Search in sources :

Example 1 with LDAPGroup

use of org.olat.ldap.model.LDAPGroup in project OpenOLAT by OpenOLAT.

the class LDAPLoginManagerImpl method syncRole.

private void syncRole(LdapContext ctx, List<LDAPGroup> groups, String role, Map<String, LDAPUser> dnToIdentityKeyMap, LDAPError errors) {
    if (groups == null || groups.isEmpty())
        return;
    for (LDAPGroup group : groups) {
        List<String> members = group.getMembers();
        if (members != null && members.size() > 0) {
            for (String member : members) {
                LDAPUser ldapUser = getLDAPUser(ctx, member, dnToIdentityKeyMap, errors);
                if (ldapUser != null && ldapUser.getCachedIdentity() != null) {
                    syncRole(ldapUser, role);
                }
            }
        }
        dbInstance.commitAndCloseSession();
    }
}
Also used : LDAPUser(org.olat.ldap.model.LDAPUser) LDAPGroup(org.olat.ldap.model.LDAPGroup)

Example 2 with LDAPGroup

use of org.olat.ldap.model.LDAPGroup in project OpenOLAT by OpenOLAT.

the class LDAPGroupVisitor method visit.

@Override
public void visit(SearchResult searchResult) throws NamingException {
    Attributes resAttributes = searchResult.getAttributes();
    Attribute memberAttr = resAttributes.get("member");
    Attribute cnAttr = resAttributes.get("cn");
    if (memberAttr != null) {
        LDAPGroup group = new LDAPGroup();
        Object cn = cnAttr.get();
        if (cn instanceof String) {
            group.setCommonName((String) cn);
        }
        List<String> members = new ArrayList<String>();
        try {
            for (NamingEnumeration<?> memberEn = memberAttr.getAll(); memberEn.hasMoreElements(); ) {
                Object member = memberEn.next();
                if (member instanceof String) {
                    members.add((String) member);
                }
            }
        } catch (NamingException e) {
            log.error("", e);
        }
        group.setMembers(members);
        groups.add(group);
    }
}
Also used : Attribute(javax.naming.directory.Attribute) Attributes(javax.naming.directory.Attributes) ArrayList(java.util.ArrayList) NamingException(javax.naming.NamingException) LDAPGroup(org.olat.ldap.model.LDAPGroup)

Example 3 with LDAPGroup

use of org.olat.ldap.model.LDAPGroup in project openolat by klemens.

the class LDAPLoginManagerImpl method doBatchSyncRoles.

private void doBatchSyncRoles(LdapContext ctx, List<LDAPUser> ldapUsers, Map<String, LDAPUser> dnToIdentityKeyMap, LDAPError errors) throws NamingException {
    ctx.close();
    ctx = bindSystem();
    // authors
    if (syncConfiguration.getAuthorsGroupBase() != null && syncConfiguration.getAuthorsGroupBase().size() > 0) {
        List<LDAPGroup> authorGroups = ldapDao.searchGroups(ctx, syncConfiguration.getAuthorsGroupBase());
        syncRole(ctx, authorGroups, Constants.GROUP_AUTHORS, dnToIdentityKeyMap, errors);
    }
    // user managers
    if (syncConfiguration.getUserManagersGroupBase() != null && syncConfiguration.getUserManagersGroupBase().size() > 0) {
        List<LDAPGroup> userManagerGroups = ldapDao.searchGroups(ctx, syncConfiguration.getUserManagersGroupBase());
        syncRole(ctx, userManagerGroups, Constants.GROUP_USERMANAGERS, dnToIdentityKeyMap, errors);
    }
    // group managers
    if (syncConfiguration.getGroupManagersGroupBase() != null && syncConfiguration.getGroupManagersGroupBase().size() > 0) {
        List<LDAPGroup> groupManagerGroups = ldapDao.searchGroups(ctx, syncConfiguration.getGroupManagersGroupBase());
        syncRole(ctx, groupManagerGroups, Constants.GROUP_GROUPMANAGERS, dnToIdentityKeyMap, errors);
    }
    // question pool managers
    if (syncConfiguration.getQpoolManagersGroupBase() != null && syncConfiguration.getQpoolManagersGroupBase().size() > 0) {
        List<LDAPGroup> qpoolManagerGroups = ldapDao.searchGroups(ctx, syncConfiguration.getQpoolManagersGroupBase());
        syncRole(ctx, qpoolManagerGroups, Constants.GROUP_POOL_MANAGER, dnToIdentityKeyMap, errors);
    }
    // learning resource manager
    if (syncConfiguration.getLearningResourceManagersGroupBase() != null && syncConfiguration.getLearningResourceManagersGroupBase().size() > 0) {
        List<LDAPGroup> resourceManagerGroups = ldapDao.searchGroups(ctx, syncConfiguration.getLearningResourceManagersGroupBase());
        syncRole(ctx, resourceManagerGroups, Constants.GROUP_INST_ORES_MANAGER, dnToIdentityKeyMap, errors);
    }
    int count = 0;
    boolean syncAuthor = StringHelper.containsNonWhitespace(syncConfiguration.getAuthorRoleAttribute()) && StringHelper.containsNonWhitespace(syncConfiguration.getAuthorRoleValue());
    boolean syncUserManager = StringHelper.containsNonWhitespace(syncConfiguration.getUserManagerRoleAttribute()) && StringHelper.containsNonWhitespace(syncConfiguration.getUserManagerRoleValue());
    boolean syncGroupManager = StringHelper.containsNonWhitespace(syncConfiguration.getGroupManagerRoleAttribute()) && StringHelper.containsNonWhitespace(syncConfiguration.getGroupManagerRoleValue());
    boolean syncQpoolManager = StringHelper.containsNonWhitespace(syncConfiguration.getQpoolManagerRoleAttribute()) && StringHelper.containsNonWhitespace(syncConfiguration.getQpoolManagerRoleValue());
    boolean syncLearningResourceManager = StringHelper.containsNonWhitespace(syncConfiguration.getLearningResourceManagerRoleAttribute()) && StringHelper.containsNonWhitespace(syncConfiguration.getLearningResourceManagerRoleValue());
    for (LDAPUser ldapUser : ldapUsers) {
        if (syncAuthor && ldapUser.isAuthor()) {
            syncRole(ldapUser, Constants.GROUP_AUTHORS);
            count++;
        }
        if (syncUserManager && ldapUser.isUserManager()) {
            syncRole(ldapUser, Constants.GROUP_USERMANAGERS);
            count++;
        }
        if (syncGroupManager && ldapUser.isGroupManager()) {
            syncRole(ldapUser, Constants.GROUP_GROUPMANAGERS);
            count++;
        }
        if (syncQpoolManager && ldapUser.isQpoolManager()) {
            syncRole(ldapUser, Constants.GROUP_POOL_MANAGER);
            count++;
        }
        if (syncLearningResourceManager && ldapUser.isLearningResourceManager()) {
            syncRole(ldapUser, Constants.GROUP_INST_ORES_MANAGER);
            count++;
        }
        if (count > 20) {
            dbInstance.commitAndCloseSession();
            count = 0;
        }
    }
    dbInstance.commitAndCloseSession();
}
Also used : LDAPUser(org.olat.ldap.model.LDAPUser) LDAPGroup(org.olat.ldap.model.LDAPGroup)

Example 4 with LDAPGroup

use of org.olat.ldap.model.LDAPGroup in project openolat by klemens.

the class LDAPLoginManagerImpl method syncUserGroups.

/**
 * The method search in LDAP the user, search the groups
 * of which it is member of, and sync the groups.
 *
 * @param identity The identity to sync
 */
@Override
public void syncUserGroups(Identity identity) {
    LdapContext ctx = bindSystem();
    if (ctx == null) {
        log.error("could not bind to ldap", null);
    }
    String ldapUserIDAttribute = syncConfiguration.getOlatPropertyToLdapAttribute(LDAPConstants.LDAP_USER_IDENTIFYER);
    String filter = ldapDao.buildSearchUserFilter(ldapUserIDAttribute, identity.getName());
    boolean withCoacheOfGroups = StringHelper.containsNonWhitespace(syncConfiguration.getCoachedGroupAttribute());
    List<String> ldapBases = syncConfiguration.getLdapBases();
    String[] searchAttr;
    if (withCoacheOfGroups) {
        searchAttr = new String[] { "dn", syncConfiguration.getCoachedGroupAttribute() };
    } else {
        searchAttr = new String[] { "dn" };
    }
    SearchControls ctls = new SearchControls();
    ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
    ctls.setReturningAttributes(searchAttr);
    String userDN = null;
    List<String> groupList = null;
    for (String ldapBase : ldapBases) {
        try {
            NamingEnumeration<SearchResult> enm = ctx.search(ldapBase, filter, ctls);
            while (enm.hasMore()) {
                SearchResult result = enm.next();
                userDN = result.getNameInNamespace();
                if (withCoacheOfGroups) {
                    Attributes resAttributes = result.getAttributes();
                    Attribute coachOfGroupsAttr = resAttributes.get(syncConfiguration.getCoachedGroupAttribute());
                    if (coachOfGroupsAttr != null && coachOfGroupsAttr.get() instanceof String) {
                        String groupString = (String) coachOfGroupsAttr.get();
                        if (!"-".equals(groupString)) {
                            String[] groupArr = groupString.split(syncConfiguration.getCoachedGroupAttributeSeparator());
                            groupList = new ArrayList<>(groupArr.length);
                            for (String group : groupArr) {
                                groupList.add(group);
                            }
                        }
                    }
                }
            }
            if (userDN != null) {
                break;
            }
        } catch (NamingException e) {
            log.error("NamingException when trying to bind user with username::" + identity.getName() + " on ldapBase::" + ldapBase, e);
        }
    }
    // get the potential groups
    if (userDN != null) {
        List<String> groupDNs = syncConfiguration.getLdapGroupBases();
        String groupFilter = "(&(objectClass=groupOfNames)(member=" + userDN + "))";
        List<LDAPGroup> groups = ldapDao.searchGroups(ctx, groupDNs, groupFilter);
        for (LDAPGroup group : groups) {
            BusinessGroup managedGroup = getManagerBusinessGroup(group.getCommonName());
            if (managedGroup != null) {
                List<String> roles = businessGroupRelationDao.getRoles(identity, managedGroup);
                if (roles.isEmpty()) {
                    boolean coach = groupList != null && groupList.contains(group.getCommonName());
                    if (coach) {
                        businessGroupRelationDao.addRole(identity, managedGroup, GroupRoles.coach.name());
                    } else {
                        businessGroupRelationDao.addRole(identity, managedGroup, GroupRoles.participant.name());
                    }
                }
            }
        }
    }
}
Also used : Attribute(javax.naming.directory.Attribute) BasicAttribute(javax.naming.directory.BasicAttribute) BusinessGroup(org.olat.group.BusinessGroup) Attributes(javax.naming.directory.Attributes) SearchResult(javax.naming.directory.SearchResult) LDAPGroup(org.olat.ldap.model.LDAPGroup) SearchControls(javax.naming.directory.SearchControls) NamingException(javax.naming.NamingException) InitialLdapContext(javax.naming.ldap.InitialLdapContext) LdapContext(javax.naming.ldap.LdapContext)

Example 5 with LDAPGroup

use of org.olat.ldap.model.LDAPGroup in project OpenOLAT by OpenOLAT.

the class LDAPDAO method searchGroups.

public List<LDAPGroup> searchGroups(LdapContext ctx, List<String> groupDNs, String filter) {
    final List<LDAPGroup> ldapGroups = new ArrayList<>();
    String[] groupAttributes = new String[] { "cn" };
    for (String groupDN : groupDNs) {
        LDAPVisitor visitor = new LDAPVisitor() {

            @Override
            public void visit(SearchResult searchResult) throws NamingException {
                Attributes resAttributes = searchResult.getAttributes();
                Attribute cnAttr = resAttributes.get("cn");
                Object cn = cnAttr.get();
                if (cn instanceof String) {
                    LDAPGroup group = new LDAPGroup();
                    group.setCommonName((String) cn);
                    ldapGroups.add(group);
                }
            }
        };
        search(visitor, groupDN, filter, groupAttributes, ctx);
    }
    return ldapGroups;
}
Also used : Attribute(javax.naming.directory.Attribute) ArrayList(java.util.ArrayList) Attributes(javax.naming.directory.Attributes) SearchResult(javax.naming.directory.SearchResult) LDAPGroup(org.olat.ldap.model.LDAPGroup)

Aggregations

LDAPGroup (org.olat.ldap.model.LDAPGroup)14 Attribute (javax.naming.directory.Attribute)6 Attributes (javax.naming.directory.Attributes)6 LDAPUser (org.olat.ldap.model.LDAPUser)6 ArrayList (java.util.ArrayList)4 NamingException (javax.naming.NamingException)4 SearchResult (javax.naming.directory.SearchResult)4 BusinessGroup (org.olat.group.BusinessGroup)4 HashMap (java.util.HashMap)2 BasicAttribute (javax.naming.directory.BasicAttribute)2 SearchControls (javax.naming.directory.SearchControls)2 InitialLdapContext (javax.naming.ldap.InitialLdapContext)2 LdapContext (javax.naming.ldap.LdapContext)2 IdentityRef (org.olat.basesecurity.IdentityRef)2