Search in sources :

Example 16 with UserPermission

use of password.pwm.config.value.data.UserPermission in project pwm by pwm-project.

the class UserMatchViewerFunction method discoverMatchingUsers.

public Collection<UserIdentity> discoverMatchingUsers(final PwmApplication pwmApplication, final int maxResultSize, final StoredConfigurationImpl storedConfiguration, final PwmSetting setting, final String profile) throws Exception {
    final Configuration config = new Configuration(storedConfiguration);
    final PwmApplication tempApplication = new PwmApplication(pwmApplication.getPwmEnvironment().makeRuntimeInstance(config));
    final List<UserPermission> permissions = (List<UserPermission>) storedConfiguration.readSetting(setting, profile).toNativeObject();
    for (final UserPermission userPermission : permissions) {
        if (userPermission.getType() == UserPermission.Type.ldapQuery) {
            if (userPermission.getLdapBase() != null && !userPermission.getLdapBase().isEmpty()) {
                testIfLdapDNIsValid(tempApplication, userPermission.getLdapBase(), userPermission.getLdapProfileID());
            }
        } else if (userPermission.getType() == UserPermission.Type.ldapGroup) {
            testIfLdapDNIsValid(tempApplication, userPermission.getLdapBase(), userPermission.getLdapProfileID());
        }
    }
    return LdapPermissionTester.discoverMatchingUsers(tempApplication, maxResultSize, permissions, SessionLabel.SYSTEM_LABEL).keySet();
}
Also used : PwmApplication(password.pwm.PwmApplication) Configuration(password.pwm.config.Configuration) List(java.util.List) UserPermission(password.pwm.config.value.data.UserPermission)

Example 17 with UserPermission

use of password.pwm.config.value.data.UserPermission in project pwm by pwm-project.

the class ConfigGuideForm method generateStoredConfig.

public static StoredConfigurationImpl generateStoredConfig(final ConfigGuideBean configGuideBean) throws PwmUnrecoverableException {
    final Map<ConfigGuideFormField, String> formData = configGuideBean.getFormData();
    final StoredConfigurationImpl storedConfiguration = StoredConfigurationImpl.newStoredConfiguration();
    // templates
    updateStoredConfigTemplateValue(formData, storedConfiguration, PwmSetting.TEMPLATE_LDAP, ConfigGuideFormField.PARAM_TEMPLATE_LDAP, PwmSettingTemplate.Type.LDAP_VENDOR);
    updateStoredConfigTemplateValue(formData, storedConfiguration, PwmSetting.TEMPLATE_STORAGE, ConfigGuideFormField.PARAM_TEMPLATE_STORAGE, PwmSettingTemplate.Type.STORAGE);
    updateStoredConfigTemplateValue(formData, storedConfiguration, PwmSetting.DB_VENDOR_TEMPLATE, ConfigGuideFormField.PARAM_DB_VENDOR, PwmSettingTemplate.Type.DB_VENDOR);
    // establish a default ldap profile
    storedConfiguration.writeSetting(PwmSetting.LDAP_PROFILE_LIST, null, new StringArrayValue(Collections.singletonList(LDAP_PROFILE_NAME)), null);
    {
        final String newLdapURI = figureLdapUrlFromFormConfig(formData);
        final StringArrayValue newValue = new StringArrayValue(Collections.singletonList(newLdapURI));
        storedConfiguration.writeSetting(PwmSetting.LDAP_SERVER_URLS, LDAP_PROFILE_NAME, newValue, null);
    }
    if (configGuideBean.isUseConfiguredCerts()) {
        final StoredValue newStoredValue = new X509CertificateValue(configGuideBean.getLdapCertificates());
        storedConfiguration.writeSetting(PwmSetting.LDAP_SERVER_CERTS, LDAP_PROFILE_NAME, newStoredValue, null);
    }
    {
        // proxy/admin account
        final String ldapAdminDN = formData.get(ConfigGuideFormField.PARAM_LDAP_PROXY_DN);
        final String ldapAdminPW = formData.get(ConfigGuideFormField.PARAM_LDAP_PROXY_PW);
        storedConfiguration.writeSetting(PwmSetting.LDAP_PROXY_USER_DN, LDAP_PROFILE_NAME, new StringValue(ldapAdminDN), null);
        final PasswordValue passwordValue = new PasswordValue(PasswordData.forStringValue(ldapAdminPW));
        storedConfiguration.writeSetting(PwmSetting.LDAP_PROXY_USER_PASSWORD, LDAP_PROFILE_NAME, passwordValue, null);
    }
    storedConfiguration.writeSetting(PwmSetting.LDAP_CONTEXTLESS_ROOT, LDAP_PROFILE_NAME, new StringArrayValue(Collections.singletonList(formData.get(ConfigGuideFormField.PARAM_LDAP_CONTEXT))), null);
    {
        final String ldapContext = formData.get(ConfigGuideFormField.PARAM_LDAP_CONTEXT);
        storedConfiguration.writeSetting(PwmSetting.LDAP_CONTEXTLESS_ROOT, LDAP_PROFILE_NAME, new StringArrayValue(Collections.singletonList(ldapContext)), null);
    }
    {
        final boolean testuserEnabled = Boolean.parseBoolean(formData.get(ConfigGuideFormField.PARAM_LDAP_TEST_USER_ENABLED));
        if (testuserEnabled) {
            final String ldapTestUserDN = formData.get(ConfigGuideFormField.PARAM_LDAP_TEST_USER);
            storedConfiguration.writeSetting(PwmSetting.LDAP_TEST_USER_DN, LDAP_PROFILE_NAME, new StringValue(ldapTestUserDN), null);
        } else {
            storedConfiguration.resetSetting(PwmSetting.LDAP_TEST_USER_DN, LDAP_PROFILE_NAME, null);
        }
    }
    {
        // set admin query
        final String groupDN = formData.get(ConfigGuideFormField.PARAM_LDAP_ADMIN_GROUP);
        final List<UserPermission> userPermissions = Collections.singletonList(new UserPermission(UserPermission.Type.ldapGroup, null, null, groupDN));
        storedConfiguration.writeSetting(PwmSetting.QUERY_MATCH_PWM_ADMIN, new UserPermissionValue(userPermissions), null);
    }
    {
        // database
        final String dbClass = formData.get(ConfigGuideFormField.PARAM_DB_CLASSNAME);
        storedConfiguration.writeSetting(PwmSetting.DATABASE_CLASS, null, new StringValue(dbClass), null);
        final String dbUrl = formData.get(ConfigGuideFormField.PARAM_DB_CONNECT_URL);
        storedConfiguration.writeSetting(PwmSetting.DATABASE_URL, null, new StringValue(dbUrl), null);
        final String dbUser = formData.get(ConfigGuideFormField.PARAM_DB_USERNAME);
        storedConfiguration.writeSetting(PwmSetting.DATABASE_USERNAME, null, new StringValue(dbUser), null);
        final String dbPassword = formData.get(ConfigGuideFormField.PARAM_DB_PASSWORD);
        final PasswordValue passwordValue = new PasswordValue(PasswordData.forStringValue(dbPassword));
        storedConfiguration.writeSetting(PwmSetting.DATABASE_PASSWORD, null, passwordValue, null);
        final FileValue jdbcDriver = configGuideBean.getDatabaseDriver();
        if (jdbcDriver != null) {
            storedConfiguration.writeSetting(PwmSetting.DATABASE_JDBC_DRIVER, null, jdbcDriver, null);
        }
    }
    {
        // telemetry
        final boolean telemetryEnabled = Boolean.parseBoolean(formData.get(ConfigGuideFormField.PARAM_TELEMETRY_ENABLE));
        storedConfiguration.writeSetting(PwmSetting.PUBLISH_STATS_ENABLE, null, new BooleanValue(telemetryEnabled), null);
        final String siteDescription = formData.get(ConfigGuideFormField.PARAM_TELEMETRY_DESCRIPTION);
        storedConfiguration.writeSetting(PwmSetting.PUBLISH_STATS_SITE_DESCRIPTION, null, new StringValue(siteDescription), null);
    }
    // cr policy
    if (formData.containsKey(ConfigGuideFormField.CHALLENGE_RESPONSE_DATA)) {
        final String stringValue = formData.get(ConfigGuideFormField.CHALLENGE_RESPONSE_DATA);
        final StoredValue challengeValue = ChallengeValue.factory().fromJson(stringValue);
        storedConfiguration.writeSetting(PwmSetting.CHALLENGE_RANDOM_CHALLENGES, "default", challengeValue, null);
    }
    // set site url
    storedConfiguration.writeSetting(PwmSetting.PWM_SITE_URL, new StringValue(formData.get(ConfigGuideFormField.PARAM_APP_SITEURL)), null);
    // enable debug mode
    storedConfiguration.writeSetting(PwmSetting.DISPLAY_SHOW_DETAILED_ERRORS, null, new BooleanValue(true), null);
    return storedConfiguration;
}
Also used : FileValue(password.pwm.config.value.FileValue) StoredConfigurationImpl(password.pwm.config.stored.StoredConfigurationImpl) StoredValue(password.pwm.config.StoredValue) UserPermissionValue(password.pwm.config.value.UserPermissionValue) X509CertificateValue(password.pwm.config.value.X509CertificateValue) PasswordValue(password.pwm.config.value.PasswordValue) BooleanValue(password.pwm.config.value.BooleanValue) List(java.util.List) StringValue(password.pwm.config.value.StringValue) StringArrayValue(password.pwm.config.value.StringArrayValue) UserPermission(password.pwm.config.value.data.UserPermission)

Aggregations

UserPermission (password.pwm.config.value.data.UserPermission)17 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)7 ArrayList (java.util.ArrayList)6 List (java.util.List)6 ErrorInformation (password.pwm.error.ErrorInformation)6 UserIdentity (password.pwm.bean.UserIdentity)3 Configuration (password.pwm.config.Configuration)3 PwmSetting (password.pwm.config.PwmSetting)3 PwmOperationalException (password.pwm.error.PwmOperationalException)3 TreeMap (java.util.TreeMap)2 Element (org.jdom2.Element)2 Permission (password.pwm.Permission)2 PwmApplication (password.pwm.PwmApplication)2 PwmPasswordPolicy (password.pwm.config.profile.PwmPasswordPolicy)2 FormConfiguration (password.pwm.config.value.data.FormConfiguration)2 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)2 UserSearchEngine (password.pwm.ldap.search.UserSearchEngine)2 ChaiChallengeSet (com.novell.ldapchai.cr.ChaiChallengeSet)1 ChallengeSet (com.novell.ldapchai.cr.ChallengeSet)1 ChaiConfiguration (com.novell.ldapchai.provider.ChaiConfiguration)1