@Override public String serializeToString() { StringBuilder str = new StringBuilder(); return str.append(this.getClass().getSimpleName()).append(":[").append( "id=<").append(getId()).append(">").append( ", parentGroupId=<").append(getParentGroupId() == null ? "\\0" : getParentGroupId()).append(">").append( ", name=<").append(getName() == null ? "\\0" : BeansUtils.createEscaping(getName())).append(">").append( ", shortName=<").append(getShortName() == null ? "\\0" : BeansUtils.createEscaping(getShortName())).append(">").append( ", description=<").append(getDescription() == null ? "\\0" : BeansUtils.createEscaping(getDescription())).append(">").append( ", voId=<").append(getVoId()).append(">").append( ']').toString(); }
public void updateGroup(Group group, ModificationItem[] modificationItems) { ldapTemplate.modifyAttributes(getGroupDN(String.valueOf(group.getVoId()), String.valueOf(group.getId())), modificationItems); log.debug("Entry modified in LDAP: Group {}.", group); }
public void removeGroup(Group group) throws InternalErrorException { List<String> uniqueUsersIds = new ArrayList<String>(); uniqueUsersIds = this.getAllUniqueMembersInGroup(group.getId(), group.getVoId()); for(String s: uniqueUsersIds) { Attribute memberOf = new BasicAttribute(EventProcessorImpl.ldapAttrMemberOf, EventProcessorImpl.ldapAttrPerunGroupId + "=" + group.getId() + "," + EventProcessorImpl.ldapAttrPerunVoId + "=" + group.getVoId() + "," + ldapProperties.getLdapBase()); ModificationItem memberOfItem = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, memberOf); this.updateUserWithUserId(s, new ModificationItem[] {memberOfItem}); } try { ldapTemplate.unbind(getGroupDN(String.valueOf(group.getVoId()), String.valueOf(group.getId()))); log.debug("Entry deleted from LDAP: Group {} from Vo with ID=" + group.getVoId() + ".", group); } catch (NameNotFoundException e) { throw new InternalErrorException(e); } }
public boolean groupAttributeExist(Group group, String ldapAttributeName) throws InternalErrorException { Object o = null; try { setLdapAttributeName(ldapAttributeName); o = ldapTemplate.lookup(getGroupDN(String.valueOf(group.getVoId()), String.valueOf(group.getId())), new AttributeContextMapper()); } catch (NameNotFoundException ex) { return false; } if(o == null) return false; return true; }
public boolean isAlreadyMember(Member member, Group group) { Object o = ldapTemplate.lookup(getUserDN(String.valueOf(member.getUserId())), new UserMemberOfContextMapper()); String[] memberOfInformation = (String []) o; if(memberOfInformation != null) { for(String s: memberOfInformation) { if(s.equals(EventProcessorImpl.ldapAttrPerunGroupId + "=" + group.getId() + "," + EventProcessorImpl.ldapAttrPerunVoId + "=" + group.getVoId() + "," + ldapProperties.getLdapBase())) return true; } } return false; }
@Override public ApplicationForm mapRow(ResultSet rs, int arg1) throws SQLException { ApplicationForm form = new ApplicationForm(); form.setId(rs.getInt("id")); form.setAutomaticApproval(rs.getBoolean("automatic_approval")); form.setAutomaticApprovalExtension(rs.getBoolean("automatic_approval_extension")); form.setModuleClassName(rs.getString("module_name")); form.setGroup(group); try { form.setVo(vosManager.getVoById(registrarSession, group.getVoId())); } catch (Exception ex) { // we don't care, shouldn't happen for internal identity. } return form; } }, group.getVoId(), group.getId());
/** * Update basic group attributes (name and description) in LDAP * * @param group group after update * * @throws InternalErrorException */ private void updateGroup(Group group) throws InternalErrorException { Map<LdapOperation, List<Pair<String,String>>> attributes = new HashMap<>(); List<Pair<String,String>> listAttributesToBeRemoved = new ArrayList<>(); List<Pair<String,String>> listAttributesToBeReplaced = new ArrayList<>(); //change name listAttributesToBeReplaced.add(new Pair(ldapAttrCommonName,this.group.getName())); listAttributesToBeReplaced.add(new Pair(ldapAttrPerunUniqueGroupName, ldapConnector.getVoShortName(this.group.getVoId()) + ":" + this.group.getName())); //change description (or remove it if there is none) if(group.getDescription() != null && !group.getDescription().isEmpty()) { listAttributesToBeReplaced.add(new Pair(ldapAttrDescription, this.group.getDescription())); } else { if(ldapConnector.groupAttributeExist(group, ldapAttrDescription)) { listAttributesToBeRemoved.add(new Pair(ldapAttrDescription, null)); } } //Add all attributes which will be replaced for the group (that also mean added if not exists yet) attributes.put(LdapOperation.REPLACE_ATTRIBUTE, listAttributesToBeReplaced); //Add all attributes (if any) which will be removed for group if(!listAttributesToBeReplaced.isEmpty()) attributes.put(LdapOperation.REMOVE_ATTRIBUTE, listAttributesToBeRemoved); //update attributes in LDAP for group updateGroupAttributes(attributes, group); }
listAttributesToBeReplaced.add(new Pair(ldapAttrPerunUniqueGroupName, ldapConnector.getVoShortName(group.getVoId()) + ":" + group.getName())); listAttributesToBeReplaced.add(new Pair(ldapAttrPerunParentGroup, ldapAttrPerunGroupId + "=" + group.getParentGroupId().toString() + "," + ldapAttrPerunVoId + "=" + group.getVoId() + "," + ldapProperties.getLdapBase())); listAttributesToBeReplaced.add(new Pair(ldapAttrPerunParentGroupId, group.getParentGroupId().toString())); } else {
public void removeMemberFromGroup(Member member, Group group) throws InternalErrorException { //Remove member from group Attribute uniqueMember = new BasicAttribute(EventProcessorImpl.ldapAttrUniqueMember, EventProcessorImpl.ldapAttrPerunUserId + "=" + member.getUserId() + "," + EventProcessorImpl.organizationalUnitPeople + "," + ldapProperties.getLdapBase()); ModificationItem uniqueMemberItem = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, uniqueMember); this.updateGroup(group, new ModificationItem[] {uniqueMemberItem}); //Remove member from vo if this group is membersGroup if(group.getName().equals(VosManager.MEMBERS_GROUP) && group.getParentGroupId() == null) { //Remove info from vo this.updateVo(group.getVoId(), new ModificationItem[] {uniqueMemberItem}); //Remove also information from user Attribute memberOfPerunVo = new BasicAttribute(EventProcessorImpl.ldapAttrMemberOfPerunVo, String.valueOf(group.getVoId())); ModificationItem memberOfPerunVoItem = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, memberOfPerunVo); this.updateUserWithUserId(String.valueOf(member.getUserId()), new ModificationItem[] {memberOfPerunVoItem}); } //Remove group info from member Attribute memberOf = new BasicAttribute(EventProcessorImpl.ldapAttrMemberOf, EventProcessorImpl.ldapAttrPerunGroupId + "=" + group.getId() + "," + EventProcessorImpl.ldapAttrPerunVoId + "=" + group.getVoId() + "," + ldapProperties.getLdapBase()); ModificationItem memberOfItem = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, memberOf); this.updateUserWithUserId(String.valueOf(member.getUserId()), new ModificationItem[] {memberOfItem}); }
private GroupSCIM mapPerunGroupToScimGroup(Group perunGroup) { List<String> schemas = new ArrayList<>(); schemas.add(URN_GROUP); GroupSCIM result = new GroupSCIM(); result.setSchemas(schemas); result.setDisplayName(perunGroup.getName()); result.setId(new Long(perunGroup.getId())); try { List<Member> perunGroupMembers = perunBl.getGroupsManagerBl().getGroupMembers(session, perunGroup); result.setMembers(mapPerunMembersToScimMembers(perunGroupMembers)); } catch (InternalErrorException ex) { log.error("Cannot obtain members of group " + perunGroup.getId() + " in VO " + perunGroup.getVoId(), ex); } return result; }
public void addMemberToGroup(Member member, Group group) throws InternalErrorException { //Add member to group Attribute uniqueMember = new BasicAttribute(EventProcessorImpl.ldapAttrUniqueMember, EventProcessorImpl.ldapAttrPerunUserId + "=" + member.getUserId() + "," + EventProcessorImpl.organizationalUnitPeople + "," + ldapProperties.getLdapBase()); ModificationItem uniqueMemberItem = new ModificationItem(DirContext.ADD_ATTRIBUTE, uniqueMember); this.updateGroup(group, new ModificationItem[] {uniqueMemberItem}); //Add member to vo if this group is memebrsGroup if(group.getName().equals(VosManager.MEMBERS_GROUP) && group.getParentGroupId() == null) { //Add info to vo this.updateVo(group.getVoId(), new ModificationItem[] {uniqueMemberItem}); //Add info also to user Attribute memberOfPerunVo = new BasicAttribute(EventProcessorImpl.ldapAttrMemberOfPerunVo, String.valueOf(group.getVoId())); ModificationItem memberOfPerunVoItem = new ModificationItem(DirContext.ADD_ATTRIBUTE, memberOfPerunVo); this.updateUserWithUserId(String.valueOf(member.getUserId()), new ModificationItem[] {memberOfPerunVoItem}); } //Add group info to member Attribute memberOf = new BasicAttribute("memberOf", EventProcessorImpl.ldapAttrPerunGroupId + "=" + group.getId() + "," + EventProcessorImpl.ldapAttrPerunVoId + "=" + group.getVoId() + "," + ldapProperties.getLdapBase()); ModificationItem memberOfItem = new ModificationItem(DirContext.ADD_ATTRIBUTE, memberOf); this.updateUserWithUserId(String.valueOf(member.getUserId()), new ModificationItem[] {memberOfItem}); }
public void addGroup(Group group) throws InternalErrorException { // Create a set of attributes Attributes attributes = new BasicAttributes(); // Create the objectclass to add Attribute objClasses = new BasicAttribute(EventProcessorImpl.ldapAttrObjectClass); objClasses.add(EventProcessorImpl.objectClassTop); objClasses.add(EventProcessorImpl.objectClassPerunGroup); // Add attributes attributes.put(objClasses); attributes.put(EventProcessorImpl.ldapAttrCommonName, group.getName()); attributes.put(EventProcessorImpl.ldapAttrPerunGroupId, String.valueOf(group.getId())); attributes.put(EventProcessorImpl.ldapAttrPerunUniqueGroupName, new String(this.getVoShortName(group.getVoId()) + ":" + group.getName())); attributes.put(EventProcessorImpl.ldapAttrPerunVoId, String.valueOf(group.getVoId())); if(group.getDescription() != null && !group.getDescription().isEmpty()) attributes.put(EventProcessorImpl.ldapAttrDescription, group.getDescription()); if(group.getParentGroupId() != null) { attributes.put(EventProcessorImpl.ldapAttrPerunParentGroup, EventProcessorImpl.ldapAttrPerunGroupId + "=" + group.getParentGroupId().toString() + "," + EventProcessorImpl.ldapAttrPerunVoId + "=" + group.getVoId() + "," + ldapProperties.getLdapBase()); attributes.put(EventProcessorImpl.ldapAttrPerunParentGroupId, group.getParentGroupId().toString()); } // Create the entry try { ldapTemplate.bind(getGroupDN(String.valueOf(group.getVoId()), String.valueOf(group.getId())), null, attributes); log.debug("New entry created in LDAP: Group {} in Vo with Id=" + group.getVoId() + ".", group); } catch (NameNotFoundException e) { throw new InternalErrorException(e); } }
dn+= "perunGroupId=" + group.getId() + ",perunVoId=" + group.getVoId() + "," + ldapBase; writer.write(dn + '\n'); perunVoId+= String.valueOf(group.getVoId()); if(group.getParentGroupId() != null) { parentGroupId+= group.getParentGroupId(); parentGroup+= "perunGroupId=" + group.getParentGroupId()+ ",perunVoId=" + group.getVoId() + "," + ldapBase;
@Override public void createApplicationFormInGroup(PerunSession sess, Group group) throws InternalErrorException, PrivilegeException { if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, group) && !AuthzResolver.isAuthorized(sess, Role.GROUPADMIN, group)) { throw new PrivilegeException(sess, "createApplicationFormInGroup"); } int id = Utils.getNewId(jdbc, "APPLICATION_FORM_ID_SEQ"); try { jdbc.update("insert into application_form(id, vo_id, group_id) values (?,?,?)", id, group.getVoId(), group.getId()); } catch (DuplicateKeyException ex) { throw new ConsistencyErrorException("Group can have defined only one application form. Can't insert another.", ex); } }
@Override public ApplicationForm getFormForGroup(final Group group) throws PerunException { if (group == null) throw new InternalErrorException("Group can't be null"); try { return jdbc.queryForObject(FORM_SELECT + " where vo_id=? and group_id=?", new RowMapper<ApplicationForm>() { @Override public ApplicationForm mapRow(ResultSet rs, int arg1) throws SQLException { ApplicationForm form = new ApplicationForm(); form.setId(rs.getInt("id")); form.setAutomaticApproval(rs.getBoolean("automatic_approval")); form.setAutomaticApprovalExtension(rs.getBoolean("automatic_approval_extension")); form.setModuleClassName(rs.getString("module_name")); form.setGroup(group); try { form.setVo(vosManager.getVoById(registrarSession, group.getVoId())); } catch (Exception ex) { // we don't care, shouldn't happen for internal identity. } return form; } }, group.getVoId(), group.getId()); } catch (EmptyResultDataAccessException ex) { throw new FormNotExistsException("Form for Group: "+group.getName()+" doesn't exists."); } }
groups = perun.getGroupsManagerBl().getAllMemberGroups(perunSession, member); for(Group group: groups) { membersOf.add("memberOf: " + "perunGroupId=" + group.getId() + ",perunVoId=" + group.getVoId() + "," + ldapBase);
public RichGroup(Group group, List<Attribute> attrs) { super(group.getId(), group.getName(), group.getDescription(), group.getCreatedAt(), group.getCreatedBy(), group.getModifiedAt(), group.getModifiedBy(), group.getParentGroupId(), group.getCreatedByUid(), group.getModifiedByUid()); this.setVoId(group.getVoId()); this.groupAttributes = attrs; }
@Override public void copyFormFromGroupToGroup(PerunSession sess, Group fromGroup, Group toGroup) throws PerunException { Vo fromVO = perun.getVosManagerBl().getVoById(registrarSession, fromGroup.getVoId()); if ((!AuthzResolver.isAuthorized(sess, Role.GROUPADMIN, fromGroup) && !AuthzResolver.isAuthorized(sess, Role.VOADMIN, fromGroup) && !AuthzResolver.isAuthorized(sess, Role.TOPGROUPCREATOR, fromVO)) || (!AuthzResolver.isAuthorized(sess, Role.GROUPADMIN, toGroup) && !AuthzResolver.isAuthorized(sess, Role.VOADMIN, toGroup))) { throw new PrivilegeException(sess, "copyFormFromGroupToGroup"); } List<ApplicationFormItem> items = getFormItems(sess, getFormForGroup(fromGroup)); for (ApplicationFormItem item : items) { item.setOrdnum(null); // reset order, id is always new inside add method addFormItem(sess, getFormForGroup(toGroup), item); } }
@Override public void copyMailsFromGroupToGroup(PerunSession sess, Group fromGroup, Group toGroup) throws PerunException { Vo fromVO = perun.getVosManagerBl().getVoById(registrarSession, fromGroup.getVoId()); if (!AuthzResolver.isAuthorized(sess, Role.GROUPADMIN, fromGroup) && !AuthzResolver.isAuthorized(sess, Role.VOADMIN, fromGroup) && !AuthzResolver.isAuthorized(sess, Role.TOPGROUPCREATOR, fromVO)) { throw new PrivilegeException(sess, "copyMailsFromGroupToGroup"); } if (!AuthzResolver.isAuthorized(sess, Role.GROUPADMIN, toGroup) && !AuthzResolver.isAuthorized(sess, Role.VOADMIN, toGroup)) { throw new PrivilegeException(sess, "copyMailsFromGroupToGroup"); } ApplicationForm formFrom = registrarManager.getFormForGroup(fromGroup); ApplicationForm formTo = registrarManager.getFormForGroup(toGroup); List<ApplicationMail> mails = getApplicationMails(sess, formFrom); for (ApplicationMail mail : mails) { // to start transaction try { registrarManager.getMailManager().addMail(sess, formTo, mail); } catch (DuplicateKeyException ex) { log.info("[MAIL MANAGER] Mail notification of type {} skipped while copying (was already present).", mail.getMailType()+"/"+mail.getAppType()); } } }