Examples with UserExtSourceExistsException cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException used on opensource projects

Example 21 with UserExtSourceExistsException

use of cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException in project perun by CESNET.

the class EinfraservicesPasswordManagerModule method validatePassword.

@Override
public void validatePassword(PerunSession sess, String userLogin, User user) throws InvalidLoginException {
    if (user == null) {
        user = ((PerunBl) sess.getPerun()).getModulesUtilsBl().getUserByLoginInNamespace(sess, userLogin, actualLoginNamespace);
    }
    if (user == null) {
        log.warn("No user was found by login '{}' in {} namespace.", userLogin, actualLoginNamespace);
    } else {
        // set extSources and extSource related attributes
        try {
            ExtSource extSource = ((PerunBl) sess.getPerun()).getExtSourcesManagerBl().getExtSourceByName(sess, "EINFRA-SERVICES");
            UserExtSource ues = new UserExtSource(extSource, userLogin + "@EINFRA-SERVICES");
            ues.setLoa(0);
            try {
                ((PerunBl) sess.getPerun()).getUsersManagerBl().addUserExtSource(sess, user, ues);
            } catch (UserExtSourceExistsException ex) {
            // this is OK
            }
            List<String> kerberosLogins = new ArrayList<>();
            // Store also Kerberos logins
            Attribute kerberosLoginsAttr = ((PerunBl) sess.getPerun()).getAttributesManagerBl().getAttribute(sess, user, AttributesManager.NS_USER_ATTR_DEF + ":" + "kerberosLogins");
            if (kerberosLoginsAttr != null && kerberosLoginsAttr.getValue() != null) {
                kerberosLogins.addAll((List<String>) kerberosLoginsAttr.getValue());
            }
            if (!kerberosLogins.contains(userLogin + "@EINFRA-SERVICES") && kerberosLoginsAttr != null) {
                kerberosLogins.add(userLogin + "@EINFRA-SERVICES");
                kerberosLoginsAttr.setValue(kerberosLogins);
                ((PerunBl) sess.getPerun()).getAttributesManagerBl().setAttribute(sess, user, kerberosLoginsAttr);
            }
        } catch (WrongAttributeAssignmentException | AttributeNotExistsException | ExtSourceNotExistsException | WrongAttributeValueException | WrongReferenceAttributeValueException ex) {
            throw new InternalErrorException(ex);
        }
    }
    // validate password
    super.validatePassword(sess, userLogin, user);
}

Example 22 with UserExtSourceExistsException

use of cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException in project perun by CESNET.

the class Vsup method approveApplication.

/**
 * Set "membershipExpiration" attribute value to "expirationManual" so it's consumed by services.
 * Set value only if membershipExpiration is after manual, or manual is empty.
 * If membershipExpiration is null, set 4000-01-01 as unlimited.
 *
 * Create userExtSource RC to user for future merging.
 */
@Override
public Application approveApplication(PerunSession session, Application app) throws MemberNotExistsException, AttributeNotExistsException, WrongAttributeAssignmentException, UserNotExistsException, WrongAttributeValueException, WrongReferenceAttributeValueException, PrivilegeException {
    PerunBl perun = (PerunBl) session.getPerun();
    Vo vo = app.getVo();
    User user = app.getUser();
    if (user == null) {
        log.error("At the end of approval action, we should have user present in application: {}", app);
    } else {
        Member member = perun.getMembersManagerBl().getMemberByUser(session, vo, user);
        Date membershipExpiration = null;
        Date manualExpiration = null;
        Attribute membershipExpirationAttr = perun.getAttributesManagerBl().getAttribute(session, member, AttributesManager.NS_MEMBER_ATTR_DEF + ":membershipExpiration");
        if (membershipExpirationAttr.getValue() != null) {
            DateFormat df = new SimpleDateFormat("yyyy-MM-dd");
            df.setLenient(false);
            String expiration = (String) membershipExpirationAttr.getValue();
            try {
                membershipExpiration = df.parse(expiration);
            } catch (ParseException e) {
                log.error("Can't parse manual expiration date.", e);
            }
        }
        Attribute manualExpirationAttr = perun.getAttributesManagerBl().getAttribute(session, user, AttributesManager.NS_USER_ATTR_DEF + ":expirationManual");
        if (manualExpirationAttr.getValue() != null) {
            DateFormat df = new SimpleDateFormat("yyyy-MM-dd");
            df.setLenient(false);
            String expiration = (String) manualExpirationAttr.getValue();
            try {
                manualExpiration = df.parse(expiration);
            } catch (ParseException e) {
                log.error("Can't parse manual expiration date.", e);
            }
        }
        boolean changed = false;
        if (membershipExpiration == null) {
            // has no membership expiration - set as unlimited - but it shouldn't happened based on VO rules
            manualExpirationAttr.setValue("4000-01-01");
            changed = true;
        } else if (manualExpiration == null || membershipExpiration.after(manualExpiration)) {
            // has no manual expiration - set from membership expiration
            // OR
            // has membership expiration after manual
            DateFormat df = new SimpleDateFormat("yyyy-MM-dd");
            String value = df.format(membershipExpiration);
            manualExpirationAttr.setValue(value);
            changed = true;
        }
        if (changed) {
            // update manual expiration attribute
            perun.getAttributesManagerBl().setAttribute(session, user, manualExpirationAttr);
        }
    }
    // create ues RC for future merging
    List<ApplicationFormItemData> data = new ArrayList<>();
    try {
        data = registrar.getApplicationDataById(session, app.getId());
    } catch (RegistrarException e) {
    // ignore because application's id is not null
    }
    for (ApplicationFormItemData item : data) {
        if (item.getFormItem() != null && Objects.equals(AttributesManager.NS_USER_ATTR_DEF + ":birthNumber", item.getFormItem().getPerunDestinationAttribute())) {
            String rc = item.getValue();
            if (rc != null && !rc.isEmpty()) {
                ExtSource es = perun.getExtSourcesManager().checkOrCreateExtSource(session, "RC", ExtSourcesManager.EXTSOURCE_NAME_INTERNAL);
                UserExtSource ues = new UserExtSource(es, 0, rc);
                try {
                    perun.getUsersManagerBl().addUserExtSource(session, app.getUser(), ues);
                } catch (UserExtSourceExistsException e) {
                    log.info("User external source from RC already created.");
                }
            }
            break;
        }
    }
    return app;
}

Example 23 with UserExtSourceExistsException

use of cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException in project perun by CESNET.

the class ELIXIRCILogonDNGenerator method approveApplication.

/**
 * All new members will get new userExtSource with generated DN according to the CILogon rules:
 * echo -n "eppn" | openssl dgst -sha256 -binary | base64 | head -c16
 * where eppn is eduPersonPrincipalName
 */
@Override
public Application approveApplication(PerunSession session, Application app) throws WrongAttributeAssignmentException, AttributeNotExistsException {
    if (Application.AppType.INITIAL.equals(app.getType())) {
        // get perun from session
        PerunBl perun = (PerunBl) session.getPerun();
        User user = app.getUser();
        // Get user ELIXIR persistent login
        String elixirLogin = (String) perun.getAttributesManagerBl().getAttribute(session, user, LOGINATTRIBUTE).getValue();
        // Get user displayName
        String utfDisplayName = user.getCommonName();
        // Remove all non-ascii chars and replace them for "X"
        String displayName = Utils.toASCII(utfDisplayName, "X".charAt(0));
        displayName = truncate(displayName, RDN_MAX_SIZE);
        // Compute hash
        MessageDigest md;
        try {
            md = MessageDigest.getInstance("SHA-256");
        } catch (NoSuchAlgorithmException e) {
            throw new InternalErrorException(e);
        }
        md.update(elixirLogin.getBytes(StandardCharsets.UTF_8));
        byte[] digest = md.digest();
        String hash = Base64.encodeBase64String(digest);
        // Get just first 16 bytes as is described in EU CILogon - RCauth.eu CA requirements
        String CILogonHash = hash.substring(0, 16);
        // Based on the RCauth.eu policy, every '/' and '+' must be replaced with '-'
        CILogonHash = CILogonHash.replaceAll("/|\\+", "-");
        // Generate the DN, it must look like /DC=eu/DC=rcauth/DC=rcauth-clients/O=elixir-europe.org/CN=Michal Prochazka rdkfo3rdkfo3kdo
        String dn = DNPREFIX + displayName + " " + CILogonHash;
        // Store the userExtSource
        ExtSource extSource = perun.getExtSourcesManagerBl().checkOrCreateExtSource(session, CADN, ExtSourcesManager.EXTSOURCE_X509);
        UserExtSource userExtSource = new UserExtSource(extSource, dn);
        try {
            perun.getUsersManagerBl().addUserExtSource(session, user, userExtSource);
        } catch (UserExtSourceExistsException e) {
        // This can happen, so we can ignore it.
        }
    }
    return app;
}

Example 24 with UserExtSourceExistsException

use of cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException in project perun by CESNET.

the class LifeScienceHostelRI method approveApplication.

/**
 * Create proper UserExtSource
 */
@Override
public Application approveApplication(PerunSession session, Application app) throws PrivilegeException, GroupNotExistsException, MemberNotExistsException, ExternallyManagedException, WrongReferenceAttributeValueException, WrongAttributeValueException, RegistrarException, ExtSourceNotExistsException, AttributeNotExistsException, WrongAttributeAssignmentException, VoNotExistsException, ExtendMembershipException, AlreadyMemberException {
    PerunBl perun = (PerunBl) session.getPerun();
    User user = app.getUser();
    if (user != null) {
        // Create UES for user
        Attribute userLogin = perun.getAttributesManagerBl().getAttribute(session, user, AttributesManager.NS_USER_ATTR_DEF + ":" + LOGIN_NAMESPACE);
        if (userLogin != null && userLogin.getValue() != null) {
            ExtSource extSource = perun.getExtSourcesManagerBl().getExtSourceByName(session, LS_HOSTEL_EXT_SOURCE_NAME);
            String login = userLogin.valueAsString();
            UserExtSource ues = new UserExtSource(extSource, login + LS_HOSTEL_SCOPE);
            ues.setLoa(0);
            try {
                perun.getUsersManagerBl().addUserExtSource(session, user, ues);
            } catch (UserExtSourceExistsException ex) {
            // this is OK
            }
        }
        if (Application.AppType.INITIAL.equals(app.getType())) {
            try {
                Vo vo = perun.getVosManagerBl().getVoByShortName(session, VO_SHORTNAME);
                Member member = perun.getMembersManagerBl().createMember(session, vo, user);
                log.debug("LS Hostel member added to the main VO Lifescience {}", member);
            } catch (VoNotExistsException e) {
                log.warn("VO: " + VO_SHORTNAME + " not exists, can't add member into it.");
            } catch (AlreadyMemberException ignore) {
            // user is already in lifescience
            } catch (ExtendMembershipException e) {
                // can't be member of lifescience, shouldn't happen
                log.error("LS Hostel member can't be added to VO: " + VO_SHORTNAME, e);
            }
        }
    // User doesn't have login - don't set UES
    }
    return app;
}

Example 25 with UserExtSourceExistsException

use of cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException in project perun by CESNET.

the class LifescienceHostel method approveApplication.

/**
 * Create proper UserExtSource
 */
@Override
public Application approveApplication(PerunSession session, Application app) throws WrongAttributeAssignmentException, AttributeNotExistsException, ExtSourceNotExistsException {
    PerunBl perun = (PerunBl) session.getPerun();
    User user = app.getUser();
    if (user == null) {
        log.error("At the end of approval action, we should have user present in application: {}", app);
    } else {
        Attribute userLogin = perun.getAttributesManagerBl().getAttribute(session, user, AttributesManager.NS_USER_ATTR_DEF + ":" + LIFESCIENCE_HOSTEL_NS);
        if (userLogin != null && userLogin.getValue() != null) {
            ExtSource extSource = perun.getExtSourcesManagerBl().getExtSourceByName(session, LS_HOSTEL_EXT_SOURCE_NAME);
            // as user email will be used as login, we want to get rid of all '@' characters - change them to '_'
            String modifiedLogin = userLogin.valueAsString().replace('@', '_');
            UserExtSource ues = new UserExtSource(extSource, modifiedLogin + LS_HOSTEL_SCOPE);
            ues.setLoa(0);
            try {
                perun.getUsersManagerBl().addUserExtSource(session, user, ues);
            } catch (UserExtSourceExistsException ex) {
            // this is OK
            }
        }
    // User doesn't have login - don't set UES
    }
    return app;
}