Commit 1c8471c1 authored by michael.simon's avatar michael.simon
Browse files

implement account creation and group creation

add user to group, generated from javascript
parent 35b7b4d5
......@@ -247,4 +247,140 @@ public class NextcloudWorker {
throw new RegisterException(e);
}
}
public NextcloudAnswer createGroup(String groupName) throws RegisterException {
URI uri;
try {
URIBuilder uriBuilder = new URIBuilder(apiUrl + "groups");
uri = uriBuilder.build();
} catch (URISyntaxException e) {
throw new RegisterException(e);
}
HttpClientContext context = buildHttpContext(uri);
CloseableHttpResponse response;
try {
HttpPost http = buildHttpPost(uri);
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new BasicNameValuePair("groupid", groupName));
http.setEntity(new UrlEncodedFormEntity(params));
response = httpClient.execute(http, context);
} catch (ClientProtocolException e) {
logger.warn("Client protocol problem", e);
throw new RegisterException(e);
} catch (SSLException e) {
logger.error("SSL Certificate problem with SNS Server: {}", e.toString());
throw new RegisterException(e);
} catch (IOException e) {
logger.warn("Connection", e);
throw new RegisterException(e);
}
logger.debug("Status line of response: {}", response.getStatusLine());
if (response.getStatusLine() != null && response.getStatusLine().getStatusCode() == 404) {
logger.warn("Status answer is 404, Account not found.");
return null;
} else if (response.getStatusLine() == null || response.getStatusLine().getStatusCode() != 200) {
logger.warn("Status answer was not HTTP OK 200");
throw new RegisterException("Nexcloud: " + response.getStatusLine());
}
HttpEntity entity = response.getEntity();
try {
JAXBContext jaxbContext = JAXBContext.newInstance(NextcloudAnswer.class);
Unmarshaller unmarshaller = jaxbContext.createUnmarshaller();
NextcloudAnswer answer = (NextcloudAnswer) unmarshaller.unmarshal(entity.getContent());
logger.debug("{} {}", answer.getMeta().getStatusCode(), answer.getMeta().getStatus());
return answer;
} catch (ParseException e) {
logger.warn("Parse problem", e);
throw new RegisterException(e);
} catch (IOException e) {
logger.warn("Connection", e);
throw new RegisterException(e);
} catch (IllegalStateException e) {
logger.warn("Parse problem", e);
throw new RegisterException(e);
} catch (JAXBException e) {
logger.warn("Parse problem", e);
throw new RegisterException(e);
}
}
public NextcloudAnswer addUserToGroup(RegistryEntity registry, String groupName) throws RegisterException {
String id = registry.getRegistryValues().get("id");
URI uri;
try {
URIBuilder uriBuilder = new URIBuilder(apiUrl + "users/" + id + "/groups");
uri = uriBuilder.build();
} catch (URISyntaxException e) {
throw new RegisterException(e);
}
HttpClientContext context = buildHttpContext(uri);
CloseableHttpResponse response;
try {
HttpPost http = buildHttpPost(uri);
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new BasicNameValuePair("groupid", groupName));
http.setEntity(new UrlEncodedFormEntity(params));
response = httpClient.execute(http, context);
} catch (ClientProtocolException e) {
logger.warn("Client protocol problem", e);
throw new RegisterException(e);
} catch (SSLException e) {
logger.error("SSL Certificate problem with SNS Server: {}", e.toString());
throw new RegisterException(e);
} catch (IOException e) {
logger.warn("Connection", e);
throw new RegisterException(e);
}
logger.debug("Status line of response: {}", response.getStatusLine());
if (response.getStatusLine() != null && response.getStatusLine().getStatusCode() == 404) {
logger.warn("Status answer is 404, Account not found.");
return null;
} else if (response.getStatusLine() == null || response.getStatusLine().getStatusCode() != 200) {
logger.warn("Status answer was not HTTP OK 200");
throw new RegisterException("Nexcloud: " + response.getStatusLine());
}
HttpEntity entity = response.getEntity();
try {
JAXBContext jaxbContext = JAXBContext.newInstance(NextcloudAnswer.class);
Unmarshaller unmarshaller = jaxbContext.createUnmarshaller();
NextcloudAnswer answer = (NextcloudAnswer) unmarshaller.unmarshal(entity.getContent());
logger.debug("{} {}", answer.getMeta().getStatusCode(), answer.getMeta().getStatus());
return answer;
} catch (ParseException e) {
logger.warn("Parse problem", e);
throw new RegisterException(e);
} catch (IOException e) {
logger.warn("Connection", e);
throw new RegisterException(e);
} catch (IllegalStateException e) {
logger.warn("Parse problem", e);
throw new RegisterException(e);
} catch (JAXBException e) {
logger.warn("Parse problem", e);
throw new RegisterException(e);
}
}
}
......@@ -3,6 +3,12 @@ package edu.kit.scc.syncshare.reg;
import java.io.StringWriter;
import java.util.HashMap;
import java.util.Map;
import java.util.Map.Entry;
import javax.script.Invocable;
import javax.script.ScriptEngine;
import javax.script.ScriptEngineManager;
import javax.script.ScriptException;
import org.apache.velocity.VelocityContext;
import org.apache.velocity.app.VelocityEngine;
......@@ -16,19 +22,26 @@ import edu.kit.scc.nextcloud.NextcloudAnswer;
import edu.kit.scc.nextcloud.NextcloudWorker;
import edu.kit.scc.webreg.audit.Auditor;
import edu.kit.scc.webreg.entity.RegistryEntity;
import edu.kit.scc.webreg.entity.ScriptEntity;
import edu.kit.scc.webreg.entity.ServiceEntity;
import edu.kit.scc.webreg.entity.UserEntity;
import edu.kit.scc.webreg.entity.audit.AuditStatus;
import edu.kit.scc.webreg.exc.PropertyReaderException;
import edu.kit.scc.webreg.exc.RegisterException;
import edu.kit.scc.webreg.script.ScriptingEnv;
import edu.kit.scc.webreg.service.reg.Infotainment;
import edu.kit.scc.webreg.service.reg.InfotainmentCapable;
import edu.kit.scc.webreg.service.reg.InfotainmentTreeNode;
import edu.kit.scc.webreg.service.reg.RegisterUserWorkflow;
import edu.kit.scc.webreg.service.reg.ScriptingWorkflow;
import edu.kit.scc.webreg.service.reg.ldap.PropertyReader;
public class NextcloudRegisterWorkflow implements RegisterUserWorkflow, InfotainmentCapable {
public class NextcloudRegisterWorkflow implements RegisterUserWorkflow, InfotainmentCapable, ScriptingWorkflow {
private static final Logger logger = LoggerFactory.getLogger(NextcloudRegisterWorkflow.class);
protected ScriptingEnv scriptingEnv;
@Override
public Infotainment getInfo(RegistryEntity registry, UserEntity user, ServiceEntity service)
throws RegisterException {
......@@ -87,18 +100,40 @@ public class NextcloudRegisterWorkflow implements RegisterUserWorkflow, Infotai
if (statusCode == 404) {
// user not found, needs to be created
logger.info("User {} not found, needs to be created (registry id: {})", user.getId(), registry.getId());
answer = worker.createAccount(registry);
if (answer.getMeta().getStatusCode() != 100) {
throw new RegisterException("Registration failed! " + answer.getMeta().getMessage());
}
} else if (statusCode == 100) {
// user found, ok
} else {
// unknown status code
// load the created account
answer = worker.loadAccount(registry);
if (answer.getMeta().getStatusCode() != 100) {
// this should not fail, the account was created with status 100
throw new RegisterException("Registration failed! Could not load newly created account: " + answer.getMeta().getMessage());
}
}
if (statusCode != 100) {
// could not load or create account
logger.warn("Status code {} for registry {} (userid {}) is unknown. Message: {}",
new Object[]{ statusCode, registry.getId(), registry.getUser().getId(),
answer.getMeta().getStatus()});
throw new RegisterException("Registration failed! Could not load or create account: " + answer.getMeta().getMessage());
}
logger.debug("Account for registry {} successfully loaded", registry.getId());
if (registry.getRegistryValues().containsKey("primaryGroup")) {
logger.debug("Creating group {} for registry {}",
registry.getRegistryValues().containsKey("primaryGroup"), registry.getId());
NextcloudAnswer groupAnswer = worker.createGroup(registry.getRegistryValues().get("primaryGroup"));
if (groupAnswer.getMeta().getStatusCode() == 100 || groupAnswer.getMeta().getStatusCode() == 102) {
worker.addUserToGroup(registry, registry.getRegistryValues().get("primaryGroup"));
logger.debug("Adding user {} to group {} for registry {}",
user.getId(), registry.getRegistryValues().containsKey("primaryGroup"), registry.getId());
}
}
}
@Override
......@@ -106,29 +141,68 @@ public class NextcloudRegisterWorkflow implements RegisterUserWorkflow, Infotai
throws RegisterException {
PropertyReader prop = PropertyReader.newRegisterPropReader(service);
String tplId = prop.readPropOrNull("tpl_id");
String id;
if (tplId != null) {
id = evalTemplate(tplId, user);
}
else {
id = user.getEppn();
Map<String, String> reconMap = new HashMap<String, String>();
try {
String scriptName = prop.readProp("script_name");
ScriptEntity scriptEntity = scriptingEnv.getScriptDao().findByName(scriptName);
if (scriptEntity == null)
throw new RegisterException("service not configured properly. script is missing.");
if (scriptEntity.getScriptType().equalsIgnoreCase("javascript")) {
ScriptEngine engine = (new ScriptEngineManager()).getEngineByName(scriptEntity.getScriptEngine());
if (engine == null)
throw new RegisterException("service not configured properly. engine not found: " + scriptEntity.getScriptEngine());
engine.eval(scriptEntity.getScript());
Invocable invocable = (Invocable) engine;
invocable.invokeFunction("updateRegistry", scriptingEnv, reconMap, user, registry, service, auditor, logger);
}
else {
throw new RegisterException("unkown script type: " + scriptEntity.getScriptType());
}
} catch (PropertyReaderException e) {
throw new RegisterException(e);
} catch (ScriptException e) {
throw new RegisterException(e);
} catch (NoSuchMethodException e) {
throw new RegisterException(e);
}
if (! registry.getRegistryValues().containsKey("id")) {
registry.getRegistryValues().put("id", id);
} else {
if (! registry.getRegistryValues().get("id").equals(id)) {
// this should not happen. It means the primary Id for the user has changed.
// Nextcloud saml does not support this
logger.warn("Nextcloud User ID for user {} would change from {} to {}!", registry.getRegistryValues().get("id"), id);
Boolean change = false;
for (Entry<String, String> entry : reconMap.entrySet()) {
if (! registry.getRegistryValues().containsKey(entry.getKey())) {
auditor.logAction("", "UPDATE USER REGISTRY", user.getEppn(), "ADD " +
entry.getKey() + ": " + registry.getRegistryValues().get(entry.getKey()) +
" => " + entry.getValue()
, AuditStatus.SUCCESS);
registry.getRegistryValues().put(entry.getKey(), entry.getValue());
change |= true;
}
else if (! registry.getRegistryValues().get(entry.getKey()).equals(entry.getValue())) {
if (entry.getKey().equals("id")) {
// this should not happen. It means the primary Id for the user has changed.
// Nextcloud saml does not support this
logger.warn("Nextcloud User ID for user {} would change from {} to {}!",
registry.getRegistryValues().get("id"), entry.getValue());
}
auditor.logAction("", "UPDATE USER REGISTRY", user.getEppn(), "REPLACE " +
entry.getKey() + ": " + registry.getRegistryValues().get(entry.getKey()) +
" => " + entry.getValue()
, AuditStatus.SUCCESS);
registry.getRegistryValues().put(entry.getKey(), entry.getValue());
change |= true;
}
}
registry.getRegistryValues().put("displayName", user.getGivenName() + " " + user.getSurName());
registry.getRegistryValues().put("email", user.getEmail());
return false;
return change;
}
protected String evalTemplate(String template, UserEntity user)
......@@ -157,4 +231,9 @@ public class NextcloudRegisterWorkflow implements RegisterUserWorkflow, Infotai
}
}
@Override
public void setScriptingEnv(ScriptingEnv env) {
this.scriptingEnv = env;
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment