Search in sources :

Example 1 with JpaRole

use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.

the class ConfigurableLoginHandler method newUserLogin.

/**
 * Handle a new user login.
 *
 * @param id
 *          The identity of the user, ideally the Shibboleth persistent unique identifier
 * @param request
 *          The request, for accessing any other Shibboleth variables
 */
@Override
public void newUserLogin(String id, HttpServletRequest request) {
    String name = extractName(request);
    String email = extractEmail(request);
    Date loginDate = new Date();
    JpaOrganization organization = fromOrganization(securityService.getOrganization());
    // Compile the list of roles
    Set<JpaRole> roles = extractRoles(id, request);
    // Create the user reference
    JpaUserReference userReference = new JpaUserReference(id, name, email, MECH_SHIBBOLETH, loginDate, organization, roles);
    logger.debug("Shibboleth user '{}' logged in for the first time", id);
    userReferenceProvider.addUserReference(userReference, MECH_SHIBBOLETH);
}
Also used : JpaOrganization(org.opencastproject.security.impl.jpa.JpaOrganization) JpaRole(org.opencastproject.security.impl.jpa.JpaRole) JpaUserReference(org.opencastproject.security.impl.jpa.JpaUserReference) Date(java.util.Date)

Example 2 with JpaRole

use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.

the class UserAndSeriesLoader method loadLdapUser.

/**
 * Load a user for testing the ldap provider
 *
 * @param organizationId
 *          the organization
 */
protected void loadLdapUser(String organizationId) {
    Set<JpaRole> ldapUserRoles = new HashSet<>();
    ldapUserRoles.add(new JpaRole(USER_ROLE, getOrganization(organizationId)));
    // This is the public identifier for Josh Holtzman in the UC Berkeley Directory, which is available for anonymous
    // binding.
    String ldapUserId = "231693";
    if (jpaUserProvider.loadUser(ldapUserId, organizationId) == null) {
        try {
            jpaUserProvider.addUser(new JpaUser(ldapUserId, "ldap", getOrganization(organizationId), jpaUserProvider.getName(), true, ldapUserRoles));
            logger.debug("Added ldap user '{}' into organization '{}'", ldapUserId, organizationId);
        } catch (UnauthorizedException ex) {
            logger.error("Unable to add an administrative user because you have not enough permissions.");
        }
    }
}
Also used : JpaRole(org.opencastproject.security.impl.jpa.JpaRole) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) JpaUser(org.opencastproject.security.impl.jpa.JpaUser) HashSet(java.util.HashSet)

Example 3 with JpaRole

use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.

the class UserAndSeriesLoader method loadGroup.

/**
 * Loads demo group into persistence
 *
 * @param groupId
 *          the group id
 * @param orgId
 *          the organization id
 * @param name
 *          the group name
 * @param description
 *          the group description
 * @param additionalRoles
 *          any additional roles to the group
 * @param members
 *          the members associated to this group
 */
protected void loadGroup(String groupId, String orgId, String name, String description, String[] additionalRoles, String[] members) {
    if (jpaGroupRoleProvider.loadGroup(groupId, orgId) == null) {
        Set<JpaRole> roles = new HashSet<>();
        for (String additionalRole : additionalRoles) {
            roles.add(new JpaRole(additionalRole, getOrganization(orgId)));
        }
        JpaGroup group = new JpaGroup(groupId, getOrganization(orgId), name, description, roles, new HashSet<>(Arrays.asList(members)));
        try {
            jpaGroupRoleProvider.addGroup(group);
        } catch (Exception e) {
            logger.warn("Can not add {}: {}", group, e);
        }
    }
}
Also used : JpaGroup(org.opencastproject.security.impl.jpa.JpaGroup) JpaRole(org.opencastproject.security.impl.jpa.JpaRole) SeriesException(org.opencastproject.series.api.SeriesException) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) NotFoundException(org.opencastproject.util.NotFoundException) HashSet(java.util.HashSet)

Example 4 with JpaRole

use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.

the class UserAndSeriesLoader method load.

/**
 * Loads demo users into persistence.
 *
 * @param rolePrefix
 *          the role prefix
 * @param numPerSeries
 *          the number of users to load per series
 * @param additionalRoles
 *          any additional roles to add for each user
 * @param orgId
 *          the organization id
 */
protected void load(String rolePrefix, int numPerSeries, String[] additionalRoles, String orgId) {
    String lowerCasePrefix = rolePrefix.toLowerCase();
    int totalUsers = numPerSeries * NUM_SERIES;
    logger.info("Adding sample {}s, usernames and passwords are {}1/{}1... {}{}/{}{}", lowerCasePrefix, lowerCasePrefix, lowerCasePrefix, lowerCasePrefix, totalUsers, lowerCasePrefix, totalUsers);
    for (int i = 1; i <= totalUsers; i++) {
        if (jpaUserProvider.loadUser(lowerCasePrefix + i, orgId) == null) {
            Set<JpaRole> roleSet = new HashSet<>();
            for (String additionalRole : additionalRoles) {
                roleSet.add(new JpaRole(additionalRole, getOrganization(orgId)));
            }
            roleSet.add(new JpaRole(SERIES_PREFIX + (((i - 1) % NUM_SERIES) + 1) + "_" + rolePrefix, getOrganization(orgId)));
            JpaUser user = new JpaUser(lowerCasePrefix + i, lowerCasePrefix + i, getOrganization(orgId), jpaUserProvider.getName(), true, roleSet);
            try {
                jpaUserProvider.addUser(user);
                logger.debug("Added {}", user);
            } catch (Exception e) {
                logger.warn("Can not add {}: {}", user, e);
            }
        }
    }
}
Also used : JpaRole(org.opencastproject.security.impl.jpa.JpaRole) JpaUser(org.opencastproject.security.impl.jpa.JpaUser) SeriesException(org.opencastproject.series.api.SeriesException) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) NotFoundException(org.opencastproject.util.NotFoundException) HashSet(java.util.HashSet)

Example 5 with JpaRole

use of org.opencastproject.security.impl.jpa.JpaRole in project opencast by opencast.

the class JpaGroupRoleProvider method createGroup.

@POST
@Path("")
@RestQuery(name = "createGroup", description = "Add a group", returnDescription = "Return the status codes", restParameters = { @RestParameter(name = "name", description = "The group name", isRequired = true, type = Type.STRING), @RestParameter(name = "description", description = "The group description", isRequired = false, type = Type.STRING), @RestParameter(name = "roles", description = "A comma seperated string of additional group roles", isRequired = false, type = Type.TEXT), @RestParameter(name = "users", description = "A comma seperated string of group members", isRequired = false, type = Type.TEXT) }, reponses = { @RestResponse(responseCode = SC_CREATED, description = "Group created"), @RestResponse(responseCode = SC_BAD_REQUEST, description = "Name too long"), @RestResponse(responseCode = SC_FORBIDDEN, description = "Not enough permissions to create a group with the admin role."), @RestResponse(responseCode = SC_CONFLICT, description = "An group with this name already exists.") })
public Response createGroup(@FormParam("name") String name, @FormParam("description") String description, @FormParam("roles") String roles, @FormParam("users") String users) {
    JpaOrganization organization = (JpaOrganization) securityService.getOrganization();
    HashSet<JpaRole> roleSet = new HashSet<JpaRole>();
    if (roles != null) {
        for (String role : StringUtils.split(roles, ",")) {
            roleSet.add(new JpaRole(StringUtils.trim(role), organization));
        }
    }
    HashSet<String> members = new HashSet<String>();
    if (users != null) {
        for (String member : StringUtils.split(users, ",")) {
            members.add(StringUtils.trim(member));
        }
    }
    final String groupId = name.toLowerCase().replaceAll("\\W", "_");
    JpaGroup existingGroup = UserDirectoryPersistenceUtil.findGroup(groupId, organization.getId(), emf);
    if (existingGroup != null)
        return Response.status(SC_CONFLICT).build();
    try {
        addGroup(new JpaGroup(groupId, organization, name, description, roleSet, members));
    } catch (IllegalArgumentException e) {
        logger.warn(e.getMessage());
        return Response.status(Status.BAD_REQUEST).build();
    } catch (UnauthorizedException e) {
        return Response.status(SC_FORBIDDEN).build();
    }
    return Response.status(Status.CREATED).build();
}
Also used : JpaGroup(org.opencastproject.security.impl.jpa.JpaGroup) JpaOrganization(org.opencastproject.security.impl.jpa.JpaOrganization) JpaRole(org.opencastproject.security.impl.jpa.JpaRole) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) HashSet(java.util.HashSet) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) RestQuery(org.opencastproject.util.doc.rest.RestQuery)

Aggregations

JpaRole (org.opencastproject.security.impl.jpa.JpaRole)37 HashSet (java.util.HashSet)18 UnauthorizedException (org.opencastproject.security.api.UnauthorizedException)18 JpaUser (org.opencastproject.security.impl.jpa.JpaUser)18 Test (org.junit.Test)16 JpaOrganization (org.opencastproject.security.impl.jpa.JpaOrganization)14 JpaGroup (org.opencastproject.security.impl.jpa.JpaGroup)12 NotFoundException (org.opencastproject.util.NotFoundException)11 Role (org.opencastproject.security.api.Role)9 Path (javax.ws.rs.Path)6 RestQuery (org.opencastproject.util.doc.rest.RestQuery)6 EntityManager (javax.persistence.EntityManager)5 EntityTransaction (javax.persistence.EntityTransaction)4 Group (org.opencastproject.security.api.Group)4 SecurityService (org.opencastproject.security.api.SecurityService)4 User (org.opencastproject.security.api.User)4 Date (java.util.Date)3 POST (javax.ws.rs.POST)3 PUT (javax.ws.rs.PUT)3 JSONArray (org.json.simple.JSONArray)3