Example 1 with AppType
use of cz.metacentrum.perun.registrar.model.Application.AppType in project perun by CESNET.
the class RegistrarManagerImpl method getFormItemById.
@Override
public ApplicationFormItem getFormItemById(int id) {
ApplicationFormItem item;
item = jdbc.queryForObject(FORM_ITEM_SELECT + " where id=?", ITEM_MAPPER, id);
if (item != null) {
List<ItemTexts> texts = jdbc.query(FORM_ITEM_TEXTS_SELECT + " where item_id=?", ITEM_TEXTS_MAPPER, item.getId());
for (ItemTexts itemTexts : texts) {
item.getI18n().put(itemTexts.getLocale(), itemTexts);
}
List<AppType> appTypes = jdbc.query(APP_TYPE_SELECT + " where item_id=?", APP_TYPE_MAPPER, item.getId());
item.setApplicationTypes(appTypes);
}
return item;
}
Also used :
ApplicationFormItem(cz.metacentrum.perun.registrar.model.ApplicationFormItem)
ItemTexts(cz.metacentrum.perun.registrar.model.ApplicationFormItem.ItemTexts)
AppType(cz.metacentrum.perun.registrar.model.Application.AppType)
Example 2 with AppType
use of cz.metacentrum.perun.registrar.model.Application.AppType in project perun by CESNET.
the class RegistrarManagerImpl method tryToAutoApproveApplication.
/**
* Try to approve application if auto-approve is possible
*
* @param sess user who try to approves application
* @param app application to approve
* @throws InternalErrorException
*/
private void tryToAutoApproveApplication(PerunSession sess, Application app) throws PerunException {
ApplicationForm form;
if (app.getGroup() != null) {
// group application
form = getFormForGroup(app.getGroup());
} else {
// vo application
form = getFormForVo(app.getVo());
}
AppType type = app.getType();
if (AppType.INITIAL.equals(type) && !form.isAutomaticApproval())
return;
if (AppType.EXTENSION.equals(type) && !form.isAutomaticApprovalExtension())
return;
// do not auto-approve Group applications, if user is not member of VO
if (app.getGroup() != null && app.getVo() != null) {
try {
User u = null;
if (app.getUser() == null) {
u = usersManager.getUserByExtSourceNameAndExtLogin(registrarSession, app.getExtSourceName(), app.getCreatedBy());
if (u != null) {
membersManager.getMemberByUser(registrarSession, app.getVo(), u);
} else {
// user not found or null, hence can't be member of VO -> do not approve.
return;
}
} else {
// user known, but maybe not member of a vo
membersManager.getMemberByUser(registrarSession, app.getVo(), app.getUser());
}
} catch (MemberNotExistsException ex) {
return;
} catch (UserNotExistsException ex) {
return;
} catch (UserExtSourceNotExistsException ex) {
return;
} catch (ExtSourceNotExistsException ex) {
return;
}
}
try {
if (AppState.VERIFIED.equals(app.getState())) {
// with registrar session, since only VO admin can approve application
// check if can be approved (we normally call this manually from GUI before calling approve)
canBeApproved(registrarSession, app);
/*
FIXME - temporarily disabled checking
if (app.getUser() == null && !app.getExtSourceName().equalsIgnoreCase("LOCAL")) {
List<RichUser> list = checkForSimilarUsers(registrarSession, app.getId());
if (!list.isEmpty()) {
// found similar
throw new RegistrarException("Similar users are already registered in system. Automatic approval of application was canceled to prevent creation of duplicate user entry. Please check and approve application manually.");
} else {
// similar NOT found - continue
approveApplication(registrarSession, app.getId());
}
} else { }
*/
// other types of application doesn't create new user - continue
approveApplication(registrarSession, app.getId());
}
} catch (Exception ex) {
ArrayList<Exception> list = new ArrayList<Exception>();
list.add(ex);
getMailManager().sendMessage(app, MailType.APP_ERROR_VO_ADMIN, null, list);
throw ex;
}
}
Also used :
ApplicationForm(cz.metacentrum.perun.registrar.model.ApplicationForm)
AppType(cz.metacentrum.perun.registrar.model.Application.AppType)
SQLException(java.sql.SQLException)
EmptyResultDataAccessException(org.springframework.dao.EmptyResultDataAccessException)
DuplicateKeyException(org.springframework.dao.DuplicateKeyException)
Example 3 with AppType
use of cz.metacentrum.perun.registrar.model.Application.AppType in project perun by CESNET.
the class RegistrarManagerImpl method getFormItems.
@Override
public List<ApplicationFormItem> getFormItems(PerunSession sess, ApplicationForm form, AppType appType) throws PerunException {
// authz
if (form.getGroup() == null) {
if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, form.getVo()) && !AuthzResolver.isAuthorized(sess, Role.VOOBSERVER, form.getVo())) {
throw new PrivilegeException("getFormItems");
}
} else {
if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, form.getVo()) && !AuthzResolver.isAuthorized(sess, Role.VOOBSERVER, form.getVo()) && !AuthzResolver.isAuthorized(sess, Role.TOPGROUPCREATOR, form.getVo()) && !AuthzResolver.isAuthorized(sess, Role.GROUPADMIN, form.getGroup())) {
throw new PrivilegeException("getFormItems");
}
}
List<ApplicationFormItem> items;
if (appType == null) {
items = jdbc.query(FORM_ITEM_SELECT + " where form_id=? order by ordnum asc", ITEM_MAPPER, form.getId());
} else {
items = jdbc.query(FORM_ITEM_SELECT + " i,application_form_item_apptypes t where form_id=? and i.id=t.item_id and t.apptype=? order by ordnum asc", ITEM_MAPPER, form.getId(), appType.toString());
}
for (ApplicationFormItem item : items) {
List<ItemTexts> texts = jdbc.query(FORM_ITEM_TEXTS_SELECT + " where item_id=?", ITEM_TEXTS_MAPPER, item.getId());
for (ItemTexts itemTexts : texts) {
item.getI18n().put(itemTexts.getLocale(), itemTexts);
}
List<AppType> appTypes = jdbc.query(APP_TYPE_SELECT + " where item_id=?", APP_TYPE_MAPPER, item.getId());
item.setApplicationTypes(appTypes);
}
return items;
}
Also used :
ApplicationFormItem(cz.metacentrum.perun.registrar.model.ApplicationFormItem)
ItemTexts(cz.metacentrum.perun.registrar.model.ApplicationFormItem.ItemTexts)
AppType(cz.metacentrum.perun.registrar.model.Application.AppType)
Example 4 with AppType
use of cz.metacentrum.perun.registrar.model.Application.AppType in project perun by CESNET.
the class RegistrarManagerImpl method updateFormItems.
@Override
@Transactional(rollbackFor = Exception.class)
public int updateFormItems(PerunSession sess, ApplicationForm form, List<ApplicationFormItem> items) throws PrivilegeException, InternalErrorException {
if (form.getGroup() == null) {
// VO application
if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, form.getVo())) {
throw new PrivilegeException(sess, "updateFormItems");
}
} else {
if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, form.getVo()) && !AuthzResolver.isAuthorized(sess, Role.GROUPADMIN, form.getGroup())) {
throw new PrivilegeException(sess, "updateFormItems");
}
}
if (items == null) {
throw new NullPointerException("ApplicationFormItems to update can't be null");
}
int finalResult = 0;
for (ApplicationFormItem item : items) {
// is item to create ? => create
if (item.getId() == 0 && !item.isForDelete()) {
if (addFormItem(sess, form, item) != null) {
finalResult++;
}
continue;
}
// is item for deletion ? => delete on cascade
if (item.isForDelete()) {
finalResult += jdbc.update("delete from application_form_items where id=?", item.getId());
// continue to next item
continue;
}
// else update form item
int result = jdbc.update("update application_form_items set ordnum=?,shortname=?,required=?,type=?,fed_attr=?,dst_attr=?,regex=? where id=?", item.getOrdnum(), item.getShortname(), item.isRequired() ? "1" : "0", item.getType().toString(), item.getFederationAttribute(), item.getPerunDestinationAttribute(), item.getRegex(), item.getId());
finalResult += result;
if (result == 0) {
// skip whole set if not found for update
continue;
}
// update form item texts (easy way = delete and new insert)
// delete
jdbc.update("delete from application_form_item_texts where item_id=?", item.getId());
// insert new
for (Locale locale : item.getI18n().keySet()) {
ItemTexts itemTexts = item.getTexts(locale);
jdbc.update("insert into application_form_item_texts(item_id,locale,label,options,help,error_message) values (?,?,?,?,?,?)", item.getId(), locale.getLanguage(), itemTexts.getLabel(), itemTexts.getOptions(), itemTexts.getHelp(), itemTexts.getErrorMessage());
}
// update form item app types (easy way = delete and new insert)
// delete
jdbc.update("delete from application_form_item_apptypes where item_id=?", item.getId());
// insert new
for (AppType appType : item.getApplicationTypes()) {
jdbc.update("insert into application_form_item_apptypes (item_id,apptype) values (?,?)", item.getId(), appType.toString());
}
}
perun.getAuditer().log(sess, "Application form ID=" + form.getId() + " voID=" + form.getVo().getId() + ((form.getGroup() != null) ? (" groupID=" + form.getGroup().getId()) : "") + " has had its items updated.");
// return number of updated rows
return finalResult;
}
Also used :
ApplicationFormItem(cz.metacentrum.perun.registrar.model.ApplicationFormItem)
ItemTexts(cz.metacentrum.perun.registrar.model.ApplicationFormItem.ItemTexts)
AppType(cz.metacentrum.perun.registrar.model.Application.AppType)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 5 with AppType
use of cz.metacentrum.perun.registrar.model.Application.AppType in project perun by CESNET.
the class RegistrarManagerImpl method createApplicationInternal.
@Override
@Transactional(rollbackFor = ApplicationNotCreatedException.class)
public Application createApplicationInternal(PerunSession session, Application application, List<ApplicationFormItemData> data) throws PerunException {
// exceptions to send to vo admin with new app created email
List<Exception> exceptions = new ArrayList<Exception>();
boolean applicationNotCreated = false;
try {
// 1) create application
int appId = Utils.getNewId(jdbc, "APPLICATION_ID_SEQ");
application.setId(appId);
application.setState(AppState.NEW);
// optional group
Integer groupId = null;
Integer userId = null;
if (application.getGroup() != null) {
groupId = application.getGroup().getId();
}
if (application.getUser() != null) {
userId = application.getUser().getId();
}
jdbc.update("insert into application(id,vo_id,group_id,user_id,apptype,fed_info,extSourceName,extSourceType,extSourceLoa,state,created_by,modified_by) values (?,?,?,?,?,?,?,?,?,?,?,?)", appId, application.getVo().getId(), groupId, userId, application.getType().toString(), application.getFedInfo(), application.getExtSourceName(), application.getExtSourceType(), application.getExtSourceLoa(), application.getState().toString(), application.getCreatedBy(), application.getCreatedBy());
// 2) process & store app data
for (ApplicationFormItemData itemData : data) {
Type itemType = itemData.getFormItem().getType();
if (itemType == HTML_COMMENT || itemType == SUBMIT_BUTTON || itemType == AUTO_SUBMIT_BUTTON || itemType == PASSWORD || itemType == HEADING)
continue;
// Check if mails needs to be validated
if (itemType == VALIDATED_EMAIL) {
// default = mail not same as pre-filled
itemData.setAssuranceLevel("");
// We must use contains, because IdP can send more than one email, emails are separated by semi-colon
if (itemData.getPrefilledValue() != null && itemData.getValue() != null && !itemData.getValue().isEmpty()) {
if (itemData.getPrefilledValue().toLowerCase().contains(itemData.getValue().toLowerCase())) {
itemData.setAssuranceLevel("1");
}
}
// it's save, empty attributes are not set to DB nor any notification is sent
if (!itemData.getFormItem().isRequired() && (itemData.getValue() == null || itemData.getValue().isEmpty())) {
itemData.setAssuranceLevel("1");
}
}
try {
itemData.setId(Utils.getNewId(jdbc, "APPLICATION_DATA_ID_SEQ"));
jdbc.update("insert into application_data(id,app_id,item_id,shortname,value,assurance_level) values (?,?,?,?,?,?)", itemData.getId(), appId, itemData.getFormItem().getId(), itemData.getFormItem().getShortname(), itemData.getValue(), itemData.getAssuranceLevel());
} catch (Exception ex) {
// log and store exception so vo manager could see error in notification.
log.error("[REGISTRAR] Storing form item {} caused exception {}", itemData, ex);
exceptions.add(ex);
}
}
// 3) process all logins and passwords
// create list of logins and passwords to process
List<ApplicationFormItemData> logins = new ArrayList<ApplicationFormItemData>();
for (ApplicationFormItemData itemData : data) {
Type itemType = itemData.getFormItem().getType();
if (itemType == USERNAME || itemType == PASSWORD) {
// skip unchanged pre-filled logins, since they must have been handled last time
if (itemData.getValue().equals(itemData.getPrefilledValue()) && itemType != PASSWORD)
continue;
logins.add(itemData);
}
}
for (ApplicationFormItemData loginItem : logins) {
if (loginItem.getFormItem().getType() == USERNAME) {
// values to store
String login = loginItem.getValue();
// filled later
String pass = "";
// Get login namespace
String dstAttr = loginItem.getFormItem().getPerunDestinationAttribute();
AttributeDefinition loginAttribute = attrManager.getAttributeDefinition(registrarSession, dstAttr);
String loginNamespace = loginAttribute.getFriendlyNameParameter();
// try to book new login in namespace if the application hasn't been approved yet
if (perun.getUsersManagerBl().isLoginAvailable(registrarSession, loginNamespace, login)) {
try {
// Reserve login
jdbc.update("insert into application_reserved_logins(login,namespace,app_id,created_by,created_at) values(?,?,?,?,?)", login, loginNamespace, appId, application.getCreatedBy(), new Date());
log.debug("[REGISTRAR] Added login reservation for login: {} in namespace: {}.", login, loginNamespace);
// process password for this login
for (ApplicationFormItemData passItem : logins) {
ApplicationFormItem item = passItem.getFormItem();
if (item.getType() == PASSWORD && item.getPerunDestinationAttribute() != null) {
if (item.getPerunDestinationAttribute().equals(dstAttr)) {
pass = passItem.getValue();
try {
// reserve password
perun.getUsersManagerBl().reservePassword(registrarSession, login, loginNamespace, pass);
log.debug("[REGISTRAR] Password for login: {} in namespace: {} successfully reserved in external system.", login, loginNamespace);
} catch (Exception ex) {
// login reservation fail must cause rollback !!
log.error("[REGISTRAR] Unable to reserve password for login: {} in namespace: {} in external system. Exception: " + ex, login, loginNamespace);
throw new ApplicationNotCreatedException("Application was not created. Reason: Unable to reserve password for login: " + login + " in namespace: " + loginNamespace + " in external system. Please contact support to fix this issue before new application submission.", login, loginNamespace);
}
// use first pass with correct namespace
break;
}
}
}
} catch (ApplicationNotCreatedException ex) {
// re-throw
throw ex;
} catch (Exception ex) {
// unable to book login
log.error("[REGISTRAR] Unable to reserve login: {} in namespace: {}. Exception: " + ex, login, loginNamespace);
exceptions.add(ex);
}
} else {
// login is not available
log.error("[REGISTRAR] Login: " + login + " in namespace: " + loginNamespace + " is already occupied but it shouldn't (race condition).");
exceptions.add(new InternalErrorException("Login: " + login + " in namespace: " + loginNamespace + " is already occupied but it shouldn't."));
}
}
}
// call registrar module before auto validation so createAction is trigerred first
RegistrarModule module;
if (application.getGroup() != null) {
module = getRegistrarModule(getFormForGroup(application.getGroup()));
} else {
module = getRegistrarModule(getFormForVo(application.getVo()));
}
if (module != null) {
module.createApplication(session, application, data);
}
} catch (ApplicationNotCreatedException ex) {
// prevent action in finally block
applicationNotCreated = true;
// re-throw
throw ex;
} catch (Exception ex) {
// any exception during app creation process => add it to list
// exceptions when handling logins are catched before
log.error("{}", ex);
exceptions.add(ex);
} finally {
// process rest only if it was not exception related to PASSWORDS creation
if (!applicationNotCreated) {
getMailManager().sendMessage(application, MailType.APP_CREATED_USER, null, null);
getMailManager().sendMessage(application, MailType.APP_CREATED_VO_ADMIN, null, exceptions);
// if there were exceptions, throw some to let know GUI about it
if (!exceptions.isEmpty()) {
RegistrarException ex = new RegistrarException("Your application (ID=" + application.getId() + ") has been created with errors. Administrator of " + application.getVo().getName() + " has been notified. If you want, you can use \"Send report to RT\" button to send this information to administrators directly.");
log.error("[REGISTRAR] New application {} created with errors {}. This is case of PerunException {}", new Object[] { application, exceptions, ex.getErrorId() });
throw ex;
}
log.info("New application {} created.", application);
perun.getAuditer().log(session, "New {} created.", application);
}
}
// return stored data
return application;
}
Also used :
ApplicationFormItemData(cz.metacentrum.perun.registrar.model.ApplicationFormItemData)
SQLException(java.sql.SQLException)
EmptyResultDataAccessException(org.springframework.dao.EmptyResultDataAccessException)
DuplicateKeyException(org.springframework.dao.DuplicateKeyException)
ApplicationFormItem(cz.metacentrum.perun.registrar.model.ApplicationFormItem)
MailType(cz.metacentrum.perun.registrar.model.ApplicationMail.MailType)
Type(cz.metacentrum.perun.registrar.model.ApplicationFormItem.Type)
AppType(cz.metacentrum.perun.registrar.model.Application.AppType)
RegistrarModule(cz.metacentrum.perun.registrar.RegistrarModule)
Transactional(org.springframework.transaction.annotation.Transactional)
Aggregations
AppType (cz.metacentrum.perun.registrar.model.Application.AppType)6
ApplicationFormItem (cz.metacentrum.perun.registrar.model.ApplicationFormItem)4
ItemTexts (cz.metacentrum.perun.registrar.model.ApplicationFormItem.ItemTexts)4
Transactional (org.springframework.transaction.annotation.Transactional)3
SQLException (java.sql.SQLException)2
DuplicateKeyException (org.springframework.dao.DuplicateKeyException)2
EmptyResultDataAccessException (org.springframework.dao.EmptyResultDataAccessException)2
RegistrarModule (cz.metacentrum.perun.registrar.RegistrarModule)1
ApplicationForm (cz.metacentrum.perun.registrar.model.ApplicationForm)1
Type (cz.metacentrum.perun.registrar.model.ApplicationFormItem.Type)1
ApplicationFormItemData (cz.metacentrum.perun.registrar.model.ApplicationFormItemData)1
MailType (cz.metacentrum.perun.registrar.model.ApplicationMail.MailType)1
