use of org.apache.syncope.core.persistence.api.entity.Role in project syncope by apache.
the class JPARoleDAO method delete.
@Override
public void delete(final String key) {
Role role = find(key);
if (role == null) {
return;
}
delete(role);
}
use of org.apache.syncope.core.persistence.api.entity.Role in project syncope by apache.
the class JPARoleDAO method save.
@Override
public Role save(final Role role) {
Role merged = entityManager().merge(role);
// refresh dynamic memberships
if (merged.getDynMembership() != null) {
List<User> matching = searchDAO().search(SearchCondConverter.convert(merged.getDynMembership().getFIQLCond()), AnyTypeKind.USER);
clearDynMembers(merged);
matching.forEach((user) -> {
Query insert = entityManager().createNativeQuery("INSERT INTO " + DYNMEMB_TABLE + " VALUES(?, ?)");
insert.setParameter(1, user.getKey());
insert.setParameter(2, merged.getKey());
insert.executeUpdate();
publisher.publishEvent(new AnyCreatedUpdatedEvent<>(this, user, AuthContextUtils.getDomain()));
});
}
return merged;
}
use of org.apache.syncope.core.persistence.api.entity.Role in project syncope by apache.
the class JPARoleDAO method refreshDynMemberships.
@Transactional
@Override
public void refreshDynMemberships(final User user) {
findAll().stream().filter(role -> role.getDynMembership() != null).forEach(role -> {
Query delete = entityManager().createNativeQuery("DELETE FROM " + DYNMEMB_TABLE + " WHERE role_id=? AND any_id=?");
delete.setParameter(1, role.getKey());
delete.setParameter(2, user.getKey());
delete.executeUpdate();
if (searchDAO().matches(user, SearchCondConverter.convert(role.getDynMembership().getFIQLCond()))) {
Query insert = entityManager().createNativeQuery("INSERT INTO " + DYNMEMB_TABLE + " VALUES(?, ?)");
insert.setParameter(1, user.getKey());
insert.setParameter(2, role.getKey());
insert.executeUpdate();
}
});
}
use of org.apache.syncope.core.persistence.api.entity.Role in project syncope by apache.
the class JPAUserDAO method findDynRoles.
@Transactional(propagation = Propagation.REQUIRES_NEW, readOnly = true)
@Override
@SuppressWarnings("unchecked")
public List<Role> findDynRoles(final String key) {
Query query = entityManager().createNativeQuery("SELECT role_id FROM " + JPARoleDAO.DYNMEMB_TABLE + " WHERE any_id=?");
query.setParameter(1, key);
List<Role> result = new ArrayList<>();
query.getResultList().stream().map(resultKey -> resultKey instanceof Object[] ? (String) ((Object[]) resultKey)[0] : ((String) resultKey)).forEachOrdered(actualKey -> {
Role role = roleDAO.find(actualKey.toString());
if (role == null) {
LOG.error("Could not find role with id {}, even though returned by the native query", actualKey);
} else if (!result.contains(role)) {
result.add(role);
}
});
return result;
}
use of org.apache.syncope.core.persistence.api.entity.Role in project syncope by apache.
the class UserDataBinderImpl method create.
@Override
public void create(final User user, final UserTO userTO, final boolean storePassword) {
SyncopeClientCompositeException scce = SyncopeClientException.buildComposite();
// set username
user.setUsername(userTO.getUsername());
// set password
if (StringUtils.isBlank(userTO.getPassword()) || !storePassword) {
LOG.debug("Password was not provided or not required to be stored");
} else {
setPassword(user, userTO.getPassword(), scce);
}
user.setMustChangePassword(userTO.isMustChangePassword());
// security question / answer
if (userTO.getSecurityQuestion() != null) {
SecurityQuestion securityQuestion = securityQuestionDAO.find(userTO.getSecurityQuestion());
if (securityQuestion != null) {
user.setSecurityQuestion(securityQuestion);
}
}
user.setSecurityAnswer(userTO.getSecurityAnswer());
// roles
userTO.getRoles().forEach(roleKey -> {
Role role = roleDAO.find(roleKey);
if (role == null) {
LOG.warn("Ignoring unknown role with id {}", roleKey);
} else {
user.add(role);
}
});
// realm
Realm realm = realmDAO.findByFullPath(userTO.getRealm());
if (realm == null) {
SyncopeClientException noRealm = SyncopeClientException.build(ClientExceptionType.InvalidRealm);
noRealm.getElements().add("Invalid or null realm specified: " + userTO.getRealm());
scce.addException(noRealm);
}
user.setRealm(realm);
AnyUtils anyUtils = anyUtilsFactory.getInstance(AnyTypeKind.USER);
if (user.getRealm() != null) {
// relationships
userTO.getRelationships().forEach(relationshipTO -> {
AnyObject otherEnd = anyObjectDAO.find(relationshipTO.getOtherEndKey());
if (otherEnd == null) {
LOG.debug("Ignoring invalid anyObject " + relationshipTO.getOtherEndKey());
} else if (user.getRealm().getFullPath().startsWith(otherEnd.getRealm().getFullPath())) {
RelationshipType relationshipType = relationshipTypeDAO.find(relationshipTO.getType());
if (relationshipType == null) {
LOG.debug("Ignoring invalid relationship type {}", relationshipTO.getType());
} else {
URelationship relationship = entityFactory.newEntity(URelationship.class);
relationship.setType(relationshipType);
relationship.setRightEnd(otherEnd);
relationship.setLeftEnd(user);
user.add(relationship);
}
} else {
LOG.error("{} cannot be assigned to {}", otherEnd, user);
SyncopeClientException unassignabled = SyncopeClientException.build(ClientExceptionType.InvalidRelationship);
unassignabled.getElements().add("Cannot be assigned: " + otherEnd);
scce.addException(unassignabled);
}
});
// memberships
userTO.getMemberships().forEach(membershipTO -> {
Group group = membershipTO.getGroupKey() == null ? groupDAO.findByName(membershipTO.getGroupName()) : groupDAO.find(membershipTO.getGroupKey());
if (group == null) {
LOG.debug("Ignoring invalid group " + membershipTO.getGroupKey() + " / " + membershipTO.getGroupName());
} else if (user.getRealm().getFullPath().startsWith(group.getRealm().getFullPath())) {
UMembership membership = entityFactory.newEntity(UMembership.class);
membership.setRightEnd(group);
membership.setLeftEnd(user);
user.add(membership);
// membership attributes
fill(user, membership, membershipTO, anyUtils, scce);
} else {
LOG.error("{} cannot be assigned to {}", group, user);
SyncopeClientException unassignable = SyncopeClientException.build(ClientExceptionType.InvalidMembership);
unassignable.getElements().add("Cannot be assigned: " + group);
scce.addException(unassignable);
}
});
}
// attributes and resources
fill(user, userTO, anyUtils, scce);
// Throw composite exception if there is at least one element set in the composing exceptions
if (scce.hasExceptions()) {
throw scce;
}
}
Aggregations