diff --git a/jams-common/src/main/java/net/jami/jams/common/objects/user/UserGroupMapping.java b/jams-common/src/main/java/net/jami/jams/common/objects/user/UserGroupMapping.java
index d8814e25056173a4457e0fdd11161ada27a01589..c09db1124a3ffb7abbe779dace48fa4eac05e91a 100644
--- a/jams-common/src/main/java/net/jami/jams/common/objects/user/UserGroupMapping.java
+++ b/jams-common/src/main/java/net/jami/jams/common/objects/user/UserGroupMapping.java
@@ -36,6 +36,15 @@ public class UserGroupMapping implements DatabaseObject {
this.groups = this.groups.concat("," + s);
}
+ public void removeGroup(String s) {
+ if (this.groups.contains(s) ) {
+ if (this.groups.contains(","))
+ this.groups = this.groups.replace(s + ",", "");
+ else
+ this.groups = "";
+ }
+ }
+
@Override
public PreparedStatement getInsert(PreparedStatement ps) throws Exception {
ps.setString(1, username);
diff --git a/jams-server/src/main/java/net/jami/jams/server/core/workflows/AddUserToGroupFlow.java b/jams-server/src/main/java/net/jami/jams/server/core/workflows/AddUserToGroupFlow.java
index 412b2fe6ca34d9048e160a1fb9cc593511996e44..f3dae3392a08cd0de60243a85546fa221cadf291 100644
--- a/jams-server/src/main/java/net/jami/jams/server/core/workflows/AddUserToGroupFlow.java
+++ b/jams-server/src/main/java/net/jami/jams/server/core/workflows/AddUserToGroupFlow.java
@@ -23,45 +23,44 @@ import static net.jami.jams.server.Server.userAuthenticationModule;
public class AddUserToGroupFlow {
public static void addUserToGroup(String groupName, String username) {
+ userAuthenticationModule.getAuthSources().forEach((k, v) -> {
+ List<UserProfile> profiles = v.searchUserProfiles(username, "LOGON_NAME");
+ if (!profiles.isEmpty()) {
+ UserProfile profile = profiles.get(0);
+ StatementList statementList = new StatementList();
+ statementList.addStatement(new StatementElement("name", "=", username, ""));
- userAuthenticationModule.getAuthSources().forEach((k, v) -> {
- List<UserProfile> profiles = v.searchUserProfiles(username, "LOGON_NAME");
- if (!profiles.isEmpty()) {
- UserProfile profile = profiles.get(0);
- StatementList statementList = new StatementList();
- statementList.addStatement(new StatementElement("name", "=", username, ""));
-
- if (profile != null) {
- if (profile.getGroupMemberships() == null)
- profile.setGroupMemberships(new ArrayList<>());
- profile.getGroupMemberships().add(groupName);
- }
+ if (profile != null) {
+ if (profile.getGroupMemberships() == null)
+ profile.setGroupMemberships(new ArrayList<>());
+ profile.getGroupMemberships().add(groupName);
+ }
- statementList = new StatementList();
- statementList.addStatement(new StatementElement("username", "=", username, ""));
- if (dataStore.getUserGroupMappingsDao().getObjects(statementList).isEmpty()) {
- // if the mapping doesn't exist, create it and add the group directly.
- UserGroupMapping newMapping = new UserGroupMapping();
- newMapping.setUsername(username);
- newMapping.setGroups("");
- newMapping.addGroup(groupName);
- dataStore.getUserGroupMappingsDao().storeObject(newMapping);
- } else {
- // otherwise, update the object.
+ statementList = new StatementList();
+ statementList.addStatement(new StatementElement("username", "=", username, ""));
+ if (dataStore.getUserGroupMappingsDao().getObjects(statementList).isEmpty()) {
+ // if the mapping doesn't exist, create it and add the group directly.
+ UserGroupMapping newMapping = new UserGroupMapping();
+ newMapping.setUsername(username);
+ newMapping.setGroups("");
+ newMapping.addGroup(groupName);
+ dataStore.getUserGroupMappingsDao().storeObject(newMapping);
+ } else {
+ // otherwise, update the object.
- UserGroupMapping mapping = dataStore.getUserGroupMappingsDao().getObjects(statementList).get(0);
- mapping.addGroup(groupName);
- String newGroups = mapping.getGroups();
+ UserGroupMapping mapping = dataStore.getUserGroupMappingsDao().getObjects(statementList).get(0);
+ mapping.addGroup(groupName);
+ String newGroups = mapping.getGroups();
- StatementList update = new StatementList();
- StatementElement st0 = new StatementElement("groups", "=", newGroups, "");
- update.addStatement(st0);
- StatementList constraint = new StatementList();
- StatementElement st1 = new StatementElement("username", "=", username, "");
- constraint.addStatement(st1);
- dataStore.getUserGroupMappingsDao().updateObject(update, constraint);
- }
+ StatementList update = new StatementList();
+ StatementElement st0 = new StatementElement("groups", "=", newGroups, "");
+ update.addStatement(st0);
+ StatementList constraint = new StatementList();
+ StatementElement st1 = new StatementElement("username", "=", username, "");
+ constraint.addStatement(st1);
+ dataStore.getUserGroupMappingsDao().updateObject(update, constraint);
}
- });
+ }
+ });
}
}
diff --git a/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/group/GroupServlet.java b/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/group/GroupServlet.java
index 828b69e7be2e7ecd0744089864f2b8f4a1f5eaea..46bc2e01336e505936a7e703fd1e028b38c35296 100644
--- a/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/group/GroupServlet.java
+++ b/jams-server/src/main/java/net/jami/jams/server/servlets/api/admin/group/GroupServlet.java
@@ -10,10 +10,7 @@ import lombok.extern.slf4j.Slf4j;
import net.jami.jams.common.annotations.ScopedServletMethod;
import net.jami.jams.common.dao.StatementElement;
import net.jami.jams.common.dao.StatementList;
-import net.jami.jams.common.objects.user.AccessLevel;
-import net.jami.jams.common.objects.user.Group;
-import net.jami.jams.common.objects.user.User;
-import net.jami.jams.common.objects.user.UserProfile;
+import net.jami.jams.common.objects.user.*;
import net.jami.jams.common.serialization.tomcat.TomcatCustomErrorHandler;
import net.jami.jams.server.core.workflows.AddUserToGroupFlow;
import net.jami.jams.server.core.workflows.RegisterDeviceFlow;
@@ -80,15 +77,52 @@ public class GroupServlet extends HttpServlet {
@ScopedServletMethod(securityGroups = {AccessLevel.ADMIN})
protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IOException {
String name = req.getParameter("newName");
+ StatementList statementList = new StatementList();
+ StatementElement st = new StatementElement("name", "=", name, "");
+
+ statementList.addStatement(st);
+ Group targetGroup = dataStore.getGroupDao().getObjects(statementList).get(0);
+ List<UserProfile> profiles = dataStore.getUserProfileDao().getObjects(null).stream().filter(profile ->
+ profile.getGroupMemberships().contains(targetGroup.getName())).collect(Collectors.toList());
+
+ profiles.forEach(profile ->
+ targetGroup.getGroupMembers().add(profile.getUsername()));
+
+ // if the username sent isn't already part of the group members, then we add it
+ if (!targetGroup.getGroupMembers().contains(req.getParameter("groupMembers")))
+ AddUserToGroupFlow.addUserToGroup(name, req.getParameter("groupMembers"));
+ // otherwise remove the group from the user's memberships.
+ else {
+ statementList = new StatementList();
+ st = new StatementElement("username", "=", req.getParameter("groupMembers"), "");
+ statementList.addStatement(st);
+
+ UserProfile targetProfile = dataStore.getUserProfileDao().getObjects(statementList).get(0);
+ UserGroupMapping mapping = dataStore.getUserGroupMappingsDao().getObjects(statementList).get(0);
+ mapping.removeGroup(name);
+
+ StatementList update = new StatementList();
+ StatementElement st0 = new StatementElement("groups", "=", mapping.getGroups(), "");
+ update.addStatement(st0);
+ StatementList constraint = new StatementList();
+ StatementElement st1 = new StatementElement("username", "=", mapping.getUsername(), "");
+ constraint.addStatement(st1);
+
+ // update user mappings
+ dataStore.getUserGroupMappingsDao().updateObject(update, constraint);
+
+ List<String> groups = targetProfile.getGroupMemberships();
+ groups.remove(name);
+ // TODO: LDAP/AD handling
+ dataStore.updateUserProfile(targetProfile);
+ }
+
StatementList update = new StatementList();
StatementElement st0 = new StatementElement("name", "=", name, "");
update.addStatement(st0);
StatementList constraint = new StatementList();
StatementElement st1 = new StatementElement("name", "=", name, "");
constraint.addStatement(st1);
-
- AddUserToGroupFlow.addUserToGroup(name, req.getParameter("groupMembers"));
-
if (dataStore.getGroupDao().updateObject(update, constraint)) resp.setStatus(200);
else resp.sendError(500, "could not update the group's name!");
}