/** * Return the company DN of current user. * * @return the company DN of current user or <code>null</code> if the current user is not in the repository. */ private String getUserCompanyDn() { final CompanyOrg company = getUserCompany(); if (company == null) { return null; } return company.getDn(); }
@Override public CompanyOrg create(final String dn, final String name) { return new CompanyOrg(dn, name); }
/** * Build the {@link LdapName} instance from the DN. This also requires a valid DN for the given {@link CompanyOrg} */ private void buildLdapName(final CompanyOrg company) { company.setLdapName(org.springframework.ldap.support.LdapUtils.newLdapName(company.getDn())); }
/** * Build the company hierarchy from the given {@link CompanyOrg} */ private void buildHierarchy(final Map<String, CompanyOrg> companies, final CompanyOrg company) { // Collect all parents and sorted from parent to the leaf company.setCompanyTree( companies.values().stream().filter(c -> DnUtils.equalsOrParentOf(c.getDn(), company.getDn())) .sorted(Comparator.comparing(CompanyOrg::getLdapName)).collect(Collectors.toList())); }
@Override protected void checkForDeletion(final ContainerOrg container) { super.checkForDeletion(container); // Company deletion is only possible where there is no user inside this company, or inside any sub-company final Map<String, UserOrg> users = getUser().findAll(); if (getRepository().findAll().values().stream() .filter(c -> DnUtils.equalsOrParentOf(container.getDn(), c.getDn())) .anyMatch(c -> users.values().stream().map(UserOrg::getCompany).anyMatch(c.getId()::equals))) { // Locked container is inside the container to delete throw new ValidationJsonException(getTypeName(), "not-empty-company", "0", getTypeName(), "1", container.getId()); } }
/** * Fetch and return all normalized companies. Note the result use cache, so does not reflect the current state of * LDAP. * * @return the companies. Key is the normalized name. */ @Override public Map<String, CompanyOrg> findAllNoCache() { final Map<String, CompanyOrg> companiesNameToDn = new HashMap<>(); for (final DirContextAdapter ldap : template.search(companyBaseDn, "objectClass=" + ORGANIZATIONAL_UNIT, (Object ctx) -> (DirContextAdapter) ctx)) { final CompanyOrg company = new CompanyOrg(ldap.getDn().toString(), ldap.getStringAttributes("ou")[0]); companiesNameToDn.put(company.getId(), company); } // Also add/replace the quarantine zone final CompanyOrg quarantine = new CompanyOrg(quarantineBaseDn, getQuarantineCompany()); quarantine.setLocked(true); companiesNameToDn.put(quarantine.getId(), quarantine); // The complete the hierarchy of companies companiesNameToDn.values().forEach(this::buildLdapName); companiesNameToDn.values().forEach(c -> this.buildHierarchy(companiesNameToDn, c)); return companiesNameToDn; }
/** * Map {@link CompanyOrg} to LDAP */ @Override protected void mapToContext(final CompanyOrg entry, final DirContextOperations context) { context.setAttributeValue("ou", entry.getName()); }
private void addFilteredByCompaniesAndPattern(final Set<String> companies, final String criteria, final Set<UserOrg> result, final UserOrg userLdap) { final List<CompanyOrg> userCompanies = companyRepository.findAll().get(userLdap.getCompany()).getCompanyTree(); if (userCompanies.stream().map(CompanyOrg::getId).anyMatch(companies::contains)) { addFilteredByPattern(criteria, result, userLdap); } }
@Override public void move(final UserOrg user, final CompanyOrg company) { final LdapName newDn = org.springframework.ldap.support.LdapUtils .newLdapName(buildDn(user.getId(), company.getDn())); final LdapName oldDn = org.springframework.ldap.support.LdapUtils.newLdapName(user.getDn()); template.rename(oldDn, newDn); user.setDn(newDn.toString()); user.setCompany(company.getId()); cacheRepository.update(user); // Also, update the groups of this user user.getGroups().forEach(g -> groupLdapRepository.updateMemberDn(g, oldDn.toString(), newDn.toString())); }
@Override public int hashCode() { return getId().hashCode(); }
@Override public void delete(final CompanyOrg container) { /* * Remove from this company, all companies within (sub LDAP DN) this company. This operation is needed since we * are not rebuilding the cache from the LDAP. This save a lot of computations. */ findAll().values().stream().filter(g -> DnUtils.equalsOrParentOf(container.getDn(), g.getDn())) .collect(Collectors.toList()).forEach(this::removeFromJavaCache); // Remove from LDAP the recursively the company. Anything that was not nicely cleaned will be deleted there. template.unbind(container.getDn(), true); // Also, update the SQL cache cacheRepository.delete(container); }
@Override protected CompanyOrg newContainer(final String dn, final String name) { return new CompanyOrg(dn.toLowerCase(Locale.ENGLISH), name); }
/** * Delete a company. Warning, it is assumed there is no more user associated to the deleted company. * * @param company * the company to delete. */ public void delete(final CompanyOrg company) { em.createQuery("DELETE FROM CacheCompany WHERE id=:id").setParameter("id", company.getId()).executeUpdate(); em.flush(); em.clear(); }
/** * Validate, clean the company name, and return the corresponding DN. */ private String validateCompany(final DelegateOrgEditionVo importEntry, final Map<String, CompanyOrg> allCompanies, final String dn) { final String normalizedCN = Normalizer.normalize(importEntry.getName()); if (allCompanies.containsKey(normalizedCN)) { importEntry.setName(normalizedCN); return allCompanies.get(normalizedCN).getDn(); } return dn; }
/** * Remove the company from the memory cache. * * @param company * The company to remove. */ private void removeFromJavaCache(final CompanyOrg company) { // Update the raw cache findAll().remove(company.getId()); }
/** * Return DN from entry. * * @param entry * LDAP entry to convert to DN. * @return DN from entry. */ public Name buildDn(final UserOrg entry) { return org.springframework.ldap.support.LdapUtils .newLdapName(buildDn(entry.getId(), companyRepository.findById(entry.getCompany()).getDn())); }
/** * Add given company to the cache. * * @param company * The new company. * @return <code>company</code> */ public CompanyOrg create(final CompanyOrg company) { cache.create(company); getCompany().findAll().put(company.getId(), company); return company; }
/** * Check the current user can reset the given user password. * * @param user * The user to alter. * @return The internal representation of found user. */ private UserOrg checkResetRight(final String user) { // Check the user exists final UserOrg userOrg = getUser().findByIdExpected(securityHelper.getLogin(), Normalizer.normalize(user)); // Check the company final String companyDn = getCompany().findById(userOrg.getCompany()).getDn(); if (delegateRepository.findByMatchingDnForWrite(securityHelper.getLogin(), companyDn, DelegateType.TREE) .isEmpty()) { // Report this attempt to delete a non writable user log.warn("Attempt to reset the password of a user '{}' out of scope", user); throw new ValidationJsonException(USER_KEY, READ_ONLY, "0", "user", "1", user); } return userOrg; }
/** * Remove given company from the cache. Warning, it is assumed there is no more user associated to the deleted * company. * * @param company * The company to remove. */ public void delete(final CompanyOrg company) { final Map<String, CompanyOrg> companiesNameToDn = getCompany().findAll(); // Remove from JPA cache cache.delete(company); // Remove from in-memory cache companiesNameToDn.remove(company.getId()); }