/**
* Add attribute to ldap entry.
*
* @param request HTTP request.
* @param response HTTP response.
* @param context request context
* @throws IdentityException if a system error occurs preventing the action
* @throws IOException if error writing to the buffer
* @throws NamingException if an LDAP naming exception occurs
* @throws SQLException
* @throws CredentialPolicyException
*/
private void executeModifyUserAttribute(
HttpServletRequest request,
HttpServletResponse response,
RequestContext context,
boolean isAddAttributeRequest)
throws IdentityException, IOException, NamingException, SQLException,
CredentialPolicyException {
String mimeType = "application/json";
String filter = Val.chkStr(request.getParameter("q"));
String attributeName = Val.chkStr(request.getParameter("an"));
String attributeValue = Val.chkStr(request.getParameter("av"));
if (filter.length() == 0) {
response.getWriter().write("{ \"response\" : \"noResults\" }");
return;
}
IdentityAdapter idAdapter = context.newIdentityAdapter();
Users users = idAdapter.readUsers(filter, null);
for (User u : users.values()) {
if (isAddAttributeRequest) {
try {
idAdapter.addAttribute(u.getDistinguishedName(), attributeName, attributeValue);
} catch (AttributeInUseException aiue) {
// TODO : do nothing if attribute exists ? or overwrite ?
}
} else {
idAdapter.removeAttribute(u.getDistinguishedName(), attributeName, attributeValue);
}
}
writeCharacterResponse(
response,
"{ \"response\" : \"User attribute modification was successful.\" }",
"UTF-8",
mimeType + ";charset=UTF-8");
}
/**
* Checks if managed user is active user.
*
* @param context
* @param managedUserDn
* @return true if managed user is same as active user
*/
protected boolean checkSelf(RequestContext context, String managedUserDn) {
boolean isSelf = false;
User user = context.getUser();
if (user.getDistinguishedName().equals(managedUserDn)) {
isSelf = true;
}
return isSelf;
}
/**
* Constructs a administrator based upon the user associated with the current request context.
*
* @param context the current request context (contains the active user)
* @throws NotAuthorizedException if the user does not have publishing rights
*/
protected void checkRole(RequestContext context) throws NotAuthorizedException {
// initialize
User user = context.getUser();
user.setKey(user.getKey());
user.setLocalID(user.getLocalID());
user.setDistinguishedName(user.getDistinguishedName());
user.setName(user.getName());
// establish credentials
UsernamePasswordCredentials creds = new UsernamePasswordCredentials();
creds.setUsername(user.getName());
user.setCredentials(creds);
user.setAuthenticationStatus(user.getAuthenticationStatus());
assertAdministratorRole(user);
}
/**
* Serializes user information from ldap to json string.
*
* @param context request context
* @param user the user to be serialized
* @return the user profile information serialized as json string.
* @throws IdentityException if a system error occurs preventing the action
* @throws NamingException if an LDAP naming exception occurs
*/
protected String serializeUserAsJson(RequestContext context, User user)
throws IdentityException, NamingException {
String usersJson = "{ \"attributes\": [";
UserAttributeMap attributes = user.getProfile();
boolean first = true;
List<String> sortedKeys = new ArrayList<String>(attributes.keySet());
// Collections.sort(sortedKeys); TODO to sort or not ?
for (int i = 0; i < sortedKeys.size(); i++) {
UserAttribute attr = attributes.get(sortedKeys.get(i));
String key =
Val.chkStr(msgBroker.retrieveMessage("catalog.identity.profile.label." + attr.getKey()));
String value = "";
value = Val.chkStr(attr.getValue());
if (attr.getKey().equalsIgnoreCase("password")) continue;
if (!first) {
usersJson += ",";
} else {
first = false;
}
usersJson +=
" { \"key\" : \""
+ Val.escapeStrForJson(key)
+ "\" , \"value\" : \""
+ Val.escapeStrForJson(value)
+ "\" }";
}
usersJson += " ] , ";
usersJson += " \"userDn\" : \"" + user.getDistinguishedName() + " \" , ";
String groupsJson = " \"groups\" : [";
Groups groups = user.getGroups();
groups.sort();
boolean firstGroup = true;
for (Group group : groups.values()) {
String gkey = Val.chkStr(group.getKey());
String name = Val.chkStr(group.getName());
String dn = Val.chkStr(group.getDistinguishedName());
if (!firstGroup) {
groupsJson += ",";
} else {
firstGroup = false;
}
groupsJson +=
" { \"key\" : \""
+ Val.escapeStrForJson(gkey)
+ "\" , \"name\" : \""
+ Val.escapeStrForJson(name)
+ "\" , \"dn\" : \""
+ Val.escapeStrForJson(dn)
+ "\" }";
}
groupsJson += " ] , ";
String rolesJson = " \"selectableRoles\" : [";
Roles roles = buildSelectableRoles(context);
sortedKeys = new ArrayList<String>(roles.keySet());
Collections.sort(sortedKeys);
boolean firstRole = true;
for (int i = 0; i < sortedKeys.size(); i++) {
Role role = roles.get(sortedKeys.get(i));
String roleDn = Val.chkStr(role.getDistinguishedName());
String roleKey = Val.chkStr(role.getKey());
String roleName = msgBroker.retrieveMessage(Val.chkStr(role.getResKey()));
if (!role.isManage()) continue;
boolean hasRole = false;
for (Group group : groups.values()) {
String groupDn = Val.chkStr(group.getDistinguishedName());
if (roleDn.equals(groupDn)) {
hasRole = true;
break;
}
}
if (!firstRole) {
rolesJson += ",";
} else {
firstRole = false;
}
rolesJson +=
" { \"roleName\" : \""
+ Val.escapeStrForJson(roleName)
+ "\" , \"roleDn\" : \""
+ Val.escapeStrForJson(roleDn)
+ "\" , \"roleKey\" : \""
+ Val.escapeStrForJson(roleKey)
+ "\" , \"hasRole\" : \""
+ hasRole
+ "\" }";
}
rolesJson += " ] } ";
String json = usersJson + groupsJson + rolesJson;
return json;
}
