Revision 10338
Added by Jing Tao almost 7 years ago
| D1ResourceHandler.java | ||
|---|---|---|
| 55 | 55 |
import org.dataone.service.types.v1.Subject; |
| 56 | 56 |
import org.dataone.service.types.v1.SubjectInfo; |
| 57 | 57 |
|
| 58 |
import edu.ucsb.nceas.metacat.AuthSession; |
|
| 58 | 59 |
import edu.ucsb.nceas.metacat.MetacatHandler; |
| 59 | 60 |
import edu.ucsb.nceas.metacat.properties.PropertyService; |
| 60 | 61 |
import edu.ucsb.nceas.metacat.service.SessionService; |
| ... | ... | |
| 176 | 177 |
session.setSubjectInfo(subjectInfo); |
| 177 | 178 |
} |
| 178 | 179 |
} |
| 180 |
} else {
|
|
| 181 |
//The session is not null. However, the if we got the session is from a token, the ldap group information for is missing if we logged in by the ldap account. |
|
| 182 |
//here we just patch it. |
|
| 183 |
Subject subject = session.getSubject(); |
|
| 184 |
if(subject != null) {
|
|
| 185 |
String dn = subject.getValue(); |
|
| 186 |
logMetacat.debug("D1ReourceHandler.handle - the subject dn in the session is "+dn+" This dn will be used to look up the group information");
|
|
| 187 |
if(dn != null) {
|
|
| 188 |
String username = null; |
|
| 189 |
String password = null; |
|
| 190 |
|
|
| 191 |
String[] groups = null; |
|
| 192 |
try {
|
|
| 193 |
AuthSession auth = new AuthSession(); |
|
| 194 |
groups = auth.getGroups(username, password, dn); |
|
| 195 |
} catch (Exception e) {
|
|
| 196 |
logMetacat.warn("D1ReourceHandler.handle - we can't get group information for the user "+dn+" from the authentication interface since :", e);
|
|
| 197 |
} |
|
| 198 |
|
|
| 199 |
if(groups != null) {
|
|
| 200 |
SubjectInfo subjectInfo = session.getSubjectInfo(); |
|
| 201 |
if(subjectInfo != null) {
|
|
| 202 |
logMetacat.debug("D1ReourceHandler.handle - the subject information is NOT null when we try to figure out the group information.");
|
|
| 203 |
//we don't overwrite the existing subject info, just add the new groups informations |
|
| 204 |
List<Person> persons = subjectInfo.getPersonList(); |
|
| 205 |
Person targetPerson = null; |
|
| 206 |
if(persons != null) {
|
|
| 207 |
for(Person person : persons) {
|
|
| 208 |
if(person.getSubject().equals(subject)) {
|
|
| 209 |
targetPerson = person; |
|
| 210 |
logMetacat.debug("D1ReourceHandler.handle - we find a person with the subject "+dn+" in the subject info.");
|
|
| 211 |
break; |
|
| 212 |
} |
|
| 213 |
} |
|
| 214 |
} |
|
| 215 |
boolean newPerson = false; |
|
| 216 |
if(targetPerson == null) {
|
|
| 217 |
newPerson = true; |
|
| 218 |
targetPerson = new Person(); |
|
| 219 |
targetPerson.setSubject(subject); |
|
| 220 |
} |
|
| 221 |
for (int i=0; i<groups.length; i++) {
|
|
| 222 |
logMetacat.debug("D1ReourceHandler.handle - create the group "+groups[i]+" for an existing subject info.");
|
|
| 223 |
Group group = new Group(); |
|
| 224 |
group.setGroupName(groups[i]); |
|
| 225 |
Subject groupSubject = new Subject(); |
|
| 226 |
groupSubject.setValue(groups[i]); |
|
| 227 |
group.setSubject(groupSubject); |
|
| 228 |
subjectInfo.addGroup(group); |
|
| 229 |
targetPerson.addIsMemberOf(groupSubject); |
|
| 230 |
} |
|
| 231 |
if(newPerson) {
|
|
| 232 |
subjectInfo.addPerson(targetPerson); |
|
| 233 |
} |
|
| 234 |
} else {
|
|
| 235 |
logMetacat.debug("D1ReourceHandler.handle - the subject information is NOT null when we try to figure out the group information.");
|
|
| 236 |
subjectInfo = new SubjectInfo(); |
|
| 237 |
Person person = new Person(); |
|
| 238 |
person.setSubject(subject); |
|
| 239 |
for (int i=0; i<groups.length; i++) {
|
|
| 240 |
logMetacat.debug("D1ReourceHandler.handle - create the group "+groups[i]+" for a new subject info.");
|
|
| 241 |
Group group = new Group(); |
|
| 242 |
group.setGroupName(groups[i]); |
|
| 243 |
Subject groupSubject = new Subject(); |
|
| 244 |
groupSubject.setValue(groups[i]); |
|
| 245 |
group.setSubject(groupSubject); |
|
| 246 |
subjectInfo.addGroup(group); |
|
| 247 |
person.addIsMemberOf(groupSubject); |
|
| 248 |
} |
|
| 249 |
subjectInfo.addPerson(person); |
|
| 250 |
session.setSubjectInfo(subjectInfo); |
|
| 251 |
} |
|
| 252 |
} |
|
| 253 |
} |
|
| 254 |
} |
|
| 179 | 255 |
} |
| 180 | 256 |
|
| 181 | 257 |
// initialize the parameters |
| ... | ... | |
| 193 | 269 |
logMetacat.error(e.getClass() + ": " + e.getMessage(), e); |
| 194 | 270 |
} |
| 195 | 271 |
} |
| 196 |
|
|
| 272 |
|
|
| 273 |
|
|
| 197 | 274 |
/** |
| 198 | 275 |
* subclasses should provide a more useful implementation |
| 199 | 276 |
* @return |
Also available in: Unified diff
Add the code to add the ldap group information for the given user.