Strolch
/
strolch
mirror of https://github.com/strolch-li/strolch.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[New] Try and use LDAP department for primaryLocation

This commit is contained in:
Robert von Burg 2020-08-06 17:20:59 +02:00
parent baecbd5312
commit 24c305564b
1 changed files with 29 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
li.strolch.privilege/src/main/java/li/strolch/privilege/handler/JsonConfigLdapPrivilegeHandler.java
View File

@ -4,6 +4,7 @@ import static java.lang.String.join;
import static java.util.stream.Collectors.toSet;
import static li.strolch.privilege.base.PrivilegeConstants.*;
import static li.strolch.utils.helper.StringHelper.isEmpty;
import static li.strolch.utils.helper.StringHelper.isNotEmpty;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
@ -21,6 +22,7 @@ import li.strolch.utils.dbc.DBC;
public class JsonConfigLdapPrivilegeHandler extends BaseLdapPrivilegeHandler {
private Locale defaultLocale;
private Map<String, String> ldapToLocalLocationMap;
private JsonObject ldapGroupConfigs;
private Set<String> ldapGroupNames;
private String realm;
@ -61,6 +63,15 @@ public class JsonConfigLdapPrivilegeHandler extends BaseLdapPrivilegeHandler {
if (!configJ.has("ldapGroupConfigs") || !configJ.get("ldapGroupConfigs").isJsonObject())
throw new IllegalStateException("JSON config is missing ldapGroupConfigs element!");
this.ldapToLocalLocationMap = new HashMap<>();
if (configJ.has("locationMappings")) {
JsonObject locationMappingsJ = configJ.get("locationMappings").getAsJsonObject();
for (String ldapL : locationMappingsJ.keySet()) {
String localL = locationMappingsJ.get(ldapL).getAsString();
this.ldapToLocalLocationMap.put(ldapL, localL);
}
}
this.ldapGroupConfigs = configJ.get("ldapGroupConfigs").getAsJsonObject();
this.ldapGroupNames = ldapGroupConfigs.keySet();
if (this.ldapGroupNames.isEmpty())
@ -151,12 +162,22 @@ public class JsonConfigLdapPrivilegeHandler extends BaseLdapPrivilegeHandler {
@Override
protected Map<String, String> buildProperties(String username, Attributes attrs, Set<String> ldapGroups,
Set<String> strolchRoles) {
Set<String> strolchRoles) throws NamingException {
String primaryLocation = "";
Set<String> secondaryLocations = new HashSet<>();
Set<String> locations = new HashSet<>();
// first see if we can find the primaryLocation from the department attribute:
String department = getLdapString(attrs, "department");
if (isNotEmpty(department)) {
if (this.ldapToLocalLocationMap.containsKey(department)) {
String localL = this.ldapToLocalLocationMap.get(department);
logger.info("Using primary location " + localL + " for LDAP department " + department);
primaryLocation = localL;
}
}
for (String ldapGroup : ldapGroups) {
JsonObject mappingJ = this.ldapGroupConfigs.get(ldapGroup).getAsJsonObject();
mappingJ.get(LOCATION).getAsJsonArray().forEach(e -> locations.add(e.getAsString()));
@ -166,9 +187,13 @@ public class JsonConfigLdapPrivilegeHandler extends BaseLdapPrivilegeHandler {
if (primaryLocation.isEmpty()) {
primaryLocation = primaryLocationJ.getAsString();
} else {
logger.warn("Primary location already set by previous LDAP Group config for LDAP Group " + ldapGroup
+ ", adding to secondary locations.");
secondaryLocations.add(primaryLocationJ.getAsString());
String location = primaryLocationJ.getAsString();
if (!secondaryLocations.contains(location)) {
logger.warn(
"Primary location already set by previous LDAP Group config for LDAP Group " + ldapGroup
+ ", adding to secondary locations.");
secondaryLocations.add(location);
}
}
}