@Transactional private User getUser(LDAPUser user, boolean importPrivilegesFromLdap, String userName) { UserRepository userRepo = ApplicationContextHolder.get().getBean(UserRepository.class); User loadedUser = userRepo.findOneByUsername(userName); User toSave; if (loadedUser != null) { // If we don't import privileges from LDAP // Set the LDAP user profile to be the one set // in the local database. If not, the db profile // would be always reset by merge. if (!importPrivilegesFromLdap) { user.getUser().setProfile(loadedUser.getProfile()); } loadedUser.mergeUser(user.getUser(), false); if (Log.isDebugEnabled(Geonet.LDAP)) { Log.debug( Geonet.LDAP, " - Update LDAP user " + user.getUsername() + " (" + loadedUser.getId() + ") in local database."); } toSave = loadedUser; } else { if (Log.isDebugEnabled(Geonet.LDAP)) { Log.debug(Geonet.LDAP, " - Saving new LDAP user " + user.getUsername() + " to database."); } toSave = user.getUser(); } toSave.getSecurity().setAuthType(LDAPConstants.LDAP_FLAG); toSave = userRepo.save(toSave); user.setUser(toSave); return toSave; }
@Transactional private void setUserGroups(final User user, List<UserGroup> userGroups) throws Exception { UserGroupRepository userGroupRepo = ApplicationContextHolder.get().getBean(UserGroupRepository.class); ; Collection<UserGroup> all = userGroupRepo.findAll(UserGroupSpecs.hasUserId(user.getId())); if (Log.isTraceEnabled(Log.JEEVES)) { Log.trace(Log.JEEVES, "Current usergroups:" + UserGroupSpecs.hasUserId(user.getId())); Log.trace(Log.JEEVES, all.size()); for (UserGroup g : all) { Log.trace(Log.JEEVES, g); } } // Have a quick reference of existing groups and profiles for this user Set<String> listOfAddedProfiles = new HashSet<String>(); for (UserGroup ug : all) { String key = ug.getProfile().name() + ug.getGroup().getId(); if (!listOfAddedProfiles.contains(key)) { listOfAddedProfiles.add(key); } } // We start removing all old usergroup objects. We will remove the // explicitly defined for this call Collection<UserGroup> toRemove = new ArrayList<UserGroup>(); toRemove.addAll(all); // New pairs of group-profile we need to add Collection<UserGroup> toAdd = new ArrayList<UserGroup>(); // For each of the parameters on the request, make sure the group is // updated. for (UserGroup element : userGroups) { Group group = element.getGroup(); String profile = element.getProfile().name(); // The user has a new group and profile // Combine all groups editor and reviewer groups if (profile.equals(Profile.Reviewer.name())) { final UserGroup userGroup = new UserGroup().setGroup(group).setProfile(Profile.Editor).setUser(user); String key = Profile.Editor.toString() + group.getId(); if (!listOfAddedProfiles.contains(key)) { toAdd.add(userGroup); listOfAddedProfiles.add(key); } // If the user is already part of this group with this profile, // leave it alone: for (UserGroup g : all) { if (g.getGroup().getId() == group.getId() && g.getProfile().equals(Profile.Editor)) { toRemove.remove(g); } } } final UserGroup userGroup = new UserGroup() .setGroup(group) .setProfile(Profile.findProfileIgnoreCase(profile)) .setUser(user); String key = profile + group.getId(); if (!listOfAddedProfiles.contains(key)) { toAdd.add(userGroup); listOfAddedProfiles.add(key); } // If the user is already part of this group with this profile, // leave it alone: for (UserGroup g : all) { if (g.getGroup().getId() == group.getId() && g.getProfile().name().equalsIgnoreCase(profile)) { toRemove.remove(g); } } } // Remove deprecated usergroups (if any) userGroupRepo.delete(toRemove); entityManager.flush(); entityManager.clear(); // Add only new usergroups (if any) userGroupRepo.save(toAdd); entityManager.flush(); }