Added default profile for ldap users

bastillion-io · May 23, 2020 · c770be4 · c770be4
1 parent 7a39391
commit c770be4
Show file tree

Hide file tree

Showing 3 changed files with 53 additions and 0 deletions.
diff --git a/src/main/java/io/bastillion/manage/db/UserProfileDB.java b/src/main/java/io/bastillion/manage/db/UserProfileDB.java
@@ -232,4 +232,50 @@ public static void assignProfilesToUser(Connection con, Long userId, List<String
         }
     }
 
+    /**
+     * assigns profiles to given user
+     *
+     * @param userId                 user id
+     * @param profileNm              profile name
+     */
+    public static void assignProfileToUser(Connection con, Long userId, String profileNm) {
+
+        PreparedStatement stmt = null;
+
+        try {
+
+            if (StringUtils.isNotEmpty(profileNm)) {
+
+                Long profileId = null;
+                stmt = con.prepareStatement("select id from  profiles p where lower(p.nm) like ?");
+                stmt.setString(1, profileNm.toLowerCase());
+                ResultSet rs = stmt.executeQuery();
+                while (rs.next()) {
+                        profileId = rs.getLong("id");
+                }
+                DBUtils.closeRs(rs);
+                DBUtils.closeStmt(stmt);
+
+                if (profileId != null) {
+                    stmt = con.prepareStatement("delete from user_map where profile_id=?");
+                    stmt.setLong(1, profileId);
+                    stmt.execute();
+                    DBUtils.closeStmt(stmt);
+
+                    stmt = con.prepareStatement("insert into user_map (profile_id, user_id) values (?,?)");
+                    stmt.setLong(1, profileId);
+                    stmt.setLong(2, userId);
+                    stmt.execute();
+                    DBUtils.closeStmt(stmt);
+
+                    //delete all unassigned keys by profile
+                    PublicKeyDB.deleteUnassignedKeysByProfile(con, profileId);
+                }
+            }
+
+        } catch (Exception e) {
+            log.error(e.toString(), e);
+        }
+    }
+
 }
diff --git a/src/main/java/io/bastillion/manage/util/ExternalAuthUtil.java b/src/main/java/io/bastillion/manage/util/ExternalAuthUtil.java
@@ -73,6 +73,7 @@ public class ExternalAuthUtil {
     public static final boolean externalAuthEnabled = StringUtils.isNotEmpty(AppConfig.getProperty("jaasModule"));
     private static final String JAAS_CONF = "jaas.conf";
     private static final String JAAS_MODULE = AppConfig.getProperty("jaasModule");
+    private static final String DEFAULT_LDAP_PROFILE = AppConfig.getProperty("defaultProfileForLdap");
 
 
     static {
@@ -259,6 +260,10 @@ public void handle(Callback[] callbacks) throws IOException,
                         }
 
                     }
+                    if(StringUtils.isNotEmpty(DEFAULT_LDAP_PROFILE)) {
+                        UserProfileDB.assignProfileToUser(con, user.getId(), DEFAULT_LDAP_PROFILE);
+                    }
+
                     authToken = UUID.randomUUID().toString();
                     user.setAuthToken(authToken);
                     user.setAuthType(Auth.AUTH_EXTERNAL);

diff --git a/src/main/resources/BastillionConfig.properties b/src/main/resources/BastillionConfig.properties
@@ -42,6 +42,8 @@ accountExpirationDays=-1
 clientIPHeader=
 #specify a external authentication module (ex: ldap-ol, ldap-ad).  Edit the jaas.conf to set connection details
 jaasModule=
+#Default profile for all authenticated LDAP users
+defaultProfileForLdap=
 #The session time out value of application in minutes
 sessionTimeout=15