/** * Write user data */ private void writeUserData(final Writer writer, final UserOrg user) throws IOException { writer.write(user.getId()); writer.write(";"); writer.write(user.getFirstName()); writer.write(";"); writer.write(user.getLastName()); writer.write(";"); writer.write(user.getMails().isEmpty() ? "" : user.getMails().get(0)); }
/** * Indicate the two user details have attribute differences */ @SuppressWarnings("unchecked") private boolean hasAttributeChange(final UserOrgEditionVo importEntry, final UserOrg userOrg) { return userOrg == null || hasAttributeChange(importEntry, userOrg, SimpleUser::getFirstName, SimpleUser::getLastName, SimpleUser::getCompany, SimpleUser::getLocalId, SimpleUser::getDepartment) || !userOrg.getMails().contains(importEntry.getMail()); }
/** * Indicates the given user match to the given pattern. */ private boolean matchPattern(final UserOrg userLdap, final String criteria) { return StringUtils.containsIgnoreCase(userLdap.getFirstName(), criteria) || StringUtils.containsIgnoreCase(userLdap.getLastName(), criteria) || StringUtils.containsIgnoreCase(userLdap.getId(), criteria) || !userLdap.getMails().isEmpty() && StringUtils.containsIgnoreCase(userLdap.getMails().get(0), criteria); }
/** * Transform user to JPA. */ private CacheUser toCacheUserInternal(final UserOrg user) { final CacheUser entity = new CacheUser(); entity.setId(user.getId()); entity.setFirstName(user.getFirstName()); entity.setLastName(user.getLastName()); if (CollectionUtils.isNotEmpty(user.getMails())) { entity.setMails(user.getMails().get(0)); } return entity; }
/** * Create or get the application user matching to the given account. * * @param account * The account from the authentication. * @return A not <code>null</code> application user. */ protected String toApplicationUser(final UserOrg account) { // Find the user by the mail in the primary repository final List<UserOrg> usersByMail = userResource.findAllBy("mail", account.getMails().get(0)); if (usersByMail.isEmpty()) { // No more try, account can be created in the application repository // with a free login return newApplicationUser(account); } if (usersByMail.size() == 1) { // Everything is checked, account can be merged into the existing application user userResource.mergeUser(usersByMail.get(0), account); return usersByMail.get(0).getId(); } // Too many matching mail log.info("Account '{} [{} {}]' has too many mails ({}), expected one", account.getId(), account.getFirstName(), account.getLastName(), usersByMail.size()); throw new NotAuthorizedException("ambiguous-account-too-many-mails"); }
/** * Check the authentication, then create or get the application user matching to the given account. * * @param repository * Repository used to authenticate the user, and also to use to fetch the user attributes. * @param authentication * The current authentication. * @return A not <code>null</code> application user. */ protected String toApplicationUser(final UserLdapRepository repository, final Authentication authentication) { // Check the authentication final UserOrg account = repository.findOneBy(repository.getAuthenticateProperty(authentication.getName()), authentication.getName()); // Check at least one mail is present if (account.getMails().isEmpty()) { // Mails are required to proceed the authentication log.info("Account '{} [{} {}]' has no mail", account.getId(), account.getFirstName(), account.getLastName()); throw new NotAuthorizedException("ambiguous-account-no-mail"); } // Find the right application user return toApplicationUser(account); }
/** * Update the attributes the given user. Groups are not managed there. */ private void updateUser(final UserOrg oldUser, final UserOrg newUser, final boolean quiet) { log.info("{} already exists", newUser.getId()); // First update the DN newUser.setDn(getUser().toDn(newUser)); updateCompanyAsNeeded(oldUser, newUser); // Then, update the no secured attributes : first name, etc. final boolean hadNoMail = oldUser.getMails().isEmpty(); getUser().updateUser(newUser); // Then update the mail and/or password if (newUser.getMails().isEmpty()) { // No mail, no notification log.info("{} already exists, but has no mail", newUser.getId()); } else if (hadNoMail) { // Mail has been added, set a new password log.info("{} already exists, but a mail has been created", newUser.getId()); updatePassword(newUser, quiet); } else if (!oldUser.isSecured()) { // Override the password log.info("{} had no password, a mail will be sent", newUser.getId()); updatePassword(newUser, quiet); } }
protected void mapToContext(final UserOrg entry, final DirContextOperations context) { context.setAttributeValue("cn", entry.getFirstName() + " " + entry.getLastName()); context.setAttributeValue(SN_ATTRIBUTE, entry.getLastName()); context.setAttributeValue(GIVEN_NAME_ATTRIBUTE, entry.getFirstName()); context.setAttributeValue(uidAttribute, Normalizer.normalize(entry.getId())); context.setAttributeValues(MAIL_ATTRIBUTE, entry.getMails().toArray(), true); // Special and also optional attributes Optional.ofNullable(departmentAttribute).ifPresent(a -> context.setAttributeValue(a, entry.getDepartment())); Optional.ofNullable(localIdAttribute).ifPresent(a -> context.setAttributeValue(a, entry.getLocalId())); }
/** * Create the application user from the actual account. * * @param account * The account from the authentication. * @return The new application user. */ protected String newApplicationUser(final UserOrg account) { synchronized (USER_LOCK) { // Copy the data from the authenticated account to the application // account final UserOrgEditionVo userLdapEdition = new UserOrgEditionVo(); account.copy(userLdapEdition); userLdapEdition.setGroups(Collections.emptyList()); userLdapEdition.setMail(account.getMails().get(0)); // Assign a free login userLdapEdition.setName(nextFreeLogin(toLogin(account))); // This user can be created in the primary repository userResource.saveOrUpdate(userLdapEdition); return userLdapEdition.getId(); } }
editUser.setCompany(user.getCompany()); editUser.setLastName(user.getLastName()); editUser.setMail(user.getMails().stream().findFirst().orElse(null)); editUser.setDepartment(user.getDepartment()); editUser.setLocalId(user.getLocalId());
@Override public void updateUser(final UserOrg user) { final DirContextOperations context = template .lookupContext(org.springframework.ldap.support.LdapUtils.newLdapName(user.getDn())); mapToContext(user, context); template.modifyAttributes(context); // Also, update the cache final UserOrg userLdap = findById(user.getId()); user.copy((SimpleUser) userLdap); userLdap.setMails(user.getMails()); cacheRepository.update(user); }