@Transactional(propagation = Propagation.REQUIRES_NEW, readOnly = true) @Override @SuppressWarnings("unchecked") public List<Group> findDynGroups(final String key) { Query query = entityManager().createNativeQuery( "SELECT group_id FROM " + JPAGroupDAO.ADYNMEMB_TABLE + " WHERE any_id=?"); query.setParameter(1, key); List<Group> result = new ArrayList<>(); query.getResultList().stream().map(resultKey -> resultKey instanceof Object[] ? (String) ((Object[]) resultKey)[0] : ((String) resultKey)). forEach(groupKey -> { Group group = groupDAO.find(groupKey.toString()); if (group == null) { LOG.error("Could not find group {}, even though returned by the native query", groupKey); } else if (!result.contains(group)) { result.add(group); } }); return result; }
protected String check(final MembershipCond cond) { String groupKey; if (SyncopeConstants.UUID_PATTERN.matcher(cond.getGroup()).matches()) { groupKey = cond.getGroup(); } else { Group group = groupDAO.findByName(cond.getGroup()); groupKey = group == null ? null : group.getKey(); } if (groupKey == null) { LOG.error("Could not find group for '" + cond.getGroup() + "'"); throw new IllegalArgumentException(); } return groupKey; }
private int count() { return StringUtils.isBlank(conf.getMatchingCond()) ? groupDAO.count() : searchDAO.count(SyncopeConstants.FULL_ADMIN_REALMS, SearchCondConverter.convert(conf.getMatchingCond()), AnyTypeKind.GROUP); }
@Transactional(readOnly = true) @Override public Map<String, PropagationByResource> findUsersWithTransitiveResources(final String groupKey) { Group group = groupDAO.authFind(groupKey); Map<String, PropagationByResource> result = new HashMap<>(); groupDAO.findUMemberships(group).forEach((membership) -> { populateTransitiveResources(group, membership.getLeftEnd(), result); }); return result; } }
@Transactional(readOnly = true) @Override public Map<String, PropagationByResource> findAnyObjectsWithTransitiveResources(final String groupKey) { Group group = groupDAO.authFind(groupKey); Map<String, PropagationByResource> result = new HashMap<>(); groupDAO.findAMemberships(group).forEach((membership) -> { populateTransitiveResources(group, membership.getLeftEnd(), result); }); return result; }
/** * Keep track of members of the group being updated before actual update takes place. * This is not needed on * <ul> * <li>{@link #beforeProvision} because the pulling group does not exist yet on Syncope</li> * <li>{@link #beforeDelete} because group delete cascades as membership removal for all users involved</li> * </ul> * * {@inheritDoc} */ @Transactional(readOnly = true) @Override public <P extends AnyPatch> void beforeUpdate( final ProvisioningProfile<?, ?> profile, final SyncDelta delta, final EntityTO entity, final P anyPatch) throws JobExecutionException { if (!(entity instanceof GroupTO)) { super.beforeUpdate(profile, delta, entity, anyPatch); } groupDAO.findUMemberships(groupDAO.find(entity.getKey())).forEach(uMembership -> { Set<String> memb = membershipsBefore.get(uMembership.getLeftEnd().getKey()); if (memb == null) { memb = new HashSet<>(); membershipsBefore.put(uMembership.getLeftEnd().getKey(), memb); } memb.add(entity.getKey()); }); }
@Override public PropagationByResource update(final Group toBeUpdated, final GroupPatch groupPatch) { Group group = groupDAO.save(toBeUpdated); propByRes.addAll(ResourceOperation.UPDATE, groupDAO.findAllResourceKeys(group.getKey())); group.setGroupOwner(groupPatch.getGroupOwner().getValue() == null ? null : groupDAO.find(groupPatch.getGroupOwner().getValue())); }); group = groupDAO.save(group); group.getUDynMembership().setGroup(null); group.setUDynMembership(null); groupDAO.clearUDynMembers(group); itor.remove(); groupDAO.clearADynMembers(group); for (Map.Entry<String, String> entry : groupPatch.getADynMembershipConds().entrySet()) { AnyType anyType = anyTypeDAO.find(entry.getKey()); group = groupDAO.saveAndRefreshDynMemberships(group); groupDAO.save(group); return propByRes;
List<String> groupConnObjectLinks = new ArrayList<>(); userDAO.findAllGroupKeys(user).forEach(groupKey -> { Group group = groupDAO.find(groupKey); if (group != null && groupDAO.findAllResourceKeys(groupKey).contains(task.getResource().getKey())) { LOG.debug("Evaluating connObjectLink for {}", group); JexlContext jexlContext = new MapContext();
? groupDAO.findByName(membershipTO.getGroupName()) : groupDAO.find(membershipTO.getGroupKey()); if (group == null) { LOG.debug("Ignoring invalid group "
groupTO.getDynRealms().addAll(groupDAO.findDynRealms(group.getKey())); groupTO.setStaticUserMembershipCount(groupDAO.countUMembers(group)); groupTO.setStaticAnyObjectMembershipCount(groupDAO.countAMembers(group)); groupTO.setDynamicUserMembershipCount(groupDAO.countUDynMembers(group)); groupTO.setDynamicAnyObjectMembershipCount(groupDAO.countADynMembers(group));
@Override protected String doExecute(final boolean dryRun) throws JobExecutionException { Group group = groupDAO.authFind(groupKey); membershipCond.setGroup(groupKey); List<User> users = searchDAO.search(SearchCond.getLeafCond(membershipCond), AnyTypeKind.USER); Collection<String> groupResourceKeys = groupDAO.findAllResourceKeys(groupKey); status.set("About to " + (action == ProvisionAction.DEPROVISION ? "de" : "") + "provision "
@Override public List<PropagationStatus> deprovision( final String key, final Collection<String> resources, final boolean nullPriorityAsync) { PropagationByResource propByRes = new PropagationByResource(); propByRes.addAll(ResourceOperation.DELETE, resources); List<PropagationTaskInfo> taskInfos = propagationManager.getDeleteTasks( AnyTypeKind.GROUP, key, propByRes, groupDAO.findAllResourceKeys(key).stream(). filter(resource -> !resources.contains(resource)). collect(Collectors.toList())); PropagationReporter propagationReporter = taskExecutor.execute(taskInfos, nullPriorityAsync); return propagationReporter.getStatuses(); }
groupDAO.findOwnedByUser(user.getKey()).forEach((group) -> { for (String entitlement : GROUP_OWNER_ENTITLEMENTS) { Set<String> realms = entForRealms.get(entitlement);
numbersInfo.getUsersByStatus().putAll(userDAO.countByStatus()); numbersInfo.setTotalGroups(groupDAO.count()); numbersInfo.getGroupsByRealm().putAll(groupDAO.countByRealm());
@Override protected boolean securityChecks(final Set<String> effectiveRealms, final String realm, final String key) { boolean authorized = effectiveRealms.stream().anyMatch(ownedRealm -> realm.startsWith(ownedRealm) || ownedRealm.equals(RealmUtils.getGroupOwnerRealm(realm, key))); if (!authorized) { authorized = groupDAO.findDynRealms(key).stream(). anyMatch(dynRealm -> effectiveRealms.contains(dynRealm)); } if (!authorized) { throw new DelegatedAdministrationException(realm, AnyTypeKind.GROUP.name(), key); } return effectiveRealms.stream().anyMatch(new RealmUtils.DynRealmsPredicate()); }
@Transactional(readOnly = true) @Override public GroupTO getGroupTO(final String key) { return getGroupTO(groupDAO.authFind(key), true); }
}); anyObjectDAO.findAllGroupKeys(anyObject).forEach(group -> { groupDAO.findAllResourceKeys(group).forEach(resource -> { if (!reasons.containsKey(resource)) { reasons.put(resource, new HashSet<>()); groupDAO.findAllResourceKeys(membership.getRightEnd().getKey()).stream(). filter(resource -> reasons.containsKey(resource)). forEach(resource -> { Group group = groupDAO.find(membPatch.getGroup()); if (group == null) { LOG.debug("Ignoring invalid group {}", membPatch.getGroup()); toBeProvisioned.addAll(groupDAO.findAllResourceKeys(group.getKey())); } else { LOG.error("{} cannot be assigned to {}", group, anyObject); filter(group -> !dynGroupMembs.getRight().contains(group)). forEach(delete -> { groupDAO.find(delete).getResources().stream(). filter(resource -> !propByRes.contains(resource.getKey())). forEach(resource -> { filter(group -> dynGroupMembs.getRight().contains(group)). forEach(update -> { groupDAO.find(update).getResources().stream(). filter(resource -> !propByRes.contains(resource.getKey())). forEach(resource -> {
? groupDAO.findByName(membershipTO.getGroupName()) : groupDAO.find(membershipTO.getGroupKey()); if (group == null) { LOG.debug("Ignoring invalid group "