Package org.opencustomer.connector.ldap.auth

Source Code of org.opencustomer.connector.ldap.auth.LdapSync

/*******************************************************************************
* ***** BEGIN LICENSE BLOCK Version: MPL 1.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with the
* License. You may obtain a copy of the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for
* the specific language governing rights and limitations under the License.
*
* The Original Code is the OpenCustomer CRM.
*
* The Initial Developer of the Original Code is Thomas Bader (Bader & Jene
* Software-Ingenieurb�ro). Portions created by the Initial Developer are
* Copyright (C) 2005 the Initial Developer. All Rights Reserved.
*
* Contributor(s): Thomas Bader <thomas.bader@bader-jene.de>
*                 Felix Breske <felix.breske@bader-jene.de>
*
* ***** END LICENSE BLOCK *****
*/

package org.opencustomer.connector.ldap.auth;

import javax.naming.NamingException;

import org.apache.log4j.Logger;
import org.opencustomer.db.dao.system.UserDAO;
import org.opencustomer.db.vo.system.LdapGroupVO;
import org.opencustomer.db.vo.system.UserVO;

/**
* The class LdapSync handels the synconisation of the ldap directory and the OpenCustomer database.
* @author fbreske
*
*/
public class LdapSync
{
    private static final Logger log = Logger.getLogger(LdapUtil.class);
   
    private static LdapSync INSTANCE = new LdapSync();
   
    /**
     *
     * @return instance of LdapSync
     */
    public static LdapSync getInstance()
    {
        return INSTANCE;
    }

    /**
     * This method syncronise an local user with the corresponding ldap user.
     * The method checks if the user exists and if the user is member of the correct group.
     * @param username the username to check
     * @return the UserVO of the updated username, or null if the user not exists.
     * @throws NamingException on ldap error
     */
    public UserVO syncLdapUser(String username) throws NamingException
    {
        if(log.isDebugEnabled())
            log.debug("sync user: " + username);
          
        UserVO user = new UserDAO().getByUserName(username);
        LdapGroupVO profile = LdapUtil.getInstance().getProfileForUser(username);
       
        if(user == null && profile == null)
        {
            if(log.isDebugEnabled())
                log.debug("ignoring new user without ldapgroups");
        }
        else if(user == null)
        {
            if(log.isDebugEnabled())
                log.debug("creating new user");
            LdapUtil.getInstance().createUserFromLdap(username);
        }
        else if(user.getProfile().getRole().isAdmin())
        {
            if(log.isDebugEnabled())
                log.debug("user is admin, do nothing");
        }
        else if(user.getProfile().getLdapGroup() != null && !LdapAuthenticator.getInstance().isLdapUser(username))
        {
            new UserDAO().delete(user);
            user = null;
            if(log.isDebugEnabled())
                log.debug("oc user deleted: " + username);
        }
        else if((user.getProfile().getRole().isAdmin() || (user.getProfile().getLdapGroup() == null))&& LdapAuthenticator.getInstance().isLdapUser(username))
        {
            log.error("username conflict: " +  username);
            user = null;
        }
        else if(profile == null)
        {
            if(log.isDebugEnabled())
                log.debug("no ldapgroup for user, deleting user");
            new UserDAO().delete(user);
            user = null;
        }
        else if(user.getProfile().getId() != profile.getProfile().getId())
        {
            if(log.isDebugEnabled())
                log.debug("ldap group change");
            user.setProfile(profile.getProfile());
        }
        else
        {
            if(log.isDebugEnabled())
                log.debug("no changes for user: " + username);
        }
        return user;
    }
}
TOP

Related Classes of org.opencustomer.connector.ldap.auth.LdapSync

TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.