Examples with UserIdentity password.pwm.bean.UserIdentity used on opensource projects

Example 51 with UserIdentity

use of password.pwm.bean.UserIdentity in project pwm by pwm-project.

the class PeopleSearchDataReader method makeOrgChartData.

OrgChartDataBean makeOrgChartData(final UserIdentity userIdentity, final boolean noChildren) throws PwmUnrecoverableException {
    final Instant startTime = Instant.now();
    final CacheKey cacheKey = makeCacheKey(OrgChartDataBean.class.getSimpleName(), userIdentity.toDelimitedKey() + "|" + noChildren);
    {
        // if value is cached then return;
        final String cachedOutput = pwmRequest.getPwmApplication().getCacheService().get(cacheKey);
        if (cachedOutput != null) {
            StatisticsManager.incrementStat(pwmRequest, Statistic.PEOPLESEARCH_CACHE_HITS);
            LOGGER.trace(pwmRequest, "completed makeOrgChartData of " + userIdentity.toDisplayString() + " from cache");
            return JsonUtil.deserialize(cachedOutput, OrgChartDataBean.class);
        } else {
            StatisticsManager.incrementStat(pwmRequest, Statistic.PEOPLESEARCH_CACHE_MISSES);
        }
    }
    final OrgChartDataBean orgChartData = new OrgChartDataBean();
    // make self reference
    orgChartData.setSelf(makeOrgChartReferenceForIdentity(userIdentity));
    {
        // make parent reference
        final List<UserIdentity> parentIdentities = readUserDNAttributeValues(userIdentity, peopleSearchConfiguration.getOrgChartParentAttr());
        if (parentIdentities != null && !parentIdentities.isEmpty()) {
            final UserIdentity parentIdentity = parentIdentities.iterator().next();
            orgChartData.setParent(makeOrgChartReferenceForIdentity(parentIdentity));
        }
    }
    int childCount = 0;
    if (!noChildren) {
        // make children reference
        final Map<String, OrgChartReferenceBean> sortedChildren = new TreeMap<>();
        final List<UserIdentity> childIdentities = readUserDNAttributeValues(userIdentity, peopleSearchConfiguration.getOrgChartChildAttr());
        for (final UserIdentity childIdentity : childIdentities) {
            final OrgChartReferenceBean childReference = makeOrgChartReferenceForIdentity(childIdentity);
            if (childReference != null) {
                if (childReference.getDisplayNames() != null && !childReference.getDisplayNames().isEmpty()) {
                    final String firstDisplayName = childReference.getDisplayNames().iterator().next();
                    sortedChildren.put(firstDisplayName, childReference);
                } else {
                    sortedChildren.put(String.valueOf(childCount), childReference);
                }
                childCount++;
            }
        }
        orgChartData.setChildren(Collections.unmodifiableList(new ArrayList<>(sortedChildren.values())));
    }
    if (!StringUtil.isEmpty(peopleSearchConfiguration.getOrgChartAssistantAttr())) {
        final List<UserIdentity> assistantIdentities = readUserDNAttributeValues(userIdentity, peopleSearchConfiguration.getOrgChartAssistantAttr());
        if (assistantIdentities != null && !assistantIdentities.isEmpty()) {
            final UserIdentity assistantIdentity = assistantIdentities.iterator().next();
            final OrgChartReferenceBean assistantReference = makeOrgChartReferenceForIdentity(assistantIdentity);
            if (assistantReference != null) {
                orgChartData.setAssistant(assistantReference);
            }
        }
    }
    final TimeDuration totalTime = TimeDuration.fromCurrent(startTime);
    storeDataInCache(pwmRequest.getPwmApplication(), cacheKey, orgChartData);
    LOGGER.trace(pwmRequest, "completed makeOrgChartData in " + totalTime.asCompactString() + " with " + childCount + " children");
    return orgChartData;
}

Example 52 with UserIdentity

use of password.pwm.bean.UserIdentity in project pwm by pwm-project.

the class PeopleSearchDataReader method readUserDNAttributeValues.

private List<UserIdentity> readUserDNAttributeValues(final UserIdentity userIdentity, final String attributeName) throws PwmUnrecoverableException {
    final List<UserIdentity> returnObj = new ArrayList<>();
    final int maxValues = Integer.parseInt(pwmRequest.getConfig().readAppProperty(AppProperty.PEOPLESEARCH_VALUE_MAXCOUNT));
    final ChaiUser chaiUser = getChaiUser(userIdentity);
    final Set<String> ldapValues;
    try {
        ldapValues = chaiUser.readMultiStringAttribute(attributeName);
    } catch (ChaiOperationException e) {
        throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_DIRECTORY_UNAVAILABLE, "error reading attribute value '" + attributeName + "', error:" + e.getMessage()));
    } catch (ChaiUnavailableException e) {
        throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_DIRECTORY_UNAVAILABLE, e.getMessage()));
    }
    final boolean checkUserDNValues = Boolean.parseBoolean(pwmRequest.getConfig().readAppProperty(AppProperty.PEOPLESEARCH_MAX_VALUE_VERIFYUSERDN));
    for (final String userDN : ldapValues) {
        final UserIdentity loopIdentity = new UserIdentity(userDN, userIdentity.getLdapProfileID());
        if (returnObj.size() < maxValues) {
            try {
                if (checkUserDNValues) {
                    checkIfUserIdentityViewable(loopIdentity);
                }
                returnObj.add(loopIdentity);
            } catch (PwmOperationalException e) {
                LOGGER.debug(pwmRequest, "discarding userDN " + userDN + " from attribute " + attributeName + " because it does not match search filter");
            }
        } else {
            LOGGER.trace(pwmRequest, "discarding userDN " + userDN + " from attribute " + attributeName + " because maximum value count has been reached");
        }
    }
    return returnObj;
}

Example 53 with UserIdentity

use of password.pwm.bean.UserIdentity in project pwm by pwm-project.

the class PeopleSearchServlet method restOrgChartData.

@ActionHandler(action = "orgChartData")
private ProcessStatus restOrgChartData(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ServletException {
    final PeopleSearchConfiguration peopleSearchConfiguration = PeopleSearchConfiguration.fromConfiguration(pwmRequest.getPwmApplication());
    if (!peopleSearchConfiguration.isOrgChartEnabled()) {
        throw new PwmUnrecoverableException(PwmError.ERROR_SERVICE_NOT_AVAILABLE);
    }
    final UserIdentity userIdentity;
    {
        final String userKey = pwmRequest.readParameterAsString(PARAM_USERKEY, PwmHttpRequestWrapper.Flag.BypassValidation);
        if (userKey == null || userKey.isEmpty()) {
            userIdentity = pwmRequest.getUserInfoIfLoggedIn();
            if (userIdentity == null) {
                return ProcessStatus.Halt;
            }
        } else {
            userIdentity = UserIdentity.fromObfuscatedKey(userKey, pwmRequest.getPwmApplication());
        }
    }
    final boolean noChildren = pwmRequest.readParameterAsBoolean("noChildren");
    try {
        final PeopleSearchDataReader peopleSearchDataReader = new PeopleSearchDataReader(pwmRequest);
        final OrgChartDataBean orgChartData = peopleSearchDataReader.makeOrgChartData(userIdentity, noChildren);
        addExpiresHeadersToResponse(pwmRequest);
        pwmRequest.outputJsonResult(RestResultBean.withData(orgChartData));
        StatisticsManager.incrementStat(pwmRequest, Statistic.PEOPLESEARCH_ORGCHART);
    } catch (PwmException e) {
        LOGGER.error(pwmRequest, "error generating user detail object: " + e.getMessage());
        pwmRequest.respondWithError(e.getErrorInformation());
    }
    return ProcessStatus.Halt;
}

Example 54 with UserIdentity

use of password.pwm.bean.UserIdentity in project pwm by pwm-project.

the class LdapTokenMachine method storeToken.

public void storeToken(final TokenKey tokenKey, final TokenPayload tokenPayload) throws PwmOperationalException, PwmUnrecoverableException {
    try {
        final String md5sumToken = tokenKey.getStoredHash();
        final String encodedTokenPayload = tokenService.toEncryptedString(tokenPayload);
        final UserIdentity userIdentity = tokenPayload.getUserIdentity();
        final ChaiUser chaiUser = pwmApplication.getProxiedChaiUser(userIdentity);
        chaiUser.writeStringAttribute(tokenAttribute, md5sumToken + KEY_VALUE_DELIMITER + encodedTokenPayload);
    } catch (ChaiException e) {
        final String errorMsg = "unexpected ldap error saving token: " + e.getMessage();
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg);
        throw new PwmOperationalException(errorInformation);
    }
}

Example 55 with UserIdentity

use of password.pwm.bean.UserIdentity in project pwm by pwm-project.

the class ExportResponsesCommand method doCommand.

@Override
void doCommand() throws Exception {
    final PwmApplication pwmApplication = cliEnvironment.getPwmApplication();
    final File outputFile = (File) cliEnvironment.getOptions().get(CliParameters.REQUIRED_NEW_OUTPUT_FILE.getName());
    JavaHelper.pause(2000);
    final long startTime = System.currentTimeMillis();
    final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
    final SearchConfiguration searchConfiguration = SearchConfiguration.builder().enableValueEscaping(false).username("*").build();
    final String systemRecordDelimiter = System.getProperty("line.separator");
    final Writer writer = new BufferedWriter(new PrintWriter(outputFile, PwmConstants.DEFAULT_CHARSET.toString()));
    final Map<UserIdentity, Map<String, String>> results = userSearchEngine.performMultiUserSearch(searchConfiguration, Integer.MAX_VALUE, Collections.emptyList(), SessionLabel.SYSTEM_LABEL);
    out("searching " + results.size() + " users for stored responses to write to " + outputFile.getAbsolutePath() + "....");
    int counter = 0;
    for (final UserIdentity identity : results.keySet()) {
        final ChaiUser user = pwmApplication.getProxiedChaiUser(identity);
        final ResponseSet responseSet = pwmApplication.getCrService().readUserResponseSet(null, identity, user);
        if (responseSet != null) {
            counter++;
            out("found responses for '" + user + "', writing to output.");
            final RestChallengesServer.JsonChallengesData outputData = new RestChallengesServer.JsonChallengesData();
            outputData.challenges = responseSet.asChallengeBeans(true);
            outputData.helpdeskChallenges = responseSet.asHelpdeskChallengeBeans(true);
            outputData.minimumRandoms = responseSet.getChallengeSet().minimumResponses();
            outputData.username = identity.toDelimitedKey();
            writer.write(JsonUtil.serialize(outputData));
            writer.write(systemRecordDelimiter);
        } else {
            out("skipping '" + user.toString() + "', no stored responses.");
        }
    }
    writer.close();
    out("output complete, " + counter + " responses exported in " + TimeDuration.fromCurrent(startTime).asCompactString());
}