diff --git a/server-application-server/source/java/ch/systemsx/cisd/openbis/generic/server/task/UserManagementMaintenanceTask.java b/server-application-server/source/java/ch/systemsx/cisd/openbis/generic/server/task/UserManagementMaintenanceTask.java
index 1d88eb5337335a626f2390c5ab9be78c46ee6fff..184c6af62c41654adc04693552b76ebeb6d395db 100644
--- a/server-application-server/source/java/ch/systemsx/cisd/openbis/generic/server/task/UserManagementMaintenanceTask.java
+++ b/server-application-server/source/java/ch/systemsx/cisd/openbis/generic/server/task/UserManagementMaintenanceTask.java
@@ -17,6 +17,7 @@ package ch.systemsx.cisd.openbis.generic.server.task;
import java.io.File;
import java.util.Collection;
+import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
@@ -24,6 +25,7 @@ import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.TreeMap;
+import java.util.TreeSet;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Level;
@@ -151,17 +153,25 @@ public class UserManagementMaintenanceTask extends AbstractGroupMaintenanceTask
Log4jSimpleLogger logger = new Log4jSimpleLogger(operationLog);
Set<String> knownUsers = new HashSet<>();
UserManager userManager = createUserManager(config, logger, report);
+ Set<String> usersToBeIgnored = getUsersToBeIgnored(config);
for (UserGroup group : config.getGroups())
{
- addGroup(userManager, group);
+ addGroup(userManager, group, usersToBeIgnored);
addAllTo(knownUsers, group.getUsers());
addAllTo(knownUsers, config.getInstanceAdmins());
}
- userManager.manage(knownUsers);
+ knownUsers.removeAll(usersToBeIgnored);
+ userManager.manage(knownUsers, usersToBeIgnored);
handleReport(report);
operationLog.info("finished");
}
+ private Set<String> getUsersToBeIgnored(UserManagerConfig config)
+ {
+ List<String> usersToBeIgnored = config.getUsersToBeIgnored();
+ return usersToBeIgnored != null ? new TreeSet<String>(usersToBeIgnored) : Collections.emptySet();
+ }
+
private static void addAllTo(Collection<String> set, Collection<String> setToBeAddedOrNull)
{
if (setToBeAddedOrNull != null)
@@ -170,7 +180,7 @@ public class UserManagementMaintenanceTask extends AbstractGroupMaintenanceTask
}
}
- private void addGroup(UserManager userManager, UserGroup group)
+ private void addGroup(UserManager userManager, UserGroup group, Set<String> usersToBeIgnored)
{
String key = group.getKey();
if (shareIdsMappingFile != null)
@@ -188,7 +198,7 @@ public class UserManagementMaintenanceTask extends AbstractGroupMaintenanceTask
{
for (String user : users)
{
- principalsByUserId.put(user, new Principal(user, "", "", ""));
+ addPrincipal(principalsByUserId, new Principal(user, "", "", ""), usersToBeIgnored);
}
}
List<String> ldapGroupKeys = group.getLdapGroupKeys();
@@ -210,7 +220,7 @@ public class UserManagementMaintenanceTask extends AbstractGroupMaintenanceTask
}
for (Principal principal : principals)
{
- principalsByUserId.put(principal.getUserId(), principal);
+ addPrincipal(principalsByUserId, principal, usersToBeIgnored);
}
} catch (Throwable e)
{
@@ -228,6 +238,14 @@ public class UserManagementMaintenanceTask extends AbstractGroupMaintenanceTask
}
}
+ private void addPrincipal(Map<String, Principal> principalsByUserId, Principal principal, Set<String> usersToBeIgnored)
+ {
+ if (usersToBeIgnored.contains(principal.getUserId()) == false)
+ {
+ principalsByUserId.put(principal.getUserId(), principal);
+ }
+ }
+
private void handleReport(UserManagerReport report)
{
String errorReport = report.getErrorReport();
diff --git a/server-application-server/source/java/ch/systemsx/cisd/openbis/generic/server/task/UserManager.java b/server-application-server/source/java/ch/systemsx/cisd/openbis/generic/server/task/UserManager.java
index 9b7ee1a8a886d5af5a7de832ab94d0fa28c5e309..20da322ca1d110410d9d3414f17c65619e332841 100644
--- a/server-application-server/source/java/ch/systemsx/cisd/openbis/generic/server/task/UserManager.java
+++ b/server-application-server/source/java/ch/systemsx/cisd/openbis/generic/server/task/UserManager.java
@@ -251,7 +251,7 @@ public class UserManager
logger.log(LogLevel.INFO, principalsByUserId.size() + " users for " + (group.isEnabled() ? "" : "disabled ") + "group " + groupCode);
}
- public void manage(Set<String> knownUsers)
+ public void manage(Set<String> knownUsers, Set<String> usersToBeIgnored)
{
String sessionToken = null;
try
@@ -272,7 +272,7 @@ public class UserManager
{
String groupCode = entry.getKey();
Map<String, Principal> users = entry.getValue();
- manageGroup(sessionToken, groupCode, users, currentState, report);
+ manageGroup(sessionToken, groupCode, users, usersToBeIgnored, currentState, report);
}
updateHomeSpaces(sessionToken, currentState, report);
removeUsersFromGlobalGroup(sessionToken, currentState, report);
@@ -650,17 +650,17 @@ public class UserManager
}
private void manageGroup(String sessionToken, String groupCode, Map<String, Principal> groupUsers,
- CurrentState currentState, UserManagerReport report)
+ Set<String> usersToBeIgnored, CurrentState currentState, UserManagerReport report)
{
try
{
Context context = new Context(sessionToken, service, currentState, report);
if (currentState.groupExists(groupCode))
{
- manageKnownGroup(context, groupCode, groupUsers);
+ manageKnownGroup(context, groupCode, groupUsers, usersToBeIgnored);
} else
{
- manageNewGroup(context, groupCode, groupUsers);
+ manageNewGroup(context, groupCode, groupUsers, usersToBeIgnored);
}
createSamples(context, groupCode);
createExperiments(context, groupCode);
@@ -794,13 +794,13 @@ public class UserManager
}
}
- private void manageKnownGroup(Context context, String groupCode, Map<String, Principal> groupUsers)
+ private void manageKnownGroup(Context context, String groupCode, Map<String, Principal> groupUsers, Set<String> usersToBeIgnored)
{
createCommonSpaces(context, groupCode);
- manageUsers(context, groupCode, groupUsers);
+ manageUsers(context, groupCode, groupUsers, usersToBeIgnored);
}
- private void manageNewGroup(Context context, String groupCode, Map<String, Principal> groupUsers)
+ private void manageNewGroup(Context context, String groupCode, Map<String, Principal> groupUsers, Set<String> usersToBeIgnored)
{
String adminGroupCode = createAdminGroupCode(groupCode);
@@ -809,7 +809,7 @@ public class UserManager
createCommonSpaces(context, groupCode);
- manageUsers(context, groupCode, groupUsers);
+ manageUsers(context, groupCode, groupUsers, usersToBeIgnored);
}
private void createCommonSpaces(Context context, String groupCode)
@@ -829,11 +829,12 @@ public class UserManager
}
}
- private void manageUsers(Context context, String groupCode, Map<String, Principal> groupUsers)
+ private void manageUsers(Context context, String groupCode, Map<String, Principal> groupUsers, Set<String> usersToBeIgnored)
{
UserGroup group = groupsByCode.get(groupCode);
Map<String, Person> currentUsersOfGroup = context.getCurrentState().getCurrentUsersOfGroup(groupCode);
Set<String> usersToBeRemoved = new TreeSet<>(currentUsersOfGroup.keySet());
+ usersToBeRemoved.removeAll(usersToBeIgnored);
AuthorizationGroup globalGroup = context.getCurrentState().getGlobalGroup();
String adminGroupCode = createAdminGroupCode(groupCode);
boolean createUserSpace = group == null || group.isCreateUserSpace();
diff --git a/server-application-server/source/java/ch/systemsx/cisd/openbis/generic/server/task/UserManagerConfig.java b/server-application-server/source/java/ch/systemsx/cisd/openbis/generic/server/task/UserManagerConfig.java
index fd26889514813c38570f33e9c58c581b7420eb61..591a19d8f3acf3d4cb7188db895b802bf34fe08f 100644
--- a/server-application-server/source/java/ch/systemsx/cisd/openbis/generic/server/task/UserManagerConfig.java
+++ b/server-application-server/source/java/ch/systemsx/cisd/openbis/generic/server/task/UserManagerConfig.java
@@ -38,6 +38,8 @@ class UserManagerConfig
private List<String> instanceAdmins;
+ private List<String> usersToBeIgnored;
+
public List<String> getGlobalSpaces()
{
return globalSpaces;
@@ -98,6 +100,16 @@ class UserManagerConfig
this.instanceAdmins = instanceAdmins;
}
+ public List<String> getUsersToBeIgnored()
+ {
+ return usersToBeIgnored;
+ }
+
+ public void setUsersToBeIgnored(List<String> usersToBeIgnored)
+ {
+ this.usersToBeIgnored = usersToBeIgnored;
+ }
+
public boolean getReuseHomeSpace()
{
return reuseHomeSpace;
diff --git a/server-application-server/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/task/UserManagementMaintenanceTaskTest.java b/server-application-server/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/task/UserManagementMaintenanceTaskTest.java
index 6bf9ae71e4b9b1c42c9be020d5a258c67c607ac3..98dc378fe67149dac4703913691864b58e5872d1 100644
--- a/server-application-server/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/task/UserManagementMaintenanceTaskTest.java
+++ b/server-application-server/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/task/UserManagementMaintenanceTaskTest.java
@@ -255,6 +255,35 @@ public class UserManagementMaintenanceTaskTest extends AbstractFileSystemTestCas
logRecorder.getLogContent());
}
+ @Test
+ public void testExecuteWithTwoUsersOneIgnored()
+ {
+ // Given
+ UserManagementMaintenanceTaskWithMocks task = new UserManagementMaintenanceTaskWithMocks()
+ .withUserManagerReport(new UserManagerReport(new MockTimeProvider(0, 1000)));
+ FileUtilities.writeToFile(configFile, "");
+ task.setUp("", properties);
+ FileUtilities.writeToFile(configFile, "{\"usersToBeIgnored\":[\"beta\"], "
+ + "\"groups\": [{\"key\":\"ABC\", \"users\":[\"alpha\", \"beta\"]}]}");
+
+ // When
+ task.execute();
+
+ // Then
+ assertEquals("INFO OPERATION.UserManagementMaintenanceTaskWithMocks - Setup plugin \n"
+ + "INFO OPERATION.UserManagementMaintenanceTaskWithMocks - Plugin '' initialized. Configuration file: "
+ + configFile.getAbsolutePath() + "\n"
+ + "INFO OPERATION.UserManagementMaintenanceTaskWithMocks - manage 1 groups\n"
+ + "INFO OPERATION.UserManagementMaintenanceTaskWithMocks - Global spaces: []\n"
+ + "INFO OPERATION.UserManagementMaintenanceTaskWithMocks - Common spaces: {}\n"
+ + "INFO OPERATION.UserManagementMaintenanceTaskWithMocks - Common samples: {}\n"
+ + "INFO OPERATION.UserManagementMaintenanceTaskWithMocks - Common experiments: []\n"
+ + "INFO OPERATION.UserManagementMaintenanceTaskWithMocks - Add group ABC[name:null, enabled:true, ldapGroupKeys:null, users:[alpha, beta], admins:null] with users [alpha=alpha]\n"
+ + "INFO OPERATION.UserManagementMaintenanceTaskWithMocks - 1 users for group ABC\n"
+ + "INFO OPERATION.UserManagementMaintenanceTaskWithMocks - finished",
+ logRecorder.getLogContent());
+ }
+
@Test
public void testExecuteEmptyLdapGroupKeys()
{
@@ -679,7 +708,7 @@ public class UserManagementMaintenanceTaskTest extends AbstractFileSystemTestCas
}
@Override
- public void manage(Set<String> knownUsers)
+ public void manage(Set<String> knownUsers, Set<String> usersToBeIgnored)
{
report.addGroup("dummy group, known users: " + knownUsers);
}
diff --git a/server-application-server/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/task/UserManagerTest.java b/server-application-server/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/task/UserManagerTest.java
index 3f7f94a15f8dbe7c3226856ffc24824d39653ed3..172740e4887be56eb9815681d9dbc0918a870c5a 100644
--- a/server-application-server/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/task/UserManagerTest.java
+++ b/server-application-server/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/task/UserManagerTest.java
@@ -770,6 +770,45 @@ public class UserManagerTest extends AbstractTest
builder.assertExpectations();
}
+ @Test
+ public void testRemoveUserToBeIgnoredFromAGroup()
+ {
+ // Given
+ // 1. create group G2 with users U1 (admin), U2 and U3
+ MockLogger logger = new MockLogger();
+ Map<Role, List<String>> commonSpaces = commonSpaces();
+ UserManager userManager = new UserManagerBuilder(v3api, logger, report()).commonSpaces(commonSpaces).get();
+ List<String> globalSpaces = Arrays.asList("A", "B");
+ userManager.setGlobalSpaces(globalSpaces);
+ userManager.addGroup(new UserGroupAsBuilder("G2").admins(U1), users(U1, U2, U3));
+ assertEquals(manage(userManager).getErrorReport(), "");
+ // 2. remove U2 from group G2
+ userManager = new UserManagerBuilder(v3api, logger, report()).commonSpaces(commonSpaces).get();
+ userManager.setGlobalSpaces(globalSpaces);
+ userManager.addGroup(new UserGroupAsBuilder("G2").admins(U1), users(U1, U3));
+
+ // When
+ UserManagerReport report = manage(userManager, Collections.singleton(U2.getUserId()));
+
+ // Then
+ assertEquals(report.getErrorReport(), "");
+ assertEquals(report.getAuditLog(), "");
+ UserManagerExpectationsBuilder builder = createBuilder();
+ builder.groups("G2").commonSpaces(commonSpaces).users(U1, U2, U3);
+ builder.space("A").observer(U1).observer(U2).observer(U3);
+ builder.space("B").observer(U1).observer(U2).observer(U3);
+ builder.space("G2_ALPHA").admin(U1).user(U2, U3);
+ builder.space("G2_BETA").admin(U1).user(U2, U3);
+ builder.space("G2_GAMMA").admin(U1).observer(U2, U3);
+ builder.space("G2_U1").admin(U1).non(U2, U3);
+ builder.space("G2_U2").admin(U1).admin(U2).non(U3);
+ builder.space("G2_U3").admin(U1).non(U2).admin(U3);
+ builder.homeSpace(U1, "G2_U1");
+ builder.homeSpace(U2, "G2_U2");
+ builder.homeSpace(U3, "G2_U3");
+ builder.assertExpectations();
+ }
+
@Test
public void testMoveUserToAnotherGroup()
{
@@ -2124,11 +2163,16 @@ public class UserManagerTest extends AbstractTest
private UserManagerReport manage(UserManager userManager, String... knownUsers)
{
- userManager.manage(new TreeSet<>(Arrays.asList(knownUsers)));
+ return manage(userManager, Collections.emptySet(), knownUsers);
+ }
+
+ private UserManagerReport manage(UserManager userManager, Set<String> usersToBeIgnored, String... knownUsers)
+ {
+ userManager.manage(new TreeSet<>(Arrays.asList(knownUsers)), usersToBeIgnored);
daoFactory.getSessionFactory().getCurrentSession().flush();
return report;
}
-
+
private Map<String, Principal> users(Principal... principals)
{
Map<String, Principal> map = new TreeMap<>();