|
|
|
@ -18,16 +18,15 @@ import javax.naming.directory.SearchControls;
|
|
|
|
|
import javax.naming.directory.SearchResult;
|
|
|
|
|
|
|
|
|
|
import org.gcube.common.portal.PortalContext;
|
|
|
|
|
import org.gcube.portal.custom.communitymanager.OrganizationsUtil;
|
|
|
|
|
import org.gcube.vomanagement.usermanagement.GroupManager;
|
|
|
|
|
import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager;
|
|
|
|
|
import org.gcube.vomanagement.usermanagement.model.GCubeGroup;
|
|
|
|
|
import org.slf4j.Logger;
|
|
|
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
|
|
|
|
|
|
import com.liferay.portal.kernel.cache.CacheRegistryUtil;
|
|
|
|
|
import com.liferay.portal.kernel.exception.PortalException;
|
|
|
|
|
import com.liferay.portal.kernel.exception.SystemException;
|
|
|
|
|
import com.liferay.portal.model.Organization;
|
|
|
|
|
import com.liferay.portal.model.User;
|
|
|
|
|
import com.liferay.portal.service.OrganizationLocalServiceUtil;
|
|
|
|
|
import com.liferay.portal.service.UserLocalServiceUtil;
|
|
|
|
|
|
|
|
|
|
public class LDAPSync implements Runnable {
|
|
|
|
@ -56,22 +55,15 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
*
|
|
|
|
|
* @return the Liferay mapped as Root Organization
|
|
|
|
|
*/
|
|
|
|
|
private Organization getRootVO() {
|
|
|
|
|
String rootVoName = PortalContext.getConfiguration().getInfrastructureName();
|
|
|
|
|
_log.debug("Root organization name found: " + rootVoName);
|
|
|
|
|
|
|
|
|
|
//start of iteration of the actual groups
|
|
|
|
|
List<Organization> organizations;
|
|
|
|
|
private GCubeGroup getRootVO() {
|
|
|
|
|
try {
|
|
|
|
|
organizations = OrganizationLocalServiceUtil.getOrganizations(0, OrganizationLocalServiceUtil.getOrganizationsCount());
|
|
|
|
|
for (Organization organization : organizations) {
|
|
|
|
|
if (organization.getName().equals(rootVoName)) {
|
|
|
|
|
return organization;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
catch (SystemException e) {
|
|
|
|
|
_log.error("There were problems retrieving root organization", e);
|
|
|
|
|
GroupManager gm = new LiferayGroupManager();
|
|
|
|
|
String rootVoName = gm.getRootVOName();
|
|
|
|
|
_log.debug("Root organization name found: " + rootVoName);
|
|
|
|
|
return gm.getGroup(gm.getGroupIdFromInfrastructureScope("/"+rootVoName));
|
|
|
|
|
}
|
|
|
|
|
catch (Exception e) {
|
|
|
|
|
_log.error("There were problems retrieving root VO group", e);
|
|
|
|
|
}
|
|
|
|
|
_log.error("Could not find any root organization");
|
|
|
|
|
return null;
|
|
|
|
@ -91,7 +83,7 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
e1.printStackTrace();
|
|
|
|
|
}
|
|
|
|
|
_log.debug("Reading Portal Organizations ...");
|
|
|
|
|
Organization rootVO = getRootVO();
|
|
|
|
|
GCubeGroup rootVO = getRootVO();
|
|
|
|
|
|
|
|
|
|
_log.debug("Initializing LDAP exporter ...");
|
|
|
|
|
|
|
|
|
@ -107,7 +99,7 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
createUsersOrganizationalUnit(ctx);
|
|
|
|
|
|
|
|
|
|
//crate or update the whole list of organizations (objectClass=organizationalUnit, ou="+orgName+",dc=d4science,dc=org) and groups ( objectClass=top and POSIXGroup)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
updateGroups(ctx, rootVO);
|
|
|
|
|
//and update the users list
|
|
|
|
|
exportSingleUsers(ctx, env, users);
|
|
|
|
@ -119,7 +111,7 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
es.printStackTrace();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* create the following: ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org
|
|
|
|
|
* @param ctx
|
|
|
|
@ -163,18 +155,18 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
* @throws NamingException
|
|
|
|
|
* @throws SystemException
|
|
|
|
|
*/
|
|
|
|
|
private void updateGroups(DirContext ctx, Organization root) throws NamingException, SystemException {
|
|
|
|
|
String subCtx = getOrgSubContext(root.getName());
|
|
|
|
|
private void updateGroups(DirContext ctx, GCubeGroup root) throws NamingException, SystemException {
|
|
|
|
|
String subCtx = getOrgSubContext(root.getGroupName());
|
|
|
|
|
if (!checkIfLDAPOrganizationalUnitExists(ctx, subCtx))
|
|
|
|
|
createOrganizationalUnit(ctx, subCtx);
|
|
|
|
|
for (Organization org : root.getSuborganizations()) {
|
|
|
|
|
String orgSubCtx = "ou="+org.getName()+","+subCtx;
|
|
|
|
|
for (GCubeGroup vo : root.getChildren()) {
|
|
|
|
|
String orgSubCtx = "ou="+vo.getGroupName()+","+subCtx;
|
|
|
|
|
if (!checkIfLDAPOrganizationalUnitExists(ctx, orgSubCtx))
|
|
|
|
|
createOrganizationalUnit(ctx, orgSubCtx);
|
|
|
|
|
for (Organization vre : org.getSuborganizations()) {
|
|
|
|
|
String vreSubCtx = "cn="+vre.getName()+","+orgSubCtx;
|
|
|
|
|
for (GCubeGroup vre : vo.getChildren()) {
|
|
|
|
|
String vreSubCtx = "cn="+vre.getGroupName()+","+orgSubCtx;
|
|
|
|
|
if (!checkIfLDAPGroupExists(ctx, vreSubCtx))
|
|
|
|
|
createGroupVRE(ctx, vreSubCtx, vre.getName());
|
|
|
|
|
createGroupVRE(ctx, vreSubCtx, vre.getGroupName());
|
|
|
|
|
//update the list of users in such VRE
|
|
|
|
|
updateUsersInGroup(ctx, vreSubCtx, vre);
|
|
|
|
|
}
|
|
|
|
@ -188,8 +180,8 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
* @throws NamingException
|
|
|
|
|
* @throws SystemException
|
|
|
|
|
*/
|
|
|
|
|
private void updateUsersInGroup(DirContext ctx, String vreSubCtx, Organization vre) throws NamingException, SystemException {
|
|
|
|
|
List<User> users = UserLocalServiceUtil.getOrganizationUsers(vre.getOrganizationId());
|
|
|
|
|
private void updateUsersInGroup(DirContext ctx, String vreSubCtx, GCubeGroup vre) throws NamingException, SystemException {
|
|
|
|
|
List<User> users = UserLocalServiceUtil.getGroupUsers(vre.getGroupId());
|
|
|
|
|
for (User userObj : users) {
|
|
|
|
|
String user = userObj.getScreenName();
|
|
|
|
|
try {
|
|
|
|
@ -211,7 +203,7 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
private void exportSingleUsers(DirContext ctx, Properties env, List<User> users) throws NamingException {
|
|
|
|
|
for (User user : users) {
|
|
|
|
|
updateUserInLDAP(user.getScreenName(), user.getFirstName(), user.getLastName(), user.getFullName(), user.getEmailAddress(), "{SHA}"+user.getPassword(), ctx, filter);
|
|
|
|
|
//_log.debug("Updated " + user.getScreenName());
|
|
|
|
|
_log.debug("Updated " + user.getScreenName());
|
|
|
|
|
}
|
|
|
|
|
_log.debug("LDAP Users Sync cycle done");
|
|
|
|
|
if (! users.isEmpty())
|
|
|
|
@ -322,7 +314,7 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
* @param username
|
|
|
|
|
* @param ctx
|
|
|
|
|
* @param filter
|
|
|
|
|
* @return true if exists
|
|
|
|
|
* @return true if exists
|
|
|
|
|
*/
|
|
|
|
|
private boolean checkIfLDAPUserExists(String username, DirContext ctx, String filter) {
|
|
|
|
|
SearchControls ctls = new SearchControls();
|
|
|
|
@ -361,7 +353,7 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
Attribute userPassword = new BasicAttribute("userPassword");
|
|
|
|
|
Attribute gidNumber = new BasicAttribute("gidNumber");
|
|
|
|
|
Attribute homeDirectory = new BasicAttribute("homeDirectory");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
givenName.add(name);
|
|
|
|
|
cn.add(fullName);
|
|
|
|
@ -370,7 +362,7 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
userPassword.add(passwd);
|
|
|
|
|
gidNumber.add(DEFAULT_GID_NUMBER);
|
|
|
|
|
homeDirectory.add("/home/"+username);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
attributes.put(givenName);
|
|
|
|
|
attributes.put(cn);
|
|
|
|
|
attributes.put(sn);
|
|
|
|
@ -378,7 +370,7 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
attributes.put(userPassword);
|
|
|
|
|
attributes.put(gidNumber);
|
|
|
|
|
attributes.put(homeDirectory);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (checkIfLDAPUserExists(username, ctx, filter)) {
|
|
|
|
@ -407,14 +399,12 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
private List<User> getAllLiferayUsers() {
|
|
|
|
|
String infraName = PortalContext.getConfiguration().getInfrastructureName();
|
|
|
|
|
_log.info("TRY Reading non chached users belonging to: /" + infraName);
|
|
|
|
|
|
|
|
|
|
List<User> toReturn = new ArrayList<User>();
|
|
|
|
|
Organization rootInfra;
|
|
|
|
|
try {
|
|
|
|
|
CacheRegistryUtil.clear(); //needed to avoid cache use by liferay API
|
|
|
|
|
rootInfra = OrganizationLocalServiceUtil.getOrganization(OrganizationsUtil.getCompany().getCompanyId(), infraName);
|
|
|
|
|
toReturn = UserLocalServiceUtil.getOrganizationUsers(rootInfra.getOrganizationId());
|
|
|
|
|
} catch (PortalException | SystemException e) {
|
|
|
|
|
long groupId = new LiferayGroupManager().getGroupIdFromInfrastructureScope("/" + infraName);
|
|
|
|
|
toReturn = UserLocalServiceUtil.getGroupUsers(groupId);
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
_log.error("Error during LDAP Sync, could not retrieve users from LR DB: " + e.getMessage());
|
|
|
|
|
}
|
|
|
|
|
return toReturn;
|
|
|
|
@ -431,7 +421,7 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
return toReturn;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private boolean checkIfPosixUidNumberExists(DirContext ctx, int numberToCheck) {
|
|
|
|
|
SearchControls ctls = new SearchControls();
|
|
|
|
|
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
|
|
|
|
|