private String getUPN(DbUser user) {
String retVal = user.getLoginName();
if (!retVal.contains("@")) {
retVal = retVal + "@" + user.getDomain();
}
return retVal;
}
private boolean runQuery(HttpServletResponse response, String sessionID) {
boolean returnValue = false;
log.debug("Calling ValidateSession query");
VdcQueryReturnValue queryReturnValue =
backend.runInternalQuery(
VdcQueryType.ValidateSession, new VdcQueryParametersBase(sessionID));
if (queryReturnValue != null) {
returnValue = queryReturnValue.getSucceeded();
if (returnValue) {
DbUser user = queryReturnValue.getReturnValue();
// We get the user name only in case the validation succeeded, and the user is an
// administrator
if (user.isAdmin()) {
log.debug("Getting user name");
printUPNToResponse(response, getUPN(user));
} else {
log.error("User '{}' is not authorized to perform operation", user.getLoginName());
returnValue = false;
}
}
} else {
log.error("Got NULL from backend.RunQuery");
}
return returnValue;
}
String getConsoleUserName() {
DbUser user = getCurrentUser();
String domain = user.getDomain();
String name = user.getLoginName();
if (StringUtils.isEmpty(name)) {
return null;
}
if (name.contains("@") || StringUtils.isEmpty(domain)) {
return name;
}
return name + "@" + domain;
}
/**
* Send a previously generated ticket to the virtual machine. If sending the ticket fails the
* command will be marked as failed.
*/
private void sendTicket() {
// Send the ticket to the virtual machine:
final DbUser user = getCurrentUser();
final boolean sent =
runVdsCommand(
VDSCommandType.SetVmTicket,
new SetVmTicketVDSCommandParameters(
getVdsId(),
getVmId(),
ticket,
getParameters().getValidTime(),
user.getLoginName(),
user.getId(),
getParameters().getGraphicsType(),
getVm().getConsoleDisconnectAction()))
.getSucceeded();
// Return the ticket only if sending it to the virtual machine succeeded:
if (sent) {
setActionReturnValue(ticket);
}
setSucceeded(sent);
}
public static List<DbUser> sync(List<DbUser> dbUsers) {
List<DbUser> usersToUpdate = new ArrayList<>();
Map<String, Map<String, Set<String>>> authzToNamespaceToUserIds = new HashMap<>();
Map<String, List<DbUser>> dbUsersPerAuthz = new HashMap<>();
// Initialize the entries based on authz in the map
for (DbUser dbUser : dbUsers) {
MultiValueMapUtils.addToMap(dbUser.getDomain(), dbUser, dbUsersPerAuthz);
if (!authzToNamespaceToUserIds.containsKey(dbUser.getDomain())) {
authzToNamespaceToUserIds.put(dbUser.getDomain(), new HashMap<String, Set<String>>());
}
MultiValueMapUtils.addToMapOfSets(
dbUser.getNamespace(),
dbUser.getExternalId(),
authzToNamespaceToUserIds.get(dbUser.getDomain()));
}
for (Entry<String, Map<String, Set<String>>> entry : authzToNamespaceToUserIds.entrySet()) {
Map<String, DbUser> activeUsers = new HashMap<>();
String authz = entry.getKey();
try {
ExtensionProxy authzExtension =
EngineExtensionsManager.getInstance().getExtensionByName(authz);
for (Entry<String, Set<String>> userIdsPerNamespace : entry.getValue().entrySet()) {
for (ExtMap principal :
AuthzUtils.fetchPrincipalsByIdsRecursively(
authzExtension, userIdsPerNamespace.getKey(), userIdsPerNamespace.getValue())) {
DirectoryUtils.flatGroups(principal);
DbUser dbUser = DirectoryUtils.mapPrincipalRecordToDbUser(authz, principal);
dbUser.setGroupIds(DirectoryUtils.getGroupIdsFromPrincipal(authz, principal));
activeUsers.put(dbUser.getExternalId(), dbUser);
}
}
for (DbUser dbUser : dbUsersPerAuthz.get(authz)) {
DbUser activeUser = activeUsers.get(dbUser.getExternalId());
if (activeUser != null) {
if (!activeUser.equals(dbUser)) {
activeUser.setId(dbUser.getId());
activeUser.setAdmin(dbUser.isAdmin());
log.infoFormat(
"Principal {0}::{1} synchronized",
activeUser.getLoginName(), activeUser.getDomain());
usersToUpdate.add(activeUser);
}
} else {
log.infoFormat(
"Deactivating non existing principal {0}::{1}",
dbUser.getLoginName(), dbUser.getDomain());
dbUser.setActive(false);
usersToUpdate.add(dbUser);
}
}
} catch (Exception ex) {
log.errorFormat(
"Error during user synchronization of extension {0}. Exception message is {1}",
authz, ex.getMessage());
log.debug("", ex);
}
}
return usersToUpdate;
}
