Search in sources :

Example 1 with UserAttributes

use of com.tremolosecurity.provisioning.objects.UserAttributes in project OpenUnison by TremoloSecurity.

the class ServiceActions method listOpenApprovals.

public static ApprovalSummaries listOpenApprovals(String approver, String displayNameAttribute, ConfigManager cfgMgr) throws ProvisioningException {
    Session session = null;
    try {
        // PreparedStatement ps = con.prepareStatement("SELECT workflows.requestReason AS wfreason, workflows.name AS wfName,workflows.id AS workflow, workflows.startTS AS wfStart, approvals.id AS approval,approvals.label AS label,approvals.createTS AS approvalTS, users.userKey AS userid   FROM approvals INNER JOIN workflows ON approvals.workflow=workflows.id INNER JOIN allowedApprovers ON allowedApprovers.approval=approvals.id INNER JOIN approvers ON approvers.id=allowedApprovers.approver INNER JOIN users ON users.id=workflows.userid WHERE approvers.userKey=? AND approvals.approved IS NULL");
        session = GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().getHibernateSessionFactory().openSession();
        Query query = session.createQuery("SELECT aprv FROM Approvals aprv JOIN aprv.allowedApproverses allowed JOIN allowed.approvers apprv  WHERE aprv.approved IS  NULL AND apprv.userKey = :user_key");
        query.setParameter("user_key", approver);
        List<com.tremolosecurity.provisioning.objects.Approvals> approvals = query.list();
        ArrayList<ApprovalSummary> summaries = new ArrayList<ApprovalSummary>();
        for (Approvals appr : approvals) {
            ApprovalSummary sum = new ApprovalSummary();
            sum.setApproval(appr.getId());
            sum.setWorkflow(appr.getWorkflow().getId());
            sum.setLabel(appr.getLabel());
            sum.setUser(appr.getWorkflow().getUsers().getUserKey());
            String filter = equal(cfgMgr.getCfg().getProvisioning().getApprovalDB().getUserIdAttribute(), appr.getWorkflow().getUsers().getUserKey()).toString();
            ArrayList<String> attributes = new ArrayList<String>();
            attributes.add(displayNameAttribute);
            LDAPSearchResults res = cfgMgr.getMyVD().search(cfgMgr.getCfg().getLdapRoot(), 2, filter, attributes);
            if (res.hasMore()) {
                LDAPEntry entry = res.next();
                LDAPAttribute attr = entry.getAttribute(displayNameAttribute);
                if (attr != null) {
                    sum.setDisplayName(attr.getStringValue());
                } else {
                    sum.setDisplayName(approver);
                }
                while (res.hasMore()) res.next();
            } else {
                // TODO decrypt object
                if (displayNameAttribute.equalsIgnoreCase(cfgMgr.getCfg().getProvisioning().getApprovalDB().getUserIdAttribute())) {
                    sum.setDisplayName(appr.getWorkflow().getUsers().getUserKey());
                } else {
                    boolean found = false;
                    Set<UserAttributes> fromReportData = appr.getWorkflow().getUsers().getUserAttributeses();
                    for (UserAttributes attr : fromReportData) {
                        if (attr.getName().equalsIgnoreCase(displayNameAttribute)) {
                            sum.setDisplayName(attr.getValue());
                            found = true;
                            break;
                        }
                    }
                    if (!found) {
                        sum.setDisplayName(appr.getWorkflow().getUsers().getUserKey());
                    }
                }
            }
            sum.setWfStart(appr.getWorkflow().getStartTs().getTime());
            sum.setApprovalStart(appr.getCreateTs().getTime());
            sum.setReason(appr.getWorkflow().getRequestReason());
            String wfName = appr.getWorkflow().getName();
            sum.setWfName(wfName);
            sum.setWfLabel(appr.getWorkflow().getLabel());
            sum.setWfDescription(appr.getWorkflow().getDescription());
            summaries.add(sum);
        }
        Gson gson = new Gson();
        ApprovalSummaries sums = new ApprovalSummaries();
        sums.setApprovals(summaries);
        return sums;
    } catch (Throwable t) {
        throw new ProvisioningException("Could not load approvals", t);
    } finally {
        if (session != null) {
            session.close();
        }
    }
}
Also used : LDAPAttribute(com.novell.ldap.LDAPAttribute) Query(org.hibernate.Query) ArrayList(java.util.ArrayList) Approvals(com.tremolosecurity.provisioning.objects.Approvals) Gson(com.google.gson.Gson) UserAttributes(com.tremolosecurity.provisioning.objects.UserAttributes) LDAPEntry(com.novell.ldap.LDAPEntry) LDAPSearchResults(com.novell.ldap.LDAPSearchResults) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) Session(org.hibernate.Session)

Example 2 with UserAttributes

use of com.tremolosecurity.provisioning.objects.UserAttributes in project OpenUnison by TremoloSecurity.

the class LoadAuditDBAttributes method doTask.

@Override
public boolean doTask(User user, Map<String, Object> request) throws ProvisioningException {
    Session session = null;
    try {
        session = this.cfg.getProvisioningEngine().getHibernateSessionFactory().openSession();
        Query query = session.createQuery("FROM Users WHERE userKey = :user_key");
        query.setParameter("user_key", user.getAttribs().get(this.nameAttr).getValues().get(0));
        List<com.tremolosecurity.provisioning.objects.Users> users = query.list();
        Users userObj = users.get(0);
        for (UserAttributes attr : userObj.getUserAttributeses()) {
            if (this.attrs.contains(attr.getName())) {
                user.getAttribs().put(attr.getName(), new Attribute(attr.getName(), attr.getValue()));
            }
        }
    } catch (Exception e) {
        throw new ProvisioningException("Could not load attributes", e);
    } finally {
        if (session != null) {
            session.close();
        }
    }
    return true;
}
Also used : Query(org.hibernate.Query) Attribute(com.tremolosecurity.saml.Attribute) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) Users(com.tremolosecurity.provisioning.objects.Users) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) SQLException(java.sql.SQLException) Session(org.hibernate.Session) UserAttributes(com.tremolosecurity.provisioning.objects.UserAttributes)

Example 3 with UserAttributes

use of com.tremolosecurity.provisioning.objects.UserAttributes in project OpenUnison by TremoloSecurity.

the class WorkflowImpl method getRequester.

public static User getRequester(String requestorID, Session session, ConfigManager cfgMgr) throws LDAPException, SQLException {
    StringBuffer filter = new StringBuffer();
    LDAPSearchResults res = cfgMgr.getMyVD().search(cfgMgr.getCfg().getLdapRoot(), 2, equal(cfgMgr.getProvisioningEngine().getUserIDAttribute(), requestorID).toString(), new ArrayList<String>());
    LDAPEntry fromLDAP = null;
    if (res.hasMore()) {
        fromLDAP = res.next();
    }
    while (res.hasMore()) res.next();
    Query query = session.createQuery("FROM Users WHERE userKey = :user_key");
    query.setParameter("user_key", requestorID);
    List<Users> users = query.list();
    Users userObj = null;
    session.beginTransaction();
    int id = 0;
    User requestor = new User(requestorID);
    if (users.size() > 0) {
        userObj = users.get(0);
        id = userObj.getId();
        requestor.setJitAddToAuditDB(false);
    } else {
        userObj = new Users();
        userObj.setUserKey(requestor.getUserID());
        session.save(userObj);
        id = userObj.getId();
        if (fromLDAP != null) {
            for (String attr : cfgMgr.getProvisioningEngine().getUserAttrbiutes()) {
                UserAttributes nattr = new UserAttributes();
                nattr.setName(attr);
                LDAPAttribute userAttrFromLDAP = fromLDAP.getAttribute(attr);
                if (userAttrFromLDAP != null) {
                    nattr.setValue(userAttrFromLDAP.getStringValue());
                    nattr.setUsers(userObj);
                    userObj.getUserAttributeses().add(nattr);
                    session.save(nattr);
                }
            }
        }
    }
    for (UserAttributes attr : userObj.getUserAttributeses()) {
        Attribute nattr = requestor.getAttribs().get(attr.getName());
        if (nattr == null) {
            nattr = new Attribute(attr.getName());
            requestor.getAttribs().put(nattr.getName(), nattr);
        }
        nattr.getValues().add(attr.getValue());
    }
    if (!requestor.getAttribs().containsKey(cfgMgr.getProvisioningEngine().getUserIDAttribute())) {
        requestor.getAttribs().put(cfgMgr.getProvisioningEngine().getUserIDAttribute(), new Attribute(cfgMgr.getProvisioningEngine().getUserIDAttribute(), requestor.getUserID()));
    }
    requestor.setJitAddToAuditDB(true);
    session.getTransaction().commit();
    return requestor;
}
Also used : LDAPAttribute(com.novell.ldap.LDAPAttribute) TremoloUser(com.tremolosecurity.provisioning.service.util.TremoloUser) Query(org.hibernate.Query) LDAPAttribute(com.novell.ldap.LDAPAttribute) Attribute(com.tremolosecurity.saml.Attribute) Users(com.tremolosecurity.provisioning.objects.Users) UserAttributes(com.tremolosecurity.provisioning.objects.UserAttributes) LDAPEntry(com.novell.ldap.LDAPEntry) LDAPSearchResults(com.novell.ldap.LDAPSearchResults)

Example 4 with UserAttributes

use of com.tremolosecurity.provisioning.objects.UserAttributes in project OpenUnison by TremoloSecurity.

the class WorkflowImpl method getUserNum.

public static int getUserNum(User user, Session session, ConfigManager cfgMgr) throws LDAPException, SQLException {
    StringBuffer filter = new StringBuffer();
    LDAPEntry fromLDAP = null;
    if (user.getAttribs().get(cfgMgr.getProvisioningEngine().getUserIDAttribute()) != null) {
        LDAPSearchResults res = cfgMgr.getMyVD().search(cfgMgr.getCfg().getLdapRoot(), 2, and(equal(cfgMgr.getProvisioningEngine().getUserIDAttribute(), user.getAttribs().get(cfgMgr.getProvisioningEngine().getUserIDAttribute()).getValues().get(0)), equal("objectClass", cfgMgr.getCfg().getUserObjectClass())).toString(), new ArrayList<String>());
        if (res.hasMore()) {
            fromLDAP = res.next();
        }
        while (res.hasMore()) res.next();
    }
    Query query = session.createQuery("FROM Users WHERE userKey = :user_key");
    query.setParameter("user_key", user.getUserID());
    List<Users> users = query.list();
    Users userObj = null;
    session.beginTransaction();
    int id = 0;
    if (users.size() > 0) {
        userObj = users.get(0);
        id = userObj.getId();
        user.setJitAddToAuditDB(false);
    } else {
        userObj = new Users();
        userObj.setUserKey(user.getUserID());
        session.save(userObj);
        id = userObj.getId();
        if (fromLDAP != null) {
            for (String attr : cfgMgr.getProvisioningEngine().getUserAttrbiutes()) {
                UserAttributes nattr = new UserAttributes();
                nattr.setName(attr);
                LDAPAttribute userAttrFromLDAP = fromLDAP.getAttribute(attr);
                if (userAttrFromLDAP != null) {
                    nattr.setValue(userAttrFromLDAP.getStringValue());
                    nattr.setUsers(userObj);
                    session.save(nattr);
                } else {
                    logger.warn("No value for attribute '" + attr + "'");
                }
            }
        } else {
            for (String attr : cfgMgr.getProvisioningEngine().getUserAttrbiutes()) {
                UserAttributes nattr = new UserAttributes();
                nattr.setName(attr);
                Attribute fromObj = user.getAttribs().get(attr);
                if (fromObj != null) {
                    nattr.setValue(fromObj.getValues().get(0));
                } else {
                    nattr.setValue("");
                }
                nattr.setUsers(userObj);
                session.save(nattr);
            }
        }
        user.setJitAddToAuditDB(true);
    }
    StringBuffer sb = new StringBuffer();
    if (!user.isJitAddToAuditDB()) {
        boolean changed = false;
        boolean found = false;
        for (String attr : cfgMgr.getProvisioningEngine().getUserAttrbiutes()) {
            for (UserAttributes userAttr : userObj.getUserAttributeses()) {
                if (attr.equalsIgnoreCase(userAttr.getName())) {
                    found = true;
                    if (fromLDAP != null) {
                        LDAPAttribute userAttrFromLDAP = fromLDAP.getAttribute(attr);
                        if (userAttrFromLDAP != null) {
                            if (!userAttrFromLDAP.getStringValue().equals(userAttr.getValue())) {
                                changed = true;
                                userAttr.setValue(userAttrFromLDAP.getStringValue());
                                session.save(userAttr);
                            }
                        }
                    }
                }
            }
            if (!found) {
                UserAttributes nattr = new UserAttributes();
                nattr.setName(attr);
                if (fromLDAP != null) {
                    LDAPAttribute userAttrFromLDAP = fromLDAP.getAttribute(attr);
                    if (userAttrFromLDAP != null) {
                        nattr.setValue(userAttrFromLDAP.getStringValue());
                    }
                } else {
                    Attribute userAttr = user.getAttribs().get(attr);
                    if (userAttr != null) {
                        nattr.setValue(userAttr.getValues().get(0));
                    }
                }
                if (nattr.getValue() == null) {
                    nattr.setValue("");
                }
                nattr.setUsers(userObj);
                userObj.getUserAttributeses().add(nattr);
                session.save(nattr);
                changed = true;
            }
        }
        if (!changed) {
            user.setJitAddToAuditDB(false);
        } else {
            user.setJitAddToAuditDB(true);
        }
    }
    session.getTransaction().commit();
    return id;
}
Also used : LDAPAttribute(com.novell.ldap.LDAPAttribute) Query(org.hibernate.Query) LDAPAttribute(com.novell.ldap.LDAPAttribute) Attribute(com.tremolosecurity.saml.Attribute) Users(com.tremolosecurity.provisioning.objects.Users) UserAttributes(com.tremolosecurity.provisioning.objects.UserAttributes) LDAPEntry(com.novell.ldap.LDAPEntry) LDAPSearchResults(com.novell.ldap.LDAPSearchResults)

Aggregations

UserAttributes (com.tremolosecurity.provisioning.objects.UserAttributes)4 Query (org.hibernate.Query)4 LDAPAttribute (com.novell.ldap.LDAPAttribute)3 LDAPEntry (com.novell.ldap.LDAPEntry)3 LDAPSearchResults (com.novell.ldap.LDAPSearchResults)3 Users (com.tremolosecurity.provisioning.objects.Users)3 Attribute (com.tremolosecurity.saml.Attribute)3 ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)2 Session (org.hibernate.Session)2 Gson (com.google.gson.Gson)1 Approvals (com.tremolosecurity.provisioning.objects.Approvals)1 TremoloUser (com.tremolosecurity.provisioning.service.util.TremoloUser)1 SQLException (java.sql.SQLException)1 ArrayList (java.util.ArrayList)1