public boolean isDeactivated(final LdapUser user) { return user.isDeactivated() || user.getOrganizationalUnit() != null && LdapUtils.getOu(user.getOrganizationalUnit()).contains(DEACTIVATED_SUB_CONTEXT) == true; }
void updateActivatedStatus(final DirContext ctx, final LdapUser user) throws NamingException { final String ou = LdapUtils.getOu(user.getOrganizationalUnit()); if (user.isDeactivated() == true) { if (ou.startsWith(DEACTIVATED_SUB_CONTEXT2) == true) { // User is already stored in deactivated context. Nothing to be done. return; } else { deactivateUser(ctx, user); } } else { if (ou.startsWith(DEACTIVATED_SUB_CONTEXT2) == false) { // User isn't stored in deactivated context. Nothing to be done. return; } else { reactivateUser(ctx, user); } } }
void updateRestrictedUserStatus(final DirContext ctx, final LdapUser user) throws NamingException if (user.isDeactivated() == true) {
private void setUserAsRestrictedUser(final DirContext ctx, final LdapUser user) throws NamingException { log.info("Move user to restricted sub context: " + buildDn(null, user)); if (user.isDeactivated() == true) { log.info("User is deactivated, thus the restricted-user-status is ignored: " + buildDn(null, user)); return; } final String ou = user.getOrganizationalUnit(); if (ou.startsWith(RESTRICTED_USER_SUB_CONTEXT2) == false) { // Move user to the sub-context "restricted". final String newOu = LdapUtils.getOu(RESTRICTED_USER_SUB_CONTEXT, user.getOrganizationalUnit()); move(ctx, user, newOu); user.setOrganizationalUnit(newOu); } }
/** * Calls super method and {@link #deactivateUser(DirContext, LdapUser)} if the given user is deactivated. If the given * user is deleted, nothing will be done. * * @see org.projectforge.business.ldap.LdapDao#create(javax.naming.directory.DirContext, org.projectforge.business.ldap.LdapObject, * java.lang.Object[]) */ @Override public void create(final DirContext ctx, final String ouBase, final LdapUser user, final Object... args) throws NamingException { if (user.isDeleted() == true) { log.info( "Given LDAP user is deleted, so the user will not be created in the LDAP system (nothing will be done)."); return; } super.create(ctx, ouBase, user, args); if (user.isDeactivated() == true) { deactivateUser(ctx, user); } else if (user.isRestrictedUser() == true) { // Deactivated users shouldn't be moved to restricted ou sub context. setUserAsRestrictedUser(ctx, user); } }
if (updatedLdapUser.isDeactivated()) { log.warn("User password for deactivated user is set: " + ldapUser); ldapUserDao.deactivateUser(ctx, updatedLdapUser);
user.setDeleted(true); if (ldapUser.isDeactivated() == true || ldapUserDao.isDeactivated(ldapUser) == true) { user.setDeactivated(true);