Search in sources :

Example 56 with PerunBl

use of cz.metacentrum.perun.core.bl.PerunBl in project perun by CESNET.

the class Elixir method generateLogin.

/**
 * Generates new login for input data
 *
 * @param session PerunSession
 * @param formItems Whole form data
 * @return
 */
private String generateLogin(PerunSession session, ApplicationFormItemWithPrefilledValue loginItem, List<ApplicationFormItemWithPrefilledValue> formItems) {
    String displayName = fetchFormValue(formItems, URN_USER_DISPLAY_NAME);
    PerunBl perun = (PerunBl) session.getPerun();
    User user = null;
    try {
        user = Utils.parseUserFromCommonName(displayName, false);
    } catch (Exception ex) {
        log.warn("We couldn't parse commonName/displayName into User object");
        String mail = fetchFormValue(formItems, URN_USER_PREFERRED_MAIL);
        if (mail != null) {
            mail = mail.split("@")[0];
            user = new User(0, null, mail, null, null, null);
        }
    }
    if (user != null) {
        ModulesUtilsBlImpl.LoginGenerator generator = new ModulesUtilsBlImpl.LoginGenerator();
        String login = generator.generateLogin(user, new ModulesUtilsBlImpl.LoginGenerator.LoginGeneratorFunction() {

            @Override
            public String generateLogin(String firstName, String lastName) {
                String wholeLogin = "";
                if (firstName != null && !firstName.isEmpty()) {
                    wholeLogin = firstName;
                }
                if (lastName != null && !lastName.isEmpty()) {
                    wholeLogin = wholeLogin + lastName;
                }
                return wholeLogin;
            }
        });
        if (StringUtils.isEmpty(login))
            return null;
        String checkedLogin = login;
        // fill value (with incremental number on conflict)
        int iterator = 0;
        while (iterator >= 0) {
            if (iterator > 0) {
                int iteratorLength = String.valueOf(iterator).length();
                if (login.length() + iteratorLength > 20) {
                    // if login+iterator > 20 => crop login & reset iterator
                    checkedLogin = login.substring(0, login.length() - 1);
                    iterator = 0;
                } else {
                    checkedLogin = login + iterator;
                }
            } else {
            // checked login is used
            }
            try {
                AttributeDefinition def = perun.getAttributesManagerBl().getAttributeDefinition(session, loginItem.getFormItem().getPerunDestinationAttribute());
                Attribute checkAttribute = new Attribute(def, checkedLogin);
                perun.getAttributesManagerBl().checkAttributeSemantics(session, user, checkAttribute);
                return checkedLogin;
            } catch (WrongReferenceAttributeValueException ex) {
                // continue in a WHILE cycle - generated login was used
                iterator++;
            } catch (AttributeNotExistsException ex) {
                // we couldn't pre-fill login, its mapped to non-existing attribute
                log.warn("We couldn't generate new login, since its mapped to non-exisitng attribute {}., {}", loginItem.getFormItem().getPerunDestinationAttribute(), ex);
                return null;
            } catch (WrongAttributeAssignmentException | InternalErrorException e) {
                log.warn("We couldn't generate new login, because of exception.", e);
                return null;
            }
        }
    } else {
        log.error("We couldn't create arbitrary User object with name from form items in order to generate login.");
    }
    return null;
}
Also used : User(cz.metacentrum.perun.core.api.User) Attribute(cz.metacentrum.perun.core.api.Attribute) WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException) AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException) PerunBl(cz.metacentrum.perun.core.bl.PerunBl) AttributeDefinition(cz.metacentrum.perun.core.api.AttributeDefinition) InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException) InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException) WrongReferenceAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException) AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException) WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException) PerunException(cz.metacentrum.perun.core.api.exceptions.PerunException) ModulesUtilsBlImpl(cz.metacentrum.perun.core.blImpl.ModulesUtilsBlImpl) WrongReferenceAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)

Example 57 with PerunBl

use of cz.metacentrum.perun.core.bl.PerunBl in project perun by CESNET.

the class MetacentrumSocial method approveApplication.

/**
 * Set GROUP MEMBERSHIP EXPIRATION based on the current VO MEMBERSHIP EXPIRATION
 */
@Override
public Application approveApplication(PerunSession session, Application app) throws MemberNotExistsException, WrongAttributeAssignmentException, AttributeNotExistsException, WrongAttributeValueException, WrongReferenceAttributeValueException {
    PerunBl perun = (PerunBl) session.getPerun();
    Vo vo = app.getVo();
    User user = app.getUser();
    Member member = perun.getMembersManagerBl().getMemberByUser(session, vo, user);
    Group group = app.getGroup();
    Attribute voExpiration = perun.getAttributesManagerBl().getAttribute(session, member, A_MEMBER_MEMBERSHIP_EXPIRATION);
    try {
        Attribute groupExpiration = perun.getAttributesManagerBl().getAttribute(session, member, group, A_MEMBER_GROUP_MEMBERSHIP_EXPIRATION);
        groupExpiration.setValue(voExpiration.getValue());
        perun.getAttributesManagerBl().setAttribute(session, member, group, groupExpiration);
        log.debug("{} expiration in Group {} aligned with the VO {} expiration: {}", member, group.getName(), vo.getName(), groupExpiration.valueAsString());
    } catch (MemberGroupMismatchException e) {
        log.error("Member and group should be from the same VO.", e);
        throw new ConsistencyErrorException("Member and group should be from the same VO.", e);
    }
    return app;
}
Also used : Group(cz.metacentrum.perun.core.api.Group) MemberGroupMismatchException(cz.metacentrum.perun.core.api.exceptions.MemberGroupMismatchException) ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException) User(cz.metacentrum.perun.core.api.User) Attribute(cz.metacentrum.perun.core.api.Attribute) PerunBl(cz.metacentrum.perun.core.bl.PerunBl) Vo(cz.metacentrum.perun.core.api.Vo) Member(cz.metacentrum.perun.core.api.Member)

Example 58 with PerunBl

use of cz.metacentrum.perun.core.bl.PerunBl in project perun by CESNET.

the class Sitola method approveApplication.

/**
 * All new Sitola members will have MU eduroam identity added if they posses MU login.
 */
@Override
public Application approveApplication(PerunSession session, Application app) throws WrongAttributeAssignmentException, UserNotExistsException, AttributeNotExistsException, PrivilegeException, WrongAttributeValueException, WrongReferenceAttributeValueException {
    // get perun from session
    PerunBl perun = (PerunBl) session.getPerun();
    User user = app.getUser();
    if (user != null) {
        Attribute eduroamIdentities = perun.getAttributesManagerBl().getAttribute(session, user, "urn:perun:user:attribute-def:def:eduroamIdentities");
        Attribute loginMu = perun.getAttributesManagerBl().getAttribute(session, user, "urn:perun:user:attribute-def:def:login-namespace:mu");
        if (eduroamIdentities.getValue() == null) {
            if (loginMu.getValue() != null) {
                // add MU identity
                List<String> identities = new ArrayList<>();
                identities.add(loginMu.getValue() + "@eduroam.muni.cz");
                eduroamIdentities.setValue(identities);
                // use Bl since VO manager normally can't set this attribute
                perun.getAttributesManagerBl().setAttribute(session, user, eduroamIdentities);
            }
        } else {
            if (loginMu.getValue() != null) {
                // check if not already present and set
                boolean found = false;
                for (String value : eduroamIdentities.valueAsList()) {
                    if (Objects.equals(value, loginMu.getValue() + "@eduroam.muni.cz")) {
                        found = true;
                        break;
                    }
                }
                if (!found) {
                    // add MU eduroam identity
                    ((List<String>) eduroamIdentities.valueAsList()).add(loginMu.getValue() + "@eduroam.muni.cz");
                    // use Bl since VO manager normally can't set this attribute
                    perun.getAttributesManagerBl().setAttribute(session, user, eduroamIdentities);
                }
            }
        }
    }
    return app;
}
Also used : User(cz.metacentrum.perun.core.api.User) Attribute(cz.metacentrum.perun.core.api.Attribute) ArrayList(java.util.ArrayList) PerunBl(cz.metacentrum.perun.core.bl.PerunBl) ArrayList(java.util.ArrayList) List(java.util.List)

Example 59 with PerunBl

use of cz.metacentrum.perun.core.bl.PerunBl in project perun by CESNET.

the class WeNMR method canBeApproved.

@Override
public void canBeApproved(PerunSession session, Application app) throws PerunException {
    // check if submitted from trusted IdP
    if (!Objects.equals("https://www.structuralbiology.eu/idp/shibboleth", app.getExtSourceName())) {
        // submitted by untrusted IdP
        PerunBl perun = (PerunBl) session.getPerun();
        User user;
        // check if user is known
        if (app.getUser() != null) {
            user = app.getUser();
        } else {
            try {
                user = perun.getUsersManagerBl().getUserByExtSourceNameAndExtLogin(session, app.getExtSourceName(), app.getCreatedBy());
            } catch (Exception ex) {
                // unable to find user -> untrusted IdP
                throw new CantBeApprovedException("Application can't be approved automatically. User doesn't have identity from \"www.structuralbiology.eu\". Please check users identity before manual/force approval.", "", "", "", true);
            }
        }
        List<UserExtSource> ueses = perun.getUsersManagerBl().getUserExtSources(session, user);
        for (UserExtSource ues : ueses) {
            if (Objects.equals("https://www.structuralbiology.eu/idp/shibboleth", ues.getExtSource().getName())) {
                // user has trusted identity
                return;
            }
        }
        throw new CantBeApprovedException("Application can't be approved automatically. User doesn't have identity from \"www.structuralbiology.eu\". Please check users identity before manual/force approval.", "", "", "", true);
    }
// submitted from trusted IdP
}
Also used : User(cz.metacentrum.perun.core.api.User) CantBeApprovedException(cz.metacentrum.perun.registrar.exceptions.CantBeApprovedException) UserExtSource(cz.metacentrum.perun.core.api.UserExtSource) PerunBl(cz.metacentrum.perun.core.bl.PerunBl) PerunException(cz.metacentrum.perun.core.api.exceptions.PerunException) CantBeApprovedException(cz.metacentrum.perun.registrar.exceptions.CantBeApprovedException)

Example 60 with PerunBl

use of cz.metacentrum.perun.core.bl.PerunBl in project perun by CESNET.

the class DummyPasswordManagerModule method validatePassword.

@Override
public void validatePassword(PerunSession sess, String userLogin, User user) throws InvalidLoginException {
    log.debug("validatePassword(userLogin={})", userLogin);
    if (user == null) {
        user = ((PerunBl) sess.getPerun()).getModulesUtilsBl().getUserByLoginInNamespace(sess, userLogin, "dummy");
    }
    if (user == null) {
        log.warn("No user was found by login '{}' in {} namespace.", userLogin, "dummy");
    } else {
        // set extSources and extSource related attributes
        ExtSource extSource;
        try {
            extSource = ((PerunBl) sess.getPerun()).getExtSourcesManagerBl().getExtSourceByName(sess, "https://dummy");
        } catch (ExtSourceNotExistsException e) {
            extSource = new ExtSource("https://dummy", ExtSourcesManager.EXTSOURCE_IDP);
            try {
                extSource = ((PerunBl) sess.getPerun()).getExtSourcesManagerBl().createExtSource(sess, extSource, null);
            } catch (ExtSourceExistsException e1) {
                log.warn("impossible or race condition", e1);
            }
        }
        UserExtSource ues = new UserExtSource(extSource, userLogin + "@dummy");
        ues.setLoa(2);
        try {
            ((PerunBl) sess.getPerun()).getUsersManagerBl().addUserExtSource(sess, user, ues);
        } catch (UserExtSourceExistsException ex) {
        // this is OK
        }
    }
}
Also used : UserExtSourceExistsException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException) UserExtSource(cz.metacentrum.perun.core.api.UserExtSource) ExtSourceExistsException(cz.metacentrum.perun.core.api.exceptions.ExtSourceExistsException) UserExtSourceExistsException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException) PerunBl(cz.metacentrum.perun.core.bl.PerunBl) UserExtSource(cz.metacentrum.perun.core.api.UserExtSource) ExtSource(cz.metacentrum.perun.core.api.ExtSource) ExtSourceNotExistsException(cz.metacentrum.perun.core.api.exceptions.ExtSourceNotExistsException)

Aggregations

PerunBl (cz.metacentrum.perun.core.bl.PerunBl)130 Attribute (cz.metacentrum.perun.core.api.Attribute)93 Before (org.junit.Before)65 PerunSessionImpl (cz.metacentrum.perun.core.impl.PerunSessionImpl)64 AttributesManagerBl (cz.metacentrum.perun.core.bl.AttributesManagerBl)48 User (cz.metacentrum.perun.core.api.User)41 InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)37 ArrayList (java.util.ArrayList)22 Vo (cz.metacentrum.perun.core.api.Vo)21 Facility (cz.metacentrum.perun.core.api.Facility)19 UserExtSource (cz.metacentrum.perun.core.api.UserExtSource)19 ModulesUtilsBl (cz.metacentrum.perun.core.bl.ModulesUtilsBl)19 ExtSource (cz.metacentrum.perun.core.api.ExtSource)16 Member (cz.metacentrum.perun.core.api.Member)16 AttributeNotExistsException (cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)16 UserExtSourceExistsException (cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException)16 UsersManagerBl (cz.metacentrum.perun.core.bl.UsersManagerBl)15 WrongAttributeAssignmentException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)14 GroupsManagerBl (cz.metacentrum.perun.core.bl.GroupsManagerBl)13 Group (cz.metacentrum.perun.core.api.Group)12