neotechnology.com]
*
* This file is part of Neo4j.
*
* Neo4j is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package org.neo4j.kernel.builtinprocs;
import java.io.IOException;
import java.util.Collections;
import org.neo4j.collection.RawIterator;
import org.neo4j.graphdb.security.AuthorizationViolationException;
import org.neo4j.kernel.api.exceptions.ProcedureException;
import org.neo4j.kernel.api.exceptions.Status;
import org.neo4j.kernel.api.proc.CallableProcedure;
import org.neo4j.kernel.api.proc.ProcedureSignature;
import org.neo4j.kernel.api.proc.ProcedureSignature.ProcedureName;
import org.neo4j.kernel.api.security.AccessMode;
import org.neo4j.server.security.auth.AuthSubject;
import static org.neo4j.helpers.collection.Iterators.asRawIterator;
import static org.neo4j.helpers.collection.Iterators.map;
import static org.neo4j.kernel.api.proc.Neo4jTypes.NTString;
import static org.neo4j.kernel.api.proc.ProcedureSignature.procedureSignature;
/**
* This procedure changes the existing password to the supplied password for
* the user identified by the supplied username.
*/
public class AlterUserPasswordProcedure extends CallableProcedure.BasicProcedure
{
public AlterUserPasswordProcedure( ProcedureName name )
{
super( procedureSignature( name )
.in( "password", NTString )
.mode( ProcedureSignature.Mode.DBMS )
.build() );
}
@Override
public RawIterator<Object[],ProcedureException> apply( Context ctx, Object[] input ) throws ProcedureException
{
AccessMode accessMode = ctx.get( Context.KERNEL_TRANSACTION ).mode();
if ( !(accessMode instanceof AuthSubject) )
{
throw new AuthorizationViolationException( "Invalid attempt to change the password" );
}
AuthSubject authSubject = (AuthSubject) accessMode;
try
{
boolean result = authSubject.setPassword( input[0].toString() );
return map( ( l ) -> new Object[]{l}, asRawIterator( Collections.singletonList( result ).iterator() ) );
}
catch ( IOException e )
{
throw new ProcedureException( Status.Security.Forbidden, e,
"The password was not able to be changed for the provided username");
}
}
}