1 package de.webman.sync.ldap.worker; 2 3 import de.webman.sync.Worker; 4 import de.webman.sync.ACLAdaptor; 5 import de.webman.sync.SyncException; 6 import de.webman.sync.ldap.LDAPAdaptor; 7 import de.webman.acl.ProfileFactory; 8 import de.webman.acl.Profile; 9 import de.webman.acl.LoginFactory; 10 import de.webman.acl.Login; 11 import com.teamkonzept.lib.TKVector; 12 import com.teamkonzept.lib.TKException; 13 import java.util.List ; 14 import java.util.Iterator ; 15 import java.util.Enumeration ; 16 import java.util.HashMap ; 17 import org.apache.log4j.Category; 18 19 30 public class UpdateGroupAssignments 31 implements Worker 32 { 33 34 37 private static Category cat = Category.getInstance(UpdateGroupAssignments.class); 38 39 40 43 private static final int STAT_CHANGED = 0; 44 45 48 private static final int STAT_FAILED = 1; 49 50 53 private static final int STAT_UPDATED = 2; 54 55 58 private static final int STAT_WARNINGS = 3; 59 60 63 private static final int STAT_IGNORED = 4; 64 65 68 private static final int SLOTS_STAT = 5; 69 70 71 75 public void run(ACLAdaptor adaptor) 76 throws SyncException 77 { 78 try { 79 cat.debug("synchronize for changed group assignments"); 80 HashMap groups = null; 81 82 try { 83 84 TKVector pfvect = ProfileFactory.getInstance().getProfiles(); 85 groups = new HashMap (pfvect.size()); 86 87 88 for (Enumeration en = pfvect.elements(); en.hasMoreElements(); ) { 89 Profile p = (Profile)en.nextElement(); 90 91 if (p.isProfile()) 92 groups.put(p.getLogin(), p.getID()); 93 } 94 } 95 catch (Exception e) { 96 throw new SyncException(e); 97 } 98 99 List ldap_users = adaptor.getChangedUsers(); 100 int[] statistics = new int[SLOTS_STAT]; 101 102 for (Iterator it = ldap_users.iterator(); it.hasNext(); ) { 103 de.webman.sync.User ldapuser = (de.webman.sync.User)it.next(); 104 105 if (ldapuser.isDirty()) { 106 statistics[STAT_CHANGED] ++; 107 checkGroupAssignments(adaptor, ldapuser, groups, statistics); 108 } 109 } 110 111 cat.info("synchronizing changed group assignments; STATISTICS:\n" + 112 ldap_users.size() + " changed ldap users found,\n" + 113 groups.size() + " webman groups found in total,\n" + 114 statistics[STAT_CHANGED] + " user entries to be changed,\n" + 115 statistics[STAT_UPDATED] + " user entries updated successfully,\n" + 116 statistics[STAT_FAILED] + " user entry updates failed,\n" + 117 statistics[STAT_WARNINGS] + " group assignment warnings,\n" + 118 statistics[STAT_IGNORED] + " user entries ignored"); 119 } 120 catch (NullPointerException npe) { 121 npe.printStackTrace(); 122 } 123 } 124 125 126 129 private void checkGroupAssignments(ACLAdaptor adaptor, 130 de.webman.sync.User ldapuser, HashMap groups, 131 int[] statistics) 132 { 133 134 if ((adaptor instanceof LDAPAdaptor) && 135 ((LDAPAdaptor)adaptor).ignoreUsers().contains(ldapuser.getWebmanName())) { 136 statistics[STAT_IGNORED]++; 137 return; 138 } 139 140 boolean failed = false; 141 142 143 de.webman.acl.Login wmuser = null; 144 try { 145 wmuser = LoginFactory.getInstance().getLogin(ldapuser.getWebmanName()); 146 } 147 catch (Exception e) { 148 149 cat.warn("unknown webman-user found in LDAP: '" + ldapuser.getWebmanName() + "' " + 150 "(user-dn: '" + ldapuser.getID() + "')"); 151 statistics[STAT_FAILED] ++; 152 return; 153 } 154 155 157 HashMap user_groups = null; 158 TKVector upr = null; 159 try { 160 upr = wmuser.getParents(); 161 user_groups = new HashMap (upr.size()); 162 163 for (Enumeration en = upr.elements(); en.hasMoreElements(); ) { 164 Profile p = (Profile)en.nextElement(); 165 user_groups.put(p.getLogin(), p.getID()); 166 } 167 } 168 catch (Exception e) { 169 170 cat.warn("can't load groups for webman-user: '" + ldapuser.getWebmanName() + "' " + 171 "(user-dn: '" + ldapuser.getID() + "')"); 172 statistics[STAT_FAILED] ++; 173 return; 174 } 175 176 178 HashMap ldap_groups = new HashMap (); 179 for (Iterator it = ldapuser.getGroups().iterator(); it.hasNext(); ) { 180 String ldapgroup = (String )it.next(); 181 182 if (groups.containsKey(ldapgroup)) { 183 ldap_groups.put(ldapgroup, groups.get(ldapgroup)); 184 } 185 else { 186 cat.warn("unknown webman-group found in LDAP: '" + ldapgroup + "' " + 187 "(user-dn: '" + ldapuser.getID() + "')"); 188 failed = true; 189 statistics[STAT_WARNINGS] ++; 190 } 191 } 192 193 194 199 for (Iterator lit = ldap_groups.keySet().iterator(); lit.hasNext(); ) { 200 String gkey = (String )lit.next(); 201 if (!user_groups.containsKey(gkey)) { 202 203 if (!assignUserToGroup((Integer )ldap_groups.get(gkey), wmuser.getID())) { 204 failed = true; 205 statistics[STAT_WARNINGS]++; 206 } 207 } 208 209 lit.remove(); 210 user_groups.remove(gkey); 211 } 212 213 217 for (Iterator wit = user_groups.keySet().iterator(); wit.hasNext(); ) { 218 String gkey = (String )wit.next(); 219 if (!ldap_groups.containsKey(gkey)) { 220 221 if (!removeGroupFromUser((Integer )user_groups.get(gkey), wmuser.getID())) { 222 failed = true; 223 statistics[STAT_WARNINGS]++; 224 } 225 } 226 } 227 228 229 if (!failed) { 230 try { 231 adaptor.setDirtyFlagForUser(ldapuser, false); 232 statistics[STAT_UPDATED]++; 233 } 234 catch (SyncException se) { 235 statistics[STAT_FAILED]++; 236 } 237 } 238 else 239 statistics[STAT_FAILED]++; 240 } 241 242 private boolean assignUserToGroup(Integer gid, Integer uid) 243 { 244 Profile group = null; 245 de.webman.acl.Login wmuser = null; 246 try { 247 wmuser = LoginFactory.getInstance().getLogin(uid); 248 group = ProfileFactory.getInstance().getProfile(gid); 249 if (group != null && wmuser != null) { 250 cat.info("assign user '" + wmuser.getLogin() + "' to group '" + 251 group.getLogin() + "' "); 252 group.addChild(wmuser); 253 ProfileFactory.getInstance().modifyProfile(group); 254 return true; 255 } 256 } 257 catch (Exception e) { 258 ; 259 } 260 cat.warn("can't assign user '" + wmuser.getLogin() + "' to group '" + 261 group != null ? group.getLogin() : gid.toString() + "'"); 262 return false; 263 } 264 265 private boolean removeGroupFromUser(Integer gid, Integer uid) 266 { 267 Profile group = null; 268 de.webman.acl.Login wmuser = null; 269 try { 270 group = ProfileFactory.getInstance().getProfile(gid); 271 if (group != null) { 272 wmuser = LoginFactory.getInstance().getLogin(uid); 273 cat.info("remove user '" + wmuser.getLogin() + "' from group '" + 274 group.getLogin() + "' "); 275 group.removeChild(wmuser); 276 ProfileFactory.getInstance().modifyProfile(group); 277 return true; 278 } 279 } 280 catch (Exception e) { 281 ; 282 } 283 cat.warn("can't assign user '" + wmuser.getLogin() + "' to group '" + 284 group != null ? group.getLogin() : gid.toString() + "'"); 285 return false; 286 287 } 288 } 289 | Popular Tags |