Examples with SecurityGroup org.olat.basesecurity.SecurityGroup used on opensource projects

Example 61 with SecurityGroup

use of org.olat.basesecurity.SecurityGroup in project openolat by klemens.

the class LDAPLoginManagerImpl method deletIdentities.

/**
 * Delete all Identities in List and removes them from LDAPSecurityGroup
 *
 * @param identityList List of Identities to delete
 */
@Override
public void deletIdentities(List<Identity> identityList) {
    SecurityGroup secGroup = securityManager.findSecurityGroupByName(LDAPConstants.SECURITY_GROUP_LDAP);
    for (Identity identity : identityList) {
        securityManager.removeIdentityFromSecurityGroup(identity, secGroup);
        userDeletionManager.deleteIdentity(identity);
        dbInstance.intermediateCommit();
    }
}

Example 62 with SecurityGroup

use of org.olat.basesecurity.SecurityGroup in project openolat by klemens.

the class LDAPLoginManagerImpl method removeFallBackAuthentications.

/**
 * remove all cached authentications for fallback-login. useful if users logged in first with a default pw and changed it outside in AD/LDAP, but OLAT doesn't know about.
 * removing fallback-auths means login is only possible by AD/LDAP and if server is reachable!
 * see FXOLAT-284
 */
@Override
public void removeFallBackAuthentications() {
    if (ldapLoginModule.isCacheLDAPPwdAsOLATPwdOnLogin()) {
        SecurityGroup ldapGroup = securityManager.findSecurityGroupByName(LDAPConstants.SECURITY_GROUP_LDAP);
        if (ldapGroup == null) {
            log.error("Cannot get user from OLAT security group '" + LDAPConstants.SECURITY_GROUP_LDAP + "' : group does not exist", null);
        }
        List<Identity> ldapIdents = securityManager.getIdentitiesOfSecurityGroup(ldapGroup);
        log.info("found " + ldapIdents.size() + " identies in ldap security group");
        int count = 0;
        for (Identity identity : ldapIdents) {
            Authentication auth = securityManager.findAuthentication(identity, BaseSecurityModule.getDefaultAuthProviderIdentifier());
            if (auth != null) {
                securityManager.deleteAuthentication(auth);
                count++;
            }
            if (count % 20 == 0) {
                dbInstance.intermediateCommit();
            }
        }
        log.info("removed cached authentications (fallback login provider: " + BaseSecurityModule.getDefaultAuthProviderIdentifier() + ") for " + count + " users.");
    }
}

Example 63 with SecurityGroup

use of org.olat.basesecurity.SecurityGroup in project openolat by klemens.

the class LDAPLoginManagerImpl method getIdentitysDeletedInLdap.

/**
 * Creates list of all OLAT Users which have been deleted out of the LDAP
 * directory but still exits in OLAT
 *
 * Configuration: Required Attributes = ldapContext.xml (property=reqAttrs)
 * LDAP Base = ldapContext.xml (property=ldapBase)
 *
 * @param syncTime The time to search in LDAP for changes since this time.
 *          SyncTime has to formatted: JJJJMMddHHmm
 * @param ctx The LDAP system connection, if NULL or closed NamingExecpiton is
 *          thrown
 *
 * @return Returns list of Identity from the user which have been deleted in
 *         LDAP
 *
 * @throws NamingException
 */
public List<Identity> getIdentitysDeletedInLdap(LdapContext ctx) {
    if (ctx == null)
        return null;
    // Find all LDAP Users
    String userID = syncConfiguration.getOlatPropertyToLdapAttribute(LDAPConstants.LDAP_USER_IDENTIFYER);
    String userFilter = syncConfiguration.getLdapUserFilter();
    final List<String> ldapList = new ArrayList<String>();
    ldapDao.searchInLdap(new LDAPVisitor() {

        @Override
        public void visit(SearchResult result) throws NamingException {
            Attributes attrs = result.getAttributes();
            NamingEnumeration<? extends Attribute> aEnum = attrs.getAll();
            while (aEnum.hasMore()) {
                Attribute attr = aEnum.next();
                // use lowercase username
                ldapList.add(attr.get().toString().toLowerCase());
            }
        }
    }, (userFilter == null ? "" : userFilter), new String[] { userID }, ctx);
    if (ldapList.isEmpty()) {
        log.warn("No users in LDAP found, can't create deletionList!!", null);
        return null;
    }
    // Find all User in OLAT, members of LDAPSecurityGroup
    SecurityGroup ldapGroup = securityManager.findSecurityGroupByName(LDAPConstants.SECURITY_GROUP_LDAP);
    if (ldapGroup == null) {
        log.error("Error getting users from OLAT security group '" + LDAPConstants.SECURITY_GROUP_LDAP + "' : group does not exist", null);
        return null;
    }
    List<Identity> identityListToDelete = new ArrayList<Identity>();
    List<Identity> olatListIdentity = securityManager.getIdentitiesOfSecurityGroup(ldapGroup);
    for (Identity ida : olatListIdentity) {
        // compare usernames with lowercase
        if (!ldapList.contains(ida.getName().toLowerCase())) {
            identityListToDelete.add(ida);
        }
    }
    return identityListToDelete;
}

Example 64 with SecurityGroup

use of org.olat.basesecurity.SecurityGroup in project openolat by klemens.

the class OAuthRegistrationController method formOK.

@Override
protected void formOK(UserRequest ureq) {
    String lang = langEl.getSelectedKey();
    String username = usernameEl.getValue();
    OAuthUser oauthUser = registration.getOauthUser();
    User newUser = userManager.createUser(null, null, null);
    for (UserPropertyHandler userPropertyHandler : userPropertyHandlers) {
        FormItem propertyItem = this.flc.getFormComponent(userPropertyHandler.getName());
        userPropertyHandler.updateUserFromFormItem(newUser, propertyItem);
    }
    // Init preferences
    newUser.getPreferences().setLanguage(lang);
    newUser.getPreferences().setInformSessionTimeout(true);
    String id;
    if (StringHelper.containsNonWhitespace(oauthUser.getId())) {
        id = oauthUser.getId();
    } else if (StringHelper.containsNonWhitespace(oauthUser.getEmail())) {
        id = oauthUser.getEmail();
    } else {
        id = username;
    }
    authenticatedIdentity = securityManager.createAndPersistIdentityAndUser(username, null, newUser, registration.getAuthProvider(), id, null);
    // Add user to system users group
    SecurityGroup olatuserGroup = securityManager.findSecurityGroupByName(Constants.GROUP_OLATUSERS);
    securityManager.addIdentityToSecurityGroup(authenticatedIdentity, olatuserGroup);
    // open disclaimer
    removeAsListenerAndDispose(disclaimerController);
    disclaimerController = new DisclaimerController(ureq, getWindowControl());
    listenTo(disclaimerController);
    cmc = new CloseableModalController(getWindowControl(), translate("close"), disclaimerController.getInitialComponent(), true, translate("disclaimer.title"));
    cmc.activate();
    listenTo(cmc);
}

Example 65 with SecurityGroup

use of org.olat.basesecurity.SecurityGroup in project openolat by klemens.

the class ImportMemberOverviewIdentitiesController method loadModelByIdentities.

private void loadModelByIdentities(List<Identity> keys) {
    notfounds = new ArrayList<>();
    Set<Identity> okSet = new HashSet<>();
    SecurityGroup anonymousSecGroup = securityManager.findSecurityGroupByName(Constants.GROUP_ANONYMOUS);
    List<Identity> anonymousUsers = securityManager.getIdentitiesOfSecurityGroup(anonymousSecGroup);
    for (Identity ident : keys) {
        if (ident == null || anonymousUsers.contains(ident)) {
        // ignore
        } else if (!okSet.contains(ident)) {
            okSet.add(ident);
        }
    }
    oks = new ArrayList<>(okSet);
}