Example 1 with CmsOrganizationalUnit
use of org.opencms.security.CmsOrganizationalUnit in project opencms-core by alkacon.
the class CmsDriverManager method createUser.
/**
* Creates a new user.<p>
*
* @param dbc the current database context
* @param name the name for the new user
* @param password the password for the new user
* @param description the description for the new user
* @param additionalInfos the additional infos for the user
*
* @return the created user
*
* @see CmsObject#createUser(String, String, String, Map)
*
* @throws CmsException if something goes wrong
* @throws CmsIllegalArgumentException if the name for the user is not valid
*/
public CmsUser createUser(CmsDbContext dbc, String name, String password, String description, Map<String, Object> additionalInfos) throws CmsException, CmsIllegalArgumentException {
// no space before or after the name
name = name.trim();
// check the user name
String userName = CmsOrganizationalUnit.getSimpleName(name);
OpenCms.getValidationHandler().checkUserName(userName);
if (CmsStringUtil.isEmptyOrWhitespaceOnly(userName)) {
throw new CmsIllegalArgumentException(Messages.get().container(Messages.ERR_BAD_USER_1, userName));
}
// check the ou
CmsOrganizationalUnit ou = readOrganizationalUnit(dbc, CmsOrganizationalUnit.getParentFqn(name));
// check the password
validatePassword(password);
Map<String, Object> info = new HashMap<String, Object>();
if (additionalInfos != null) {
info.putAll(additionalInfos);
}
if (description != null) {
info.put(CmsUserSettings.ADDITIONAL_INFO_DESCRIPTION, description);
}
int flags = 0;
if (ou.hasFlagWebuser()) {
flags += I_CmsPrincipal.FLAG_USER_WEBUSER;
}
CmsUser user = getUserDriver(dbc).createUser(dbc, new CmsUUID(), name, OpenCms.getPasswordHandler().digest(password), " ", " ", " ", 0, I_CmsPrincipal.FLAG_ENABLED + flags, 0, info);
if (!dbc.getProjectId().isNullUUID()) {
// user modified event is not needed
return user;
}
// fire user modified event
Map<String, Object> eventData = new HashMap<String, Object>();
eventData.put(I_CmsEventListener.KEY_USER_ID, user.getId().toString());
eventData.put(I_CmsEventListener.KEY_USER_ACTION, I_CmsEventListener.VALUE_USER_MODIFIED_ACTION_CREATE_USER);
OpenCms.fireCmsEvent(new CmsEvent(I_CmsEventListener.EVENT_USER_MODIFIED, eventData));
return user;
}
Also used :
CmsIllegalArgumentException(org.opencms.main.CmsIllegalArgumentException)
CmsOrganizationalUnit(org.opencms.security.CmsOrganizationalUnit)
HashMap(java.util.HashMap)
CmsEvent(org.opencms.main.CmsEvent)
CmsObject(org.opencms.file.CmsObject)
CmsUser(org.opencms.file.CmsUser)
CmsUUID(org.opencms.util.CmsUUID)
Example 2 with CmsOrganizationalUnit
use of org.opencms.security.CmsOrganizationalUnit in project opencms-core by alkacon.
the class CmsDriverManager method getGroupsOfUser.
/**
* Returns the groups of an user filtered by the specified IP address.<p>
*
* @param dbc the current database context
* @param username the name of the user
* @param ouFqn the fully qualified name of the organizational unit to restrict the result set for
* @param includeChildOus include groups of child organizational units
* @param readRoles if to read roles or groups
* @param directGroupsOnly if set only the direct assigned groups will be returned, if not also indirect groups
* @param remoteAddress the IP address to filter the groups in the result list
*
* @return a list of <code>{@link CmsGroup}</code> objects
*
* @throws CmsException if operation was not successful
*/
public List<CmsGroup> getGroupsOfUser(CmsDbContext dbc, String username, String ouFqn, boolean includeChildOus, boolean readRoles, boolean directGroupsOnly, String remoteAddress) throws CmsException {
CmsUser user = readUser(dbc, username);
String prefix = ouFqn + "_" + includeChildOus + "_" + directGroupsOnly + "_" + readRoles + "_" + remoteAddress;
String cacheKey = m_keyGenerator.getCacheKeyForUserGroups(prefix, dbc, user);
List<CmsGroup> groups = m_monitor.getCachedUserGroups(user.getId(), cacheKey);
if (groups == null) {
// get all groups of the user
List<CmsGroup> directGroups = getUserDriver(dbc).readGroupsOfUser(dbc, user.getId(), readRoles ? "" : ouFqn, readRoles ? true : includeChildOus, remoteAddress, readRoles);
Set<CmsGroup> allGroups = new HashSet<CmsGroup>();
if (!readRoles) {
allGroups.addAll(directGroups);
}
if (!directGroupsOnly) {
if (!readRoles) {
// now get all parents of the groups
for (int i = 0; i < directGroups.size(); i++) {
CmsGroup parent = getParent(dbc, directGroups.get(i).getName());
while ((parent != null) && (!allGroups.contains(parent))) {
if (parent.getOuFqn().startsWith(ouFqn)) {
allGroups.add(parent);
}
// read next parent group
parent = getParent(dbc, parent.getName());
}
}
}
}
if (readRoles) {
// for each for role
for (int i = 0; i < directGroups.size(); i++) {
CmsGroup group = directGroups.get(i);
CmsRole role = CmsRole.valueOf(group);
if (!includeChildOus && role.getOuFqn().equals(ouFqn)) {
allGroups.add(group);
}
if (includeChildOus && role.getOuFqn().startsWith(ouFqn)) {
allGroups.add(group);
}
if (directGroupsOnly || (!includeChildOus && !role.getOuFqn().equals(ouFqn))) {
// if roles of child OUs are not requested and the role does not belong to the requested OU don't include the role children
continue;
}
CmsOrganizationalUnit currentOu = readOrganizationalUnit(dbc, group.getOuFqn());
boolean readChildRoleGroups = true;
if (currentOu.hasFlagWebuser() && role.forOrgUnit(null).equals(CmsRole.ACCOUNT_MANAGER)) {
readChildRoleGroups = false;
}
if (readChildRoleGroups) {
// get the child roles
Iterator<CmsRole> itChildRoles = role.getChildren(true).iterator();
while (itChildRoles.hasNext()) {
CmsRole childRole = itChildRoles.next();
if (childRole.isSystemRole()) {
if (canReadRoleInOu(currentOu, childRole)) {
// include system roles only
try {
allGroups.add(readGroup(dbc, childRole.getGroupName()));
} catch (CmsDataAccessException e) {
// should not happen, log error if it does
LOG.error(e.getLocalizedMessage(), e);
}
}
}
}
} else {
LOG.info("Skipping child role group check for web user OU " + currentOu.getName());
}
if (includeChildOus) {
// if needed include the roles of child ous
Iterator<CmsOrganizationalUnit> itSubOus = getOrganizationalUnits(dbc, readOrganizationalUnit(dbc, group.getOuFqn()), true).iterator();
while (itSubOus.hasNext()) {
CmsOrganizationalUnit subOu = itSubOus.next();
// add role in child ou
try {
if (canReadRoleInOu(subOu, role)) {
allGroups.add(readGroup(dbc, role.forOrgUnit(subOu.getName()).getGroupName()));
}
} catch (CmsDbEntryNotFoundException e) {
// ignore, this may happen while deleting an orgunit
if (LOG.isDebugEnabled()) {
LOG.debug(e.getLocalizedMessage(), e);
}
}
// add child roles in child ous
Iterator<CmsRole> itChildRoles = role.getChildren(true).iterator();
while (itChildRoles.hasNext()) {
CmsRole childRole = itChildRoles.next();
try {
if (canReadRoleInOu(subOu, childRole)) {
allGroups.add(readGroup(dbc, childRole.forOrgUnit(subOu.getName()).getGroupName()));
}
} catch (CmsDbEntryNotFoundException e) {
// ignore, this may happen while deleting an orgunit
if (LOG.isDebugEnabled()) {
LOG.debug(e.getLocalizedMessage(), e);
}
}
}
}
}
}
}
// make group list unmodifiable for caching
groups = Collections.unmodifiableList(new ArrayList<CmsGroup>(allGroups));
if (dbc.getProjectId().isNullUUID()) {
m_monitor.getGroupListCache().setGroups(user, cacheKey, groups);
}
}
return groups;
}
Also used :
CmsRole(org.opencms.security.CmsRole)
CmsGroup(org.opencms.file.CmsGroup)
ArrayList(java.util.ArrayList)
CmsUser(org.opencms.file.CmsUser)
CmsDataAccessException(org.opencms.file.CmsDataAccessException)
CmsOrganizationalUnit(org.opencms.security.CmsOrganizationalUnit)
HashSet(java.util.HashSet)
Example 3 with CmsOrganizationalUnit
use of org.opencms.security.CmsOrganizationalUnit in project opencms-core by alkacon.
the class CmsDriverManager method createOrganizationalUnit.
/**
* Creates a new organizational unit.<p>
*
* @param dbc the current db context
* @param ouFqn the fully qualified name of the new organizational unit
* @param description the description of the new organizational unit
* @param flags the flags for the new organizational unit
* @param resource the first associated resource
*
* @return a <code>{@link CmsOrganizationalUnit}</code> object representing
* the newly created organizational unit
*
* @throws CmsException if operation was not successful
*
* @see org.opencms.security.CmsOrgUnitManager#createOrganizationalUnit(CmsObject, String, String, int, String)
*/
public CmsOrganizationalUnit createOrganizationalUnit(CmsDbContext dbc, String ouFqn, String description, int flags, CmsResource resource) throws CmsException {
// normal case
CmsOrganizationalUnit parent = readOrganizationalUnit(dbc, CmsOrganizationalUnit.getParentFqn(ouFqn));
String name = CmsOrganizationalUnit.getSimpleName(ouFqn);
if (name.endsWith(CmsOrganizationalUnit.SEPARATOR)) {
name = name.substring(0, name.length() - 1);
}
// check the name
CmsResource.checkResourceName(name);
// trim the name
name = name.trim();
// check the description
if (CmsStringUtil.isEmptyOrWhitespaceOnly(description)) {
throw new CmsIllegalArgumentException(Messages.get().container(Messages.ERR_BAD_OU_DESCRIPTION_EMPTY_0));
}
// create the organizational unit
CmsOrganizationalUnit orgUnit = getUserDriver(dbc).createOrganizationalUnit(dbc, name, description, flags, parent, resource != null ? resource.getRootPath() : null);
// put the new created org unit into the cache
m_monitor.cacheOrgUnit(orgUnit);
// flush relevant caches
m_monitor.clearPrincipalsCache();
m_monitor.flushCache(CmsMemoryMonitor.CacheType.PROPERTY, CmsMemoryMonitor.CacheType.PROPERTY_LIST);
// create a publish list for the 'virtual' publish event
CmsResource ouRes = readResource(dbc, CmsUserDriver.ORGUNIT_BASE_FOLDER + orgUnit.getName(), CmsResourceFilter.DEFAULT);
CmsPublishList pl = new CmsPublishList(ouRes, false);
pl.add(ouRes, false);
getProjectDriver(dbc).writePublishHistory(dbc, pl.getPublishHistoryId(), new CmsPublishedResource(ouRes, -1, CmsResourceState.STATE_NEW));
// fire the 'virtual' publish event
Map<String, Object> eventData = new HashMap<String, Object>();
eventData.put(I_CmsEventListener.KEY_PUBLISHID, pl.getPublishHistoryId().toString());
eventData.put(I_CmsEventListener.KEY_PROJECTID, dbc.currentProject().getUuid());
eventData.put(I_CmsEventListener.KEY_DBCONTEXT, dbc);
CmsEvent afterPublishEvent = new CmsEvent(I_CmsEventListener.EVENT_PUBLISH_PROJECT, eventData);
OpenCms.fireCmsEvent(afterPublishEvent);
if (!dbc.getProjectId().isNullUUID()) {
// OU modified event is not needed
return orgUnit;
}
// fire OU modified event
Map<String, Object> event2Data = new HashMap<String, Object>();
event2Data.put(I_CmsEventListener.KEY_OU_NAME, orgUnit.getName());
event2Data.put(I_CmsEventListener.KEY_OU_ID, orgUnit.getId().toString());
event2Data.put(I_CmsEventListener.KEY_USER_ACTION, I_CmsEventListener.VALUE_OU_MODIFIED_ACTION_CREATE);
OpenCms.fireCmsEvent(new CmsEvent(I_CmsEventListener.EVENT_OU_MODIFIED, event2Data));
// return it
return orgUnit;
}
Also used :
CmsOrganizationalUnit(org.opencms.security.CmsOrganizationalUnit)
CmsIllegalArgumentException(org.opencms.main.CmsIllegalArgumentException)
CmsResource(org.opencms.file.CmsResource)
I_CmsResource(org.opencms.file.I_CmsResource)
HashMap(java.util.HashMap)
CmsEvent(org.opencms.main.CmsEvent)
CmsObject(org.opencms.file.CmsObject)
Example 4 with CmsOrganizationalUnit
use of org.opencms.security.CmsOrganizationalUnit in project opencms-core by alkacon.
the class CmsDriverManager method getOrgUnitsForRole.
/**
* Returns all the organizational units for which the current user has the given role.<p>
*
* @param dbc the current database context
* @param role the role to check
* @param includeSubOus if sub organizational units should be included in the search
*
* @return a list of {@link org.opencms.security.CmsOrganizationalUnit} objects
*
* @throws CmsException if something goes wrong
*/
public List<CmsOrganizationalUnit> getOrgUnitsForRole(CmsDbContext dbc, CmsRole role, boolean includeSubOus) throws CmsException {
String ouFqn = role.getOuFqn();
if (ouFqn == null) {
ouFqn = "";
role = role.forOrgUnit("");
}
CmsOrganizationalUnit ou = readOrganizationalUnit(dbc, ouFqn);
List<CmsOrganizationalUnit> orgUnits = new ArrayList<CmsOrganizationalUnit>();
if (m_securityManager.hasRole(dbc, dbc.currentUser(), role)) {
orgUnits.add(ou);
}
if (includeSubOus) {
Iterator<CmsOrganizationalUnit> it = getOrganizationalUnits(dbc, ou, true).iterator();
while (it.hasNext()) {
CmsOrganizationalUnit orgUnit = it.next();
if (m_securityManager.hasRole(dbc, dbc.currentUser(), role.forOrgUnit(orgUnit.getName()))) {
orgUnits.add(orgUnit);
}
}
}
return orgUnits;
}
Also used :
CmsOrganizationalUnit(org.opencms.security.CmsOrganizationalUnit)
ArrayList(java.util.ArrayList)
Example 5 with CmsOrganizationalUnit
use of org.opencms.security.CmsOrganizationalUnit in project opencms-core by alkacon.
the class CmsDriverManager method importUser.
/**
* Creates a new user by import.<p>
*
* @param dbc the current database context
* @param id the id of the user
* @param name the new name for the user
* @param password the new password for the user (already encrypted)
* @param firstname the firstname of the user
* @param lastname the lastname of the user
* @param email the email of the user
* @param flags the flags for a user (for example <code>{@link I_CmsPrincipal#FLAG_ENABLED}</code>)
* @param dateCreated the creation date
* @param additionalInfos the additional user infos
*
* @return the imported user
*
* @throws CmsException if something goes wrong
*/
public CmsUser importUser(CmsDbContext dbc, String id, String name, String password, String firstname, String lastname, String email, int flags, long dateCreated, Map<String, Object> additionalInfos) throws CmsException {
// no space before or after the name
name = name.trim();
// check the user name
String userName = CmsOrganizationalUnit.getSimpleName(name);
OpenCms.getValidationHandler().checkUserName(userName);
if (CmsStringUtil.isEmptyOrWhitespaceOnly(userName)) {
throw new CmsIllegalArgumentException(Messages.get().container(Messages.ERR_BAD_USER_1, userName));
}
// check the ou
CmsOrganizationalUnit ou = readOrganizationalUnit(dbc, CmsOrganizationalUnit.getParentFqn(name));
// check webuser ou
if (ou.hasFlagWebuser() && ((flags & I_CmsPrincipal.FLAG_USER_WEBUSER) == 0)) {
flags += I_CmsPrincipal.FLAG_USER_WEBUSER;
}
CmsUser newUser = getUserDriver(dbc).createUser(dbc, new CmsUUID(id), name, password, firstname, lastname, email, 0, flags, dateCreated, additionalInfos);
return newUser;
}
Also used :
CmsIllegalArgumentException(org.opencms.main.CmsIllegalArgumentException)
CmsOrganizationalUnit(org.opencms.security.CmsOrganizationalUnit)
CmsUser(org.opencms.file.CmsUser)
CmsUUID(org.opencms.util.CmsUUID)
Aggregations
CmsOrganizationalUnit (org.opencms.security.CmsOrganizationalUnit)53
ArrayList (java.util.ArrayList)23
CmsException (org.opencms.main.CmsException)19
CmsGroup (org.opencms.file.CmsGroup)12
CmsResource (org.opencms.file.CmsResource)8
CmsRole (org.opencms.security.CmsRole)8
CmsDataAccessException (org.opencms.file.CmsDataAccessException)7
CmsObject (org.opencms.file.CmsObject)6
CmsUserSearchParameters (org.opencms.file.CmsUserSearchParameters)6
CmsListState (org.opencms.workplace.list.CmsListState)6
CmsProject (org.opencms.file.CmsProject)5
CmsUser (org.opencms.file.CmsUser)5
CmsUUID (org.opencms.util.CmsUUID)5
Item (com.vaadin.v7.data.Item)4
HashSet (java.util.HashSet)4
CmsIllegalArgumentException (org.opencms.main.CmsIllegalArgumentException)4
CmsListItem (org.opencms.workplace.list.CmsListItem)4
IndexedContainer (com.vaadin.v7.data.util.IndexedContainer)3
SQLException (java.sql.SQLException)3
HashMap (java.util.HashMap)3
