List<String> list = StringUtil.split(rs.getString("PROFILES"), ","); Set<String> profiles = (list == null) ? null : new HashSet<>(list); MgmtEntry.CaHasUser caHasUser = new MgmtEntry.CaHasUser(new NameId(existingId, user)); caHasUser.setPermission(rs.getInt("PERMISSION")); caHasUser.setProfiles(profiles);
@Override protected Object execute0() throws Exception { MgmtEntry.User userEntry = caManager.getUser(name); if (userEntry == null) { throw new CmdFailure("no user named '" + name + "' is configured"); } StringBuilder sb = new StringBuilder(); sb.append(userEntry); Map<String, MgmtEntry.CaHasUser> caHasUsers = caManager.getCaHasUsersForUser(name); for (String ca : caHasUsers.keySet()) { MgmtEntry.CaHasUser entry = caHasUsers.get(ca); sb.append("\n----- CA ").append(ca).append("-----"); sb.append("\nprofiles: ").append(entry.getProfiles()); sb.append("\npermission: ").append(entry.getPermission()); } println(sb.toString()); return null; }
String userName = user.getUserIdent().getName(); MgmtEntry.CaHasUser userB = null; if (usersB != null) { for (MgmtEntry.CaHasUser m : usersB) { if (m.getUserIdent().getName().equals(userName)) { userB = m; break; if (user.equals(userB, ignoreId)) { LOG.info("ignored adding user {} to CA {}", userName, caName); } else {
String username = m.getUserIdent().getName(); CaConfType.CaHasUser chu = new CaConfType.CaHasUser(); chu.setUserName(username); chu.setProfiles(new ArrayList<>(m.getProfiles())); chu.setPermissions(getPermissions(m.getPermission())); ca.getUsers().add(chu);
caHasUsers = new LinkedList<>(); for (CaConfType.CaHasUser req : m.getUsers()) { MgmtEntry.CaHasUser en = new MgmtEntry.CaHasUser(new NameId(null, req.getUserName())); en.setPermission(getIntPermission(req.getPermissions())); if (req.getProfiles() != null && !req.getProfiles().isEmpty()) { en.setProfiles(new HashSet<>(req.getProfiles()));
Args.notNull(ca, "ca"); final NameId userIdent = user.getUserIdent(); Integer existingId = getIdForName(sqlSelectUserId, userIdent.getName()); if (existingId == null) { ps.setInt(idx++, ca.getId()); ps.setInt(idx++, userIdent.getId()); ps.setInt(idx++, user.getPermission()); String profilesText = StringUtil.collectionAsString(user.getProfiles(), ","); ps.setString(idx++, profilesText); userIdent, ca, user.getPermission(), profilesText); } catch (SQLException ex) { throw new CaMgmtException(datasource.translate(sql, ex));
Set<String> profiles = (list == null) ? null : new HashSet<>(list); MgmtEntry.CaHasUser caHasUser = new MgmtEntry.CaHasUser(new NameId(null, rs.getString("NAME"))); caHasUser.setPermission(rs.getInt("PERMISSION")); caHasUser.setProfiles(profiles);
public MgmtEntry.CaHasUser getCaHasUser(NameId ca, NameId user) throws OperationException { final String sql = sqlCaHasUser; ResultSet rs = null; PreparedStatement ps = borrowPreparedStatement(sql); try { ps.setInt(1, ca.getId()); ps.setInt(2, user.getId()); rs = ps.executeQuery(); if (!rs.next()) { return null; } List<String> list = StringUtil.split(rs.getString("PROFILES"), ","); Set<String> profiles = (list == null) ? null : new HashSet<>(list); MgmtEntry.CaHasUser entry = new MgmtEntry.CaHasUser(user); entry.setPermission(rs.getInt("PERMISSION")); entry.setProfiles(profiles); return entry; } catch (SQLException ex) { throw new OperationException(DATABASE_FAILURE, datasource.translate(sql, ex).getMessage()); } finally { datasource.releaseResources(ps, rs); } }
@Override protected Object execute0() throws Exception { MgmtEntry.CaHasUser entry = new MgmtEntry.CaHasUser(new NameId(null, userName)); entry.setProfiles(profiles); int intPermission = ShellUtil.getPermission(permissions); entry.setPermission(intPermission); String msg = "user " + userName + " to CA " + caName; try { caManager.addUserToCa(entry, caName); println("added " + msg); return null; } catch (CaMgmtException ex) { throw new CmdFailure("could not add " + msg + ", error: " + ex.getMessage(), ex); } }
public int getUserId() { return caHasUser.getUserIdent().getId(); }
private static void checkUserPermission(ByUserRequestorInfo requestor, String certprofile) throws OperationException { int permission = PermissionConstants.ENROLL_CERT; if (!requestor.isPermitted(permission)) { throw new OperationException(ErrorCode.NOT_PERMITTED, PermissionConstants.getTextForCode(permission) + " is not permitted for user " + requestor.getCaHasUser().getUserIdent().getName()); } if (!requestor.isCertprofilePermitted(certprofile)) { throw new OperationException(ErrorCode.NOT_PERMITTED, "Certificate profile " + certprofile + " is not permitted for user " + requestor.getCaHasUser().getUserIdent().getName()); } }
@Override public boolean isPermitted(int permission) { return PermissionConstants.contains(caHasUser.getPermission(), permission); }
@Override public boolean isCertprofilePermitted(String certprofile) { Set<String> profiles = caHasUser.getProfiles(); if (CollectionUtil.isEmpty(profiles)) { return false; } return profiles.contains("all") || profiles.contains(certprofile.toLowerCase()); }
@Override public boolean equals(Object obj) { if (this == obj) { return true; } else if (!(obj instanceof CaHasUser)) { return false; } return equals((CaHasUser) obj, false); }