use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.
the class ConfigurableLoginHandler method newUserLogin.
/**
* Handle a new user login.
*
* @param id
* The identity of the user, ideally the Shibboleth persistent unique identifier
* @param request
* The request, for accessing any other Shibboleth variables
*/
@Override
public void newUserLogin(String id, HttpServletRequest request) {
String name = extractName(request);
String email = extractEmail(request);
Date loginDate = new Date();
JpaOrganization organization = fromOrganization(securityService.getOrganization());
// Compile the list of roles
Set<JpaRole> roles = extractRoles(id, request);
// Create the user reference
JpaUserReference userReference = new JpaUserReference(id, name, email, MECH_SHIBBOLETH, loginDate, organization, roles);
logger.debug("Shibboleth user '{}' logged in for the first time", id);
userReferenceProvider.addUserReference(userReference, MECH_SHIBBOLETH);
}
use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.
the class UserAndSeriesLoader method loadLdapUser.
/**
* Load a user for testing the ldap provider
*
* @param organizationId
* the organization
*/
protected void loadLdapUser(String organizationId) {
Set<JpaRole> ldapUserRoles = new HashSet<>();
ldapUserRoles.add(new JpaRole(USER_ROLE, getOrganization(organizationId)));
// This is the public identifier for Josh Holtzman in the UC Berkeley Directory, which is available for anonymous
// binding.
String ldapUserId = "231693";
if (jpaUserProvider.loadUser(ldapUserId, organizationId) == null) {
try {
jpaUserProvider.addUser(new JpaUser(ldapUserId, "ldap", getOrganization(organizationId), jpaUserProvider.getName(), true, ldapUserRoles));
logger.debug("Added ldap user '{}' into organization '{}'", ldapUserId, organizationId);
} catch (UnauthorizedException ex) {
logger.error("Unable to add an administrative user because you have not enough permissions.");
}
}
}
use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.
the class UserAndSeriesLoader method loadGroup.
/**
* Loads demo group into persistence
*
* @param groupId
* the group id
* @param orgId
* the organization id
* @param name
* the group name
* @param description
* the group description
* @param additionalRoles
* any additional roles to the group
* @param members
* the members associated to this group
*/
protected void loadGroup(String groupId, String orgId, String name, String description, String[] additionalRoles, String[] members) {
if (jpaGroupRoleProvider.loadGroup(groupId, orgId) == null) {
Set<JpaRole> roles = new HashSet<>();
for (String additionalRole : additionalRoles) {
roles.add(new JpaRole(additionalRole, getOrganization(orgId)));
}
JpaGroup group = new JpaGroup(groupId, getOrganization(orgId), name, description, roles, new HashSet<>(Arrays.asList(members)));
try {
jpaGroupRoleProvider.addGroup(group);
} catch (Exception e) {
logger.warn("Can not add {}: {}", group, e);
}
}
}
use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.
the class UserAndSeriesLoader method load.
/**
* Loads demo users into persistence.
*
* @param rolePrefix
* the role prefix
* @param numPerSeries
* the number of users to load per series
* @param additionalRoles
* any additional roles to add for each user
* @param orgId
* the organization id
*/
protected void load(String rolePrefix, int numPerSeries, String[] additionalRoles, String orgId) {
String lowerCasePrefix = rolePrefix.toLowerCase();
int totalUsers = numPerSeries * NUM_SERIES;
logger.info("Adding sample {}s, usernames and passwords are {}1/{}1... {}{}/{}{}", lowerCasePrefix, lowerCasePrefix, lowerCasePrefix, lowerCasePrefix, totalUsers, lowerCasePrefix, totalUsers);
for (int i = 1; i <= totalUsers; i++) {
if (jpaUserProvider.loadUser(lowerCasePrefix + i, orgId) == null) {
Set<JpaRole> roleSet = new HashSet<>();
for (String additionalRole : additionalRoles) {
roleSet.add(new JpaRole(additionalRole, getOrganization(orgId)));
}
roleSet.add(new JpaRole(SERIES_PREFIX + (((i - 1) % NUM_SERIES) + 1) + "_" + rolePrefix, getOrganization(orgId)));
JpaUser user = new JpaUser(lowerCasePrefix + i, lowerCasePrefix + i, getOrganization(orgId), jpaUserProvider.getName(), true, roleSet);
try {
jpaUserProvider.addUser(user);
logger.debug("Added {}", user);
} catch (Exception e) {
logger.warn("Can not add {}: {}", user, e);
}
}
}
}
use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.
the class JpaGroupRoleProvider method createGroup.
@POST
@Path("")
@RestQuery(name = "createGroup", description = "Add a group", returnDescription = "Return the status codes", restParameters = { @RestParameter(name = "name", description = "The group name", isRequired = true, type = Type.STRING), @RestParameter(name = "description", description = "The group description", isRequired = false, type = Type.STRING), @RestParameter(name = "roles", description = "A comma seperated string of additional group roles", isRequired = false, type = Type.TEXT), @RestParameter(name = "users", description = "A comma seperated string of group members", isRequired = false, type = Type.TEXT) }, reponses = { @RestResponse(responseCode = SC_CREATED, description = "Group created"), @RestResponse(responseCode = SC_BAD_REQUEST, description = "Name too long"), @RestResponse(responseCode = SC_FORBIDDEN, description = "Not enough permissions to create a group with the admin role."), @RestResponse(responseCode = SC_CONFLICT, description = "An group with this name already exists.") })
public Response createGroup(@FormParam("name") String name, @FormParam("description") String description, @FormParam("roles") String roles, @FormParam("users") String users) {
JpaOrganization organization = (JpaOrganization) securityService.getOrganization();
HashSet<JpaRole> roleSet = new HashSet<JpaRole>();
if (roles != null) {
for (String role : StringUtils.split(roles, ",")) {
roleSet.add(new JpaRole(StringUtils.trim(role), organization));
}
}
HashSet<String> members = new HashSet<String>();
if (users != null) {
for (String member : StringUtils.split(users, ",")) {
members.add(StringUtils.trim(member));
}
}
final String groupId = name.toLowerCase().replaceAll("\\W", "_");
JpaGroup existingGroup = UserDirectoryPersistenceUtil.findGroup(groupId, organization.getId(), emf);
if (existingGroup != null)
return Response.status(SC_CONFLICT).build();
try {
addGroup(new JpaGroup(groupId, organization, name, description, roleSet, members));
} catch (IllegalArgumentException e) {
logger.warn(e.getMessage());
return Response.status(Status.BAD_REQUEST).build();
} catch (UnauthorizedException e) {
return Response.status(SC_FORBIDDEN).build();
}
return Response.status(Status.CREATED).build();
}
Aggregations