Examples of org.olat.basesecurity.Manager

• org.olat.basesecurity.Manager
  Description:
  TODO: Class Description

  @author Felix Jost

    String[] reqAttrs = LDAPHelper.checkReqAttr(userAttributes);
    if (reqAttrs != null) {
      log.warn("Can not create and persist user, the following attributes are missing::" + ArrayUtils.toString(reqAttrs));
      return;
    }
    Manager securityManager = ManagerFactory.getManager();
    String uid = LDAPHelper.getAttributeValue(userAttributes.get(LDAPHelper
        .mapOlatPropertyToLdapAttribute(LDAPConstants.LDAP_USER_IDENTIFYER)));
    String email = LDAPHelper.getAttributeValue(userAttributes.get(LDAPHelper.mapOlatPropertyToLdapAttribute(UserConstants.EMAIL)));
    // Lookup user
    if (securityManager.findIdentityByName(uid) != null) {
      log.error("Can't create user with username='" + uid + "', does already exist in OLAT database");
      return;
    }
    // Create User (first and lastname is added in next step)
    User user = UserManager.getInstance().createUser(null, null, email);
    // Set User Property's (Iterates over Attributes and gets OLAT Property out
    // of olatexconfig.xml)
    NamingEnumeration<Attribute> neAttr = (NamingEnumeration<Attribute>) userAttributes.getAll();
    try {
      while (neAttr.hasMore()) {
        Attribute attr = neAttr.next();
        String olatProperty = LDAPHelper.mapLdapAttributeToOlatProperty(attr.getID());
        if (attr.get() != uid) {
          String ldapValue = LDAPHelper.getAttributeValue(attr);
          if (olatProperty == null || ldapValue == null) continue;
          user.setProperty(olatProperty, ldapValue);
        }
      }
      // Add static user properties from the configuration
      Map<String, String> staticProperties = LDAPLoginModule.getStaticUserProperties();
      if (staticProperties != null && staticProperties.size() > 0) {
        for (Entry<String, String> staticProperty : staticProperties.entrySet()) {
          user.setProperty(staticProperty.getKey(), staticProperty.getValue());
        }
      }
    } catch (NamingException e) {
      log.error("NamingException when trying to create and persist LDAP user with username::" + uid, e);
      return;
    } catch (Exception e) {
      // catch any exception here to properly log error
      log.error("Unknown exception when trying to create and persist LDAP user with username::" + uid, e);
      return;
    }

    // Create Identity
    Identity identity = securityManager.createAndPersistIdentityAndUser(uid, user, LDAPAuthenticationController.PROVIDER_LDAP, uid, null);
    // Add to SecurityGroup LDAP
    SecurityGroup secGroup = securityManager.findSecurityGroupByName(LDAPConstants.SECURITY_GROUP_LDAP);
    securityManager.addIdentityToSecurityGroup(identity, secGroup);
    // Add to SecurityGroup OLATUSERS
    secGroup = securityManager.findSecurityGroupByName(Constants.GROUP_OLATUSERS);
    securityManager.addIdentityToSecurityGroup(identity, secGroup);
    log.info("Created LDAP user username::" + uid);

  }

   * @return Identity if it's found and member of LDAPSecurityGroup, null
   *         otherwise (if user exists but not managed by LDAP, error Object is
   *         modified)
   */
  public Identity findIdentyByLdapAuthentication(String uid, LDAPError errors) {
    Manager securityManager = ManagerFactory.getManager();
    Identity identity = securityManager.findIdentityByName(uid);
    if (identity == null) {
      return null;
    } else {
      SecurityGroup ldapGroup = securityManager.findSecurityGroupByName(LDAPConstants.SECURITY_GROUP_LDAP);
      if (ldapGroup == null) {
        log.error("Error getting user from OLAT security group '" + LDAPConstants.SECURITY_GROUP_LDAP + "' : group does not exist");
        return null;
      }
      if (securityManager.isIdentityInSecurityGroup(identity, ldapGroup)) {
        Authentication ldapAuth = ManagerFactory.getManager().findAuthentication(identity, LDAPAuthenticationController.PROVIDER_LDAP);
        if(ldapAuth == null) {
          //BUG Fixe: update the user and test if it has a ldap provider
          ManagerFactory.getManager().createAndPersistAuthentication(identity, LDAPAuthenticationController.PROVIDER_LDAP, identity.getName(), null);
        }
        return identity;
      }
      else {
        if (LDAPLoginModule.isConvertExistingLocalUsersToLDAPUsers()) {
          // Add user to LDAP security group and add the ldap provider
          ManagerFactory.getManager().createAndPersistAuthentication(identity, LDAPAuthenticationController.PROVIDER_LDAP, identity.getName(), null);
          securityManager.addIdentityToSecurityGroup(identity, ldapGroup);
          log.info("Found identity by LDAP username that was not yet in LDAP security group. Converted user::" + uid
              + " to be an LDAP managed user");
          return identity;
        } else {
          errors.insert("findIdentyByLdapAuthentication: User with username::" + uid + " exist but not Managed by LDAP");

      log.warn("No users in LDAP found, can't create deletionList!!");
      return null;
    }

    // Find all User in OLAT, members of LDAPSecurityGroup
    Manager securityManager = ManagerFactory.getManager();
    SecurityGroup ldapGroup = securityManager.findSecurityGroupByName(LDAPConstants.SECURITY_GROUP_LDAP);
    if (ldapGroup == null) {
      log.error("Error getting users from OLAT security group '" + LDAPConstants.SECURITY_GROUP_LDAP + "' : group does not exist");
      return null;
    }
    List<Identity> olatListIdentity = securityManager.getIdentitiesOfSecurityGroup(ldapGroup);
    ListIterator<Identity> itr = olatListIdentity.listIterator();
    while (itr.hasNext()) {
      Identity ida = itr.next();
      // compare usernames with lowercase
      if (!ldapList.contains(ida.getName().toLowerCase())) identityListToDelete.add(ida);

        if (LDAPLoginModule.isDeleteRemovedLDAPUsersOnSync()) {
          // check if more not more than the defined percentages of
          // users managed in LDAP should be deleted
          // if they are over the percentage, they will not be deleted
          // by the sync job
          Manager securityManager = ManagerFactory.getManager();
          SecurityGroup ldapGroup = securityManager
              .findSecurityGroupByName(LDAPConstants.SECURITY_GROUP_LDAP);
          List<Identity> olatListIdentity = securityManager
              .getIdentitiesOfSecurityGroup(ldapGroup);
          if (olatListIdentity.size() == 0)
            log
                .info("No users managed by LDAP, can't delete users");
          else {

      else if (event.getCommand().equals(ACTION_NEW_CTGREQUEST)) {
        /*
         * find the first caretaker, looking from the leaf towards the root,
         * following the selected branch.
         */
        Manager mngr = ManagerFactory.getManager();
        ContactList caretaker = new ContactList(translate(NLS_CONTACT_TO_GROUPNAME_CARETAKER));
        final List emptyList = new ArrayList();
        List tmpIdent = new ArrayList();
        for (int i = historyStack.size() - 1; i >= 0 && tmpIdent.isEmpty(); i--) {
          // start at the selected category, the root category is asserted to
          // have the OLATAdministrator
          // so we end up having always at least one identity as receiver for a
          // request ;-)
          CatalogEntry tmp = historyStack.get(i);
          SecurityGroup tmpOwn = tmp.getOwnerGroup();
          if (tmpOwn != null) tmpIdent = mngr.getIdentitiesOfSecurityGroup(tmpOwn);
          else tmpIdent = emptyList;
        }
        for (int i = tmpIdent.size() - 1; i >= 0; i--) {
          caretaker.add((Identity) tmpIdent.get(i));
        }

   * Helper to imports simple tree structure, for simplicity
   */
  private void importStructure() {
    CatalogEntry oldRoot = (CatalogEntry) cm.getRootCatalogEntries().get(0);
    SecurityGroup rootOwners = oldRoot.getOwnerGroup();
    Manager secMgr = ManagerFactory.getManager();
    List olatAdminIdents = secMgr.getIdentitiesOfSecurityGroup(rootOwners);
    SecurityGroup catalogAdmins = secMgr.createAndPersistSecurityGroup();
    for (int i = 0; i < olatAdminIdents.size(); i++) {
      secMgr.addIdentityToSecurityGroup((Identity) olatAdminIdents.get(i), catalogAdmins);
    }
    cm.deleteCatalogEntry(oldRoot);

    CatalogEntry dummy = cm.createCatalogEntry();
    addStructureForm.fillEntry(dummy);

    importedRepositoryEntry.setOlatResource(ores);
    RepositoryHandler rh = RepositoryHandlerFactory.getInstance().getRepositoryHandler(importedRepositoryEntry);
    importedRepositoryEntry.setCanLaunch(rh.supportsLaunch());

    // create security group
    Manager securityManager = ManagerFactory.getManager();
    SecurityGroup newGroup = securityManager.createAndPersistSecurityGroup();
    // member of this group may modify member's membership
    securityManager.createAndPersistPolicy(newGroup, Constants.PERMISSION_ACCESS, newGroup);
    // members of this group are always authors also
    securityManager.createAndPersistPolicy(newGroup, Constants.PERMISSION_HASROLE, Constants.ORESOURCE_AUTHOR);
    securityManager.addIdentityToSecurityGroup(owner, newGroup);
    importedRepositoryEntry.setOwnerGroup(newGroup);
    rm.saveRepositoryEntry(importedRepositoryEntry);

    if (!keepSoftkey) {
      // set the new shared folder reference

  /**
   * @see org.olat.course.groupsandrights.CourseGroupManager#isIdentityCourseCoach(org.olat.core.id.Identity)
   */
  public boolean isIdentityCourseCoach(Identity identity) {
    Manager secManager = ManagerFactory.getManager();
    Iterator iterator = learningGroupContexts.iterator();
    while (iterator.hasNext()) {
      BGContext bgContext = (BGContext) iterator.next();
      boolean isCoach = secManager.isIdentityPermittedOnResourceable(identity, Constants.PERMISSION_COACH, bgContext);
      if (isCoach) // don't check any further
      return true;
    }
    return false;
  }

   * @see org.olat.course.groupsandrights.CourseGroupManager#isIdentityCourseAdministrator(org.olat.core.id.Identity)
   */
  public boolean isIdentityCourseAdministrator(Identity identity) {
    // not really a group management method, for your convenience we have a
    // shortcut here...
    Manager secMgr = ManagerFactory.getManager();
    return secMgr.isIdentityPermittedOnResourceable(identity, Constants.PERMISSION_ADMIN, courseResource);
  }

   * @param groups List of business groups
   * @return list of Integers that contain the number of participants for each
   *         group
   */
  public List getNumberOfMembersFromGroups(List groups) {
    Manager securityManager = ManagerFactory.getManager();
    List members = new ArrayList();
    Iterator iterator = groups.iterator();
    while (iterator.hasNext()) {
      BusinessGroup group = (BusinessGroup) iterator.next();
      int numbMembers = securityManager.countIdentitiesOfSecurityGroup(group.getPartipiciantGroup());
      members.add(new Integer(numbMembers));
    }
    return members;
  }