public Response getGroup(String identifier) throws SCIMException { log.debug("Calling SCIM REST method getGroup by id {}", identifier); if (identifier == null) { throw new NullPointerException("identifier is null"); } try { Group perunGroup = perunBl.getGroupsManagerBl().getGroupById(session, Integer.parseInt(identifier)); ObjectMapper mapper = new ObjectMapper(); return Response.ok(mapper.writeValueAsString(mapPerunGroupToScimGroup(perunGroup))).build(); } catch (InternalErrorException ex) { log.warn("Internal exception occured while getting group with id {}.", identifier); return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); } catch (GroupNotExistsException ex) { log.warn("Group with id {} does not exists.", identifier); return Response.status(Response.Status.NOT_FOUND).build(); } catch (IOException ex) { throw new SCIMException("Cannot convert group resource to json string", ex); } }
/** * Check members states in groups from given Vos. * * @param vos vos * @throws InternalErrorException internal error */ private void checkGroupMembersState(List<Vo> vos) throws InternalErrorException { List<Group> allGroups = new ArrayList<>(); for (Vo vo : vos) { allGroups.addAll(perun.getGroupsManagerBl().getGroups(sess, vo)); } Calendar today = Calendar.getInstance(); // remove member groups allGroups = allGroups.stream() .filter(group -> !group.getName().equals("members")) .collect(Collectors.toList()); for (Group group : allGroups) { // check members which should expire today checkGroupMemberExpiration(group, today); // check members which should be validated today checkGroupMemberValidation(group, today); } }
return perun.getGroupsManagerBl().getDirectMemberGroupStatus(sess, member, group).equals(MemberGroupStatus.VALID); } catch (InternalErrorException e) { log.error("Synchronizer: checkGroupMemberExpiration failed to read member's state in group. Member: {}, Group: {}, Exception: {}", member, group, e); .forEach(member -> { try { perun.getGroupsManagerBl().expireMemberInGroup(sess, member, group); log.info("Switching {} in {} to EXPIRED state, due to expiration {}.", member, group, perun.getAttributesManagerBl().getAttribute(sess, member, group, "urn:perun:member_group:attribute-def:def:membershipExpiration").getValue()); } catch (InternalErrorException e) {
return perun.getGroupsManagerBl().getDirectMemberGroupStatus(sess, member, group).equals(MemberGroupStatus.EXPIRED); } catch (InternalErrorException e) { log.error("Synchronizer: checkGroupMemberExpiration failed to read member's state in group. Member: {}, Group: {}, Exception: {}", member, group, e); .forEach(member -> { try { perun.getGroupsManagerBl().validateMemberInGroup(sess, member, group); log.info("Switching {} in {} to VALID state, due to changed expiration {}.", member, group, perun.getAttributesManagerBl().getAttribute(sess, member, group, "urn:perun:member_group:attribute-def:def:membershipExpiration").getValue()); } catch (InternalErrorException e) {
/** * Return all members of specific group. . * * @param group group specific group * @return group members of group * @throws VOOTException cannot read members of group */ private List<Member> getGroupMembers(Group group) throws VOOTException { List<Member> members = new ArrayList<Member>(); try { if (!perun.getGroupsManagerBl().isUserMemberOfGroup(session, user, group)) { // if not group member, check authorization in Entry members = perun.getGroupsManager().getGroupMembers(session, group); } else { members = perun.getGroupsManagerBl().getGroupMembers(session, group); } } catch (InternalErrorException ex){ throw new VOOTException("internal_server_error"); } catch (PrivilegeException ex) { throw new VOOTException("insufficient_privileges"); } catch (GroupNotExistsException ex) { throw new VOOTException("group_not_exists"); } return members; }
/** * Return group by name, which is consist of short name of VO, short name of parents group and short name of current group, e.g. 'vo1:group1:group2'. * * @param name name of group, e.g. 'vo1:group1:group2' * @return group * @throws VOOTException if can not read group */ private Group getGroupByName(String name) throws VOOTException{ String voName = name.split(":")[0]; Vo vo = null; try{ vo = perun.getVosManagerBl().getVoByShortName(session, voName); }catch(InternalErrorException ex){ throw new VOOTException("internal_server_error"); }catch(VoNotExistsException ex){ throw new VOOTException("internal_server_error", "vo not exists"); } Group group = null; try{ group = perun.getGroupsManagerBl().getGroupByName(session, vo, name.substring(name.indexOf(":")+1, name.length())); }catch(GroupNotExistsException ex){ throw new VOOTException("internal_server_error", "group not exists"); }catch(InternalErrorException ex){ throw new VOOTException("internal_server_error"); } return group; }
/** * This method creates groups used by VOOT, that are represented to end-user. They are created from groups by provider. * * @param groups groups from provider * @return array of groups, that are represented to end-user * @throws VOOTException if can not read groups by provider */ private VOOTGroup[] createVOOTGroups(List<Group> groups) throws VOOTException{ GroupsManagerBl groupManager = perun.getGroupsManagerBl(); VOOTGroup[] vootGroups = new VOOTGroup[groups.size()]; int i=0; for(Group group : groups){ String vootMembership; try{ if(groupManager.getAdmins(session, group).contains(user)){ vootMembership = "admin"; } else{ vootMembership = "member"; } vootGroups[i] = new VOOTGroup (group, groupManager.getVo(session, group).getShortName(), vootMembership); i++; }catch(InternalErrorException ex){ throw new VOOTException("internal_server_error"); } } return vootGroups; }
/** * Return groups that user is member of. * * @return groups that user is member of * @throws VOOTException if the can not read groups of user */ private List<Group> isMemberOf() throws VOOTException{ List<Group> groups = new ArrayList<Group>(); List<Vo> vos = new ArrayList<Vo>(); try{ vos.addAll(perun.getUsersManagerBl().getVosWhereUserIsMember(session, user)); }catch(InternalErrorException ex){ throw new VOOTException("internal_server_error"); } try{ for (Vo vo : vos) { Member member = perun.getMembersManagerBl().getMemberByUser(session, vo, user); groups.addAll(perun.getGroupsManagerBl().getAllMemberGroups(session, member)); } }catch(InternalErrorException ex){ throw new VOOTException("internal_server_error"); }catch(MemberNotExistsException ex){ throw new VOOTException("not_a_member"); } return groups; }
private GroupSCIM mapPerunGroupToScimGroup(Group perunGroup) { List<String> schemas = new ArrayList<>(); schemas.add(URN_GROUP); GroupSCIM result = new GroupSCIM(); result.setSchemas(schemas); result.setDisplayName(perunGroup.getName()); result.setId(new Long(perunGroup.getId())); try { List<Member> perunGroupMembers = perunBl.getGroupsManagerBl().getGroupMembers(session, perunGroup); result.setMembers(mapPerunMembersToScimMembers(perunGroupMembers)); } catch (InternalErrorException ex) { log.error("Cannot obtain members of group " + perunGroup.getId() + " in VO " + perunGroup.getVoId(), ex); } return result; }
groups = perun.getGroupsManagerBl().getGroups(perunSession, vo); members = perun.getGroupsManagerBl().getGroupMembers(perunSession, group, Status.VALID); writer.write(cn + '\n'); writer.write(perunUniqueGroupName + '\n');
Group group = perun.getGroupsManagerBl().getGroupById(session, groupId); List<Member> groupMembers = perun.getGroupsManagerBl().getGroupMembers(session, group); if (groupMembers != null) { for (Member member : groupMembers) {
if(perun.getGroupsManagerBl().getAdmins(session, group).contains(userOfMember)){ vootMembership = "admin"; }else{
membersOfPerunVo.add("memberOfPerunVo: " + member.getVoId()); List<Group> groups; groups = perun.getGroupsManagerBl().getAllMemberGroups(perunSession, member); for(Group group: groups) { membersOf.add("memberOf: " + "perunGroupId=" + group.getId() + ",perunVoId=" + group.getVoId() + "," + ldapBase);