/** * @see org.projectforge.business.login.LoginHandler#checkLogin(java.lang.String, java.lang.String, boolean) */ @Override public LoginResult checkLogin(final String username, final String password) { final LoginResult loginResult = loginDefaultHandler.checkLogin(username, password); if (loginResult.getLoginResultStatus() != LoginResultStatus.SUCCESS) { return loginResult; } try { // User is now logged-in successfully. final LdapUser authLdapUser = ldapUserDao.authenticate(username, password, userBase); if (authLdapUser == null) { final PFUserDO user = loginResult.getUser(); final LdapUser ldapUser = pfUserDOConverter.convert(user); ldapUser.setOrganizationalUnit(userBase); log.info("User's credentials in LDAP not up-to-date: " + username + ". Updating LDAP entry..."); ldapUserDao.createOrUpdate(userBase, ldapUser); ldapUserDao.changePassword(ldapUser, null, password); // update the userPassword but not the (WLAN)sambaNTPassword } } catch (final Exception ex) { log.error("An exception occured while checking login against LDAP system (ignoring this error): " + ex.getMessage(), ex); } return loginResult; }
/** * Get all given uid numbers of all ProjectForge users including any deleted user and get the next highest and free * number. The number is 1000 if no uid number (with an value greater than 999) is found. */ public int getNextFreeUidNumber() { final Collection<PFUserDO> allUsers = getUserGroupCache().getAllUsers(); int currentMaxNumber = 999; for (final PFUserDO user : allUsers) { final LdapUserValues ldapUserValues = PFUserDOConverter.readLdapUserValues(user.getLdapValues()); if (ldapUserValues == null) { continue; } if (ldapUserValues.getUidNumber() != null && ldapUserValues.getUidNumber().intValue() > currentMaxNumber) { currentMaxNumber = ldapUserValues.getUidNumber(); } } return currentMaxNumber + 1; }
setMailNullArray(src); setMailNullArray(dest); boolean modified; final List<String> properties = new LinkedList<String>(); "deactivated", "restrictedUser"); if (ldapUserDao.isPosixAccountsConfigured() == true && isPosixAccountValuesEmpty(src) == false) { ListHelper.addAll(properties, "uidNumber", "gidNumber", "homeDirectory", "loginShell"); if (ldapUserDao.isSambaAccountsConfigured() == true && isSambaAccountValuesEmpty(src) == false) { ListHelper.addAll(properties, "sambaSIDNumber", "sambaPrimaryGroupSIDNumber", "sambaNTPassword"); if (ldapUserDao.isSambaAccountsConfigured() == true && isSambaAccountValuesEmpty(src) == false) { final long diffSambaPwdLastSet = dest.getSambaPwdLastSetAsUnixEpochSeconds() - src.getSambaPwdLastSetAsUnixEpochSeconds();
/** * @see org.projectforge.business.ldap.LdapDao#getAdditionalObjectClasses(org.projectforge.business.ldap.LdapObject) */ @Override protected String[] getAdditionalObjectClasses(final LdapUser obj) { final boolean posixAccount = isPosixAccountsConfigured() == true && PFUserDOConverter.isPosixAccountValuesEmpty(obj) == false; final boolean sambaAccount = isSambaAccountsConfigured() == true && PFUserDOConverter.isSambaAccountValuesEmpty(obj) == false; if (ALL_OBJECT_CLASSES == null) { initializeObjectClasses(); } if (posixAccount == true) { if (sambaAccount == true) { return ALL_OBJECT_CLASSES_WITH_SAMBA_AND_POSIX_ACCOUNT; } return ALL_OBJECT_CLASSES_WITH_POSIX_ACCOUNT; } if (sambaAccount == true) { return ALL_OBJECT_CLASSES_WITH_SAMBA_ACCOUNT; } return ALL_OBJECT_CLASSES; }
for (final LdapUser ldapUser : ldapUsers) { try { final PFUserDO user = pfUserDOConverter.convert(ldapUser); users.add(user); PFUserDO dbUser = getUser(dbUsers, user.getUsername()); continue; PFUserDOConverter.copyUserFields(user, dbUser); if (dbUser.isDeleted() == true) { userService.undelete(dbUser);
user.setFirstname(ldapUser.getGivenName()); user.setUsername(ldapUser.getUid()); user.setId(getId(ldapUser)); user.setOrganization(ldapUser.getOrganization()); user.setDescription(ldapUser.getDescription()); user.setRestrictedUser(true); if (isPosixAccountValuesEmpty(ldapUser) == false) { user.setLdapValues(getLdapValuesAsXml(ldapUser));
@Override public AbstractSecuredBasePage onSaveOrUpdate() { final PFUserDO passwordUser = form.getPasswordUser(); if (passwordUser != null) { getData().setPassword(passwordUser.getPassword()); getData().setPasswordSalt(passwordUser.getPasswordSalt()); userService.onPasswordChange(getData(), false); } getData().setPersonalPhoneIdentifiers(userService.getNormalizedPersonalPhoneIdentifiers(getData())); if (form.ldapUserValues.isValuesEmpty() == false) { final String xml = PFUserDOConverter.getLdapValuesAsXml(form.ldapUserValues); getData().setLdapValues(xml); } if (StringUtils.isNotEmpty(form.getWlanPassword())) { userService.onWlanPasswordChange(getData(), false); // persist new time, history is created by caller } return super.onSaveOrUpdate(); }
@Test public void copyLdapUser() { final LdapUser src = LdapTestUtils.createLdapUser("kai", "Kai", "Reinhard", "k.reinhard@acme.com", "Micromata", "Developer"); LdapUser dest = LdapTestUtils.createLdapUser("kai", "Kai", "Reinhard", "k.reinhard@acme.com", "Micromata", "Developer"); assertFalse(pfUserDOConverter.copyUserFields(src, dest)); LdapTestUtils.assertUser(src, "kai", "Kai", "Reinhard", "k.reinhard@acme.com", "Micromata", "Developer"); LdapTestUtils.assertUser(dest, "kai", "Kai", "Reinhard", "k.reinhard@acme.com", "Micromata", "Developer"); dest = new LdapUser(); assertTrue(pfUserDOConverter.copyUserFields(src, dest)); LdapTestUtils.assertUser(src, "kai", "Kai", "Reinhard", "k.reinhard@acme.com", "Micromata", "Developer"); LdapTestUtils.assertUser(dest, null, "Kai", "Reinhard", "k.reinhard@acme.com", "Micromata", "Developer"); assertTrue(pfUserDOConverter.copyUserFields(src, LdapTestUtils.createLdapUser("kai", "", "Reinhard", "k.reinhard@acme.com", "Micromata", "Developer"))); assertTrue(pfUserDOConverter.copyUserFields(src, LdapTestUtils.createLdapUser("kai", "", "Reinhard", "k.reinhard@acme.com", "Micromata", "Developer"))); assertTrue(pfUserDOConverter.copyUserFields(src, LdapTestUtils.createLdapUser("kai", "Kai", "", "k.reinhard@acme.com", "Micromata", "Developer"))); assertTrue(pfUserDOConverter.copyUserFields(src, LdapTestUtils.createLdapUser("kai", "Kai", "Reinhard", "", "Micromata", "Developer"))); assertTrue(pfUserDOConverter.copyUserFields(src, LdapTestUtils.createLdapUser("kai", "Kai", "Reinhard", "k.reinhard@acme.com", "", "Developer"))); assertTrue(pfUserDOConverter.copyUserFields(src, LdapTestUtils.createLdapUser("kai", "Kai", "Reinhard", "k.reinhard@acme.com", "Micromata", ""))); }
@Test public void setNullMailArray() { final LdapUser ldapUser = new LdapUser(); PFUserDOConverter.setMailNullArray(ldapUser); assertNull(ldapUser.getMail()); ldapUser.setMail(new String[1]); PFUserDOConverter.setMailNullArray(ldapUser); assertNull(ldapUser.getMail()); ldapUser.setMail(new String[2]); ldapUser.getMail()[1] = "Hurzel"; assertEquals(ldapUser.getMail()[1], "Hurzel"); }
public LdapUser convert(final PFUserDO user) { final LdapUser ldapUser = new LdapUser(); ldapUser.setSurname(user.getLastname()); ldapUser.setGivenName(user.getFirstname()); ldapUser.setUid(user.getUsername()); if (user.getId() != null) { ldapUser.setEmployeeNumber(buildEmployeeNumber(user)); } ldapUser.setOrganization(user.getOrganization()); ldapUser.setDescription(user.getDescription()); ldapUser.setMail(user.getEmail()); ldapUser.setDeleted(user.isDeleted()); ldapUser.setDeactivated(user.isDeactivated()); if (user.isDeactivated() == true) { ldapUser.setMail(LdapUserDao.DEACTIVATED_MAIL); } ldapUser.setRestrictedUser(user.isRestrictedUser()); setLdapValues(ldapUser, user.getLdapValues()); ldapUser.setSambaPwdLastSet(user.getLastWlanPasswordChange() != null ? user.getLastWlanPasswordChange() : user.getCreated()); return ldapUser; }
private Map<Integer, LdapUser> getUserMap(final Collection<LdapUser> users) { final Map<Integer, LdapUser> map = new HashMap<>(); if (users == null) { return map; } for (final LdapUser user : users) { final Integer id = PFUserDOConverter.getId(user); if (id != null) { map.put(id, user); } else { log.warn("Given ldap user has no id (employee number), ignoring user for group assignments: " + user); } } return map; }
private LdapUser getLdapUser(final List<LdapUser> ldapUsers, final PFUserDO user) { for (final LdapUser ldapUser : ldapUsers) { if (StringUtils.equals(ldapUser.getUid(), user.getUsername()) == true || StringUtils.equals(ldapUser.getEmployeeNumber(), PFUserDOConverter.buildEmployeeNumber(user)) == true) { return ldapUser; } } return null; }
user = pfUserDOConverter.convert(ldapUser); PFUserDOConverter.copyUserFields(pfUserDOConverter.convert(ldapUser), user); if (ldapConfig.isStorePasswords() == true) { userService.createEncryptedPassword(user, password);
return getLdapValuesAsXml(values);
createAndAddModificationItems(list, "cn", user.getCommonName()); final boolean modifyPosixAccount = isPosixAccountsConfigured() == true && PFUserDOConverter.isPosixAccountValuesEmpty(user) == false; final boolean modifySambaAccount = isSambaAccountsConfigured() == true && PFUserDOConverter.isSambaAccountValuesEmpty(user) == false; if (modifyPosixAccount == true || modifySambaAccount == true) { if (user.getObjectClasses() != null) {
@Test public void copy() { final PFUserDO src = createUser("kai", "Kai", "Reinhard", "k.reinhard@acme.com", "Micromata", "Developer"); PFUserDO dest = createUser("kai", "Kai", "Reinhard", "k.reinhard@acme.com", "Micromata", "Developer"); assertFalse(PFUserDOConverter.copyUserFields(src, dest)); assertUser(src, "kai", "Kai", "Reinhard", "k.reinhard@acme.com", "Micromata", "Developer"); assertUser(dest, "kai", "Kai", "Reinhard", "k.reinhard@acme.com", "Micromata", "Developer"); dest = new PFUserDO(); assertTrue(PFUserDOConverter.copyUserFields(src, dest)); assertUser(src, "kai", "Kai", "Reinhard", "k.reinhard@acme.com", "Micromata", "Developer"); assertUser(dest, "kai", "Kai", "Reinhard", "k.reinhard@acme.com", "Micromata", "Developer"); assertTrue(PFUserDOConverter.copyUserFields(src, createUser("", "Kai", "Reinhard", "k.reinhard@acme.com", "Micromata", "Developer"))); assertTrue(PFUserDOConverter.copyUserFields(src, createUser("kai", "", "Reinhard", "k.reinhard@acme.com", "Micromata", "Developer"))); assertTrue(PFUserDOConverter.copyUserFields(src, createUser("kai", "Kai", "", "k.reinhard@acme.com", "Micromata", "Developer"))); assertTrue( PFUserDOConverter.copyUserFields(src, createUser("kai", "Kai", "Reinhard", "", "Micromata", "Developer"))); assertTrue(PFUserDOConverter.copyUserFields(src, createUser("kai", "Kai", "Reinhard", "k.reinhard@acme.com", "", "Developer"))); assertTrue(PFUserDOConverter.copyUserFields(src, createUser("kai", "Kai", "Reinhard", "k.reinhard@acme.com", "Micromata", ""))); }
final boolean sambaConfigured = ldapConfig.getSambaAccountsConfig() != null; for (final PFUserDO user : users) { final LdapUser updatedLdapUser = pfUserDOConverter.convert(user); try { final LdapUser ldapUser = getLdapUser(ldapUsers, user); deleted++; } else { final boolean modified = pfUserDOConverter.copyUserFields(updatedLdapUser, ldapUser); if (StringUtils.equals(updatedLdapUser.getUid(), ldapUser.getUid()) == false) {
/** * Get all given uid numbers of all ProjectForge users including any deleted user and get the next highest and free * number. The number is 1000 if no uid number (with a value greater than 999) is found. */ public int getNextFreeSambaSIDNumber() { final Collection<PFUserDO> allUsers = getUserGroupCache().getAllUsers(); int currentMaxNumber = 999; for (final PFUserDO user : allUsers) { final LdapUserValues ldapUserValues = PFUserDOConverter.readLdapUserValues(user.getLdapValues()); if (ldapUserValues == null) { continue; } if (ldapUserValues.getSambaSIDNumber() != null && ldapUserValues.getSambaSIDNumber().intValue() > currentMaxNumber) { currentMaxNumber = ldapUserValues.getUidNumber(); } } return currentMaxNumber + 1; }
@Test public void testLdapValues() { PFUserDO user = new PFUserDO().setLdapValues(""); user.setUsername("kai"); LdapUser ldapUser = pfUserDOConverter.convert(user); LdapTestUtils.assertPosixAccountValues(ldapUser, null, null, null, null); user.setLdapValues("<values uidNumber=\"65535\" />"); ldapUser = pfUserDOConverter.convert(user); LdapTestUtils.assertPosixAccountValues(ldapUser, 65535, -1, "/home/kai", "/bin/bash"); ldapUser.setUidNumber(42).setGidNumber(1000).setHomeDirectory("/home/user").setLoginShell("/bin/ksh"); user = pfUserDOConverter.convert(ldapUser); ldapUser = pfUserDOConverter.convert(user); LdapTestUtils.assertPosixAccountValues(ldapUser, 42, 1000, "/home/user", "/bin/ksh"); assertEquals( "<values uidNumber=\"42\" gidNumber=\"1000\" homeDirectory=\"/home/user\" loginShell=\"/bin/ksh\"/>", user.getLdapValues()); } }
/** * For preventing double uidNumbers. * * @param user * @param uidNumber * @return Returns true if any user (also deleted user) other than the given user has the given uidNumber, otherwise * false. */ public boolean isGivenNumberFree(final PFUserDO currentUser, final int uidNumber) { final Collection<PFUserDO> allUsers = getUserGroupCache().getAllUsers(); for (final PFUserDO user : allUsers) { final LdapUserValues ldapUserValues = PFUserDOConverter.readLdapUserValues(user.getLdapValues()); if (ObjectUtils.equals(user.getId(), currentUser.getId()) == true) { // The current user may have the given uidNumber already, so ignore this entry. continue; } if (ldapUserValues != null && ldapUserValues.getUidNumber() != null && ldapUserValues.getUidNumber().intValue() == uidNumber) { // Number isn't free. log.info("The uidNumber (posix account) '" + uidNumber + "' is already occupied by user: " + user); return false; } } return true; }