Exemplo n.º 1
0
  @Transactional
  private List<UserGroup> getPrivilegesAndCreateGroups(
      LDAPUser user, boolean createNonExistingLdapGroup, User toSave) {
    GroupRepository groupRepo = ApplicationContextHolder.get().getBean(GroupRepository.class);

    List<UserGroup> ug = new LinkedList<UserGroup>();
    for (Map.Entry<String, Profile> privilege : user.getPrivileges().entries()) {
      // Add group privileges for each groups

      // Retrieve group id
      String groupName = privilege.getKey();
      Profile profile = privilege.getValue();

      Group group = groupRepo.findByName(groupName);

      if (group == null && createNonExistingLdapGroup) {
        group = new Group().setName(groupName);
        group = groupRepo.save(group);

        if (Log.isDebugEnabled(Geonet.LDAP)) {
          Log.debug(Geonet.LDAP, "  - Add LDAP group " + groupName + " for user.");
        }
      }
      if (group != null) {
        if (Log.isDebugEnabled(Geonet.LDAP)) {
          Log.debug(Geonet.LDAP, "  - Add LDAP group " + groupName + " for user.");
        }
        UserGroup usergroup = new UserGroup();
        usergroup.setGroup(group);
        usergroup.setUser(toSave);
        usergroup.setProfile(profile);
        ug.add(usergroup);
      } else {
        if (Log.isDebugEnabled(Geonet.LDAP)) {
          Log.debug(
              Geonet.LDAP,
              "  - Can't create LDAP group "
                  + groupName
                  + " for user. "
                  + "Group does not exist in local database or createNonExistingLdapGroup is set to false.");
        }
      }
    }
    return ug;
  }
Exemplo n.º 2
0
  @Transactional
  private User getUser(LDAPUser user, boolean importPrivilegesFromLdap, String userName) {
    UserRepository userRepo = ApplicationContextHolder.get().getBean(UserRepository.class);

    User loadedUser = userRepo.findOneByUsername(userName);
    User toSave;
    if (loadedUser != null) {
      // If we don't import privileges from LDAP
      // Set the LDAP user profile to be the one set
      // in the local database. If not, the db profile
      // would be always reset by merge.
      if (!importPrivilegesFromLdap) {
        user.getUser().setProfile(loadedUser.getProfile());
      }
      loadedUser.mergeUser(user.getUser(), false);
      if (Log.isDebugEnabled(Geonet.LDAP)) {
        Log.debug(
            Geonet.LDAP,
            "  - Update LDAP user "
                + user.getUsername()
                + " ("
                + loadedUser.getId()
                + ") in local database.");
      }
      toSave = loadedUser;

    } else {
      if (Log.isDebugEnabled(Geonet.LDAP)) {
        Log.debug(Geonet.LDAP, "  - Saving new LDAP user " + user.getUsername() + " to database.");
      }
      toSave = user.getUser();
    }
    toSave.getSecurity().setAuthType(LDAPConstants.LDAP_FLAG);
    toSave = userRepo.save(toSave);
    user.setUser(toSave);
    return toSave;
  }
Exemplo n.º 3
0
  @Transactional
  private void setUserGroups(final User user, List<UserGroup> userGroups) throws Exception {
    UserGroupRepository userGroupRepo =
        ApplicationContextHolder.get().getBean(UserGroupRepository.class);
    ;

    Collection<UserGroup> all = userGroupRepo.findAll(UserGroupSpecs.hasUserId(user.getId()));

    if (Log.isTraceEnabled(Log.JEEVES)) {
      Log.trace(Log.JEEVES, "Current usergroups:" + UserGroupSpecs.hasUserId(user.getId()));
      Log.trace(Log.JEEVES, all.size());

      for (UserGroup g : all) {
        Log.trace(Log.JEEVES, g);
      }
    }
    // Have a quick reference of existing groups and profiles for this user
    Set<String> listOfAddedProfiles = new HashSet<String>();
    for (UserGroup ug : all) {
      String key = ug.getProfile().name() + ug.getGroup().getId();
      if (!listOfAddedProfiles.contains(key)) {
        listOfAddedProfiles.add(key);
      }
    }

    // We start removing all old usergroup objects. We will remove the
    // explicitly defined for this call
    Collection<UserGroup> toRemove = new ArrayList<UserGroup>();
    toRemove.addAll(all);

    // New pairs of group-profile we need to add
    Collection<UserGroup> toAdd = new ArrayList<UserGroup>();

    // For each of the parameters on the request, make sure the group is
    // updated.
    for (UserGroup element : userGroups) {
      Group group = element.getGroup();
      String profile = element.getProfile().name();
      // The user has a new group and profile

      // Combine all groups editor and reviewer groups
      if (profile.equals(Profile.Reviewer.name())) {
        final UserGroup userGroup =
            new UserGroup().setGroup(group).setProfile(Profile.Editor).setUser(user);
        String key = Profile.Editor.toString() + group.getId();
        if (!listOfAddedProfiles.contains(key)) {
          toAdd.add(userGroup);
          listOfAddedProfiles.add(key);
        }

        // If the user is already part of this group with this profile,
        // leave it alone:
        for (UserGroup g : all) {
          if (g.getGroup().getId() == group.getId() && g.getProfile().equals(Profile.Editor)) {
            toRemove.remove(g);
          }
        }
      }

      final UserGroup userGroup =
          new UserGroup()
              .setGroup(group)
              .setProfile(Profile.findProfileIgnoreCase(profile))
              .setUser(user);
      String key = profile + group.getId();
      if (!listOfAddedProfiles.contains(key)) {
        toAdd.add(userGroup);
        listOfAddedProfiles.add(key);
      }

      // If the user is already part of this group with this profile,
      // leave it alone:
      for (UserGroup g : all) {
        if (g.getGroup().getId() == group.getId()
            && g.getProfile().name().equalsIgnoreCase(profile)) {
          toRemove.remove(g);
        }
      }
    }

    // Remove deprecated usergroups (if any)
    userGroupRepo.delete(toRemove);
    entityManager.flush();
    entityManager.clear();

    // Add only new usergroups (if any)
    userGroupRepo.save(toAdd);
    entityManager.flush();
  }