use of org.bedework.calfacade.svc.BwAdminGroup in project bw-calendar-engine by Bedework.
the class BwPrincipal method makePrincipal.
public static BwPrincipal makePrincipal(final String href) throws CalFacadeException {
try {
final String uri = URLDecoder.decode(new URI(URLEncoder.encode(href, "UTF-8")).getPath(), "UTF-8");
if (!isPrincipal(uri)) {
return null;
}
int start = -1;
int end = uri.length();
if (uri.endsWith("/")) {
end--;
}
for (String prefix : toWho.keySet()) {
if (!uri.startsWith(prefix)) {
continue;
}
if (uri.equals(prefix)) {
// Trying to browse user principals?
return null;
}
int whoType = toWho.get(prefix);
String who;
if ((whoType == WhoDefs.whoTypeUser) || (whoType == WhoDefs.whoTypeGroup)) {
/* Strip off the principal prefix for real users.
*/
who = uri.substring(prefix.length(), end);
} else {
who = uri;
}
final BwPrincipal p;
if ((whoType == WhoDefs.whoTypeGroup) && prefix.equals(bwadmingroupPrincipalRoot)) {
p = new BwAdminGroup();
} else {
p = BwPrincipal.makePrincipal(whoType);
}
if (p != null) {
p.setAccount(who);
p.setPrincipalRef(uri);
return p;
}
}
throw new CalFacadeException(CalFacadeException.principalNotFound);
} catch (CalFacadeException cfe) {
throw cfe;
} catch (Throwable t) {
throw new CalFacadeException(t);
}
}
use of org.bedework.calfacade.svc.BwAdminGroup in project bw-calendar-engine by Bedework.
the class CalSuites method validateGroup.
/**
* Ensure the given group is valid for the given calendar suite
*
* @param cs
* @param groupName
* @return home for the group
* @throws CalFacadeException
*/
private BwCalendar validateGroup(final BwCalSuite cs, final String groupName) throws CalFacadeException {
if (groupName.length() > BwCalSuite.maxNameLength) {
throw new CalFacadeException(CalFacadeException.calsuiteGroupNameTooLong);
}
BwAdminGroup agrp = (BwAdminGroup) getSvc().getAdminDirectories().findGroup(groupName);
if (agrp == null) {
throw new CalFacadeException(CalFacadeException.groupNotFound, groupName);
}
final BwCalSuiteWrapper csw = get(agrp);
if ((csw != null) && !csw.equals(cs)) {
// Group already assigned to another cal suite
throw new CalFacadeException(CalFacadeException.calsuiteGroupAssigned, csw.getName());
}
final BwPrincipal eventsOwner = getPrincipal(agrp.getOwnerHref());
if (eventsOwner == null) {
throw new CalFacadeException(CalFacadeException.calsuiteBadowner);
}
final BwCalendar home = getCols().getHomeDb(eventsOwner, true);
if (home == null) {
throw new CalFacadeException(CalFacadeException.missingGroupOwnerHome);
}
cs.setGroup(agrp);
/* Change access on the home for the events creator which is also the
* owner of the calsuite resources.
*/
final Collection<Privilege> allPrivs = new ArrayList<>();
allPrivs.add(Access.all);
final Collection<Privilege> readPrivs = new ArrayList<>();
readPrivs.add(Access.read);
final Collection<Ace> aces = new ArrayList<>();
try {
aces.add(Ace.makeAce(AceWho.owner, allPrivs, null));
aces.add(Ace.makeAce(AceWho.getAceWho(eventsOwner.getAccount(), WhoDefs.whoTypeUser, false), allPrivs, null));
aces.add(Ace.makeAce(AceWho.getAceWho(null, WhoDefs.whoTypeAuthenticated, false), readPrivs, null));
aces.add(Ace.makeAce(AceWho.all, readPrivs, null));
getSvc().changeAccess(home, aces, true);
/* Same access to the calsuite itself */
getSvc().changeAccess(cs, aces, true);
/* Also set access so that categories, locations etc are readable */
final String aclStr = new String(new Acl(aces).encode());
eventsOwner.setCategoryAccess(aclStr);
eventsOwner.setLocationAccess(aclStr);
eventsOwner.setContactAccess(aclStr);
} catch (final AccessException ae) {
throw new CalFacadeException(ae);
}
getSvc().getUsersHandler().update(eventsOwner);
return home;
}
use of org.bedework.calfacade.svc.BwAdminGroup in project bw-calendar-engine by Bedework.
the class Notifier method adminGroupOwners.
private void adminGroupOwners(final Set<String> hrefs, final Collection<? extends BwPrincipal> prs) throws CalFacadeException {
if (Util.isEmpty(prs)) {
return;
}
for (final BwPrincipal pr : prs) {
if (pr instanceof BwAdminGroup) {
final BwAdminGroup adGrp = (BwAdminGroup) pr;
hrefs.add(adGrp.getOwnerHref());
adminGroupOwners(hrefs, adGrp.getGroupMembers());
}
}
}
use of org.bedework.calfacade.svc.BwAdminGroup in project bw-calendar-engine by Bedework.
the class Restore method createNewSystem.
private void createNewSystem() throws Throwable {
// Create the public user.
final BwPrincipal pu = BwPrincipal.makeUserPrincipal();
pu.setAccount(BwPrincipal.publicUser);
globals.setPrincipalHref(pu);
globals.rintf.restorePrincipal(pu);
// Create the root user.
final BwPrincipal rootUser = BwPrincipal.makeUserPrincipal();
rootUser.setAccount(rootId);
globals.setPrincipalHref(rootUser);
globals.rintf.restorePrincipal(rootUser);
// Create the an authuser entry for the root user.
final BwAuthUser au = new BwAuthUser();
au.setUserHref(rootUser.getPrincipalRef());
au.setUsertype(UserAuth.allAuth);
au.setPrefs(BwAuthUserPrefs.makeAuthUserPrefs());
globals.rintf.restoreAuthUser(au);
// Create a group for all public admin groups
final BwAdminGroup g = new BwAdminGroup();
final String publicAdminGroupsAccount = // XXX Put into config
"publicAdminGroups";
g.setAccount(publicAdminGroupsAccount);
g.setGroupOwnerHref(pu.getPrincipalRef());
g.setOwnerHref(pu.getPrincipalRef());
if (!globals.onlyUsersMap.check(g.getGroupOwnerHref())) {
g.setGroupOwnerHref(globals.getPublicUser().getPrincipalRef());
}
globals.rintf.restoreAdminGroup(g);
// Create the public root.
final Collection<Privilege> privs = new ArrayList<>();
privs.add(Privileges.makePriv(PrivilegeDefs.privRead));
final Collection<Ace> aces = new ArrayList<>();
aces.add(Ace.makeAce(AceWho.other, privs, null));
privs.clear();
privs.add(Privileges.makePriv(PrivilegeDefs.privRead));
privs.add(Privileges.makePriv(PrivilegeDefs.privWriteContent));
final AceWho who = AceWho.getAceWho(publicAdminGroupsAccount, WhoDefs.whoTypeGroup, false);
aces.add(Ace.makeAce(who, privs, null));
makeCal(null, pu, BwCalendar.calTypeFolder, RestoreGlobals.getBasicSyspars().getPublicCalendarRoot(), new String(new Acl(aces).encode()));
// Create the user root.
privs.clear();
privs.add(Privileges.makePriv(PrivilegeDefs.privAll));
aces.clear();
aces.add(Ace.makeAce(AceWho.owner, privs, null));
final BwCalendar userRoot = makeCal(null, pu, BwCalendar.calTypeFolder, RestoreGlobals.getBasicSyspars().getUserCalendarRoot(), new String(new Acl(aces).encode()));
makeUserHome(userRoot, pu);
makeUserHome(userRoot, rootUser);
}
use of org.bedework.calfacade.svc.BwAdminGroup in project bw-calendar-engine by Bedework.
the class AdminGroupRule method end.
@Override
public void end(final String ns, final String name) throws Exception {
final BwAdminGroup entity = (BwAdminGroup) pop();
try {
if (entity.getGroupOwnerHref() == null) {
error("Missing group owner for admin group " + entity);
return;
}
if (entity.getOwnerHref() == null) {
error("Missing owner for admin group " + entity);
return;
}
if (entity.getPrincipalRef() == null) {
// Pre 3.5?
globals.setPrincipalHref(entity);
}
globals.counts[globals.adminGroups]++;
globals.principalsTbl.put(entity);
if (globals.rintf != null) {
globals.rintf.restoreAdminGroup(entity);
/* Save members. */
final Collection<BwPrincipal> c = entity.getGroupMembers();
if (c == null) {
return;
}
for (final BwPrincipal pr : c) {
globals.rintf.addAdminGroupMember(entity, pr);
}
}
} catch (final Throwable t) {
error("Unable to restore admin group " + entity);
throw new Exception(t);
}
}
Aggregations