Search in sources :

Example 21 with JaxbOrganization

use of org.opencastproject.security.api.JaxbOrganization in project opencast by opencast.

the class MoodleUserProviderInstance method findRoles.

/**
 * {@inheritDoc}
 * <p>
 * We search for COURSEID, COURSEID_Learner, COURSEID_Instructor
 *
 * @see org.opencastproject.security.api.RoleProvider#findRoles(java.lang.String, org.opencastproject.security.api.Role.Target, int, int)
 */
@Override
public Iterator<Role> findRoles(String query, Role.Target target, int offset, int limit) {
    // Don't return roles for users or groups
    if (target == Role.Target.USER)
        return Collections.emptyIterator();
    boolean exact = true;
    boolean ltirole = false;
    if (query.endsWith("%")) {
        exact = false;
        query = query.substring(0, query.length() - 1);
    }
    if (query.isEmpty())
        return Collections.emptyIterator();
    // Verify that role name ends with LEARNER_ROLE_SUFFIX or INSTRUCTOR_ROLE_SUFFIX
    if (exact && !query.endsWith("_" + LEARNER_ROLE_SUFFIX) && !query.endsWith("_" + INSTRUCTOR_ROLE_SUFFIX))
        return Collections.emptyIterator();
    // Extract moodle course id
    String moodleCourseId = query;
    if (query.endsWith("_" + LEARNER_ROLE_SUFFIX)) {
        moodleCourseId = query.substring(0, query.lastIndexOf("_" + LEARNER_ROLE_SUFFIX));
        ltirole = true;
    } else if (query.endsWith("_" + INSTRUCTOR_ROLE_SUFFIX)) {
        moodleCourseId = query.substring(0, query.lastIndexOf("_" + INSTRUCTOR_ROLE_SUFFIX));
        ltirole = true;
    }
    // Check if course matches pattern
    try {
        if ((coursePattern != null) && !moodleCourseId.matches(coursePattern)) {
            logger.debug("verify course {} failed regexp {}", moodleCourseId, coursePattern);
            return Collections.emptyIterator();
        }
    } catch (PatternSyntaxException e) {
        logger.warn("Invalid regular expression for course pattern {} - disabling checks", coursePattern);
        coursePattern = null;
    }
    // Roles list
    List<Role> roles = new LinkedList<>();
    JaxbOrganization jaxbOrganization = JaxbOrganization.fromOrganization(organization);
    if (ltirole) {
        // Query is for a Course ID and an LTI role (Instructor/Learner)
        roles.add(new JaxbRole(query, jaxbOrganization, "Moodle Site Role", Role.Type.EXTERNAL));
    } else {
        // Course ID - return both roles
        roles.add(new JaxbRole(moodleCourseId + "_" + INSTRUCTOR_ROLE_SUFFIX, jaxbOrganization, "Moodle Course Instructor Role", Role.Type.EXTERNAL));
        roles.add(new JaxbRole(moodleCourseId + "_" + LEARNER_ROLE_SUFFIX, jaxbOrganization, "Moodle Course Learner Role", Role.Type.EXTERNAL));
    }
    return roles.iterator();
}
Also used : JaxbRole(org.opencastproject.security.api.JaxbRole) Role(org.opencastproject.security.api.Role) JaxbRole(org.opencastproject.security.api.JaxbRole) JaxbOrganization(org.opencastproject.security.api.JaxbOrganization) LinkedList(java.util.LinkedList) PatternSyntaxException(java.util.regex.PatternSyntaxException)

Example 22 with JaxbOrganization

use of org.opencastproject.security.api.JaxbOrganization in project opencast by opencast.

the class SakaiUserProviderInstance method findUsers.

@Override
public Iterator<User> findUsers(String query, int offset, int limit) {
    if (query == null)
        throw new IllegalArgumentException("Query must be set");
    if (query.endsWith("%")) {
        query = query.substring(0, query.length() - 1);
    }
    if (query.isEmpty()) {
        return Collections.emptyIterator();
    }
    // Verify if a user exists (non-wildcard searches only)
    if (!verifySakaiUser(query)) {
        return Collections.emptyIterator();
    }
    List<User> users = new LinkedList<User>();
    JaxbOrganization jaxbOrganization = JaxbOrganization.fromOrganization(organization);
    JaxbUser queryUser = new JaxbUser(query, PROVIDER_NAME, jaxbOrganization, new HashSet<JaxbRole>());
    users.add(queryUser);
    return users.iterator();
}
Also used : User(org.opencastproject.security.api.User) JaxbUser(org.opencastproject.security.api.JaxbUser) JaxbRole(org.opencastproject.security.api.JaxbRole) JaxbOrganization(org.opencastproject.security.api.JaxbOrganization) JaxbUser(org.opencastproject.security.api.JaxbUser) LinkedList(java.util.LinkedList)

Example 23 with JaxbOrganization

use of org.opencastproject.security.api.JaxbOrganization in project opencast by opencast.

the class SakaiUserProviderInstance method findRoles.

@Override
public Iterator<Role> findRoles(String query, Role.Target target, int offset, int limit) {
    // We search for SITEID, SITEID_Learner, SITEID_Instructor
    logger.debug("findRoles(query=" + query + " offset=" + offset + " limit=" + limit + ")");
    // Don't return roles for users or groups
    if (target == Role.Target.USER) {
        return Collections.emptyIterator();
    }
    boolean exact = true;
    boolean ltirole = false;
    if (query.endsWith("%")) {
        exact = false;
        query = query.substring(0, query.length() - 1);
    }
    if (query.isEmpty()) {
        return Collections.emptyIterator();
    }
    // Verify that role name ends with LTI_LEARNER_ROLE or LTI_INSTRUCTOR_ROLE
    if (exact && !query.endsWith("_" + LTI_LEARNER_ROLE) && !query.endsWith("_" + LTI_INSTRUCTOR_ROLE)) {
        return Collections.emptyIterator();
    }
    String sakaiSite = null;
    if (query.endsWith("_" + LTI_LEARNER_ROLE)) {
        sakaiSite = query.substring(0, query.lastIndexOf("_" + LTI_LEARNER_ROLE));
        ltirole = true;
    } else if (query.endsWith("_" + LTI_INSTRUCTOR_ROLE)) {
        sakaiSite = query.substring(0, query.lastIndexOf("_" + LTI_INSTRUCTOR_ROLE));
        ltirole = true;
    }
    if (!ltirole) {
        sakaiSite = query;
    }
    if (!verifySakaiSite(sakaiSite)) {
        return Collections.emptyIterator();
    }
    // Roles list
    List<Role> roles = new LinkedList<Role>();
    JaxbOrganization jaxbOrganization = JaxbOrganization.fromOrganization(organization);
    if (ltirole) {
        // Query is for a Site ID and an LTI role (Instructor/Learner)
        roles.add(new JaxbRole(query, jaxbOrganization, "Sakai Site Role", Role.Type.EXTERNAL));
    } else {
        // Site ID - return both roles
        roles.add(new JaxbRole(sakaiSite + "_" + LTI_INSTRUCTOR_ROLE, jaxbOrganization, "Sakai Site Instructor Role", Role.Type.EXTERNAL));
        roles.add(new JaxbRole(sakaiSite + "_" + LTI_LEARNER_ROLE, jaxbOrganization, "Sakai Site Learner Role", Role.Type.EXTERNAL));
    }
    return roles.iterator();
}
Also used : JaxbRole(org.opencastproject.security.api.JaxbRole) Role(org.opencastproject.security.api.Role) JaxbRole(org.opencastproject.security.api.JaxbRole) JaxbOrganization(org.opencastproject.security.api.JaxbOrganization) LinkedList(java.util.LinkedList)

Example 24 with JaxbOrganization

use of org.opencastproject.security.api.JaxbOrganization in project opencast by opencast.

the class InMemoryUserAndRoleProvider method createSystemUsers.

/**
 * Creates the system digest user.
 */
private void createSystemUsers() {
    for (Organization organization : orgDirectoryService.getOrganizations()) {
        JaxbOrganization jaxbOrganization = JaxbOrganization.fromOrganization(organization);
        // Create the digest auth user with a clear text password
        Set<JaxbRole> roleList = new HashSet<JaxbRole>();
        for (String roleName : SecurityConstants.GLOBAL_SYSTEM_ROLES) {
            roleList.add(new JaxbRole(roleName, jaxbOrganization));
        }
        // Create the digest user
        if (digestUsername != null && digestUserPass != null) {
            logger.info("Creating the system digest user");
            User digestUser = new JaxbUser(digestUsername, digestUserPass, DIGEST_USER_NAME, null, getName(), true, jaxbOrganization, roleList);
            inMemoryUsers.add(digestUser);
        }
    }
}
Also used : Organization(org.opencastproject.security.api.Organization) JaxbOrganization(org.opencastproject.security.api.JaxbOrganization) JaxbRole(org.opencastproject.security.api.JaxbRole) User(org.opencastproject.security.api.User) JaxbUser(org.opencastproject.security.api.JaxbUser) JaxbOrganization(org.opencastproject.security.api.JaxbOrganization) JaxbUser(org.opencastproject.security.api.JaxbUser) HashSet(java.util.HashSet)

Example 25 with JaxbOrganization

use of org.opencastproject.security.api.JaxbOrganization in project opencast by opencast.

the class WorkflowServiceImplAuthzTest method setUp.

@Before
public void setUp() throws Exception {
    Map<String, Integer> servers = new HashMap<String, Integer>();
    servers.put("http://somewhere", 80);
    defaultOrganization = new DefaultOrganization();
    otherOrganization = new JaxbOrganization("other_org", "Another organization", servers, defaultOrganization.getAdminRole(), defaultOrganization.getAnonymousRole(), null);
    JaxbOrganization jaxbOrganization = JaxbOrganization.fromOrganization(defaultOrganization);
    instructor1 = new JaxbUser("instructor1", "test", jaxbOrganization, new JaxbRole("ROLE_INSTRUCTOR", jaxbOrganization));
    instructor2 = new JaxbUser("instructor2", "test", jaxbOrganization, new JaxbRole("ROLE_INSTRUCTOR", jaxbOrganization));
    JaxbOrganization differentOrg = new JaxbOrganization("differentorg");
    instructorFromDifferentOrg = new JaxbUser("instructor3", "test", differentOrg, new JaxbRole("ROLE_INSTRUCTOR", differentOrg));
    JaxbOrganization doesntMatterOrg = new JaxbOrganization("org doesn't matter");
    globalAdmin = new JaxbUser("global_admin", "test", doesntMatterOrg, new JaxbRole(SecurityConstants.GLOBAL_ADMIN_ROLE, doesntMatterOrg));
    users = new HashMap<String, User>();
    users.put(instructor1.getUsername(), instructor1);
    users.put(instructor2.getUsername(), instructor2);
    users.put(instructorFromDifferentOrg.getUsername(), instructorFromDifferentOrg);
    users.put(DEFAULT_ORG_ADMIN.getUsername(), DEFAULT_ORG_ADMIN);
    users.put(globalAdmin.getUsername(), globalAdmin);
    service = new WorkflowServiceImpl() {

        @Override
        public Set<HandlerRegistration> getRegisteredHandlers() {
            return new HashSet<WorkflowServiceImpl.HandlerRegistration>();
        }
    };
    scanner = new WorkflowDefinitionScanner();
    service.addWorkflowDefinitionScanner(scanner);
    // Organization Service
    List<Organization> organizationList = new ArrayList<Organization>();
    organizationList.add(defaultOrganization);
    OrganizationDirectoryService organizationDirectoryService = EasyMock.createMock(OrganizationDirectoryService.class);
    EasyMock.expect(organizationDirectoryService.getOrganization((String) EasyMock.anyObject())).andAnswer(new IAnswer<Organization>() {

        @Override
        public Organization answer() throws Throwable {
            String orgId = (String) EasyMock.getCurrentArguments()[0];
            Map<String, Integer> servers = new HashMap<String, Integer>();
            servers.put("http://" + orgId, 80);
            defaultOrganization = new DefaultOrganization();
            return new JaxbOrganization(orgId, orgId, servers, "ROLE_ADMIN", "ROLE_ANONYMOUS", null);
        }
    }).anyTimes();
    EasyMock.expect(organizationDirectoryService.getOrganizations()).andReturn(organizationList).anyTimes();
    EasyMock.replay(organizationDirectoryService);
    service.setOrganizationDirectoryService(organizationDirectoryService);
    // Metadata Service
    MediaPackageMetadataService mds = EasyMock.createNiceMock(MediaPackageMetadataService.class);
    EasyMock.replay(mds);
    service.addMetadataService(mds);
    // Workspace
    workspace = EasyMock.createNiceMock(Workspace.class);
    EasyMock.expect(workspace.getCollectionContents((String) EasyMock.anyObject())).andReturn(new URI[0]);
    EasyMock.replay(workspace);
    // User Directory
    UserDirectoryService userDirectoryService = EasyMock.createMock(UserDirectoryService.class);
    EasyMock.expect(userDirectoryService.loadUser((String) EasyMock.anyObject())).andAnswer(new IAnswer<User>() {

        @Override
        public User answer() throws Throwable {
            String userName = (String) EasyMock.getCurrentArguments()[0];
            return users.get(userName);
        }
    }).anyTimes();
    EasyMock.replay(userDirectoryService);
    service.setUserDirectoryService(userDirectoryService);
    // security service
    userResponder = new Responder<User>(DEFAULT_ORG_ADMIN);
    organizationResponder = new Responder<Organization>(defaultOrganization);
    securityService = EasyMock.createNiceMock(SecurityService.class);
    EasyMock.expect(securityService.getUser()).andAnswer(userResponder).anyTimes();
    EasyMock.expect(securityService.getOrganization()).andAnswer(organizationResponder).anyTimes();
    EasyMock.replay(securityService);
    service.setSecurityService(securityService);
    // Authorization Service
    AuthorizationService authzService = EasyMock.createNiceMock(AuthorizationService.class);
    EasyMock.replay(authzService);
    service.setAuthorizationService(authzService);
    MessageSender messageSender = EasyMock.createNiceMock(MessageSender.class);
    EasyMock.replay(messageSender);
    // Service Registry
    serviceRegistry = new ServiceRegistryInMemoryImpl(service, securityService, userDirectoryService, organizationDirectoryService, EasyMock.createNiceMock(IncidentService.class));
    service.setServiceRegistry(serviceRegistry);
    // Search Index
    sRoot = new File(getStorageRoot());
    FileUtils.forceMkdir(sRoot);
    dao = new WorkflowServiceSolrIndex();
    dao.setServiceRegistry(serviceRegistry);
    dao.setAuthorizationService(authzService);
    dao.setSecurityService(securityService);
    dao.setOrgDirectory(organizationDirectoryService);
    dao.solrRoot = sRoot + File.separator + "solr." + System.currentTimeMillis();
    dao.activate("System Admin");
    service.setDao(dao);
    service.setMessageSender(messageSender);
    // Activate
    service.activate(null);
}
Also used : User(org.opencastproject.security.api.User) JaxbUser(org.opencastproject.security.api.JaxbUser) HashSet(java.util.HashSet) Set(java.util.Set) Organization(org.opencastproject.security.api.Organization) JaxbOrganization(org.opencastproject.security.api.JaxbOrganization) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization) HashMap(java.util.HashMap) MessageSender(org.opencastproject.message.broker.api.MessageSender) ArrayList(java.util.ArrayList) MediaPackageMetadataService(org.opencastproject.metadata.api.MediaPackageMetadataService) JaxbUser(org.opencastproject.security.api.JaxbUser) SecurityService(org.opencastproject.security.api.SecurityService) ServiceRegistryInMemoryImpl(org.opencastproject.serviceregistry.api.ServiceRegistryInMemoryImpl) JaxbOrganization(org.opencastproject.security.api.JaxbOrganization) UserDirectoryService(org.opencastproject.security.api.UserDirectoryService) IAnswer(org.easymock.IAnswer) JaxbRole(org.opencastproject.security.api.JaxbRole) AuthorizationService(org.opencastproject.security.api.AuthorizationService) File(java.io.File) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization) OrganizationDirectoryService(org.opencastproject.security.api.OrganizationDirectoryService) Workspace(org.opencastproject.workspace.api.Workspace) Before(org.junit.Before)

Aggregations

JaxbOrganization (org.opencastproject.security.api.JaxbOrganization)25 JaxbRole (org.opencastproject.security.api.JaxbRole)21 JaxbUser (org.opencastproject.security.api.JaxbUser)18 User (org.opencastproject.security.api.User)14 HashSet (java.util.HashSet)9 Before (org.junit.Before)9 DefaultOrganization (org.opencastproject.security.api.DefaultOrganization)9 Organization (org.opencastproject.security.api.Organization)9 SecurityService (org.opencastproject.security.api.SecurityService)9 OrganizationDirectoryService (org.opencastproject.security.api.OrganizationDirectoryService)8 HashMap (java.util.HashMap)5 UserDirectoryService (org.opencastproject.security.api.UserDirectoryService)5 Workspace (org.opencastproject.workspace.api.Workspace)5 File (java.io.File)4 URI (java.net.URI)4 LinkedList (java.util.LinkedList)4 Role (org.opencastproject.security.api.Role)4 ArrayList (java.util.ArrayList)3 Test (org.junit.Test)3 ServiceRegistry (org.opencastproject.serviceregistry.api.ServiceRegistry)3