Example 16 with UserPermission
use of password.pwm.config.value.data.UserPermission in project pwm by pwm-project.
the class UserMatchViewerFunction method discoverMatchingUsers.
public Collection<UserIdentity> discoverMatchingUsers(final PwmApplication pwmApplication, final int maxResultSize, final StoredConfigurationImpl storedConfiguration, final PwmSetting setting, final String profile) throws Exception {
final Configuration config = new Configuration(storedConfiguration);
final PwmApplication tempApplication = new PwmApplication(pwmApplication.getPwmEnvironment().makeRuntimeInstance(config));
final List<UserPermission> permissions = (List<UserPermission>) storedConfiguration.readSetting(setting, profile).toNativeObject();
for (final UserPermission userPermission : permissions) {
if (userPermission.getType() == UserPermission.Type.ldapQuery) {
if (userPermission.getLdapBase() != null && !userPermission.getLdapBase().isEmpty()) {
testIfLdapDNIsValid(tempApplication, userPermission.getLdapBase(), userPermission.getLdapProfileID());
}
} else if (userPermission.getType() == UserPermission.Type.ldapGroup) {
testIfLdapDNIsValid(tempApplication, userPermission.getLdapBase(), userPermission.getLdapProfileID());
}
}
return LdapPermissionTester.discoverMatchingUsers(tempApplication, maxResultSize, permissions, SessionLabel.SYSTEM_LABEL).keySet();
}
Also used :
PwmApplication(password.pwm.PwmApplication)
Configuration(password.pwm.config.Configuration)
List(java.util.List)
UserPermission(password.pwm.config.value.data.UserPermission)
Example 17 with UserPermission
use of password.pwm.config.value.data.UserPermission in project pwm by pwm-project.
the class ConfigGuideForm method generateStoredConfig.
public static StoredConfigurationImpl generateStoredConfig(final ConfigGuideBean configGuideBean) throws PwmUnrecoverableException {
final Map<ConfigGuideFormField, String> formData = configGuideBean.getFormData();
final StoredConfigurationImpl storedConfiguration = StoredConfigurationImpl.newStoredConfiguration();
// templates
updateStoredConfigTemplateValue(formData, storedConfiguration, PwmSetting.TEMPLATE_LDAP, ConfigGuideFormField.PARAM_TEMPLATE_LDAP, PwmSettingTemplate.Type.LDAP_VENDOR);
updateStoredConfigTemplateValue(formData, storedConfiguration, PwmSetting.TEMPLATE_STORAGE, ConfigGuideFormField.PARAM_TEMPLATE_STORAGE, PwmSettingTemplate.Type.STORAGE);
updateStoredConfigTemplateValue(formData, storedConfiguration, PwmSetting.DB_VENDOR_TEMPLATE, ConfigGuideFormField.PARAM_DB_VENDOR, PwmSettingTemplate.Type.DB_VENDOR);
// establish a default ldap profile
storedConfiguration.writeSetting(PwmSetting.LDAP_PROFILE_LIST, null, new StringArrayValue(Collections.singletonList(LDAP_PROFILE_NAME)), null);
{
final String newLdapURI = figureLdapUrlFromFormConfig(formData);
final StringArrayValue newValue = new StringArrayValue(Collections.singletonList(newLdapURI));
storedConfiguration.writeSetting(PwmSetting.LDAP_SERVER_URLS, LDAP_PROFILE_NAME, newValue, null);
}
if (configGuideBean.isUseConfiguredCerts()) {
final StoredValue newStoredValue = new X509CertificateValue(configGuideBean.getLdapCertificates());
storedConfiguration.writeSetting(PwmSetting.LDAP_SERVER_CERTS, LDAP_PROFILE_NAME, newStoredValue, null);
}
{
// proxy/admin account
final String ldapAdminDN = formData.get(ConfigGuideFormField.PARAM_LDAP_PROXY_DN);
final String ldapAdminPW = formData.get(ConfigGuideFormField.PARAM_LDAP_PROXY_PW);
storedConfiguration.writeSetting(PwmSetting.LDAP_PROXY_USER_DN, LDAP_PROFILE_NAME, new StringValue(ldapAdminDN), null);
final PasswordValue passwordValue = new PasswordValue(PasswordData.forStringValue(ldapAdminPW));
storedConfiguration.writeSetting(PwmSetting.LDAP_PROXY_USER_PASSWORD, LDAP_PROFILE_NAME, passwordValue, null);
}
storedConfiguration.writeSetting(PwmSetting.LDAP_CONTEXTLESS_ROOT, LDAP_PROFILE_NAME, new StringArrayValue(Collections.singletonList(formData.get(ConfigGuideFormField.PARAM_LDAP_CONTEXT))), null);
{
final String ldapContext = formData.get(ConfigGuideFormField.PARAM_LDAP_CONTEXT);
storedConfiguration.writeSetting(PwmSetting.LDAP_CONTEXTLESS_ROOT, LDAP_PROFILE_NAME, new StringArrayValue(Collections.singletonList(ldapContext)), null);
}
{
final boolean testuserEnabled = Boolean.parseBoolean(formData.get(ConfigGuideFormField.PARAM_LDAP_TEST_USER_ENABLED));
if (testuserEnabled) {
final String ldapTestUserDN = formData.get(ConfigGuideFormField.PARAM_LDAP_TEST_USER);
storedConfiguration.writeSetting(PwmSetting.LDAP_TEST_USER_DN, LDAP_PROFILE_NAME, new StringValue(ldapTestUserDN), null);
} else {
storedConfiguration.resetSetting(PwmSetting.LDAP_TEST_USER_DN, LDAP_PROFILE_NAME, null);
}
}
{
// set admin query
final String groupDN = formData.get(ConfigGuideFormField.PARAM_LDAP_ADMIN_GROUP);
final List<UserPermission> userPermissions = Collections.singletonList(new UserPermission(UserPermission.Type.ldapGroup, null, null, groupDN));
storedConfiguration.writeSetting(PwmSetting.QUERY_MATCH_PWM_ADMIN, new UserPermissionValue(userPermissions), null);
}
{
// database
final String dbClass = formData.get(ConfigGuideFormField.PARAM_DB_CLASSNAME);
storedConfiguration.writeSetting(PwmSetting.DATABASE_CLASS, null, new StringValue(dbClass), null);
final String dbUrl = formData.get(ConfigGuideFormField.PARAM_DB_CONNECT_URL);
storedConfiguration.writeSetting(PwmSetting.DATABASE_URL, null, new StringValue(dbUrl), null);
final String dbUser = formData.get(ConfigGuideFormField.PARAM_DB_USERNAME);
storedConfiguration.writeSetting(PwmSetting.DATABASE_USERNAME, null, new StringValue(dbUser), null);
final String dbPassword = formData.get(ConfigGuideFormField.PARAM_DB_PASSWORD);
final PasswordValue passwordValue = new PasswordValue(PasswordData.forStringValue(dbPassword));
storedConfiguration.writeSetting(PwmSetting.DATABASE_PASSWORD, null, passwordValue, null);
final FileValue jdbcDriver = configGuideBean.getDatabaseDriver();
if (jdbcDriver != null) {
storedConfiguration.writeSetting(PwmSetting.DATABASE_JDBC_DRIVER, null, jdbcDriver, null);
}
}
{
// telemetry
final boolean telemetryEnabled = Boolean.parseBoolean(formData.get(ConfigGuideFormField.PARAM_TELEMETRY_ENABLE));
storedConfiguration.writeSetting(PwmSetting.PUBLISH_STATS_ENABLE, null, new BooleanValue(telemetryEnabled), null);
final String siteDescription = formData.get(ConfigGuideFormField.PARAM_TELEMETRY_DESCRIPTION);
storedConfiguration.writeSetting(PwmSetting.PUBLISH_STATS_SITE_DESCRIPTION, null, new StringValue(siteDescription), null);
}
// cr policy
if (formData.containsKey(ConfigGuideFormField.CHALLENGE_RESPONSE_DATA)) {
final String stringValue = formData.get(ConfigGuideFormField.CHALLENGE_RESPONSE_DATA);
final StoredValue challengeValue = ChallengeValue.factory().fromJson(stringValue);
storedConfiguration.writeSetting(PwmSetting.CHALLENGE_RANDOM_CHALLENGES, "default", challengeValue, null);
}
// set site url
storedConfiguration.writeSetting(PwmSetting.PWM_SITE_URL, new StringValue(formData.get(ConfigGuideFormField.PARAM_APP_SITEURL)), null);
// enable debug mode
storedConfiguration.writeSetting(PwmSetting.DISPLAY_SHOW_DETAILED_ERRORS, null, new BooleanValue(true), null);
return storedConfiguration;
}
Also used :
FileValue(password.pwm.config.value.FileValue)
StoredConfigurationImpl(password.pwm.config.stored.StoredConfigurationImpl)
StoredValue(password.pwm.config.StoredValue)
UserPermissionValue(password.pwm.config.value.UserPermissionValue)
X509CertificateValue(password.pwm.config.value.X509CertificateValue)
PasswordValue(password.pwm.config.value.PasswordValue)
BooleanValue(password.pwm.config.value.BooleanValue)
List(java.util.List)
StringValue(password.pwm.config.value.StringValue)
StringArrayValue(password.pwm.config.value.StringArrayValue)
UserPermission(password.pwm.config.value.data.UserPermission)
Aggregations
UserPermission (password.pwm.config.value.data.UserPermission)17
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)7
ArrayList (java.util.ArrayList)6
List (java.util.List)6
ErrorInformation (password.pwm.error.ErrorInformation)6
UserIdentity (password.pwm.bean.UserIdentity)3
Configuration (password.pwm.config.Configuration)3
PwmSetting (password.pwm.config.PwmSetting)3
PwmOperationalException (password.pwm.error.PwmOperationalException)3
TreeMap (java.util.TreeMap)2
Element (org.jdom2.Element)2
Permission (password.pwm.Permission)2
PwmApplication (password.pwm.PwmApplication)2
PwmPasswordPolicy (password.pwm.config.profile.PwmPasswordPolicy)2
FormConfiguration (password.pwm.config.value.data.FormConfiguration)2
SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)2
UserSearchEngine (password.pwm.ldap.search.UserSearchEngine)2
ChaiChallengeSet (com.novell.ldapchai.cr.ChaiChallengeSet)1
ChallengeSet (com.novell.ldapchai.cr.ChallengeSet)1
ChaiConfiguration (com.novell.ldapchai.provider.ChaiConfiguration)1
