Examples of org.olat.basesecurity.SecurityGroup

• org.olat.basesecurity.SecurityGroup
  Description:
  @author Felix Jost

   * Migrate all user in logon-denied security-group to users with status=login_denied.
   */
  private void migrateLoginDeniedSecurityGroup(UpgradeHistoryData uhd) {
    if (!uhd.getBooleanDataValue(TASK_MIGRATE_LOGIN_DENIED_SECURITY_GROUP_DONE)) {
      Manager secManager = ManagerFactory.getManager();
      SecurityGroup loginDeniedGroup = ManagerFactory.getManager().findSecurityGroupByName("logondenied");// so far: Constants.GROUP_LOGON_DENIED
      if (loginDeniedGroup != null) {
        // 1. Migrate users from logon-denied security-group to users with status=login_denied
        List identitiesList = secManager.getIdentitiesByPowerSearch(null, null, true,
            new SecurityGroup[] {loginDeniedGroup}, null, null, null, null,null);
        for (Iterator iter = identitiesList.iterator(); iter.hasNext();) {

         * Membership in ParticipiantGroups............................. id1
         * owns BuddyGroup one with participiantGroup:={}........... id2 owns
         * BuddyGroup two with participiantGroup:={id3,id4} id3 owns BuddyGroup
         * three participiantGroup:={id2}, ownerGroup:={id3,id1}
         */
        SecurityGroup twoPartips = two.getPartipiciantGroup();
        SecurityGroup threeOwner = three.getOwnerGroup();
        SecurityGroup threeOPartips = three.getPartipiciantGroup();

        ManagerFactory.getManager().addIdentityToSecurityGroup(id3, twoPartips);
        ManagerFactory.getManager().addIdentityToSecurityGroup(id4, twoPartips);

        ManagerFactory.getManager().addIdentityToSecurityGroup(id2, threeOPartips);

    if (usersSyncedAtStartup) {
      try {
        //create user but with different attributes - must fail since user already exists
        User user = UserManager.getInstance().createUser("klaus", "Meier", "klaus@meier.ch");
        Identity identity = securityManager.createAndPersistIdentityAndUser("kmeier", user, "LDAP", "kmeier", null);
        SecurityGroup secGroup = securityManager.findSecurityGroupByName(LDAPConstants.SECURITY_GROUP_LDAP);
        securityManager.addIdentityToSecurityGroup(identity, secGroup);

        // simulate closed session (user adding from startup job)
        DBFactory.getInstance().intermediateCommit();
        fail("Expected constrant violation becaus of doupliate entry");
      } catch (Exception e) {
        // success, this is what we expected
      }
      //changedAttrMap empty since already synchronized
      Attributes attrs = ldapManager.bindUser(uid, pwd, errors);
      Identity identitys = securityManager.findIdentityByName(uid);
      Map<String, String> changedAttrMap = ldapManager.prepareUserPropertyForSync(attrs, identitys);
      // map is empty - no attributes to sync
      assertNull(changedAttrMap);
    } else {
      //create user but with different attributes - must fail since user already exists
      User user = UserManager.getInstance().createUser("klaus", "Meier", "klaus@meier.ch");
      Identity identity = securityManager.createAndPersistIdentityAndUser("kmeier", user, "LDAP", "kmeier", null);
      SecurityGroup secGroup = securityManager.findSecurityGroupByName(LDAPConstants.SECURITY_GROUP_LDAP);
      securityManager.addIdentityToSecurityGroup(identity, secGroup);
      // simulate closed session (user adding from startup job)
      DBFactory.getInstance().intermediateCommit();

      //changedAttrMap has 2 changes and uid as entrys (Klaus!=klaus, klaus@olat.org!=klaus@meier.ch)

    DBFactory.getInstance().intermediateCommit();

    //create some users in LDAPSecurityGroup
    User user = UserManager.getInstance().createUser("grollia", "wa", "gorrila@olat.org");
    Identity identity = securityManager.createAndPersistIdentityAndUser("gorilla", user, "LDAP", "gorrila", null);
    SecurityGroup secGroup1 = securityManager.findSecurityGroupByName(LDAPConstants.SECURITY_GROUP_LDAP);
    securityManager.addIdentityToSecurityGroup(identity, secGroup1);
    user = UserManager.getInstance().createUser("wer", "immer", "immer@olat.org");
    identity = securityManager.createAndPersistIdentityAndUser("der", user, "LDAP", "der", null);
    securityManager.addIdentityToSecurityGroup(identity, secGroup1);
    user = UserManager.getInstance().createUser("die", "da", "chaspi@olat.org");

    //create Users in LDAP Group only existing in OLAT
    User user1 = UserManager.getInstance().createUser("hansi", "hürlima", "hansi@hansli.com");
    Identity identity1 = securityManager.createAndPersistIdentityAndUser("hansi", user1, "LDAP", "hansi", null);
    SecurityGroup secGroup1 = securityManager.findSecurityGroupByName(LDAPConstants.SECURITY_GROUP_LDAP);
    securityManager.addIdentityToSecurityGroup(identity1, secGroup1);
    user1 = UserManager.getInstance().createUser("chaspi", "meier", "chaspi@hansli.com");
    identity1 = securityManager.createAndPersistIdentityAndUser("chaspi", user1, "LDAP", "chaspi", null);
    securityManager.addIdentityToSecurityGroup(identity1, secGroup1);

        re.setCanReference(true);
      } else {
        re.setCanReference(false);
      }
      // create security group
      SecurityGroup ownerGroup = securityManager.createAndPersistSecurityGroup();
      // member of this group may modify member's membership
      securityManager.createAndPersistPolicy(ownerGroup, Constants.PERMISSION_ACCESS, ownerGroup);
      // members of this group are always authors also
      securityManager.createAndPersistPolicy(ownerGroup, Constants.PERMISSION_HASROLE, Constants.ORESOURCE_AUTHOR);
      if ((i % 2 > 0)) {