/**
* KERN-1026 changed the results of this to be the authz's that are members of the managers group
* associated to a group rather than the group managers associated to the group.
*
* <p><del>Get the managers for a group. These should be stored in the {@link
* UserConstants#PROP_GROUP_MANAGERS}.</del>
*
* @param request
* @param group
* @param writer
* @throws RepositoryException
* @throws JSONException
*/
protected TreeMap<String, Authorizable> getManagers(
SlingHttpServletRequest request, Group group, Comparator<String> comparator)
throws RepositoryException, JSONException {
TreeMap<String, Authorizable> map = new TreeMap<String, Authorizable>(comparator);
// KERN-949 will probably change this.
// note above was made before this was changed to retrieving members of the managers
// group and may not apply.
Session session = request.getResourceResolver().adaptTo(Session.class);
UserManager um = AccessControlUtil.getUserManager(session);
Value[] managersGroup = group.getProperty(UserConstants.PROP_MANAGERS_GROUP);
if (managersGroup != null && managersGroup.length == 1) {
String mgrGroupName = managersGroup[0].getString();
Group mgrGroup = (Group) um.getAuthorizable(mgrGroupName);
Iterator<Authorizable> members = mgrGroup.getMembers();
while (members.hasNext()) {
Authorizable member = members.next();
String prinName = member.getPrincipal().getName();
Authorizable mau = um.getAuthorizable(prinName);
String name = getName(mau);
map.put(name, mau);
}
}
return map;
}
public List<IPentahoUser> getRoleMembers(
Session session, final ITenant theTenant, final String roleName) throws RepositoryException {
List<IPentahoUser> users = new ArrayList<IPentahoUser>();
Group jackrabbitGroup = getJackrabbitGroup(theTenant, roleName, session);
if ((jackrabbitGroup != null)
&& TenantUtils.isAccessibleTenant(
theTenant == null
? tenantedRoleNameUtils.getTenant(jackrabbitGroup.getID())
: theTenant)) {
Iterator<Authorizable> authorizables = jackrabbitGroup.getMembers();
while (authorizables.hasNext()) {
Authorizable authorizable = authorizables.next();
if (authorizable instanceof User) {
users.add(convertToPentahoUser((User) authorizable));
}
}
}
return users;
}
@Test
public void testGetEmailAddrs_Group() throws Exception {
// mock group and users
String groupPath = "/home/users/g/group";
List<Authorizable> groupMembers = new ArrayList<Authorizable>();
Authorizable user1 = mock(Authorizable.class);
Authorizable user2 = mock(Authorizable.class);
when(user1.hasProperty(PN_EMAIL)).thenReturn(true);
when(user1.getProperty(PN_EMAIL))
.thenReturn(new MockValue[] {new MockValue("*****@*****.**")});
when(user2.hasProperty(PN_EMAIL)).thenReturn(true);
when(user2.getProperty(PN_EMAIL))
.thenReturn(new MockValue[] {new MockValue("*****@*****.**")});
groupMembers.add(user1);
groupMembers.add(user2);
ResourceResolver resolver = mock(ResourceResolver.class);
Resource groupRes = mock(Resource.class);
Authorizable groupAuth = mock(Authorizable.class);
Group userGroup = mock(Group.class);
when(resolver.getResource(groupPath)).thenReturn(groupRes);
when(groupRes.adaptTo(Authorizable.class)).thenReturn(groupAuth);
when(groupAuth.isGroup()).thenReturn(true);
when(groupRes.adaptTo(Group.class)).thenReturn(userGroup);
when(userGroup.getMembers()).thenReturn(groupMembers.iterator());
String[] emails = SendTemplatedEmailUtils.getEmailAddrsFromUserPath(resolver, groupPath);
assertEquals(2, emails.length);
assertEquals("*****@*****.**", emails[0]);
assertEquals("*****@*****.**", emails[1]);
}
public void setRoleMembers(
Session session,
final ITenant theTenant,
final String roleName,
final String[] memberUserNames)
throws RepositoryException, NotFoundException {
List<IPentahoUser> currentRoleMembers = getRoleMembers(session, theTenant, roleName);
if (tenantAdminRoleName.equals(roleName)
&& (currentRoleMembers != null && currentRoleMembers.size() > 0)
&& memberUserNames.length == 0) {
throw new RepositoryException(
Messages.getInstance()
.getString(
"AbstractJcrBackedUserRoleDao.ERROR_0001_LAST_ADMIN_ROLE", tenantAdminRoleName));
}
Group jackrabbitGroup = getJackrabbitGroup(theTenant, roleName, session);
if ((jackrabbitGroup == null)
|| !TenantUtils.isAccessibleTenant(
theTenant == null
? tenantedRoleNameUtils.getTenant(jackrabbitGroup.getID())
: theTenant)) {
throw new NotFoundException(
Messages.getInstance()
.getString("AbstractJcrBackedUserRoleDao.ERROR_0002_ROLE_NOT_FOUND"));
}
HashMap<String, User> currentlyAssignedUsers = new HashMap<String, User>();
Iterator<Authorizable> currentMembers = jackrabbitGroup.getMembers();
while (currentMembers.hasNext()) {
Authorizable member = currentMembers.next();
if (member instanceof User) {
currentlyAssignedUsers.put(member.getID(), (User) member);
}
}
HashMap<String, User> finalCollectionOfAssignedUsers = new HashMap<String, User>();
if (memberUserNames != null) {
ITenant tenant = theTenant == null ? JcrTenantUtils.getTenant(roleName, false) : theTenant;
for (String user : memberUserNames) {
User jackrabbitUser = getJackrabbitUser(tenant, user, session);
if (jackrabbitUser != null) {
finalCollectionOfAssignedUsers.put(
tenantedRoleNameUtils.getPrincipleId(tenant, user), jackrabbitUser);
}
}
}
ArrayList<String> usersToRemove = new ArrayList<String>(currentlyAssignedUsers.keySet());
usersToRemove.removeAll(finalCollectionOfAssignedUsers.keySet());
ArrayList<String> usersToAdd = new ArrayList<String>(finalCollectionOfAssignedUsers.keySet());
usersToAdd.removeAll(currentlyAssignedUsers.keySet());
for (String userId : usersToRemove) {
jackrabbitGroup.removeMember(currentlyAssignedUsers.get(userId));
}
for (String userId : usersToAdd) {
jackrabbitGroup.addMember(finalCollectionOfAssignedUsers.get(userId));
// Purge the UserDetails cache
purgeUserFromCache(userId);
}
}
