@Override
public List<User> getAdmins(PerunSession sess, Group group) throws InternalErrorException {
try {
Set<User> setOfAdmins = new HashSet<User>();
// direct admins
setOfAdmins.addAll(
jdbc.query(
"select "
+ UsersManagerImpl.userMappingSelectQuery
+ " from authz join users on authz.user_id=users.id "
+ "where authz.group_id=? and authz.role_id=(select id from roles where name='groupadmin')",
UsersManagerImpl.USER_MAPPER,
group.getId()));
// admins through a group
List<Group> listOfGroupAdmins = getGroupAdmins(sess, group);
for (Group authorizedGroup : listOfGroupAdmins) {
setOfAdmins.addAll(
jdbc.query(
"select "
+ UsersManagerImpl.userMappingSelectQuery
+ " from users join members on users.id=members.user_id "
+ "join groups_members on groups_members.member_id=members.id where groups_members.group_id=?",
UsersManagerImpl.USER_MAPPER,
authorizedGroup.getId()));
}
return new ArrayList(setOfAdmins);
} catch (EmptyResultDataAccessException e) {
return new ArrayList<User>();
} catch (RuntimeException e) {
throw new InternalErrorException(e);
}
}
/**
* Retrieves whole application object from DB (authz in parent methods)
*
* @param sess PerunSession for Authz and to resolve User
* @param vo VO to get application for
* @param group Group
* @return application object / null if not exists
*/
private Application getLatestApplication(
PerunSession sess, Vo vo, Group group, Application.AppType type) {
try {
if (sess.getPerunPrincipal().getUser() != null) {
if (group != null) {
return jdbc.queryForObject(
RegistrarManagerImpl.APP_SELECT
+ " where a.id=(select max(id) from application where vo_id=? and group_id=? and apptype=? and user_id=? )",
RegistrarManagerImpl.APP_MAPPER,
vo.getId(),
group.getId(),
String.valueOf(type),
sess.getPerunPrincipal().getUserId());
} else {
return jdbc.queryForObject(
RegistrarManagerImpl.APP_SELECT
+ " where a.id=(select max(id) from application where vo_id=? and apptype=? and user_id=? )",
RegistrarManagerImpl.APP_MAPPER,
vo.getId(),
String.valueOf(type),
sess.getPerunPrincipal().getUserId());
}
} else {
if (group != null) {
return jdbc.queryForObject(
RegistrarManagerImpl.APP_SELECT
+ " where a.id=(select max(id) from application where vo_id=? and group_id=? and apptype=? and created_by=? and extsourcename=? )",
RegistrarManagerImpl.APP_MAPPER,
vo.getId(),
group.getId(),
String.valueOf(type),
sess.getPerunPrincipal().getActor(),
sess.getPerunPrincipal().getExtSourceName());
} else {
return jdbc.queryForObject(
RegistrarManagerImpl.APP_SELECT
+ " where a.id=(select max(id) from application where vo_id=? and apptype=? and created_by=? and extsourcename=? )",
RegistrarManagerImpl.APP_MAPPER,
vo.getId(),
String.valueOf(type),
sess.getPerunPrincipal().getActor(),
sess.getPerunPrincipal().getExtSourceName());
}
}
} catch (EmptyResultDataAccessException ex) {
return null;
}
}
public Group updateGroupName(PerunSession sess, Group group) throws InternalErrorException {
Utils.notNull(group.getName(), "group.getName()");
// Get the group stored in the DB
Group dbGroup;
try {
dbGroup = this.getGroupById(sess, group.getId());
} catch (GroupNotExistsException e) {
throw new InternalErrorException("Group existence was checked at the higher level", e);
}
if (!dbGroup.getName().equals(group.getName())) {
dbGroup.setName(group.getName());
try {
jdbc.update(
"update groups set name=?,modified_by=?, modified_by_uid=?, modified_at="
+ Compatibility.getSysdate()
+ " where id=?",
dbGroup.getName(),
sess.getPerunPrincipal().getActor(),
sess.getPerunPrincipal().getUserId(),
dbGroup.getId());
} catch (RuntimeException e) {
throw new InternalErrorException(e);
}
}
return dbGroup;
}
/*
* Create a subgroup
*
* @see cz.metacentrum.perun.core.implApi.GroupsManagerImplApi#createGroup(cz.metacentrum.perun.core.api.PerunSession, cz.metacentrum.perun.core.api.Vo, cz.metacentrum.perun.core.api.Group, cz.metacentrum.perun.core.api.Group)
*/
public Group createGroup(PerunSession sess, Vo vo, Group parentGroup, Group group)
throws GroupExistsException, InternalErrorException {
// Create new subGroup
group.setParentGroupId(parentGroup.getId());
group.setName(parentGroup.getName() + ":" + group.getShortName());
group = createGroup(sess, vo, group);
return group;
}
public Member addMember(
PerunSession sess, Group group, Member member, MembershipType type, int sourceGroupId)
throws InternalErrorException, AlreadyMemberException, WrongAttributeValueException,
WrongReferenceAttributeValueException {
// TODO already member exception
member.setMembershipType(type);
try {
jdbc.update(
"insert into groups_members (group_id, member_id, created_by, created_at, modified_by, modified_at, created_by_uid, modified_by_uid, membership_type, source_group_id) "
+ "values (?,?,?,"
+ Compatibility.getSysdate()
+ ",?,"
+ Compatibility.getSysdate()
+ ",?,?,?,?)",
group.getId(),
member.getId(),
sess.getPerunPrincipal().getActor(),
sess.getPerunPrincipal().getActor(),
sess.getPerunPrincipal().getUserId(),
sess.getPerunPrincipal().getUserId(),
type.getCode(),
sourceGroupId);
} catch (RuntimeException ex) {
throw new InternalErrorException(ex);
}
return member;
}
public int getVoId(PerunSession sess, Group group) throws InternalErrorException {
try {
return jdbc.queryForInt("select vo_id from groups where id=?", group.getId());
} catch (RuntimeException e) {
throw new InternalErrorException(e);
}
}
public int getSubGroupsCount(PerunSession sess, Group parentGroup) throws InternalErrorException {
try {
return jdbc.queryForInt(
"select count(1) from groups where parent_group_id=?", parentGroup.getId());
} catch (RuntimeException ex) {
throw new InternalErrorException(ex);
}
}
public void removeGroup(Group group) throws InternalErrorException {
List<String> uniqueUsersIds = new ArrayList<String>();
uniqueUsersIds = this.getAllUniqueMembersInGroup(group.getId(), group.getVoId());
for (String s : uniqueUsersIds) {
Attribute memberOf =
new BasicAttribute(
"memberOf",
"perunGroupId="
+ group.getId()
+ ",perunVoId="
+ group.getVoId()
+ ","
+ ldapProperties.getLdapBase());
ModificationItem memberOfItem = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, memberOf);
this.updateUserWithUserId(s, new ModificationItem[] {memberOfItem});
}
try {
ldapTemplate.unbind(
getGroupDN(String.valueOf(group.getVoId()), String.valueOf(group.getId())));
log.debug(
"Entry deleted from LDAP: Group {} from Vo with ID=" + group.getVoId() + ".", group);
} catch (NameNotFoundException e) {
throw new InternalErrorException(e);
}
}
public void deleteGroup(PerunSession sess, Vo vo, Group group)
throws InternalErrorException, GroupAlreadyRemovedException {
Utils.notNull(group.getName(), "group.getName()");
try {
// Delete group's members
jdbc.update("delete from groups_members where source_group_id=?", group.getId());
// Delete authz entries for this group
AuthzResolverBlImpl.removeAllAuthzForGroup(sess, group);
int rowAffected = jdbc.update("delete from groups where id=?", group.getId());
if (rowAffected == 0)
throw new GroupAlreadyRemovedException("Group: " + group + " , Vo: " + vo);
} catch (RuntimeException err) {
throw new InternalErrorException(err);
}
}
public boolean isAlreadyMember(Member member, Group group) {
Object o =
ldapTemplate.lookup(
getUserDN(String.valueOf(member.getUserId())), new UserMemberOfContextMapper());
String[] memberOfInformation = (String[]) o;
if (memberOfInformation != null) {
for (String s : memberOfInformation) {
if (s.equals(
"perunGroupId="
+ group.getId()
+ ",perunVoId="
+ group.getVoId()
+ ","
+ ldapProperties.getLdapBase())) return true;
}
}
return false;
}
public boolean groupExists(PerunSession sess, Group group) throws InternalErrorException {
try {
return 1 == jdbc.queryForInt("select 1 from groups where id=?", group.getId());
} catch (EmptyResultDataAccessException ex) {
return false;
} catch (RuntimeException ex) {
throw new InternalErrorException(ex);
}
}
public boolean isGroupMember(PerunSession sess, Group group, Member member)
throws InternalErrorException {
try {
return 1
<= jdbc.queryForInt(
"select count(1) from groups_members where group_id=? and member_id=?",
group.getId(),
member.getId());
} catch (RuntimeException e) {
throw new InternalErrorException(e);
}
}
public boolean isUserMemberOfGroup(PerunSession sess, User user, Group group)
throws InternalErrorException {
try {
return 1
<= jdbc.queryForInt(
"select count(1) from groups_members join members on members.id = member_id where members.user_id=? and groups_members.group_id=?",
user.getId(),
group.getId());
} catch (RuntimeException ex) {
throw new InternalErrorException(ex);
}
}
public void removeMemberFromGroup(Member member, Group group) throws InternalErrorException {
// Remove member from group
Attribute uniqueMember =
new BasicAttribute(
"uniqueMember",
"perunUserId=" + member.getUserId() + ",ou=People," + ldapProperties.getLdapBase());
ModificationItem uniqueMemberItem =
new ModificationItem(DirContext.REMOVE_ATTRIBUTE, uniqueMember);
this.updateGroup(group, new ModificationItem[] {uniqueMemberItem});
// Remove member from vo if this group is membersGroup
if (group.getName().equals(VosManager.MEMBERS_GROUP) && group.getParentGroupId() == null) {
// Remove info from vo
this.updateVo(group.getVoId(), new ModificationItem[] {uniqueMemberItem});
// Remove also information from user
Attribute memberOfPerunVo =
new BasicAttribute("memberOfPerunVo", String.valueOf(group.getVoId()));
ModificationItem memberOfPerunVoItem =
new ModificationItem(DirContext.REMOVE_ATTRIBUTE, memberOfPerunVo);
this.updateUserWithUserId(
String.valueOf(member.getUserId()), new ModificationItem[] {memberOfPerunVoItem});
}
// Remove group info from member
Attribute memberOf =
new BasicAttribute(
"memberOf",
"perunGroupId="
+ group.getId()
+ ",perunVoId="
+ group.getVoId()
+ ","
+ ldapProperties.getLdapBase());
ModificationItem memberOfItem = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, memberOf);
this.updateUserWithUserId(
String.valueOf(member.getUserId()), new ModificationItem[] {memberOfItem});
}
@Override
public List<Integer> getGroupApplicationIds(PerunSession sess, Group group) {
// get app ids for all applications
return jdbc.query(
"select id from application where group_id=?",
new RowMapper<Integer>() {
@Override
public Integer mapRow(ResultSet rs, int arg1) throws SQLException {
return rs.getInt("id");
}
},
group.getId());
}
private static Group createGroup(Map<String, String> beanAttr) {
if (beanAttr == null) return null;
Group group = new Group();
if (beanAttr.get("parentGroupId").equals("\\0")) group.setParentGroupId(null);
else group.setParentGroupId(Integer.valueOf(beanAttr.get("parentGroupId")));
group.setId(Integer.valueOf(beanAttr.get("id")).intValue());
group.setName(BeansUtils.eraseEscaping(beanAttr.get("name")));
group.setDescription(BeansUtils.eraseEscaping(beanAttr.get("description")));
group.setVoId(Integer.valueOf(beanAttr.get("voId")));
return group;
}
public Group getParentGroup(PerunSession sess, Group group)
throws InternalErrorException, ParentGroupNotExistsException {
try {
return jdbc.queryForObject(
"select " + groupMappingSelectQuery + " from groups where groups.id=?",
GROUP_MAPPER,
group.getParentGroupId());
} catch (EmptyResultDataAccessException e) {
throw new ParentGroupNotExistsException(e);
} catch (RuntimeException e) {
throw new InternalErrorException(e);
}
}
@Override
public List<Group> getGroupAdmins(PerunSession sess, Group group) throws InternalErrorException {
try {
return jdbc.query(
"select "
+ groupMappingSelectQuery
+ " from authz join groups on authz.authorized_group_id=groups.id "
+ "where authz.group_id=? and authz.role_id=(select id from roles where name='groupadmin')",
GROUP_MAPPER,
group.getId());
} catch (EmptyResultDataAccessException e) {
return new ArrayList<Group>();
} catch (RuntimeException e) {
throw new InternalErrorException(e);
}
}
@Override
public List<User> getDirectAdmins(PerunSession sess, Group group) throws InternalErrorException {
try {
return jdbc.query(
"select "
+ UsersManagerImpl.userMappingSelectQuery
+ " from authz join users on authz.user_id=users.id "
+ "where authz.group_id=? and authz.role_id=(select id from roles where name='groupadmin')",
UsersManagerImpl.USER_MAPPER,
group.getId());
} catch (EmptyResultDataAccessException e) {
return new ArrayList<User>();
} catch (RuntimeException e) {
throw new InternalErrorException(e);
}
}
public List<User> getGroupUsers(PerunSession sess, Group group) throws InternalErrorException {
try {
return jdbc.query(
"select "
+ UsersManagerImpl.userMappingSelectQuery
+ " from groups_members join members on members.id=member_id join "
+ "users on members.user_id=users.id where group_id=? order by "
+ Compatibility.orderByBinary("users.last_name")
+ ", "
+ Compatibility.orderByBinary("users.first_name"),
UsersManagerImpl.USER_MAPPER,
group.getId());
} catch (RuntimeException ex) {
throw new InternalErrorException(ex);
}
}
public List<Member> getGroupMembers(PerunSession sess, Group group)
throws InternalErrorException {
try {
return jdbc.query(
"select "
+ MembersManagerImpl.memberMappingSelectQuery
+ ", groups_members.membership_type as membership_type from groups_members join members on members.id=groups_members.member_id "
+ " where groups_members.group_id=?",
MembersManagerImpl.MEMBER_MAPPER,
group.getId());
} catch (EmptyResultDataAccessException e) {
return new ArrayList<Member>();
} catch (RuntimeException e) {
throw new InternalErrorException(e);
}
}
public boolean isDirectGroupMember(PerunSession sess, Group group, Member member)
throws InternalErrorException {
try {
int count =
jdbc.queryForInt(
"select count(1) from groups_members where group_id=? and member_id=? and membership_type = ?",
group.getId(),
member.getId(),
MembershipType.DIRECT.getCode());
if (1 < count)
throw new ConsistencyErrorException(
"There is more than one direct member in group" + group);
return 1 == count;
} catch (RuntimeException e) {
throw new InternalErrorException(e);
}
}
public List<Group> getSubGroups(PerunSession sess, Group parentGroup)
throws InternalErrorException {
try {
return jdbc.query(
"select "
+ groupMappingSelectQuery
+ " from groups where groups.parent_group_id=? "
+ "order by "
+ Compatibility.orderByBinary("groups.name" + Compatibility.castToVarchar()),
GROUP_MAPPER,
parentGroup.getId());
} catch (EmptyResultDataAccessException e) {
return new ArrayList<Group>();
} catch (RuntimeException ex) {
throw new InternalErrorException(ex);
}
}
public List<Member> getGroupMembers(
PerunSession sess,
Group group,
List<Status> statuses,
boolean excludeStatusInsteadOfIncludeStatus)
throws InternalErrorException {
try {
MapSqlParameterSource parameters = new MapSqlParameterSource();
List<Integer> statusesCodes = new ArrayList<Integer>();
for (Status status : statuses) {
statusesCodes.add(status.getCode());
}
parameters.addValue("statuses", statusesCodes);
parameters.addValue("group_id", group.getId());
if (excludeStatusInsteadOfIncludeStatus) {
// Exclude members with one of the status
return this.namedParameterJdbcTemplate.query(
"select "
+ MembersManagerImpl.memberMappingSelectQuery
+ ", groups_members.membership_type as membership_type from groups_members join members on members.id=groups_members.member_id "
+ " where groups_members.group_id=:group_id and members.status"
+ Compatibility.castToInteger()
+ " not in (:statuses)",
parameters,
MembersManagerImpl.MEMBER_MAPPER);
} else {
// Include members with one of the status
return this.namedParameterJdbcTemplate.query(
"select "
+ MembersManagerImpl.memberMappingSelectQuery
+ ", groups_members.membership_type as membership_type from groups_members join members on members.id=groups_members.member_id "
+ " where groups_members.group_id=:group_id and members.status"
+ Compatibility.castToInteger()
+ " in (:statuses)",
parameters,
MembersManagerImpl.MEMBER_MAPPER);
}
} catch (EmptyResultDataAccessException e) {
return new ArrayList<Member>();
} catch (RuntimeException e) {
throw new InternalErrorException(e);
}
}
public void removeMember(PerunSession sess, Group group, Member member)
throws InternalErrorException, NotGroupMemberException {
int ret;
try {
ret =
jdbc.update(
"delete from groups_members where source_group_id=? and member_id=?",
group.getId(),
member.getId());
} catch (RuntimeException ex) {
throw new InternalErrorException(ex);
}
if (ret == 0) {
throw new NotGroupMemberException(member);
} else if (ret >= 1) {
return;
} else {
throw new ConsistencyErrorException(
member + " and " + group + " have " + ret + " rows in groups_members table");
}
}
public void updateGroup(Group group, ModificationItem[] modificationItems) {
ldapTemplate.modifyAttributes(
getGroupDN(String.valueOf(group.getVoId()), String.valueOf(group.getId())),
modificationItems);
log.debug("Entry modified in LDAP: Group {}.", group);
}
public Group createGroup(PerunSession sess, Vo vo, Group group)
throws GroupExistsException, InternalErrorException {
Utils.notNull(group, "group");
Utils.notNull(group.getName(), "group.getName()");
// Check if the group already exists
if (group.getParentGroupId() == null) {
if (1
== jdbc.queryForInt(
"select count('x') from groups where lower(name)=lower(?) and vo_id=? and parent_group_id IS NULL",
group.getName(),
vo.getId())) {
throw new GroupExistsException(
"Group ["
+ group.getName()
+ "] already exists under VO ["
+ vo.getShortName()
+ "] and has parent Group with id is [NULL]");
}
} else {
if (1
== jdbc.queryForInt(
"select count('x') from groups where lower(name)=lower(?) and vo_id=? and parent_group_id=?",
group.getName(),
vo.getId(),
group.getParentGroupId())) {
throw new GroupExistsException(
"Group ["
+ group.getName()
+ "] already exists under VO ["
+ vo.getShortName()
+ "] and has parent Group with id ["
+ group.getParentGroupId()
+ "]");
}
}
// Check the group name, it can contain only a-Z0-9_- and space
if (!group.getShortName().matches("^[- a-zA-Z.0-9_]+$")) {
throw new InternalErrorException(
new IllegalArgumentException(
"Wrong group name, group name can contain only a-Z0-9.-_: and space characters. "
+ group));
}
try {
// Store the group into the DB
int newId = Utils.getNewId(jdbc, "groups_id_seq");
jdbc.update(
"insert into groups (id, parent_group_id, name, dsc, vo_id, created_by,created_at,modified_by,modified_at,created_by_uid,modified_by_uid) "
+ "values (?,?,?,?,?,?,"
+ Compatibility.getSysdate()
+ ",?,"
+ Compatibility.getSysdate()
+ ",?,?)",
newId,
group.getParentGroupId(),
group.getName(),
group.getDescription(),
vo.getId(),
sess.getPerunPrincipal().getActor(),
sess.getPerunPrincipal().getActor(),
sess.getPerunPrincipal().getUserId(),
sess.getPerunPrincipal().getUserId());
group.setId(newId);
group.setVoId(vo.getId());
return group;
} catch (RuntimeException err) {
throw new InternalErrorException(err);
}
}
public Group mapRow(ResultSet rs, int i) throws SQLException {
Group g = new Group();
g.setId(rs.getInt("groups_id"));
// ParentGroup with ID=0 is not supported
if (rs.getInt("groups_parent_group_id") != 0)
g.setParentGroupId(rs.getInt("groups_parent_group_id"));
else g.setParentGroupId(null);
g.setName(rs.getString("groups_name"));
g.setShortName(g.getName().substring(g.getName().lastIndexOf(":") + 1));
g.setDescription(rs.getString("groups_dsc"));
g.setVoId(rs.getInt("groups_vo_id"));
g.setCreatedAt(rs.getString("groups_created_at"));
g.setCreatedBy(rs.getString("groups_created_by"));
g.setModifiedAt(rs.getString("groups_modified_at"));
g.setModifiedBy(rs.getString("groups_modified_by"));
if (rs.getInt("groups_modified_by_uid") == 0) g.setModifiedByUid(null);
else g.setModifiedByUid(rs.getInt("groups_modified_by_uid"));
if (rs.getInt("groups_created_by_uid") == 0) g.setCreatedByUid(null);
else g.setCreatedByUid(rs.getInt("groups_created_by_uid"));
return g;
}
public void addGroup(Group group) throws InternalErrorException {
// Create a set of attributes
Attributes attributes = new BasicAttributes();
// Create the objectclass to add
Attribute objClasses = new BasicAttribute("objectClass");
objClasses.add("top");
objClasses.add("perunGroup");
// Add attributes
attributes.put(objClasses);
attributes.put("cn", group.getName());
attributes.put("perunGroupId", String.valueOf(group.getId()));
attributes.put(
"perunUniqueGroupName",
new String(this.getVoShortName(group.getVoId()) + ":" + group.getName()));
attributes.put("perunVoId", String.valueOf(group.getVoId()));
if (group.getDescription() != null && !group.getDescription().isEmpty())
attributes.put("description", group.getDescription());
if (group.getParentGroupId() != null) {
attributes.put(
"perunParentGroup",
"perunGroupId="
+ group.getParentGroupId().toString()
+ ",perunVoId="
+ group.getVoId()
+ ","
+ ldapProperties.getLdapBase());
attributes.put("perunParentGroupId", group.getParentGroupId().toString());
}
// Create the entry
try {
ldapTemplate.bind(
getGroupDN(String.valueOf(group.getVoId()), String.valueOf(group.getId())),
null,
attributes);
log.debug(
"New entry created in LDAP: Group {} in Vo with Id=" + group.getVoId() + ".", group);
} catch (NameNotFoundException e) {
throw new InternalErrorException(e);
}
}