ldapadmin - administrators can modify users' uid

config/defaults/ldapadmin/WEB-INF/templates/account-uid-renamed.txt

@@ -0,0 +1,9 @@
+Dear {name},
+
+This message is intended to let you know that your identifier on the
+geOrchestra platform has been modified.
+
+Your new login is now: {uid}
+
+---
+Sent by @shared.instance.name@ (@shared.homepage.url@)

config/defaults/ldapadmin/maven.filter

@@ -36,7 +36,7 @@ smtpPort=@shared.smtp.port@
 replyTo=@shared.email.replyTo@
 from=@shared.email.from@
 emailHtml=@shared.email.html@
-
+warnUserIfUidModified=@shared.ldapadmin.warnifuidmodified@
 # Moderation (enabled by default - we do not want people to be able to gain access to resources without the admin's consent)
 moderatorEmail=@shared.administrator.email@
 
@@ -47,6 +47,7 @@ subject.account.created=
 subject.account.in.process=
 subject.requires.moderation=
 subject.change.password=
+subject.account.uid.renamed=
 moderatedSignup=
 delayInDays=
 requiredFields=

config/shared.maven.filters

@@ -61,6 +61,7 @@ shared.download_form.pdfurl=
 shared.ldapadmin.contextpath=/ldapadmin
 shared.ldapadmin.db=georchestra
 shared.ldapadmin.jdbcurl=jdbc:postgresql://@shared.psql.host@:@shared.psql.port@/@shared.ldapadmin.db@
+shared.ldapadmin.warnifuidmodified=true
 
 shared.mapfishapp.db=georchestra
 shared.mapfishapp.jdbcurl=jdbc:postgresql://@shared.psql.host@:@shared.psql.port@/@shared.mapfishapp.db@

ldapadmin/src/deb/resources/etc/georchestra/ldapadmin/ldapadmin.properties

@@ -39,6 +39,8 @@ subject.account.created=[geOrchestra] Your account has been created
 subject.account.in.process=[geOrchestra] Your new account is waiting for validation
 subject.requires.moderation=[geOrchestra] New account waiting for validation
 subject.change.password=[geOrchestra] Update your password
+subject.account.uid.renamed=[geOrchestra] New login for your account
+warnUserIfUidModified=true
 
 # Used in header*.jsp (size in px)
 headerHeight=90

ldapadmin/src/deb/resources/etc/georchestra/ldapadmin/templates/account-uid-renamed.txt

@@ -0,0 +1,9 @@
+Dear {name}, 
+
+This message is intended to let you know that your identifier on the
+geOrchestra platform has been modified.
+
+Your new login is now: {uid}
+
+---
+Sent by geOrchestra (http://georchestra.mydomain.org/)

ldapadmin/src/main/filtered-resources/WEB-INF/spring/ldapadmin.properties

@@ -38,4 +38,5 @@ subject.account.created=${subject.account.created}
 subject.account.in.process=${subject.account.in.process}
 subject.requires.moderation=${subject.requires.moderation}
 subject.change.password=${subject.change.password}
-
+subject.account.uid.renamed=${subject.account.uid.renamed}
+warnUserIfUidModified=${warnUserIfUidModified}

ldapadmin/src/main/java/org/georchestra/ldapadmin/ds/AccountDao.java

@@ -58,6 +58,19 @@ public interface AccountDao {
 	 */
 	void update(final Account account) throws DataServiceException, DuplicatedEmailException;
 
+	/**
+	 * Updates the user account, given the old and the new state of the account
+	 * Needed if a DN update is required (modifying the uid).
+	 *
+	 * @param account
+	 * @param modified
+	 *
+	 * @throws DuplicatedEmailException
+	 * @throws DataServiceException
+	 * @throws NotFoundException
+	 */
+	void update(Account account, Account modified) throws DataServiceException, DuplicatedEmailException, NotFoundException;
+
 	/**
 	 * Changes the user password
 	 * 
@@ -123,8 +136,4 @@ public interface AccountDao {
 	 */
 	String generateUid(String uid) throws DataServiceException;
 
-
-
-
-
 }

ldapadmin/src/main/java/org/georchestra/ldapadmin/ds/AccountDaoImpl.java

@@ -16,6 +16,7 @@
 import org.apache.commons.logging.LogFactory;
 import org.georchestra.ldapadmin.dto.Account;
 import org.georchestra.ldapadmin.dto.AccountFactory;
+import org.georchestra.ldapadmin.dto.Group;
 import org.georchestra.ldapadmin.dto.UserSchema;
 import org.georchestra.ldapadmin.ws.newaccount.UidGenerator;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -190,7 +191,7 @@ public Object mapFromAttributes(Attributes attributes) throws NamingException {
      * @see {@link AccountDao#update(Account)}
      */
     @Override
-    public void update(final Account account) throws DataServiceException, DuplicatedEmailException {
+    public synchronized void update(final Account account) throws DataServiceException, DuplicatedEmailException {
 
         // checks mandatory fields
         if (account.getUid().length() == 0) {
@@ -233,13 +234,27 @@ public void update(final Account account) throws DataServiceException, Duplicate
         ldapTemplate.modifyAttributes(context);
     }
 
+    /**
+     * @see {@link AccountDao#update(Account, Account)}
+     */
+    @Override
+    public synchronized void update(Account account, Account modified) throws DataServiceException, DuplicatedEmailException, NotFoundException {
+       if (! account.getUid().equals(modified.getUid())) {
+           ldapTemplate.rename(buildDn(account.getUid()), buildDn(modified.getUid()));
+           for (Group g : groupDao.findAllForUser(account.getUid())) {
+               groupDao.modifyUser(g.getName(), account.getUid(), modified.getUid());
+           }
+       }
+       update(modified);
+    }
+
     /**
      * Removes the user account and the reference included in the group
      *
      * @see {@link AccountDao#delete(Account)}
      */
     @Override
-    public void delete(final String uid) throws DataServiceException, NotFoundException {
+    public synchronized void delete(final String uid) throws DataServiceException, NotFoundException {
         this.ldapTemplate.unbind(buildDn(uid), true);
 
         this.groupDao.deleteUser(uid);
@@ -572,5 +587,4 @@ public String generateUid(String uid) throws DataServiceException {
 
         return newUid;
     }
-
 }

ldapadmin/src/main/java/org/georchestra/ldapadmin/ds/GroupDao.java

@@ -30,34 +30,50 @@ public interface GroupDao {
 	 * @return list of {@link Group}
 	 */
 	List<Group> findAll() throws DataServiceException;
-
+
+	/**
+	 * Returns all groups for a given uid.
+	 *
+	 * @return list of {@link Group}
+	 */
+	List<Group> findAllForUser(String userId) throws DataServiceException;
+
 	/**
 	 * Returns the group's users
 	 * 
 	 * @return list of user uid
 	 */
 	List<String> findUsers(final String groupName) throws DataServiceException;
 
-
 	/**
 	 * Deletes the user from all groups 
-	 * 
+	 *
 	 * @param uid
 	 * @throws DataServiceException
 	 */
 	void deleteUser(String uid) throws DataServiceException;
-	
+
 	void deleteUsers(String cn, List<String> deleteList) throws DataServiceException, NotFoundException;
-	
+
 	/**
-	 * Deletes the user from the user
+	 * Deletes the user from the group
 	 * 
 	 * @param groupName
 	 * @param uid
 	 * @throws DataServiceException
 	 */
 	void deleteUser(String groupName, String uid) throws DataServiceException;
 
+	/**
+	 * Modifies the user (e.g. rename) from the group
+	 *
+	 * @param groupName
+	 * @param oldUid
+	 * @param newUid
+	 * @throws DataServiceException
+	 */
+	void modifyUser(String groupName, String oldUid, String newUid) throws DataServiceException;
+
 	/**
 	 * Adds the group
 	 * 

ldapadmin/src/main/java/org/georchestra/ldapadmin/ds/GroupDaoImpl.java

@@ -11,6 +11,7 @@
 
 import javax.naming.InvalidNameException;
 import javax.naming.Name;
+import javax.naming.NamingEnumeration;
 import javax.naming.NamingException;
 import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
@@ -158,6 +159,17 @@ public void deleteUser(String groupName, String uid) throws DataServiceException
 		this.ldapTemplate.modifyAttributes(ctx);
 	}
 
+    @Override
+    public void modifyUser(String groupName, String oldUid, String newUid) throws DataServiceException {
+        Name dnGroup = buildGroupDn(groupName);
+        String oldUserDn = buildUserDn(oldUid).toString();
+        String newUserDn = buildUserDn(newUid).toString();
+        DirContextOperations ctx = ldapTemplate.lookupContext(dnGroup);
+        ctx.removeAttributeValue("member", oldUserDn);
+        ctx.addAttributeValue("member", newUserDn);
+        this.ldapTemplate.modifyAttributes(ctx);
+    }
+
 	public List<Group> findAll() throws DataServiceException {
 
 		EqualsFilter filter = new EqualsFilter("objectClass", "groupOfMembers");
@@ -172,6 +184,16 @@ public List<Group> findAll() throws DataServiceException {
 		return new LinkedList<Group>(sorted);
 	}
 
+	public List<Group> findAllForUser(String userId) {
+		EqualsFilter grpFilter = new EqualsFilter("objectClass", "groupOfMembers");
+		AndFilter filter = new AndFilter();
+		filter.and(grpFilter);
+
+		filter.and(new EqualsFilter("member", buildUserDn(userId).toString()));
+		return ldapTemplate.search(DistinguishedName.EMPTY_PATH, filter.encode(),
+				new GroupContextMapper());
+	}
+
 	public List<String> findUsers(final String groupName) throws DataServiceException{
 
 		AndFilter filter = new AndFilter();
@@ -458,5 +480,4 @@ public void deleteUsersInGroups(List<String> deleteGroup, List<String> users)
 
 	}
 
-
 }

ldapadmin/src/main/java/org/georchestra/ldapadmin/dto/AccountFactory.java

@@ -184,4 +184,38 @@ public static Account createFull(
 		return a;
 	}
 
+	/**
+	 * Creates an account object from another one, given as argument.
+	 *
+	 * @param o other account to copy
+	 */
+	public static Account create(Account o) {
+		Account a = new AccountImpl();
+		a.setUid(o.getUid());
+		a.setCommonName(o.getCommonName());
+		a.setSurname(o.getSurname());
+		a.setOrg(o.getOrg());
+		a.setEmail(o.getEmail());
+		a.setPhone(o.getPhone());
+		a.setDescription(o.getDescription());
+		// passwords / new passwords fields voluntarily omitted:
+		// the password update process should not go through this.
+		a.setGivenName(o.getGivenName());
+		a.setTitle(o.getTitle());
+		a.setPostalAddress(o.getPostalAddress());
+		a.setPostalCode(o.getPostalCode());
+		a.setRegisteredAddress(o.getRegisteredAddress());
+		a.setPostOfficeBox(o.getPostOfficeBox());
+		a.setPhysicalDeliveryOfficeName(o.getPhysicalDeliveryOfficeName());
+		a.setStreet(o.getStreet());
+		a.setLocality(o.getLocality());
+		a.setFacsimile(o.getFacsimile());
+		a.setMobile(o.getMobile());
+		a.setRoomNumber(o.getRoomNumber());
+		a.setStateOrProvince(o.getStateOrProvince());
+		a.setOrganizationalUnit(o.getOrganizationalUnit());
+		a.setHomePostalAddress(o.getHomePostalAddress());
+		return a;
+	}
+
 }

ldapadmin/src/main/java/org/georchestra/ldapadmin/mailservice/AccountUidRenamedEmail.java

@@ -0,0 +1,51 @@
+package org.georchestra.ldapadmin.mailservice;
+
+import javax.mail.MessagingException;
+import javax.mail.internet.AddressException;
+import javax.servlet.ServletContext;
+
+import org.georchestra.commons.configuration.GeorchestraConfiguration;
+
+public class AccountUidRenamedEmail extends Email {
+
+	private ServletContext context;
+
+	public AccountUidRenamedEmail(String[] recipients,
+			String emailSubject,
+			String smtpHost,
+			int smtpPort,
+			String emailHtml,
+			String replyTo,
+			String from,
+			String bodyEncoding,
+			String subjectEncoding,
+			String[] languages,
+			String fileTemplate,
+			ServletContext ctx,
+			GeorchestraConfiguration georConfig) {
+		super(recipients, emailSubject, smtpHost, smtpPort, emailHtml, replyTo,
+				from, bodyEncoding, subjectEncoding, languages,
+				fileTemplate, georConfig);
+
+		context = ctx;
+	}
+
+	@Override
+	protected String toAbsolutePath(String fileTemplate) {
+    	return this.context.getRealPath(fileTemplate);
+	}
+
+	public void sendMsg(final String userName, final String uid)
+			throws AddressException, MessagingException {
+		String body = getBodyTemplate();
+		body = body.replace("{uid}", uid);
+		body = body.replace("{name}", userName);
+
+		if(LOG.isDebugEnabled() ){
+			LOG.debug("built email: "+ body);
+		}
+
+		super.sendMsg(body);
+	}
+
+}

ldapadmin/src/main/java/org/georchestra/ldapadmin/mailservice/Email.java

@@ -83,8 +83,7 @@ public String toString() {
 
 	/**
      * Read the body from template
-     * @param servletContext
-     * @return
+     * @return String the formatted message
      */
     protected String getBodyTemplate() {
 

ldapadmin/src/main/java/org/georchestra/ldapadmin/mailservice/EmailFactoryImpl.java

@@ -23,6 +23,17 @@ public class EmailFactoryImpl extends AbstractEmailFactory {
 
 	private String changePasswordEmailFile;
 	private String changePasswordEmailSubject;
+
+	private String accountUidRenamedEmailFile;
+	private String accountUidRenamedEmailSubject;
+
+	public void setAccountUidRenamedEmailSubject(String accountUidRenamedEmailSubject) {
+		this.accountUidRenamedEmailSubject = accountUidRenamedEmailSubject;
+	}
+
+	public void setAccountUidRenamedEmailFile(String accountUidRenamedEmailFile) {
+		this.accountUidRenamedEmailFile = accountUidRenamedEmailFile;
+	}
 
 	public void setAccountWasCreatedEmailFile(String accountWasCreatedEmailFile) {
 		this.accountWasCreatedEmailFile = accountWasCreatedEmailFile;
@@ -160,4 +171,27 @@ public AccountWasCreatedEmail createAccountWasCreatedEmail(ServletContext servle
 		return mail;
 
 	}
+
+	public AccountUidRenamedEmail createAccountUidRenamedEmail(ServletContext servletContext, String[] recipients) {
+
+		super.emailSubject = this.accountUidRenamedEmailSubject;
+
+		AccountUidRenamedEmail mail = new AccountUidRenamedEmail(
+				recipients,
+				super.emailSubject,
+				this.smtpHost,
+				this.smtpPort,
+				this.emailHtml,
+				this.replyTo,
+				this.from,
+				this.bodyEncoding,
+				this.subjectEncoding,
+				this.languages,
+				this.accountUidRenamedEmailFile,
+				servletContext,
+				this.georConfig
+				);
+
+		return mail;
+	}
 }