Search in sources :

Example 11 with IPersonAttributes

use of org.jasig.services.persondir.IPersonAttributes in project uPortal by Jasig.

the class PersonLookupHelperImpl method searchForPeople.

/* (non-Javadoc)
     * @see org.apereo.portal.portlets.lookup.IPersonLookupHelper#searchForPeople(org.apereo.portal.security.IPerson, java.util.Map)
     */
public List<IPersonAttributes> searchForPeople(final IPerson searcher, final Map<String, Object> query) {
    // get the IAuthorizationPrincipal for the searching user
    final IAuthorizationPrincipal principal = getPrincipalForUser(searcher);
    // build a set of all possible user attributes the current user has
    // permission to view
    final Set<String> permittedAttributes = getPermittedAttributes(principal);
    // remove any query attributes that the user does not have permission
    // to view
    final Map<String, Object> inUseQuery = new HashMap<>();
    for (Map.Entry<String, Object> queryEntry : query.entrySet()) {
        final String attr = queryEntry.getKey();
        if (permittedAttributes.contains(attr)) {
            inUseQuery.put(attr, queryEntry.getValue());
        } else {
            this.logger.warn("User '" + searcher.getName() + "' attempted searching on attribute '" + attr + "' which is not allowed in the current configuration. The attribute will be ignored.");
        }
    }
    // ensure the query has at least one search attribute defined
    if (inUseQuery.keySet().size() == 0) {
        throw new IllegalArgumentException("Search query is empty");
    }
    // get the set of people matching the search query
    final Set<IPersonAttributes> people = this.personAttributeDao.getPeople(inUseQuery);
    if (people == null) {
        return Collections.emptyList();
    }
    // To improve efficiency and not do as many permission checks or person directory searches,
    // if we have too many results and all people in the returned set of personAttributes have
    // a displayName, pre-sort the set and limit it to maxResults. The typical use case is that
    // LDAP returns results that have the displayName populated.  Note that a disadvantage of this
    // approach is that the smaller result set may have entries that permissions prevent the
    // current users from viewing the person and thus reduce the number of final results, but
    // that is rare (typical use case is users can't view administrative internal accounts or the
    // system account, none of which tend to be in LDAP).  We could retain a few more than maxResults
    // to offset that chance, but IMHO not worth the cost of extra external queries.
    List<IPersonAttributes> peopleList = new ArrayList<>(people);
    if (peopleList.size() > maxResults && allListItemsHaveDisplayName(peopleList)) {
        logger.debug("All items contained displayName; pre-sorting list of size {} and truncating to", peopleList.size(), maxResults);
        // sort the list by display name
        Collections.sort(peopleList, new DisplayNameComparator());
        peopleList = peopleList.subList(0, maxResults);
    }
    // Construct a new representation of the persons limited to attributes the searcher
    // has permissions to view.  Will change order of the list.
    List<IPersonAttributes> list = getVisiblePersons(principal, permittedAttributes, peopleList);
    // Sort the list by display name
    Collections.sort(list, new DisplayNameComparator());
    // limit the list to a maximum number of returned results
    if (list.size() > maxResults) {
        list = list.subList(0, maxResults);
    }
    return list;
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) DisplayNameComparator(org.apereo.portal.portlets.search.DisplayNameComparator) IPersonAttributes(org.jasig.services.persondir.IPersonAttributes) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) HashMap(java.util.HashMap) Map(java.util.Map)

Example 12 with IPersonAttributes

use of org.jasig.services.persondir.IPersonAttributes in project uPortal by Jasig.

the class PeopleRESTController method getPerson.

@RequestMapping(value = "/people/{username}.json", method = RequestMethod.GET)
public ModelAndView getPerson(@PathVariable String username, HttpServletRequest request, HttpServletResponse response) {
    final IPerson searcher = personManager.getPerson((HttpServletRequest) request);
    if (searcher == null) {
        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        return null;
    }
    final IPersonAttributes person = lookupHelper.findPerson(searcher, username);
    final ModelAndView mv = new ModelAndView();
    mv.addObject("person", person);
    mv.setViewName("json");
    return mv;
}
Also used : IPerson(org.apereo.portal.security.IPerson) IPersonAttributes(org.jasig.services.persondir.IPersonAttributes) ModelAndView(org.springframework.web.servlet.ModelAndView) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 13 with IPersonAttributes

use of org.jasig.services.persondir.IPersonAttributes in project uPortal by Jasig.

the class LrsActorService method getLrsActor.

@Override
public LrsActor getLrsActor(String userName) {
    Element element = this.lrsActorCache.get(userName);
    if (element != null) {
        return (LrsActor) element.getObjectValue();
    }
    final String email;
    final String name;
    final IPersonAttributes person = personAttributeDao.getPerson(userName);
    if (person == null) {
        email = userName;
        name = userName + "@example.com";
    } else {
        email = getEmail(person);
        name = getName(person);
    }
    final LrsActor lrsActor = new LrsActor("mailto:" + email, name);
    this.lrsActorCache.put(new Element(userName, lrsActor));
    return lrsActor;
}
Also used : IPersonAttributes(org.jasig.services.persondir.IPersonAttributes) Element(net.sf.ehcache.Element) LrsActor(org.apereo.portal.events.tincan.om.LrsActor)

Example 14 with IPersonAttributes

use of org.jasig.services.persondir.IPersonAttributes in project uPortal by Jasig.

the class PersonDirNameFinder method primGetName.

/**
     * Actually lookup a user name using the underlying IPersonAttributeDao.
     *
     * @param key - entity key which in this case is a unique identifier for a user
     * @return the display name for the identified user
     */
private String primGetName(String key) {
    String name = key;
    final IPersonAttributes personAttributes = this.paDao.getPerson(name);
    if (personAttributes != null) {
        Object displayName = personAttributes.getAttributeValue("displayName");
        String displayNameStr = "";
        if (displayName != null) {
            displayNameStr = String.valueOf(displayName);
            if (StringUtils.isNotEmpty(displayNameStr)) {
                name = displayNameStr;
            }
        }
    }
    return name;
}
Also used : IPersonAttributes(org.jasig.services.persondir.IPersonAttributes)

Example 15 with IPersonAttributes

use of org.jasig.services.persondir.IPersonAttributes in project uPortal by Jasig.

the class ImpersonationStatusPersonAttributeDao method getPeopleWithMultivaluedAttributes.

@Override
public Set<IPersonAttributes> getPeopleWithMultivaluedAttributes(Map<String, List<Object>> query) {
    // default (per spec?)
    Set<IPersonAttributes> rslt = null;
    if (this.logger.isDebugEnabled()) {
        this.logger.debug("invoking getPeopleWithMultivaluedAttributes(" + query + ")");
    }
    final IUsernameAttributeProvider usernameAttributeProvider = super.getUsernameAttributeProvider();
    final String queryUid = usernameAttributeProvider.getUsernameFromQuery(query);
    if (queryUid == null) {
        this.logger.debug("No username attribute found in query, returning null");
    } else {
        final HttpServletRequest req = portalRequestUtils.getCurrentPortalRequest();
        final IPerson person = personManager.getPerson(req);
        final String currentUid = person.getUserName();
        if (currentUid.equals(queryUid)) {
            final String value = identitySwapperManager.isImpersonating(req) ? "true" : "false";
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Gathering attributes for the current user [" + currentUid + "];  impersonating=" + value);
            }
            final List<Object> values = Collections.singletonList((Object) value);
            final Map<String, List<Object>> attrs = Collections.singletonMap(IMPERSONATING_ATTRIBUTE_NAME, values);
            final IPersonAttributes ipa = new CaseInsensitiveNamedPersonImpl(currentUid, attrs);
            rslt = Collections.singleton(ipa);
        }
    }
    return rslt;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) IPerson(org.apereo.portal.security.IPerson) IUsernameAttributeProvider(org.jasig.services.persondir.support.IUsernameAttributeProvider) IPersonAttributes(org.jasig.services.persondir.IPersonAttributes) List(java.util.List) CaseInsensitiveNamedPersonImpl(org.jasig.services.persondir.support.CaseInsensitiveNamedPersonImpl)

Aggregations

IPersonAttributes (org.jasig.services.persondir.IPersonAttributes)33 List (java.util.List)12 IPerson (org.apereo.portal.security.IPerson)12 HashMap (java.util.HashMap)11 ArrayList (java.util.ArrayList)8 LinkedHashSet (java.util.LinkedHashSet)5 HttpServletRequest (javax.servlet.http.HttpServletRequest)5 Principal (java.security.Principal)4 Map (java.util.Map)4 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)4 PortletRequest (javax.portlet.PortletRequest)3 ModelAndView (org.springframework.web.servlet.ModelAndView)3 Date (java.util.Date)2 LinkedHashMap (java.util.LinkedHashMap)2 Set (java.util.Set)2 PortletPreferences (javax.portlet.PortletPreferences)2 Element (net.sf.ehcache.Element)2 GroupsException (org.apereo.portal.groups.GroupsException)2 IEntityGroup (org.apereo.portal.groups.IEntityGroup)2 Attribute (org.apereo.portal.portlets.Attribute)2