private boolean runQuery(HttpServletResponse response, String sessionID) { boolean returnValue = false; log.debug("Calling ValidateSession query"); VdcQueryReturnValue queryReturnValue = backend.runInternalQuery( VdcQueryType.ValidateSession, new VdcQueryParametersBase(sessionID)); if (queryReturnValue != null) { returnValue = queryReturnValue.getSucceeded(); if (returnValue) { DbUser user = queryReturnValue.getReturnValue(); // We get the user name only in case the validation succeeded, and the user is an // administrator if (user.isAdmin()) { log.debug("Getting user name"); printUPNToResponse(response, getUPN(user)); } else { log.error("User '{}' is not authorized to perform operation", user.getLoginName()); returnValue = false; } } } else { log.error("Got NULL from backend.RunQuery"); } return returnValue; }
public static List<DbUser> sync(List<DbUser> dbUsers) { List<DbUser> usersToUpdate = new ArrayList<>(); Map<String, Map<String, Set<String>>> authzToNamespaceToUserIds = new HashMap<>(); Map<String, List<DbUser>> dbUsersPerAuthz = new HashMap<>(); // Initialize the entries based on authz in the map for (DbUser dbUser : dbUsers) { MultiValueMapUtils.addToMap(dbUser.getDomain(), dbUser, dbUsersPerAuthz); if (!authzToNamespaceToUserIds.containsKey(dbUser.getDomain())) { authzToNamespaceToUserIds.put(dbUser.getDomain(), new HashMap<String, Set<String>>()); } MultiValueMapUtils.addToMapOfSets( dbUser.getNamespace(), dbUser.getExternalId(), authzToNamespaceToUserIds.get(dbUser.getDomain())); } for (Entry<String, Map<String, Set<String>>> entry : authzToNamespaceToUserIds.entrySet()) { Map<String, DbUser> activeUsers = new HashMap<>(); String authz = entry.getKey(); try { ExtensionProxy authzExtension = EngineExtensionsManager.getInstance().getExtensionByName(authz); for (Entry<String, Set<String>> userIdsPerNamespace : entry.getValue().entrySet()) { for (ExtMap principal : AuthzUtils.fetchPrincipalsByIdsRecursively( authzExtension, userIdsPerNamespace.getKey(), userIdsPerNamespace.getValue())) { DirectoryUtils.flatGroups(principal); DbUser dbUser = DirectoryUtils.mapPrincipalRecordToDbUser(authz, principal); dbUser.setGroupIds(DirectoryUtils.getGroupIdsFromPrincipal(authz, principal)); activeUsers.put(dbUser.getExternalId(), dbUser); } } for (DbUser dbUser : dbUsersPerAuthz.get(authz)) { DbUser activeUser = activeUsers.get(dbUser.getExternalId()); if (activeUser != null) { if (!activeUser.equals(dbUser)) { activeUser.setId(dbUser.getId()); activeUser.setAdmin(dbUser.isAdmin()); log.infoFormat( "Principal {0}::{1} synchronized", activeUser.getLoginName(), activeUser.getDomain()); usersToUpdate.add(activeUser); } } else { log.infoFormat( "Deactivating non existing principal {0}::{1}", dbUser.getLoginName(), dbUser.getDomain()); dbUser.setActive(false); usersToUpdate.add(dbUser); } } } catch (Exception ex) { log.errorFormat( "Error during user synchronization of extension {0}. Exception message is {1}", authz, ex.getMessage()); log.debug("", ex); } } return usersToUpdate; }