0001: /**
0002: * LibreSource
0003: * Copyright (C) 2004-2008 Artenum SARL / INRIA
0004: * http://www.libresource.org - contact@artenum.com
0005: *
0006: * This file is part of the LibreSource software,
0007: * which can be used and distributed under license conditions.
0008: * The license conditions are provided in the LICENSE.TXT file
0009: * at the root path of the packaging that enclose this file.
0010: * More information can be found at
0011: * - http://dev.libresource.org/home/license
0012: *
0013: * Initial authors :
0014: *
0015: * Guillaume Bort / INRIA
0016: * Francois Charoy / Universite Nancy 2
0017: * Julien Forest / Artenum
0018: * Claude Godart / Universite Henry Poincare
0019: * Florent Jouille / INRIA
0020: * Sebastien Jourdain / INRIA / Artenum
0021: * Yves Lerumeur / Artenum
0022: * Pascal Molli / Universite Henry Poincare
0023: * Gerald Oster / INRIA
0024: * Mariarosa Penzi / Artenum
0025: * Gerard Sookahet / Artenum
0026: * Raphael Tani / INRIA
0027: *
0028: * Contributors :
0029: *
0030: * Stephane Bagnier / Artenum
0031: * Amadou Dia / Artenum-IUP Blois
0032: * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
0033: */package org.libresource.membership.ejb;
0034:
0035: import org.libresource.Libresource;
0036: import org.libresource.LibresourceEvent;
0037: import org.libresource.LibresourceException;
0038: import org.libresource.LibresourceResourceIdentifier;
0039: import org.libresource.LibresourceResourceValue;
0040: import org.libresource.LibresourceServiceBase;
0041:
0042: import org.libresource.kernel.KernelConstants;
0043: import org.libresource.kernel.LibresourceSecurityException;
0044: import org.libresource.kernel.URINotExistException;
0045: import org.libresource.kernel.UriManager;
0046: import org.libresource.kernel.interfaces.KernelService;
0047:
0048: import org.libresource.membership.GroupExportHandler;
0049: import org.libresource.membership.GroupImportHandler;
0050: import org.libresource.membership.MembershipConstants;
0051: import org.libresource.membership.MembershipServiceException;
0052: import org.libresource.membership.ProfileExportHandler;
0053: import org.libresource.membership.ProfileImportHandler;
0054: import org.libresource.membership.ejb.model.GroupResourceValue;
0055: import org.libresource.membership.ejb.model.LDAPGroupResourceValue;
0056: import org.libresource.membership.ejb.model.ProfileResourceValue;
0057: import org.libresource.membership.interfaces.GroupResourceLocal;
0058: import org.libresource.membership.interfaces.LDAPGroupResourceLocal;
0059: import org.libresource.membership.interfaces.ProfileResourceLocal;
0060: import org.libresource.membership.util.GroupResourceUtil;
0061: import org.libresource.membership.util.LDAPGroupResourceUtil;
0062: import org.libresource.membership.util.ProfileResourceUtil;
0063:
0064: import org.libresource.search.LibresourceIndexableContent;
0065:
0066: import org.libresource.xml.LibresourceExportHandler;
0067: import org.libresource.xml.LibresourceImportHandler;
0068:
0069: import java.io.BufferedWriter;
0070: import java.io.FileWriter;
0071: import java.io.Writer;
0072:
0073: import java.net.URI;
0074:
0075: import java.security.MessageDigest;
0076:
0077: import java.sql.Connection;
0078: import java.sql.PreparedStatement;
0079: import java.sql.ResultSet;
0080: import java.sql.Statement;
0081:
0082: import java.util.ArrayList;
0083: import java.util.Collection;
0084: import java.util.Date;
0085: import java.util.HashMap;
0086: import java.util.Hashtable;
0087: import java.util.Iterator;
0088: import java.util.Vector;
0089:
0090: import javax.naming.AuthenticationException;
0091: import javax.naming.Context;
0092: import javax.naming.InitialContext;
0093: import javax.naming.NamingEnumeration;
0094: import javax.naming.NamingException;
0095: import javax.naming.directory.Attribute;
0096: import javax.naming.directory.Attributes;
0097: import javax.naming.directory.DirContext;
0098: import javax.naming.directory.InitialDirContext;
0099:
0100: /**
0101: * LibreSource
0102: *
0103: * @author <a href="mailto:bort@loria.fr">Guillaume Bort</a> - <a
0104: * href="http://www.inria.fr">INRIA Lorraine</a>
0105: *
0106: * The LibreSource Default Membership Service
0107: *
0108: * @libresource.service name="Membership" depends="Kernel"
0109: *
0110: * @ejb.env-entry name="users-provider-1"
0111: * value="org.libresource.membership.providers.InternalBaseUsersProvider"
0112: * @ejb.env-entry name="options-users-provider-1" value=""
0113: * @ejb.env-entry name="users-provider-2"
0114: * value="org.libresource.membership.providers.GuestUserProvider"
0115: * @ejb.env-entry name="options-users-provider-2" value=""
0116: * @ejb.env-entry name="users-root-uri" value="/users"
0117: * @ejb.env-entry name="unauthentified-userId" value="guest"
0118: * @ejb.env-entry name="allAuthentifiedUsers-group-uri" value="/groups/all"
0119: *
0120: */
0121: public abstract class MembershipServiceBean extends
0122: LibresourceServiceBase {
0123: private static transient URI usersRoot;
0124: private static transient String unauthentifieduserid;
0125: private static transient URI allAuthentifiedUsersGroupURI;
0126:
0127: /**
0128: * @ejb.interface-method
0129: * @ejb.transaction type="Supports"
0130: */
0131: public URI getUsersRootURI() throws MembershipServiceException,
0132: LibresourceSecurityException {
0133: try {
0134: KernelService kernelService = (KernelService) Libresource
0135: .getService(KernelConstants.SERVICE);
0136:
0137: if (usersRoot == null) {
0138: usersRoot = kernelService
0139: .normalizeURI(new URI(
0140: (String) new InitialContext()
0141: .lookup("java:comp/env/users-root-uri")));
0142: }
0143:
0144: return usersRoot;
0145: } catch (Exception e) {
0146: throw new MembershipServiceException(e);
0147: }
0148: }
0149:
0150: /**
0151: * @ejb.interface-method
0152: * @ejb.transaction type="Supports"
0153: */
0154: public String getUnauthentifiedUserId()
0155: throws MembershipServiceException,
0156: LibresourceSecurityException {
0157: try {
0158: if (unauthentifieduserid == null) {
0159: unauthentifieduserid = (String) new InitialContext()
0160: .lookup("java:comp/env/unauthentified-userId");
0161: }
0162:
0163: return unauthentifieduserid;
0164: } catch (Exception e) {
0165: throw new MembershipServiceException(e);
0166: }
0167: }
0168:
0169: /**
0170: * @ejb.interface-method
0171: * @ejb.transaction type="Supports"
0172: */
0173: public URI getAllAuthentifiedUserGroupURI()
0174: throws MembershipServiceException,
0175: LibresourceSecurityException {
0176: try {
0177: if (allAuthentifiedUsersGroupURI == null) {
0178: allAuthentifiedUsersGroupURI = new URI(
0179: (String) new InitialContext()
0180: .lookup("java:comp/env/allAuthentifiedUsers-group-uri"));
0181: }
0182:
0183: return allAuthentifiedUsersGroupURI;
0184: } catch (Exception e) {
0185: throw new MembershipServiceException(e);
0186: }
0187: }
0188:
0189: /**
0190: * @ejb.interface-method
0191: * @ejb.transaction type="Required"
0192: */
0193: public void createGroup(URI uri, String name, String description)
0194: throws MembershipServiceException,
0195: LibresourceSecurityException {
0196: try {
0197: GroupResourceLocal groupResourceLocal = GroupResourceUtil
0198: .getLocalHome().create(name, description);
0199: KernelService kernelService = (KernelService) Libresource
0200: .getService(KernelConstants.SERVICE);
0201: kernelService.bind(groupResourceLocal
0202: .getLibresourceResourceIdentifier(), uri, name);
0203:
0204: // event
0205: LibresourceEvent event = new LibresourceEvent(uri,
0206: groupResourceLocal
0207: .getLibresourceResourceIdentifier(),
0208: kernelService.getConnectedResource(),
0209: MembershipConstants.EVENT_GROUP_CREATE);
0210: Libresource.throwEvent(event);
0211: } catch (LibresourceSecurityException se) {
0212: ctx.setRollbackOnly();
0213: throw se;
0214: } catch (Exception e) {
0215: ctx.setRollbackOnly();
0216: throw new MembershipServiceException(
0217: "Error in createGroup : " + e.getMessage(), e);
0218: }
0219: }
0220:
0221: /**
0222: * @ejb.interface-method
0223: * @ejb.transaction type="Required"
0224: */
0225: public void createLDAPGroup(URI uri, String name, String description)
0226: throws MembershipServiceException,
0227: LibresourceSecurityException {
0228: try {
0229: LDAPGroupResourceLocal ldapGroupResourceLocal = LDAPGroupResourceUtil
0230: .getLocalHome().create(name, description);
0231: KernelService kernelService = (KernelService) Libresource
0232: .getService(KernelConstants.SERVICE);
0233: kernelService.bind(ldapGroupResourceLocal
0234: .getLibresourceResourceIdentifier(), uri, name);
0235:
0236: // event
0237: LibresourceEvent event = new LibresourceEvent(uri,
0238: ldapGroupResourceLocal
0239: .getLibresourceResourceIdentifier(),
0240: kernelService.getConnectedResource(),
0241: MembershipConstants.EVENT_GROUP_CREATE);
0242: Libresource.throwEvent(event);
0243: } catch (LibresourceSecurityException se) {
0244: ctx.setRollbackOnly();
0245: throw se;
0246: } catch (Exception e) {
0247: ctx.setRollbackOnly();
0248: throw new MembershipServiceException(
0249: "Error in createGroup : " + e.getMessage(), e);
0250: }
0251: }
0252:
0253: /**
0254: * @ejb.interface-method
0255: * @ejb.transaction type="Required"
0256: */
0257: public void createProfile(String userId, String userName,
0258: String userEmail, String userJabberId, HashMap userInfos)
0259: throws MembershipServiceException,
0260: LibresourceSecurityException {
0261: try {
0262: if (!userId.matches("[A-Za-z0-9]+")) {
0263: throw new Exception(
0264: "invalid user id (userId should match [A-Za-z0-9])");
0265: }
0266:
0267: ProfileResourceLocal profileResourceLocal = ProfileResourceUtil
0268: .getLocalHome().create(userId, userName, userEmail,
0269: userJabberId, userInfos);
0270: KernelService kernelService = (KernelService) Libresource
0271: .getService(KernelConstants.SERVICE);
0272:
0273: URI profileUri = new URI(getUsersRootURI().getPath() + "/"
0274: + userId);
0275:
0276: // TODO system ???
0277: kernelService.bind(profileResourceLocal
0278: .getLibresourceResourceIdentifier(), profileUri,
0279: userName);
0280: kernelService.systemCopyAcl(getUsersRootURI(), profileUri);
0281: kernelService.systemCreateAcl(profileUri, profileUri,
0282: new String[] { KernelConstants.SECURITY_READ,
0283: KernelConstants.SECURITY_UPDATE });
0284:
0285: // event
0286: LibresourceEvent event = new LibresourceEvent(profileUri,
0287: profileResourceLocal
0288: .getLibresourceResourceIdentifier(),
0289: kernelService.getConnectedResource(),
0290: MembershipConstants.EVENT_PROFILE_CREATE);
0291: Libresource.throwEvent(event);
0292: } catch (LibresourceSecurityException se) {
0293: ctx.setRollbackOnly();
0294: throw se;
0295: } catch (Exception e) {
0296: e.printStackTrace();
0297: ctx.setRollbackOnly();
0298: throw new MembershipServiceException(
0299: "Error in createProfile : " + e.getMessage(), e);
0300: }
0301: }
0302:
0303: /**
0304: * @ejb.interface-method
0305: * @ejb.transaction type="Required"
0306: */
0307: public void editProfile(URI uri, String userName, String userEmail,
0308: String userJabberId) throws MembershipServiceException,
0309: LibresourceSecurityException {
0310: try {
0311: KernelService kernelService = (KernelService) Libresource
0312: .getService(KernelConstants.SERVICE);
0313: LibresourceResourceIdentifier resourceIdentifier = kernelService
0314: .lookup(uri);
0315:
0316: if (!kernelService.checkSecurity(uri,
0317: KernelConstants.SECURITY_UPDATE)) {
0318: throw new LibresourceSecurityException(uri,
0319: KernelConstants.SECURITY_UPDATE);
0320: }
0321:
0322: ProfileResourceLocal profile = (ProfileResourceLocal) Libresource
0323: .findResource(resourceIdentifier,
0324: ProfileResourceLocal.class);
0325: profile.setFullName(userName);
0326: profile.setEmail(userEmail);
0327: profile.setJabberId(userJabberId);
0328: profile.setAccountStatus(profile.getAccountStatus());
0329: profile.setOnlineStatus(profile.getOnlineStatus());
0330:
0331: // update node
0332: kernelService.setShortName(uri, userName);
0333: kernelService.setUpdateDate(uri, new Date());
0334:
0335: // event
0336: LibresourceEvent event = new LibresourceEvent(uri,
0337: resourceIdentifier, kernelService
0338: .getConnectedResource(),
0339: MembershipConstants.EVENT_PROFILE_EDIT);
0340: Libresource.throwEvent(event);
0341:
0342: // indexation
0343: Libresource.index(uri);
0344: } catch (LibresourceSecurityException se) {
0345: ctx.setRollbackOnly();
0346: throw se;
0347: } catch (Exception e) {
0348: ctx.setRollbackOnly();
0349: throw new MembershipServiceException(
0350: "Error in editProfile : " + e.getMessage(), e);
0351: }
0352: }
0353:
0354: /**
0355: * @ejb.interface-method
0356: * @ejb.transaction type="Required"
0357: */
0358: public void changeProfileStatus(URI uri, int newStatus)
0359: throws MembershipServiceException,
0360: LibresourceSecurityException {
0361: try {
0362: KernelService kernelService = (KernelService) Libresource
0363: .getService(KernelConstants.SERVICE);
0364: LibresourceResourceIdentifier resourceIdentifier = kernelService
0365: .lookup(uri);
0366:
0367: if (!kernelService.isSuperUser()) {
0368: throw new LibresourceSecurityException(uri,
0369: KernelConstants.SECURITY_UPDATE);
0370: }
0371:
0372: ProfileResourceLocal profile = (ProfileResourceLocal) Libresource
0373: .findResource(resourceIdentifier,
0374: ProfileResourceLocal.class);
0375: profile.setAccountStatus(newStatus);
0376:
0377: // event
0378: LibresourceEvent event = new LibresourceEvent(uri,
0379: resourceIdentifier, kernelService
0380: .getConnectedResource(),
0381: MembershipConstants.EVENT_PROFILE_EDIT);
0382: Libresource.throwEvent(event);
0383:
0384: // indexation
0385: Libresource.index(uri);
0386: } catch (LibresourceSecurityException se) {
0387: ctx.setRollbackOnly();
0388: throw se;
0389: } catch (Exception e) {
0390: ctx.setRollbackOnly();
0391: throw new MembershipServiceException(
0392: "Error in changeProfileStatus : " + e.getMessage(),
0393: e);
0394: }
0395: }
0396:
0397: /**
0398: * @ejb.interface-method
0399: * @ejb.transaction type="Required"
0400: */
0401: public void setUserInfo(URI uri, String key, Object value)
0402: throws MembershipServiceException,
0403: LibresourceSecurityException {
0404: try {
0405: KernelService kernelService = (KernelService) Libresource
0406: .getService(KernelConstants.SERVICE);
0407: LibresourceResourceIdentifier resourceIdentifier = kernelService
0408: .lookup(uri);
0409:
0410: if (!kernelService.checkSecurity(uri,
0411: KernelConstants.SECURITY_UPDATE)) {
0412: throw new LibresourceSecurityException(uri,
0413: KernelConstants.SECURITY_UPDATE);
0414: }
0415:
0416: ProfileResourceLocal profile = (ProfileResourceLocal) Libresource
0417: .findResource(resourceIdentifier,
0418: ProfileResourceLocal.class);
0419: profile.setInfo(key, value);
0420:
0421: // update node
0422: kernelService.setUpdateDate(uri, new Date());
0423:
0424: // event
0425: LibresourceEvent event = new LibresourceEvent(uri,
0426: resourceIdentifier, kernelService
0427: .getConnectedResource(),
0428: MembershipConstants.EVENT_PROFILE_EDIT);
0429: Libresource.throwEvent(event);
0430: } catch (LibresourceSecurityException se) {
0431: ctx.setRollbackOnly();
0432: throw se;
0433: } catch (Exception e) {
0434: ctx.setRollbackOnly();
0435: throw new MembershipServiceException(
0436: "Error in setUserInfo : " + e.getMessage(), e);
0437: }
0438: }
0439:
0440: /**
0441: * @ejb.interface-method
0442: * @ejb.transaction type="Required"
0443: */
0444: public void removeUserInfo(URI uri, String key)
0445: throws MembershipServiceException,
0446: LibresourceSecurityException {
0447: try {
0448: KernelService kernelService = (KernelService) Libresource
0449: .getService(KernelConstants.SERVICE);
0450: LibresourceResourceIdentifier resourceIdentifier = kernelService
0451: .lookup(uri);
0452:
0453: if (!kernelService.checkSecurity(uri,
0454: KernelConstants.SECURITY_UPDATE)) {
0455: throw new LibresourceSecurityException(uri,
0456: KernelConstants.SECURITY_UPDATE);
0457: }
0458:
0459: ProfileResourceLocal profile = (ProfileResourceLocal) Libresource
0460: .findResource(resourceIdentifier,
0461: ProfileResourceLocal.class);
0462: profile.removeInfo(key);
0463:
0464: // update node
0465: kernelService.setUpdateDate(uri, new Date());
0466:
0467: // event
0468: LibresourceEvent event = new LibresourceEvent(uri,
0469: resourceIdentifier, kernelService
0470: .getConnectedResource(),
0471: MembershipConstants.EVENT_PROFILE_EDIT);
0472: Libresource.throwEvent(event);
0473: } catch (LibresourceSecurityException se) {
0474: ctx.setRollbackOnly();
0475: throw se;
0476: } catch (Exception e) {
0477: ctx.setRollbackOnly();
0478: throw new MembershipServiceException(
0479: "Error in removeUserInfo : " + e.getMessage(), e);
0480: }
0481: }
0482:
0483: /**
0484: * @ejb.interface-method
0485: * @ejb.transaction type="Required"
0486: */
0487: public void editGroup(URI uri, String name, String description)
0488: throws MembershipServiceException,
0489: LibresourceSecurityException, URINotExistException {
0490: try {
0491: KernelService kernelService = (KernelService) Libresource
0492: .getService(KernelConstants.SERVICE);
0493: LibresourceResourceIdentifier resourceIdentifier = kernelService
0494: .lookup(uri);
0495:
0496: if (!kernelService.checkSecurity(uri,
0497: KernelConstants.SECURITY_UPDATE)) {
0498: throw new LibresourceSecurityException(uri,
0499: KernelConstants.SECURITY_UPDATE);
0500: }
0501:
0502: GroupResourceLocal group = (GroupResourceLocal) Libresource
0503: .findResource(resourceIdentifier,
0504: GroupResourceLocal.class);
0505: group.setName(name);
0506: group.setDescription(description);
0507:
0508: // update node
0509: kernelService.setShortName(uri, name);
0510: kernelService.setUpdateDate(uri, new Date());
0511:
0512: // event
0513: LibresourceEvent event = new LibresourceEvent(uri,
0514: resourceIdentifier, kernelService
0515: .getConnectedResource(),
0516: MembershipConstants.EVENT_GROUP_EDIT);
0517: Libresource.throwEvent(event);
0518:
0519: // indexation
0520: Libresource.index(uri);
0521: } catch (LibresourceSecurityException se) {
0522: ctx.setRollbackOnly();
0523: throw se;
0524: } catch (URINotExistException se) {
0525: ctx.setRollbackOnly();
0526: throw se;
0527: } catch (Exception e) {
0528: ctx.setRollbackOnly();
0529: throw new MembershipServiceException(
0530: "Error in editGroup : " + e.getMessage(), e);
0531: }
0532: }
0533:
0534: /**
0535: * @ejb.interface-method
0536: * @ejb.transaction type="Required"
0537: */
0538: public void editLDAPGroup(URI uri, String name, String description,
0539: String serverURL, String ldapGroupDefinition, String field,
0540: String userID) throws MembershipServiceException,
0541: LibresourceSecurityException, URINotExistException {
0542: editLDAPGroup(uri, name, description, serverURL,
0543: ldapGroupDefinition, field, userID, false, null, null);
0544: }
0545:
0546: /**
0547: * @ejb.interface-method
0548: * @ejb.transaction type="Required"
0549: */
0550: public void editLDAPGroup(URI uri, String name, String description,
0551: String serverURL, String ldapGroupDefinition, String field,
0552: String userID, boolean secured)
0553: throws MembershipServiceException,
0554: LibresourceSecurityException, URINotExistException {
0555: editLDAPGroup(uri, name, description, serverURL,
0556: ldapGroupDefinition, field, userID, secured, null, null);
0557: }
0558:
0559: /**
0560: * @ejb.interface-method
0561: * @ejb.transaction type="Required"
0562: */
0563: public void editLDAPGroup(URI uri, String name, String description,
0564: String serverURL, String ldapGroupDefinition, String field,
0565: String userID, boolean secured, String dnBind,
0566: String passBind) throws MembershipServiceException,
0567: LibresourceSecurityException, URINotExistException {
0568: try {
0569: KernelService kernelService = (KernelService) Libresource
0570: .getService(KernelConstants.SERVICE);
0571: LibresourceResourceIdentifier resourceIdentifier = kernelService
0572: .lookup(uri);
0573:
0574: if (!kernelService.checkSecurity(uri,
0575: KernelConstants.SECURITY_UPDATE)) {
0576: throw new LibresourceSecurityException(uri,
0577: KernelConstants.SECURITY_UPDATE);
0578: }
0579:
0580: LDAPGroupResourceLocal group = (LDAPGroupResourceLocal) Libresource
0581: .findResource(resourceIdentifier,
0582: LDAPGroupResourceLocal.class);
0583: group.setName(name);
0584: group.setDescription(description);
0585: group.setLDAPServerURL(serverURL);
0586: group.setLDAPGroupDefinition(ldapGroupDefinition);
0587: group.setField(field);
0588: group.setUserID(userID);
0589:
0590: group.setConnectionSecured(secured);
0591: group.setDNBind(dnBind);
0592: group.setPasswordBind(passBind);
0593:
0594: // update node
0595: kernelService.setShortName(uri, name);
0596: kernelService.setUpdateDate(uri, new Date());
0597:
0598: // event
0599: LibresourceEvent event = new LibresourceEvent(uri,
0600: resourceIdentifier, kernelService
0601: .getConnectedResource(),
0602: MembershipConstants.EVENT_GROUP_EDIT);
0603: Libresource.throwEvent(event);
0604:
0605: // indexation
0606: Libresource.index(uri);
0607: } catch (LibresourceSecurityException se) {
0608: ctx.setRollbackOnly();
0609: throw se;
0610: } catch (URINotExistException se) {
0611: ctx.setRollbackOnly();
0612: throw se;
0613: } catch (Exception e) {
0614: ctx.setRollbackOnly();
0615: throw new MembershipServiceException(
0616: "Error in editGroup : " + e.getMessage(), e);
0617: }
0618: }
0619:
0620: /**
0621: * @ejb.interface-method
0622: * @ejb.transaction type="Required"
0623: */
0624: public void deleteGroup(URI uri) throws MembershipServiceException,
0625: LibresourceSecurityException, URINotExistException {
0626: try {
0627: KernelService kernelService = (KernelService) Libresource
0628: .getService(KernelConstants.SERVICE);
0629: LibresourceResourceIdentifier resourceIdentifier = kernelService
0630: .lookup(uri);
0631:
0632: Libresource.checkType(resourceIdentifier,
0633: GroupResourceLocal.class);
0634: kernelService.deleteURI(uri);
0635:
0636: // event
0637: LibresourceEvent event = new LibresourceEvent(uri,
0638: resourceIdentifier, kernelService
0639: .getConnectedResource(),
0640: MembershipConstants.EVENT_GROUP_EDIT);
0641: Libresource.throwEvent(event);
0642: } catch (LibresourceSecurityException se) {
0643: ctx.setRollbackOnly();
0644: throw se;
0645: } catch (URINotExistException se) {
0646: ctx.setRollbackOnly();
0647: throw se;
0648: } catch (Exception e) {
0649: ctx.setRollbackOnly();
0650: throw new MembershipServiceException(
0651: "Error in deleteGroup : " + e.getMessage(), e);
0652: }
0653: }
0654:
0655: /**
0656: * @ejb.interface-method
0657: * @ejb.transaction type="Required"
0658: */
0659: public void deleteLDAPGroup(URI uri)
0660: throws MembershipServiceException,
0661: LibresourceSecurityException, URINotExistException {
0662: try {
0663: KernelService kernelService = (KernelService) Libresource
0664: .getService(KernelConstants.SERVICE);
0665: LibresourceResourceIdentifier resourceIdentifier = kernelService
0666: .lookup(uri);
0667:
0668: Libresource.checkType(resourceIdentifier,
0669: LDAPGroupResourceLocal.class);
0670: kernelService.deleteURI(uri);
0671:
0672: // event
0673: LibresourceEvent event = new LibresourceEvent(uri,
0674: resourceIdentifier, kernelService
0675: .getConnectedResource(),
0676: MembershipConstants.EVENT_GROUP_DELETE);
0677: Libresource.throwEvent(event);
0678: } catch (LibresourceSecurityException se) {
0679: ctx.setRollbackOnly();
0680: throw se;
0681: } catch (URINotExistException se) {
0682: ctx.setRollbackOnly();
0683: throw se;
0684: } catch (Exception e) {
0685: ctx.setRollbackOnly();
0686: throw new MembershipServiceException(
0687: "Error in deleteGroup : " + e.getMessage(), e);
0688: }
0689: }
0690:
0691: /**
0692: * @ejb.interface-method
0693: * @ejb.transaction type="Supports"
0694: */
0695: public LibresourceResourceValue[] listMembers(URI groupUri)
0696: throws MembershipServiceException,
0697: LibresourceSecurityException, URINotExistException {
0698: try {
0699: KernelService kernelService = (KernelService) Libresource
0700: .getService(KernelConstants.SERVICE);
0701: LibresourceResourceIdentifier resourceIdentifier = kernelService
0702: .lookup(groupUri);
0703: Vector members = new Vector();
0704: URI memberUri = null;
0705:
0706: if (resourceIdentifier.getResourceType().equals(
0707: MembershipConstants.RESOURCE_GROUP)) {
0708: GroupResourceLocal group = (GroupResourceLocal) Libresource
0709: .findResource(resourceIdentifier,
0710: GroupResourceLocal.class);
0711: String[] memberIds = group.getMembers();
0712:
0713: for (int i = 0; i < memberIds.length; i++) {
0714: String memberId = memberIds[i];
0715:
0716: if (memberId.startsWith("User:")) {
0717: memberUri = kernelService.normalizeURI(new URI(
0718: getUsersRootURI().getPath() + "/"
0719: + memberId.substring(5)));
0720: } else if (memberId.startsWith("Group:")) {
0721: try {
0722: memberUri = new URI(memberId.substring(6));
0723:
0724: // memberUri = kernelService.getMyURI(new
0725: // LibresourceResourceIdentifier("Membership",
0726: // "Group",
0727: // memberId.substring(6)));
0728: } catch (Exception e) {
0729: //
0730: }
0731: }
0732:
0733: try {
0734: members.add(kernelService
0735: .getResource(memberUri));
0736: } catch (Exception e) {
0737: //
0738: }
0739: }
0740: } else if (resourceIdentifier.getResourceType().equals(
0741: MembershipConstants.RESOURCE_LDAPGROUP)) {
0742: LDAPGroupResourceLocal group = (LDAPGroupResourceLocal) Libresource
0743: .findResource(resourceIdentifier,
0744: LDAPGroupResourceLocal.class);
0745: Collection logins = listLDAPMember(group);
0746:
0747: for (Iterator loginIterator = logins.iterator(); loginIterator
0748: .hasNext();) {
0749: memberUri = kernelService.normalizeURI(new URI(
0750: getUsersRootURI().getPath() + "/"
0751: + loginIterator.next()));
0752:
0753: try {
0754: members.add(kernelService
0755: .getResource(memberUri));
0756: } catch (Exception e) {
0757: }
0758: }
0759: }
0760:
0761: LibresourceResourceValue[] result = new LibresourceResourceValue[members
0762: .size()];
0763:
0764: for (int i = 0; i < members.size(); i++) {
0765: result[i] = (LibresourceResourceValue) members.get(i);
0766: }
0767:
0768: return result;
0769: } catch (LibresourceSecurityException se) {
0770: throw se;
0771: } catch (URINotExistException se) {
0772: throw se;
0773: } catch (Exception e) {
0774: throw new MembershipServiceException(
0775: "Error in listMembers : " + e.getMessage(), e);
0776: }
0777: }
0778:
0779: /**
0780: * @ejb.interface-method
0781: * @ejb.transaction type="Required"
0782: */
0783: public void addMemberInGroup(URI groupURI, URI memberUri)
0784: throws MembershipServiceException,
0785: LibresourceSecurityException, URINotExistException {
0786: try {
0787: KernelService kernelService = (KernelService) Libresource
0788: .getService(KernelConstants.SERVICE);
0789: LibresourceResourceIdentifier groupResourceIdentifier = kernelService
0790: .lookup(groupURI);
0791:
0792: if (!kernelService.checkSecurity(groupURI,
0793: KernelConstants.SECURITY_UPDATE)) {
0794: throw new LibresourceSecurityException(groupURI,
0795: KernelConstants.SECURITY_UPDATE);
0796: }
0797:
0798: LibresourceResourceIdentifier memberResourceIdentifier = null;
0799:
0800: try {
0801: memberResourceIdentifier = kernelService
0802: .systemLookup(memberUri);
0803: } catch (Exception e) {
0804: throw new URINotExistException(memberUri);
0805: }
0806:
0807: GroupResourceLocal groupResourceLocal = (GroupResourceLocal) Libresource
0808: .findResource(groupResourceIdentifier,
0809: GroupResourceLocal.class);
0810:
0811: if (memberResourceIdentifier == null) {
0812: throw new MembershipServiceException("Invalid URI");
0813: }
0814:
0815: if (!memberResourceIdentifier.getService().equals(
0816: MembershipConstants.SERVICE)) {
0817: throw new MembershipServiceException(
0818: "Only User and Group can be member of a group");
0819: }
0820:
0821: String memberId = "";
0822:
0823: if (memberResourceIdentifier.getResourceType().equals(
0824: MembershipConstants.RESOURCE_PROFILE)) {
0825: memberId = "User:"
0826: + memberResourceIdentifier.getResourceId();
0827: } else {
0828: memberId = "Group:" + memberUri.getPath();
0829: }
0830:
0831: groupResourceLocal.addMember(memberId);
0832:
0833: // update node
0834: kernelService.setUpdateDate(groupURI, new Date());
0835:
0836: // event
0837: LibresourceEvent event = new LibresourceEvent(groupURI,
0838: groupResourceIdentifier, kernelService
0839: .getConnectedResource(),
0840: MembershipConstants.EVENT_GROUP_ADDMEMBER, memberId);
0841: Libresource.throwEvent(event);
0842: } catch (LibresourceSecurityException se) {
0843: ctx.setRollbackOnly();
0844: throw se;
0845: } catch (URINotExistException se) {
0846: ctx.setRollbackOnly();
0847: throw se;
0848: } catch (Exception e) {
0849: ctx.setRollbackOnly();
0850: throw new MembershipServiceException(
0851: "Error in addMemberInGroup : " + e.getMessage(), e);
0852: }
0853: }
0854:
0855: /**
0856: * @ejb.interface-method
0857: * @ejb.transaction type="Required"
0858: */
0859: public void removeMemberFromGroup(URI groupURI, URI memberUri)
0860: throws MembershipServiceException,
0861: LibresourceSecurityException, URINotExistException {
0862: try {
0863: KernelService kernelService = (KernelService) Libresource
0864: .getService(KernelConstants.SERVICE);
0865: LibresourceResourceIdentifier groupResourceIdentifier = kernelService
0866: .lookup(groupURI);
0867: LibresourceResourceIdentifier memberResourceIdentifier = kernelService
0868: .systemLookup(memberUri);
0869:
0870: if (!kernelService.checkSecurity(groupURI,
0871: KernelConstants.SECURITY_UPDATE)) {
0872: throw new LibresourceSecurityException(groupURI,
0873: KernelConstants.SECURITY_UPDATE);
0874: }
0875:
0876: GroupResourceLocal groupResourceLocal = (GroupResourceLocal) Libresource
0877: .findResource(groupResourceIdentifier,
0878: GroupResourceLocal.class);
0879:
0880: if (!memberResourceIdentifier.getService().equals(
0881: MembershipConstants.SERVICE)) {
0882: throw new MembershipServiceException(
0883: "Only User and Group can be member of a group");
0884: }
0885:
0886: String memberId = "";
0887:
0888: if (memberResourceIdentifier.getResourceType().equals(
0889: MembershipConstants.RESOURCE_PROFILE)) {
0890: memberId = "User:"
0891: + memberResourceIdentifier.getResourceId();
0892: } else {
0893: memberId = "Group:" + memberUri.getPath();
0894: }
0895:
0896: groupResourceLocal.removeMember(memberId);
0897:
0898: // update node
0899: kernelService.setUpdateDate(groupURI, new Date());
0900:
0901: // event
0902: LibresourceEvent event = new LibresourceEvent(groupURI,
0903: groupResourceIdentifier, kernelService
0904: .getConnectedResource(),
0905: MembershipConstants.EVENT_GROUP_REMOVEMEMBER,
0906: memberId);
0907: Libresource.throwEvent(event);
0908: } catch (LibresourceSecurityException se) {
0909: ctx.setRollbackOnly();
0910: throw se;
0911: } catch (URINotExistException se) {
0912: ctx.setRollbackOnly();
0913: throw se;
0914: } catch (Exception e) {
0915: ctx.setRollbackOnly();
0916: throw new MembershipServiceException(
0917: "Error in removeMemberFromGroup : "
0918: + e.getMessage(), e);
0919: }
0920: }
0921:
0922: /**
0923: * @ejb.interface-method
0924: * @ejb.transaction type="Supports"
0925: */
0926: public boolean isUserInGroup(URI groupURI, URI userURI)
0927: throws MembershipServiceException,
0928: LibresourceSecurityException, URINotExistException {
0929: try {
0930: KernelService kernelService = (KernelService) Libresource
0931: .getService(KernelConstants.SERVICE);
0932: LibresourceResourceIdentifier groupResourceIdentifier = kernelService
0933: .lookup(groupURI);
0934: LibresourceResourceIdentifier userResourceIdentifier = kernelService
0935: .lookup(userURI);
0936:
0937: // GroupResourceLocal groupResourceLocal = (GroupResourceLocal)
0938: // Libresource.findResource(groupResourceIdentifier,
0939: // GroupResourceLocal.class);
0940: if (!userResourceIdentifier.getService().equals(
0941: MembershipConstants.SERVICE)
0942: || !userResourceIdentifier
0943: .getResourceType()
0944: .equals(
0945: MembershipConstants.RESOURCE_PROFILE)) {
0946: throw new MembershipServiceException("No user at uri "
0947: + userURI);
0948: }
0949:
0950: String userId = userResourceIdentifier.getResourceId();
0951:
0952: return isMember(userId, groupURI, new Vector());
0953: } catch (LibresourceSecurityException se) {
0954: throw se;
0955: } catch (URINotExistException se) {
0956: throw se;
0957: } catch (Exception e) {
0958: throw new MembershipServiceException(
0959: "Error in isUserInGroup : " + e.getMessage(), e);
0960: }
0961: }
0962:
0963: private boolean isMember(String userId, URI groupUri,
0964: Vector cycleDetection) throws Exception {
0965: try {
0966: KernelService kernelService = (KernelService) Libresource
0967: .getService(KernelConstants.SERVICE);
0968: GroupResourceLocal group = (GroupResourceLocal) Libresource
0969: .findResource(kernelService
0970: .systemLookup(kernelService
0971: .normalizeAbsoluteURIPath(groupUri)));
0972:
0973: cycleDetection.add(group.getId());
0974:
0975: if (groupUri.getPath().equals(
0976: getAllAuthentifiedUserGroupURI().getPath())
0977: && !userId.equals(getUnauthentifiedUserId())) {
0978: return true;
0979: }
0980:
0981: if (group.isMember("User:" + userId)
0982: || group.isMember("User:"
0983: + getUnauthentifiedUserId())) {
0984: return true;
0985: }
0986:
0987: for (Iterator i = group.getGroups().iterator(); i.hasNext();) {
0988: URI grpUri = (URI) i.next();
0989: GroupResourceLocal groupResourceLocal = (GroupResourceLocal) Libresource
0990: .findResource(kernelService
0991: .systemLookup(kernelService
0992: .normalizeURI(grpUri)));
0993:
0994: if (!cycleDetection
0995: .contains(groupResourceLocal.getId())
0996: && isMember(userId, grpUri, cycleDetection)) {
0997: return true;
0998: }
0999: }
1000:
1001: return false;
1002: } catch (URINotExistException e) {
1003: return false;
1004: }
1005: }
1006:
1007: /**
1008: * @ejb.interface-method
1009: * @ejb.transaction type="Supports"
1010: */
1011: public ProfileResourceValue getProfile(URI uri)
1012: throws MembershipServiceException,
1013: LibresourceSecurityException, URINotExistException {
1014: try {
1015: KernelService kernelService = (KernelService) Libresource
1016: .getService(KernelConstants.SERVICE);
1017: LibresourceResourceIdentifier resourceIdentifier = kernelService
1018: .lookup(uri);
1019: ProfileResourceLocal profileResourceLocal = (ProfileResourceLocal) Libresource
1020: .findResource(resourceIdentifier,
1021: ProfileResourceLocal.class);
1022: ProfileResourceValue resourceValue = profileResourceLocal
1023: .getProfileResourceValue();
1024:
1025: if ((resourceValue.getFullName() == null)
1026: || (resourceValue.getFullName().trim().length() == 0)) {
1027: resourceValue.setFullName(resourceValue.getId());
1028: }
1029:
1030: resourceValue.setUri(kernelService.normalizeURI(uri));
1031:
1032: return resourceValue;
1033: } catch (LibresourceSecurityException se) {
1034: throw se;
1035: } catch (URINotExistException se) {
1036: throw se;
1037: } catch (Exception e) {
1038: throw new MembershipServiceException(
1039: "Error in getProfile : " + e.getMessage(), e);
1040: }
1041: }
1042:
1043: /**
1044: * @ejb.interface-method
1045: * @ejb.transaction type="Supports"
1046: */
1047: public ProfileResourceValue systemGetProfile(URI uri)
1048: throws MembershipServiceException,
1049: LibresourceSecurityException, URINotExistException {
1050: try {
1051: KernelService kernelService = (KernelService) Libresource
1052: .getService(KernelConstants.SERVICE);
1053: LibresourceResourceIdentifier resourceIdentifier = kernelService
1054: .systemLookup(uri);
1055: ProfileResourceLocal profileResourceLocal = (ProfileResourceLocal) Libresource
1056: .findResource(resourceIdentifier,
1057: ProfileResourceLocal.class);
1058: ProfileResourceValue resourceValue = profileResourceLocal
1059: .getProfileResourceValue();
1060: resourceValue.setUri(kernelService.normalizeURI(uri));
1061:
1062: return resourceValue;
1063: } catch (LibresourceSecurityException se) {
1064: throw se;
1065: } catch (URINotExistException se) {
1066: throw se;
1067: } catch (Exception e) {
1068: throw new MembershipServiceException(
1069: "Error in systemGetProfile : " + e.getMessage(), e);
1070: }
1071: }
1072:
1073: /**
1074: * @ejb.interface-method
1075: * @ejb.transaction type="Supports"
1076: */
1077: public String systemGetUserPassword(URI uri)
1078: throws LibresourceException, URINotExistException {
1079: Connection conn = null;
1080: Statement stmt = null;
1081:
1082: try {
1083: getConnectionForUsers();
1084: conn = Libresource.getDatasource().getConnection();
1085: stmt = conn.createStatement();
1086:
1087: ResultSet rs = stmt
1088: .executeQuery("SELECT passworddigest_ FROM casusers_ WHERE username_='"
1089: + UriManager.getPathName(uri) + "';");
1090:
1091: if (!rs.next()) {
1092: throw new URINotExistException(
1093: "Username does not exists !");
1094: }
1095:
1096: return rs.getString("passworddigest_");
1097: } catch (Exception e) {
1098: throw new LibresourceException(e.getMessage());
1099: } finally {
1100: try {
1101: if (stmt != null) {
1102: stmt.close();
1103: }
1104: } catch (Exception e) {
1105: }
1106:
1107: try {
1108: if (conn != null) {
1109: conn.close();
1110: }
1111: } catch (Exception e) {
1112: }
1113: }
1114: }
1115:
1116: /**
1117: * @ejb.interface-method
1118: * @ejb.transaction type="Supports"
1119: */
1120: public ProfileResourceValue getProfile()
1121: throws MembershipServiceException,
1122: LibresourceSecurityException, URINotExistException {
1123: try {
1124: KernelService kernelService = (KernelService) Libresource
1125: .getService(KernelConstants.SERVICE);
1126:
1127: return systemGetProfile(kernelService
1128: .getConnectedResource());
1129: } catch (LibresourceSecurityException se) {
1130: throw se;
1131: } catch (URINotExistException se) {
1132: throw se;
1133: } catch (Exception e) {
1134: throw new MembershipServiceException(
1135: "Error in getProfile : " + e.getMessage(), e);
1136: }
1137: }
1138:
1139: /**
1140: * @ejb.interface-method
1141: * @ejb.transaction type="Supports"
1142: */
1143: public ProfileResourceValue getProfile(String userId)
1144: throws MembershipServiceException,
1145: LibresourceSecurityException, URINotExistException {
1146: try {
1147: return getProfile(new URI(getUsersRootURI() + "/" + userId));
1148: } catch (LibresourceSecurityException se) {
1149: throw se;
1150: } catch (URINotExistException se) {
1151: throw se;
1152: } catch (Exception e) {
1153: throw new MembershipServiceException(
1154: "Error in getProfile : " + e.getMessage(), e);
1155: }
1156: }
1157:
1158: /**
1159: * @ejb.interface-method
1160: * @ejb.transaction type="Supports"
1161: */
1162: public Vector listUsers() throws MembershipServiceException,
1163: LibresourceSecurityException, URINotExistException {
1164: try {
1165: KernelService kernelService = (KernelService) Libresource
1166: .getService(KernelConstants.SERVICE);
1167: URI[] usersUris = kernelService
1168: .listChildren(getUsersRootURI());
1169: Vector users = new Vector();
1170:
1171: for (int i = 0; i < usersUris.length; i++) {
1172: try {
1173: ProfileResourceValue profile = getProfile(usersUris[i]);
1174: users.add(profile);
1175: } catch (Exception e) {
1176: //
1177: }
1178: }
1179:
1180: return users;
1181: } catch (LibresourceSecurityException se) {
1182: throw se;
1183: } catch (URINotExistException se) {
1184: throw se;
1185: } catch (Exception e) {
1186: throw new MembershipServiceException(
1187: "Error in listUsers : " + e.getMessage(), e);
1188: }
1189: }
1190:
1191: // TODO check in mailing list
1192: // /**
1193: // * @ejb.interface-method
1194: // * @ejb.transaction type="Supports"
1195: // */
1196: // public String getUserName(String userMail) throws
1197: // MembershipServiceException, LibresourceSecurityException,
1198: // URINotExistException {
1199: // try {
1200: // return
1201: // InternalUserBaseUtil.getLocalHome().create().getUserName(userMail);
1202: // } catch (LibresourceSecurityException se) {
1203: // throw se;
1204: // } catch (URINotExistException se) {
1205: // throw se;
1206: // } catch (Exception e) {
1207: // throw new MembershipServiceException("Error in getUserName : " +
1208: // e.getMessage(), e);
1209: // }
1210: // }
1211:
1212: /**
1213: * @ejb.interface-method
1214: * @ejb.transaction type="Supports"
1215: */
1216: public GroupResourceValue systemGetGroup(URI uri)
1217: throws MembershipServiceException,
1218: LibresourceSecurityException, URINotExistException {
1219: try {
1220: KernelService kernelService = (KernelService) Libresource
1221: .getService(KernelConstants.SERVICE);
1222: LibresourceResourceIdentifier resourceIdentifier = kernelService
1223: .systemLookup(uri);
1224: GroupResourceLocal groupResourceLocal = (GroupResourceLocal) Libresource
1225: .findResource(resourceIdentifier,
1226: GroupResourceLocal.class);
1227: GroupResourceValue resourceValue = groupResourceLocal
1228: .getGroupResourceValue();
1229: resourceValue.setUri(kernelService.normalizeURI(uri));
1230:
1231: return resourceValue;
1232: } catch (LibresourceSecurityException se) {
1233: throw se;
1234: } catch (URINotExistException se) {
1235: throw se;
1236: } catch (Exception e) {
1237: throw new MembershipServiceException("Error in getGroup : "
1238: + e.getMessage(), e);
1239: }
1240: }
1241:
1242: /**
1243: * @ejb.interface-method
1244: * @ejb.transaction type="Required"
1245: */
1246: public void systemCreateProfile(String userId, String userName,
1247: String userEmail, String userJabberId, HashMap userInfos)
1248: throws MembershipServiceException,
1249: LibresourceSecurityException {
1250: try {
1251: if (!userId.matches("[A-Za-z0-9]+")) {
1252: throw new Exception(
1253: "invalid user id (userId should match [A-Za-z0-9])");
1254: }
1255:
1256: ProfileResourceLocal profileResourceLocal = ProfileResourceUtil
1257: .getLocalHome().create(userId, userName, userEmail,
1258: userJabberId, userInfos);
1259: KernelService kernelService = (KernelService) Libresource
1260: .getService(KernelConstants.SERVICE);
1261:
1262: URI profileUri = new URI(getUsersRootURI().getPath() + "/"
1263: + userId);
1264: kernelService.systemBind(profileResourceLocal
1265: .getLibresourceResourceIdentifier(), profileUri,
1266: userName);
1267: kernelService.systemCopyAcl(getUsersRootURI(), profileUri);
1268: kernelService.systemCreateAcl(profileUri, profileUri,
1269: new String[] { KernelConstants.SECURITY_READ,
1270: KernelConstants.SECURITY_UPDATE });
1271:
1272: // event
1273: LibresourceEvent event = new LibresourceEvent(profileUri,
1274: profileResourceLocal
1275: .getLibresourceResourceIdentifier(),
1276: kernelService.getConnectedResource(),
1277: MembershipConstants.EVENT_PROFILE_CREATE);
1278: Libresource.throwEvent(event);
1279: } catch (LibresourceSecurityException se) {
1280: ctx.setRollbackOnly();
1281: throw se;
1282: } catch (Exception e) {
1283: ctx.setRollbackOnly();
1284: throw new MembershipServiceException(
1285: "Error in systemCreateProfile : " + e.getMessage(),
1286: e);
1287: }
1288: }
1289:
1290: /**
1291: * @ejb.interface-method
1292: * @ejb.transaction type="Supports"
1293: */
1294: public GroupResourceValue getGroup(URI uri)
1295: throws MembershipServiceException,
1296: LibresourceSecurityException, URINotExistException {
1297: try {
1298: KernelService kernelService = (KernelService) Libresource
1299: .getService(KernelConstants.SERVICE);
1300: LibresourceResourceIdentifier resourceIdentifier = kernelService
1301: .lookup(uri);
1302: GroupResourceLocal groupResourceLocal = (GroupResourceLocal) Libresource
1303: .findResource(resourceIdentifier,
1304: GroupResourceLocal.class);
1305: GroupResourceValue resourceValue = groupResourceLocal
1306: .getGroupResourceValue();
1307: resourceValue.setUri(kernelService.normalizeURI(uri));
1308:
1309: return resourceValue;
1310: } catch (LibresourceSecurityException se) {
1311: throw se;
1312: } catch (URINotExistException se) {
1313: throw se;
1314: } catch (Exception e) {
1315: throw new MembershipServiceException("Error in getGroup : "
1316: + e.getMessage(), e);
1317: }
1318: }
1319:
1320: /**
1321: * @ejb.interface-method
1322: * @ejb.transaction type="Supports"
1323: */
1324: public LDAPGroupResourceValue getLDAPGroup(URI uri)
1325: throws MembershipServiceException,
1326: LibresourceSecurityException, URINotExistException {
1327: try {
1328: KernelService kernelService = (KernelService) Libresource
1329: .getService(KernelConstants.SERVICE);
1330: LibresourceResourceIdentifier resourceIdentifier = kernelService
1331: .lookup(uri);
1332: LDAPGroupResourceLocal groupResourceLocal = (LDAPGroupResourceLocal) Libresource
1333: .findResource(resourceIdentifier,
1334: LDAPGroupResourceLocal.class);
1335: LDAPGroupResourceValue resourceValue = groupResourceLocal
1336: .getLDAPGroupResourceValue();
1337: resourceValue.setUri(kernelService.normalizeURI(uri));
1338:
1339: return resourceValue;
1340: } catch (LibresourceSecurityException se) {
1341: throw se;
1342: } catch (URINotExistException se) {
1343: throw se;
1344: } catch (Exception e) {
1345: throw new MembershipServiceException(
1346: "Error in getLDAPGroup : " + e.getMessage(), e);
1347: }
1348: }
1349:
1350: // libresource service
1351:
1352: /**
1353: * @ejb.interface-method
1354: * @ejb.transaction type="Supports"
1355: */
1356: public boolean canMapResourceForSecurity(URI connectedUri, URI toUri)
1357: throws LibresourceException {
1358: try {
1359: KernelService kernelService = (KernelService) Libresource
1360: .getService(KernelConstants.SERVICE);
1361: LibresourceResourceIdentifier connectedResourceIdentifier = kernelService
1362: .systemLookup(connectedUri);
1363: LibresourceResourceIdentifier toResourceIdentifier = kernelService
1364: .systemLookup(toUri);
1365:
1366: if (connectedResourceIdentifier.getService().equals(
1367: MembershipConstants.SERVICE)
1368: && connectedResourceIdentifier
1369: .getResourceType()
1370: .equals(
1371: MembershipConstants.RESOURCE_PROFILE)) {
1372: String userId = connectedResourceIdentifier
1373: .getResourceId();
1374:
1375: if (toResourceIdentifier == null) {
1376: return false;
1377: }
1378:
1379: if (toResourceIdentifier.getService().equals(
1380: MembershipConstants.SERVICE)
1381: && toResourceIdentifier
1382: .getResourceType()
1383: .equals(
1384: MembershipConstants.RESOURCE_PROFILE)) {
1385: return connectedResourceIdentifier
1386: .equals(toResourceIdentifier)
1387: || toResourceIdentifier.getResourceId()
1388: .equals(getUnauthentifiedUserId());
1389: } else if (toResourceIdentifier.getService().equals(
1390: MembershipConstants.SERVICE)
1391: && toResourceIdentifier
1392: .getResourceType()
1393: .equals(
1394: MembershipConstants.RESOURCE_GROUP)) {
1395: // GroupResourceLocal groupResourceLocal =
1396: // (GroupResourceLocal)
1397: // Libresource.findResource(toResourceIdentifier);
1398: return isMember(userId, toUri, new Vector());
1399: } else if (toResourceIdentifier.getService().equals(
1400: MembershipConstants.SERVICE)
1401: && toResourceIdentifier
1402: .getResourceType()
1403: .equals(
1404: MembershipConstants.RESOURCE_LDAPGROUP)) {
1405: // Check if user in LDAP group
1406: // FIXME LDAP
1407: LDAPGroupResourceLocal ldapGroup = (LDAPGroupResourceLocal) Libresource
1408: .findResource(toResourceIdentifier);
1409: System.out.println("==> userid= " + userId);
1410:
1411: return isLDAPMember(userId, ldapGroup);
1412: }
1413: }
1414:
1415: if (connectedResourceIdentifier.getService().equals(
1416: MembershipConstants.SERVICE)
1417: && connectedResourceIdentifier.getResourceType()
1418: .equals(MembershipConstants.RESOURCE_GROUP)) {
1419: if (toResourceIdentifier == null) {
1420: return false;
1421: }
1422:
1423: if (toResourceIdentifier.getService().equals(
1424: MembershipConstants.SERVICE)
1425: && toResourceIdentifier
1426: .getResourceType()
1427: .equals(
1428: MembershipConstants.RESOURCE_GROUP)) {
1429: return connectedResourceIdentifier
1430: .equals(toResourceIdentifier);
1431: }
1432: }
1433:
1434: return false;
1435: } catch (Exception e) {
1436: throw new LibresourceException(
1437: "error in MembershipService.canMapConnectedResource("
1438: + connectedUri + "," + toUri + ")", e);
1439: }
1440: }
1441:
1442: /**
1443: * @ejb.interface-method
1444: * @ejb.transaction type="Supports"
1445: */
1446: public LibresourceIndexableContent getIndexableContent(
1447: LibresourceResourceIdentifier resourceIdentifier)
1448: throws LibresourceException {
1449: try {
1450: LibresourceIndexableContent content = new LibresourceIndexableContent();
1451:
1452: try {
1453: Libresource.checkType(resourceIdentifier,
1454: ProfileResourceLocal.class);
1455:
1456: ProfileResourceLocal profile = (ProfileResourceLocal) Libresource
1457: .findResource(resourceIdentifier);
1458: content.addContentPart(profile.getId());
1459: content.addContentPart(profile.getFullName());
1460: content.addContentPart(profile.getEmail());
1461: content.addContentPart(profile.getJabberId());
1462: } catch (LibresourceException e) {
1463: //
1464: }
1465:
1466: try {
1467: Libresource.checkType(resourceIdentifier,
1468: GroupResourceLocal.class);
1469:
1470: GroupResourceLocal groupResourceLocal = (GroupResourceLocal) Libresource
1471: .findResource(resourceIdentifier);
1472: content.addContentPart(groupResourceLocal.getName());
1473: content.addContentPart(groupResourceLocal
1474: .getDescription());
1475: } catch (LibresourceException e) {
1476: //
1477: }
1478:
1479: return content;
1480: } catch (Exception e) {
1481: throw new LibresourceException(
1482: "error in Membership.getIndexableContent("
1483: + resourceIdentifier + ")", e);
1484: }
1485: }
1486:
1487: /**
1488: * @ejb.interface-method
1489: * @ejb.transaction type="Supports"
1490: */
1491: public LibresourceExportHandler getXmlExportHandlerForResource(
1492: URI uri) throws LibresourceException {
1493: try {
1494: KernelService kernelService = (KernelService) Libresource
1495: .getService(KernelConstants.SERVICE);
1496: LibresourceResourceIdentifier resourceIdentifier = kernelService
1497: .lookup(uri);
1498:
1499: try {
1500: Libresource.checkType(resourceIdentifier,
1501: GroupResourceLocal.class);
1502:
1503: GroupExportHandler exportHandler = new GroupExportHandler(
1504: uri);
1505:
1506: return exportHandler;
1507: } catch (Exception e) {
1508: //
1509: }
1510:
1511: try {
1512: Libresource.checkType(resourceIdentifier,
1513: ProfileResourceLocal.class);
1514:
1515: ProfileExportHandler exportHandler = new ProfileExportHandler(
1516: uri);
1517:
1518: return exportHandler;
1519: } catch (Exception e) {
1520: //
1521: }
1522:
1523: return super .getXmlExportHandlerForResource(uri);
1524: } catch (Exception e) {
1525: throw new LibresourceException(
1526: "Can't obtain exportHandler for uri " + uri, e);
1527: }
1528: }
1529:
1530: /**
1531: * @ejb.interface-method
1532: * @ejb.transaction type="Supports"
1533: */
1534: public LibresourceImportHandler getXmlImportHandler(String type)
1535: throws LibresourceException {
1536: if (type.equals(MembershipConstants.RESOURCE_GROUP)) {
1537: return new GroupImportHandler();
1538: }
1539:
1540: if (type.equals(MembershipConstants.RESOURCE_PROFILE)) {
1541: return new ProfileImportHandler();
1542: }
1543:
1544: return super .getXmlImportHandler(type);
1545: }
1546:
1547: /**
1548: * @ejb.interface-method
1549: * @ejb.transaction type="Supports"
1550: */
1551: public String[] listAvailablesPermissions(
1552: LibresourceResourceIdentifier resourceIdentifier)
1553: throws LibresourceException {
1554: if (resourceIdentifier.getService().equals(
1555: MembershipConstants.SERVICE)
1556: && resourceIdentifier.getResourceType().equals(
1557: MembershipConstants.RESOURCE_PROFILE)) {
1558: return null;
1559: }
1560:
1561: return super .listAvailablesPermissions(resourceIdentifier);
1562: }
1563:
1564: /**
1565: * @ejb.interface-method
1566: * @ejb.transaction type="Supports"
1567: */
1568: public String[] listAvailablesEvents(
1569: LibresourceResourceIdentifier resourceIdentifier)
1570: throws LibresourceException {
1571: if (resourceIdentifier.getService().equals(
1572: MembershipConstants.SERVICE)) {
1573: if (resourceIdentifier.getResourceType().equals(
1574: MembershipConstants.RESOURCE_GROUP)) {
1575: return new String[] {
1576: MembershipConstants.EVENT_GROUP_CREATE,
1577: MembershipConstants.EVENT_GROUP_EDIT,
1578: MembershipConstants.EVENT_GROUP_ADDMEMBER,
1579: MembershipConstants.EVENT_GROUP_REMOVEMEMBER };
1580: }
1581:
1582: if (resourceIdentifier.getResourceType().equals(
1583: MembershipConstants.RESOURCE_PROFILE)) {
1584: return new String[] {
1585: MembershipConstants.EVENT_PROFILE_CREATE,
1586: MembershipConstants.EVENT_PROFILE_EDIT };
1587: }
1588: }
1589:
1590: return super .listAvailablesPermissions(resourceIdentifier);
1591: }
1592:
1593: /**
1594: * @ejb.interface-method
1595: * @ejb.transaction type="Required"
1596: */
1597: public void createCasUser(String username, String password)
1598: throws LibresourceException {
1599: Connection conn = null;
1600: Statement stmt = null;
1601: PreparedStatement insertUser = null;
1602:
1603: try {
1604: getConnectionForUsers();
1605: conn = Libresource.getDatasource().getConnection();
1606: stmt = conn.createStatement();
1607:
1608: ResultSet rs = stmt
1609: .executeQuery("SELECT * FROM casusers_ WHERE username_='"
1610: + username + "';");
1611:
1612: if (rs.next()) {
1613: throw new LibresourceException(
1614: "Username already exists !");
1615: }
1616:
1617: if (!username.matches("[A-Za-z0-9]+")) {
1618: throw new LibresourceException(
1619: "invalid user id (userId should match [A-Za-z0-9])");
1620: }
1621:
1622: // insert user
1623: insertUser = conn
1624: .prepareStatement("INSERT INTO casusers_ (username_, passworddigest_) VALUES (?,?);");
1625: insertUser.setString(1, username);
1626:
1627: // No more digest
1628: insertUser.setString(2, password); // digest(password));
1629: insertUser.execute();
1630: insertUser.close();
1631:
1632: // create profile
1633: KernelService kernelService = (KernelService) Libresource
1634: .getService(KernelConstants.SERVICE);
1635: kernelService.systemCreateURI(new URI(getUsersRootURI()
1636: + "/" + username));
1637:
1638: String jabberHost = Libresource
1639: .getLibresourceConfiguration("kernel.serverUrl");
1640: jabberHost = jabberHost.split(":")[1]; // "http://localhost:9000" => get "//localhost"
1641: jabberHost = jabberHost.substring(2);
1642:
1643: systemCreateProfile(username, username, "", username + "@"
1644: + jabberHost, new HashMap());
1645: } catch (Exception e) {
1646: throw new LibresourceException(e.getMessage());
1647: } finally {
1648: try {
1649: if (stmt != null) {
1650: stmt.close();
1651: }
1652: } catch (Exception e) {
1653: }
1654:
1655: try {
1656: if (insertUser != null) {
1657: insertUser.close();
1658: }
1659: } catch (Exception e) {
1660: }
1661:
1662: try {
1663: if (conn != null) {
1664: conn.close();
1665: }
1666: } catch (Exception e) {
1667: }
1668: }
1669: }
1670:
1671: /**
1672: * @ejb.interface-method
1673: * @ejb.transaction type="Required"
1674: */
1675: public void editCasUser(String username, String password)
1676: throws LibresourceException {
1677: Connection conn = null;
1678: Statement stmt = null;
1679: PreparedStatement insertUser = null;
1680:
1681: try {
1682: KernelService kernelService = (KernelService) Libresource
1683: .getService(KernelConstants.SERVICE);
1684:
1685: if (!kernelService.checkSecurity(new URI(getUsersRootURI()
1686: + "/" + username), KernelConstants.SECURITY_UPDATE)) {
1687: throw new LibresourceException(
1688: "Not allowed to change password");
1689: }
1690:
1691: getConnectionForUsers();
1692: conn = Libresource.getDatasource().getConnection();
1693: stmt = conn.createStatement();
1694:
1695: ResultSet rs = stmt
1696: .executeQuery("SELECT * FROM casusers_ WHERE username_='"
1697: + username + "';");
1698:
1699: if (!rs.next()) {
1700: throw new LibresourceException("Username \"" + username
1701: + "\" does not exists !");
1702: }
1703:
1704: // insert user
1705: insertUser = conn
1706: .prepareStatement("UPDATE casusers_ SET passworddigest_ = ? WHERE username_= ?;");
1707: insertUser.setString(2, username);
1708:
1709: // No more need of digest
1710: insertUser.setString(1, password); //digest(password));
1711: insertUser.executeUpdate();
1712: insertUser.close();
1713: } catch (Exception e) {
1714: throw new LibresourceException(e.getMessage());
1715: } finally {
1716: try {
1717: if (stmt != null) {
1718: stmt.close();
1719: }
1720: } catch (Exception e) {
1721: }
1722:
1723: try {
1724: if (insertUser != null) {
1725: insertUser.close();
1726: }
1727: } catch (Exception e) {
1728: }
1729:
1730: try {
1731: if (conn != null) {
1732: conn.close();
1733: }
1734: } catch (Exception e) {
1735: }
1736: }
1737: }
1738:
1739: private void getConnectionForUsers() throws Exception {
1740: Connection conn = null;
1741: Statement stmt = null;
1742: ResultSet rs = null;
1743:
1744: try {
1745: conn = Libresource.getDatasource().getConnection();
1746: stmt = conn.createStatement();
1747: rs = stmt
1748: .executeQuery("SELECT tablename FROM pg_tables WHERE tablename='casusers_';");
1749:
1750: // if table does not exist
1751: if (!rs.next()) {
1752: // create table
1753: stmt = conn.createStatement();
1754: stmt
1755: .execute("CREATE TABLE casusers_ (username_ VARCHAR PRIMARY KEY, passworddigest_ VARCHAR);");
1756: }
1757: } catch (Exception e) {
1758: throw e;
1759: } finally {
1760: try {
1761: if (stmt != null) {
1762: stmt.close();
1763: }
1764: } catch (Exception e) {
1765: }
1766:
1767: try {
1768: if (rs != null) {
1769: rs.close();
1770: }
1771: } catch (Exception e) {
1772: }
1773:
1774: try {
1775: if (conn != null) {
1776: conn.close();
1777: }
1778: } catch (Exception e) {
1779: }
1780: }
1781: }
1782:
1783: public static String digest(String password) throws Exception {
1784: MessageDigest digest = MessageDigest.getInstance("MD5");
1785: digest.update(password.getBytes("UTF-8"));
1786:
1787: byte[] md5 = digest.digest();
1788: String sReturnMsg = "";
1789:
1790: for (int i = 0; i < md5.length; i++) {
1791: sReturnMsg += Integer.toHexString(md5[i]);
1792: }
1793:
1794: return sReturnMsg;
1795: }
1796:
1797: private void getConnectionForSubversionUsers() throws Exception {
1798: Connection conn = null;
1799: Statement stmt = null;
1800: ResultSet rs = null;
1801:
1802: try {
1803: conn = Libresource.getDatasource().getConnection();
1804: stmt = conn.createStatement();
1805: rs = stmt
1806: .executeQuery("SELECT tablename FROM pg_tables WHERE tablename='subversionusers_';");
1807:
1808: // if table does not exist
1809: if (!rs.next()) {
1810: // create table
1811: stmt = conn.createStatement();
1812: stmt
1813: .execute("CREATE TABLE subversionusers_ (username_ VARCHAR PRIMARY KEY, password_ VARCHAR);");
1814: }
1815: } catch (Exception e) {
1816: throw e;
1817: } finally {
1818: try {
1819: if (stmt != null) {
1820: stmt.close();
1821: }
1822: } catch (Exception e) {
1823: }
1824:
1825: try {
1826: if (rs != null) {
1827: rs.close();
1828: }
1829: } catch (Exception e) {
1830: }
1831:
1832: try {
1833: if (conn != null) {
1834: conn.close();
1835: }
1836: } catch (Exception e) {
1837: }
1838: }
1839: }
1840:
1841: private void registerSubversionUser(String login, String password)
1842: throws Exception {
1843: Connection conn = null;
1844: PreparedStatement insertUser = null;
1845: ResultSet rs = null;
1846:
1847: try {
1848: getConnectionForSubversionUsers();
1849: insertUser = null;
1850: conn = Libresource.getDatasource().getConnection();
1851:
1852: // insert user
1853: insertUser = conn
1854: .prepareStatement("SELECT * FROM subversionusers_ WHERE username_ = ?");
1855: insertUser.setString(1, login);
1856: rs = insertUser.executeQuery();
1857: insertUser.close();
1858:
1859: if (!rs.next()) {
1860: insertUser = conn
1861: .prepareStatement("INSERT INTO subversionusers_ (username_, password_) VALUES (?,?);");
1862: insertUser.setString(1, login);
1863: insertUser.setString(2, password);
1864: insertUser.executeUpdate();
1865: } else {
1866: insertUser = conn
1867: .prepareStatement("UPDATE subversionusers_ SET password_ = ? WHERE username_ = ? ;");
1868: insertUser.setString(2, login);
1869: insertUser.setString(1, password);
1870: insertUser.executeUpdate();
1871: }
1872: } catch (Exception e) {
1873: throw e;
1874: } finally {
1875: try {
1876: if (insertUser != null) {
1877: insertUser.close();
1878: }
1879: } catch (Exception e) {
1880: }
1881:
1882: try {
1883: if (rs != null) {
1884: rs.close();
1885: }
1886: } catch (Exception e) {
1887: }
1888:
1889: try {
1890: if (conn != null) {
1891: conn.close();
1892: }
1893: } catch (Exception e) {
1894: }
1895: }
1896: }
1897:
1898: private DirContext getLDAPConnection(
1899: LDAPGroupResourceLocal ldapGroup) throws Exception {
1900: DirContext connection = null;
1901:
1902: // initialisation
1903: String url = ldapGroup.getLDAPServerURL();
1904: String bindDn = ldapGroup.getDNBind();
1905: String bindPassword = ldapGroup.getPasswordBind();
1906: boolean secured = ldapGroup.getConnectionSecured();
1907:
1908: try {
1909: Hashtable hashtable = new Hashtable(5, 0.75f);
1910: hashtable.put(Context.INITIAL_CONTEXT_FACTORY,
1911: "com.sun.jndi.ldap.LdapCtxFactory");
1912: hashtable.put(Context.PROVIDER_URL, url);
1913: hashtable.put(Context.SECURITY_AUTHENTICATION, "simple");
1914:
1915: if (bindDn != null) {
1916: hashtable.put(Context.SECURITY_PRINCIPAL, bindDn);
1917: hashtable.put(Context.SECURITY_CREDENTIALS,
1918: bindPassword.getBytes());
1919: }
1920:
1921: if (secured) {
1922: hashtable.put(Context.SECURITY_PROTOCOL, "ssl");
1923: }
1924:
1925: System.out
1926: .println("Connecting to the LDAP directory (url=`"
1927: + url + "', username=`" + bindDn + "')...");
1928: connection = new InitialDirContext(hashtable);
1929: System.out.println("Connection succeeded.");
1930:
1931: return connection;
1932: } catch (AuthenticationException e) {
1933: System.out.println("Connection failed: " + e.getMessage());
1934: } catch (NamingException e) {
1935: System.out.println("Could not connect to \"" + url + "\"");
1936: System.out.println("Connection failed: '" + e.getMessage()
1937: + "')");
1938: }
1939:
1940: // connection failed, but try to close the connection however
1941: if (connection != null) {
1942: try {
1943: System.out.println("Closing LDAP connection...");
1944: connection.close();
1945: } catch (NamingException e2) {
1946: System.out.println("Could not close LDAP connection.");
1947: }
1948: }
1949:
1950: return null;
1951: }
1952:
1953: private boolean isLDAPMember(String userLogin,
1954: LDAPGroupResourceLocal ldapGroup) throws Exception {
1955: DirContext ldapConnection = getLDAPConnection(ldapGroup);
1956:
1957: if (ldapConnection != null) {
1958: Attributes attrs = ldapConnection.getAttributes(ldapGroup
1959: .getLDAPGroupDefinition());
1960: Attribute attr = attrs.get(ldapGroup.getField());
1961: NamingEnumeration members = attr.getAll();
1962: String currentUser = null;
1963:
1964: while (members.hasMore()) {
1965: currentUser = (String) members.next();
1966:
1967: if ((currentUser.indexOf(ldapGroup.getUserID()) != -1)
1968: && (currentUser.indexOf(userLogin) != -1)) {
1969: // check if its real and not the same starting letter of the
1970: // user login
1971: currentUser = currentUser.substring(currentUser
1972: .indexOf(userLogin));
1973:
1974: if (currentUser.split(",")[0].trim().equals(
1975: userLogin)) {
1976: try {
1977: ldapConnection.close();
1978: } catch (Exception e) {
1979: }
1980:
1981: return true;
1982: }
1983: }
1984: }
1985:
1986: try {
1987: ldapConnection.close();
1988: } catch (Exception e) {
1989: }
1990: }
1991:
1992: return false;
1993: }
1994:
1995: private Collection listLDAPMember(LDAPGroupResourceLocal ldapGroup)
1996: throws Exception {
1997: ArrayList result = new ArrayList();
1998: DirContext ldapConnection = getLDAPConnection(ldapGroup);
1999:
2000: if (ldapConnection != null) {
2001: Attributes attrs = ldapConnection.getAttributes(ldapGroup
2002: .getLDAPGroupDefinition());
2003: Attribute attr = attrs.get(ldapGroup.getField());
2004: NamingEnumeration members = attr.getAll();
2005: String currentUser = null;
2006:
2007: while (members.hasMore()) {
2008: currentUser = (String) members.next();
2009:
2010: if (currentUser.indexOf(ldapGroup.getUserID()) != -1) {
2011: currentUser = currentUser.substring(currentUser
2012: .indexOf(ldapGroup.getUserID()));
2013: currentUser = currentUser.substring(currentUser
2014: .indexOf("=") + 1);
2015: result.add(currentUser.split(",")[0].trim());
2016: }
2017: }
2018:
2019: try {
2020: ldapConnection.close();
2021: } catch (Exception e) {
2022: }
2023: }
2024:
2025: return result;
2026: }
2027: }
|