/**
* Checks if user role matches provided groups distinguished name.
*
* @param context
* @param groupDn
* @return true if managed user role is same as groupDn
*/
protected boolean checkRole(User user, String groupDn) {
boolean isSelf = false;
Groups groups = user.getGroups();
for (Group group : groups.values()) {
String dn = Val.chkStr(group.getDistinguishedName());
if (dn.equals(groupDn)) {
isSelf = true;
break;
}
}
return isSelf;
}
private void executeModifyGroupAttribute(
HttpServletRequest request,
HttpServletResponse response,
RequestContext context,
boolean isAddAttributeRequest)
throws IdentityException, IOException, NamingException, SQLException,
CredentialPolicyException {
String mimeType = "application/json";
String filter = Val.chkStr(request.getParameter("q"));
String attributeName = Val.chkStr(request.getParameter("an"));
String attributeValue = Val.chkStr(request.getParameter("av"));
if (filter.length() == 0) {
response.getWriter().write("{ \"response\" : \"noResults\" }");
return;
}
IdentityAdapter idAdapter = context.newIdentityAdapter();
/*User selectableUser = new User();
selectableUser.setDistinguishedName("*");
idAdapter.readUserGroups(selectableUser);
selectableGroups = selectableUser.getGroups();*/
Groups groups = idAdapter.readGroups(filter);
for (Group g : groups.values()) {
if (isAddAttributeRequest) {
try {
idAdapter.addAttribute(g.getDistinguishedName(), attributeName, attributeValue);
} catch (AttributeInUseException aiue) {
// TODO : do nothing if attribute exists ? or overwrite ?
}
} else {
idAdapter.removeAttribute(g.getDistinguishedName(), attributeName, attributeValue);
}
}
writeCharacterResponse(
response,
"{ \"response\" : \"Group attribute modification was successful.\" }",
"UTF-8",
mimeType + ";charset=UTF-8");
}
/**
* Serializes user information from ldap to json string.
*
* @param context request context
* @param user the user to be serialized
* @return the user profile information serialized as json string.
* @throws IdentityException if a system error occurs preventing the action
* @throws NamingException if an LDAP naming exception occurs
*/
protected String serializeUserAsJson(RequestContext context, User user)
throws IdentityException, NamingException {
String usersJson = "{ \"attributes\": [";
UserAttributeMap attributes = user.getProfile();
boolean first = true;
List<String> sortedKeys = new ArrayList<String>(attributes.keySet());
// Collections.sort(sortedKeys); TODO to sort or not ?
for (int i = 0; i < sortedKeys.size(); i++) {
UserAttribute attr = attributes.get(sortedKeys.get(i));
String key =
Val.chkStr(msgBroker.retrieveMessage("catalog.identity.profile.label." + attr.getKey()));
String value = "";
value = Val.chkStr(attr.getValue());
if (attr.getKey().equalsIgnoreCase("password")) continue;
if (!first) {
usersJson += ",";
} else {
first = false;
}
usersJson +=
" { \"key\" : \""
+ Val.escapeStrForJson(key)
+ "\" , \"value\" : \""
+ Val.escapeStrForJson(value)
+ "\" }";
}
usersJson += " ] , ";
usersJson += " \"userDn\" : \"" + user.getDistinguishedName() + " \" , ";
String groupsJson = " \"groups\" : [";
Groups groups = user.getGroups();
groups.sort();
boolean firstGroup = true;
for (Group group : groups.values()) {
String gkey = Val.chkStr(group.getKey());
String name = Val.chkStr(group.getName());
String dn = Val.chkStr(group.getDistinguishedName());
if (!firstGroup) {
groupsJson += ",";
} else {
firstGroup = false;
}
groupsJson +=
" { \"key\" : \""
+ Val.escapeStrForJson(gkey)
+ "\" , \"name\" : \""
+ Val.escapeStrForJson(name)
+ "\" , \"dn\" : \""
+ Val.escapeStrForJson(dn)
+ "\" }";
}
groupsJson += " ] , ";
String rolesJson = " \"selectableRoles\" : [";
Roles roles = buildSelectableRoles(context);
sortedKeys = new ArrayList<String>(roles.keySet());
Collections.sort(sortedKeys);
boolean firstRole = true;
for (int i = 0; i < sortedKeys.size(); i++) {
Role role = roles.get(sortedKeys.get(i));
String roleDn = Val.chkStr(role.getDistinguishedName());
String roleKey = Val.chkStr(role.getKey());
String roleName = msgBroker.retrieveMessage(Val.chkStr(role.getResKey()));
if (!role.isManage()) continue;
boolean hasRole = false;
for (Group group : groups.values()) {
String groupDn = Val.chkStr(group.getDistinguishedName());
if (roleDn.equals(groupDn)) {
hasRole = true;
break;
}
}
if (!firstRole) {
rolesJson += ",";
} else {
firstRole = false;
}
rolesJson +=
" { \"roleName\" : \""
+ Val.escapeStrForJson(roleName)
+ "\" , \"roleDn\" : \""
+ Val.escapeStrForJson(roleDn)
+ "\" , \"roleKey\" : \""
+ Val.escapeStrForJson(roleKey)
+ "\" , \"hasRole\" : \""
+ hasRole
+ "\" }";
}
rolesJson += " ] } ";
String json = usersJson + groupsJson + rolesJson;
return json;
}
