Example 11 with UserExtSourceExistsException
use of cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException in project perun by CESNET.
the class SitolaPasswordManagerModule method validatePassword.
@Override
public void validatePassword(PerunSession sess, String userLogin, User user) throws InvalidLoginException {
if (user == null) {
user = ((PerunBl) sess.getPerun()).getModulesUtilsBl().getUserByLoginInNamespace(sess, userLogin, actualLoginNamespace);
}
if (user == null) {
log.warn("No user was found by login '{}' in {} namespace.", userLogin, actualLoginNamespace);
} else {
// set extSources and extSource related attributes
try {
List<String> kerberosLogins = new ArrayList<>();
ExtSource extSource = ((PerunBl) sess.getPerun()).getExtSourcesManagerBl().getExtSourceByName(sess, "SITOLA.FI.MUNI.CZ");
UserExtSource ues = new UserExtSource(extSource, userLogin + "@SITOLA.FI.MUNI.CZ");
ues.setLoa(0);
try {
((PerunBl) sess.getPerun()).getUsersManagerBl().addUserExtSource(sess, user, ues);
} catch (UserExtSourceExistsException ex) {
// this is OK
}
// Store also Kerberos logins
Attribute kerberosLoginsAttr = ((PerunBl) sess.getPerun()).getAttributesManagerBl().getAttribute(sess, user, AttributesManager.NS_USER_ATTR_DEF + ":" + "kerberosLogins");
if (kerberosLoginsAttr != null && kerberosLoginsAttr.getValue() != null) {
kerberosLogins.addAll((List<String>) kerberosLoginsAttr.getValue());
}
if (!kerberosLogins.contains(userLogin + "@SITOLA.FI.MUNI.CZ") && kerberosLoginsAttr != null) {
kerberosLogins.add(userLogin + "@SITOLA.FI.MUNI.CZ");
kerberosLoginsAttr.setValue(kerberosLogins);
((PerunBl) sess.getPerun()).getAttributesManagerBl().setAttribute(sess, user, kerberosLoginsAttr);
}
} catch (WrongAttributeAssignmentException | AttributeNotExistsException | ExtSourceNotExistsException | WrongAttributeValueException | WrongReferenceAttributeValueException ex) {
throw new InternalErrorException(ex);
}
}
// validate password
super.validatePassword(sess, userLogin, user);
}
Also used :
Attribute(cz.metacentrum.perun.core.api.Attribute)
WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)
AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)
ArrayList(java.util.ArrayList)
PerunBl(cz.metacentrum.perun.core.bl.PerunBl)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
UserExtSourceExistsException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException)
UserExtSource(cz.metacentrum.perun.core.api.UserExtSource)
WrongReferenceAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)
UserExtSource(cz.metacentrum.perun.core.api.UserExtSource)
ExtSource(cz.metacentrum.perun.core.api.ExtSource)
ExtSourceNotExistsException(cz.metacentrum.perun.core.api.exceptions.ExtSourceNotExistsException)
WrongAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)
Example 12 with UserExtSourceExistsException
use of cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException in project perun by CESNET.
the class VsupPasswordManagerModule method validatePassword.
@Override
public void validatePassword(PerunSession sess, String userLogin, User user) throws InvalidLoginException {
if (user == null) {
user = ((PerunBl) sess.getPerun()).getModulesUtilsBl().getUserByLoginInNamespace(sess, userLogin, actualLoginNamespace);
}
if (user == null) {
log.warn("No user was found by login '{}' in {} namespace.", userLogin, actualLoginNamespace);
} else {
// set extSources and extSource related attributes
try {
// Add UES in their ActiveDirectory to access Perun by it
ExtSource extSource = ((PerunBl) sess.getPerun()).getExtSourcesManagerBl().getExtSourceByName(sess, "AD");
UserExtSource ues = new UserExtSource(extSource, userLogin);
ues.setLoa(0);
try {
((PerunBl) sess.getPerun()).getUsersManagerBl().addUserExtSource(sess, user, ues);
} catch (UserExtSourceExistsException ex) {
// this is OK
}
} catch (ExtSourceNotExistsException ex) {
throw new InternalErrorException(ex);
}
}
// validate password
super.validatePassword(sess, userLogin, user);
}
Also used :
UserExtSourceExistsException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException)
UserExtSource(cz.metacentrum.perun.core.api.UserExtSource)
PerunBl(cz.metacentrum.perun.core.bl.PerunBl)
ExtSource(cz.metacentrum.perun.core.api.ExtSource)
UserExtSource(cz.metacentrum.perun.core.api.UserExtSource)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
ExtSourceNotExistsException(cz.metacentrum.perun.core.api.exceptions.ExtSourceNotExistsException)
Example 13 with UserExtSourceExistsException
use of cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException in project perun by CESNET.
the class UserPersistentShadowAttribute method changedAttributeHook.
/**
* ChangedAttributeHook() sets UserExtSource with following properties:
* - extSourceType is IdP
* - extSourceName is {getExtSourceName()}
* - user's extSource login is the same as his persistent attribute
*/
@Override
public void changedAttributeHook(PerunSessionImpl session, User user, Attribute attribute) {
try {
String userNamespace = attribute.getFriendlyNameParameter();
if (userNamespace.equals(getFriendlyNameParameter()) && attribute.getValue() != null) {
ExtSource extSource = session.getPerunBl().getExtSourcesManagerBl().getExtSourceByName(session, getExtSourceName());
UserExtSource userExtSource = new UserExtSource(extSource, 0, attribute.getValue().toString());
session.getPerunBl().getUsersManagerBl().addUserExtSource(session, user, userExtSource);
}
} catch (UserExtSourceExistsException ex) {
log.warn("Attribute: {}, External source already exists for the user.", getFriendlyNameParameter(), ex);
} catch (ExtSourceNotExistsException ex) {
throw new InternalErrorException("Attribute: " + getFriendlyNameParameter() + ", IdP external source doesn't exist.", ex);
}
}
Also used :
UserExtSourceExistsException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException)
UserExtSource(cz.metacentrum.perun.core.api.UserExtSource)
UserExtSource(cz.metacentrum.perun.core.api.UserExtSource)
ExtSource(cz.metacentrum.perun.core.api.ExtSource)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
ExtSourceNotExistsException(cz.metacentrum.perun.core.api.exceptions.ExtSourceNotExistsException)
Example 14 with UserExtSourceExistsException
use of cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException in project perun by CESNET.
the class UsersManagerBlImpl method addUserExtSource.
@Override
public UserExtSource addUserExtSource(PerunSession sess, User user, UserExtSource userExtSource) throws UserExtSourceExistsException {
// Check if the userExtSource already exists
if (usersManagerImpl.userExtSourceExists(sess, userExtSource)) {
throw new UserExtSourceExistsException("UserExtSource " + userExtSource + " already exists.");
}
// Check if userExtsource is type of IDP (special testing behavior)
if (userExtSource.getExtSource().getType().equals(ExtSourcesManager.EXTSOURCE_IDP)) {
// If extSource of this userExtSource is type of IDP, test uniqueness of login in this extSource type for all users
String login = userExtSource.getLogin();
List<UserExtSource> userExtSources = getAllUserExtSourcesByTypeAndLogin(sess, ExtSourcesManager.EXTSOURCE_IDP, login);
if (!userExtSources.stream().allMatch(ues -> ues.getUserId() == user.getId())) {
if (userExtSources.stream().allMatch(ues -> ues.getUserId() == userExtSources.get(0).getUserId())) {
// Duplicate identity belongs to different user - block it!!
throw new InternalErrorException("ExtLogin: " + login + " is already used for extSourceType: " + ExtSourcesManager.EXTSOURCE_IDP);
} else {
// more users cannot have the same login
throw new ConsistencyErrorException("There are " + userExtSources.size() + " extLogins: " + login + " for extSourceType: " + ExtSourcesManager.EXTSOURCE_IDP);
}
}
}
userExtSource = getUsersManagerImpl().addUserExtSource(sess, user, userExtSource);
getPerunBl().getAuditer().log(sess, new UserExtSourceAddedToUser(userExtSource, user));
return userExtSource;
}
Also used :
UserExtSourceExistsException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException)
UserVirtualAttributesModuleImplApi(cz.metacentrum.perun.core.implApi.modules.attributes.UserVirtualAttributesModuleImplApi)
Pair(cz.metacentrum.perun.core.api.Pair)
RichUserExtSource(cz.metacentrum.perun.core.api.RichUserExtSource)
Vo(cz.metacentrum.perun.core.api.Vo)
SpecificUserType(cz.metacentrum.perun.core.api.SpecificUserType)
PasswordOperationTimeoutRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordOperationTimeoutRuntimeException)
ExtSource(cz.metacentrum.perun.core.api.ExtSource)
RelationExistsException(cz.metacentrum.perun.core.api.exceptions.RelationExistsException)
Map(java.util.Map)
UsersManagerBl(cz.metacentrum.perun.core.bl.UsersManagerBl)
PerunPrincipal(cz.metacentrum.perun.core.api.PerunPrincipal)
Attribute(cz.metacentrum.perun.core.api.Attribute)
Facility(cz.metacentrum.perun.core.api.Facility)
MemberAlreadyRemovedException(cz.metacentrum.perun.core.api.exceptions.MemberAlreadyRemovedException)
PasswordCreationFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordCreationFailedException)
OwnershipRemovedForSpecificUser(cz.metacentrum.perun.audit.events.UserManagerEvents.OwnershipRemovedForSpecificUser)
BeansUtils(cz.metacentrum.perun.core.api.BeansUtils)
UserExtSource(cz.metacentrum.perun.core.api.UserExtSource)
UserExtSourceAlreadyRemovedException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceAlreadyRemovedException)
AttributeDefinition(cz.metacentrum.perun.core.api.AttributeDefinition)
Set(java.util.Set)
PerunSessionImpl(cz.metacentrum.perun.core.impl.PerunSessionImpl)
ExtSourceNotExistsException(cz.metacentrum.perun.core.api.exceptions.ExtSourceNotExistsException)
AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)
User(cz.metacentrum.perun.core.api.User)
OwnershipEnabledForSpecificUser(cz.metacentrum.perun.audit.events.UserManagerEvents.OwnershipEnabledForSpecificUser)
UserAddedToOwnersOfSpecificUser(cz.metacentrum.perun.audit.events.UserManagerEvents.UserAddedToOwnersOfSpecificUser)
PasswordDoesntMatchRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDoesntMatchRuntimeException)
UsersPageQuery(cz.metacentrum.perun.core.api.UsersPageQuery)
WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)
LoginNotExistsRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.LoginNotExistsRuntimeException)
PasswordStrengthFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordStrengthFailedException)
UserExtSourceUpdated(cz.metacentrum.perun.audit.events.UserManagerEvents.UserExtSourceUpdated)
PasswordCreationFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordCreationFailedRuntimeException)
SpecificUserAlreadyRemovedException(cz.metacentrum.perun.core.api.exceptions.SpecificUserAlreadyRemovedException)
AlreadyReservedLoginException(cz.metacentrum.perun.core.api.exceptions.AlreadyReservedLoginException)
UserUpdated(cz.metacentrum.perun.audit.events.UserManagerEvents.UserUpdated)
SpecificUserOwnerAlreadyRemovedException(cz.metacentrum.perun.core.api.exceptions.SpecificUserOwnerAlreadyRemovedException)
ArrayList(java.util.ArrayList)
LinkedHashMap(java.util.LinkedHashMap)
IllegalArgumentException(cz.metacentrum.perun.core.api.exceptions.IllegalArgumentException)
UserExtSourceExistsException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException)
UserExtSourceRemovedFromUser(cz.metacentrum.perun.audit.events.UserManagerEvents.UserExtSourceRemovedFromUser)
AlreadyAdminException(cz.metacentrum.perun.core.api.exceptions.AlreadyAdminException)
RichUser(cz.metacentrum.perun.core.api.RichUser)
PasswordChangeFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordChangeFailedException)
Member(cz.metacentrum.perun.core.api.Member)
AttributesManager(cz.metacentrum.perun.core.api.AttributesManager)
PasswordResetLinkExpiredException(cz.metacentrum.perun.core.api.exceptions.PasswordResetLinkExpiredException)
Utils(cz.metacentrum.perun.core.impl.Utils)
InvalidLoginException(cz.metacentrum.perun.core.api.exceptions.InvalidLoginException)
UserExtSourceNotExistsException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceNotExistsException)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
PasswordManagerModule(cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule)
Candidate(cz.metacentrum.perun.core.api.Candidate)
AuthzResolver(cz.metacentrum.perun.core.api.AuthzResolver)
BanOnFacility(cz.metacentrum.perun.core.api.BanOnFacility)
MemberNotExistsException(cz.metacentrum.perun.core.api.exceptions.MemberNotExistsException)
LoggerFactory(org.slf4j.LoggerFactory)
PasswordChangeFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordChangeFailedRuntimeException)
UserNotAdminException(cz.metacentrum.perun.core.api.exceptions.UserNotAdminException)
LoginNotExistsException(cz.metacentrum.perun.core.api.exceptions.LoginNotExistsException)
ExtSourcesManager(cz.metacentrum.perun.core.api.ExtSourcesManager)
PasswordStrengthFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordStrengthFailedRuntimeException)
OwnershipDisabledForSpecificUser(cz.metacentrum.perun.audit.events.UserManagerEvents.OwnershipDisabledForSpecificUser)
UUID(java.util.UUID)
Collectors(java.util.stream.Collectors)
Objects(java.util.Objects)
List(java.util.List)
ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)
PasswordStrengthException(cz.metacentrum.perun.core.api.exceptions.PasswordStrengthException)
PerunBl(cz.metacentrum.perun.core.bl.PerunBl)
Resource(cz.metacentrum.perun.core.api.Resource)
UserDeleted(cz.metacentrum.perun.audit.events.UserManagerEvents.UserDeleted)
PerunSession(cz.metacentrum.perun.core.api.PerunSession)
AttributesManagerBl(cz.metacentrum.perun.core.bl.AttributesManagerBl)
Paginated(cz.metacentrum.perun.core.api.Paginated)
GenericPasswordManagerModule(cz.metacentrum.perun.core.impl.modules.pwdmgr.GenericPasswordManagerModule)
Group(cz.metacentrum.perun.core.api.Group)
UsersManagerImplApi(cz.metacentrum.perun.core.implApi.UsersManagerImplApi)
PasswordDeletionFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordDeletionFailedException)
HashSet(java.util.HashSet)
UserCreated(cz.metacentrum.perun.audit.events.UserManagerEvents.UserCreated)
UserAlreadyRemovedException(cz.metacentrum.perun.core.api.exceptions.UserAlreadyRemovedException)
PasswordOperationTimeoutException(cz.metacentrum.perun.core.api.exceptions.PasswordOperationTimeoutException)
UserExtSourceAddedToUser(cz.metacentrum.perun.audit.events.UserManagerEvents.UserExtSourceAddedToUser)
RichResource(cz.metacentrum.perun.core.api.RichResource)
Logger(org.slf4j.Logger)
Iterator(java.util.Iterator)
WrongReferenceAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)
RelationNotExistsException(cz.metacentrum.perun.core.api.exceptions.RelationNotExistsException)
ActionType(cz.metacentrum.perun.core.api.ActionType)
PasswordDoesntMatchException(cz.metacentrum.perun.core.api.exceptions.PasswordDoesntMatchException)
StringEscapeUtils(org.apache.commons.text.StringEscapeUtils)
WrongAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)
BanNotExistsException(cz.metacentrum.perun.core.api.exceptions.BanNotExistsException)
Host(cz.metacentrum.perun.core.api.Host)
PasswordResetLinkNotValidException(cz.metacentrum.perun.core.api.exceptions.PasswordResetLinkNotValidException)
AllUserExtSourcesDeletedForUser(cz.metacentrum.perun.audit.events.UserManagerEvents.AllUserExtSourcesDeletedForUser)
UserNotExistsException(cz.metacentrum.perun.core.api.exceptions.UserNotExistsException)
PasswordDeletionFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDeletionFailedRuntimeException)
Collections(java.util.Collections)
Status(cz.metacentrum.perun.core.api.Status)
AnonymizationNotSupportedException(cz.metacentrum.perun.core.api.exceptions.AnonymizationNotSupportedException)
ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)
UserExtSourceAddedToUser(cz.metacentrum.perun.audit.events.UserManagerEvents.UserExtSourceAddedToUser)
RichUserExtSource(cz.metacentrum.perun.core.api.RichUserExtSource)
UserExtSource(cz.metacentrum.perun.core.api.UserExtSource)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
Example 15 with UserExtSourceExistsException
use of cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException in project perun by CESNET.
the class UsersManagerBlImpl method moveUserExtSource.
@Override
public void moveUserExtSource(PerunSession sess, User sourceUser, User targetUser, UserExtSource userExtSource) {
List<Attribute> userExtSourceAttributes = getPerunBl().getAttributesManagerBl().getAttributes(sess, userExtSource);
// remove all virtual attributes (we don't need to take care about them)
userExtSourceAttributes.removeIf(attribute -> getPerunBl().getAttributesManagerBl().isVirtAttribute(sess, attribute));
// cannot move duplicated IDPs
if (Objects.equals(userExtSource.getExtSource().getType(), ExtSourcesManager.EXTSOURCE_IDP) && getAllUserExtSourcesByTypeAndLogin(sess, ExtSourcesManager.EXTSOURCE_IDP, userExtSource.getLogin()).size() > 1) {
throw new InternalErrorException("IDP UserExtSource " + userExtSource + " with duplicated login cannot be moved.");
}
// remove userExtSource
try {
this.removeUserExtSource(sess, sourceUser, userExtSource);
} catch (UserExtSourceAlreadyRemovedException ex) {
// this is little weird, will be better to report exception
throw new InternalErrorException("UserExtSource was unexpectedly removed while moving " + userExtSource + " from " + sourceUser + " to " + targetUser);
}
// change userId for userExtSource
userExtSource.setUserId(targetUser.getId());
// add userExtSource to the targetUser
try {
userExtSource = this.addUserExtSource(sess, targetUser, userExtSource);
} catch (UserExtSourceExistsException ex) {
// someone moved this UserExtSource before us
throw new InternalErrorException("Moving " + userExtSource + " from " + sourceUser + " to " + targetUser + " failed because someone already moved this UserExtSource.", ex);
}
// set all attributes back to this UserExtSource when it is already assigned to the targetUser
try {
getPerunBl().getAttributesManagerBl().setAttributes(sess, userExtSource, userExtSourceAttributes);
} catch (WrongAttributeAssignmentException | WrongReferenceAttributeValueException | WrongAttributeValueException ex) {
throw new InternalErrorException("Moving " + userExtSource + " from " + sourceUser + " to " + targetUser + " failed because of problem with setting removed attributes back to the UserExtSource.", ex);
}
}
Also used :
UserExtSourceExistsException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException)
Attribute(cz.metacentrum.perun.core.api.Attribute)
WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)
WrongReferenceAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)
UserExtSourceAlreadyRemovedException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceAlreadyRemovedException)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
WrongAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)
Aggregations
UserExtSourceExistsException (cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException)30
UserExtSource (cz.metacentrum.perun.core.api.UserExtSource)28
ExtSource (cz.metacentrum.perun.core.api.ExtSource)27
ExtSourceNotExistsException (cz.metacentrum.perun.core.api.exceptions.ExtSourceNotExistsException)22
InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)21
PerunBl (cz.metacentrum.perun.core.bl.PerunBl)16
Attribute (cz.metacentrum.perun.core.api.Attribute)15
WrongAttributeAssignmentException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)11
User (cz.metacentrum.perun.core.api.User)10
AttributeNotExistsException (cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)10
WrongAttributeValueException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)10
WrongReferenceAttributeValueException (cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)10
ArrayList (java.util.ArrayList)10
UserExtSourceNotExistsException (cz.metacentrum.perun.core.api.exceptions.UserExtSourceNotExistsException)9
Member (cz.metacentrum.perun.core.api.Member)6
ConsistencyErrorException (cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)5
UserNotExistsException (cz.metacentrum.perun.core.api.exceptions.UserNotExistsException)5
Vo (cz.metacentrum.perun.core.api.Vo)4
RichUser (cz.metacentrum.perun.core.api.RichUser)3
RichUserExtSource (cz.metacentrum.perun.core.api.RichUserExtSource)3
