Simplify group autorisation's synchronisation from LDAP

cadastrapp/pom.xml

@@ -98,6 +98,25 @@
       <artifactId>spring-jdbc</artifactId>
       <version>${spring.version}</version>
     </dependency>
+    <!-- Spring LDAP Support -->
+    <dependency>
+        <groupId>org.springframework.ldap</groupId>
+        <artifactId>spring-ldap-core</artifactId>
+        <version>3.2.6</version>
+    </dependency>
+    <!-- Spring LDAP Test -->
+    <dependency>
+        <groupId>org.springframework.ldap</groupId>
+        <artifactId>spring-ldap-test</artifactId>
+        <version>3.2.6</version>
+        <scope>test</scope>
+    </dependency>
+    <dependency>
+        <groupId>com.unboundid</groupId>
+        <artifactId>unboundid-ldapsdk</artifactId>
+        <version>3.1.1</version>
+        <scope>test</scope>
+    </dependency>
     <!-- JPA Provider (Hibernate) -->
     <dependency>
       <groupId>org.hibernate.orm</groupId>

cadastrapp/src/main/java/org/georchestra/cadastrapp/configuration/LdapConfig.java

@@ -0,0 +1,41 @@
+package org.georchestra.cadastrapp.configuration;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.core.env.Environment;
+import org.springframework.ldap.core.LdapTemplate;
+import org.springframework.ldap.core.support.LdapContextSource;
+import org.springframework.scheduling.annotation.EnableScheduling;
+
+@Configuration
+@PropertySource(
+        value = { 
+                "file:${georchestra.datadir}/default.properties", 
+                "file:${georchestra.datadir}/cadastrapp/cadastrapp.properties"
+        },
+        ignoreResourceNotFound = true
+)
+@EnableScheduling
+public class LdapConfig {
+    @Autowired
+    private Environment env;
+
+    @Bean
+    public LdapContextSource contextSource() {
+        LdapContextSource contextSource = new LdapContextSource();
+        // Base in Orgs because env based annotation not work in OrganismeAutorisation's Entry 
+        contextSource.setBase(env.getProperty("ldapOrgsRdn")+","+env.getProperty("ldapBaseDn"));
+        contextSource.setUrl(env.getProperty("ldapScheme")+"://"+env.getProperty("ldapHost")+":"+env.getProperty("ldapPort"));
+        contextSource.setUserDn(env.getProperty("ldapAdminDn"));
+        contextSource.setPassword(env.getProperty("ldapAdminPassword"));
+
+        return contextSource;
+    }
+
+    @Bean
+    public LdapTemplate ldapTemplate() {
+        return new LdapTemplate(contextSource());
+    }
+}

cadastrapp/src/main/java/org/georchestra/cadastrapp/cron/LDAPGroupsAutorisationsSync.java

@@ -0,0 +1,57 @@
+package org.georchestra.cadastrapp.cron;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.lang3.StringUtils;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+import org.georchestra.cadastrapp.model.ldap.GroupeAutorisation;
+import org.georchestra.cadastrapp.model.ldap.Organisation;
+import org.georchestra.cadastrapp.repository.GroupeAutorisationRepository;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.env.Environment;
+import org.springframework.ldap.core.LdapTemplate;
+import org.springframework.scheduling.annotation.Scheduled;
+import org.springframework.stereotype.Component;
+
+@Component
+public class LDAPGroupsAutorisationsSync {
+    private static final Logger LOGGER =  LogManager.getLogger( LDAPGroupsAutorisationsSync.class );
+
+    @Autowired
+    Environment env;
+
+    @Autowired
+    LdapTemplate lt;
+
+    @Autowired
+    GroupeAutorisationRepository gar;
+
+    @PostConstruct
+    @Scheduled(cron = "${ldapAreas.cronExpression}")
+    public void refreshOrganisationsPermissions() {
+        if( env.containsProperty("ldapAreas.enable") && env.getProperty("ldapAreas.enable").contentEquals("true") ) {
+            List<Organisation> lstOrg = lt.findAll(Organisation.class);
+            List<GroupeAutorisation> lstGA = new ArrayList<>();
+            for (Organisation o : lstOrg) {
+                if( o.getDescription() != null ) {
+                    for (String insee : o.getDescription().split(",")) {
+                        if( StringUtils.isNumeric(insee) )
+                            lstGA.add(new GroupeAutorisation(null, o.getCn(), insee.substring(0, 2)+"0"+insee.substring(2,5), null));
+                    }
+                }
+            }
+
+            int index = 1;
+            for (GroupeAutorisation ga : lstGA) {
+                ga.setId(index++);
+            }
+            gar.deleteAll();
+            gar.saveAllAndFlush(lstGA);
+            LOGGER.info("Synced "+lstGA.size()+" group's authorisations from LDAP");
+        }
+    }
+}

cadastrapp/src/main/java/org/georchestra/cadastrapp/model/ldap/GroupeAutorisation.java

@@ -0,0 +1,66 @@
+package org.georchestra.cadastrapp.model.ldap;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.Id;
+import javax.persistence.Table;
+
+@Entity
+@Table(name="groupe_autorisation")
+public class GroupeAutorisation {
+    @Id
+    Integer id;
+
+    @Column(name = "idgroup")
+    String idGroup;
+
+    @Column(name="cgocommune")
+    String cgoCommune;
+
+    @Column(name="ccodep")
+    String ccodep;
+
+    public GroupeAutorisation() {
+        super();
+    }
+
+    public GroupeAutorisation(Integer id, String idGroup, String cgoCommune, String ccodep) {
+        super();
+        this.id = id;
+        this.idGroup = idGroup;
+        this.cgoCommune = cgoCommune;
+        this.ccodep = ccodep;
+    }
+
+    public Integer getId() {
+        return id;
+    }
+
+    public void setId(Integer id) {
+        this.id = id;
+    }
+
+    public String getIdGroup() {
+        return idGroup;
+    }
+
+    public void setIdGroup(String idGroup) {
+        this.idGroup = idGroup;
+    }
+
+    public String getCgoCommune() {
+        return cgoCommune;
+    }
+
+    public void setCgoCommune(String cgoCommune) {
+        this.cgoCommune = cgoCommune;
+    }
+
+    public String getCcodep() {
+        return ccodep;
+    }
+
+    public void setCcodep(String ccodep) {
+        this.ccodep = ccodep;
+    }
+}

cadastrapp/src/main/java/org/georchestra/cadastrapp/model/ldap/Organisation.java

@@ -0,0 +1,54 @@
+package org.georchestra.cadastrapp.model.ldap;
+
+import javax.naming.Name;
+
+import org.springframework.ldap.odm.annotations.Attribute;
+import org.springframework.ldap.odm.annotations.Entry;
+import org.springframework.ldap.odm.annotations.Id;
+
+@Entry(objectClasses={ "groupOfMembers" })
+public class Organisation {
+    @Id
+    private Name dn;
+
+    @Attribute(name="cn")
+    String cn;
+
+    @Attribute(name="description")
+    String description;
+
+    public Organisation() {
+        super();
+    }
+
+    public Organisation(Name dn, String cn, String description) {
+        super();
+        this.dn = dn;
+        this.cn = cn;
+        this.description = description;
+    }
+
+    public Name getDn() {
+        return dn;
+    }
+
+    public void setDn(Name dn) {
+        this.dn = dn;
+    }
+
+    public String getCn() {
+        return cn;
+    }
+
+    public void setCn(String cn) {
+        this.cn = cn;
+    }
+
+    public String getDescription() {
+        return description;
+    }
+
+    public void setDescription(String description) {
+        this.description = description;
+    }
+}

cadastrapp/src/main/java/org/georchestra/cadastrapp/repository/GroupeAutorisationRepository.java

@@ -0,0 +1,8 @@
+package org.georchestra.cadastrapp.repository;
+
+import org.georchestra.cadastrapp.model.ldap.GroupeAutorisation;
+import org.springframework.data.jpa.repository.JpaRepository;
+
+public interface GroupeAutorisationRepository extends JpaRepository<GroupeAutorisation, Integer> {
+
+}

cadastrapp/src/main/resources/cadastrapp.properties

@@ -168,5 +168,34 @@ purge.hours=24
 # See http://www.quartz-scheduler.org/documentation/quartz-2.x/tutorials/crontrigger.html for example
 purge.cronExpression=0 0 * * * ?
 
-
-
+# Enable synchronization of authorizations with the competence areas of Georchestra's organizations
+ldapAreas.enable=false
+# Cron expression to launch the synchronization job
+ldapAreas.cronExpression=0 0 * * * *
+# LDAP server domain name
+# default: see default.properties - uncomment to override
+#ldapHost=
+
+# LDAP server port
+# default: see default.properties - uncomment to override
+#ldapPort=
+
+# LDAP Scheme
+# default: see default.properties - uncomment to override
+#ldapScheme=
+
+# Base DN of the LDAP directory
+# default: see default.properties - uncomment to override
+#ldapBaseDn=
+
+# Administrator DN
+# default: see default.properties - uncomment to override
+#ldapAdminDn=
+
+# Administrator password
+# default: see default.properties - uncomment to override
+#ldapAdminPassword=
+
+# Organizations RDN
+# default: see default.properties - uncomment to override
+#ldapOrgsRdn=

cadastrapp/src/test/resources/test-config.xml

@@ -39,7 +39,15 @@
         <property name="username" value="sa"/>
         <property name="password" value=""/>
     </bean>
-
+
+    <!-- Embedded LDAP -->
+    <bean id="contextSource" class="org.springframework.ldap.test.unboundid.TestContextSourceFactoryBean">
+        <property name="defaultPartitionSuffix" value="dc=test" />
+        <property name="defaultPartitionName" value="test" />
+        <property name="principal" value="uid=admin,ou=system" />
+        <property name="password" value="secret" />
+        <property name="port" value="9321" />
+    </bean>
 
 	<!-- ============================= -->
 	<!-- ENTITY MANAGER -->