/** * Get memberships for the current user (subject). * * @param role * @return A list of groups for which the current user has the role. * @throws AccessControlException * @throws ca.nrc.cadc.ac.UserNotFoundException * @throws java.io.IOException */ public List<Group> getMemberships(Role role) throws UserNotFoundException, AccessControlException, IOException { return getMemberships(null, role); }
/** * @param sslSocketFactory the sslSocketFactory to set */ public void setSSLSocketFactory(SSLSocketFactory sslSocketFactory) { if (mySocketFactory != null) throw new IllegalStateException("Illegal use of GMSClient: " + "cannot set SSLSocketFactory after using one created from Subject"); this.sslSocketFactory = sslSocketFactory; clearCache(); }
GMSClient client = new GMSClient(guri.getServiceID()); String group = guri.getName(); client.addGroupMember(group, memberURI.getName()); client.addUserMember(group, new HttpPrincipal(member)); client.removeGroupMember(group, memberURI.getName()); } catch (IllegalArgumentException e) client.removeUserMember(group, new HttpPrincipal(member)); Group cur = client.getGroup(group); boolean changes = false; client.updateGroup(cur); log.info("Group updated."); Group cur = client.getGroup(group); boolean changes = false; client.updateGroup(cur); log.info("Group updated."); member.getIdentities().add(p); g.getUserMembers().add(member); client.createGroup(g); Group g = client.getGroup(group);
URL groupsURL = lookupServiceURL(Standards.GMS_GROUPS_01); URL removeGroupMemberURL = new URL(groupsURL.toExternalForm() + path); log.debug("removeGroupMember request to " + clearCache(); delete.setSSLSocketFactory(getSSLSocketFactory()); delete.run();
} else { try { proposalGroup = gmsClient.getGroup(proposalGroupName); } catch (IOException ioex) { throw new TransientException("GMSClient failed to get proposal group " + proposalGroupName, ioex); proposalGroup = new Group(groupURI); try { proposalGroup = gmsClient.createGroup(proposalGroup); log.info("created group: " + proposalGroupName); } catch (Exception e) { gmsClient.updateGroup(proposalGroup); } catch (GroupNotFoundException ex) { throw new RuntimeException("group not found: " + proposalGroupName + " for update (right after check/create)");
Principal userID = getCurrentUserID(); if (userID != null) Group cachedGroup = getCachedGroup(userID, groupName, role); if (cachedGroup != null) "&GROUPID=" + NetUtil.encode(groupName); URL searchURL = lookupServiceURL(Standards.GMS_SEARCH_01); URL getMembershipURL = new URL(searchURL.toExternalForm() + searchGroupPath); ByteArrayOutputStream out = new ByteArrayOutputStream(); HttpDownload transfer = new HttpDownload(getMembershipURL, out); transfer.setSSLSocketFactory(getSSLSocketFactory()); transfer.run(); addCachedGroup(userID, ret, role); return ret;
AccessControlException, WriterException, IOException URL groupsURL = lookupServiceURL(Standards.GMS_GROUPS_01); URL updateGroupURL = new URL(groupsURL.toExternalForm() + "/" + group.getID().getName()); log.debug("updateGroup request to " + updateGroupURL.toString()); clearCache(); transfer.setSSLSocketFactory(getSSLSocketFactory()); transfer.setTransferListener(this); transfer.run(); return getGroup(group.getID().getName());
/** * Constructor. The groupConfig map may contain the following items: * <pre> * operatorGroup={ivo identifier for system operator group} * staffGroup={ivo identifier for collection or telescope staff group} * proposalGroup={true|false} * </pre> * The presence of each of these triggers the generation or grants to the specified groups. When * proposalGroup is true, groups are created (if necessary) and grants generated. Proposal group * names are of the form {Observation.collection}-{Observation.proposalID}. The staffGroup is set as * an admin of the proposalGroup so a staffGroup is mandatory when proposalGroup is true. * * @param collection the CAOM collection name * @param dryrun only show work if true * @param groupConfig group data from configuration file */ public ReadAccessGenerator(String collection, Map<String, Object> groupConfig, boolean dryrun) { this.collection = collection; this.dryrun = dryrun; initGroups(groupConfig); this.dateFormat = DateUtil.getDateFormat(DateUtil.ISO_DATE_FORMAT, DateUtil.UTC); if (this.groupBaseURI != null) { this.gmsClient = new GMSClient(groupBaseURI); } }
throws GroupNotFoundException, AccessControlException, IOException URL groupsURL = lookupServiceURL(Standards.GMS_GROUPS_01); URL deleteGroupURL = new URL(groupsURL.toExternalForm() + "/" + groupName); log.debug("deleteGroup request to " + deleteGroupURL.toString()); clearCache(); delete.setSSLSocketFactory(getSSLSocketFactory()); delete.run();
GroupURI groupURI = new GroupURI(rwSchemaGroup); URI serviceID = groupURI.getServiceID(); GMSClient gmsClient = new GMSClient(serviceID); if (isMember(gmsClient, rwSchemaGroup)) { log.debug("user has schema level (" + schemaName + ") group access via " + rwSchemaGroup);
URL groupsURL = lookupServiceURL(Standards.GMS_GROUPS_01); URL addGroupMemberURL = new URL(groupsURL.toExternalForm() + path); log.debug("addGroupMember request to " + addGroupMemberURL.toString()); clearCache(); httpUpload.setSSLSocketFactory(getSSLSocketFactory()); httpUpload.run();
private static boolean isMember(GMSClient gmsClient, URI grantingGroup) throws AccessControlException { try { if (CredUtil.checkCredentials()) { List<Group> groups = gmsClient.getMemberships(Role.MEMBER); for (Group group : groups) { if (group.getID().getURI().equals(grantingGroup)) { log.debug("group match: " + grantingGroup); return true; } } } } catch (UserNotFoundException ex) { throw new RuntimeException("failed to find group memberships (unknown user)", ex); } catch (CertificateException ex) { throw new RuntimeException("failed to find group memberships (invalid proxy certficate)", ex); } catch (IOException ex) { throw new RuntimeException("failed to find group memberships", ex); } log.debug("no group match"); return false; } }
URL groupsURL = lookupServiceURL(Standards.GMS_GROUPS_01); URL removeUserMemberURL = new URL(groupsURL.toExternalForm() + path); clearCache(); delete.setSSLSocketFactory(getSSLSocketFactory()); delete.run();
URL groupsURL = lookupServiceURL(Standards.GMS_GROUPS_01); URL addUserMemberURL = new URL(groupsURL.toExternalForm() + path); clearCache(); httpUpload.setSSLSocketFactory(getSSLSocketFactory()); httpUpload.run();
UserNotFoundException, WriterException, IOException URL createGroupURL = lookupServiceURL(Standards.GMS_GROUPS_01); log.debug("createGroupURL request to " + createGroupURL.toString()); clearCache(); transfer.setSSLSocketFactory(getSSLSocketFactory());