/** * Add attribute to ldap entry. * * @param request HTTP request. * @param response HTTP response. * @param context request context * @throws IdentityException if a system error occurs preventing the action * @throws IOException if error writing to the buffer * @throws NamingException if an LDAP naming exception occurs * @throws SQLException * @throws CredentialPolicyException */ private void executeModifyUserAttribute( HttpServletRequest request, HttpServletResponse response, RequestContext context, boolean isAddAttributeRequest) throws IdentityException, IOException, NamingException, SQLException, CredentialPolicyException { String mimeType = "application/json"; String filter = Val.chkStr(request.getParameter("q")); String attributeName = Val.chkStr(request.getParameter("an")); String attributeValue = Val.chkStr(request.getParameter("av")); if (filter.length() == 0) { response.getWriter().write("{ \"response\" : \"noResults\" }"); return; } IdentityAdapter idAdapter = context.newIdentityAdapter(); Users users = idAdapter.readUsers(filter, null); for (User u : users.values()) { if (isAddAttributeRequest) { try { idAdapter.addAttribute(u.getDistinguishedName(), attributeName, attributeValue); } catch (AttributeInUseException aiue) { // TODO : do nothing if attribute exists ? or overwrite ? } } else { idAdapter.removeAttribute(u.getDistinguishedName(), attributeName, attributeValue); } } writeCharacterResponse( response, "{ \"response\" : \"User attribute modification was successful.\" }", "UTF-8", mimeType + ";charset=UTF-8"); }
/** * Checks if managed user is active user. * * @param context * @param managedUserDn * @return true if managed user is same as active user */ protected boolean checkSelf(RequestContext context, String managedUserDn) { boolean isSelf = false; User user = context.getUser(); if (user.getDistinguishedName().equals(managedUserDn)) { isSelf = true; } return isSelf; }
/** * Constructs a administrator based upon the user associated with the current request context. * * @param context the current request context (contains the active user) * @throws NotAuthorizedException if the user does not have publishing rights */ protected void checkRole(RequestContext context) throws NotAuthorizedException { // initialize User user = context.getUser(); user.setKey(user.getKey()); user.setLocalID(user.getLocalID()); user.setDistinguishedName(user.getDistinguishedName()); user.setName(user.getName()); // establish credentials UsernamePasswordCredentials creds = new UsernamePasswordCredentials(); creds.setUsername(user.getName()); user.setCredentials(creds); user.setAuthenticationStatus(user.getAuthenticationStatus()); assertAdministratorRole(user); }
/** * Serializes user information from ldap to json string. * * @param context request context * @param user the user to be serialized * @return the user profile information serialized as json string. * @throws IdentityException if a system error occurs preventing the action * @throws NamingException if an LDAP naming exception occurs */ protected String serializeUserAsJson(RequestContext context, User user) throws IdentityException, NamingException { String usersJson = "{ \"attributes\": ["; UserAttributeMap attributes = user.getProfile(); boolean first = true; List<String> sortedKeys = new ArrayList<String>(attributes.keySet()); // Collections.sort(sortedKeys); TODO to sort or not ? for (int i = 0; i < sortedKeys.size(); i++) { UserAttribute attr = attributes.get(sortedKeys.get(i)); String key = Val.chkStr(msgBroker.retrieveMessage("catalog.identity.profile.label." + attr.getKey())); String value = ""; value = Val.chkStr(attr.getValue()); if (attr.getKey().equalsIgnoreCase("password")) continue; if (!first) { usersJson += ","; } else { first = false; } usersJson += " { \"key\" : \"" + Val.escapeStrForJson(key) + "\" , \"value\" : \"" + Val.escapeStrForJson(value) + "\" }"; } usersJson += " ] , "; usersJson += " \"userDn\" : \"" + user.getDistinguishedName() + " \" , "; String groupsJson = " \"groups\" : ["; Groups groups = user.getGroups(); groups.sort(); boolean firstGroup = true; for (Group group : groups.values()) { String gkey = Val.chkStr(group.getKey()); String name = Val.chkStr(group.getName()); String dn = Val.chkStr(group.getDistinguishedName()); if (!firstGroup) { groupsJson += ","; } else { firstGroup = false; } groupsJson += " { \"key\" : \"" + Val.escapeStrForJson(gkey) + "\" , \"name\" : \"" + Val.escapeStrForJson(name) + "\" , \"dn\" : \"" + Val.escapeStrForJson(dn) + "\" }"; } groupsJson += " ] , "; String rolesJson = " \"selectableRoles\" : ["; Roles roles = buildSelectableRoles(context); sortedKeys = new ArrayList<String>(roles.keySet()); Collections.sort(sortedKeys); boolean firstRole = true; for (int i = 0; i < sortedKeys.size(); i++) { Role role = roles.get(sortedKeys.get(i)); String roleDn = Val.chkStr(role.getDistinguishedName()); String roleKey = Val.chkStr(role.getKey()); String roleName = msgBroker.retrieveMessage(Val.chkStr(role.getResKey())); if (!role.isManage()) continue; boolean hasRole = false; for (Group group : groups.values()) { String groupDn = Val.chkStr(group.getDistinguishedName()); if (roleDn.equals(groupDn)) { hasRole = true; break; } } if (!firstRole) { rolesJson += ","; } else { firstRole = false; } rolesJson += " { \"roleName\" : \"" + Val.escapeStrForJson(roleName) + "\" , \"roleDn\" : \"" + Val.escapeStrForJson(roleDn) + "\" , \"roleKey\" : \"" + Val.escapeStrForJson(roleKey) + "\" , \"hasRole\" : \"" + hasRole + "\" }"; } rolesJson += " ] } "; String json = usersJson + groupsJson + rolesJson; return json; }