Example 86 with SecurityGroup
use of org.olat.basesecurity.SecurityGroup in project OpenOLAT by OpenOLAT.
the class OLATUpgrade_10_0_0 method processMap.
private void processMap(EPMapUpgrade map) {
if (hasGroupsRelations(map)) {
return;
}
Set<EPMapUpgradeToGroupRelation> relations = new HashSet<>();
SecurityGroup ownerGroup = map.getOwnerGroup();
if (ownerGroup != null) {
// create default group
RepositoryEntryUpgrade re = findMapRepoEntry(ownerGroup);
if (re != null) {
Group reGroup = repositoryEntryToGroupDAO.getDefaultGroup(re);
if (reGroup != null) {
relations.add(createDefaultGroup(map, reGroup));
}
}
if (relations.isEmpty()) {
Group group = groupDao.createGroup();
relations.add(createDefaultGroup(map, group));
processSecurityGroup(group, GroupRoles.owner.name(), ownerGroup);
}
// create policy -> relation
List<Policy> policies = securityManager.getPoliciesOfResource(map.getOlatResource(), null);
for (Policy policy : policies) {
if (policy.getPermission().contains(Constants.PERMISSION_READ)) {
EPMapUpgradeToGroupRelation policyRelation = processMapPolicy(policy, map);
if (policyRelation != null) {
relations.add(policyRelation);
}
}
}
for (EPMapUpgradeToGroupRelation relation : relations) {
dbInstance.getCurrentEntityManager().persist(relation);
}
}
}
Also used :
Policy(org.olat.basesecurity.Policy)
EPMapPolicy(org.olat.portfolio.manager.EPMapPolicy)
RepositoryEntryUpgrade(org.olat.upgrade.model.RepositoryEntryUpgrade)
Group(org.olat.basesecurity.Group)
SecurityGroup(org.olat.basesecurity.SecurityGroup)
EPMapUpgradeToGroupRelation(org.olat.upgrade.model.EPMapUpgradeToGroupRelation)
SecurityGroup(org.olat.basesecurity.SecurityGroup)
HashSet(java.util.HashSet)
Example 87 with SecurityGroup
use of org.olat.basesecurity.SecurityGroup in project OpenOLAT by OpenOLAT.
the class RepositoryManagerTest method queryByTypeLimitAccess_withInstitution.
@Test
public void queryByTypeLimitAccess_withInstitution() {
Identity id = JunitTestHelper.createAndPersistIdentityAsUser("qbtla-3-" + UUID.randomUUID().toString());
RepositoryEntry re = JunitTestHelper.createAndPersistRepositoryEntry(true);
BusinessGroup group = businessGroupService.createBusinessGroup(null, "qbtla-3", "tg", null, null, false, false, re);
businessGroupRelationDao.addRole(id, group, GroupRoles.coach.name());
dbInstance.commitAndCloseSession();
// promote id to institution resource manager
id.getUser().setProperty(UserConstants.INSTITUTIONALNAME, "openolat.org");
userManager.updateUserFromIdentity(id);
SecurityGroup institutionalResourceManagerGroup = securityManager.findSecurityGroupByName(Constants.GROUP_INST_ORES_MANAGER);
securityManager.addIdentityToSecurityGroup(id, institutionalResourceManagerGroup);
dbInstance.commitAndCloseSession();
// check
List<String> types = Collections.singletonList(re.getOlatResource().getResourceableTypeName());
List<RepositoryEntry> entries = repositoryManager.queryByTypeLimitAccess(id, new Roles(false, false, false, false, false, true, false), types);
Assert.assertNotNull(entries);
Assert.assertFalse(entries.isEmpty());
Assert.assertTrue(entries.contains(re));
for (RepositoryEntry entry : entries) {
if (!entry.equals(re)) {
Assert.assertTrue(entry.getAccess() >= RepositoryEntry.ACC_USERS);
}
}
}
Also used :
BusinessGroup(org.olat.group.BusinessGroup)
GroupRoles(org.olat.basesecurity.GroupRoles)
Roles(org.olat.core.id.Roles)
Identity(org.olat.core.id.Identity)
SecurityGroup(org.olat.basesecurity.SecurityGroup)
Test(org.junit.Test)
Example 88 with SecurityGroup
use of org.olat.basesecurity.SecurityGroup in project OpenOLAT by OpenOLAT.
the class ProjectBrokerManagerImpl method deleteProject.
/**
* Delete a project and delete project-groups related to this project.
* This method is cluster-save.
* @see org.olat.course.nodes.projectbroker.service.ProjectBrokerManager#deleteProject(org.olat.course.nodes.projectbroker.datamodel.Project)
*/
public void deleteProject(final Project project, final boolean deleteGroup, final CourseEnvironment courseEnv, final CourseNode cNode) {
logDebug("start deleteProject project=" + project);
final Long projectBrokerId = project.getProjectBroker().getKey();
OLATResourceable projectBrokerOres = OresHelper.createOLATResourceableInstance(this.getClass(), projectBrokerId);
CoordinatorManager.getInstance().getCoordinator().getSyncer().doInSync(projectBrokerOres, new SyncerExecutor() {
public void execute() {
Project reloadedProject = (Project) dbInstance.loadObject(project, true);
// delete first candidate-group, project-group will be deleted after deleting project
SecurityGroup candidateGroup = reloadedProject.getCandidateGroup();
if ((courseEnv != null) && (cNode != null)) {
deleteAllAttachmentFilesOfProject(reloadedProject, courseEnv, cNode);
deleteAllDropboxFilesOfProject(reloadedProject, courseEnv, cNode);
deleteAllReturnboxFilesOfProject(reloadedProject, courseEnv, cNode);
}
dbInstance.deleteObject(reloadedProject);
logInfo("deleteSecurityGroup(project.getCandidateGroup())=" + candidateGroup.getKey());
securityManager.deleteSecurityGroup(candidateGroup);
// invalide with removing from cache
projectCache.remove(projectBrokerId.toString());
}
});
if (deleteGroup) {
logDebug("start deleteProjectGroupFor project=" + project);
projectGroupManager.deleteProjectGroupFor(project);
}
logDebug("DONE deleteProjectGroupFor project=" + project);
}
Also used :
Project(org.olat.course.nodes.projectbroker.datamodel.Project)
OLATResourceable(org.olat.core.id.OLATResourceable)
SyncerExecutor(org.olat.core.util.coordinate.SyncerExecutor)
SecurityGroup(org.olat.basesecurity.SecurityGroup)
Example 89 with SecurityGroup
use of org.olat.basesecurity.SecurityGroup in project OpenOLAT by OpenOLAT.
the class LDAPLoginManagerImpl method doBatchSyncDeletedUsers.
private void doBatchSyncDeletedUsers(LdapContext ctx, String sinceSentence) {
// create User to Delete List
List<Identity> deletedUserList = getIdentitysDeletedInLdap(ctx);
// delete old users
if (deletedUserList == null || deletedUserList.size() == 0) {
log.info("LDAP batch sync: no users to delete" + sinceSentence);
} else {
if (ldapLoginModule.isDeleteRemovedLDAPUsersOnSync()) {
// check if more not more than the defined percentages of
// users managed in LDAP should be deleted
// if they are over the percentage, they will not be deleted
// by the sync job
SecurityGroup ldapGroup = securityManager.findSecurityGroupByName(LDAPConstants.SECURITY_GROUP_LDAP);
List<Identity> olatListIdentity = securityManager.getIdentitiesOfSecurityGroup(ldapGroup);
if (olatListIdentity.isEmpty())
log.info("No users managed by LDAP, can't delete users");
else {
int prozente = (int) (((float) deletedUserList.size() / (float) olatListIdentity.size()) * 100);
if (prozente >= ldapLoginModule.getDeleteRemovedLDAPUsersPercentage()) {
log.info("LDAP batch sync: more than " + ldapLoginModule.getDeleteRemovedLDAPUsersPercentage() + "% of LDAP managed users should be deleted. Please use Admin Deletion Job. Or increase deleteRemovedLDAPUsersPercentage. " + prozente + "% tried to delete.");
} else {
// delete users
deletIdentities(deletedUserList);
log.info("LDAP batch sync: " + deletedUserList.size() + " users deleted" + sinceSentence);
}
}
} else {
// Do nothing, only log users to logfile
StringBuilder users = new StringBuilder();
for (Identity toBeDeleted : deletedUserList) {
users.append(toBeDeleted.getName()).append(',');
}
log.info("LDAP batch sync: " + deletedUserList.size() + " users detected as to be deleted" + sinceSentence + ". Automatic deleting is disabled in LDAPLoginModule, delete these users manually::[" + users.toString() + "]");
}
}
dbInstance.commitAndCloseSession();
}
Also used :
Identity(org.olat.core.id.Identity)
SecurityGroup(org.olat.basesecurity.SecurityGroup)
Example 90 with SecurityGroup
use of org.olat.basesecurity.SecurityGroup in project OpenOLAT by OpenOLAT.
the class LDAPLoginManagerImpl method deletIdentities.
/**
* Delete all Identities in List and removes them from LDAPSecurityGroup
*
* @param identityList List of Identities to delete
*/
@Override
public void deletIdentities(List<Identity> identityList) {
SecurityGroup secGroup = securityManager.findSecurityGroupByName(LDAPConstants.SECURITY_GROUP_LDAP);
for (Identity identity : identityList) {
securityManager.removeIdentityFromSecurityGroup(identity, secGroup);
userDeletionManager.deleteIdentity(identity);
dbInstance.intermediateCommit();
}
}
Also used :
SecurityGroup(org.olat.basesecurity.SecurityGroup)
Identity(org.olat.core.id.Identity)
Aggregations
SecurityGroup (org.olat.basesecurity.SecurityGroup)142
Identity (org.olat.core.id.Identity)104
ArrayList (java.util.ArrayList)36
Test (org.junit.Test)24
BaseSecurity (org.olat.basesecurity.BaseSecurity)20
User (org.olat.core.id.User)20
CatalogEntry (org.olat.repository.CatalogEntry)18
RepositoryEntry (org.olat.repository.RepositoryEntry)16
Path (javax.ws.rs.Path)14
Date (java.util.Date)12
UserVO (org.olat.user.restapi.UserVO)10
URI (java.net.URI)8
Calendar (java.util.Calendar)8
HashMap (java.util.HashMap)8
HttpResponse (org.apache.http.HttpResponse)8
IdentitiesAddEvent (org.olat.admin.securitygroup.gui.IdentitiesAddEvent)8
UserPropertyHandler (org.olat.user.propertyhandlers.UserPropertyHandler)8
LDAPUser (org.olat.ldap.model.LDAPUser)7
HashSet (java.util.HashSet)6
NamingException (javax.naming.NamingException)6
