private void setUpBackground()
      throws VoExistsException, InternalErrorException, GroupExistsException,
          AlreadyMemberException, WrongAttributeValueException, WrongAttributeAssignmentException,
          WrongReferenceAttributeValueException, NotMemberOfParentGroupException,
          AlreadyAdminException, AttributeNotExistsException {
    vo1 = perun.getVosManagerBl().createVo(session, new Vo(1, "vo1", "vo1"));

    group1 =
        perun.getGroupsManagerBl().createGroup(session, vo1, new Group("group1", "group1 in vo1"));
    group2 =
        perun
            .getGroupsManagerBl()
            .createGroup(session, group1, new Group("group2", "group2 is subgroup of group1"));

    member1 = perun.getMembersManagerBl().createMember(session, vo1, user1);

    perun.getGroupsManagerBl().addMember(session, group2, member1);
  }
Exemplo n.º 2
0
  /**
   * Creates ExtSource and UserExtSource if necessary for the purpose of joining users identities.
   *
   * @param user User to add UES to
   * @param actor Actor to add
   * @param extSourceName ExtSource name to add
   * @param extSourceType ExtSource type to add
   * @param loa loa in ext source
   * @throws PerunException when anything fails
   */
  private void createExtSourceAndUserExtSource(
      User user, String actor, String extSourceName, String extSourceType, int loa)
      throws PerunException {

    ExtSource extSource = new ExtSource(extSourceName, extSourceType);
    try {
      extSource =
          perun.getExtSourcesManagerBl().getExtSourceByName(registrarSession, extSourceName);
    } catch (ExtSourceNotExistsException ex) {
      extSource = perun.getExtSourcesManager().createExtSource(registrarSession, extSource, null);
    }

    UserExtSource ues = new UserExtSource();
    ues.setLogin(actor);
    ues.setLoa(loa);
    ues.setExtSource(extSource);

    perun.getUsersManager().addUserExtSource(registrarSession, user, ues);
  }
  private User setUpUser1()
      throws InternalErrorException, WrongAttributeAssignmentException,
          WrongAttributeValueException, WrongReferenceAttributeValueException {
    User user = new User();
    user.setFirstName("James");
    user.setMiddleName("");
    user.setLastName("Bond");
    user.setTitleBefore("");
    user.setTitleAfter("");

    return perun.getUsersManagerBl().createUser(session, user);
  }
 @Before
 public void setUpSession() throws Exception {
   session =
       perun.getPerunSession(
           new PerunPrincipal(
               "perunTests",
               ExtSourcesManager.EXTSOURCE_INTERNAL,
               ExtSourcesManager.EXTSOURCE_INTERNAL));
   user1 = setUpUser1();
   setUpBackground();
   session.getPerunPrincipal().setUser(user1);
 }
Exemplo n.º 5
0
  @Override
  public List<Identity> checkForSimilarUsers(
      PerunSession sess, List<ApplicationFormItemData> formItems) throws PerunException {

    if (sess.getPerunPrincipal().getUser() != null || formItems == null) {
      return new ArrayList<Identity>();
    }

    Set<RichUser> res = new HashSet<RichUser>();
    List<String> attrNames = new ArrayList<String>();
    attrNames.add("urn:perun:user:attribute-def:def:preferredMail");
    attrNames.add("urn:perun:user:attribute-def:def:organization");

    for (ApplicationFormItemData item : formItems) {

      String value = item.getValue();

      if (item.getFormItem().getType().equals(ApplicationFormItem.Type.VALIDATED_EMAIL)) {
        // search by email
        if (value != null && !value.isEmpty())
          res.addAll(
              perun
                  .getUsersManager()
                  .findRichUsersWithAttributesByExactMatch(registrarSession, value, attrNames));
      }
      if (Objects.equals(
          item.getFormItem().getPerunDestinationAttribute(),
          "urn:perun:user:attribute-def:core:displayName")) {
        // search by name
        if (value != null && !value.isEmpty())
          res.addAll(
              perun
                  .getUsersManager()
                  .findRichUsersWithAttributesByExactMatch(registrarSession, value, attrNames));
      }
    }

    return convertToIdentities(new ArrayList<RichUser>(res));
  }
Exemplo n.º 6
0
  public void removeAdmin(PerunSession sess, Vo vo, User user)
      throws InternalErrorException, PrivilegeException, VoNotExistsException,
          UserNotAdminException, UserNotExistsException {
    Utils.notNull(sess, "sess");
    vosManagerBl.checkVoExists(sess, vo);
    perunBl.getUsersManagerBl().checkUserExists(sess, user);

    // Authorization - Vo admin required
    if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, vo)) {
      throw new PrivilegeException(sess, "deleteAdmin");
    }

    vosManagerBl.removeAdmin(sess, vo, user);
  }
Exemplo n.º 7
0
  @Override
  public void addAdmin(PerunSession sess, Vo vo, Group group)
      throws InternalErrorException, PrivilegeException, AlreadyAdminException,
          VoNotExistsException, GroupNotExistsException {
    Utils.notNull(sess, "sess");
    vosManagerBl.checkVoExists(sess, vo);
    perunBl.getGroupsManagerBl().checkGroupExists(sess, group);

    // Authorization - Vo admin required
    if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, vo)) {
      throw new PrivilegeException(sess, "addAdmin");
    }

    vosManagerBl.addAdmin(sess, vo, group);
  }
Exemplo n.º 8
0
  protected void initialize() throws PerunException {

    // gets session for a system principal "perunRegistrar"
    final PerunPrincipal pp =
        new PerunPrincipal(
            "perunRegistrar",
            ExtSourcesManager.EXTSOURCE_NAME_INTERNAL,
            ExtSourcesManager.EXTSOURCE_INTERNAL);
    registrarSession = perun.getPerunSession(pp, new PerunClient());

    // cache expires after 5 minutes from creation
    requestCache =
        ExpiringMap.builder()
            .expiration(5, TimeUnit.MINUTES)
            .expirationPolicy(ExpiringMap.ExpirationPolicy.CREATED)
            .build();
  }
Exemplo n.º 9
0
  public List<String> pollConsumerFullMessages(String consumerName) throws InternalErrorException {

    return perunBl.getAuditer().pollConsumerFullMessages(consumerName);
  }
Exemplo n.º 10
0
  @Override
  public List<UserExtSource> consolidateIdentityUsingToken(PerunSession sess, String token)
      throws PerunException {

    Map<String, Object> originalIdentity = requestCache.get(token);

    if (originalIdentity == null) {
      throw new InvalidTokenException(
          "Your token for joining identities is no longer valid. Please retry from the start.");
    }

    User originalUser = (User) originalIdentity.get("user");
    User currentUser = sess.getPerunPrincipal().getUser();

    if (originalUser == null && currentUser == null) {
      IdentityUnknownException ex =
          new IdentityUnknownException(
              "Neither original or current identity is know to Perun. Please use at least one identity known to Perun.");
      ex.setLogin((String) originalIdentity.get("actor"));
      ex.setSource2((String) originalIdentity.get("extSourceName"));
      ex.setSourceType2((String) originalIdentity.get("extSourceType"));
      ex.setLogin2(sess.getPerunPrincipal().getActor());
      ex.setSource2(sess.getPerunPrincipal().getExtSourceName());
      ex.setSourceType2(sess.getPerunPrincipal().getExtSourceType());
      throw ex;
    }

    if (originalIdentity.get("extSourceName").equals(sess.getPerunPrincipal().getExtSourceName())
        && originalIdentity.get("actor").equals(sess.getPerunPrincipal().getActor())
        && originalIdentity
            .get("extSourceType")
            .equals(sess.getPerunPrincipal().getExtSourceType())) {
      IdentityIsSameException ex =
          new IdentityIsSameException(
              "You tried to join same identity with itself. Please try again but select different identity.");
      ex.setLogin(sess.getPerunPrincipal().getActor());
      ex.setSource(sess.getPerunPrincipal().getExtSourceName());
      ex.setSourceType(sess.getPerunPrincipal().getExtSourceType());
      throw ex;
    }

    if (originalUser != null && currentUser != null && originalUser.equals(currentUser)) {
      throw new IdentitiesAlreadyJoinedException("You already have both identities joined.");
    }

    if (originalUser != null && currentUser != null && !originalUser.equals(currentUser)) {
      throw new IdentityAlreadyInUseException(
          "Your identity is already associated with a different user. If you are really the same person, please contact support to help you.",
          originalUser,
          currentUser);
    }

    // merge original identity into current user
    if (originalUser == null) {
      createExtSourceAndUserExtSource(
          currentUser,
          (String) originalIdentity.get("actor"),
          (String) originalIdentity.get("extSourceName"),
          (String) originalIdentity.get("extSourceType"),
          (Integer) originalIdentity.get("extSourceLoa"));
    }

    // merge current identity into original user
    if (currentUser == null) {
      createExtSourceAndUserExtSource(
          originalUser,
          sess.getPerunPrincipal().getActor(),
          sess.getPerunPrincipal().getExtSourceName(),
          sess.getPerunPrincipal().getExtSourceType(),
          sess.getPerunPrincipal().getExtSourceLoa());
    }

    AuthzResolverBlImpl.refreshSession(sess);

    requestCache.remove(token);

    return perun.getUsersManager().getUserExtSources(sess, sess.getPerunPrincipal().getUser());
  }
Exemplo n.º 11
0
  @Override
  public List<Identity> checkForSimilarUsers(PerunSession sess, int appId) throws PerunException {

    String email = "";
    String name = "";
    List<RichUser> result = new ArrayList<RichUser>();

    List<String> attrNames = new ArrayList<String>();
    attrNames.add("urn:perun:user:attribute-def:def:preferredMail");
    attrNames.add("urn:perun:user:attribute-def:def:organization");

    Application app = registrarManager.getApplicationById(registrarSession, appId);

    if (app.getGroup() == null) {
      if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, app.getVo())) {
        if (sess.getPerunPrincipal().getUser() != null) {
          // check if application to find similar users by belongs to user
          if (!sess.getPerunPrincipal().getUser().equals(app.getUser()))
            throw new PrivilegeException("checkForSimilarUsers");
        } else {
          if (!sess.getPerunPrincipal().getExtSourceName().equals(app.getExtSourceName())
              && !sess.getPerunPrincipal().getActor().equals(app.getCreatedBy()))
            throw new PrivilegeException("checkForSimilarUsers");
        }
      }
    } else {
      if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, app.getVo())
          && !AuthzResolver.isAuthorized(sess, Role.GROUPADMIN, app.getGroup())) {
        if (sess.getPerunPrincipal().getUser() != null) {
          // check if application to find similar users by belongs to user
          if (!sess.getPerunPrincipal().getUser().equals(app.getUser()))
            throw new PrivilegeException("checkForSimilarUsers");
        } else {
          if (!sess.getPerunPrincipal().getExtSourceName().equals(app.getExtSourceName())
              && !sess.getPerunPrincipal().getActor().equals(app.getCreatedBy()))
            throw new PrivilegeException("checkForSimilarUsers");
        }
      }
    }

    // only for initial VO applications if user==null
    if (app.getType().equals(Application.AppType.INITIAL)
        && app.getGroup() == null
        && app.getUser() == null) {

      try {
        User u =
            perun
                .getUsersManager()
                .getUserByExtSourceNameAndExtLogin(
                    registrarSession, app.getExtSourceName(), app.getCreatedBy());
        if (u != null) {
          // user connected his identity after app creation and before it's approval.
          // do not show error message in GUI by returning an empty array.
          return convertToIdentities(result);
        }
      } catch (Exception ex) {
        // we don't care, let's try to search by name
      }

      List<ApplicationFormItemData> data = registrarManager.getApplicationDataById(sess, appId);

      // search by email, which should be unique (check is more precise)
      for (ApplicationFormItemData item : data) {
        if ("urn:perun:user:attribute-def:def:preferredMail"
            .equals(item.getFormItem().getPerunDestinationAttribute())) {
          email = item.getValue();
        }
        if (email != null && !email.isEmpty()) break;
      }

      List<RichUser> users =
          (email != null && !email.isEmpty())
              ? perun
                  .getUsersManager()
                  .findRichUsersWithAttributesByExactMatch(registrarSession, email, attrNames)
              : new ArrayList<RichUser>();

      if (users != null && !users.isEmpty()) {
        // found by preferredMail
        return convertToIdentities(users);
      }

      // search by different mail

      email = ""; // clear previous value
      for (ApplicationFormItemData item : data) {
        if ("urn:perun:member:attribute-def:def:mail"
            .equals(item.getFormItem().getPerunDestinationAttribute())) {
          email = item.getValue();
        }
        if (email != null && !email.isEmpty()) break;
      }

      users =
          (email != null && !email.isEmpty())
              ? perun
                  .getUsersManager()
                  .findRichUsersWithAttributesByExactMatch(registrarSession, email, attrNames)
              : new ArrayList<RichUser>();
      if (users != null && !users.isEmpty()) {
        // found by member mail
        return convertToIdentities(users);
      }

      // continue to search by display name

      for (ApplicationFormItemData item : data) {
        if (RegistrarManagerImpl.URN_USER_DISPLAY_NAME.equals(
            item.getFormItem().getPerunDestinationAttribute())) {
          name = item.getValue();
          // use parsed name to drop mistakes on IDP side
          try {
            if (name != null && !name.isEmpty()) {
              Map<String, String> nameMap = Utils.parseCommonName(name);
              // drop name titles to spread search
              String newName = "";
              if (nameMap.get("firstName") != null && !nameMap.get("firstName").isEmpty()) {
                newName += nameMap.get("firstName") + " ";
              }
              if (nameMap.get("lastName") != null && !nameMap.get("lastName").isEmpty()) {
                newName += nameMap.get("lastName");
              }
              // fill parsed name instead of input
              if (newName != null && !newName.isEmpty()) {
                name = newName;
              }
            }
          } catch (Exception ex) {
            log.error(
                "[REGISTRAR] Unable to parse new user's display/common name when searching for similar users. Exception: {}",
                ex);
          }
          if (name != null && !name.isEmpty()) break;
        }
      }

      users =
          (name != null && !name.isEmpty())
              ? perun
                  .getUsersManager()
                  .findRichUsersWithAttributesByExactMatch(registrarSession, name, attrNames)
              : new ArrayList<RichUser>();
      if (users != null && !users.isEmpty()) {
        // found by member display name
        return convertToIdentities(users);
      }

      // continue to search by last name

      name = ""; // clear previous value
      for (ApplicationFormItemData item : data) {
        if (RegistrarManagerImpl.URN_USER_LAST_NAME.equals(
            item.getFormItem().getPerunDestinationAttribute())) {
          name = item.getValue();
          if (name != null && !name.isEmpty()) break;
        }
      }

      if (name != null && !name.isEmpty()) {
        // what was found by name
        return convertToIdentities(
            perun
                .getUsersManager()
                .findRichUsersWithAttributesByExactMatch(registrarSession, name, attrNames));
      } else {
        // not found by name
        return convertToIdentities(result);
      }

    } else {
      // not found, since not proper type of application to check users for
      return convertToIdentities(result);
    }
  }
Exemplo n.º 12
0
  @Override
  public List<Identity> checkForSimilarUsers(PerunSession sess) throws PerunException {

    // if user known, doesn't actually search and offer joining.
    if (sess.getPerunPrincipal().getUser() != null) {
      return new ArrayList<Identity>();
    }

    // if user known, doesn't actually search and offer joining.
    try {
      perun
          .getUsersManager()
          .getUserByExtSourceNameAndExtLogin(
              registrarSession,
              sess.getPerunPrincipal().getExtSourceName(),
              sess.getPerunPrincipal().getActor());
      return new ArrayList<Identity>();
    } catch (Exception ex) {
      // we don't care, that search failed. That is actually OK case.
    }

    String name = "";
    String mail = "";

    Set<RichUser> res = new HashSet<RichUser>();

    List<String> attrNames = new ArrayList<String>();
    attrNames.add("urn:perun:user:attribute-def:def:preferredMail");
    attrNames.add("urn:perun:user:attribute-def:def:organization");

    mail = sess.getPerunPrincipal().getAdditionalInformations().get("mail");

    if (mail != null) {
      if (mail.contains(";")) {
        String mailSearch[] = mail.split(";");
        for (String m : mailSearch) {
          if (m != null && !m.isEmpty())
            res.addAll(
                perun
                    .getUsersManager()
                    .findRichUsersWithAttributesByExactMatch(registrarSession, m, attrNames));
        }
      } else {
        res.addAll(
            perun
                .getUsersManager()
                .findRichUsersWithAttributesByExactMatch(registrarSession, mail, attrNames));
      }
    }

    // check by mail is more precise, so check by name only if nothing is found.
    if (res.isEmpty()) {

      name = sess.getPerunPrincipal().getAdditionalInformations().get("cn");

      if (name != null && !name.isEmpty())
        res.addAll(
            perun
                .getUsersManager()
                .findRichUsersWithAttributesByExactMatch(registrarSession, name, attrNames));

      name = sess.getPerunPrincipal().getAdditionalInformations().get("displayName");

      if (name != null && !name.isEmpty())
        res.addAll(
            perun
                .getUsersManager()
                .findRichUsersWithAttributesByExactMatch(registrarSession, name, attrNames));
    }

    return convertToIdentities(new ArrayList<RichUser>(res));
  }
Exemplo n.º 13
0
  public List<AuditMessage> getMessagesByCount(PerunSession perunSession, int count)
      throws InternalErrorException {

    return perunBl.getAuditer().getMessagesByCount(count);
  }
Exemplo n.º 14
0
  public List<AuditMessage> pollConsumerMessagesForParser(String consumerName)
      throws InternalErrorException {

    return perunBl.getAuditer().pollConsumerMessagesForParser(consumerName);
  }
Exemplo n.º 15
0
  public void setLastProcessedId(String consumerName, int lastProcessedId)
      throws InternalErrorException {

    perunBl.getAuditer().setLastProcessedId(consumerName, lastProcessedId);
  }
Exemplo n.º 16
0
  public int getLastMessageId() throws InternalErrorException {

    return perunBl.getAuditer().getLastMessageId();
  }
Exemplo n.º 17
0
  public Map<String, Integer> getAllAuditerConsumers(PerunSession perunSession)
      throws InternalErrorException {

    return perunBl.getAuditer().getAllAuditerConsumers(perunSession);
  }
Exemplo n.º 18
0
  public void log(PerunSession perunSession, String message) throws InternalErrorException {

    perunBl.getAuditer().log(perunSession, message);
  }
Exemplo n.º 19
0
  @Override
  public Set<Integer> send(List<PerunNotifMessageDto> dtosToSend) {

    Set<Integer> usedPoolIds = new HashSet<Integer>();
    List<PerunNotifEmailMessageToSendDto> messagesToSend =
        new ArrayList<PerunNotifEmailMessageToSendDto>();

    for (PerunNotifMessageDto messageDto : dtosToSend) {
      PoolMessage dto = messageDto.getPoolMessage();
      PerunNotifTemplate template = messageDto.getTemplate();
      PerunNotifReceiver receiver = messageDto.getReceiver();

      try {
        String groupSender = dto.getKeyAttributes().get(template.getSender());
        if (groupSender == null || groupSender.isEmpty()) {
          groupSender = template.getSender();
        }
        logger.debug("Calculated sender : {}", groupSender);

        Integer groupId = Integer.valueOf(receiver.getTarget());
        Group group = perun.getGroupsManagerBl().getGroupById(session, groupId);
        List<Member> groupMembers = perun.getGroupsManagerBl().getGroupMembers(session, group);
        if (groupMembers != null) {
          for (Member member : groupMembers) {
            try {
              PerunNotifEmailMessageToSendDto memberEmailDto =
                  new PerunNotifEmailMessageToSendDto();
              memberEmailDto.setMessage(messageDto.getMessageToSend());
              memberEmailDto.setSubject(messageDto.getSubject());
              memberEmailDto.setReceiver(
                  (String)
                      perun
                          .getAttributesManagerBl()
                          .getAttribute(
                              session,
                              perun.getUsersManager().getUserByMember(session, member),
                              "urn:perun:user:attribute-def:def:preferredMail")
                          .getValue());
              memberEmailDto.setSender(groupSender);

              messagesToSend.add(memberEmailDto);
            } catch (Exception ex) {
              logger.error(
                  "PreferredEmail cannot be retrieved, userId: {}", member.getUserId(), ex);
            }
          }
        }
        usedPoolIds.addAll(messageDto.getUsedPoolIds());
      } catch (NumberFormatException ex) {
        logger.error("GroupId cannot be parsed: {}", receiver.getTarget());
      } catch (GroupNotExistsException ex) {
        logger.error("Group with id: {} does not exists.", receiver.getTarget());
      } catch (InternalErrorException ex) {
        logger.error("Error during processing messageDto.", ex);
      }
    }

    perunNotifEmailManager.sendMessages(messagesToSend);

    return usedPoolIds;
  }
Exemplo n.º 20
0
 public int getAuditerMessagesCount(PerunSession perunSession) throws InternalErrorException {
   return perunBl.getAuditer().getAuditerMessagesCount(perunSession);
 }