Examples with JpaGroup org.opencastproject.security.impl.jpa.JpaGroup used on opensource projects

Example 11 with JpaGroup

use of org.opencastproject.security.impl.jpa.JpaGroup in project opencast by opencast.

the class JpaGroupRoleProvider method updateGroup.

@PUT
@Path("{id}")
@RestQuery(name = "updateGroup", description = "Update a group", returnDescription = "Return the status codes", pathParameters = { @RestParameter(name = "id", description = "The group identifier", isRequired = true, type = Type.STRING) }, restParameters = { @RestParameter(name = "name", description = "The group name", isRequired = true, type = Type.STRING), @RestParameter(name = "description", description = "The group description", isRequired = false, type = Type.STRING), @RestParameter(name = "roles", description = "A comma seperated string of additional group roles", isRequired = false, type = Type.TEXT), @RestParameter(name = "users", description = "A comma seperated string of group members", isRequired = true, type = Type.TEXT) }, reponses = { @RestResponse(responseCode = SC_OK, description = "Group updated"), @RestResponse(responseCode = SC_FORBIDDEN, description = "Not enough permissions to update a group with the admin role."), @RestResponse(responseCode = SC_NOT_FOUND, description = "Group not found"), @RestResponse(responseCode = SC_BAD_REQUEST, description = "Name too long") })
public Response updateGroup(@PathParam("id") String groupId, @FormParam("name") String name, @FormParam("description") String description, @FormParam("roles") String roles, @FormParam("users") String users) throws NotFoundException {
    JpaOrganization organization = (JpaOrganization) securityService.getOrganization();
    JpaGroup group = UserDirectoryPersistenceUtil.findGroup(groupId, organization.getId(), emf);
    if (group == null)
        throw new NotFoundException();
    if (StringUtils.isNotBlank(name))
        group.setName(StringUtils.trim(name));
    if (StringUtils.isNotBlank(description))
        group.setDescription(StringUtils.trim(description));
    if (StringUtils.isNotBlank(roles)) {
        HashSet<JpaRole> roleSet = new HashSet<JpaRole>();
        for (String role : StringUtils.split(roles, ",")) {
            roleSet.add(new JpaRole(StringUtils.trim(role), organization));
        }
        group.setRoles(roleSet);
    } else {
        group.setRoles(new HashSet<JpaRole>());
    }
    if (users != null) {
        HashSet<String> members = new HashSet<String>();
        HashSet<String> invalidateUsers = new HashSet<String>();
        Set<String> groupMembers = group.getMembers();
        for (String member : StringUtils.split(users, ",")) {
            String newMember = StringUtils.trim(member);
            members.add(newMember);
            if (!groupMembers.contains(newMember)) {
                invalidateUsers.add(newMember);
            }
        }
        for (String member : groupMembers) {
            if (!members.contains(member)) {
                invalidateUsers.add(member);
            }
        }
        group.setMembers(members);
        // Invalidate cache entries for users who have been added or removed
        for (String member : invalidateUsers) {
            userDirectoryService.invalidate(member);
        }
    }
    try {
        addGroup(group);
    } catch (IllegalArgumentException e) {
        logger.warn(e.getMessage());
        return Response.status(Status.BAD_REQUEST).build();
    } catch (UnauthorizedException ex) {
        return Response.status(SC_FORBIDDEN).build();
    }
    return Response.ok().build();
}

Example 12 with JpaGroup

use of org.opencastproject.security.impl.jpa.JpaGroup in project opencast by opencast.

the class JpaGroupRoleProvider method findRoles.

/**
 * {@inheritDoc}
 *
 * @see org.opencastproject.security.api.RoleProvider#findRoles(String, Role.Target, int, int)
 */
@Override
public Iterator<Role> findRoles(String query, Role.Target target, int offset, int limit) {
    if (query == null)
        throw new IllegalArgumentException("Query must be set");
    String orgId = securityService.getOrganization().getId();
    // Here we want to return only the ROLE_GROUP_ names, not the roles associated with a group
    List<JpaGroup> groups = UserDirectoryPersistenceUtil.findGroups(orgId, 0, 0, emf);
    List<Role> roles = new ArrayList<Role>();
    for (JpaGroup group : groups) {
        if (like(group.getRole(), query))
            roles.add(new JaxbRole(group.getRole(), JaxbOrganization.fromOrganization(group.getOrganization()), "", Role.Type.GROUP));
    }
    Set<Role> result = new HashSet<Role>();
    int i = 0;
    for (Role entry : roles) {
        if (limit != 0 && result.size() >= limit)
            break;
        if (i >= offset)
            result.add(entry);
        i++;
    }
    return result.iterator();
}

Example 13 with JpaGroup

use of org.opencastproject.security.impl.jpa.JpaGroup in project opencast by opencast.

the class JpaGroupRoleProvider method addGroup.

/**
 * Adds or updates a group to the persistence.
 *
 * @param group
 *          the group to add
 */
public void addGroup(final JpaGroup group) throws UnauthorizedException {
    if (group != null && !UserDirectoryUtils.isCurrentUserAuthorizedHandleRoles(securityService, group.getRoles()))
        throw new UnauthorizedException("The user is not allowed to add or update a group with the admin role");
    Group existingGroup = loadGroup(group.getGroupId(), group.getOrganization().getId());
    if (existingGroup != null && !UserDirectoryUtils.isCurrentUserAuthorizedHandleRoles(securityService, existingGroup.getRoles()))
        throw new UnauthorizedException("The user is not allowed to update a group with the admin role");
    Set<JpaRole> roles = UserDirectoryPersistenceUtil.saveRoles(group.getRoles(), emf);
    JpaOrganization organization = UserDirectoryPersistenceUtil.saveOrganization(group.getOrganization(), emf);
    JpaGroup jpaGroup = new JpaGroup(group.getGroupId(), organization, group.getName(), group.getDescription(), roles, group.getMembers());
    // Then save the jpaGroup
    EntityManager em = null;
    EntityTransaction tx = null;
    try {
        em = emf.createEntityManager();
        tx = em.getTransaction();
        tx.begin();
        JpaGroup foundGroup = UserDirectoryPersistenceUtil.findGroup(jpaGroup.getGroupId(), jpaGroup.getOrganization().getId(), emf);
        if (foundGroup == null) {
            em.persist(jpaGroup);
        } else {
            foundGroup.setName(jpaGroup.getName());
            foundGroup.setDescription(jpaGroup.getDescription());
            foundGroup.setMembers(jpaGroup.getMembers());
            foundGroup.setRoles(roles);
            em.merge(foundGroup);
        }
        tx.commit();
        messageSender.sendObjectMessage(GroupItem.GROUP_QUEUE, MessageSender.DestinationType.Queue, GroupItem.update(JaxbGroup.fromGroup(jpaGroup)));
    } finally {
        if (tx.isActive()) {
            tx.rollback();
        }
        if (em != null)
            em.close();
    }
}

Example 14 with JpaGroup

use of org.opencastproject.security.impl.jpa.JpaGroup in project opencast by opencast.

the class UserDirectoryPersistenceUtil method findGroupByRole.

/**
 * Returns the persisted group by the group role name and organization id
 *
 * @param role
 *          the role name
 * @param orgId
 *          the organization id
 * @param emf
 *          the entity manager factory
 * @return the group or <code>null</code> if not found
 */
public static JpaGroup findGroupByRole(String role, String orgId, EntityManagerFactory emf) {
    EntityManager em = null;
    try {
        em = emf.createEntityManager();
        Query q = em.createNamedQuery("Group.findByRole");
        q.setParameter("role", role);
        q.setParameter("organization", orgId);
        return (JpaGroup) q.getSingleResult();
    } catch (NoResultException e) {
        return null;
    } finally {
        if (em != null)
            em.close();
    }
}

Example 15 with JpaGroup

use of org.opencastproject.security.impl.jpa.JpaGroup in project opencast by opencast.

the class UserDirectoryPersistenceUtil method removeGroup.

public static void removeGroup(String groupId, String orgId, EntityManagerFactory emf) throws NotFoundException, Exception {
    EntityManager em = null;
    EntityTransaction tx = null;
    try {
        em = emf.createEntityManager();
        tx = em.getTransaction();
        tx.begin();
        JpaGroup group = findGroup(groupId, orgId, emf);
        if (group == null) {
            throw new NotFoundException("Group with ID " + groupId + " does not exist");
        }
        em.remove(em.merge(group));
        tx.commit();
    } catch (NotFoundException e) {
        throw e;
    } catch (Exception e) {
        if (tx.isActive()) {
            tx.rollback();
        }
        throw e;
    } finally {
        em.close();
    }
}