private String getUPN(DbUser user) {
String retVal = user.getLoginName();
if (!retVal.contains("@")) {
retVal = retVal + "@" + user.getDomain();
}
return retVal;
}
String getConsoleUserName() {
DbUser user = getCurrentUser();
String domain = user.getDomain();
String name = user.getLoginName();
if (StringUtils.isEmpty(name)) {
return null;
}
if (name.contains("@") || StringUtils.isEmpty(domain)) {
return name;
}
return name + "@" + domain;
}
private DbUser addUser(DbUser dbUser) {
// Try to add the user with the external id:
if (dbUser.getDomain() != null && dbUser.getExternalId() != null) {
AddUserParameters parameters = new AddUserParameters(dbUser);
VdcReturnValueBase result =
runInternalAction(VdcActionType.AddUser, parameters, cloneContextAndDetachFromParent());
if (result.getCanDoAction()) {
Guid id = (Guid) result.getActionReturnValue();
if (id != null) {
return getDbUserDAO().get(id);
}
return null;
}
}
// There is no such user in the directory:
return null;
}
@Override
protected void executeCommand() {
// Get the parameters:
T parameters = getParameters();
// The user or group given in the parameters may haven't been added to the database yet, if this
// is the case
// then they need to be added to the database now, before the permission:
DbUser user = parameters.getUser();
if (user != null) {
Guid id = user.getId();
String directory = user.getDomain();
String externalId = user.getExternalId();
DbUser existing = getDbUserDAO().getByIdOrExternalId(id, directory, externalId);
if (existing != null) {
user = existing;
} else {
user = addUser(user);
if (user == null) {
setSucceeded(false);
return;
}
}
}
DbGroup group = parameters.getGroup();
if (group != null) {
Guid id = group.getId();
String directory = group.getDomain();
String externalId = group.getExternalId();
DbGroup existing = getAdGroupDAO().getByIdOrExternalId(id, directory, externalId);
if (existing != null) {
group = existing;
} else {
group = addGroup(group);
if (group == null) {
setSucceeded(false);
return;
}
}
}
// The identifier of the principal of the permission can come from the parameters directly or
// from the
// user/group objects:
Guid principalId;
if (user != null) {
principalId = user.getId();
} else if (group != null) {
principalId = group.getId();
} else {
principalId = parameters.getPermission().getad_element_id();
}
final Permissions paramPermission = parameters.getPermission();
Permissions permission =
getPermissionDAO()
.getForRoleAndAdElementAndObject(
paramPermission.getrole_id(), principalId, paramPermission.getObjectId());
if (permission == null) {
paramPermission.setId(Guid.newGuid());
paramPermission.setad_element_id(principalId);
TransactionSupport.executeInNewTransaction(
new TransactionMethod<Void>() {
@Override
public Void runInTransaction() {
getPermissionDAO().save(paramPermission);
getCompensationContext().snapshotNewEntity(paramPermission);
getCompensationContext().stateChanged();
return null;
}
});
permission = paramPermission;
}
getReturnValue().setActionReturnValue(permission.getId());
if (user != null) {
updateAdminStatus(permission);
}
setSucceeded(true);
}
public static List<DbUser> sync(List<DbUser> dbUsers) {
List<DbUser> usersToUpdate = new ArrayList<>();
Map<String, Map<String, Set<String>>> authzToNamespaceToUserIds = new HashMap<>();
Map<String, List<DbUser>> dbUsersPerAuthz = new HashMap<>();
// Initialize the entries based on authz in the map
for (DbUser dbUser : dbUsers) {
MultiValueMapUtils.addToMap(dbUser.getDomain(), dbUser, dbUsersPerAuthz);
if (!authzToNamespaceToUserIds.containsKey(dbUser.getDomain())) {
authzToNamespaceToUserIds.put(dbUser.getDomain(), new HashMap<String, Set<String>>());
}
MultiValueMapUtils.addToMapOfSets(
dbUser.getNamespace(),
dbUser.getExternalId(),
authzToNamespaceToUserIds.get(dbUser.getDomain()));
}
for (Entry<String, Map<String, Set<String>>> entry : authzToNamespaceToUserIds.entrySet()) {
Map<String, DbUser> activeUsers = new HashMap<>();
String authz = entry.getKey();
try {
ExtensionProxy authzExtension =
EngineExtensionsManager.getInstance().getExtensionByName(authz);
for (Entry<String, Set<String>> userIdsPerNamespace : entry.getValue().entrySet()) {
for (ExtMap principal :
AuthzUtils.fetchPrincipalsByIdsRecursively(
authzExtension, userIdsPerNamespace.getKey(), userIdsPerNamespace.getValue())) {
DirectoryUtils.flatGroups(principal);
DbUser dbUser = DirectoryUtils.mapPrincipalRecordToDbUser(authz, principal);
dbUser.setGroupIds(DirectoryUtils.getGroupIdsFromPrincipal(authz, principal));
activeUsers.put(dbUser.getExternalId(), dbUser);
}
}
for (DbUser dbUser : dbUsersPerAuthz.get(authz)) {
DbUser activeUser = activeUsers.get(dbUser.getExternalId());
if (activeUser != null) {
if (!activeUser.equals(dbUser)) {
activeUser.setId(dbUser.getId());
activeUser.setAdmin(dbUser.isAdmin());
log.infoFormat(
"Principal {0}::{1} synchronized",
activeUser.getLoginName(), activeUser.getDomain());
usersToUpdate.add(activeUser);
}
} else {
log.infoFormat(
"Deactivating non existing principal {0}::{1}",
dbUser.getLoginName(), dbUser.getDomain());
dbUser.setActive(false);
usersToUpdate.add(dbUser);
}
}
} catch (Exception ex) {
log.errorFormat(
"Error during user synchronization of extension {0}. Exception message is {1}",
authz, ex.getMessage());
log.debug("", ex);
}
}
return usersToUpdate;
}
private void onAttach() {
AdElementListModel model = (AdElementListModel) getWindow();
if (model.getProgress() != null) {
return;
}
if (model.getSelectedItems() == null) {
cancel();
return;
}
ArrayList<DbUser> items = new ArrayList<DbUser>();
for (Object item : model.getItems()) {
EntityModel entityModel = (EntityModel) item;
if (entityModel.getIsSelected()) {
items.add((DbUser) entityModel.getEntity());
}
}
Role role = model.getRole().getSelectedItem();
ArrayList<VdcActionParametersBase> list = new ArrayList<VdcActionParametersBase>();
for (DbUser user : items) {
Permission perm = new Permission(user.getId(), role.getId(), null, null);
if (user.isGroup()) {
DbGroup group = new DbGroup();
group.setId(user.getId());
group.setName(user.getFirstName());
group.setDomain(user.getDomain());
group.setExternalId(user.getExternalId());
group.setNamespace(user.getNamespace());
PermissionsOperationsParameters tempVar2 = new PermissionsOperationsParameters();
tempVar2.setPermission(perm);
tempVar2.setGroup(group);
list.add(tempVar2);
} else {
PermissionsOperationsParameters tempVar3 = new PermissionsOperationsParameters();
tempVar3.setPermission(perm);
tempVar3.setUser(user);
list.add(tempVar3);
}
}
model.startProgress(null);
Frontend.getInstance()
.runMultipleAction(
VdcActionType.AddSystemPermission,
list,
new IFrontendMultipleActionAsyncCallback() {
@Override
public void executed(FrontendMultipleActionAsyncResult result) {
AdElementListModel localModel = (AdElementListModel) result.getState();
localModel.stopProgress();
cancel();
}
},
model);
}
public void onAdd() {
AdElementListModel model = (AdElementListModel) getWindow();
if (model.getProgress() != null) {
return;
}
if (model.getSelectedItems() == null) {
cancel();
return;
}
ArrayList<DbUser> items = new ArrayList<DbUser>();
for (Object item : model.getItems()) {
EntityModel entityModel = (EntityModel) item;
if (entityModel.getIsSelected()) {
items.add((DbUser) entityModel.getEntity());
}
}
ArrayList<VdcActionType> actionsList = new ArrayList<VdcActionType>(items.size());
ArrayList<VdcActionParametersBase> parametersList =
new ArrayList<VdcActionParametersBase>(items.size());
VdcActionParametersBase parameters = null;
for (DbUser item : items) {
if (item.isGroup()) {
actionsList.add(VdcActionType.AddGroup);
DbGroup grp = new DbGroup();
grp.setExternalId(item.getExternalId());
grp.setName(item.getFirstName());
grp.setNamespace(item.getNamespace());
grp.setId(item.getId());
grp.setDomain(item.getDomain());
grp.setActive(item.isActive());
parameters = new AddGroupParameters(grp);
} else {
actionsList.add(VdcActionType.AddUser);
parameters = new AddUserParameters(item);
}
parametersList.add(parameters);
}
model.startProgress(null);
IFrontendActionAsyncCallback nopCallback =
new IFrontendActionAsyncCallback() {
@Override
public void executed(FrontendActionAsyncResult result) {
// Nothing.
}
};
IFrontendActionAsyncCallback lastCallback =
new IFrontendActionAsyncCallback() {
@Override
public void executed(FrontendActionAsyncResult result) {
AdElementListModel localModel = (AdElementListModel) result.getState();
localModel.stopProgress();
cancel();
}
};
ArrayList<IFrontendActionAsyncCallback> callbacksList =
new ArrayList<IFrontendActionAsyncCallback>(items.size());
for (int i = 1; i < items.size(); i++) {
callbacksList.add(nopCallback);
}
callbacksList.add(lastCallback);
Frontend.getInstance()
.runMultipleActions(actionsList, parametersList, callbacksList, lastCallback, model);
}
private void onAdd() {
AdElementListModel model = (AdElementListModel) getWindow();
if (model.getProgress() != null) {
return;
}
if (!model.getIsEveryoneSelected() && model.getSelectedItems() == null) {
cancel();
return;
}
ArrayList<DbUser> items = new ArrayList<DbUser>();
if (model.getIsEveryoneSelected()) {
DbUser tempVar = new DbUser();
tempVar.setId(ApplicationGuids.everyone.asGuid());
items.add(tempVar);
} else {
for (Object item : model.getItems()) {
EntityModel entityModel = (EntityModel) item;
if (entityModel.getIsSelected()) {
items.add((DbUser) entityModel.getEntity());
}
}
}
Role role = (Role) model.getRole().getSelectedItem();
// adGroup/user
ArrayList<VdcActionParametersBase> list = new ArrayList<VdcActionParametersBase>();
for (DbUser user : items) {
Permissions tempVar2 = new Permissions();
tempVar2.setad_element_id(user.getId());
tempVar2.setrole_id(role.getId());
Permissions perm = tempVar2;
perm.setObjectId(getEntityGuid());
perm.setObjectType(this.getObjectType());
if (user.isGroup()) {
DbGroup group = new DbGroup();
group.setId(user.getId());
group.setExternalId(user.getExternalId());
group.setName(user.getFirstName());
group.setDomain(user.getDomain());
group.setNamespace(user.getNamespace());
PermissionsOperationsParameters tempVar3 = new PermissionsOperationsParameters();
tempVar3.setPermission(perm);
tempVar3.setGroup(group);
list.add(tempVar3);
} else {
PermissionsOperationsParameters tempVar4 = new PermissionsOperationsParameters();
tempVar4.setPermission(perm);
tempVar4.setUser(user);
list.add(tempVar4);
}
}
model.startProgress(null);
Frontend.getInstance()
.runMultipleAction(
VdcActionType.AddPermission,
list,
new IFrontendMultipleActionAsyncCallback() {
@Override
public void executed(FrontendMultipleActionAsyncResult result) {
AdElementListModel localModel = (AdElementListModel) result.getState();
localModel.stopProgress();
cancel();
}
},
model);
}
