use of org.opencastproject.security.api.JaxbOrganization in project opencast by opencast.
the class MoodleUserProviderInstance method findRoles.
/**
* {@inheritDoc}
* <p>
* We search for COURSEID, COURSEID_Learner, COURSEID_Instructor
*
* @see org.opencastproject.security.api.RoleProvider#findRoles(java.lang.String, org.opencastproject.security.api.Role.Target, int, int)
*/
@Override
public Iterator<Role> findRoles(String query, Role.Target target, int offset, int limit) {
// Don't return roles for users or groups
if (target == Role.Target.USER)
return Collections.emptyIterator();
boolean exact = true;
boolean ltirole = false;
if (query.endsWith("%")) {
exact = false;
query = query.substring(0, query.length() - 1);
}
if (query.isEmpty())
return Collections.emptyIterator();
// Verify that role name ends with LEARNER_ROLE_SUFFIX or INSTRUCTOR_ROLE_SUFFIX
if (exact && !query.endsWith("_" + LEARNER_ROLE_SUFFIX) && !query.endsWith("_" + INSTRUCTOR_ROLE_SUFFIX))
return Collections.emptyIterator();
// Extract moodle course id
String moodleCourseId = query;
if (query.endsWith("_" + LEARNER_ROLE_SUFFIX)) {
moodleCourseId = query.substring(0, query.lastIndexOf("_" + LEARNER_ROLE_SUFFIX));
ltirole = true;
} else if (query.endsWith("_" + INSTRUCTOR_ROLE_SUFFIX)) {
moodleCourseId = query.substring(0, query.lastIndexOf("_" + INSTRUCTOR_ROLE_SUFFIX));
ltirole = true;
}
// Check if course matches pattern
try {
if ((coursePattern != null) && !moodleCourseId.matches(coursePattern)) {
logger.debug("verify course {} failed regexp {}", moodleCourseId, coursePattern);
return Collections.emptyIterator();
}
} catch (PatternSyntaxException e) {
logger.warn("Invalid regular expression for course pattern {} - disabling checks", coursePattern);
coursePattern = null;
}
// Roles list
List<Role> roles = new LinkedList<>();
JaxbOrganization jaxbOrganization = JaxbOrganization.fromOrganization(organization);
if (ltirole) {
// Query is for a Course ID and an LTI role (Instructor/Learner)
roles.add(new JaxbRole(query, jaxbOrganization, "Moodle Site Role", Role.Type.EXTERNAL));
} else {
// Course ID - return both roles
roles.add(new JaxbRole(moodleCourseId + "_" + INSTRUCTOR_ROLE_SUFFIX, jaxbOrganization, "Moodle Course Instructor Role", Role.Type.EXTERNAL));
roles.add(new JaxbRole(moodleCourseId + "_" + LEARNER_ROLE_SUFFIX, jaxbOrganization, "Moodle Course Learner Role", Role.Type.EXTERNAL));
}
return roles.iterator();
}
use of org.opencastproject.security.api.JaxbOrganization in project opencast by opencast.
the class SakaiUserProviderInstance method findUsers.
@Override
public Iterator<User> findUsers(String query, int offset, int limit) {
if (query == null)
throw new IllegalArgumentException("Query must be set");
if (query.endsWith("%")) {
query = query.substring(0, query.length() - 1);
}
if (query.isEmpty()) {
return Collections.emptyIterator();
}
// Verify if a user exists (non-wildcard searches only)
if (!verifySakaiUser(query)) {
return Collections.emptyIterator();
}
List<User> users = new LinkedList<User>();
JaxbOrganization jaxbOrganization = JaxbOrganization.fromOrganization(organization);
JaxbUser queryUser = new JaxbUser(query, PROVIDER_NAME, jaxbOrganization, new HashSet<JaxbRole>());
users.add(queryUser);
return users.iterator();
}
use of org.opencastproject.security.api.JaxbOrganization in project opencast by opencast.
the class SakaiUserProviderInstance method findRoles.
@Override
public Iterator<Role> findRoles(String query, Role.Target target, int offset, int limit) {
// We search for SITEID, SITEID_Learner, SITEID_Instructor
logger.debug("findRoles(query=" + query + " offset=" + offset + " limit=" + limit + ")");
// Don't return roles for users or groups
if (target == Role.Target.USER) {
return Collections.emptyIterator();
}
boolean exact = true;
boolean ltirole = false;
if (query.endsWith("%")) {
exact = false;
query = query.substring(0, query.length() - 1);
}
if (query.isEmpty()) {
return Collections.emptyIterator();
}
// Verify that role name ends with LTI_LEARNER_ROLE or LTI_INSTRUCTOR_ROLE
if (exact && !query.endsWith("_" + LTI_LEARNER_ROLE) && !query.endsWith("_" + LTI_INSTRUCTOR_ROLE)) {
return Collections.emptyIterator();
}
String sakaiSite = null;
if (query.endsWith("_" + LTI_LEARNER_ROLE)) {
sakaiSite = query.substring(0, query.lastIndexOf("_" + LTI_LEARNER_ROLE));
ltirole = true;
} else if (query.endsWith("_" + LTI_INSTRUCTOR_ROLE)) {
sakaiSite = query.substring(0, query.lastIndexOf("_" + LTI_INSTRUCTOR_ROLE));
ltirole = true;
}
if (!ltirole) {
sakaiSite = query;
}
if (!verifySakaiSite(sakaiSite)) {
return Collections.emptyIterator();
}
// Roles list
List<Role> roles = new LinkedList<Role>();
JaxbOrganization jaxbOrganization = JaxbOrganization.fromOrganization(organization);
if (ltirole) {
// Query is for a Site ID and an LTI role (Instructor/Learner)
roles.add(new JaxbRole(query, jaxbOrganization, "Sakai Site Role", Role.Type.EXTERNAL));
} else {
// Site ID - return both roles
roles.add(new JaxbRole(sakaiSite + "_" + LTI_INSTRUCTOR_ROLE, jaxbOrganization, "Sakai Site Instructor Role", Role.Type.EXTERNAL));
roles.add(new JaxbRole(sakaiSite + "_" + LTI_LEARNER_ROLE, jaxbOrganization, "Sakai Site Learner Role", Role.Type.EXTERNAL));
}
return roles.iterator();
}
use of org.opencastproject.security.api.JaxbOrganization in project opencast by opencast.
the class InMemoryUserAndRoleProvider method createSystemUsers.
/**
* Creates the system digest user.
*/
private void createSystemUsers() {
for (Organization organization : orgDirectoryService.getOrganizations()) {
JaxbOrganization jaxbOrganization = JaxbOrganization.fromOrganization(organization);
// Create the digest auth user with a clear text password
Set<JaxbRole> roleList = new HashSet<JaxbRole>();
for (String roleName : SecurityConstants.GLOBAL_SYSTEM_ROLES) {
roleList.add(new JaxbRole(roleName, jaxbOrganization));
}
// Create the digest user
if (digestUsername != null && digestUserPass != null) {
logger.info("Creating the system digest user");
User digestUser = new JaxbUser(digestUsername, digestUserPass, DIGEST_USER_NAME, null, getName(), true, jaxbOrganization, roleList);
inMemoryUsers.add(digestUser);
}
}
}
use of org.opencastproject.security.api.JaxbOrganization in project opencast by opencast.
the class WorkflowServiceImplAuthzTest method setUp.
@Before
public void setUp() throws Exception {
Map<String, Integer> servers = new HashMap<String, Integer>();
servers.put("http://somewhere", 80);
defaultOrganization = new DefaultOrganization();
otherOrganization = new JaxbOrganization("other_org", "Another organization", servers, defaultOrganization.getAdminRole(), defaultOrganization.getAnonymousRole(), null);
JaxbOrganization jaxbOrganization = JaxbOrganization.fromOrganization(defaultOrganization);
instructor1 = new JaxbUser("instructor1", "test", jaxbOrganization, new JaxbRole("ROLE_INSTRUCTOR", jaxbOrganization));
instructor2 = new JaxbUser("instructor2", "test", jaxbOrganization, new JaxbRole("ROLE_INSTRUCTOR", jaxbOrganization));
JaxbOrganization differentOrg = new JaxbOrganization("differentorg");
instructorFromDifferentOrg = new JaxbUser("instructor3", "test", differentOrg, new JaxbRole("ROLE_INSTRUCTOR", differentOrg));
JaxbOrganization doesntMatterOrg = new JaxbOrganization("org doesn't matter");
globalAdmin = new JaxbUser("global_admin", "test", doesntMatterOrg, new JaxbRole(SecurityConstants.GLOBAL_ADMIN_ROLE, doesntMatterOrg));
users = new HashMap<String, User>();
users.put(instructor1.getUsername(), instructor1);
users.put(instructor2.getUsername(), instructor2);
users.put(instructorFromDifferentOrg.getUsername(), instructorFromDifferentOrg);
users.put(DEFAULT_ORG_ADMIN.getUsername(), DEFAULT_ORG_ADMIN);
users.put(globalAdmin.getUsername(), globalAdmin);
service = new WorkflowServiceImpl() {
@Override
public Set<HandlerRegistration> getRegisteredHandlers() {
return new HashSet<WorkflowServiceImpl.HandlerRegistration>();
}
};
scanner = new WorkflowDefinitionScanner();
service.addWorkflowDefinitionScanner(scanner);
// Organization Service
List<Organization> organizationList = new ArrayList<Organization>();
organizationList.add(defaultOrganization);
OrganizationDirectoryService organizationDirectoryService = EasyMock.createMock(OrganizationDirectoryService.class);
EasyMock.expect(organizationDirectoryService.getOrganization((String) EasyMock.anyObject())).andAnswer(new IAnswer<Organization>() {
@Override
public Organization answer() throws Throwable {
String orgId = (String) EasyMock.getCurrentArguments()[0];
Map<String, Integer> servers = new HashMap<String, Integer>();
servers.put("http://" + orgId, 80);
defaultOrganization = new DefaultOrganization();
return new JaxbOrganization(orgId, orgId, servers, "ROLE_ADMIN", "ROLE_ANONYMOUS", null);
}
}).anyTimes();
EasyMock.expect(organizationDirectoryService.getOrganizations()).andReturn(organizationList).anyTimes();
EasyMock.replay(organizationDirectoryService);
service.setOrganizationDirectoryService(organizationDirectoryService);
// Metadata Service
MediaPackageMetadataService mds = EasyMock.createNiceMock(MediaPackageMetadataService.class);
EasyMock.replay(mds);
service.addMetadataService(mds);
// Workspace
workspace = EasyMock.createNiceMock(Workspace.class);
EasyMock.expect(workspace.getCollectionContents((String) EasyMock.anyObject())).andReturn(new URI[0]);
EasyMock.replay(workspace);
// User Directory
UserDirectoryService userDirectoryService = EasyMock.createMock(UserDirectoryService.class);
EasyMock.expect(userDirectoryService.loadUser((String) EasyMock.anyObject())).andAnswer(new IAnswer<User>() {
@Override
public User answer() throws Throwable {
String userName = (String) EasyMock.getCurrentArguments()[0];
return users.get(userName);
}
}).anyTimes();
EasyMock.replay(userDirectoryService);
service.setUserDirectoryService(userDirectoryService);
// security service
userResponder = new Responder<User>(DEFAULT_ORG_ADMIN);
organizationResponder = new Responder<Organization>(defaultOrganization);
securityService = EasyMock.createNiceMock(SecurityService.class);
EasyMock.expect(securityService.getUser()).andAnswer(userResponder).anyTimes();
EasyMock.expect(securityService.getOrganization()).andAnswer(organizationResponder).anyTimes();
EasyMock.replay(securityService);
service.setSecurityService(securityService);
// Authorization Service
AuthorizationService authzService = EasyMock.createNiceMock(AuthorizationService.class);
EasyMock.replay(authzService);
service.setAuthorizationService(authzService);
MessageSender messageSender = EasyMock.createNiceMock(MessageSender.class);
EasyMock.replay(messageSender);
// Service Registry
serviceRegistry = new ServiceRegistryInMemoryImpl(service, securityService, userDirectoryService, organizationDirectoryService, EasyMock.createNiceMock(IncidentService.class));
service.setServiceRegistry(serviceRegistry);
// Search Index
sRoot = new File(getStorageRoot());
FileUtils.forceMkdir(sRoot);
dao = new WorkflowServiceSolrIndex();
dao.setServiceRegistry(serviceRegistry);
dao.setAuthorizationService(authzService);
dao.setSecurityService(securityService);
dao.setOrgDirectory(organizationDirectoryService);
dao.solrRoot = sRoot + File.separator + "solr." + System.currentTimeMillis();
dao.activate("System Admin");
service.setDao(dao);
service.setMessageSender(messageSender);
// Activate
service.activate(null);
}
Aggregations