HandleVOMembershipRequest.java

/**
 * Copyright (c) Istituto Nazionale di Fisica Nucleare (INFN). 2006-2016
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.glite.security.voms.admin.operations.requests;

import java.util.Date;
import java.util.EnumSet;
import java.util.List;

import org.glite.security.voms.admin.core.VOMSServiceConstants;
import org.glite.security.voms.admin.error.IllegalRequestStateException;
import org.glite.security.voms.admin.event.EventManager;
import org.glite.security.voms.admin.event.request.VOMembershipRequestApprovedEvent;
import org.glite.security.voms.admin.event.request.VOMembershipRequestRejectedEvent;
import org.glite.security.voms.admin.operations.VOMSContext;
import org.glite.security.voms.admin.operations.VOMSPermission;
import org.glite.security.voms.admin.persistence.dao.VOMSGroupDAO;
import org.glite.security.voms.admin.persistence.dao.VOMSUserDAO;
import org.glite.security.voms.admin.persistence.dao.generic.AUPDAO;
import org.glite.security.voms.admin.persistence.dao.generic.DAOFactory;
import org.glite.security.voms.admin.persistence.model.AUPVersion;
import org.glite.security.voms.admin.persistence.model.VOMSGroup;
import org.glite.security.voms.admin.persistence.model.VOMSUser;
import org.glite.security.voms.admin.persistence.model.request.NewVOMembershipRequest;
import org.glite.security.voms.admin.persistence.model.request.Request;
import org.glite.security.voms.admin.persistence.model.request.Request.STATUS;
import org.glite.security.voms.admin.view.actions.register.SubmitRequestAction;

public class HandleVOMembershipRequest extends
  BaseHandleRequestOperation<NewVOMembershipRequest> {

  private static final String REJECT_MOTIVATION = "The VO administrator didn't find appropriate to approve your membership request.";

  private static final EnumSet<Request.STATUS> VALID_STATUSES = EnumSet.of(
    STATUS.SUBMITTED, STATUS.CONFIRMED);

  List<String> approvedGroups;

  public HandleVOMembershipRequest(NewVOMembershipRequest request,
    DECISION decision, List<String> approvedGroups) {

    super(request, decision);
    this.approvedGroups = approvedGroups;
  }

  @Override
  protected void approve() {

    if (!VALID_STATUSES.contains(request.getStatus())) {
      throw new IllegalRequestStateException("Illegal state for request: "
        + request.getStatus());
    }

    VOMSUser user = VOMSUser.fromRequesterInfo(request.getRequesterInfo());
    VOMSUserDAO.instance().create(user,
      request.getRequesterInfo().getCertificateIssuer());

    approveRequest();

    // Check if signed AUP is the same version as the current one
    // and if so add an AUP signature record for the user
    AUPDAO aupDAO = DAOFactory.instance().getAUPDAO();

    AUPVersion currentAUPVersion = aupDAO.getVOAUP().getActiveVersion();

    String signedAUPVersion = request.getRequesterInfo().getInfo(
      SubmitRequestAction.SIGNED_AUP_VERSION_KEY);
    if (signedAUPVersion == null
      || currentAUPVersion.getVersion().equals(signedAUPVersion)) {
      // Add a sign aup record for the user
      VOMSUserDAO.instance().signAUP(user, aupDAO.getVOAUP());
    }

    if (approvedGroups != null) {
      VOMSGroupDAO groupDAO = VOMSGroupDAO.instance();

      for (String groupName : approvedGroups) {

        VOMSGroup g = groupDAO.findByName(groupName);
        if (g != null) {
          user.addToGroup(g);
        }
      }

    }

    linkOrgDBMembership(user);

    EventManager.instance().dispatch(
      new VOMembershipRequestApprovedEvent(request));

  }

  protected void linkOrgDBMembership(VOMSUser u) {

    if (request.getRequesterInfo().getInfo(VOMSServiceConstants.ORGDB_ID_KEY) != null) {
      u.setOrgDbId(Long.parseLong(request.getRequesterInfo().getInfo(
        VOMSServiceConstants.ORGDB_ID_KEY)));
    }
  }

  @Override
  protected void reject() {

    rejectRequest();

    EventManager.instance().dispatch(
      new VOMembershipRequestRejectedEvent(request, REJECT_MOTIVATION));

    DAOFactory.instance().getRequestDAO().makeTransient(request);

  }

  @Override
  protected void setupPermissions() {

    addRequiredPermission(VOMSContext.getVoContext(), VOMSPermission
      .getContainerReadPermission().setMembershipReadPermission()
      .setRequestsReadPermission().setRequestsWritePermission());

  }

}