@Override protected AnyTO getAnyTO(final String key) { return groupDataBinder.getGroupTO(key); }
groupDataBinder.findUsersWithTransitiveResources(key).entrySet(). forEach(entry -> { taskInfos.addAll(propagationManager.getDeleteTasks( excludedResources)); }); groupDataBinder.findAnyObjectsWithTransitiveResources(key).entrySet(). forEach(entry -> { taskInfos.addAll(propagationManager.getDeleteTasks(
@PreAuthorize("isAuthenticated()") public TypeExtensionTO readTypeExtension(final String groupName) { Group group = groupDAO.findByName(groupName); if (group == null) { throw new NotFoundException("Group " + groupName); } Optional<? extends TypeExtension> typeExt = group.getTypeExtension(anyTypeDAO.findUser()); if (!typeExt.isPresent()) { throw new NotFoundException("TypeExtension in " + groupName + " for users"); } return groupDataBinder.getTypeExtensionTO(typeExt.get()); }
: groupDataBinder.findUsersWithTransitiveResources(key).entrySet()) { excludedResources)); groupDataBinder.findAnyObjectsWithTransitiveResources(key).forEach((k, pbr) -> { taskInfos.addAll(getPropagationManager().getDeleteTasks( AnyTypeKind.ANY_OBJECT,
@Override protected AnyTO getAnyTO(final String key) { return groupDataBinder.getGroupTO(key); }
@PreAuthorize("hasRole('" + StandardEntitlement.GROUP_READ + "')") @Transactional(readOnly = true) @Override public GroupTO read(final String key) { return binder.getGroupTO(key); }
@PreAuthorize("isAuthenticated() and not(hasRole('" + StandardEntitlement.ANONYMOUS + "'))") @Transactional(readOnly = true) public List<GroupTO> own() { if (adminUser.equals(AuthContextUtils.getUsername())) { return Collections.emptyList(); } return userDAO.findAllGroups(userDAO.findByUsername(AuthContextUtils.getUsername())).stream(). map(group -> binder.getGroupTO(group, true)).collect(Collectors.toList()); }
@PreAuthorize("hasRole('" + StandardEntitlement.GROUP_SEARCH + "')") @Transactional(readOnly = true) @Override public Pair<Integer, List<GroupTO>> search( final SearchCond searchCond, final int page, final int size, final List<OrderByClause> orderBy, final String realm, final boolean details) { int count = searchDAO.count( RealmUtils.getEffective(SyncopeConstants.FULL_ADMIN_REALMS, realm), searchCond == null ? groupDAO.getAllMatchingCond() : searchCond, AnyTypeKind.GROUP); List<Group> matching = searchDAO.search( RealmUtils.getEffective(SyncopeConstants.FULL_ADMIN_REALMS, realm), searchCond == null ? groupDAO.getAllMatchingCond() : searchCond, page, size, orderBy, AnyTypeKind.GROUP); List<GroupTO> result = matching.stream(). map(group -> binder.getGroupTO(group, details)).collect(Collectors.toList()); return Pair.of(count, result); }
@PreAuthorize("hasRole('" + StandardEntitlement.GROUP_CREATE + "')") public ProvisioningResult<GroupTO> create(final GroupTO groupTO, final boolean nullPriorityAsync) { Pair<GroupTO, List<LogicActions>> before = beforeCreate(groupTO); if (before.getLeft().getRealm() == null) { throw SyncopeClientException.build(ClientExceptionType.InvalidRealm); } Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_CREATE), before.getLeft().getRealm()); securityChecks(effectiveRealms, before.getLeft().getRealm(), null); Pair<String, List<PropagationStatus>> created = provisioningManager.create(before.getLeft(), nullPriorityAsync); return afterCreate(binder.getGroupTO(created.getKey()), created.getRight(), before.getRight()); }
@PreAuthorize("hasRole('" + StandardEntitlement.GROUP_DELETE + "')") @Override public ProvisioningResult<GroupTO> delete(final String key, final boolean nullPriorityAsync) { GroupTO group = binder.getGroupTO(key); Pair<GroupTO, List<LogicActions>> before = beforeDelete(group); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_DELETE), before.getLeft().getRealm()); securityChecks(effectiveRealms, before.getLeft().getRealm(), before.getLeft().getKey()); List<Group> ownedGroups = groupDAO.findOwnedByGroup(before.getLeft().getKey()); if (!ownedGroups.isEmpty()) { SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.GroupOwnership); sce.getElements().addAll(ownedGroups.stream(). map(g -> g.getKey() + " " + g.getName()).collect(Collectors.toList())); throw sce; } List<PropagationStatus> statuses = provisioningManager.delete(before.getLeft().getKey(), nullPriorityAsync); GroupTO groupTO = new GroupTO(); groupTO.setKey(before.getLeft().getKey()); return afterDelete(groupTO, statuses, before.getRight()); }
@PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')") @Override public ProvisioningResult<GroupTO> deprovision( final String key, final Collection<String> resources, final boolean nullPriorityAsync) { // security checks GroupTO group = binder.getGroupTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_UPDATE), group.getRealm()); securityChecks(effectiveRealms, group.getRealm(), group.getKey()); List<PropagationStatus> statuses = provisioningManager.deprovision(key, resources, nullPriorityAsync); ProvisioningResult<GroupTO> result = new ProvisioningResult<>(); result.setEntity(binder.getGroupTO(key)); result.getPropagationStatuses().addAll(statuses); return result; }
@PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')") @Override public GroupTO unlink(final String key, final Collection<String> resources) { // security checks GroupTO group = binder.getGroupTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_UPDATE), group.getRealm()); securityChecks(effectiveRealms, group.getRealm(), group.getKey()); GroupPatch patch = new GroupPatch(); patch.setKey(key); patch.getResources().addAll(resources.stream(). map(resource -> new StringPatchItem.Builder().operation(PatchOperation.DELETE).value(resource).build()). collect(Collectors.toList())); patch.setUDynMembershipCond(group.getUDynMembershipCond()); patch.getADynMembershipConds().putAll(group.getADynMembershipConds()); return binder.getGroupTO(provisioningManager.unlink(patch)); }
@PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')") @Override public ProvisioningResult<GroupTO> update(final GroupPatch groupPatch, final boolean nullPriorityAsync) { GroupTO groupTO = binder.getGroupTO(groupPatch.getKey()); Set<String> dynRealmsBefore = new HashSet<>(groupTO.getDynRealms()); Pair<GroupPatch, List<LogicActions>> before = beforeUpdate(groupPatch, groupTO.getRealm()); String realm = before.getLeft().getRealm() != null && StringUtils.isNotBlank(before.getLeft().getRealm().getValue()) ? before.getLeft().getRealm().getValue() : groupTO.getRealm(); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_UPDATE), realm); boolean authDynRealms = securityChecks(effectiveRealms, realm, before.getLeft().getKey()); Pair<GroupPatch, List<PropagationStatus>> updated = provisioningManager.update(groupPatch, nullPriorityAsync); return afterUpdate( binder.getGroupTO(updated.getLeft().getKey()), updated.getRight(), before.getRight(), authDynRealms, dynRealmsBefore); }
@PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')") @Override public ProvisioningResult<GroupTO> provision( final String key, final Collection<String> resources, final boolean changePwd, final String password, final boolean nullPriorityAsync) { // security checks GroupTO group = binder.getGroupTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_UPDATE), group.getRealm()); securityChecks(effectiveRealms, group.getRealm(), group.getKey()); List<PropagationStatus> statuses = provisioningManager.provision(key, resources, nullPriorityAsync); ProvisioningResult<GroupTO> result = new ProvisioningResult<>(); result.setEntity(binder.getGroupTO(key)); result.getPropagationStatuses().addAll(statuses); return result; }
@PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')") @Override public GroupTO link(final String key, final Collection<String> resources) { // security checks GroupTO group = binder.getGroupTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_UPDATE), group.getRealm()); securityChecks(effectiveRealms, group.getRealm(), group.getKey()); GroupPatch patch = new GroupPatch(); patch.setKey(key); patch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(resource).build()). collect(Collectors.toList())); patch.getADynMembershipConds().putAll(group.getADynMembershipConds()); patch.setUDynMembershipCond(group.getUDynMembershipCond()); return binder.getGroupTO(provisioningManager.link(patch)); }
Collections.singletonList(orderByClause), AnyTypeKind.GROUP); List<GroupTO> result = matching.stream(). map(group -> groupDataBinder.getGroupTO(group, false)).collect(Collectors.toList());
@Override protected GroupTO resolveReference(final Method method, final Object... args) throws UnresolvedReferenceException { String key = null; if (ArrayUtils.isNotEmpty(args)) { for (int i = 0; key == null && i < args.length; i++) { if (args[i] instanceof String) { key = (String) args[i]; } else if (args[i] instanceof GroupTO) { key = ((GroupTO) args[i]).getKey(); } else if (args[i] instanceof GroupPatch) { key = ((GroupPatch) args[i]).getKey(); } } } if (key != null) { try { return binder.getGroupTO(key); } catch (Throwable ignore) { LOG.debug("Unresolved reference", ignore); throw new UnresolvedReferenceException(ignore); } } throw new UnresolvedReferenceException(); } }
@PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')") @Override public ProvisioningResult<GroupTO> unassign( final String key, final Collection<String> resources, final boolean nullPriorityAsync) { // security checks GroupTO group = binder.getGroupTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_UPDATE), group.getRealm()); securityChecks(effectiveRealms, group.getRealm(), group.getKey()); GroupPatch patch = new GroupPatch(); patch.setKey(key); patch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.DELETE).value(resource).build()). collect(Collectors.toList())); patch.getADynMembershipConds().putAll(group.getADynMembershipConds()); patch.setUDynMembershipCond(group.getUDynMembershipCond()); return update(patch, nullPriorityAsync); }
@PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')") @Override public ProvisioningResult<GroupTO> assign( final String key, final Collection<String> resources, final boolean changepwd, final String password, final boolean nullPriorityAsync) { // security checks GroupTO group = binder.getGroupTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_UPDATE), group.getRealm()); securityChecks(effectiveRealms, group.getRealm(), group.getKey()); GroupPatch patch = new GroupPatch(); patch.setKey(key); patch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(resource).build()). collect(Collectors.toList())); patch.getADynMembershipConds().putAll(group.getADynMembershipConds()); patch.setUDynMembershipCond(group.getUDynMembershipCond()); return update(patch, nullPriorityAsync); }
GroupTO groupTO = groupDataBinder.getGroupTO(group, true);