protected void setRealm(final Any<?> any, final AnyPatch anyPatch) { if (anyPatch.getRealm() != null && StringUtils.isNotBlank(anyPatch.getRealm().getValue())) { Realm newRealm = realmDAO.findByFullPath(anyPatch.getRealm().getValue()); if (newRealm == null) { LOG.debug("Invalid realm specified: {}, ignoring", anyPatch.getRealm().getValue()); } else { any.setRealm(newRealm); } } }
protected ProvisioningResult<UserTO> doUpdate( final UserPatch userPatch, final boolean self, final boolean nullPriorityAsync) { UserTO userTO = binder.getUserTO(userPatch.getKey()); Set<String> dynRealmsBefore = new HashSet<>(userTO.getDynRealms()); Pair<UserPatch, List<LogicActions>> before = beforeUpdate(userPatch, userTO.getRealm()); boolean authDynRealms = false; if (!self && before.getLeft().getRealm() != null && StringUtils.isNotBlank(before.getLeft().getRealm().getValue())) { Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE), before.getLeft().getRealm().getValue()); authDynRealms = securityChecks(effectiveRealms, before.getLeft().getRealm().getValue(), before.getLeft().getKey()); } Pair<UserPatch, List<PropagationStatus>> updated = provisioningManager.update(before.getLeft(), nullPriorityAsync); return afterUpdate( binder.returnUserTO(binder.getUserTO(updated.getLeft().getKey())), updated.getRight(), before.getRight(), authDynRealms, dynRealmsBefore); }
@PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')") @Override public ProvisioningResult<GroupTO> update(final GroupPatch groupPatch, final boolean nullPriorityAsync) { GroupTO groupTO = binder.getGroupTO(groupPatch.getKey()); Set<String> dynRealmsBefore = new HashSet<>(groupTO.getDynRealms()); Pair<GroupPatch, List<LogicActions>> before = beforeUpdate(groupPatch, groupTO.getRealm()); String realm = before.getLeft().getRealm() != null && StringUtils.isNotBlank(before.getLeft().getRealm().getValue()) ? before.getLeft().getRealm().getValue() : groupTO.getRealm(); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_UPDATE), realm); boolean authDynRealms = securityChecks(effectiveRealms, realm, before.getLeft().getKey()); Pair<GroupPatch, List<PropagationStatus>> updated = provisioningManager.update(groupPatch, nullPriorityAsync); return afterUpdate( binder.getGroupTO(updated.getLeft().getKey()), updated.getRight(), before.getRight(), authDynRealms, dynRealmsBefore); }
@Override public ProvisioningResult<AnyObjectTO> update( final AnyObjectPatch anyObjectPatch, final boolean nullPriorityAsync) { AnyObjectTO anyObjectTO = binder.getAnyObjectTO(anyObjectPatch.getKey()); Set<String> dynRealmsBefore = new HashSet<>(anyObjectTO.getDynRealms()); Pair<AnyObjectPatch, List<LogicActions>> before = beforeUpdate(anyObjectPatch, anyObjectTO.getRealm()); String realm = before.getLeft().getRealm() != null && StringUtils.isNotBlank(before.getLeft().getRealm().getValue()) ? before.getLeft().getRealm().getValue() : anyObjectTO.getRealm(); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(AnyEntitlement.UPDATE.getFor(anyObjectTO.getType())), realm); boolean authDynRealms = securityChecks(effectiveRealms, realm, before.getLeft().getKey()); Pair<AnyObjectPatch, List<PropagationStatus>> updated = provisioningManager.update(anyObjectPatch, nullPriorityAsync); return afterUpdate( binder.getAnyObjectTO(updated.getLeft().getKey()), updated.getRight(), before.getRight(), authDynRealms, dynRealmsBefore); }
public static GroupTO patch(final GroupTO groupTO, final GroupPatch groupPatch) { GroupTO result = SerializationUtils.clone(groupTO); patch(groupTO, groupPatch, result); if (groupPatch.getName() != null) { result.setName(groupPatch.getName().getValue()); } if (groupPatch.getUserOwner() != null) { result.setGroupOwner(groupPatch.getUserOwner().getValue()); } if (groupPatch.getGroupOwner() != null) { result.setGroupOwner(groupPatch.getGroupOwner().getValue()); } result.setUDynMembershipCond(groupPatch.getUDynMembershipCond()); result.getADynMembershipConds().clear(); result.getADynMembershipConds().putAll(groupPatch.getADynMembershipConds()); return result; }
result.setName(anyObjectPatch.getName().getValue());
result.setRealm(patch.getRealm().getValue());
if (groupPatch.getName() != null && StringUtils.isNotBlank(groupPatch.getName().getValue())) { propByRes.addAll(ResourceOperation.UPDATE, groupDAO.findAllResourceKeys(group.getKey())); group.setName(groupPatch.getName().getValue()); group.setUserOwner(groupPatch.getUserOwner().getValue() == null ? null : userDAO.find(groupPatch.getUserOwner().getValue())); group.setGroupOwner(groupPatch.getGroupOwner().getValue() == null ? null : groupDAO.find(groupPatch.getGroupOwner().getValue()));
result.setUsername(userPatch.getUsername().getValue());
if (userPatch.getUsername() != null && StringUtils.isNotBlank(userPatch.getUsername().getValue())) { String oldUsername = user.getUsername(); user.setUsername(userPatch.getUsername().getValue()); AuthContextUtils.updateUsername(userPatch.getUsername().getValue()); accessToken.setOwner(userPatch.getUsername().getValue()); accessTokenDAO.save(accessToken); if (userPatch.getSecurityQuestion().getValue() == null) { user.setSecurityQuestion(null); user.setSecurityAnswer(null); } else { SecurityQuestion securityQuestion = securityQuestionDAO.find(userPatch.getSecurityQuestion().getValue()); if (securityQuestion != null) { user.setSecurityQuestion(securityQuestion); user.setSecurityAnswer(userPatch.getSecurityAnswer().getValue());