Example 11 with Workflow
use of com.tremolosecurity.provisioning.core.Workflow in project OpenUnison by TremoloSecurity.
the class MatterMostProvider method syncUser.
@Override
public void syncUser(User user, boolean addOnly, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
user.setUserID(user.getUserID().toLowerCase());
if (user.getAttribs().get("email") != null) {
String emailAddress = user.getAttribs().get("email").getValues().get(0).toLowerCase();
user.getAttribs().get("email").getValues().clear();
user.getAttribs().get("email").getValues().add(emailAddress);
}
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
StringBuilder sb = new StringBuilder();
HttpCon con = null;
try {
con = this.createClient();
JSONObject mmUser = loadUserJson(user.getUserID(), con);
if (mmUser == null) {
this.createUser(user, attributes, request);
return;
}
HashMap<String, String> updates = new HashMap<String, String>();
HashMap<String, String> adds = new HashMap<String, String>();
List<String> groupsAdded = new ArrayList<String>();
List<String> groupsRemoved = new ArrayList<String>();
for (String attributeName : attributes) {
String attrValue = user.getAttribs().get(attributeName).getValues().get(0);
if (attrValue != null) {
Object attrFromMM = mmUser.get(attributeName);
if (attrFromMM == null) {
adds.put(attributeName, attrValue);
mmUser.put(attributeName, attrValue);
} else if (!attrFromMM.equals(attrValue)) {
updates.put(attributeName, attrValue);
mmUser.put(attributeName, attrValue);
}
}
}
sb.setLength(0);
StringTokenizer toker = new StringTokenizer(mmUser.get("roles").toString().trim(), " ", false);
HashSet<String> groups = new HashSet<String>();
while (toker.hasMoreTokens()) {
groups.add(toker.nextToken());
}
for (String group : user.getGroups()) {
if (!groups.contains(group)) {
groups.add(group);
groupsAdded.add(group);
}
}
if (!addOnly) {
for (String group : groups) {
if (!user.getGroups().contains(group)) {
groupsRemoved.add(group);
}
}
for (String group : groupsRemoved) {
groups.remove(group);
}
}
for (String group : groups) {
sb.append(group).append(' ');
}
String newRoles = sb.toString().trim();
sb.setLength(0);
sb.append("/api/v4/users/").append(mmUser.get("id").toString()).append("/patch");
String jsonFromMatterMost = this.callWSPut(con, sb.toString(), mmUser.toString());
if (!newRoles.equals(mmUser.get("roles"))) {
sb.setLength(0);
sb.append("/api/v4/users/").append(mmUser.get("id").toString()).append("/roles");
JSONObject rolesObj = new JSONObject();
rolesObj.put("roles", newRoles);
jsonFromMatterMost = this.callWSPut(con, sb.toString(), rolesObj.toString());
}
for (String attrName : updates.keySet()) {
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Replace, approvalID, workflow, attrName, updates.get(attrName));
}
for (String attrName : adds.keySet()) {
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, attrName, adds.get(attrName));
}
for (String group : groupsAdded) {
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "role", group);
}
for (String group : groupsRemoved) {
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Delete, approvalID, workflow, "role", group);
}
} catch (Exception e) {
throw new ProvisioningException("Could not sync '" + user.getUserID() + "'", e);
} finally {
if (con != null) {
try {
con.getHttp().close();
} catch (IOException e) {
}
con.getBcm().close();
}
}
}
Also used :
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
IOException(java.io.IOException)
ClientProtocolException(org.apache.http.client.ClientProtocolException)
ParseException(org.json.simple.parser.ParseException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
IOException(java.io.IOException)
StringTokenizer(java.util.StringTokenizer)
HttpCon(com.tremolosecurity.provisioning.util.HttpCon)
JSONObject(org.json.simple.JSONObject)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
JSONObject(org.json.simple.JSONObject)
HashSet(java.util.HashSet)
Example 12 with Workflow
use of com.tremolosecurity.provisioning.core.Workflow in project OpenUnison by TremoloSecurity.
the class BasicDB method many2manySetGroupsCreate.
private void many2manySetGroupsCreate(User user, StringBuffer insert, Connection con, int id, Map<String, Object> request) throws SQLException, ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
int i;
ResultSet rs;
StringBuffer select = new StringBuffer("SELECT ");
this.getFieldName(this.groupPrimaryKey, select).append(",");
this.getFieldName(this.groupName, select).append(" FROM ").append(escapeTableName(this.groupTable)).append(" WHERE ");
for (String group : user.getGroups()) {
this.getFieldName(this.groupName, select).append("=? OR ");
}
select.setLength(select.length() - 3);
PreparedStatement psSearch = con.prepareStatement(select.toString());
i = 1;
for (String group : user.getGroups()) {
psSearch.setString(i, group);
i++;
}
rs = psSearch.executeQuery();
insert.setLength(0);
insert.append("INSERT INTO ").append(this.groupLinkTable).append(" (");
this.getFieldName(this.groupGroupKey, insert).append(",");
this.getFieldName(this.groupUserKey, insert).append(") VALUES (?,?)");
PreparedStatement psExec = con.prepareStatement(insert.toString());
while (rs.next()) {
psExec.setInt(1, rs.getInt(this.groupPrimaryKey));
psExec.setInt(2, id);
psExec.executeUpdate();
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "group", rs.getString(this.groupName));
}
}
Also used :
ResultSet(java.sql.ResultSet)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
PreparedStatement(java.sql.PreparedStatement)
Example 13 with Workflow
use of com.tremolosecurity.provisioning.core.Workflow in project OpenUnison by TremoloSecurity.
the class BasicDB method syncUser.
/* (non-Javadoc)
* @see com.tremolosecurity.provisioning.core.providers.BasicDB#syncUser(com.tremolosecurity.provisioning.core.User, boolean, java.util.Set, java.util.Map)
*/
@Override
public void syncUser(User user, boolean addOnly, Set<String> attributes, Map<String, Object> wfrequest) throws ProvisioningException {
User foundUser = null;
int approvalID = 0;
if (wfrequest.containsKey("APPROVAL_ID")) {
approvalID = (Integer) wfrequest.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) wfrequest.get("WORKFLOW");
Set<String> attributesForSearch = new HashSet<String>();
attributesForSearch.addAll(attributes);
if (!attributesForSearch.contains(this.userPrimaryKey)) {
attributesForSearch.add(this.userPrimaryKey);
}
try {
// logger.info("Lookin up user : " + user.getUserID());
foundUser = this.findUser(user.getUserID(), attributesForSearch, wfrequest);
if (foundUser == null) {
this.createUser(user, attributes, wfrequest);
return;
}
} catch (Exception e) {
// logger.info("Creating new user",e);
if (logger.isDebugEnabled()) {
logger.debug("Could not create user", e);
}
this.createUser(user, attributes, wfrequest);
return;
}
String userID = foundUser.getAttribs().get(this.userPrimaryKey).getValues().get(0);
int userIDnum = -1;
try {
userIDnum = Integer.parseInt(userID);
} catch (Throwable t) {
// do nothing
}
Connection con;
try {
con = this.ds.getConnection();
} catch (SQLException e) {
throw new ProvisioningException("Could not obtain connection", e);
}
try {
con.setAutoCommit(false);
Map<String, Object> request = new HashMap<String, Object>();
if (this.customDBProvider != null) {
this.customDBProvider.beginUpdate(con, userIDnum, request);
}
StringBuffer b = new StringBuffer();
for (String attrName : attributes) {
if (user.getAttribs().containsKey(attrName) && foundUser.getAttribs().containsKey(attrName) && !user.getAttribs().get(attrName).getValues().get(0).equals(foundUser.getAttribs().get(attrName).getValues().get(0))) {
if (this.customDBProvider != null) {
this.customDBProvider.updateField(con, userIDnum, request, attrName, foundUser.getAttribs().get(attrName).getValues().get(0), user.getAttribs().get(attrName).getValues().get(0));
} else {
PreparedStatement ps = updateField(user, con, b, attrName, userID, userIDnum);
}
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Replace, approvalID, workflow, attrName, user.getAttribs().get(attrName).getValues().get(0));
} else if (user.getAttribs().containsKey(attrName) && !foundUser.getAttribs().containsKey(attrName)) {
if (this.customDBProvider != null) {
this.customDBProvider.updateField(con, userIDnum, request, attrName, null, user.getAttribs().get(attrName).getValues().get(0));
} else {
PreparedStatement ps = updateField(user, con, b, attrName, userID, userIDnum);
}
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, attrName, user.getAttribs().get(attrName).getValues().get(0));
} else if (!user.getAttribs().containsKey(attrName) && foundUser.getAttribs().containsKey(attrName) && !addOnly) {
if (this.customDBProvider != null) {
this.customDBProvider.clearField(con, userIDnum, request, attrName, foundUser.getAttribs().get(attrName).getValues().get(0));
} else {
PreparedStatement ps = clearField(user, con, b, attrName, userID, userIDnum);
}
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Delete, approvalID, workflow, attrName, foundUser.getAttribs().get(attrName).getValues().get(0));
}
}
if (this.customDBProvider != null) {
this.customDBProvider.completeUpdate(con, userIDnum, wfrequest);
}
switch(this.groupMode) {
case None:
break;
case One2Many:
b.setLength(0);
b.append("INSERT INTO ").append(this.groupTable).append(" (");
this.getFieldName(this.groupName, b).append(",");
this.getFieldName(this.groupUserKey, b).append(") VALUES (?,?)");
PreparedStatement ps = con.prepareStatement(b.toString());
for (String groupName : user.getGroups()) {
if (!foundUser.getGroups().contains(groupName)) {
ps.setString(1, groupName);
ps.setInt(2, userIDnum);
ps.executeUpdate();
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "group", groupName);
}
}
b.setLength(0);
b.append("DELETE FROM ").append(this.groupTable).append(" WHERE ");
this.getFieldName(this.groupUserKey, b).append("=? AND ");
this.getFieldName(this.groupName, b).append("=?");
ps = con.prepareStatement(b.toString());
if (!addOnly) {
for (String groupName : foundUser.getGroups()) {
if (!user.getGroups().contains(groupName)) {
ps.setInt(1, userIDnum);
ps.setString(2, groupName);
ps.executeUpdate();
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Delete, approvalID, workflow, "group", groupName);
}
}
}
break;
case Many2Many:
many2manySyncGroups(user, addOnly, foundUser, userIDnum, con, b, wfrequest);
break;
case Custom:
for (String groupName : user.getGroups()) {
if (!foundUser.getGroups().contains(groupName)) {
this.customDBProvider.addGroup(con, userIDnum, groupName, wfrequest);
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "group", groupName);
}
}
if (!addOnly) {
for (String groupName : foundUser.getGroups()) {
if (!user.getGroups().contains(groupName)) {
this.customDBProvider.deleteGroup(con, userIDnum, groupName, wfrequest);
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Delete, approvalID, workflow, "group", groupName);
}
}
}
}
con.commit();
} catch (Throwable t) {
if (con != null) {
try {
con.rollback();
} catch (SQLException e1) {
// do nothing
}
}
throw new ProvisioningException("Could noy sync user", t);
} finally {
if (con != null) {
try {
con.close();
} catch (SQLException e) {
// do nothing
}
}
}
}
Also used :
User(com.tremolosecurity.provisioning.core.User)
SQLException(java.sql.SQLException)
HashMap(java.util.HashMap)
Connection(java.sql.Connection)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
PreparedStatement(java.sql.PreparedStatement)
LDAPException(com.novell.ldap.LDAPException)
PropertyVetoException(java.beans.PropertyVetoException)
SQLException(java.sql.SQLException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
HashSet(java.util.HashSet)
Example 14 with Workflow
use of com.tremolosecurity.provisioning.core.Workflow in project OpenUnison by TremoloSecurity.
the class LDAPProvider method doCreate.
private void doCreate(User user, Set<String> attributes, LDAPConnection con, Map<String, Object> request) throws ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
String dn = this.getDN(user, request);
LDAPAttributeSet attrs = new LDAPAttributeSet();
attrs.add(new LDAPAttribute("objectClass", this.objectClass));
Iterator<String> userAttrs = user.getAttribs().keySet().iterator();
while (userAttrs.hasNext()) {
String attrName = userAttrs.next();
if (!attributes.contains(attrName)) {
continue;
}
LDAPAttribute ldap = new LDAPAttribute(attrName);
Attribute attr = user.getAttribs().get(attrName);
Iterator<String> vals = attr.getValues().iterator();
while (vals.hasNext()) {
ldap.addValue(vals.next());
}
attrs.add(ldap);
}
try {
con.add(new LDAPEntry(dn, attrs));
} catch (LDAPException e) {
throw new ProvisioningException("Could not add user " + user.getUserID(), e);
}
cfgMgr.getProvisioningEngine().logAction(this.name, true, ActionType.Add, approvalID, workflow, "dn", dn);
for (String attrName : user.getAttribs().keySet()) {
if (!attributes.contains(attrName)) {
continue;
}
for (String val : user.getAttribs().get(attrName).getValues()) {
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, attrName, val);
}
}
try {
Iterator<String> groupNames = user.getGroups().iterator();
while (groupNames.hasNext()) {
String groupName = groupNames.next();
StringBuffer b = new StringBuffer();
b.append("(cn=").append(groupName).append(")");
LDAPSearchResults res = con.search(searchBase, 2, b.toString(), new String[] { "1.1" }, false);
if (!res.hasMore()) {
throw new ProvisioningException("Group " + groupName + " does not exist");
}
String groupDN = res.next().getDN();
while (res.hasMore()) res.next();
LDAPAttribute attr = new LDAPAttribute(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getGroupMemberAttribute(), dn);
LDAPModification mod = new LDAPModification(LDAPModification.ADD, attr);
con.modify(groupDN, mod);
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "group", groupName);
}
} catch (LDAPException e) {
throw new ProvisioningException("Could not provision groups for user " + user.getUserID(), e);
}
}
Also used :
LDAPAttribute(com.novell.ldap.LDAPAttribute)
LDAPAttribute(com.novell.ldap.LDAPAttribute)
Attribute(com.tremolosecurity.saml.Attribute)
LDAPAttributeSet(com.novell.ldap.LDAPAttributeSet)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
LDAPEntry(com.novell.ldap.LDAPEntry)
LDAPSearchResults(com.novell.ldap.LDAPSearchResults)
LDAPException(com.novell.ldap.LDAPException)
LDAPModification(com.novell.ldap.LDAPModification)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
Example 15 with Workflow
use of com.tremolosecurity.provisioning.core.Workflow in project OpenUnison by TremoloSecurity.
the class LDAPProvider method setUserPassword.
@Override
public void setUserPassword(User user, Map<String, Object> request) throws ProvisioningException {
StringBuffer filter = new StringBuffer();
filter.append("(").append(this.userIDAttribute).append("=").append(user.getUserID()).append(")");
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
try {
LdapConnection con;
try {
con = this.ldapPool.getConnection();
} catch (Exception e) {
throw new ProvisioningException("Could not get LDAP connection " + user.getUserID(), e);
}
try {
LDAPSearchResults res = con.getConnection().search(this.searchBase, 2, filter.toString(), new String[] { "1.1" }, false);
if (!res.hasMore()) {
throw new ProvisioningException("Could not find user");
}
String dn = res.next().getDN();
LDAPModification mod = new LDAPModification(LDAPModification.REPLACE, new LDAPAttribute("userPassword", user.getPassword()));
con.getConnection().modify(dn, mod);
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Replace, approvalID, workflow, "userPassword", "*********");
} finally {
con.returnCon();
}
} catch (Exception e) {
throw new ProvisioningException("Could not set user's password", e);
}
}
Also used :
LDAPAttribute(com.novell.ldap.LDAPAttribute)
LDAPSearchResults(com.novell.ldap.LDAPSearchResults)
LDAPModification(com.novell.ldap.LDAPModification)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
LDAPException(com.novell.ldap.LDAPException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
LDAPReferralException(com.novell.ldap.LDAPReferralException)
LdapConnection(com.tremolosecurity.provisioning.util.ldap.pool.LdapConnection)
Aggregations
Workflow (com.tremolosecurity.provisioning.core.Workflow)78
ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)68
HttpCon (com.tremolosecurity.provisioning.util.HttpCon)32
IOException (java.io.IOException)30
UnsupportedEncodingException (java.io.UnsupportedEncodingException)22
ClientProtocolException (org.apache.http.client.ClientProtocolException)21
Attribute (com.tremolosecurity.saml.Attribute)19
ArrayList (java.util.ArrayList)18
LDAPException (com.novell.ldap.LDAPException)17
HashMap (java.util.HashMap)17
User (com.tremolosecurity.provisioning.core.User)16
HashSet (java.util.HashSet)15
ParseException (org.json.simple.parser.ParseException)14
LDAPSearchResults (com.novell.ldap.LDAPSearchResults)12
JSONObject (org.json.simple.JSONObject)12
Gson (com.google.gson.Gson)11
LDAPEntry (com.novell.ldap.LDAPEntry)11
LDAPAttribute (com.novell.ldap.LDAPAttribute)10
GitLabApiException (org.gitlab4j.api.GitLabApiException)10
SQLException (java.sql.SQLException)9
