Search in sources :

Example 16 with LDAPUser

use of org.olat.ldap.model.LDAPUser in project OpenOLAT by OpenOLAT.

the class LDAPLoginManagerImpl method doBatchSyncRoles.

private void doBatchSyncRoles(LdapContext ctx, List<LDAPUser> ldapUsers, Map<String, LDAPUser> dnToIdentityKeyMap, LDAPError errors) throws NamingException {
    ctx.close();
    ctx = bindSystem();
    // authors
    if (syncConfiguration.getAuthorsGroupBase() != null && syncConfiguration.getAuthorsGroupBase().size() > 0) {
        List<LDAPGroup> authorGroups = ldapDao.searchGroups(ctx, syncConfiguration.getAuthorsGroupBase());
        syncRole(ctx, authorGroups, Constants.GROUP_AUTHORS, dnToIdentityKeyMap, errors);
    }
    // user managers
    if (syncConfiguration.getUserManagersGroupBase() != null && syncConfiguration.getUserManagersGroupBase().size() > 0) {
        List<LDAPGroup> userManagerGroups = ldapDao.searchGroups(ctx, syncConfiguration.getUserManagersGroupBase());
        syncRole(ctx, userManagerGroups, Constants.GROUP_USERMANAGERS, dnToIdentityKeyMap, errors);
    }
    // group managers
    if (syncConfiguration.getGroupManagersGroupBase() != null && syncConfiguration.getGroupManagersGroupBase().size() > 0) {
        List<LDAPGroup> groupManagerGroups = ldapDao.searchGroups(ctx, syncConfiguration.getGroupManagersGroupBase());
        syncRole(ctx, groupManagerGroups, Constants.GROUP_GROUPMANAGERS, dnToIdentityKeyMap, errors);
    }
    // question pool managers
    if (syncConfiguration.getQpoolManagersGroupBase() != null && syncConfiguration.getQpoolManagersGroupBase().size() > 0) {
        List<LDAPGroup> qpoolManagerGroups = ldapDao.searchGroups(ctx, syncConfiguration.getQpoolManagersGroupBase());
        syncRole(ctx, qpoolManagerGroups, Constants.GROUP_POOL_MANAGER, dnToIdentityKeyMap, errors);
    }
    // learning resource manager
    if (syncConfiguration.getLearningResourceManagersGroupBase() != null && syncConfiguration.getLearningResourceManagersGroupBase().size() > 0) {
        List<LDAPGroup> resourceManagerGroups = ldapDao.searchGroups(ctx, syncConfiguration.getLearningResourceManagersGroupBase());
        syncRole(ctx, resourceManagerGroups, Constants.GROUP_INST_ORES_MANAGER, dnToIdentityKeyMap, errors);
    }
    int count = 0;
    boolean syncAuthor = StringHelper.containsNonWhitespace(syncConfiguration.getAuthorRoleAttribute()) && StringHelper.containsNonWhitespace(syncConfiguration.getAuthorRoleValue());
    boolean syncUserManager = StringHelper.containsNonWhitespace(syncConfiguration.getUserManagerRoleAttribute()) && StringHelper.containsNonWhitespace(syncConfiguration.getUserManagerRoleValue());
    boolean syncGroupManager = StringHelper.containsNonWhitespace(syncConfiguration.getGroupManagerRoleAttribute()) && StringHelper.containsNonWhitespace(syncConfiguration.getGroupManagerRoleValue());
    boolean syncQpoolManager = StringHelper.containsNonWhitespace(syncConfiguration.getQpoolManagerRoleAttribute()) && StringHelper.containsNonWhitespace(syncConfiguration.getQpoolManagerRoleValue());
    boolean syncLearningResourceManager = StringHelper.containsNonWhitespace(syncConfiguration.getLearningResourceManagerRoleAttribute()) && StringHelper.containsNonWhitespace(syncConfiguration.getLearningResourceManagerRoleValue());
    for (LDAPUser ldapUser : ldapUsers) {
        if (syncAuthor && ldapUser.isAuthor()) {
            syncRole(ldapUser, Constants.GROUP_AUTHORS);
            count++;
        }
        if (syncUserManager && ldapUser.isUserManager()) {
            syncRole(ldapUser, Constants.GROUP_USERMANAGERS);
            count++;
        }
        if (syncGroupManager && ldapUser.isGroupManager()) {
            syncRole(ldapUser, Constants.GROUP_GROUPMANAGERS);
            count++;
        }
        if (syncQpoolManager && ldapUser.isQpoolManager()) {
            syncRole(ldapUser, Constants.GROUP_POOL_MANAGER);
            count++;
        }
        if (syncLearningResourceManager && ldapUser.isLearningResourceManager()) {
            syncRole(ldapUser, Constants.GROUP_INST_ORES_MANAGER);
            count++;
        }
        if (count > 20) {
            dbInstance.commitAndCloseSession();
            count = 0;
        }
    }
    dbInstance.commitAndCloseSession();
}
Also used : LDAPUser(org.olat.ldap.model.LDAPUser) LDAPGroup(org.olat.ldap.model.LDAPGroup)

Example 17 with LDAPUser

use of org.olat.ldap.model.LDAPUser in project OpenOLAT by OpenOLAT.

the class LDAPUserVisitor method visit.

@Override
public void visit(SearchResult searchResult) throws NamingException {
    Attributes resAttribs = searchResult.getAttributes();
    String dn = searchResult.getNameInNamespace();
    LDAPUser ldapUser = new LDAPUser();
    ldapUser.setDn(dn);
    ldapUser.setAttributes(resAttribs);
    ldapUser.setCoach(hasAttributeValue(resAttribs, syncConfiguration.getCoachRoleAttribute(), syncConfiguration.getCoachRoleValue()));
    ldapUser.setAuthor(hasAttributeValue(resAttribs, syncConfiguration.getAuthorRoleAttribute(), syncConfiguration.getAuthorRoleValue()));
    ldapUser.setUserManager(hasAttributeValue(resAttribs, syncConfiguration.getUserManagerRoleAttribute(), syncConfiguration.getUserManagerRoleValue()));
    ldapUser.setGroupManager(hasAttributeValue(resAttribs, syncConfiguration.getGroupManagerRoleAttribute(), syncConfiguration.getGroupManagerRoleValue()));
    ldapUser.setQpoolManager(hasAttributeValue(resAttribs, syncConfiguration.getQpoolManagerRoleAttribute(), syncConfiguration.getQpoolManagerRoleValue()));
    ldapUser.setLearningResourceManager(hasAttributeValue(resAttribs, syncConfiguration.getLearningResourceManagerRoleAttribute(), syncConfiguration.getLearningResourceManagerRoleValue()));
    List<String> groupList = parseGroupList(resAttribs, syncConfiguration.getGroupAttribute(), syncConfiguration.getGroupAttributeSeparator());
    ldapUser.setGroupIds(groupList);
    List<String> coachedGroupList = parseGroupList(resAttribs, syncConfiguration.getCoachedGroupAttribute(), syncConfiguration.getCoachedGroupAttributeSeparator());
    ldapUser.setCoachedGroupIds(coachedGroupList);
    ldapUserList.add(ldapUser);
}
Also used : Attributes(javax.naming.directory.Attributes) LDAPUser(org.olat.ldap.model.LDAPUser)

Example 18 with LDAPUser

use of org.olat.ldap.model.LDAPUser in project openolat by klemens.

the class LDAPDAO method getUserAttributesModifiedSince.

/**
 * Creates list of all LDAP Users or changed Users since syncTime
 *
 * Configuration: userAttr = ldapContext.xml (property=userAttrs) LDAP Base =
 * ldapContext.xml (property=ldapBase)
 *
 * @param syncTime The time to search in LDAP for changes since this time.
 *          SyncTime has to formatted: JJJJMMddHHmm
 * @param ctx The LDAP system connection, if NULL or closed NamingExecpiton is
 *          thrown
 *
 * @return Returns list of Arguments of found users or empty list if search
 *         fails or nothing is changed
 *
 * @throws NamingException
 */
public List<LDAPUser> getUserAttributesModifiedSince(Date syncTime, LdapContext ctx) {
    final boolean debug = log.isDebug();
    String userFilter = syncConfiguration.getLdapUserFilter();
    StringBuilder filter = new StringBuilder();
    if (syncTime == null) {
        if (debug)
            log.debug("LDAP get user attribs since never -> full sync!");
        if (filter != null) {
            filter.append(userFilter);
        }
    } else {
        String dateFormat = ldapLoginModule.getLdapDateFormat();
        SimpleDateFormat generalizedTimeFormatter = new SimpleDateFormat(dateFormat);
        generalizedTimeFormatter.setTimeZone(UTC_TIME_ZONE);
        String syncTimeForm = generalizedTimeFormatter.format(syncTime);
        if (debug)
            log.debug("LDAP get user attribs since " + syncTime + " -> means search with date restriction-filter: " + syncTimeForm);
        if (userFilter != null) {
            // merge user filter with time fileter using and rule
            filter.append("(&").append(userFilter);
        }
        filter.append("(|(");
        filter.append(syncConfiguration.getLdapUserLastModifiedTimestampAttribute()).append(">=").append(syncTimeForm);
        filter.append(")(");
        filter.append(syncConfiguration.getLdapUserCreatedTimestampAttribute()).append(">=").append(syncTimeForm);
        filter.append("))");
        if (userFilter != null) {
            filter.append(")");
        }
    }
    String[] userAttrs = getEnhancedUserAttributes();
    LDAPUserVisitor userVisitor = new LDAPUserVisitor(syncConfiguration);
    searchInLdap(userVisitor, filter.toString(), userAttrs, ctx);
    List<LDAPUser> ldapUserList = userVisitor.getLdapUserList();
    if (debug) {
        log.debug("attrib search returned " + ldapUserList.size() + " results");
    }
    return ldapUserList;
}
Also used : LDAPUser(org.olat.ldap.model.LDAPUser) SimpleDateFormat(java.text.SimpleDateFormat)

Example 19 with LDAPUser

use of org.olat.ldap.model.LDAPUser in project openolat by klemens.

the class LDAPLoginManagerImpl method doSyncGroupByAttribute.

private void doSyncGroupByAttribute(List<LDAPUser> ldapUsers, Map<String, LDAPGroup> cnToGroupMap) {
    for (LDAPUser ldapUser : ldapUsers) {
        List<String> groupIds = ldapUser.getGroupIds();
        List<String> coachedGroupIds = ldapUser.getCoachedGroupIds();
        if ((groupIds != null && groupIds.size() > 0) || (coachedGroupIds != null && coachedGroupIds.size() > 0)) {
            IdentityRef identity = ldapUser.getCachedIdentity();
            if (identity == null) {
                log.error("Identity with dn=" + ldapUser.getDn() + " not found");
            } else {
                if (groupIds != null && groupIds.size() > 0) {
                    for (String groupId : groupIds) {
                        if (!cnToGroupMap.containsKey(groupId)) {
                            cnToGroupMap.put(groupId, new LDAPGroup(groupId));
                        }
                        cnToGroupMap.get(groupId).getParticipants().add(ldapUser);
                    }
                }
                if (coachedGroupIds != null && coachedGroupIds.size() > 0) {
                    for (String coachedGroupId : coachedGroupIds) {
                        if (!cnToGroupMap.containsKey(coachedGroupId)) {
                            cnToGroupMap.put(coachedGroupId, new LDAPGroup(coachedGroupId));
                        }
                        cnToGroupMap.get(coachedGroupId).getCoaches().add(ldapUser);
                    }
                }
            }
        }
    }
}
Also used : IdentityRef(org.olat.basesecurity.IdentityRef) LDAPUser(org.olat.ldap.model.LDAPUser) LDAPGroup(org.olat.ldap.model.LDAPGroup)

Example 20 with LDAPUser

use of org.olat.ldap.model.LDAPUser in project openolat by klemens.

the class LDAPLoginManagerImpl method syncRole.

private void syncRole(LdapContext ctx, List<LDAPGroup> groups, String role, Map<String, LDAPUser> dnToIdentityKeyMap, LDAPError errors) {
    if (groups == null || groups.isEmpty())
        return;
    for (LDAPGroup group : groups) {
        List<String> members = group.getMembers();
        if (members != null && members.size() > 0) {
            for (String member : members) {
                LDAPUser ldapUser = getLDAPUser(ctx, member, dnToIdentityKeyMap, errors);
                if (ldapUser != null && ldapUser.getCachedIdentity() != null) {
                    syncRole(ldapUser, role);
                }
            }
        }
        dbInstance.commitAndCloseSession();
    }
}
Also used : LDAPUser(org.olat.ldap.model.LDAPUser) LDAPGroup(org.olat.ldap.model.LDAPGroup)

Aggregations

LDAPUser (org.olat.ldap.model.LDAPUser)22 Attributes (javax.naming.directory.Attributes)10 IdentityRef (org.olat.basesecurity.IdentityRef)8 Identity (org.olat.core.id.Identity)8 HashMap (java.util.HashMap)6 AuthenticationException (javax.naming.AuthenticationException)6 NamingException (javax.naming.NamingException)6 LdapContext (javax.naming.ldap.LdapContext)6 LDAPGroup (org.olat.ldap.model.LDAPGroup)6 ArrayList (java.util.ArrayList)4 Date (java.util.Date)4 Map (java.util.Map)4 InitialLdapContext (javax.naming.ldap.InitialLdapContext)4 SimpleDateFormat (java.text.SimpleDateFormat)2 Calendar (java.util.Calendar)2 HashSet (java.util.HashSet)2 Ignore (org.junit.Ignore)2 Test (org.junit.Test)2 SecurityGroup (org.olat.basesecurity.SecurityGroup)2 IdentityRefImpl (org.olat.basesecurity.model.IdentityRefImpl)2