Search in sources :

Example 1 with ScaleConfig

use of com.tremolosecurity.scalejs.cfg.ScaleConfig in project OpenUnison by TremoloSecurity.

the class ScaleMain method initFilter.

@Override
public void initFilter(HttpFilterConfig config) throws Exception {
    this.scaleConfig = new ScaleConfig();
    scaleConfig.setDisplayNameAttribute(this.loadAttributeValue("displayNameAttribute", "Display Name Attribute Name", config));
    scaleConfig.getFrontPage().setTitle(this.loadAttributeValue("frontPage.title", "Front Page Title", config));
    scaleConfig.getFrontPage().setText(this.loadAttributeValue("frontPage.text", "Front Page Text", config));
    scaleConfig.setCanEditUser(this.loadAttributeValue("canEditUser", "User Fields Editable", config).equalsIgnoreCase("true"));
    scaleConfig.setWorkflowName(this.loadAttributeValue("workflowName", "Save User Workflow", config));
    scaleConfig.setUidAttributeName(this.loadAttributeValue("uidAttributeName", "User ID Attribute Name", config));
    scaleConfig.setShowPortalOrgs(this.loadAttributeValue("showPortalOrgs", "Show Portal Orgs", config).equalsIgnoreCase("true"));
    scaleConfig.setLogoutURL(this.loadAttributeValue("logoutURL", "Logout URL", config));
    scaleConfig.setWarnMinutesLeft(Integer.parseInt(this.loadAttributeValue("warnMinutesLeft", "Warn when number of minutes left in the user's session", config)));
    String val = this.loadOptionalAttributeValue("canDelegate", "canDelegate", config);
    if (val == null) {
        val = "NO";
    }
    scaleConfig.setCanDelegate(PreCheckAllowed.valueOf(val.toUpperCase()));
    val = this.loadOptionalAttributeValue("canPreApprove", "canPreApprove", config);
    if (val == null) {
        val = "NO";
    }
    scaleConfig.setCanPreApprove(PreCheckAllowed.valueOf(val.toUpperCase()));
    val = this.loadOptionalAttributeValue("enableApprovals", "enableApprovals", config);
    if (val == null) {
        scaleConfig.setEnableApprovals(true);
    } else {
        scaleConfig.setEnableApprovals(val.equalsIgnoreCase("true"));
    }
    val = this.loadOptionalAttributeValue("roleAttribute", "Role Attribute Name", config);
    this.appType = new ApplicationType();
    this.appType.setAzTimeoutMillis((long) 3000);
    if (val != null) {
        scaleConfig.setRoleAttribute(val);
    }
    Attribute attr = config.getAttribute("attributeNames");
    if (attr == null) {
        throw new Exception("Attribute names not found");
    }
    for (String attributeName : attr.getValues()) {
        ScaleAttribute scaleAttr = new ScaleAttribute();
        scaleAttr.setName(attributeName);
        scaleAttr.setDisplayName(this.loadAttributeValue(attributeName + ".displayName", attributeName + " Display Name", config));
        scaleAttr.setReadOnly(this.loadAttributeValue(attributeName + ".readOnly", attributeName + " Read Only", config).equalsIgnoreCase("true"));
        val = this.loadOptionalAttributeValue(attributeName + ".required", attributeName + " Required", config);
        scaleAttr.setRequired(val != null && val.equalsIgnoreCase("true"));
        val = this.loadOptionalAttributeValue(attributeName + ".regEx", attributeName + " Reg Ex", config);
        if (val != null) {
            scaleAttr.setRegEx(val);
        }
        val = this.loadOptionalAttributeValue(attributeName + ".regExFailedMsg", attributeName + " Reg Ex Failed Message", config);
        if (val != null) {
            scaleAttr.setRegExFailedMsg(val);
        }
        val = this.loadOptionalAttributeValue(attributeName + ".minChars", attributeName + " Minimum Characters", config);
        if (val != null) {
            scaleAttr.setMinChars(Integer.parseInt(val));
        }
        val = this.loadOptionalAttributeValue(attributeName + ".mxnChars", attributeName + " Maximum Characters", config);
        if (val != null) {
            scaleAttr.setMaxChars(Integer.parseInt(val));
        }
        val = this.loadOptionalAttributeValue(attributeName + ".type", attributeName + " Attribute Type", config);
        if (val != null) {
            scaleAttr.setType(val);
        }
        Attribute attrVals = config.getAttribute(attributeName + ".values");
        if (attrVals != null) {
            for (String attrVal : attrVals.getValues()) {
                String valLabel = attrVal.substring(0, attrVal.indexOf('='));
                String valValue = attrVal.substring(attrVal.indexOf('=') + 1);
                scaleAttr.getValues().add(new NVP(valLabel, valValue));
            }
        }
        scaleConfig.getAttributes().put(attributeName, scaleAttr);
        scaleConfig.getUserAttributeList().add(attributeName);
    }
    if (scaleConfig.isEnableApprovals()) {
        attr = config.getAttribute("approvalAttributeNames");
        if (attr == null) {
            throw new Exception("Approval attribute names not found");
        }
        for (String attributeName : attr.getValues()) {
            ScaleAttribute scaleAttr = new ScaleAttribute();
            scaleAttr.setName(attributeName);
            scaleAttr.setDisplayName(this.loadAttributeValue("approvals." + attributeName, "Approvals attribute " + attributeName + " Display Name", config));
            scaleConfig.getApprovalAttributes().put(attributeName, scaleAttr);
        }
        val = this.loadOptionalAttributeValue("uiHelperClassName", "UI Helper Class Name", config);
        if (val != null && !val.isEmpty()) {
            UiDecisions dec = (UiDecisions) Class.forName(val).newInstance();
            attr = config.getAttribute("uihelper.params");
            HashMap<String, Attribute> decCfg = new HashMap<String, Attribute>();
            if (attr != null) {
                for (String v : attr.getValues()) {
                    String name = v.substring(0, v.indexOf('='));
                    String value = v.substring(v.indexOf('=') + 1);
                    Attribute param = decCfg.get(name);
                    if (param == null) {
                        param = new Attribute(name);
                        decCfg.put(name, param);
                    }
                    param.getValues().add(value);
                }
            }
            dec.init(decCfg);
            scaleConfig.setUiDecisions(dec);
        }
        val = this.loadOptionalAttributeValue("reasonIsList", "reasonIsList", config);
        if (val == null) {
            val = "false";
        }
        scaleConfig.setReasonIsList(val.equalsIgnoreCase("true"));
        if (scaleConfig.isReasonIsList()) {
            Attribute reasons = config.getAttribute("reasons");
            if (reasons != null) {
                scaleConfig.getReasons().addAll(reasons.getValues());
            }
        }
    }
}
Also used : ScaleAttribute(com.tremolosecurity.scalejs.cfg.ScaleAttribute) ApplicationType(com.tremolosecurity.config.xml.ApplicationType) Attribute(com.tremolosecurity.saml.Attribute) LDAPAttribute(com.novell.ldap.LDAPAttribute) ScaleAttribute(com.tremolosecurity.scalejs.cfg.ScaleAttribute) HashMap(java.util.HashMap) NVP(com.tremolosecurity.util.NVP) XSSFRichTextString(org.apache.poi.xssf.usermodel.XSSFRichTextString) RichTextString(org.apache.poi.ss.usermodel.RichTextString) UiDecisions(com.tremolosecurity.scalejs.sdk.UiDecisions) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) LDAPException(com.novell.ldap.LDAPException) SQLException(java.sql.SQLException) IOException(java.io.IOException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) MalformedURLException(java.net.MalformedURLException) ScaleConfig(com.tremolosecurity.scalejs.cfg.ScaleConfig)

Example 2 with ScaleConfig

use of com.tremolosecurity.scalejs.cfg.ScaleConfig in project OpenUnison by TremoloSecurity.

the class ScaleMain method doFilter.

@Override
public void doFilter(HttpFilterRequest request, HttpFilterResponse response, HttpFilterChain chain) throws Exception {
    Gson gson = new Gson();
    request.getServletRequest().setAttribute("com.tremolosecurity.unison.proxy.noRedirectOnError", "com.tremolosecurity.unison.proxy.noRedirectOnError");
    try {
        if (request.getRequestURI().endsWith("/main/config")) {
            if (scaleConfig.getUiDecisions() != null) {
                AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
                Set<String> allowedAttrs = this.scaleConfig.getUiDecisions().availableAttributes(userData, request.getServletRequest());
                ScaleConfig local = new ScaleConfig(this.scaleConfig);
                if (allowedAttrs != null) {
                    for (String attrName : this.scaleConfig.getAttributes().keySet()) {
                        if (!allowedAttrs.contains(attrName)) {
                            local.getAttributes().remove(attrName);
                        }
                    }
                }
                local.setCanEditUser(this.scaleConfig.getUiDecisions().canEditUser(userData, request.getServletRequest()));
                ScaleJSUtils.addCacheHeaders(response);
                response.setContentType("application/json");
                response.getWriter().println(gson.toJson(local).trim());
            } else {
                ScaleJSUtils.addCacheHeaders(response);
                response.setContentType("application/json");
                response.getWriter().println(gson.toJson(scaleConfig).trim());
            }
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().endsWith("/main/user")) {
            lookupUser(request, response, gson);
        } else if (request.getMethod().equalsIgnoreCase("PUT") && request.getRequestURI().endsWith("/main/user")) {
            saveUser(request, response, gson);
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().endsWith("/main/orgs")) {
            AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
            AzSys az = new AzSys();
            OrgType ot = GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getProvisioning().getOrg();
            Organization org = new Organization();
            copyOrg(org, ot, az, userData);
            ScaleJSUtils.addCacheHeaders(response);
            response.setContentType("application/json");
            response.getWriter().println(gson.toJson(org).trim());
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().contains("/main/workflows/org/")) {
            loadWorkflows(request, response, gson);
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().contains("/main/workflows/candelegate")) {
            try {
                AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
                OrgType ot = GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getProvisioning().getOrg();
                AzSys az = new AzSys();
                HashSet<String> allowedOrgs = new HashSet<String>();
                this.checkOrg(allowedOrgs, ot, az, userData, request.getSession());
                String workflowName = request.getParameter("workflowName").getValues().get(0);
                // need to check org
                String orgid = null;
                for (WorkflowType wf : GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getProvisioning().getWorkflows().getWorkflow()) {
                    if (wf.getName().equals(workflowName)) {
                        orgid = wf.getOrgid();
                        break;
                    }
                }
                PreCheckResponse preCheckResp = new PreCheckResponse();
                if (request.getParameter("uuid") != null) {
                    preCheckResp.setUuid(request.getParameter("uuid").getValues().get(0));
                }
                checkPreCheck(request, userData, allowedOrgs, workflowName, orgid, preCheckResp);
                ScaleJSUtils.addCacheHeaders(response);
                response.getWriter().print(gson.toJson(preCheckResp).trim());
                response.getWriter().flush();
            } catch (Throwable t) {
                logger.error("Could not check for preapproval status", t);
                response.setStatus(500);
                response.setContentType("application/json");
                ScaleJSUtils.addCacheHeaders(response);
                ScaleError error = new ScaleError();
                error.getErrors().add("Unable to check");
                response.getWriter().print(gson.toJson(error).trim());
                response.getWriter().flush();
            }
        } else if (request.getMethod().equalsIgnoreCase("PUT") && request.getRequestURI().endsWith("/main/workflows")) {
            executeWorkflows(request, response, gson);
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().endsWith("/main/approvals")) {
            AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
            String uid = userData.getAttribs().get(this.scaleConfig.getUidAttributeName()).getValues().get(0);
            response.setContentType("application/json");
            ScaleJSUtils.addCacheHeaders(response);
            response.getWriter().println(gson.toJson(ServiceActions.listOpenApprovals(uid, this.scaleConfig.getDisplayNameAttribute(), GlobalEntries.getGlobalEntries().getConfigManager())).trim());
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().contains("/main/approvals/")) {
            loadApproval(request, response, gson);
        } else if (request.getMethod().equalsIgnoreCase("PUT") && request.getRequestURI().contains("/main/approvals/")) {
            int approvalID = Integer.parseInt(request.getRequestURI().substring(request.getRequestURI().lastIndexOf('/') + 1));
            AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
            String uid = userData.getAttribs().get(this.scaleConfig.getUidAttributeName()).getValues().get(0);
            boolean ok = false;
            ApprovalSummaries summaries = ServiceActions.listOpenApprovals(uid, this.scaleConfig.getDisplayNameAttribute(), GlobalEntries.getGlobalEntries().getConfigManager());
            for (ApprovalSummary as : summaries.getApprovals()) {
                if (as.getApproval() == approvalID) {
                    ok = true;
                }
            }
            if (!ok) {
                response.setStatus(401);
                response.setContentType("application/json");
                ScaleJSUtils.addCacheHeaders(response);
                ScaleError error = new ScaleError();
                error.getErrors().add("Unauthorized");
                response.getWriter().print(gson.toJson(error).trim());
                response.getWriter().flush();
            } else {
                ScaleApprovalData approvalData = gson.fromJson(new String((byte[]) request.getAttribute(ProxySys.MSG_BODY)), ScaleApprovalData.class);
                try {
                    String approval = approvalData.getReason().trim();
                    if (approval.length() > 255) {
                        logger.warn("approval justification greater then 255 characters");
                        approval = approval.substring(0, 255);
                    }
                    GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().doApproval(approvalID, uid, approvalData.isApproved(), approval);
                } catch (Exception e) {
                    logger.error("Could not execute approval", e);
                    response.setStatus(500);
                    ScaleError error = new ScaleError();
                    error.getErrors().add("There was a problem completeding your request, please contact your system administrator");
                    ScaleJSUtils.addCacheHeaders(response);
                    response.getWriter().print(gson.toJson(error).trim());
                    response.getWriter().flush();
                }
            }
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().contains("/main/reports/org/")) {
            loadReports(request, response, gson);
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().contains("/main/reports/excel/")) {
            exportToExcel(request, response, gson);
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().contains("/main/reports/")) {
            runReport(request, response, gson);
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().endsWith("/main/urls")) {
            AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
            AzSys az = new AzSys();
            PortalUrlsType pt = GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getProvisioning().getPortal();
            PortalURLs urls = new PortalURLs();
            if (pt != null && pt.getUrls() != null) {
                for (PortalUrlType url : pt.getUrls()) {
                    if (url.getAzRules() != null && url.getAzRules().getRule().size() > 0) {
                        ArrayList<AzRule> rules = new ArrayList<AzRule>();
                        for (AzRuleType art : url.getAzRules().getRule()) {
                            rules.add(new AzRule(art.getScope(), art.getConstraint(), art.getClassName(), GlobalEntries.getGlobalEntries().getConfigManager(), null));
                        }
                        if (!az.checkRules(userData, GlobalEntries.getGlobalEntries().getConfigManager(), rules, request.getSession(), this.appType, new HashMap<String, Object>())) {
                            continue;
                        }
                    }
                    PortalURL purl = new PortalURL();
                    purl.setName(url.getName());
                    purl.setLabel(url.getLabel());
                    purl.setOrg(url.getOrg());
                    purl.setUrl(url.getUrl());
                    purl.setIcon(url.getIcon());
                    urls.getUrls().add(purl);
                }
            }
            ScaleJSUtils.addCacheHeaders(response);
            response.getWriter().print(gson.toJson(urls.getUrls()).trim());
            response.getWriter().flush();
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().contains("/main/urls/org")) {
            String id = URLDecoder.decode(request.getRequestURI().substring(request.getRequestURI().lastIndexOf('/') + 1), "UTF-8");
            AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
            AzSys az = new AzSys();
            PortalUrlsType pt = GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getProvisioning().getPortal();
            PortalURLs urls = new PortalURLs();
            for (PortalUrlType url : pt.getUrls()) {
                if (url.getOrg().equalsIgnoreCase(id)) {
                    if (url.getAzRules() != null && url.getAzRules().getRule().size() > 0) {
                        ArrayList<AzRule> rules = new ArrayList<AzRule>();
                        for (AzRuleType art : url.getAzRules().getRule()) {
                            rules.add(new AzRule(art.getScope(), art.getConstraint(), art.getClassName(), GlobalEntries.getGlobalEntries().getConfigManager(), null));
                        }
                        if (!az.checkRules(userData, GlobalEntries.getGlobalEntries().getConfigManager(), rules, request.getSession(), this.appType, new HashMap<String, Object>())) {
                            continue;
                        }
                    }
                    PortalURL purl = new PortalURL();
                    purl.setName(url.getName());
                    purl.setLabel(url.getLabel());
                    purl.setOrg(url.getOrg());
                    purl.setUrl(url.getUrl());
                    purl.setIcon(url.getIcon());
                    urls.getUrls().add(purl);
                }
            }
            ScaleJSUtils.addCacheHeaders(response);
            response.getWriter().print(gson.toJson(urls.getUrls()).trim());
            response.getWriter().flush();
        } else {
            response.setStatus(500);
            ScaleError error = new ScaleError();
            error.getErrors().add("Operation not supported");
            ScaleJSUtils.addCacheHeaders(response);
            response.getWriter().print(gson.toJson(error).trim());
            response.getWriter().flush();
        }
    } catch (Throwable t) {
        logger.error("Could not execute request", t);
        response.setStatus(500);
        ScaleError error = new ScaleError();
        error.getErrors().add("Operation not supported");
        ScaleJSUtils.addCacheHeaders(response);
        response.getWriter().print(gson.toJson(error).trim());
        response.getWriter().flush();
    }
}
Also used : Organization(com.tremolosecurity.provisioning.service.util.Organization) PortalUrlType(com.tremolosecurity.config.xml.PortalUrlType) PortalURL(com.tremolosecurity.provisioning.service.util.PortalURL) HashMap(java.util.HashMap) PortalURLs(com.tremolosecurity.provisioning.service.util.PortalURLs) ArrayList(java.util.ArrayList) Gson(com.google.gson.Gson) PortalUrlsType(com.tremolosecurity.config.xml.PortalUrlsType) XSSFRichTextString(org.apache.poi.xssf.usermodel.XSSFRichTextString) RichTextString(org.apache.poi.ss.usermodel.RichTextString) AzRuleType(com.tremolosecurity.config.xml.AzRuleType) ApprovalSummaries(com.tremolosecurity.provisioning.service.util.ApprovalSummaries) HashSet(java.util.HashSet) ApprovalSummary(com.tremolosecurity.provisioning.service.util.ApprovalSummary) AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo) PreCheckResponse(com.tremolosecurity.scalejs.data.PreCheckResponse) ScaleApprovalData(com.tremolosecurity.scalejs.data.ScaleApprovalData) ScaleError(com.tremolosecurity.scalejs.data.ScaleError) AuthController(com.tremolosecurity.proxy.auth.AuthController) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) LDAPException(com.novell.ldap.LDAPException) SQLException(java.sql.SQLException) IOException(java.io.IOException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) MalformedURLException(java.net.MalformedURLException) OrgType(com.tremolosecurity.config.xml.OrgType) WorkflowType(com.tremolosecurity.config.xml.WorkflowType) AzSys(com.tremolosecurity.proxy.auth.AzSys) JsonObject(com.google.gson.JsonObject) AzRule(com.tremolosecurity.proxy.az.AzRule) ScaleConfig(com.tremolosecurity.scalejs.cfg.ScaleConfig)

Example 3 with ScaleConfig

use of com.tremolosecurity.scalejs.cfg.ScaleConfig in project OpenUnison by TremoloSecurity.

the class ScaleJSOperator method lookupUser.

private void lookupUser(HttpFilterRequest request, HttpFilterResponse response, Gson gson) throws Exception, LDAPException, IOException {
    if (this.scaleMainConfig == null) {
        UrlHolder holder = GlobalEntries.getGlobalEntries().getConfigManager().findURL(this.scaleMainURL);
        for (HttpFilter filter : holder.getFilterChain()) {
            if (filter instanceof ScaleMain) {
                ScaleMain scaleMain = (ScaleMain) filter;
                this.scaleMainConfig = scaleMain.scaleConfig;
            }
        }
    }
    String dn = request.getParameter("dn").getValues().get(0);
    FilterBuilder baseFilter = (FilterBuilder) request.getAttribute("ops.search.filter");
    String filter = "(objectClass=*)";
    if (baseFilter != null) {
        filter = baseFilter.toString();
    }
    LDAPSearchResults res = GlobalEntries.getGlobalEntries().getConfigManager().getMyVD().search(dn, 0, filter, new ArrayList<String>());
    if (!res.hasMore()) {
        throw new Exception("Could not locate user '" + dn + "'");
    }
    LDAPEntry entry = res.next();
    AuthInfo userData = new AuthInfo();
    userData.setUserDN(entry.getDN());
    LDAPAttributeSet attrs = entry.getAttributeSet();
    for (Object obj : attrs) {
        LDAPAttribute attr = (LDAPAttribute) obj;
        Attribute attrib = new Attribute(attr.getName());
        String[] vals = attr.getStringValueArray();
        for (String val : vals) {
            attrib.getValues().add(val);
        }
        userData.getAttribs().put(attrib.getName(), attrib);
    }
    Set<String> allowedAttrs = null;
    if (scaleMainConfig.getUiDecisions() != null) {
        allowedAttrs = this.scaleMainConfig.getUiDecisions().availableAttributes(userData, request.getServletRequest());
    }
    OpsUserData userToSend = new OpsUserData();
    userToSend.setDn(userData.getUserDN());
    for (String attrName : this.scaleMainConfig.getUserAttributeList()) {
        if (allowedAttrs == null || allowedAttrs.contains(attrName)) {
            Attribute attr = new Attribute(attrName);
            Attribute fromUser = userData.getAttribs().get(attrName);
            if (fromUser != null) {
                attr.getValues().addAll(fromUser.getValues());
                if (attrName.equalsIgnoreCase(this.scaleMainConfig.getUidAttributeName())) {
                    userToSend.setUid(fromUser.getValues().get(0));
                }
            }
            userToSend.getAttributes().add(attr);
        }
    }
    if (this.scaleMainConfig.getRoleAttribute() != null && !this.scaleMainConfig.getRoleAttribute().isEmpty()) {
        Attribute fromUser = userData.getAttribs().get(this.scaleMainConfig.getRoleAttribute());
        Attribute attr = new Attribute(this.scaleMainConfig.getRoleAttribute());
        if (fromUser != null) {
            attr.getValues().addAll(fromUser.getValues());
            userToSend.getGroups().clear();
            userToSend.getGroups().addAll(fromUser.getValues());
        }
        userToSend.getAttributes().add(attr);
    }
    ArrayList<String> attrNames = new ArrayList<String>();
    attrNames.add("cn");
    attrNames.add(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getGroupMemberAttribute());
    res = GlobalEntries.getGlobalEntries().getConfigManager().getMyVD().search(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getLdapRoot(), 2, equal(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getGroupMemberAttribute(), dn).toString(), attrNames);
    net.sourceforge.myvd.types.Filter ldapFiltertoCheck = new net.sourceforge.myvd.types.Filter(equal(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getGroupMemberAttribute(), dn).toString());
    while (res.hasMore()) {
        entry = res.next();
        if (ldapFiltertoCheck.getRoot().checkEntry(entry)) {
            LDAPAttribute la = entry.getAttribute("cn");
            if (la != null) {
                String val = la.getStringValue();
                if (!userToSend.getGroups().contains(val)) {
                    userToSend.getGroups().add(val);
                }
            }
        }
    }
    if (scaleMainConfig.getUiDecisions() != null) {
        Set<String> smAllowedAttrs = this.scaleMainConfig.getUiDecisions().availableAttributes(userData, request.getServletRequest());
        ScaleConfig local = new ScaleConfig(this.scaleMainConfig);
        if (smAllowedAttrs != null) {
            for (String attrName : this.scaleMainConfig.getAttributes().keySet()) {
                if (!smAllowedAttrs.contains(attrName)) {
                    local.getAttributes().remove(attrName);
                }
            }
        }
        userToSend.setMetaData(local.getAttributes());
        userToSend.setCanEditUser(this.scaleMainConfig.getUiDecisions().canEditUser(userData, request.getServletRequest()));
    } else {
        userToSend.setMetaData(scaleMainConfig.getAttributes());
        userToSend.setCanEditUser(scaleMainConfig.isCanEditUser());
    }
    ScaleJSUtils.addCacheHeaders(response);
    response.setContentType("application/json");
    response.getWriter().println(gson.toJson(userToSend).trim());
}
Also used : LDAPAttribute(com.novell.ldap.LDAPAttribute) Attribute(com.tremolosecurity.saml.Attribute) ArrayList(java.util.ArrayList) UrlHolder(com.tremolosecurity.config.util.UrlHolder) LDAPEntry(com.novell.ldap.LDAPEntry) FilterBuilder(org.apache.directory.ldap.client.api.search.FilterBuilder) HttpFilter(com.tremolosecurity.proxy.filter.HttpFilter) LDAPAttribute(com.novell.ldap.LDAPAttribute) AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo) Filter(net.sourceforge.myvd.types.Filter) OpsUserData(com.tremolosecurity.scalejs.operators.data.OpsUserData) LDAPAttributeSet(com.novell.ldap.LDAPAttributeSet) LDAPException(com.novell.ldap.LDAPException) IOException(java.io.IOException) LDAPSearchResults(com.novell.ldap.LDAPSearchResults) Filter(net.sourceforge.myvd.types.Filter) HttpFilter(com.tremolosecurity.proxy.filter.HttpFilter) ScaleMain(com.tremolosecurity.scalejs.ws.ScaleMain) ScaleConfig(com.tremolosecurity.scalejs.cfg.ScaleConfig)

Aggregations

LDAPException (com.novell.ldap.LDAPException)3 ScaleConfig (com.tremolosecurity.scalejs.cfg.ScaleConfig)3 IOException (java.io.IOException)3 LDAPAttribute (com.novell.ldap.LDAPAttribute)2 ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)2 AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)2 Attribute (com.tremolosecurity.saml.Attribute)2 UnsupportedEncodingException (java.io.UnsupportedEncodingException)2 MalformedURLException (java.net.MalformedURLException)2 SQLException (java.sql.SQLException)2 ArrayList (java.util.ArrayList)2 HashMap (java.util.HashMap)2 RichTextString (org.apache.poi.ss.usermodel.RichTextString)2 XSSFRichTextString (org.apache.poi.xssf.usermodel.XSSFRichTextString)2 Gson (com.google.gson.Gson)1 JsonObject (com.google.gson.JsonObject)1 LDAPAttributeSet (com.novell.ldap.LDAPAttributeSet)1 LDAPEntry (com.novell.ldap.LDAPEntry)1 LDAPSearchResults (com.novell.ldap.LDAPSearchResults)1 UrlHolder (com.tremolosecurity.config.util.UrlHolder)1