1 /*******************************************************************************
2 * Copyright � Igor Barma, Alexandre Desoubeaux, Christian Martel, Eric Brun, Mathieu Amblard, Gwenael Gevet, Pierre Guillot, 2012
3 * Copyright Alexandre Desoubeaux, Christian Martel, Cedric Lecarpentier, Alexandre Lefevre, Marc Salvat 2014-2016
4 * Copyright Alexandre Desoubeaux, Christian Martel, Cedric Lecarpentier, Marc Salvat, Marc Suarez, Harifetra Ramamonjy 2017
6 * This file is part of the work and learning management system Pentila Nero.
8 * Pentila Nero is free software. You can redistribute it and/or modify since
9 * you respect the terms of either (at least one of the both license) :
10 * - under the terms of the GNU Affero General Public License as
11 * published by the Free Software Foundation, either version 3 of the
12 * License, or (at your option) any later version.
13 * - the CeCILL-C as published by CeCILL-C; either version 1 of the
14 * License, or any later version
15 * - the GNU Lesser General Public License as published by the
16 * Free Software Foundation, either version 3 of the license,
17 * or (at your option) any later version.
19 * There are special exceptions to the terms and conditions of the
20 * licenses as they are applied to this software. View the full text of
21 * the exception in file LICENSE-PROJECT.txt in the directory of this software
24 * Pentila Nero is distributed in the hope that it will be useful,
25 * but WITHOUT ANY WARRANTY; without even the implied warranty of
26 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
27 * Licenses for more details.
29 * You should have received a copy of the GNU Affero General Public License
30 * and the CeCILL-C and the GNU Lesser General Public License along with
31 * Pentila Nero. If not, see :
32 * <http://www.gnu.org/licenses/> and
33 * <http://www.cecill.info/licences.fr.html>.
34 ******************************************************************************/
35 package com.pentila.entSavoie.directory.impl;
37 import javax.naming.Binding;
38 import javax.naming.NamingEnumeration;
39 import javax.naming.directory.Attributes;
40 import javax.naming.directory.SearchControls;
41 import javax.naming.directory.SearchResult;
43 import com.liferay.portal.kernel.exception.PortalException;
44 import com.liferay.portal.kernel.exception.SystemException;
45 import com.liferay.portal.kernel.log.Log;
46 import com.liferay.portal.kernel.log.LogFactoryUtil;
47 import com.liferay.portal.kernel.util.PrefsPropsUtil;
48 import com.liferay.portal.kernel.util.PropsKeys;
49 import com.liferay.portal.kernel.util.StringPool;
50 import com.liferay.portal.model.Organization;
51 import com.liferay.portal.model.Role;
52 import com.liferay.portal.model.RoleConstants;
53 import com.liferay.portal.model.User;
54 import com.liferay.portal.security.ldap.PortalLDAPUtil;
55 import com.liferay.portal.service.OrganizationLocalServiceUtil;
56 import com.liferay.portal.service.RoleLocalServiceUtil;
57 import com.pentila.entSavoie.ENTRoleUtilFactory;
58 import com.pentila.entSavoie.ENTRolesConstants;
59 import com.pentila.entSavoie.directory.OrganizationFinderService;
60 import com.pentila.entSavoie.userProperties.model.UserProperties;
61 import com.pentila.entSavoie.userProperties.service.UserPropertiesLocalServiceUtil;
62 import com.pentila.entSavoie.utils.ENTCacheUtils;
63 import com.pentila.entSavoie.utils.ENTMainUtilsLocalServiceUtil;
64 import com.pentila.entSavoie.utils.ENTOrganizationsUtil;
68 * Class used to fetch organizations
69 * @author Cedric Lecarpentier
71 public class OrganizationFinderServiceImpl implements OrganizationFinderService{
74 * Returns true if the user is a student or a parent
78 public boolean hasRestriction(User user) throws PortalException, SystemException {
79 boolean restriction = false;
81 for (Role r : ENTRoleUtilFactory.getInstance(user.getCompanyId()).getENTRoles(user)) {
82 if (r.getName().equals(ENTRolesConstants.NATIONAL_1)
83 || r.getName().equals(ENTRolesConstants.NATIONAL_2) ) {
87 // Except administrators
88 if (RoleLocalServiceUtil.hasUserRole(user.getUserId(), user.getCompanyId(), RoleConstants.ADMINISTRATOR, false)) {
96 * Returns the user's rattach school
98 public Organization getEtabRatachement(User user) {
100 String cacheKey = "etabRatachementCache_" + user.getUserId();
102 // Get Organization from cache instance
103 Organization cacheOrg = (Organization) ENTCacheUtils.getObjectFromCache(cacheKey);
104 if(cacheOrg == null){
105 // if misscache, process
107 cacheOrg = fetchRattachSchool(user);
108 } catch (Exception e) {
109 _log.error("Error when processing rattach school for user "+user.getFullName(), e);
111 ENTCacheUtils.storeObjectIntoCache(cacheKey,cacheOrg,-1);
118 * Fetch user's rattach school
120 private Organization fetchRattachSchool(User user) throws Exception{
122 // First try : if supann schema, return principal organization
123 if (ENTMainUtilsLocalServiceUtil.isSchemaSupann(user.getCompanyId())){
124 return ENTOrganizationsUtil.getOrCreateRootOrg(user.getCompanyId());
127 // Second try : use the UserProperties etabId, which is updated during synchronization
128 UserProperties userProperties = UserPropertiesLocalServiceUtil.getUserPropertiesByUserId(user.getUserId());
129 if (userProperties != null && userProperties.getEtabId() != 0) {
130 Organization org = OrganizationLocalServiceUtil.getOrganization(userProperties.getEtabId());
134 // Third try : use LDAP (case of manually created users)
135 String orgName = null;
136 Binding b = PortalLDAPUtil.getUser(user.getCompanyId(),user.getScreenName());
140 String[] attrs2fetch = {"ENTPersonStructRattach"};
141 Attributes attrs = PortalLDAPUtil.doContextAttributes(user.getCompanyId(), PortalLDAPUtil.getNameInNamespace(user.getCompanyId(),b),attrs2fetch);
142 String[] attrs2fetchForOrg = {"ENTStructureNomCourant", "l", "ENTStructureUAI"};
143 Attributes orgNameAttrs = PortalLDAPUtil.doContextAttributes(user.getCompanyId(), attrs.get("ENTPersonStructRattach").get().toString(),attrs2fetchForOrg);
144 orgName = orgNameAttrs.get("ENTStructureNomCourant").get().toString();
146 String etabNameType = ENTMainUtilsLocalServiceUtil.getENTSynchroEtabName(user.getCompanyId());
147 if (etabNameType.equals("full")) {
148 if (orgNameAttrs.get("l") != null) {
149 orgName += " - " + orgNameAttrs.get("l").get().toString();
151 if (orgNameAttrs.get("ENTStructureUAI") != null) {
152 orgName += " - " + orgNameAttrs.get("ENTStructureUAI").get().toString();
155 return OrganizationLocalServiceUtil.getOrganization(user.getCompanyId(), orgName);
160 * Get school's attribute from LDAP
162 public String getEtabLDAPAttribute(Organization org, String attribute) {
163 String initName = org.getName();
164 String cacheName = null;
169 //key for user group etab name
170 String cacheKey="UG_EtabCache_"+attribute + org.getOrganizationId();
172 // Get value from cache instance
173 cacheName = (String) ENTCacheUtils.getObjectFromCache(cacheKey);
174 // On regarde si le cache est null ou non
177 //if misscache, set new value to variable
180 Binding binding = null;
182 String baseDN = PrefsPropsUtil.getString(org.getCompanyId(),
183 PropsKeys.LDAP_BASE_DN);
185 NamingEnumeration<SearchResult> enu = null;
187 // si classic --> ENTStructureNomCourant
188 // si full --> ENTStructureNomCourant + l + RNE
189 String etabNameType = ENTMainUtilsLocalServiceUtil.getENTSynchroEtabName(org.getCompanyId());
190 if (etabNameType.equals("full")) {
191 // on se base sur le RNE pour realiser la recherche
192 int lindex = initName.lastIndexOf(" - ");
193 initName = initName.substring(lindex+3, initName.length());
197 StringBuilder filter = new StringBuilder();
199 filter.append(StringPool.OPEN_PARENTHESIS);
200 filter.append("ENTStructureUAI");
201 filter.append(StringPool.EQUAL);
202 filter.append(initName);
203 filter.append(StringPool.CLOSE_PARENTHESIS);
205 SearchControls cons = new SearchControls(
206 SearchControls.SUBTREE_SCOPE, 1, 0, null, false, false);
208 enu = PortalLDAPUtil.doContextSearch(org.getCompanyId(), "ou=etablissements,"+PrefsPropsUtil.getString(org.getCompanyId(),"ldap.base.dn"), filter.toString(), cons);
209 } catch (Exception e) {
216 StringBuilder filter = new StringBuilder();
218 filter.append(StringPool.OPEN_PARENTHESIS);
219 filter.append("ENTStructureNomCourant");
220 filter.append(StringPool.EQUAL);
221 filter.append(initName);
222 filter.append(StringPool.CLOSE_PARENTHESIS);
224 SearchControls cons = new SearchControls(
225 SearchControls.SUBTREE_SCOPE, 1, 0, null, false, false);
227 enu = PortalLDAPUtil.doContextSearch(org.getCompanyId(), "ou=etablissements,"+PrefsPropsUtil.getString(org.getCompanyId(),"ldap.base.dn"), filter.toString(), cons);
228 } catch (Exception e) {
233 if (enu.hasMoreElements()) {
234 binding = enu.nextElement();
242 String[] attrs2fetch = {attribute};
243 Attributes attrs = PortalLDAPUtil.doContextAttributes(org.getCompanyId(), binding.getName() + ",ou=etablissements,"+PrefsPropsUtil.getString(org.getCompanyId(),"ldap.base.dn"),attrs2fetch);
245 cacheName = attrs.get(attribute).get().toString();
247 } catch (Exception e) {
248 //e.printStackTrace();
250 ENTCacheUtils.storeObjectIntoCache(cacheKey,cacheName,-1);
253 //could find and get value from cache instance
255 } catch (Exception e) {
256 //if (_log.isErrorEnabled()) {
266 * Stocke un objet dans le cache s'il n'est pas présent et retourne le rne de rattachement du user
268 public String getUserLDAPAttribute(User user, String attribute) {
270 String cacheKey="userLDAPAttribute"+ attribute +user.getUserId();
271 String cacheValue = (String) ENTCacheUtils.getObjectFromCache(cacheKey);
272 if (cacheValue == null) {
273 //if misscache, fetch value
275 cacheValue = getUserLDAPAttributeAction(user, attribute);
276 } catch (Exception e) {
277 _log.error("Error when fetching user's attribute "+attribute+" in LDAP", e);
279 ENTCacheUtils.storeObjectIntoCache(cacheKey,cacheValue,-1);
285 * Get user's attribute from LDAP
290 private String getUserLDAPAttributeAction(User user, String attribute) throws Exception{
294 Binding b = PortalLDAPUtil.getUser(user.getCompanyId(), user.getScreenName());
298 String[] attrs2fetch = {attribute};
299 Attributes attrs = PortalLDAPUtil.doContextAttributes(user.getCompanyId(), PortalLDAPUtil.getNameInNamespace(user.getCompanyId(),b), attrs2fetch);
301 value = attrs.get(attribute).get().toString();
302 } catch(Exception e){
303 _log.error("Error when fetching user's attribute "+attribute+" in LDAP", e);
309 private static Log _log = LogFactoryUtil.getLog(OrganizationFinderServiceImpl.class);