idok-commit AT lists.psi.ch
Subject: Commit emails of the iDok project
List archive
- From: "Apache" <apache AT savannah.psi.ch>
- To: idok-commit AT lists.psi.ch
- Subject: [idok-commit] idok commit r146 - trunk/java/ch/idok/qtgui
- Date: Mon, 21 Jul 2008 09:09:47 +0200
- List-archive: <https://lists.web.psi.ch/pipermail/idok-commit/>
- List-id: Commit emails of the iDok project <idok-commit.lists.psi.ch>
Author: huebner AT PSI.CH
Date: Mon Jul 21 09:09:46 2008
New Revision: 146
Log:
Added LDAP support for the User/Group rights management
Added:
trunk/java/ch/idok/qtgui/Ldap.java
Modified:
trunk/java/ch/idok/qtgui/AuthorizationController.java
Modified: trunk/java/ch/idok/qtgui/AuthorizationController.java
==============================================================================
--- trunk/java/ch/idok/qtgui/AuthorizationController.java (original)
+++ trunk/java/ch/idok/qtgui/AuthorizationController.java Mon Jul 21
09:09:46 2008
@@ -20,6 +20,7 @@
package ch.idok.qtgui;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.List;
import ch.idok.common.errorhandling.DmsException;
@@ -33,8 +34,10 @@
import com.trolltech.qt.gui.QAbstractItemView;
import com.trolltech.qt.gui.QAction;
import com.trolltech.qt.gui.QBrush;
+import com.trolltech.qt.gui.QButtonGroup;
import com.trolltech.qt.gui.QColor;
import com.trolltech.qt.gui.QComboBox;
+import com.trolltech.qt.gui.QCompleter;
import com.trolltech.qt.gui.QCursor;
import com.trolltech.qt.gui.QDialog;
import com.trolltech.qt.gui.QGridLayout;
@@ -43,7 +46,9 @@
import com.trolltech.qt.gui.QLineEdit;
import com.trolltech.qt.gui.QMenu;
import com.trolltech.qt.gui.QMessageBox;
+import com.trolltech.qt.gui.QProgressDialog;
import com.trolltech.qt.gui.QPushButton;
+import com.trolltech.qt.gui.QRadioButton;
import com.trolltech.qt.gui.QTreeWidgetItem;
/**
@@ -71,16 +76,36 @@
private final QMenu emptySpaceMenu_;
private final QDialog askForDialog_;
+
+ private final QDialog askForCompleterDialog_;
private final QDialog askForChoiceDialog_;
+
+ private final QDialog askForRadioDialog_;
+
+ private final QDialog askForAutoDialog_;
private final QLabel askForLabel_;
+
+ private final QLabel askForCompleterLabel_;
private final QLabel askForChoiceLabel_;
+
+ private final QLabel askForRadioLabel_;
+
+ private final QLabel askForAutoLabel_;
private final QLineEdit askForLine_;
+
+ private final QLineEdit askForCompleterLine_;
private final QComboBox askForChoice_;
+
+ private final QLineEdit askForAuto_;
+
+ private List<String> currentAutoList;
+
+ private final QButtonGroup askForButtonGroup_;
private static String[] actionName = { "read", "write", "admin" };
@@ -91,6 +116,10 @@
private String project_;
private String repo_;
+
+ QProgressDialog progress_;
+
+ private static QCursor BUSYCURSOR = new
QCursor(Qt.CursorShape.BusyCursor);
public AuthorizationController() {
asd_ = new QDialog();
@@ -112,6 +141,22 @@
okButton.clicked.connect(askForDialog_, "accept()");
cancelButton.clicked.connect(askForDialog_, "reject()");
+
+ // create a dialog
+ askForCompleterDialog_ = new QDialog(asd_);
+ QGridLayout gridLayout5 = new QGridLayout(askForCompleterDialog_);
+ askForCompleterLabel_ = new QLabel(askForCompleterDialog_);
+ askForCompleterLine_ = new QLineEdit(askForCompleterDialog_);
+ QPushButton okButton5 = new QPushButton(askForCompleterDialog_);
+ okButton5.setText("Ok");
+ QPushButton cancelButton5 = new QPushButton(askForCompleterDialog_);
+ cancelButton5.setText("Cancel");
+ gridLayout5.addWidget(askForCompleterLabel_, 0, 0, 1, 2);
+ gridLayout5.addWidget(askForCompleterLine_, 1, 0, 1, 2);
+ gridLayout5.addWidget(okButton5, 2, 0);
+ gridLayout5.addWidget(cancelButton5, 2, 1);
+ okButton5.clicked.connect(askForCompleterDialog_, "accept()");
+ cancelButton5.clicked.connect(askForCompleterDialog_, "reject()");
// create simple dialog with combobox
askForChoiceDialog_ = new QDialog(asd_);
@@ -131,6 +176,58 @@
okButton2.clicked.connect(askForChoiceDialog_, "accept()");
cancelButton2.clicked.connect(askForChoiceDialog_, "reject()");
+ // create suggestion combobox
+ askForAutoDialog_ = new QDialog(asd_);
+ QGridLayout gridLayout4 = new QGridLayout(askForAutoDialog_);
+ askForAutoLabel_ = new QLabel(askForAutoDialog_);
+ askForAuto_ = new QLineEdit(askForAutoDialog_);
+// askForAuto_.setEditable(true);
+ currentAutoList = new ArrayList<String>();
+ QPushButton okButton4 = new QPushButton(askForAutoDialog_);
+ okButton4.setText(tr("Ok"));
+ QPushButton cancelButton4 = new QPushButton(askForAutoDialog_);
+ cancelButton4.setText(tr("Cancel"));
+ gridLayout4.addWidget(askForAutoLabel_, 0, 0, 1, 2);
+ gridLayout4.addWidget(askForAuto_, 1, 0, 1, 2);
+ gridLayout4.addWidget(okButton4, 2, 0);
+ gridLayout4.addWidget(cancelButton4, 2, 1);
+ okButton4.clicked.connect(askForAutoDialog_, "accept()");
+ cancelButton4.clicked.connect(askForAutoDialog_, "reject()");
+ askForAuto_.textChanged.connect(this, "changeAskForAutoList()");
+
+ //create a radio dialog
+ askForRadioDialog_ = new QDialog(asd_);
+ askForButtonGroup_ = new QButtonGroup(askForRadioDialog_);
+ QGridLayout gridLayout3 = new QGridLayout(askForRadioDialog_);
+ askForRadioLabel_ = new QLabel(askForRadioDialog_);
+ QRadioButton readRadio = new QRadioButton(askForRadioDialog_);
+ readRadio.setText("read");
+ QRadioButton writeRadio = new QRadioButton(askForRadioDialog_);
+ writeRadio.setText("write");
+ QRadioButton adminRadio = new QRadioButton(askForRadioDialog_);
+ adminRadio.setText("admin");
+ askForButtonGroup_.addButton(readRadio);
+ askForButtonGroup_.addButton(writeRadio);
+ askForButtonGroup_.addButton(adminRadio);
+ QPushButton okButton3 = new QPushButton(askForRadioDialog_);
+ okButton3.setText(tr("Ok"));
+ QPushButton cancelButton3 = new QPushButton(askForRadioDialog_);
+ cancelButton3.setText(tr("Cancel"));
+ gridLayout3.addWidget(askForRadioLabel_, 0, 0, 1, 2);
+ gridLayout3.addWidget(readRadio, 1, 0, 1, 2);
+ gridLayout3.addWidget(writeRadio, 1, 1, 1, 2);
+ gridLayout3.addWidget(adminRadio, 1, 2, 1, 2);
+ gridLayout3.addWidget(okButton3, 2, 0);
+ gridLayout3.addWidget(cancelButton3, 2, 1);
+ okButton3.clicked.connect(askForRadioDialog_, "accept()");
+ cancelButton3.clicked.connect(askForRadioDialog_, "reject()");
+// askForButtonGroup_.buttonClicked.connect(askForRadioDialog_,
"accept()");
+
+ gridLayout2.addWidget(askForChoiceLabel_, 0, 0, 1, 2);
+ gridLayout2.addWidget(askForChoice_, 1, 0, 1, 2);
+ gridLayout2.addWidget(okButton2, 2, 0);
+ gridLayout2.addWidget(cancelButton2, 2, 1);
+
uasd_ = new Ui_AuthorizationSettingsDialog();
uasd_.setupUi(asd_);
asd_.setWindowTitle(tr("Authorization Settings Dialog"));
@@ -187,6 +284,10 @@
actionG.triggered.connect(this, "addGroupToACL()");
QAction actionH = new QAction("Create new group", asd_);
actionH.triggered.connect(this, "createNewGroup()");
+ QAction actionI = new QAction("Create new group from Ldap", asd_);
+ actionI.triggered.connect(this, "createNewLdapGroup()");
+ QAction actionJ = new QAction("Delete group and users", asd_);
+ actionJ.triggered.connect(this, "removeGroupAndUsers()");
topLevelUserMenu_ = new QMenu(asd_);
topLevelUserMenu_.addAction(actionA);
@@ -194,6 +295,7 @@
topLevelGroupMenu_ = new QMenu(asd_);
topLevelGroupMenu_.addAction(actionB);
topLevelGroupMenu_.addAction(actionC);
+ topLevelGroupMenu_.addAction(actionJ);
userWithinGroupMenu_ = new QMenu(asd_);
userWithinGroupMenu_.addAction(actionD);
@@ -206,6 +308,7 @@
emptySpaceMenu_.addAction(actionF);
emptySpaceMenu_.addAction(actionG);
emptySpaceMenu_.addAction(actionH);
+ emptySpaceMenu_.addAction(actionI);
}
@@ -323,6 +426,79 @@
}
}
+
+
+ private final void createNewLdapGroup() {
+
+ asd_.setCursor(BUSYCURSOR);
+ askForAutoDialog_.setCursor(BUSYCURSOR);
+
+ progress_ = new QProgressDialog(asd_);
+ progress_.setLabelText("Generating Group...");
+ // since I do not know the number of rows in advance I just use
+ // a busy indicator here
+ progress_.setRange(0, 0);
+ progress_.setModal(true);
+
+ ArrayList<String> ldap = Ldap.getGroups();
+ Collections.sort(ldap);
+ String ldapGroup = askForCompleter("Enter Ldap group name", ldap);
+ String group = "@@" + ldapGroup;
+ if (group == null)
+ return;
+
+ ArrayList<String> ldapMember = Ldap.getGroupMembers(ldapGroup);
+// Collections.sort(ldapMember);
+// String member = askForChoice(tr("Enter first member"),ldapMember);
+// if (member == null)
+// return;
+//
+ try {
+ for (String member : ldapMember) {
+ ServiceProvider.getInstance().getAdminService().addToGroup(
+ GuiClientHandler.getInstance().getCredentials(),
member,
+ group);
+ defineAccessRights();
+ }
+ } catch (DmsException e) {
+ QMessageBox.warning(null, tr("iDok Warning"), String
+ .format(tr("Unable to create new group \n %1$s"), e
+ .getLogMessage()));
+ asd_.raise();
+ }
+ asd_.unsetCursor();
+ askForAutoDialog_.unsetCursor();
+ }
+
+ private final void removeGroupAndUsers(){
+ String groupName = selectedItem_.text(0);
+// if (!groupName.startsWith("@@")){
+// return;
+// }
+
+ try {
+ AdminService.QueryMatch[] members = ServiceProvider.getInstance()
+ .getAdminService().queryGroupMembers(
+ GuiClientHandler.getInstance().getCredentials(),
+ "", groupName);
+ for (int j = 0; j < members.length; ++j) {
+
ServiceProvider.getInstance().getAdminService().removeFromGroup(
+ GuiClientHandler.getInstance().getCredentials(),
members[j].getName(),
+ groupName);
+ defineAccessRights();
+
+ }
+ ServiceProvider.getInstance().getAdminService().revokePermission(
+ GuiClientHandler.getInstance().getCredentials(),
groupName,
+ task_);
+ defineAccessRights();
+ } catch (DmsException e) {
+ QMessageBox.warning(null, tr("iDok Warning"), String.format(
+ tr("Unable to remove user from group \n %1$s"), e
+ .getLogMessage()));
+ asd_.raise();
+ }
+ }
private final void addPrincipalToGroup() {
String groupName = selectedItem_.text(0);
@@ -362,21 +538,12 @@
}
private final void addUserToACL() {
- String principal = askFor(tr("Enter name of user to add"));
+ String principal = askForAuto(tr("Enter name of user to add"));
if (principal == null)
return;
- String action = askFor(tr("Enter rights needed (read, write or
admin)"));
+ String action = askForRadio(tr("Choose user rights"));
if (action == null)
return;
- if (action.startsWith("r")) {
- action = "read";
- } else if (action.startsWith("w")) {
- action = "write";
- } else if (action.startsWith("a")) {
- action = "admin";
- } else {
- return;
- }
try {
ServiceProvider.getInstance().getAdminService().grantPermission(
GuiClientHandler.getInstance().getCredentials(),
principal,
@@ -414,18 +581,9 @@
String principal = askForChoice(tr("Select group to add"), choices);
if (principal == null)
return;
- String action = askFor(tr("Enter rights needed (read, write or
admin)"));
+ String action = askForRadio(tr("Enter the rights of the group"));
if (action == null)
return;
- if (action.startsWith("r")) {
- action = "read";
- } else if (action.startsWith("w")) {
- action = "write";
- } else if (action.startsWith("a")) {
- action = "admin";
- } else {
- return;
- }
try {
ServiceProvider.getInstance().getAdminService().grantPermission(
@@ -444,7 +602,7 @@
String group = askFor(tr("Enter name of new group
(project/[repo/]@group)"));
if (group == null)
return;
- String member = askFor(tr("Enter first member"));
+ String member = askForAuto(tr("Enter first member"));
if (member == null)
return;
try {
@@ -655,5 +813,55 @@
return null;
}
}
+
+ private final String askForCompleter(String prompt, List<String>
choices) {
+
+ askForCompleterLabel_.setText(prompt);
+ askForCompleterLine_.clear();
+
+ QCompleter completer = new QCompleter(choices);
+ completer.setCaseSensitivity(Qt.CaseSensitivity.CaseInsensitive);
+ askForCompleterLine_.setCompleter(completer);
+ if (askForCompleterDialog_.exec() ==
QDialog.DialogCode.Accepted.value()) {
+ return askForCompleterLine_.text();
+ } else {
+ return null;
+ }
+ }
+
+ private final String askForRadio(String prompt) {
+ askForRadioLabel_.setText(prompt);
+ if (askForRadioDialog_.exec() ==
QDialog.DialogCode.Accepted.value()) {
+ return askForButtonGroup_.checkedButton().text();
+ } else {
+ return null;
+ }
+
+ }
+
+ private final String askForAuto(String prompt) {
+ askForAuto_.clear();
+ askForAutoLabel_.setText(prompt);
+ if (askForAutoDialog_.exec() == QDialog.DialogCode.Accepted.value())
{
+ return askForAuto_.text();
+ } else {
+ return null;
+ }
+
+ }
+
+ private final void changeAskForAutoList(){
+ if (askForAuto_.text().length()==0) {
+ askForAuto_.clear();
+ currentAutoList.clear();
+ }
+ if (askForAuto_.text().length()==1) {
+ currentAutoList = Ldap.getMembers(askForAuto_.text());
+ }
+ QCompleter completer = new QCompleter(currentAutoList);
+ completer.setCaseSensitivity(Qt.CaseSensitivity.CaseInsensitive);
+ askForAuto_.setCompleter(completer);
+ }
+
}
Added: trunk/java/ch/idok/qtgui/Ldap.java
==============================================================================
--- (empty file)
+++ trunk/java/ch/idok/qtgui/Ldap.java Mon Jul 21 09:09:46 2008
@@ -0,0 +1,200 @@
+package ch.idok.qtgui;
+
+
+
+import java.io.FileReader;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Properties;
+
+import javax.naming.Context;
+import javax.naming.NameClassPair;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.InitialDirContext;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+
+public class Ldap {
+
+ public static String ADS_GROUP_TYPE_SECURITY_GROUP = "-2147483646";
+ public static String ADS_GROUP_TYPE_DISTRIBUTIONLIST_GROUP =
"-2147483640";
+
+ private static String getkey(){
+ String pass = new String();
+ FileReader keyfile = null;
+ try {
+ keyfile = new FileReader("/scratch/dmsadmin.key" );
+ for ( int c; ( c = keyfile.read() ) != -1; )
+ pass += (char)c;
+ }
+ catch (IOException e) {
+ System.err.println( "Error reading file!" );
+ }
+ finally {
+ try {keyfile.close();} catch (Exception e) {}
+ }
+ return pass;
+ }
+
+ private static NamingEnumeration<SearchResult> search(String
searchBase,String searchFilter,String[] returningattribute){
+
+ String ldapHost = "d.psi.ch";
+ String loginDN = "dmsadmin";
+ String password = getkey();
+ String rootContext = "";
+
+ Properties env = new Properties();
+
+ env.put(
Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
+ env.put( Context.PROVIDER_URL, "ldaps://" + ldapHost + "/" +
rootContext );
+ env.put( Context.SECURITY_PRINCIPAL, loginDN );
+ env.put( Context.SECURITY_CREDENTIALS, password );
+
+ NamingEnumeration<SearchResult> list = null;
+
+ try {
+ // Create the initial context
+ DirContext ctx = new InitialDirContext(env);
+ SearchControls ctls = new SearchControls();
+ ctls.setCountLimit(0);
+ ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
+ ctls.setDerefLinkFlag(true);
+ ctls.setReturningObjFlag(false);
+ ctls.setReturningAttributes(returningattribute);
+
+ // Get listing of context
+ list = ctx.search(searchBase, searchFilter, ctls);
+
+
+ // Close the context when we're done
+ ctx.close();
+ } catch (NamingException e) {
+ System.out.println("List failed: " + e);
+ }
+ return list;
+
+ }
+
+
+
+ public static ArrayList<String> getGroupMembers(String group){
+ String[] returningattribute = {"*"};
+ ArrayList<String> nameList = new ArrayList<String>();
+ NamingEnumeration<SearchResult> results =
search("OU=Groups,OU=PSI,DC=d,DC=psi,DC=ch", "CN="+group,returningattribute);
+ try {
+ while (results.hasMoreElements()) {
+ SearchResult sr = (SearchResult) results.next();
+ Attributes attrs = sr.getAttributes();
+ if (attrs != null) {
+ NamingEnumeration<? extends Attribute> ae =
attrs.getAll();
+ while (ae.hasMore()) {
+ Attribute attr = (Attribute) ae.nextElement();
+ if (attr.getID() != null &&
attr.getID().equals("member")) {
+ NamingEnumeration a = attr.getAll();
+ while (a.hasMoreElements()) {
+ String elem = (String) a.nextElement();
+// System.out.println(elem);
+ if
(elem.split(",")[1].contains("OU=Users")) {
+
nameList.add(elem.split(",")[0].substring(3));
}
+ }
+ }
+ }
+ }
+ }
+
+ }catch(NamingException e){
+ System.out.println("Error: " + e.toString());
+ }
+ return nameList;
+ }
+
+/* public static ArrayList<String> getMemberGroups(String member){
+
+ ArrayList<String> groupList = new ArrayList<String>();
+ LDAPConnection lc = new LDAPConnection(new
LDAPJSSESecureSocketFactory());
+ LDAPSearchResults results =
search(lc,"OU=Users,OU=PSI,DC=d,DC=psi,DC=ch","CN="+member);
+
+
+ while (results.hasMore()){
+ LDAPEntry nextEntry = null;
+ try {
+ nextEntry = results.next();
+ LDAPAttributeSet entryAttrs =
nextEntry.getAttributeSet();
+// Object[] array = entryAttrs.toArray();
+// for (int i = 0; i < array.length; i++) {
+// System.out.println((LDAPAttribute)array[i]);
+// }
+ if (entryAttrs.getAttribute("memberOf")!=null){
+// System.out.println("\n" + nextEntry.getDN());
+ String[] array =
entryAttrs.getAttribute("memberOf").getStringValueArray();
+ for (int i = 0; i < array.length; i++) {
+ if
((array[i].split(",")[1].contains("OU=Groups"))&&(array[i].split(",")[2].contains("OU=PSI")))
{
+//
System.out.println(array[i].split(",")[0].substring(3));
+
groupList.add(array[i].split(",")[0].substring(3));
+ }
+ }
+ }
+
+ }
+ catch(LDAPException e){
+ System.out.println("Error: " + e.toString());
+ // Exception is thrown, go for next entry
+ continue;
+ }
+// System.out.println("\n" + nextEntry.getDN());
+ }
+ // disconnect with the server
+ try {
+ lc.disconnect();
+ } catch (LDAPException e) {
+ e.printStackTrace();
+ }
+ return groupList;
+ }*/
+
+ public static ArrayList<String> getGroups(){
+ String[] returningattribute = {"CN=*"};
+ ArrayList<String> groupList = new ArrayList<String>();
+ NamingEnumeration<SearchResult> results =
search("OU=Groups,OU=PSI,DC=d,DC=psi,DC=ch","CN=*",returningattribute);
+
+ try {
+ while (results.hasMore()){
+ NameClassPair nextEntry = null;
+ nextEntry = (NameClassPair)results.next();
+ if (nextEntry.toString().split(":")[1].contains(" null")) {
+
groupList.add(nextEntry.toString().split(":")[0].substring(3));
+ }
+ }
+ }catch(NamingException e){
+ System.out.println("Error: " + e.toString());
+ // Exception is thrown, go for next entry
+ }
+ return groupList;
+ }
+
+ public static ArrayList<String> getMembers(String nameStartsWith){
+ String[] returningattribute = {};
+ ArrayList<String> memberList = new ArrayList<String>();
+ NamingEnumeration<SearchResult> results =
search("OU=Users,OU=PSI,DC=d,DC=psi,DC=ch",
"CN="+nameStartsWith+"*",returningattribute);
+
+ // Go through each item in list
+ try {
+ while (results.hasMore()){
+ NameClassPair nextEntry = null;
+ nextEntry = (NameClassPair)results.next();
+ if (nextEntry.toString().split(":")[1].contains(" null")) {
+
memberList.add(nextEntry.getName().toString().split(",")[0].substring(3));
+ }
+// System.out.println(nextEntry);
+ }
+ } catch (NamingException e) {
+ e.printStackTrace();
+ }
+ return memberList;
+ }
+
+}
- [idok-commit] idok commit r146 - trunk/java/ch/idok/qtgui, Apache, 07/21/2008
Archive powered by MHonArc 2.6.19.