use of org.olat.ldap.model.LDAPUser in project OpenOLAT by OpenOLAT.
the class LDAPLoginManagerImpl method doBatchSyncRoles.
private void doBatchSyncRoles(LdapContext ctx, List<LDAPUser> ldapUsers, Map<String, LDAPUser> dnToIdentityKeyMap, LDAPError errors) throws NamingException {
ctx.close();
ctx = bindSystem();
// authors
if (syncConfiguration.getAuthorsGroupBase() != null && syncConfiguration.getAuthorsGroupBase().size() > 0) {
List<LDAPGroup> authorGroups = ldapDao.searchGroups(ctx, syncConfiguration.getAuthorsGroupBase());
syncRole(ctx, authorGroups, Constants.GROUP_AUTHORS, dnToIdentityKeyMap, errors);
}
// user managers
if (syncConfiguration.getUserManagersGroupBase() != null && syncConfiguration.getUserManagersGroupBase().size() > 0) {
List<LDAPGroup> userManagerGroups = ldapDao.searchGroups(ctx, syncConfiguration.getUserManagersGroupBase());
syncRole(ctx, userManagerGroups, Constants.GROUP_USERMANAGERS, dnToIdentityKeyMap, errors);
}
// group managers
if (syncConfiguration.getGroupManagersGroupBase() != null && syncConfiguration.getGroupManagersGroupBase().size() > 0) {
List<LDAPGroup> groupManagerGroups = ldapDao.searchGroups(ctx, syncConfiguration.getGroupManagersGroupBase());
syncRole(ctx, groupManagerGroups, Constants.GROUP_GROUPMANAGERS, dnToIdentityKeyMap, errors);
}
// question pool managers
if (syncConfiguration.getQpoolManagersGroupBase() != null && syncConfiguration.getQpoolManagersGroupBase().size() > 0) {
List<LDAPGroup> qpoolManagerGroups = ldapDao.searchGroups(ctx, syncConfiguration.getQpoolManagersGroupBase());
syncRole(ctx, qpoolManagerGroups, Constants.GROUP_POOL_MANAGER, dnToIdentityKeyMap, errors);
}
// learning resource manager
if (syncConfiguration.getLearningResourceManagersGroupBase() != null && syncConfiguration.getLearningResourceManagersGroupBase().size() > 0) {
List<LDAPGroup> resourceManagerGroups = ldapDao.searchGroups(ctx, syncConfiguration.getLearningResourceManagersGroupBase());
syncRole(ctx, resourceManagerGroups, Constants.GROUP_INST_ORES_MANAGER, dnToIdentityKeyMap, errors);
}
int count = 0;
boolean syncAuthor = StringHelper.containsNonWhitespace(syncConfiguration.getAuthorRoleAttribute()) && StringHelper.containsNonWhitespace(syncConfiguration.getAuthorRoleValue());
boolean syncUserManager = StringHelper.containsNonWhitespace(syncConfiguration.getUserManagerRoleAttribute()) && StringHelper.containsNonWhitespace(syncConfiguration.getUserManagerRoleValue());
boolean syncGroupManager = StringHelper.containsNonWhitespace(syncConfiguration.getGroupManagerRoleAttribute()) && StringHelper.containsNonWhitespace(syncConfiguration.getGroupManagerRoleValue());
boolean syncQpoolManager = StringHelper.containsNonWhitespace(syncConfiguration.getQpoolManagerRoleAttribute()) && StringHelper.containsNonWhitespace(syncConfiguration.getQpoolManagerRoleValue());
boolean syncLearningResourceManager = StringHelper.containsNonWhitespace(syncConfiguration.getLearningResourceManagerRoleAttribute()) && StringHelper.containsNonWhitespace(syncConfiguration.getLearningResourceManagerRoleValue());
for (LDAPUser ldapUser : ldapUsers) {
if (syncAuthor && ldapUser.isAuthor()) {
syncRole(ldapUser, Constants.GROUP_AUTHORS);
count++;
}
if (syncUserManager && ldapUser.isUserManager()) {
syncRole(ldapUser, Constants.GROUP_USERMANAGERS);
count++;
}
if (syncGroupManager && ldapUser.isGroupManager()) {
syncRole(ldapUser, Constants.GROUP_GROUPMANAGERS);
count++;
}
if (syncQpoolManager && ldapUser.isQpoolManager()) {
syncRole(ldapUser, Constants.GROUP_POOL_MANAGER);
count++;
}
if (syncLearningResourceManager && ldapUser.isLearningResourceManager()) {
syncRole(ldapUser, Constants.GROUP_INST_ORES_MANAGER);
count++;
}
if (count > 20) {
dbInstance.commitAndCloseSession();
count = 0;
}
}
dbInstance.commitAndCloseSession();
}
use of org.olat.ldap.model.LDAPUser in project OpenOLAT by OpenOLAT.
the class LDAPUserVisitor method visit.
@Override
public void visit(SearchResult searchResult) throws NamingException {
Attributes resAttribs = searchResult.getAttributes();
String dn = searchResult.getNameInNamespace();
LDAPUser ldapUser = new LDAPUser();
ldapUser.setDn(dn);
ldapUser.setAttributes(resAttribs);
ldapUser.setCoach(hasAttributeValue(resAttribs, syncConfiguration.getCoachRoleAttribute(), syncConfiguration.getCoachRoleValue()));
ldapUser.setAuthor(hasAttributeValue(resAttribs, syncConfiguration.getAuthorRoleAttribute(), syncConfiguration.getAuthorRoleValue()));
ldapUser.setUserManager(hasAttributeValue(resAttribs, syncConfiguration.getUserManagerRoleAttribute(), syncConfiguration.getUserManagerRoleValue()));
ldapUser.setGroupManager(hasAttributeValue(resAttribs, syncConfiguration.getGroupManagerRoleAttribute(), syncConfiguration.getGroupManagerRoleValue()));
ldapUser.setQpoolManager(hasAttributeValue(resAttribs, syncConfiguration.getQpoolManagerRoleAttribute(), syncConfiguration.getQpoolManagerRoleValue()));
ldapUser.setLearningResourceManager(hasAttributeValue(resAttribs, syncConfiguration.getLearningResourceManagerRoleAttribute(), syncConfiguration.getLearningResourceManagerRoleValue()));
List<String> groupList = parseGroupList(resAttribs, syncConfiguration.getGroupAttribute(), syncConfiguration.getGroupAttributeSeparator());
ldapUser.setGroupIds(groupList);
List<String> coachedGroupList = parseGroupList(resAttribs, syncConfiguration.getCoachedGroupAttribute(), syncConfiguration.getCoachedGroupAttributeSeparator());
ldapUser.setCoachedGroupIds(coachedGroupList);
ldapUserList.add(ldapUser);
}
use of org.olat.ldap.model.LDAPUser in project openolat by klemens.
the class LDAPDAO method getUserAttributesModifiedSince.
/**
* Creates list of all LDAP Users or changed Users since syncTime
*
* Configuration: userAttr = ldapContext.xml (property=userAttrs) LDAP Base =
* ldapContext.xml (property=ldapBase)
*
* @param syncTime The time to search in LDAP for changes since this time.
* SyncTime has to formatted: JJJJMMddHHmm
* @param ctx The LDAP system connection, if NULL or closed NamingExecpiton is
* thrown
*
* @return Returns list of Arguments of found users or empty list if search
* fails or nothing is changed
*
* @throws NamingException
*/
public List<LDAPUser> getUserAttributesModifiedSince(Date syncTime, LdapContext ctx) {
final boolean debug = log.isDebug();
String userFilter = syncConfiguration.getLdapUserFilter();
StringBuilder filter = new StringBuilder();
if (syncTime == null) {
if (debug)
log.debug("LDAP get user attribs since never -> full sync!");
if (filter != null) {
filter.append(userFilter);
}
} else {
String dateFormat = ldapLoginModule.getLdapDateFormat();
SimpleDateFormat generalizedTimeFormatter = new SimpleDateFormat(dateFormat);
generalizedTimeFormatter.setTimeZone(UTC_TIME_ZONE);
String syncTimeForm = generalizedTimeFormatter.format(syncTime);
if (debug)
log.debug("LDAP get user attribs since " + syncTime + " -> means search with date restriction-filter: " + syncTimeForm);
if (userFilter != null) {
// merge user filter with time fileter using and rule
filter.append("(&").append(userFilter);
}
filter.append("(|(");
filter.append(syncConfiguration.getLdapUserLastModifiedTimestampAttribute()).append(">=").append(syncTimeForm);
filter.append(")(");
filter.append(syncConfiguration.getLdapUserCreatedTimestampAttribute()).append(">=").append(syncTimeForm);
filter.append("))");
if (userFilter != null) {
filter.append(")");
}
}
String[] userAttrs = getEnhancedUserAttributes();
LDAPUserVisitor userVisitor = new LDAPUserVisitor(syncConfiguration);
searchInLdap(userVisitor, filter.toString(), userAttrs, ctx);
List<LDAPUser> ldapUserList = userVisitor.getLdapUserList();
if (debug) {
log.debug("attrib search returned " + ldapUserList.size() + " results");
}
return ldapUserList;
}
use of org.olat.ldap.model.LDAPUser in project openolat by klemens.
the class LDAPLoginManagerImpl method doSyncGroupByAttribute.
private void doSyncGroupByAttribute(List<LDAPUser> ldapUsers, Map<String, LDAPGroup> cnToGroupMap) {
for (LDAPUser ldapUser : ldapUsers) {
List<String> groupIds = ldapUser.getGroupIds();
List<String> coachedGroupIds = ldapUser.getCoachedGroupIds();
if ((groupIds != null && groupIds.size() > 0) || (coachedGroupIds != null && coachedGroupIds.size() > 0)) {
IdentityRef identity = ldapUser.getCachedIdentity();
if (identity == null) {
log.error("Identity with dn=" + ldapUser.getDn() + " not found");
} else {
if (groupIds != null && groupIds.size() > 0) {
for (String groupId : groupIds) {
if (!cnToGroupMap.containsKey(groupId)) {
cnToGroupMap.put(groupId, new LDAPGroup(groupId));
}
cnToGroupMap.get(groupId).getParticipants().add(ldapUser);
}
}
if (coachedGroupIds != null && coachedGroupIds.size() > 0) {
for (String coachedGroupId : coachedGroupIds) {
if (!cnToGroupMap.containsKey(coachedGroupId)) {
cnToGroupMap.put(coachedGroupId, new LDAPGroup(coachedGroupId));
}
cnToGroupMap.get(coachedGroupId).getCoaches().add(ldapUser);
}
}
}
}
}
}
use of org.olat.ldap.model.LDAPUser in project openolat by klemens.
the class LDAPLoginManagerImpl method syncRole.
private void syncRole(LdapContext ctx, List<LDAPGroup> groups, String role, Map<String, LDAPUser> dnToIdentityKeyMap, LDAPError errors) {
if (groups == null || groups.isEmpty())
return;
for (LDAPGroup group : groups) {
List<String> members = group.getMembers();
if (members != null && members.size() > 0) {
for (String member : members) {
LDAPUser ldapUser = getLDAPUser(ctx, member, dnToIdentityKeyMap, errors);
if (ldapUser != null && ldapUser.getCachedIdentity() != null) {
syncRole(ldapUser, role);
}
}
}
dbInstance.commitAndCloseSession();
}
}
Aggregations