Search in sources :

Example 1 with KSRoleAssignment

use of com.tremolosecurity.unison.openstack.model.KSRoleAssignment in project OpenUnison by TremoloSecurity.

the class KeystoneProvisioningTarget method lookupUser.

public UserAndID lookupUser(String userID, Set<String> attributes, Map<String, Object> request, KSToken token, HttpCon con) throws Exception {
    KSUser fromKS = null;
    List<NameValuePair> qparams = new ArrayList<NameValuePair>();
    qparams.add(new BasicNameValuePair("domain_id", this.usersDomain));
    qparams.add(new BasicNameValuePair("name", userID));
    StringBuffer b = new StringBuffer();
    b.append(this.url).append("/users?").append(URLEncodedUtils.format(qparams, "UTF-8"));
    String fullURL = b.toString();
    String json = this.callWS(token.getAuthToken(), con, fullURL);
    Gson gson = new Gson();
    UserLookupResponse resp = gson.fromJson(json, UserLookupResponse.class);
    if (resp.getUsers().isEmpty()) {
        return null;
    } else {
        fromKS = resp.getUsers().get(0);
        User user = new User(fromKS.getName());
        if (attributes.contains("name")) {
            user.getAttribs().put("name", new Attribute("name", fromKS.getName()));
        }
        if (attributes.contains("id")) {
            user.getAttribs().put("id", new Attribute("id", fromKS.getId()));
        }
        if (attributes.contains("email") && fromKS.getEmail() != null) {
            user.getAttribs().put("email", new Attribute("email", fromKS.getEmail()));
        }
        if (attributes.contains("description") && fromKS.getDescription() != null) {
            user.getAttribs().put("description", new Attribute("description", fromKS.getEmail()));
        }
        if (attributes.contains("enabled")) {
            user.getAttribs().put("enabled", new Attribute("enabled", Boolean.toString(fromKS.getEnabled())));
        }
        if (!rolesOnly) {
            b.setLength(0);
            b.append(this.url).append("/users/").append(fromKS.getId()).append("/groups");
            json = this.callWS(token.getAuthToken(), con, b.toString());
            GroupLookupResponse gresp = gson.fromJson(json, GroupLookupResponse.class);
            for (KSGroup group : gresp.getGroups()) {
                user.getGroups().add(group.getName());
            }
        }
        if (attributes.contains("roles")) {
            b.setLength(0);
            b.append(this.url).append("/role_assignments?user.id=").append(fromKS.getId()).append("&include_names=true");
            json = this.callWS(token.getAuthToken(), con, b.toString());
            RoleAssignmentResponse rar = gson.fromJson(json, RoleAssignmentResponse.class);
            Attribute attr = new Attribute("roles");
            for (KSRoleAssignment role : rar.getRole_assignments()) {
                if (role.getScope().getProject() != null) {
                    attr.getValues().add(gson.toJson(new Role(role.getRole().getName(), "project", role.getScope().getProject().getDomain().getName(), role.getScope().getProject().getName())));
                } else {
                    attr.getValues().add(gson.toJson(new Role(role.getRole().getName(), "domain", role.getScope().getDomain().getName())));
                }
            }
            if (!attr.getValues().isEmpty()) {
                user.getAttribs().put("roles", attr);
            }
        }
        UserAndID userAndId = new UserAndID();
        userAndId.setUser(user);
        userAndId.setId(fromKS.getId());
        return userAndId;
    }
}
Also used : NameValuePair(org.apache.http.NameValuePair) BasicNameValuePair(org.apache.http.message.BasicNameValuePair) UserAndID(com.tremolosecurity.unison.openstack.model.UserAndID) User(com.tremolosecurity.provisioning.core.User) KSUser(com.tremolosecurity.unison.openstack.model.KSUser) KSGroup(com.tremolosecurity.unison.openstack.model.KSGroup) Attribute(com.tremolosecurity.saml.Attribute) GroupLookupResponse(com.tremolosecurity.unison.openstack.model.GroupLookupResponse) KSUser(com.tremolosecurity.unison.openstack.model.KSUser) ArrayList(java.util.ArrayList) KSRoleAssignment(com.tremolosecurity.unison.openstack.model.KSRoleAssignment) Gson(com.google.gson.Gson) RoleAssignmentResponse(com.tremolosecurity.unison.openstack.model.RoleAssignmentResponse) KSRole(com.tremolosecurity.unison.openstack.model.KSRole) Role(com.tremolosecurity.unison.openstack.model.Role) BasicNameValuePair(org.apache.http.message.BasicNameValuePair) UserLookupResponse(com.tremolosecurity.unison.openstack.model.UserLookupResponse)

Aggregations

Gson (com.google.gson.Gson)1 User (com.tremolosecurity.provisioning.core.User)1 Attribute (com.tremolosecurity.saml.Attribute)1 GroupLookupResponse (com.tremolosecurity.unison.openstack.model.GroupLookupResponse)1 KSGroup (com.tremolosecurity.unison.openstack.model.KSGroup)1 KSRole (com.tremolosecurity.unison.openstack.model.KSRole)1 KSRoleAssignment (com.tremolosecurity.unison.openstack.model.KSRoleAssignment)1 KSUser (com.tremolosecurity.unison.openstack.model.KSUser)1 Role (com.tremolosecurity.unison.openstack.model.Role)1 RoleAssignmentResponse (com.tremolosecurity.unison.openstack.model.RoleAssignmentResponse)1 UserAndID (com.tremolosecurity.unison.openstack.model.UserAndID)1 UserLookupResponse (com.tremolosecurity.unison.openstack.model.UserLookupResponse)1 ArrayList (java.util.ArrayList)1 NameValuePair (org.apache.http.NameValuePair)1 BasicNameValuePair (org.apache.http.message.BasicNameValuePair)1