use of cz.metacentrum.perun.core.api.Member in project perun by CESNET.
the class MembersManagerBlImpl method createMember.
// MAIN METHOD
@Override
public Member createMember(PerunSession sess, Vo vo, SpecificUserType specificUserType, Candidate candidate, List<Group> groups, List<String> overwriteUserAttributes) throws WrongAttributeValueException, WrongReferenceAttributeValueException, AlreadyMemberException, ExtendMembershipException {
log.debug("Creating member for VO {} from candidate {}", vo, candidate);
// Get the user
User user = null;
if (candidate.getUserExtSources() != null) {
for (UserExtSource ues : candidate.getUserExtSources()) {
// Check if the extSource exists
ExtSource tmpExtSource = getPerunBl().getExtSourcesManagerBl().checkOrCreateExtSource(sess, ues.getExtSource().getName(), ues.getExtSource().getType());
// Set the extSource ID
ues.getExtSource().setId(tmpExtSource.getId());
try {
// Try to find the user by userExtSource
user = getPerunBl().getUsersManagerBl().getUserByExtSourceNameAndExtLogin(sess, ues.getExtSource().getName(), ues.getLogin());
} catch (UserExtSourceNotExistsException e) {
// This is OK, non-existent userExtSource will be assigned later
} catch (UserNotExistsException | ExtSourceNotExistsException e) {
// Ignore, we are only checking if the user exists
}
}
}
// If user hasn't been found, then create him
if (user == null) {
user = new User();
user.setFirstName(candidate.getFirstName());
user.setLastName(candidate.getLastName());
user.setMiddleName(candidate.getMiddleName());
user.setTitleAfter(candidate.getTitleAfter());
user.setTitleBefore(candidate.getTitleBefore());
if (specificUserType.equals(SpecificUserType.SERVICE))
user.setServiceUser(true);
if (specificUserType.equals(SpecificUserType.SPONSORED))
user.setSponsoredUser(true);
// Store the user, this must be done in separate transaction
user = getPerunBl().getUsersManagerBl().createUser(sess, user);
log.debug("createMember: new user: {}", user);
}
// Assign missing userExtSource and update LoA
if (candidate.getUserExtSources() != null) {
for (UserExtSource userExtSource : candidate.getUserExtSources()) {
try {
UserExtSource currentUserExtSource = getPerunBl().getUsersManagerBl().getUserExtSourceByExtLogin(sess, userExtSource.getExtSource(), userExtSource.getLogin());
// Update LoA
currentUserExtSource.setLoa(userExtSource.getLoa());
getPerunBl().getUsersManagerBl().updateUserExtSource(sess, currentUserExtSource);
} catch (UserExtSourceNotExistsException e) {
// Create userExtSource
try {
getPerunBl().getUsersManagerBl().addUserExtSource(sess, user, userExtSource);
} catch (UserExtSourceExistsException e1) {
throw new ConsistencyErrorException("Adding userExtSource which already exists: " + userExtSource);
}
} catch (UserExtSourceExistsException e1) {
throw new ConsistencyErrorException("Updating login of userExtSource to value which already exists: " + userExtSource);
}
}
}
try {
Member member = getMemberByUser(sess, vo, user);
throw new AlreadyMemberException(member);
} catch (MemberNotExistsException IGNORE) {
}
// Create the member
Member member = getMembersManagerImpl().createMember(sess, vo, user);
getPerunBl().getAuditer().log(sess, new MemberCreated(member));
// Create the member's attributes
List<Attribute> membersAttributes = new ArrayList<>();
List<Attribute> usersAttributesToMerge = new ArrayList<>();
List<Attribute> usersAttributesToModify = new ArrayList<>();
if (candidate.getAttributes() != null) {
for (String attributeName : candidate.getAttributes().keySet()) {
AttributeDefinition attributeDefinition;
try {
attributeDefinition = getPerunBl().getAttributesManagerBl().getAttributeDefinition(sess, attributeName);
} catch (AttributeNotExistsException ex) {
throw new InternalErrorException(ex);
}
Attribute attribute = new Attribute(attributeDefinition);
attribute.setValue(getPerunBl().getAttributesManagerBl().stringToAttributeValue(candidate.getAttributes().get(attributeName), attribute.getType()));
if (getPerunBl().getAttributesManagerBl().isFromNamespace(sess, attribute, AttributesManager.NS_MEMBER_ATTR_DEF) || getPerunBl().getAttributesManagerBl().isFromNamespace(sess, attribute, AttributesManager.NS_MEMBER_ATTR_OPT)) {
// This is member's attribute
membersAttributes.add(attribute);
} else if (getPerunBl().getAttributesManagerBl().isFromNamespace(sess, attribute, AttributesManager.NS_USER_ATTR_DEF) || getPerunBl().getAttributesManagerBl().isFromNamespace(sess, attribute, AttributesManager.NS_USER_ATTR_OPT)) {
if (overwriteUserAttributes != null && !overwriteUserAttributes.isEmpty() && overwriteUserAttributes.contains(attribute.getName())) {
usersAttributesToModify.add(attribute);
} else {
usersAttributesToMerge.add(attribute);
}
}
}
}
// Store the attributes
try {
// If empty, skip setting or merging empty arrays of attributes at all
if (!membersAttributes.isEmpty())
getPerunBl().getAttributesManagerBl().setAttributes(sess, member, membersAttributes);
if (!usersAttributesToMerge.isEmpty())
getPerunBl().getAttributesManagerBl().mergeAttributesValues(sess, user, usersAttributesToMerge);
if (!usersAttributesToModify.isEmpty())
getPerunBl().getAttributesManagerBl().setAttributes(sess, user, usersAttributesToModify);
} catch (WrongAttributeAssignmentException e) {
throw new InternalErrorException(e);
}
// Set the initial membershipExpiration
// Get user LOA
String memberLoa = null;
try {
Attribute loa = getPerunBl().getAttributesManagerBl().getAttribute(sess, user, AttributesManager.NS_USER_ATTR_VIRT + ":loa");
memberLoa = Integer.toString((Integer) loa.getValue());
} catch (AttributeNotExistsException e) {
// user has no loa defined - if required by VO, it will be stopped in checking method later
} catch (WrongAttributeAssignmentException e) {
throw new InternalErrorException(e);
}
// Check if user can be member
this.canBeMemberInternal(sess, vo, user, memberLoa, true);
// set initial membership expiration
this.extendMembership(sess, member);
insertToMemberGroup(sess, member, vo);
// Add member also to all groups in list
if (groups != null && !groups.isEmpty()) {
for (Group group : groups) {
try {
perunBl.getGroupsManagerBl().addMember(sess, group, member);
} catch (GroupNotExistsException e) {
throw new ConsistencyErrorException(e);
}
}
}
return member;
}
use of cz.metacentrum.perun.core.api.Member in project perun by CESNET.
the class MembersManagerBlImpl method createSingleSponsoredMemberFromCSV.
/**
* Creates a new user from given data and sponsors him in the given vo.
*
* @param sess sess
* @param vo vo, where the new user will be sponsored
* @param namespace namespace used to define an external system where
* the user will have a new login generated (currently, only 'mu' namespace is supported)
* @param data values used to create the new user.
* Required values are - firstname, lastname, urn:perun:user:attribute-def:def:preferredMail
* Optional values are - urn:perun:user:attribute-def:def:note
* @param sponsor user, who will be set as a sponsor to the newly created user
* @param validityTo validity of the sponsorship. If null, the sponsorship will not be automatically canceled.
* @param url base URL of Perun Instance
* @param validation Which type of validation to perform. If you are using ASYNC, do not call this method in a cycle!
* @param groups groups, to which will be the created users assigned
* @return result of the procedure
*/
private Map<String, Object> createSingleSponsoredMemberFromCSV(PerunSession sess, Vo vo, String namespace, Map<String, String> data, User sponsor, LocalDate validityTo, boolean sendActivationLink, String url, Validation validation, List<Group> groups) {
for (String requiredField : SPONSORED_MEMBER_REQUIRED_FIELDS) {
if (!data.containsKey(requiredField)) {
log.error("Invalid data passed, missing required value: {}", requiredField);
throw new InternalErrorException("Invalid data passed, missing required value: " + requiredField);
}
}
Set<String> additionalValues = new HashSet<>(data.keySet());
additionalValues.removeAll(SPONSORED_MEMBER_REQUIRED_FIELDS);
for (String valueName : additionalValues) {
if (!SPONSORED_MEMBER_ADDITIONAL_FIELDS.contains(valueName)) {
log.error("Not allowed additional value passed, value: {}", valueName);
throw new InternalErrorException("Not allowed additional value passed, value: " + valueName);
}
}
// We don't want these values to be set as attributes
additionalValues.removeIf(val -> !val.startsWith(ATTR_PREFIX));
String email = data.get(A_U_PREF_MAIL);
SponsoredUserData input = new SponsoredUserData();
input.setNamespace(namespace);
input.setFirstName(data.get("firstname"));
input.setLastName(data.get("lastname"));
input.setEmail(email);
String password = null;
if (isNotBlank(namespace)) {
PasswordManagerModule module = getPerunBl().getUsersManagerBl().getPasswordManagerModule(sess, namespace);
password = module.generateRandomPassword(sess, null);
input.setPassword(password);
}
if (data.containsKey("login")) {
input.setLogin(data.get("login"));
}
// create sponsored member
Map<String, Object> status = new HashMap<>();
Member member = null;
try {
member = createSponsoredMember(sess, input, vo, sponsor, validityTo, sendActivationLink, url, validation);
User user = perunBl.getUsersManagerBl().getUserByMember(sess, member);
// get login to return
String login = null;
if (isNotBlank(namespace)) {
login = perunBl.getAttributesManagerBl().getAttribute(sess, user, PasswordManagerModule.LOGIN_PREFIX + namespace).valueAsString();
}
status.put(LOGIN, login);
status.put(PASSWORD, password);
setAdditionalValues(sess, additionalValues, data, user, member);
// we must pass member back for the purpose of validation
status.put(MEMBER, member);
status.put(STATUS, OK);
} catch (Exception e) {
log.error("Failed to create a sponsored user.", e);
status.put(STATUS, e.getMessage());
}
if (groups != null && !groups.isEmpty()) {
Map<Integer, String> groupAssignmentErrors = new HashMap<>();
if (member != null) {
for (Group group : groups) {
try {
perunBl.getGroupsManagerBl().addMember(sess, group, member);
} catch (Exception e) {
groupAssignmentErrors.put(group.getId(), e.getMessage());
log.error("Failed to add a member to a group. Member: {}, Group: {}", member, group, e);
}
}
}
status.put(GROUP_ADDING_ERRORS, groupAssignmentErrors);
}
return status;
}
use of cz.metacentrum.perun.core.api.Member in project perun by CESNET.
the class MembersManagerBlImpl method getRichMembersWithAttributesByNames.
@Override
public List<RichMember> getRichMembersWithAttributesByNames(PerunSession sess, Vo vo, List<String> attrsNames) throws AttributeNotExistsException {
List<Member> members = new ArrayList<>(perunBl.getMembersManagerBl().getMembers(sess, vo));
List<RichMember> richMembers = this.convertMembersToRichMembers(sess, members);
List<AttributeDefinition> attrsDef = new ArrayList<>();
for (String atrrName : attrsNames) {
AttributeDefinition attrDef = perunBl.getAttributesManagerBl().getAttributeDefinition(sess, atrrName);
attrsDef.add(attrDef);
}
return this.convertMembersToRichMembersWithAttributes(sess, richMembers, attrsDef);
}
use of cz.metacentrum.perun.core.api.Member in project perun by CESNET.
the class ResourcesManagerBlImpl method processGroupResourceActivation.
/**
* Sets assignment status of given group and resource to ACTIVE. Check if attributes for each member
* from group are valid. Fill members' attributes with missing values.
*
* @param sess session
* @param group group
* @param resource resource
* @throws WrongAttributeValueException when an attribute value has wrong/illegal syntax
* @throws WrongReferenceAttributeValueException when an attribute value has wrong/illegal semantics
* @throws GroupResourceMismatchException when the given group and resource are not from the same VO
* @throws GroupNotDefinedOnResourceException when there is no such group-resource assignment
*/
private void processGroupResourceActivation(PerunSession sess, Group group, Resource resource) throws GroupResourceMismatchException, WrongReferenceAttributeValueException, WrongAttributeValueException, GroupNotDefinedOnResourceException {
getPerunBl().getAttributesManagerBl().checkGroupIsFromTheSameVoLikeResource(sess, group, resource);
// set status as ACTIVE first because methods checkAttributesSemantics and fillAttribute need active state to work correctly
getResourcesManagerImpl().setGroupResourceStatus(sess, group, resource, GroupResourceStatus.ACTIVE);
// reset assignment failure cause
getResourcesManagerImpl().setFailedGroupResourceAssignmentCause(sess, group, resource, null);
// if there are no services, the members are empty and there is nothing more to process
if (getAssignedServices(sess, resource).isEmpty()) {
getPerunBl().getAuditer().log(sess, new GroupAssignedToResource(group, resource));
return;
}
// get/fill/set all required group and group-resource attributes
try {
List<Attribute> attributes = getPerunBl().getAttributesManagerBl().getResourceRequiredAttributes(sess, resource, resource, group, true);
attributes = getPerunBl().getAttributesManagerBl().fillAttributes(sess, resource, group, attributes, true);
getPerunBl().getAttributesManagerBl().setAttributes(sess, resource, group, attributes, true);
} catch (WrongAttributeAssignmentException | GroupResourceMismatchException ex) {
throw new ConsistencyErrorException(ex);
}
List<Member> members = getPerunBl().getGroupsManagerBl().getGroupMembersExceptInvalidAndDisabled(sess, group);
// get all "allowed" group members and get/fill/set required attributes for them
Facility facility = getPerunBl().getResourcesManagerBl().getFacility(sess, resource);
for (Member member : members) {
User user = getPerunBl().getUsersManagerBl().getUserByMember(sess, member);
try {
getPerunBl().getAttributesManagerBl().setRequiredAttributes(sess, facility, resource, user, member, true);
} catch (WrongAttributeAssignmentException | MemberResourceMismatchException | AttributeNotExistsException ex) {
throw new ConsistencyErrorException(ex);
}
}
getPerunBl().getAuditer().log(sess, new GroupAssignedToResource(group, resource));
// TODO: set and check member-group attributes
}
use of cz.metacentrum.perun.core.api.Member in project perun by CESNET.
the class GroupsManagerBlImpl method logTotallyRemovedMembers.
/**
* Log members that were deleted from parent group totally to auditer.
*
* @param sess perun session
* @param parentGroupId group id
* @param membersFromDeletedGroup deleted members from child group
* @throws InternalErrorException
*/
private void logTotallyRemovedMembers(PerunSession sess, Integer parentGroupId, List<Member> membersFromDeletedGroup) {
while (parentGroupId != null) {
Group parentGroup;
try {
parentGroup = getGroupById(sess, parentGroupId);
} catch (GroupNotExistsException ex) {
throw new ConsistencyErrorException(ex);
}
// getting members from parent group AFTER the indirect members from subgroup were removed from this group.
List<Member> membersFromParentGroup = getGroupMembers(sess, parentGroup);
// removeAll will remove all members which remains in parent group even after they removal of INDIRECT records.
membersFromDeletedGroup.removeAll(membersFromParentGroup);
// so we need to log them to auditer
for (Member m : membersFromDeletedGroup) {
notifyMemberRemovalFromGroup(sess, parentGroup, m);
getPerunBl().getAuditer().log(sess, new MemberRemovedFromGroupTotally(m, parentGroup));
}
parentGroupId = parentGroup.getParentGroupId();
}
}
Aggregations