Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
OATS-CADC
ac
Commits
cf0e8254
Commit
cf0e8254
authored
Nov 07, 2016
by
bmajor
Committed by
GitHub
Nov 07, 2016
Browse files
Merge pull request #14 from brianmajor/issue-10
Issue 10 - Full URI with authority in Group Model
parents
f6757bd1
7bd03087
Changes
34
Hide whitespace changes
Inline
Side-by-side
cadc-access-control-server/build.gradle
View file @
cf0e8254
...
...
@@ -13,7 +13,7 @@ repositories {
sourceCompatibility
=
1.7
group
=
'org.opencadc'
version
=
'1.
0.2
'
version
=
'1.
1.0
'
dependencies
{
compile
'log4j:log4j:1.2.+'
...
...
@@ -22,7 +22,7 @@ dependencies {
compile
'xerces:xercesImpl:2.+'
compile
'com.unboundid:unboundid-ldapsdk:2.3.+'
compile
'org.opencadc:cadc-access-control:1.+'
compile
'org.opencadc:cadc-access-control:1.
1.
+'
compile
'org.opencadc:cadc-util:1.+'
compile
'org.opencadc:cadc-log:1.+'
compile
'org.opencadc:cadc-registry:1.+'
...
...
cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/ldap/LdapGroupDAO.java
View file @
cf0e8254
...
...
@@ -69,6 +69,7 @@
package
ca.nrc.cadc.ac.server.ldap
;
import
java.lang.reflect.Field
;
import
java.net.URI
;
import
java.security.AccessControlException
;
import
java.util.ArrayList
;
import
java.util.Collection
;
...
...
@@ -79,18 +80,6 @@ import java.util.Set;
import
org.apache.log4j.Logger
;
import
ca.nrc.cadc.ac.ActivatedGroup
;
import
ca.nrc.cadc.ac.Group
;
import
ca.nrc.cadc.ac.GroupAlreadyExistsException
;
import
ca.nrc.cadc.ac.GroupNotFoundException
;
import
ca.nrc.cadc.ac.User
;
import
ca.nrc.cadc.ac.UserNotFoundException
;
import
ca.nrc.cadc.ac.server.GroupDetailSelector
;
import
ca.nrc.cadc.auth.DNPrincipal
;
import
ca.nrc.cadc.net.TransientException
;
import
ca.nrc.cadc.profiler.Profiler
;
import
ca.nrc.cadc.util.StringUtil
;
import
com.unboundid.ldap.sdk.AddRequest
;
import
com.unboundid.ldap.sdk.Attribute
;
import
com.unboundid.ldap.sdk.DN
;
...
...
@@ -110,6 +99,21 @@ import com.unboundid.ldap.sdk.SearchResultListener;
import
com.unboundid.ldap.sdk.SearchResultReference
;
import
com.unboundid.ldap.sdk.SearchScope
;
import
ca.nrc.cadc.ac.ActivatedGroup
;
import
ca.nrc.cadc.ac.Group
;
import
ca.nrc.cadc.ac.GroupAlreadyExistsException
;
import
ca.nrc.cadc.ac.GroupNotFoundException
;
import
ca.nrc.cadc.ac.GroupURI
;
import
ca.nrc.cadc.ac.User
;
import
ca.nrc.cadc.ac.UserNotFoundException
;
import
ca.nrc.cadc.ac.server.GroupDetailSelector
;
import
ca.nrc.cadc.auth.DNPrincipal
;
import
ca.nrc.cadc.net.TransientException
;
import
ca.nrc.cadc.profiler.Profiler
;
import
ca.nrc.cadc.reg.Standards
;
import
ca.nrc.cadc.reg.client.LocalAuthority
;
import
ca.nrc.cadc.util.StringUtil
;
public
class
LdapGroupDAO
extends
LdapDAO
{
private
static
final
Logger
logger
=
Logger
.
getLogger
(
LdapGroupDAO
.
class
);
...
...
@@ -193,16 +197,16 @@ public class LdapGroupDAO extends LdapDAO
else
{
// add group to groups tree
LDAPResult
result
=
addGroup
(
getGroupDN
(
group
.
getID
()),
group
.
getID
(),
ownerDN
,
LDAPResult
result
=
addGroup
(
getGroupDN
(
group
.
getID
()
.
getName
()
),
group
.
getID
()
.
getName
()
,
ownerDN
,
group
.
description
,
group
.
getUserMembers
(),
group
.
getGroupMembers
());
LdapDAO
.
checkLdapResult
(
result
.
getResultCode
());
// add group to admin groups tree
result
=
addGroup
(
getAdminGroupDN
(
group
.
getID
()),
group
.
getID
(),
ownerDN
,
result
=
addGroup
(
getAdminGroupDN
(
group
.
getID
()
.
getName
()
),
group
.
getID
()
.
getName
()
,
ownerDN
,
group
.
description
,
group
.
getUserAdmins
(),
group
.
getGroupAdmins
());
...
...
@@ -245,7 +249,7 @@ public class LdapGroupDAO extends LdapDAO
}
for
(
Group
groupMember
:
groups
)
{
final
String
groupMemberID
=
groupMember
.
getID
();
final
String
groupMemberID
=
groupMember
.
getID
()
.
getName
()
;
if
(!
checkGroupExists
(
groupMemberID
))
{
throw
new
GroupNotFoundException
(
groupMemberID
);
...
...
@@ -285,9 +289,9 @@ public class LdapGroupDAO extends LdapDAO
try
{
// check group name exists
Filter
filter
=
Filter
.
createEqualityFilter
(
LDAP_CN
,
group
.
getID
());
Filter
filter
=
Filter
.
createEqualityFilter
(
LDAP_CN
,
group
.
getID
()
.
getName
()
);
DN
groupDN
=
getGroupDN
(
group
.
getID
());
DN
groupDN
=
getGroupDN
(
group
.
getID
()
.
getName
()
);
SearchRequest
searchRequest
=
new
SearchRequest
(
groupDN
.
toNormalizedString
(),
SearchScope
.
BASE
,
filter
,
new
String
[]{
LDAP_NSACCOUNTLOCK
});
...
...
@@ -537,7 +541,7 @@ public class LdapGroupDAO extends LdapDAO
throws
GroupNotFoundException
,
TransientException
,
AccessControlException
,
UserNotFoundException
{
String
groupID
=
group
.
getID
();
String
groupID
=
group
.
getID
()
.
getName
()
;
getGroup
(
getGroupDN
(
groupID
),
groupID
,
PUB_GROUP_ATTRS
);
//group must exists first
return
modifyGroup
(
group
,
false
);
}
...
...
@@ -580,11 +584,11 @@ public class LdapGroupDAO extends LdapDAO
}
for
(
Group
gr
:
group
.
getGroupMembers
())
{
if
(!
checkGroupExists
(
gr
.
getID
()))
if
(!
checkGroupExists
(
gr
.
getID
()
.
getName
()
))
{
throw
new
GroupNotFoundException
(
gr
.
getID
());
throw
new
GroupNotFoundException
(
gr
.
getID
()
.
getName
()
);
}
DN
grDN
=
getGroupDN
(
gr
.
getID
());
DN
grDN
=
getGroupDN
(
gr
.
getID
()
.
getName
()
);
newMembers
.
add
(
grDN
.
toNormalizedString
());
}
...
...
@@ -596,11 +600,11 @@ public class LdapGroupDAO extends LdapDAO
}
for
(
Group
gr
:
group
.
getGroupAdmins
())
{
if
(!
checkGroupExists
(
gr
.
getID
()))
if
(!
checkGroupExists
(
gr
.
getID
()
.
getName
()
))
{
throw
new
GroupNotFoundException
(
gr
.
getID
());
throw
new
GroupNotFoundException
(
gr
.
getID
()
.
getName
()
);
}
DN
grDN
=
getGroupDN
(
gr
.
getID
());
DN
grDN
=
getGroupDN
(
gr
.
getID
()
.
getName
()
);
newAdmins
.
add
(
grDN
.
toNormalizedString
());
}
...
...
@@ -610,7 +614,7 @@ public class LdapGroupDAO extends LdapDAO
(
String
[])
newAdmins
.
toArray
(
new
String
[
newAdmins
.
size
()])));
ModifyRequest
adminModify
=
new
ModifyRequest
(
getAdminGroupDN
(
group
.
getID
()),
adminMods
);
new
ModifyRequest
(
getAdminGroupDN
(
group
.
getID
()
.
getName
()
),
adminMods
);
LdapDAO
.
checkLdapResult
(
getReadWriteConnection
().
modify
(
adminModify
).
getResultCode
());
...
...
@@ -621,7 +625,7 @@ public class LdapGroupDAO extends LdapDAO
(
String
[])
newMembers
.
toArray
(
new
String
[
newMembers
.
size
()])));
ModifyRequest
modifyRequest
=
new
ModifyRequest
(
getGroupDN
(
group
.
getID
()),
mods
);
new
ModifyRequest
(
getGroupDN
(
group
.
getID
()
.
getName
()
),
mods
);
LdapDAO
.
checkLdapResult
(
getReadWriteConnection
().
modify
(
modifyRequest
).
getResultCode
());
...
...
@@ -635,11 +639,11 @@ public class LdapGroupDAO extends LdapDAO
{
if
(
withActivate
)
{
return
new
ActivatedGroup
(
getGroup
(
group
.
getID
(),
true
));
return
new
ActivatedGroup
(
getGroup
(
group
.
getID
()
.
getName
()
,
true
));
}
else
{
return
getGroup
(
group
.
getID
(),
true
);
return
getGroup
(
group
.
getID
()
.
getName
()
,
true
);
}
}
catch
(
GroupNotFoundException
e
)
...
...
@@ -756,9 +760,12 @@ public class LdapGroupDAO extends LdapDAO
String
entryDN
=
result
.
getAttributeValue
(
LDAP_ENTRYDN
);
String
groupName
=
result
.
getAttributeValue
(
LDAP_CN
);
LocalAuthority
localAuthority
=
new
LocalAuthority
();
URI
gmsServiceID
=
localAuthority
.
getServiceURI
(
Standards
.
GMS_GROUPS_01
.
toString
());
if
(
attributes
==
PUB_GROUP_ATTRS
)
{
return
new
Group
(
groupName
);
GroupURI
groupID
=
new
GroupURI
(
gmsServiceID
.
toString
()
+
"?"
+
groupName
);
return
new
Group
(
groupID
);
}
String
ownerDN
=
result
.
getAttributeValue
(
LDAP_OWNER
);
...
...
@@ -769,7 +776,8 @@ public class LdapGroupDAO extends LdapDAO
try
{
User
owner
=
userDAO
.
getUser
(
new
DNPrincipal
(
ownerDN
));
Group
group
=
new
Group
(
groupName
);
GroupURI
groupID
=
new
GroupURI
(
gmsServiceID
.
toString
()
+
"?"
+
groupName
);
Group
group
=
new
Group
(
groupID
);
setField
(
group
,
owner
,
LDAP_OWNER
);
if
(
result
.
hasAttribute
(
LDAP_DESCRIPTION
))
{
...
...
cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/ldap/LdapGroupPersistence.java
View file @
cf0e8254
...
...
@@ -223,7 +223,7 @@ public class LdapGroupPersistence extends LdapPersistence implements GroupPersis
AccessControlException
,
UserNotFoundException
{
Subject
callerSubject
=
AuthenticationUtil
.
getCurrentSubject
();
boolean
allowed
=
isAdmin
(
callerSubject
,
group
.
getID
());
boolean
allowed
=
isAdmin
(
callerSubject
,
group
.
getID
()
.
getName
()
);
LdapGroupDAO
groupDAO
=
null
;
LdapUserDAO
userDAO
=
null
;
...
...
@@ -234,7 +234,7 @@ public class LdapGroupPersistence extends LdapPersistence implements GroupPersis
groupDAO
=
new
LdapGroupDAO
(
conns
,
userDAO
);
if
(!
allowed
)
{
Group
g
=
groupDAO
.
getGroup
(
group
.
getID
(),
false
);
Group
g
=
groupDAO
.
getGroup
(
group
.
getID
()
.
getName
()
,
false
);
if
(
isOwner
(
callerSubject
,
g
))
allowed
=
true
;
}
...
...
@@ -287,13 +287,13 @@ public class LdapGroupPersistence extends LdapPersistence implements GroupPersis
while
(
i
.
hasNext
()
)
{
Group
g
=
i
.
next
();
if
(
groupID
==
null
||
g
.
getID
().
equalsIgnoreCase
(
groupID
))
if
(
groupID
==
null
||
g
.
getID
().
getName
().
equalsIgnoreCase
(
groupID
))
{
if
(
detailSelector
!=
null
&&
detailSelector
.
isDetailedSearch
(
g
,
role
))
{
try
{
Group
g2
=
groupDAO
.
getGroup
(
g
.
getID
(),
false
);
Group
g2
=
groupDAO
.
getGroup
(
g
.
getID
()
.
getName
()
,
false
);
log
.
debug
(
"role "
+
role
+
" loaded: "
+
g2
);
ret
.
add
(
g2
);
}
...
...
@@ -340,7 +340,7 @@ public class LdapGroupPersistence extends LdapPersistence implements GroupPersis
List
<
Group
>
groups
=
getGroupCache
(
caller
,
Role
.
MEMBER
);
for
(
Group
g
:
groups
)
{
if
(
g
.
getID
().
equalsIgnoreCase
(
groupName
))
if
(
g
.
getID
().
getName
().
equalsIgnoreCase
(
groupName
))
return
true
;
}
return
false
;
...
...
@@ -351,7 +351,7 @@ public class LdapGroupPersistence extends LdapPersistence implements GroupPersis
List
<
Group
>
groups
=
getGroupCache
(
caller
,
Role
.
ADMIN
);
for
(
Group
g
:
groups
)
{
if
(
g
.
getID
().
equalsIgnoreCase
(
groupName
))
if
(
g
.
getID
().
getName
().
equalsIgnoreCase
(
groupName
))
return
true
;
}
return
false
;
...
...
cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
View file @
cf0e8254
...
...
@@ -86,25 +86,6 @@ import javax.security.auth.x500.X500Principal;
import
org.apache.log4j.Logger
;
import
ca.nrc.cadc.ac.Group
;
import
ca.nrc.cadc.ac.InternalID
;
import
ca.nrc.cadc.ac.PersonalDetails
;
import
ca.nrc.cadc.ac.Role
;
import
ca.nrc.cadc.ac.User
;
import
ca.nrc.cadc.ac.UserAlreadyExistsException
;
import
ca.nrc.cadc.ac.UserNotFoundException
;
import
ca.nrc.cadc.ac.UserRequest
;
import
ca.nrc.cadc.ac.client.GroupMemberships
;
import
ca.nrc.cadc.auth.DNPrincipal
;
import
ca.nrc.cadc.auth.HttpPrincipal
;
import
ca.nrc.cadc.auth.NumericPrincipal
;
import
ca.nrc.cadc.net.TransientException
;
import
ca.nrc.cadc.profiler.Profiler
;
import
ca.nrc.cadc.reg.Standards
;
import
ca.nrc.cadc.reg.client.LocalAuthority
;
import
ca.nrc.cadc.util.ObjectUtil
;
import
ca.nrc.cadc.util.StringUtil
;
import
com.unboundid.ldap.sdk.AddRequest
;
import
com.unboundid.ldap.sdk.Attribute
;
import
com.unboundid.ldap.sdk.BindRequest
;
...
...
@@ -129,6 +110,26 @@ import com.unboundid.ldap.sdk.SimpleBindRequest;
import
com.unboundid.ldap.sdk.extensions.PasswordModifyExtendedRequest
;
import
com.unboundid.ldap.sdk.extensions.PasswordModifyExtendedResult
;
import
ca.nrc.cadc.ac.Group
;
import
ca.nrc.cadc.ac.GroupURI
;
import
ca.nrc.cadc.ac.InternalID
;
import
ca.nrc.cadc.ac.PersonalDetails
;
import
ca.nrc.cadc.ac.Role
;
import
ca.nrc.cadc.ac.User
;
import
ca.nrc.cadc.ac.UserAlreadyExistsException
;
import
ca.nrc.cadc.ac.UserNotFoundException
;
import
ca.nrc.cadc.ac.UserRequest
;
import
ca.nrc.cadc.ac.client.GroupMemberships
;
import
ca.nrc.cadc.auth.DNPrincipal
;
import
ca.nrc.cadc.auth.HttpPrincipal
;
import
ca.nrc.cadc.auth.NumericPrincipal
;
import
ca.nrc.cadc.net.TransientException
;
import
ca.nrc.cadc.profiler.Profiler
;
import
ca.nrc.cadc.reg.Standards
;
import
ca.nrc.cadc.reg.client.LocalAuthority
;
import
ca.nrc.cadc.util.ObjectUtil
;
import
ca.nrc.cadc.util.StringUtil
;
/**
*
...
...
@@ -781,11 +782,14 @@ public class LdapUserDAO extends LdapDAO
// some pretty horrible hacks to avoid querying LDAP for group details...
private
Group
createGroupFromDN
(
DN
groupDN
)
{
LocalAuthority
localAuthority
=
new
LocalAuthority
();
URI
gmsServiceURI
=
localAuthority
.
getServiceURI
(
Standards
.
GMS_GROUPS_01
.
toString
());
String
cn
=
groupDN
.
getRDNString
();
String
[]
parts
=
cn
.
split
(
"="
);
if
(
parts
.
length
==
2
&&
parts
[
0
].
equals
(
"cn"
))
{
return
new
Group
(
parts
[
1
]);
GroupURI
groupID
=
new
GroupURI
(
gmsServiceURI
.
toString
()
+
"?"
+
parts
[
1
]);
return
new
Group
(
groupID
);
}
throw
new
RuntimeException
(
"BUG: failed to extract group name from "
+
groupDN
.
toString
());
...
...
cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/WhoAmIServlet.java
View file @
cf0e8254
...
...
@@ -79,13 +79,13 @@ import javax.servlet.http.HttpServlet;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
ca.nrc.cadc.auth.AuthMethod
;
import
ca.nrc.cadc.reg.Standards
;
import
org.apache.log4j.Logger
;
import
ca.nrc.cadc.auth.AuthMethod
;
import
ca.nrc.cadc.auth.AuthenticationUtil
;
import
ca.nrc.cadc.auth.HttpPrincipal
;
import
ca.nrc.cadc.log.ServletLogInfo
;
import
ca.nrc.cadc.reg.Standards
;
import
ca.nrc.cadc.reg.client.LocalAuthority
;
import
ca.nrc.cadc.reg.client.RegistryClient
;
...
...
@@ -154,6 +154,12 @@ public class WhoAmIServlet extends HttpServlet
}
}
public
URI
getServiceURI
(
URI
standard
)
{
LocalAuthority
localAuthority
=
new
LocalAuthority
();
return
localAuthority
.
getServiceURI
(
standard
.
toString
());
}
/**
* Forward on to the Service's user endpoint.
*
...
...
@@ -167,8 +173,7 @@ public class WhoAmIServlet extends HttpServlet
{
final
RegistryClient
registryClient
=
getRegistryClient
();
LocalAuthority
localAuthority
=
new
LocalAuthority
();
URI
umsServiceURI
=
localAuthority
.
getServiceURI
(
Standards
.
UMS_WHOAMI_01
.
toString
());
URI
umsServiceURI
=
getServiceURI
(
Standards
.
UMS_WHOAMI_01
);
log
.
debug
(
"ums service uri: "
+
umsServiceURI
);
final
URL
serviceURL
=
registryClient
.
getServiceURL
(
umsServiceURI
,
Standards
.
UMS_USERS_01
,
AuthMethod
.
CERT
);
...
...
cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/groups/AbstractGroupAction.java
View file @
cf0e8254
...
...
@@ -69,6 +69,7 @@
package
ca.nrc.cadc.ac.server.web.groups
;
import
java.io.IOException
;
import
java.net.URI
;
import
java.security.AccessControlException
;
import
java.security.Principal
;
import
java.security.PrivilegedActionException
;
...
...
@@ -91,6 +92,7 @@ import ca.nrc.cadc.ac.server.GroupPersistence;
import
ca.nrc.cadc.ac.server.web.SyncOutput
;
import
ca.nrc.cadc.auth.HttpPrincipal
;
import
ca.nrc.cadc.net.TransientException
;
import
ca.nrc.cadc.reg.client.LocalAuthority
;
public
abstract
class
AbstractGroupAction
implements
PrivilegedExceptionAction
<
Object
>
{
...
...
@@ -126,6 +128,12 @@ public abstract class AbstractGroupAction implements PrivilegedExceptionAction<O
this
.
groupPersistence
=
groupPersistence
;
}
public
URI
getServiceURI
(
URI
standard
)
{
LocalAuthority
localAuthority
=
new
LocalAuthority
();
return
localAuthority
.
getServiceURI
(
standard
.
toString
());
}
public
Object
run
()
throws
PrivilegedActionException
{
try
...
...
cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/groups/AddGroupMemberAction.java
View file @
cf0e8254
...
...
@@ -68,12 +68,15 @@
*/
package
ca.nrc.cadc.ac.server.web.groups
;
import
ca.nrc.cadc.ac.Group
;
import
ca.nrc.cadc.ac.GroupAlreadyExistsException
;
import
ca.nrc.cadc.ac.server.GroupPersistence
;
import
java.net.URI
;
import
java.util.ArrayList
;
import
java.util.List
;
import
ca.nrc.cadc.ac.Group
;
import
ca.nrc.cadc.ac.GroupAlreadyExistsException
;
import
ca.nrc.cadc.ac.GroupURI
;
import
ca.nrc.cadc.reg.Standards
;
public
class
AddGroupMemberAction
extends
AbstractGroupAction
{
private
final
String
groupName
;
...
...
@@ -90,7 +93,9 @@ public class AddGroupMemberAction extends AbstractGroupAction
public
void
doAction
()
throws
Exception
{
Group
group
=
groupPersistence
.
getGroup
(
this
.
groupName
);
Group
toAdd
=
new
Group
(
this
.
groupMemberName
);
URI
gmsServiceURI
=
getServiceURI
(
Standards
.
GMS_GROUPS_01
);
GroupURI
toAddID
=
new
GroupURI
(
gmsServiceURI
.
toString
()
+
"?"
+
this
.
groupMemberName
);
Group
toAdd
=
new
Group
(
toAddID
);
if
(!
group
.
getGroupMembers
().
add
(
toAdd
))
{
throw
new
GroupAlreadyExistsException
(
this
.
groupMemberName
);
...
...
@@ -98,8 +103,8 @@ public class AddGroupMemberAction extends AbstractGroupAction
groupPersistence
.
modifyGroup
(
group
);
List
<
String
>
addedMembers
=
new
ArrayList
<
String
>();
addedMembers
.
add
(
toAdd
.
getID
());
logGroupInfo
(
group
.
getID
(),
null
,
addedMembers
);
addedMembers
.
add
(
toAdd
.
getID
()
.
getName
()
);
logGroupInfo
(
group
.
getID
()
.
getName
()
,
null
,
addedMembers
);
}
}
cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/groups/AddUserMemberAction.java
View file @
cf0e8254
...
...
@@ -113,7 +113,7 @@ public class AddUserMemberAction extends AbstractGroupAction
List
<
String
>
addedMembers
=
new
ArrayList
<
String
>();
addedMembers
.
add
(
getUseridForLogging
(
toAdd
));
logGroupInfo
(
group
.
getID
(),
null
,
addedMembers
);
logGroupInfo
(
group
.
getID
()
.
getName
()
,
null
,
addedMembers
);
}
}
cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/groups/CreateGroupAction.java
View file @
cf0e8254
...
...
@@ -104,7 +104,7 @@ public class CreateGroupAction extends AbstractGroupAction
addedMembers
=
new
ArrayList
<
String
>();
for
(
Group
gr
:
group
.
getGroupMembers
())
{
addedMembers
.
add
(
gr
.
getID
());
addedMembers
.
add
(
gr
.
getID
()
.
getName
()
);
}
for
(
User
usr
:
group
.
getUserMembers
())
{
...
...
@@ -116,7 +116,7 @@ public class CreateGroupAction extends AbstractGroupAction
addedMembers
.
add
(
p
.
getName
());
}
}
logGroupInfo
(
group
.
getID
(),
null
,
addedMembers
);
logGroupInfo
(
group
.
getID
()
.
getName
()
,
null
,
addedMembers
);
}
}
cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/groups/DeleteGroupAction.java
View file @
cf0e8254
...
...
@@ -92,7 +92,7 @@ public class DeleteGroupAction extends AbstractGroupAction
this
.
logInfo
.
deletedMembers
=
new
ArrayList
<
String
>();
for
(
Group
gr
:
deletedGroup
.
getGroupMembers
())
{
this
.
logInfo
.
deletedMembers
.
add
(
gr
.
getID
());
this
.
logInfo
.
deletedMembers
.
add
(
gr
.
getID
()
.
getName
()
);
}
for
(
User
usr
:
deletedGroup
.
getUserMembers
())
{
...
...
cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/groups/ModifyGroupAction.java
View file @
cf0e8254
...
...
@@ -114,7 +114,7 @@ public class ModifyGroupAction extends AbstractGroupAction
{
if
(!
oldGroup
.
getGroupMembers
().
remove
(
gr
))
{
addedMembers
.
add
(
gr
.
getID
());
addedMembers
.
add
(
gr
.
getID
()
.
getName
()
);
}
}
if
(
addedMembers
.
isEmpty
())
...
...
@@ -128,13 +128,13 @@ public class ModifyGroupAction extends AbstractGroupAction
}
for
(
Group
gr
:
oldGroup
.
getGroupMembers
())
{
deletedMembers
.
add
(
gr
.
getID
());
deletedMembers
.
add
(
gr
.
getID
()
.
getName
()
);
}
if
(
deletedMembers
.
isEmpty
())
{
deletedMembers
=
null
;
}
logGroupInfo
(
group
.
getID
(),
deletedMembers
,
addedMembers
);
logGroupInfo
(
group
.
getID
()
.
getName
()
,
deletedMembers
,
addedMembers
);
profiler
.
checkpoint
(
"log GroupInfo"
);
syncOut
.
setHeader
(
"Location"
,
request
);
...
...
cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/groups/RemoveGroupMemberAction.java
View file @
cf0e8254
...
...
@@ -68,14 +68,21 @@
*/
package
ca.nrc.cadc.ac.server.web.groups
;
import
ca.nrc.cadc.ac.Group
;
import
ca.nrc.cadc.ac.GroupNotFoundException
;
import
java.net.URI
;
import
java.util.ArrayList
;
import
java.util.List
;
import
org.apache.log4j.Logger
;
import
ca.nrc.cadc.ac.Group
;
import
ca.nrc.cadc.ac.GroupNotFoundException
;
import
ca.nrc.cadc.ac.GroupURI
;
import
ca.nrc.cadc.reg.Standards
;
public
class
RemoveGroupMemberAction
extends
AbstractGroupAction
{
private
final
static
Logger
log
=
Logger
.
getLogger
(
RemoveGroupMemberAction
.
class
);
private
final
String
groupName
;
private
final
String
groupMemberName
;
...
...
@@ -89,7 +96,12 @@ public class RemoveGroupMemberAction extends AbstractGroupAction
public
void
doAction
()
throws
Exception
{
Group
group
=
groupPersistence
.
getGroup
(
this
.
groupName
);
Group
toRemove
=
new
Group
(
this
.
groupMemberName
);
URI
gmsServiceURI
=
getServiceURI
(
Standards
.
GMS_GROUPS_01
);
GroupURI
toRemoveID
=
new
GroupURI
(
gmsServiceURI
.
toString
()
+
"?"
+
this
.
groupMemberName
);
Group
toRemove
=
new
Group
(
toRemoveID
);
log
.
debug
(
"group member count: "
+
group
.
getGroupMembers
().
size
());
log
.
debug
(
"contains one to remove: "
+
group
.
getGroupMembers
().
contains
(
toRemove
));
if
(!
group
.
getGroupMembers
().
remove
(
toRemove
))
{
...
...
@@ -98,8 +110,8 @@ public class RemoveGroupMemberAction extends AbstractGroupAction
groupPersistence
.
modifyGroup
(
group
);
List
<
String
>
deletedMembers
=
new
ArrayList
<
String
>();
deletedMembers
.
add
(
toRemove
.
getID
());
logGroupInfo
(
group
.
getID
(),
deletedMembers
,
null
);
deletedMembers
.
add
(
toRemove
.
getID
()
.
getName
()
);
logGroupInfo
(
group
.
getID
()
.
getName
()
,
deletedMembers
,
null
);
}
}
cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberAction.java
View file @
cf0e8254
...
...
@@ -110,7 +110,7 @@ public class RemoveUserMemberAction extends AbstractGroupAction
List
<
String
>
deletedMembers
=
new
ArrayList
<
String
>();
deletedMembers
.
add
(
getUseridForLogging
(
user
));
logGroupInfo
(
group
.
getID
(),
deletedMembers
,
null
);
logGroupInfo
(
group
.
getID
()
.
getName
()
,
deletedMembers
,
null
);
}
protected
UserPersistence
getUserPersistence
()
...
...
cadc-access-control-server/src/test/java/ca/nrc/cadc/ac/server/ldap/LdapGroupDAOTest.java
View file @
cf0e8254
...
...
@@ -87,6 +87,7 @@ import org.junit.Test;
import
ca.nrc.cadc.ac.Group
;
import
ca.nrc.cadc.ac.GroupNotFoundException
;
import
ca.nrc.cadc.ac.GroupProperty
;
import
ca.nrc.cadc.ac.GroupURI
;
import
ca.nrc.cadc.ac.User
;
import
ca.nrc.cadc.util.Log4jInit
;
import
ca.nrc.cadc.util.PropertiesReader
;
...
...
@@ -130,17 +131,17 @@ public class LdapGroupDAOTest extends AbstractLdapDAOTest
{
try
{
Group
expectGroup
=
new
Group
(
getGroupID
());
Group
expectGroup
=
new
Group
(
new
GroupURI
(
"ivo://example.org/gms?"
+
getGroupID
())
)
;
setField
(
expectGroup
,
cadcDaoTest1_AugmentedUser
,
"owner"
);