Example 1 with BwCalSuiteWrapper
use of org.bedework.calfacade.svc.wrappers.BwCalSuiteWrapper in project bw-calendar-engine by Bedework.
the class CalSuites method validateGroup.
/**
* Ensure the given group is valid for the given calendar suite
*
* @param cs
* @param groupName
* @return home for the group
* @throws CalFacadeException
*/
private BwCalendar validateGroup(final BwCalSuite cs, final String groupName) throws CalFacadeException {
if (groupName.length() > BwCalSuite.maxNameLength) {
throw new CalFacadeException(CalFacadeException.calsuiteGroupNameTooLong);
}
BwAdminGroup agrp = (BwAdminGroup) getSvc().getAdminDirectories().findGroup(groupName);
if (agrp == null) {
throw new CalFacadeException(CalFacadeException.groupNotFound, groupName);
}
final BwCalSuiteWrapper csw = get(agrp);
if ((csw != null) && !csw.equals(cs)) {
// Group already assigned to another cal suite
throw new CalFacadeException(CalFacadeException.calsuiteGroupAssigned, csw.getName());
}
final BwPrincipal eventsOwner = getPrincipal(agrp.getOwnerHref());
if (eventsOwner == null) {
throw new CalFacadeException(CalFacadeException.calsuiteBadowner);
}
final BwCalendar home = getCols().getHomeDb(eventsOwner, true);
if (home == null) {
throw new CalFacadeException(CalFacadeException.missingGroupOwnerHome);
}
cs.setGroup(agrp);
/* Change access on the home for the events creator which is also the
* owner of the calsuite resources.
*/
final Collection<Privilege> allPrivs = new ArrayList<>();
allPrivs.add(Access.all);
final Collection<Privilege> readPrivs = new ArrayList<>();
readPrivs.add(Access.read);
final Collection<Ace> aces = new ArrayList<>();
try {
aces.add(Ace.makeAce(AceWho.owner, allPrivs, null));
aces.add(Ace.makeAce(AceWho.getAceWho(eventsOwner.getAccount(), WhoDefs.whoTypeUser, false), allPrivs, null));
aces.add(Ace.makeAce(AceWho.getAceWho(null, WhoDefs.whoTypeAuthenticated, false), readPrivs, null));
aces.add(Ace.makeAce(AceWho.all, readPrivs, null));
getSvc().changeAccess(home, aces, true);
/* Same access to the calsuite itself */
getSvc().changeAccess(cs, aces, true);
/* Also set access so that categories, locations etc are readable */
final String aclStr = new String(new Acl(aces).encode());
eventsOwner.setCategoryAccess(aclStr);
eventsOwner.setLocationAccess(aclStr);
eventsOwner.setContactAccess(aclStr);
} catch (final AccessException ae) {
throw new CalFacadeException(ae);
}
getSvc().getUsersHandler().update(eventsOwner);
return home;
}
Also used :
Ace(org.bedework.access.Ace)
ArrayList(java.util.ArrayList)
BwCalSuiteWrapper(org.bedework.calfacade.svc.wrappers.BwCalSuiteWrapper)
BwCalendar(org.bedework.calfacade.BwCalendar)
Acl(org.bedework.access.Acl)
CalFacadeException(org.bedework.calfacade.exc.CalFacadeException)
BwPrincipal(org.bedework.calfacade.BwPrincipal)
AccessException(org.bedework.access.AccessException)
BwAdminGroup(org.bedework.calfacade.svc.BwAdminGroup)
Privilege(org.bedework.access.Privilege)
Example 2 with BwCalSuiteWrapper
use of org.bedework.calfacade.svc.wrappers.BwCalSuiteWrapper in project bw-calendar-engine by Bedework.
the class CalSvc method getCal.
/* Currently this gets a local calintf only. Later we need to use a par to
* get calintf from a table.
*/
Calintf getCal() throws CalFacadeException {
if (cali != null) {
return cali;
}
final long start = System.currentTimeMillis();
try {
final long beforeGetIntf = System.currentTimeMillis() - start;
cali = CalintfFactory.getIntf(CalintfFactory.hibernateClass);
final long afterGetIntf = System.currentTimeMillis() - start;
cali.open(pars.getWebMode(), pars.getForRestore(), // Just for the user interactions
pars.getIndexRebuild());
postNotification(SysEvent.makeTimedEvent("Login: about to obtain calintf", beforeGetIntf));
postNotification(SysEvent.makeTimedEvent("Login: calintf obtained", afterGetIntf));
postNotification(SysEvent.makeTimedEvent("Login: intf opened", System.currentTimeMillis() - start));
cali.beginTransaction();
postNotification(SysEvent.makeTimedEvent("Login: transaction started", System.currentTimeMillis() - start));
String runAsUser = pars.getUser();
if (pars.getCalSuite() != null) {
final BwCalSuite cs = cali.getCalSuite(pars.getCalSuite());
if (cs == null) {
error("******************************************************");
error("Unable to fetch calendar suite " + pars.getCalSuite());
error("Is the database correctly initialised?");
error("******************************************************");
throw new CalFacadeException(CalFacadeException.unknownCalsuite, pars.getCalSuite());
}
getCalSuitesHandler().set(new BwCalSuiteWrapper(cs));
/* For administrative use we use the account of the admin group the user
* is a direct member of
*
* For public clients we use the calendar suite owning group.
*/
if (!pars.getPublicAdmin()) {
runAsUser = cs.getGroup().getOwnerHref();
}
}
postNotification(SysEvent.makeTimedEvent("Login: before get dirs", System.currentTimeMillis() - start));
final Directories dir = getDirectories();
/* Get ourselves a user object */
String authenticatedUser = pars.getAuthUser();
if (authenticatedUser != null) {
final String sv = authenticatedUser;
if (dir.isPrincipal(authenticatedUser)) {
authenticatedUser = dir.accountFromPrincipal(authenticatedUser);
}
if (authenticatedUser == null) {
error("Failed with Authenticated user " + sv);
return null;
}
if (authenticatedUser.endsWith("/")) {
getLogger().warn("Authenticated user " + authenticatedUser + " ends with \"/\"");
}
}
postNotification(SysEvent.makeTimedEvent("Login: before user fetch", System.currentTimeMillis() - start));
// synchronized (synchlock) {
final Users users = (Users) getUsersHandler();
if (runAsUser == null) {
runAsUser = authenticatedUser;
}
BwPrincipal currentPrincipal;
final BwPrincipal authPrincipal;
PrivilegeSet maxAllowedPrivs = null;
boolean subscriptionsOnly = getSystemProperties().getUserSubscriptionsOnly();
boolean userMapHit = false;
boolean addingUser = false;
boolean addingRunAsUser = false;
if (pars.getForRestore()) {
authenticated = true;
currentPrincipal = dir.caladdrToPrincipal(pars.getAuthUser());
authPrincipal = currentPrincipal;
subscriptionsOnly = false;
} else if (authenticatedUser == null) {
authenticated = false;
// Unauthenticated use
currentPrincipal = unauthUsers.get(runAsUser);
if (currentPrincipal == null) {
currentPrincipal = users.getUser(runAsUser);
} else {
userMapHit = true;
}
if (currentPrincipal == null) {
// XXX Should we set this one up?
currentPrincipal = BwPrincipal.makeUserPrincipal();
}
currentPrincipal.setUnauthenticated(true);
if (!userMapHit) {
unauthUsers.put(runAsUser, currentPrincipal);
}
authPrincipal = currentPrincipal;
maxAllowedPrivs = PrivilegeSet.readOnlyPrivileges;
} else {
authenticated = true;
currentPrincipal = unauthUsers.get(authenticatedUser);
if (currentPrincipal == null) {
currentPrincipal = users.getUser(authenticatedUser);
} else {
userMapHit = true;
}
if (currentPrincipal == null) {
/* Add the user to the database. Presumably this is first logon
*/
getLogger().debug("Add new user " + authenticatedUser);
/*
currentPrincipal = addUser(authenticatedUser);
if (currentPrincipal == null) {
error("Failed to find user after adding: " + authenticatedUser);
}
*/
currentPrincipal = getFakeUser(authenticatedUser);
addingUser = true;
}
authPrincipal = currentPrincipal;
if (authenticatedUser.equals(runAsUser)) {
getLogger().debug("Authenticated user " + authenticatedUser + " logged on");
} else {
currentPrincipal = unauthUsers.get(runAsUser);
if (currentPrincipal == null) {
currentPrincipal = users.getUser(runAsUser);
} else {
userMapHit = true;
}
if (currentPrincipal == null) {
// throw new CalFacadeException("User " + runAsUser + " does not exist.");
/* Add the user to the database. Presumably this is first logon
*/
getLogger().debug("Add new run-as-user " + runAsUser);
// currentPrincipal = addUser(runAsUser);
currentPrincipal = getFakeUser(runAsUser);
addingRunAsUser = true;
}
getLogger().debug("Authenticated user " + authenticatedUser + " logged on - running as " + runAsUser);
}
if (!userMapHit && (currentPrincipal != null)) {
currentPrincipal.setGroups(dir.getAllGroups(currentPrincipal));
authUsers.put(currentPrincipal.getAccount(), currentPrincipal);
}
postNotification(SysEvent.makeTimedEvent("Login: after get Groups", System.currentTimeMillis() - start));
if (pars.getService()) {
subscriptionsOnly = false;
} else {
final BwPrincipalInfo bwpi = dir.getDirInfo(currentPrincipal);
currentPrincipal.setPrincipalInfo(bwpi);
if (pars.getPublicAdmin() || (bwpi != null && bwpi.getHasFullAccess())) {
subscriptionsOnly = false;
}
postNotification(SysEvent.makeTimedEvent("Login: got Dirinfo", System.currentTimeMillis() - start));
}
}
principalInfo = new SvciPrincipalInfo(this, currentPrincipal, authPrincipal, maxAllowedPrivs, subscriptionsOnly);
cali.init(pars.getLogId(), configs, principalInfo, null, pars.getPublicAdmin(), pars.getPublicSubmission(), pars.getSessionsless(), pars.getDontKill());
if (addingUser) {
// Do the real work of setting up user
addUser(authenticatedUser);
}
if (addingRunAsUser) {
// Do the real work of setting up user
addUser(runAsUser);
}
if (!currentPrincipal.getUnauthenticated()) {
if (pars.getService()) {
postNotification(SysEvent.makePrincipalEvent(SysEvent.SysCode.SERVICE_USER_LOGIN, currentPrincipal, System.currentTimeMillis() - start));
} else if (!creating) {
users.logon(currentPrincipal);
postNotification(SysEvent.makePrincipalEvent(SysEvent.SysCode.USER_LOGIN, currentPrincipal, System.currentTimeMillis() - start));
}
} else {
// If we have a runAsUser it's a public client. Pretend we authenticated
// WHY? currentPrincipal.setUnauthenticated(runAsUser == null);
}
if (pars.getPublicAdmin() || pars.isGuest()) {
if (debug) {
trace("PublicAdmin: " + pars.getPublicAdmin() + " user: " + runAsUser);
}
/* We may be running as a different user. The preferences we want to see
* are those of the user we are running as - i.e. the 'run.as' user
* not those of the authenticated user.
* /
BwCalSuiteWrapper suite = getCalSuitesHandler().get();
BwPrincipal user;
if (suite != null) {
// Use this user
user = users.getPrincipal(suite.getGroup().getOwnerHref());
} else if (runAsUser == null) {
// Unauthenticated CalDAV for example?
user = currentPrincipal;
} else {
// No calendar suite set up
// XXX This is messy
if (runAsUser.startsWith("/")) {
user = users.getPrincipal(runAsUser);
} else {
user = users.getUser(runAsUser);
}
}
if (!user.equals(principalInfo.getPrincipal())) {
user.setGroups(getDirectories().getAllGroups(user));
user.setPrincipalInfo(getDirectories().getDirInfo(user));
((SvciPrincipalInfo)principalInfo).setPrincipal(user);
}
*/
}
return cali;
// }
} catch (final CalFacadeException cfe) {
error(cfe);
throw cfe;
} catch (final Throwable t) {
error(t);
throw new CalFacadeException(t);
} finally {
if (cali != null) {
cali.endTransaction();
cali.close();
// cali.flushAll();
}
}
}
Also used :
BwCalSuite(org.bedework.calfacade.svc.BwCalSuite)
PrivilegeSet(org.bedework.access.PrivilegeSet)
BwString(org.bedework.calfacade.BwString)
BwCalSuiteWrapper(org.bedework.calfacade.svc.wrappers.BwCalSuiteWrapper)
CalFacadeException(org.bedework.calfacade.exc.CalFacadeException)
Directories(org.bedework.calfacade.ifs.Directories)
BwPrincipal(org.bedework.calfacade.BwPrincipal)
BwPrincipalInfo(org.bedework.calfacade.BwPrincipalInfo)
Example 3 with BwCalSuiteWrapper
use of org.bedework.calfacade.svc.wrappers.BwCalSuiteWrapper in project bw-calendar-engine by Bedework.
the class CalSvc method changeAccess.
/* ====================================================================
* Access
* ==================================================================== */
/* (non-Javadoc)
* @see org.bedework.calsvci.CalSvcI#changeAccess(org.bedework.calfacade.base.BwShareableDbentity, java.util.Collection)
*/
@Override
public void changeAccess(BwShareableDbentity ent, final Collection<Ace> aces, final boolean replaceAll) throws CalFacadeException {
if (ent instanceof BwCalSuiteWrapper) {
ent = ((BwCalSuiteWrapper) ent).fetchEntity();
}
getCal().changeAccess(ent, aces, replaceAll);
if (ent instanceof BwCalendar) {
final BwCalendar col = (BwCalendar) ent;
if (col.getCalType() == BwCalendar.calTypeInbox) {
// Same access as inbox
final BwCalendar pendingInbox = getCalendarsHandler().getSpecial(BwCalendar.calTypePendingInbox, true);
if (pendingInbox == null) {
warn("Unable to update pending inbox access");
} else {
getCal().changeAccess(pendingInbox, aces, replaceAll);
}
}
((Preferences) getPrefsHandler()).updateAdminPrefs(false, col, null, null, null);
} else if (ent instanceof BwEventProperty) {
((Preferences) getPrefsHandler()).updateAdminPrefs(false, (BwEventProperty) ent);
}
}
Also used :
BwEventProperty(org.bedework.calfacade.BwEventProperty)
BwCalSuiteWrapper(org.bedework.calfacade.svc.wrappers.BwCalSuiteWrapper)
BwCalendar(org.bedework.calfacade.BwCalendar)
BwPreferences(org.bedework.calfacade.svc.BwPreferences)
Example 4 with BwCalSuiteWrapper
use of org.bedework.calfacade.svc.wrappers.BwCalSuiteWrapper in project bw-calendar-engine by Bedework.
the class CalSuites method wrap.
private BwCalSuiteWrapper wrap(final BwCalSuite cs, final boolean alwaysReturn) throws CalFacadeException {
final CurrentAccess ca = checkAccess(cs, PrivilegeDefs.privAny, alwaysReturn);
if ((ca == null) || !ca.getAccessAllowed()) {
return null;
}
final BwCalSuiteWrapper w = new BwCalSuiteWrapper(cs, ca);
final BwAdminGroup agrp = cs.getGroup();
if (agrp == null) {
return w;
}
final BwPrincipal eventsOwner = getSvc().getUsersHandler().getPrincipal(agrp.getOwnerHref());
if (eventsOwner == null) {
return w;
}
final BwCalendar home = getCols().getHome(eventsOwner, false);
if (home == null) {
return w;
}
w.setResourcesHome(home.getPath());
return w;
}
Also used :
BwPrincipal(org.bedework.calfacade.BwPrincipal)
CurrentAccess(org.bedework.access.Acl.CurrentAccess)
BwCalSuiteWrapper(org.bedework.calfacade.svc.wrappers.BwCalSuiteWrapper)
BwAdminGroup(org.bedework.calfacade.svc.BwAdminGroup)
BwCalendar(org.bedework.calfacade.BwCalendar)
Example 5 with BwCalSuiteWrapper
use of org.bedework.calfacade.svc.wrappers.BwCalSuiteWrapper in project bw-calendar-engine by Bedework.
the class CalSvc method setCalSuite.
@Override
public void setCalSuite(final String name) throws CalFacadeException {
final BwCalSuiteWrapper cs = getCalSuitesHandler().get(name);
if (cs == null) {
error("******************************************************");
error("Unable to fetch calendar suite " + name);
error("Is the database correctly initialised?");
error("******************************************************");
throw new CalFacadeException(CalFacadeException.unknownCalsuite, name);
}
getCalSuitesHandler().set(cs);
/* This is wrong. The calsuite doesn't always represent the group
It may be a sub-group.
final BwPrincipal user = getUsersHandler().getPrincipal(cs.getGroup().getOwnerHref());
user.setGroups(getDirectories().getAllGroups(user));
if (!user.equals(principalInfo.getPrincipal())) {
((SvciPrincipalInfo)principalInfo).setPrincipal(user);
}
*/
}
Also used :
BwCalSuiteWrapper(org.bedework.calfacade.svc.wrappers.BwCalSuiteWrapper)
CalFacadeException(org.bedework.calfacade.exc.CalFacadeException)
Aggregations
BwCalSuiteWrapper (org.bedework.calfacade.svc.wrappers.BwCalSuiteWrapper)6
BwCalendar (org.bedework.calfacade.BwCalendar)3
BwPrincipal (org.bedework.calfacade.BwPrincipal)3
CalFacadeException (org.bedework.calfacade.exc.CalFacadeException)3
BwAdminGroup (org.bedework.calfacade.svc.BwAdminGroup)2
ArrayList (java.util.ArrayList)1
AccessException (org.bedework.access.AccessException)1
Ace (org.bedework.access.Ace)1
Acl (org.bedework.access.Acl)1
CurrentAccess (org.bedework.access.Acl.CurrentAccess)1
Privilege (org.bedework.access.Privilege)1
PrivilegeSet (org.bedework.access.PrivilegeSet)1
BwEventProperty (org.bedework.calfacade.BwEventProperty)1
BwPrincipalInfo (org.bedework.calfacade.BwPrincipalInfo)1
BwString (org.bedework.calfacade.BwString)1
Directories (org.bedework.calfacade.ifs.Directories)1
BwCalSuite (org.bedework.calfacade.svc.BwCalSuite)1
BwPreferences (org.bedework.calfacade.svc.BwPreferences)1
