public RichMember(User user, Member member, List<UserExtSource> userExtSources) { super(member.getId(), member.getUserId(), member.getVoId(), member.getStatus(), member.getCreatedAt(), member.getCreatedBy(), member.getModifiedAt(), member.getModifiedBy(), member.getCreatedByUid(), member.getModifiedByUid()); setMembershipType(member.getMembershipType()); setSponsored(member.isSponsored()); this.setGroupsStatuses(member.getGroupStatuses()); this.user = user; this.userExtSources = userExtSources; this.userAttributes = null; this.memberAttributes = null; }
private static Member createMember(Map<String, String> beanAttr) { if(beanAttr==null) return null; Member member = new Member(); member.setId(Integer.valueOf(beanAttr.get("id"))); member.setUserId(Integer.valueOf(beanAttr.get("userId"))); member.setVoId(Integer.valueOf(beanAttr.get("voId"))); member.setStatus(BeansUtils.eraseEscaping(beanAttr.get("status"))); member.setMembershipType(BeansUtils.eraseEscaping(beanAttr.get("type"))); member.setSourceGroupId(beanAttr.get("sourceGroupId").equals("\\0") ? null : Integer.valueOf(beanAttr.get("sourceGroupId"))); member.setSponsored(Boolean.valueOf(beanAttr.get("sponsored"))); return member; }
@Override public String serializeToString() { return this.getClass().getSimpleName() + ":[" + "id=<" + getId() + ">" + ", userId=<" + getUserId() + ">" + ", voId=<" + getVoId() + ">" + ", status=<" + (getStatus() == null ? "\\0" : BeansUtils.createEscaping(getStatus().toString())) + ">" + ", type=<" + (getMembershipType() == null ? "\\0" : BeansUtils.createEscaping(getMembershipType().toString())) + ">" + ", sourceGroupId=<" + (getSourceGroupId() == null ? "\\0" : getSourceGroupId().toString()) + ">" + ", sponsored=<" + sponsored + ">" + ']'; }
@Override public int hashCode() { final int prime = 31; int result = 1; result = prime * result + getId(); result = prime * result; return result; }
if (!Arrays.asList(Status.VALID, Status.INVALID).contains(member.getStatus())) { throw new CantBeApprovedException("Application of member with membership status: "+member.getStatus()+" can't be approved. Please wait until member extends/re-validate own membership in a VO."); User u = usersManager.getUserById(registrarSession, member.getUserId()); result = jdbc.update("update application set user_id=? where id=?", member.getUserId(), appId); if (result == 0) { throw new RegistrarException("User ID hasn't been associated with the application " + appId + ", because the application was not found!"); throw new ConsistencyErrorException("User ID hasn't been associated with the application " + appId + ", because more than one application exists under the same ID."); log.info("Member {} created for: {} / {}", member.getId(), app.getCreatedBy(), app.getExtSourceName()); if (!Arrays.asList(Status.VALID, Status.INVALID).contains(member.getStatus())) { throw new CantBeApprovedException("Application of member with membership status: "+member.getStatus()+" can't be approved. Please wait until member extends/re-validate own membership in a VO."); member = groupsManager.getGroupMemberById(registrarSession, app.getGroup(), member.getId());
public boolean isAlreadyMember(Member member, Group group) { Object o = ldapTemplate.lookup(getUserDN(String.valueOf(member.getUserId())), new UserMemberOfContextMapper()); String[] memberOfInformation = (String []) o; if(memberOfInformation != null) { for(String s: memberOfInformation) { if(s.equals(EventProcessorImpl.ldapAttrPerunGroupId + "=" + group.getId() + "," + EventProcessorImpl.ldapAttrPerunVoId + "=" + group.getVoId() + "," + ldapProperties.getLdapBase())) return true; } } return false; }
/** * Check if member didn't submit new extension application - in such case, do not send expiration notifications * * @param member Member to check applications for * @return TRUE = didn't submit application / FALSE = otherwise */ private boolean didntSubmitExtensionApplication(Member member) { try { Application application = jdbc.queryForObject(RegistrarManagerImpl.APP_SELECT + " where a.id=(select max(id) from application where vo_id=? and apptype=? and user_id=? )", RegistrarManagerImpl.APP_MAPPER, member.getVoId(), String.valueOf(Application.AppType.EXTENSION), member.getUserId()); return !Arrays.asList(Application.AppState.NEW, Application.AppState.VERIFIED).contains(application.getState()); } catch (EmptyResultDataAccessException ex) { // has no application submitted return true; } catch (Exception ex) { log.error("Unable to check if {} has submitted pending application: {}.", member, ex); return true; } }
private List<MemberSCIM> mapPerunMembersToScimMembers(List<Member> perunMembers) { List<MemberSCIM> scimMembers = new ArrayList(); for (Member perunMember : perunMembers) { User perunUser; try { perunUser = perunBl.getUsersManagerBl().getUserByMember(session, perunMember); MemberSCIM member = new MemberSCIM(); String id = String.valueOf(perunMember.getId()); member.setDisplay(perunUser.getDisplayName()); member.setValue(id); member.setRef(BASE_PATH + USERS_PATH + id); scimMembers.add(member); } catch (InternalErrorException ex) { log.error("Cannot find user with id " + perunMember.getUserId(), ex); } } return scimMembers; } }
/** * Logs expirations that happened a week ago * * @param allowedStatuses allowed Statuses * @param vosMap vos * @throws InternalErrorException internal error */ private void auditOldExpirations(List<Status> allowedStatuses, Map<Integer, Vo> vosMap) throws InternalErrorException { // log message for all members which expired 7 days ago Calendar expiredWeekAgo = Calendar.getInstance(); expiredWeekAgo.add(Calendar.DAY_OF_MONTH, -7); List<Member> expired7DaysAgo = perun.getSearcherBl().getMembersByExpiration(sess, "=", expiredWeekAgo); // include expired in this case allowedStatuses.add(Status.EXPIRED); for (Member m : expired7DaysAgo) { if (allowedStatuses.contains(m.getStatus())) { if (didntSubmitExtensionApplication(m)) { // still didn't apply for extension getPerun().getAuditer().log(sess, new MembershipExpired(m, 7, vosMap.get(m.getVoId()))); } else { log.debug("{} not notified about expiration, has submitted - pending application.", m); } } else { log.debug("{} not notified about expiration, is not in VALID, SUSPENDED or EXPIRED state.", m); } } }
/** * Expires members whose expiration is set to given date or before it. * * @throws InternalErrorException internal error * @throws WrongAttributeAssignmentException error * @throws AttributeNotExistsException error */ private void expireMembers(Calendar date) throws InternalErrorException, WrongAttributeAssignmentException, AttributeNotExistsException { List<Member> shouldBeExpired = perun.getSearcherBl().getMembersByExpiration(sess, "<=", date); for (Member member : shouldBeExpired) { if (member.getStatus().equals(Status.VALID)) { try { perun.getMembersManagerBl().expireMember(sess, member); log.info("Switching {} to EXPIRE state, due to expiration {}.", member, perun.getAttributesManagerBl().getAttribute(sess, member, "urn:perun:member:attribute-def:def:membershipExpiration").getValue()); } catch (MemberNotValidYetException e) { log.error("Consistency error while trying to expire member {}, exception {}", member, e); } } } }
member = groupsManager.getGroupMemberById(registrarSession, group, member.getId()); if (member.isSponsored()) { throw new CantBeSubmittedException("Sponsored member cannot apply for membership extension, it must be extended by the sponsor.");
@Override public String toString() { return "Member:[id='" + getId() + "', userId='" + userId + "', voId='" + voId + "', status='" + status + "', type='" + membershipType + "', sourceGroupId='" + sourceGroupId + "', sponsored='" + sponsored+ "']"; } }
public void removeMemberFromGroup(Member member, Group group) throws InternalErrorException { //Remove member from group Attribute uniqueMember = new BasicAttribute(EventProcessorImpl.ldapAttrUniqueMember, EventProcessorImpl.ldapAttrPerunUserId + "=" + member.getUserId() + "," + EventProcessorImpl.organizationalUnitPeople + "," + ldapProperties.getLdapBase()); ModificationItem uniqueMemberItem = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, uniqueMember); this.updateGroup(group, new ModificationItem[] {uniqueMemberItem}); //Remove member from vo if this group is membersGroup if(group.getName().equals(VosManager.MEMBERS_GROUP) && group.getParentGroupId() == null) { //Remove info from vo this.updateVo(group.getVoId(), new ModificationItem[] {uniqueMemberItem}); //Remove also information from user Attribute memberOfPerunVo = new BasicAttribute(EventProcessorImpl.ldapAttrMemberOfPerunVo, String.valueOf(group.getVoId())); ModificationItem memberOfPerunVoItem = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, memberOfPerunVo); this.updateUserWithUserId(String.valueOf(member.getUserId()), new ModificationItem[] {memberOfPerunVoItem}); } //Remove group info from member Attribute memberOf = new BasicAttribute(EventProcessorImpl.ldapAttrMemberOf, EventProcessorImpl.ldapAttrPerunGroupId + "=" + group.getId() + "," + EventProcessorImpl.ldapAttrPerunVoId + "=" + group.getVoId() + "," + ldapProperties.getLdapBase()); ModificationItem memberOfItem = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, memberOf); this.updateUserWithUserId(String.valueOf(member.getUserId()), new ModificationItem[] {memberOfItem}); }
@Override public List<Application> getApplicationsForMember(PerunSession sess, Group group, Member member) throws PerunException { // authz if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, member) && !AuthzResolver.isAuthorized(sess, Role.VOOBSERVER, member)) { if (group != null) { if (!AuthzResolver.isAuthorized(sess, Role.GROUPADMIN, group)) { throw new PrivilegeException(sess, "getApplicationsForMember"); } } else { throw new PrivilegeException(sess, "getApplicationsForMember"); } } try { if (group == null) { return jdbc.query(APP_SELECT + " where user_id=? and a.vo_id=? order by a.id desc", APP_MAPPER, member.getUserId(), member.getVoId()); } else { return jdbc.query(APP_SELECT + " where user_id=? and a.vo_id=? and a.group_id=? order by a.id desc", APP_MAPPER, member.getUserId(), member.getVoId(), group.getId()); } } catch (EmptyResultDataAccessException ex) { return new ArrayList<Application>(); } }
for (Member m : expireInTime) { try { if (allowedStatuses.contains(m.getStatus())) { perun.getMembersManagerBl().canExtendMembershipWithReason(sess, m); if (didntSubmitExtensionApplication(m)) { expirationPeriod.getExpirationAuditAction().callOn(getPerun().getAuditer(), sess, m, vosMap.get(m.getVoId())); } else { log.debug("{} not notified about expiration, has submitted - pending application.", m); ExpirationPeriod.MONTH.getExpirationAuditAction().callOn(getPerun().getAuditer(), sess, m, vosMap.get(m.getVoId())); } else { log.debug("{} not notified about expiration, has submitted - pending application.", m);
/** * Validates member whose expiration is set after the given date * * @param date date * @throws InternalErrorException internal error * @throws WrongAttributeAssignmentException error * @throws AttributeNotExistsException error */ private void validateMembers(Calendar date) throws InternalErrorException, WrongAttributeAssignmentException, AttributeNotExistsException { List<Member> shouldntBeExpired = perun.getSearcherBl().getMembersByExpiration(sess, ">", date); for (Member member : shouldntBeExpired) { if (member.getStatus().equals(Status.EXPIRED)) { try { perun.getMembersManagerBl().validateMember(sess, member); log.info("Switching {} to VALID state, due to changed expiration {}.", member, perun.getAttributesManagerBl().getAttribute(sess, member, "urn:perun:member:attribute-def:def:membershipExpiration").getValue()); } catch (WrongAttributeValueException | WrongReferenceAttributeValueException e) { log.error("Error during validating member {}, exception {}", member, e); } } } }
public void addMemberToGroup(Member member, Group group) throws InternalErrorException { //Add member to group Attribute uniqueMember = new BasicAttribute(EventProcessorImpl.ldapAttrUniqueMember, EventProcessorImpl.ldapAttrPerunUserId + "=" + member.getUserId() + "," + EventProcessorImpl.organizationalUnitPeople + "," + ldapProperties.getLdapBase()); ModificationItem uniqueMemberItem = new ModificationItem(DirContext.ADD_ATTRIBUTE, uniqueMember); this.updateGroup(group, new ModificationItem[] {uniqueMemberItem}); //Add member to vo if this group is memebrsGroup if(group.getName().equals(VosManager.MEMBERS_GROUP) && group.getParentGroupId() == null) { //Add info to vo this.updateVo(group.getVoId(), new ModificationItem[] {uniqueMemberItem}); //Add info also to user Attribute memberOfPerunVo = new BasicAttribute(EventProcessorImpl.ldapAttrMemberOfPerunVo, String.valueOf(group.getVoId())); ModificationItem memberOfPerunVoItem = new ModificationItem(DirContext.ADD_ATTRIBUTE, memberOfPerunVo); this.updateUserWithUserId(String.valueOf(member.getUserId()), new ModificationItem[] {memberOfPerunVoItem}); } //Add group info to member Attribute memberOf = new BasicAttribute("memberOf", EventProcessorImpl.ldapAttrPerunGroupId + "=" + group.getId() + "," + EventProcessorImpl.ldapAttrPerunVoId + "=" + group.getVoId() + "," + ldapProperties.getLdapBase()); ModificationItem memberOfItem = new ModificationItem(DirContext.ADD_ATTRIBUTE, memberOf); this.updateUserWithUserId(String.valueOf(member.getUserId()), new ModificationItem[] {memberOfItem}); }
members = perun.getMembersManagerBl().getMembersByUser(perunSession, user); for(Member member: members) { if(member.getStatus().equals(Status.VALID)) { membersOfPerunVo.add("memberOfPerunVo: " + member.getVoId()); List<Group> groups; groups = perun.getGroupsManagerBl().getAllMemberGroups(perunSession, member);