Search in sources :

Example 1 with IPACall

use of com.tremolosecurity.unison.freeipa.json.IPACall in project OpenUnison by TremoloSecurity.

the class UserPrincipal method deleteUser.

public void deleteUser(User user, Map<String, Object> request) throws ProvisioningException {
    UserPrincipal principal = new UserPrincipal(user.getUserID(), multiDomain, primaryDomain);
    int approvalID = 0;
    if (request.containsKey("APPROVAL_ID")) {
        approvalID = (Integer) request.get("APPROVAL_ID");
    }
    Workflow workflow = (Workflow) request.get("WORKFLOW");
    try {
        HttpCon con = this.createClient();
        try {
            if (principal.isPrimaryDomain()) {
                IPACall deleteUser = new IPACall();
                deleteUser.setId(0);
                deleteUser.setMethod("user_del");
                ArrayList<String> userArray = new ArrayList<String>();
                userArray.add(principal.getUid());
                deleteUser.getParams().add(userArray);
                HashMap<String, String> additionalParams = new HashMap<String, String>();
                deleteUser.getParams().add(additionalParams);
                IPAResponse resp = this.executeIPACall(deleteUser, con);
                this.cfgMgr.getProvisioningEngine().logAction(name, true, ActionType.Delete, approvalID, workflow, "uid", user.getUserID());
            } else {
                IPACall idOveride = new IPACall();
                idOveride.setId(0);
                idOveride.setMethod("idoverrideuser_del");
                List<String> params = new ArrayList<String>();
                params.add(this.trustViewName);
                params.add(principal.getUPN());
                idOveride.getParams().add(params);
                Map<String, Object> param2 = new HashMap<String, Object>();
                idOveride.getParams().add(param2);
                try {
                    IPAResponse resp = this.executeIPACall(idOveride, con);
                } catch (IPAException e) {
                    if (!e.getMessage().equalsIgnoreCase("no modifications to be performed")) {
                        throw e;
                    }
                }
            }
        } finally {
            if (con != null) {
                con.getBcm().shutdown();
            }
        }
    } catch (Exception e) {
        throw new ProvisioningException("Could not run search", e);
    }
}
Also used : IPAResponse(com.tremolosecurity.unison.freeipa.json.IPAResponse) HashMap(java.util.HashMap) IPACall(com.tremolosecurity.unison.freeipa.json.IPACall) ArrayList(java.util.ArrayList) Workflow(com.tremolosecurity.provisioning.core.Workflow) ClientProtocolException(org.apache.http.client.ClientProtocolException) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) IOException(java.io.IOException) IPAException(com.tremolosecurity.unison.freeipa.util.IPAException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) IPAException(com.tremolosecurity.unison.freeipa.util.IPAException) HttpCon(com.tremolosecurity.provisioning.util.HttpCon) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)

Example 2 with IPACall

use of com.tremolosecurity.unison.freeipa.json.IPACall in project OpenUnison by TremoloSecurity.

the class UserPrincipal method removeGroup.

private void removeGroup(UserPrincipal principal, String groupName, HttpCon con, int approvalID, Workflow workflow) throws Exception {
    if (principal.isPrimaryDomain()) {
        IPACall addGroup = new IPACall();
        addGroup.setId(0);
        addGroup.setMethod("group_remove_member");
        ArrayList<String> groupNames = new ArrayList<String>();
        groupNames.add(groupName);
        addGroup.getParams().add(groupNames);
        HashMap<String, Object> nvps = new HashMap<String, Object>();
        ArrayList<String> users = new ArrayList<String>();
        users.add(principal.getUid());
        nvps.put("user", users);
        addGroup.getParams().add(nvps);
        IPAResponse resp = this.executeIPACall(addGroup, con);
        this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Delete, approvalID, workflow, "group", groupName);
    } else {
        IPACall addGroup = new IPACall();
        addGroup.setId(0);
        addGroup.setMethod("group_remove_member");
        ArrayList<String> groupNames = new ArrayList<String>();
        groupNames.add(groupName);
        addGroup.getParams().add(groupNames);
        HashMap<String, Object> nvps = new HashMap<String, Object>();
        ArrayList<String> users = new ArrayList<String>();
        users.add(principal.getUPN());
        nvps.put("ipaexternalmember", users);
        addGroup.getParams().add(nvps);
        IPAResponse resp = this.executeIPACall(addGroup, con);
        this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Delete, approvalID, workflow, "group", groupName);
    }
}
Also used : IPAResponse(com.tremolosecurity.unison.freeipa.json.IPAResponse) HashMap(java.util.HashMap) IPACall(com.tremolosecurity.unison.freeipa.json.IPACall) ArrayList(java.util.ArrayList)

Example 3 with IPACall

use of com.tremolosecurity.unison.freeipa.json.IPACall in project OpenUnison by TremoloSecurity.

the class UserPrincipal method setAttribute.

private void setAttribute(UserPrincipal principal, Attribute attrNew, HttpCon con, int approvalID, Workflow workflow) throws Exception {
    if (principal.isPrimaryDomain()) {
        IPACall modify = new IPACall();
        modify.setId(0);
        modify.setMethod("user_mod");
        ArrayList<String> userArray = new ArrayList<String>();
        userArray.add(principal.getUid());
        modify.getParams().add(userArray);
        HashMap<String, Object> additionalParams = new HashMap<String, Object>();
        if (attrNew.getValues().size() > 1) {
            additionalParams.put(attrNew.getName(), attrNew.getValues());
        } else {
            additionalParams.put(attrNew.getName(), attrNew.getValues().get(0));
        }
        modify.getParams().add(additionalParams);
        try {
            IPAResponse resp = this.executeIPACall(modify, con);
        } catch (IPAException e) {
            if (!e.getMessage().equalsIgnoreCase("no modifications to be performed")) {
                throw e;
            }
        }
    } else {
        if (attrNew.getName().equalsIgnoreCase("uid") && attrNew.getValues().get(0).equals(principal.getUPN())) {
            return;
        }
        IPACall idOveride = new IPACall();
        idOveride.setId(0);
        idOveride.setMethod("idoverrideuser_mod");
        List<String> params = new ArrayList<String>();
        params.add(this.trustViewName);
        params.add(principal.getUPN());
        idOveride.getParams().add(params);
        Map<String, Object> param2 = new HashMap<String, Object>();
        param2.put("all", true);
        param2.put("rights", false);
        param2.put(attrNew.getName(), attrNew.getValues().get(0));
        idOveride.getParams().add(param2);
        try {
            IPAResponse resp = this.executeIPACall(idOveride, con);
        } catch (IPAException e) {
            if (!e.getMessage().equalsIgnoreCase("no modifications to be performed")) {
                throw e;
            }
        }
    }
}
Also used : IPAResponse(com.tremolosecurity.unison.freeipa.json.IPAResponse) IPAException(com.tremolosecurity.unison.freeipa.util.IPAException) HashMap(java.util.HashMap) IPACall(com.tremolosecurity.unison.freeipa.json.IPACall) ArrayList(java.util.ArrayList)

Example 4 with IPACall

use of com.tremolosecurity.unison.freeipa.json.IPACall in project OpenUnison by TremoloSecurity.

the class UserPrincipal method isGroupExists.

@Override
public boolean isGroupExists(String name, User user, Map<String, Object> request) throws ProvisioningException {
    IPACall groupSearch = new IPACall();
    groupSearch.setId(0);
    groupSearch.setMethod("group_show");
    ArrayList<String> groupArray = new ArrayList<String>();
    groupArray.add(name);
    groupSearch.getParams().add(groupArray);
    HashMap<String, String> additionalParams = new HashMap<String, String>();
    groupSearch.getParams().add(additionalParams);
    HttpCon con = null;
    try {
        con = this.createClient();
        IPAResponse resp = this.executeIPACall(groupSearch, con);
        return true;
    } catch (IPAException ipae) {
        if (ipae.getCode() == 4001) {
            return false;
        } else {
            throw new ProvisioningException("Could not find groups", ipae);
        }
    } catch (Exception e) {
        throw new ProvisioningException("Could not find groups", e);
    } finally {
        if (con != null) {
            con.getBcm().close();
        }
    }
}
Also used : IPAResponse(com.tremolosecurity.unison.freeipa.json.IPAResponse) IPAException(com.tremolosecurity.unison.freeipa.util.IPAException) HttpCon(com.tremolosecurity.provisioning.util.HttpCon) HashMap(java.util.HashMap) IPACall(com.tremolosecurity.unison.freeipa.json.IPACall) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) ArrayList(java.util.ArrayList) ClientProtocolException(org.apache.http.client.ClientProtocolException) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) IOException(java.io.IOException) IPAException(com.tremolosecurity.unison.freeipa.util.IPAException) UnsupportedEncodingException(java.io.UnsupportedEncodingException)

Example 5 with IPACall

use of com.tremolosecurity.unison.freeipa.json.IPACall in project OpenUnison by TremoloSecurity.

the class UserPrincipal method addGroup.

@Override
public void addGroup(String name, Map<String, String> additionalAttributes, User user, Map<String, Object> request) throws ProvisioningException {
    int approvalID = 0;
    if (request.containsKey("APPROVAL_ID")) {
        approvalID = (Integer) request.get("APPROVAL_ID");
    }
    Workflow workflow = (Workflow) request.get("WORKFLOW");
    IPACall groupSearch = new IPACall();
    groupSearch.setId(0);
    groupSearch.setMethod("group_add");
    ArrayList<String> groupArray = new ArrayList<String>();
    groupArray.add(name);
    groupSearch.getParams().add(groupArray);
    HashMap<String, String> additionalParams = new HashMap<String, String>();
    for (String key : additionalAttributes.keySet()) {
        additionalParams.put(key, additionalAttributes.get(key));
    }
    groupSearch.getParams().add(additionalParams);
    HttpCon con = null;
    try {
        con = this.createClient();
        IPAResponse resp = this.executeIPACall(groupSearch, con);
        this.cfgMgr.getProvisioningEngine().logAction(name, true, ActionType.Add, approvalID, workflow, "group-object", name);
    } catch (Exception e) {
        throw new ProvisioningException("Could not find groups", e);
    } finally {
        if (con != null) {
            con.getBcm().close();
        }
    }
}
Also used : IPAResponse(com.tremolosecurity.unison.freeipa.json.IPAResponse) HttpCon(com.tremolosecurity.provisioning.util.HttpCon) HashMap(java.util.HashMap) IPACall(com.tremolosecurity.unison.freeipa.json.IPACall) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) ArrayList(java.util.ArrayList) Workflow(com.tremolosecurity.provisioning.core.Workflow) ClientProtocolException(org.apache.http.client.ClientProtocolException) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) IOException(java.io.IOException) IPAException(com.tremolosecurity.unison.freeipa.util.IPAException) UnsupportedEncodingException(java.io.UnsupportedEncodingException)

Aggregations

IPACall (com.tremolosecurity.unison.freeipa.json.IPACall)12 IPAResponse (com.tremolosecurity.unison.freeipa.json.IPAResponse)12 ArrayList (java.util.ArrayList)12 HashMap (java.util.HashMap)12 IPAException (com.tremolosecurity.unison.freeipa.util.IPAException)9 ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)7 HttpCon (com.tremolosecurity.provisioning.util.HttpCon)6 IOException (java.io.IOException)6 UnsupportedEncodingException (java.io.UnsupportedEncodingException)6 ClientProtocolException (org.apache.http.client.ClientProtocolException)6 Workflow (com.tremolosecurity.provisioning.core.Workflow)5 List (java.util.List)3 Attribute (com.tremolosecurity.saml.Attribute)2 Map (java.util.Map)2 LDAPSearchResults (com.novell.ldap.LDAPSearchResults)1 ConfigManager (com.tremolosecurity.config.util.ConfigManager)1 User (com.tremolosecurity.provisioning.core.User)1 AzException (com.tremolosecurity.proxy.az.AzException)1 IPABatchResponse (com.tremolosecurity.unison.freeipa.json.IPABatchResponse)1 IPATopResult (com.tremolosecurity.unison.freeipa.json.IPATopResult)1