Examples with SoapTransport com.zimbra.common.soap.SoapTransport used on opensource projects

Example 16 with SoapTransport

use of com.zimbra.common.soap.SoapTransport in project zm-mailbox by Zimbra.

the class TestBatchRequest method batchReqWithCsrfToken.

@Test
public void batchReqWithCsrfToken() throws Exception {
    Account acct = provUtil.createAccount(genAcctNameLocalPart(), domain);
    boolean csrfEnabled = Boolean.TRUE;
    SoapTransport transport = authUser(acct.getName(), csrfEnabled, Boolean.TRUE);
    Element request = new Element.XMLElement(ZimbraNamespace.E_BATCH_REQUEST);
    String sigContent = "xss<script>alert(\"XSS\")</script><a href=javascript:alert(\"XSS\")><";
    Signature sig = new Signature(null, "testSig", sigContent, "text/html");
    CreateSignatureRequest req = new CreateSignatureRequest(sig);
    SoapProtocol proto = SoapProtocol.Soap12;
    Element sigReq = JaxbUtil.jaxbToElement(req, proto.getFactory());
    request.addElement(sigReq);
    try {
        Element sigResp = transport.invoke(request, false, false, null);
        String sigt = sigResp.getElement("CreateSignatureResponse").getElement("signature").getAttribute("id");
        assertNotNull(sigt);
    } catch (SoapFaultException e) {
        assertNull(e);
    }
}

Example 17 with SoapTransport

use of com.zimbra.common.soap.SoapTransport in project zm-mailbox by Zimbra.

the class TestContactGroup method createAndGetContactGroup.

@Test
@Bug(bug = 70558)
public void createAndGetContactGroup() throws Exception {
    SoapTransport transport = authUser(acct.getName());
    /*
         * search gal to get ref of the member account in GAL
         */
    SearchGalRequest searchGalReq = new SearchGalRequest();
    searchGalReq.setName(memberAcct.getName());
    SearchGalResponse searchGalResp = invokeJaxb(transport, searchGalReq);
    List<ContactInfo> entries = searchGalResp.getContacts();
    assertEquals(1, entries.size());
    ContactInfo galEntry = entries.get(0);
    String galMemberRef = galEntry.getReference();
    /*
         * create a contact group
         */
    NewContactGroupMember contactGroupMemer = NewContactGroupMember.createForTypeAndValue(ContactGroup.Member.Type.GAL_REF.getSoapEncoded(), galMemberRef);
    NewContactAttr contactAttr = new NewContactAttr(ContactConstants.A_type);
    contactAttr.setValue(ContactConstants.TYPE_GROUP);
    ContactSpec contactSpec = new ContactSpec();
    contactSpec.addAttr(contactAttr);
    contactSpec.addContactGroupMember(contactGroupMemer);
    CreateContactRequest createContactReq = new CreateContactRequest(contactSpec);
    CreateContactResponse createContactResp = invokeJaxb(transport, createContactReq);
    String contactGroupId = createContactResp.getContact().getId();
    /*
         * get the contact group, derefed
         */
    GetContactsRequest getContactsReq = new GetContactsRequest();
    getContactsReq.addContact(new Id(contactGroupId));
    getContactsReq.setDerefGroupMember(Boolean.TRUE);
    GetContactsResponse getContactsResp = invokeJaxb(transport, getContactsReq, SoapProtocol.SoapJS);
    List<com.zimbra.soap.mail.type.ContactInfo> contacts = getContactsResp.getContacts();
    assertEquals(1, contacts.size());
    com.zimbra.soap.mail.type.ContactInfo contact = contacts.get(0);
    List<ContactGroupMember> members = contact.getContactGroupMembers();
    assertEquals(1, members.size());
    ContactGroupMember member = members.get(0);
    String memberType = member.getType();
    String memberValue = member.getValue();
    assertEquals(ContactGroup.Member.Type.GAL_REF.getSoapEncoded(), memberType);
    assertEquals(galMemberRef, memberValue);
}

Example 18 with SoapTransport

use of com.zimbra.common.soap.SoapTransport in project zm-mailbox by Zimbra.

the class TestDelegatedDL method distributionListActionAddRemoveMembers.

@Test
public void distributionListActionAddRemoveMembers() throws Exception {
    SoapTransport transport = authUser(USER_OWNER);
    // addMembers
    DistributionListAction action = new DistributionListAction(Operation.addMembers);
    DistributionListActionRequest req = new DistributionListActionRequest(DistributionListSelector.fromName(DL_NAME), action);
    Account member1 = provUtil.createAccount(genAcctNameLocalPart("member1"), domain);
    Account member2 = provUtil.createAccount(genAcctNameLocalPart("member2"), domain);
    String MEMBER1 = member1.getName();
    String MEMBER2 = member2.getName();
    action.addMember(MEMBER1);
    action.addMember(MEMBER2);
    DistributionListActionResponse resp = invokeJaxb(transport, req);
    Group group = prov.getGroup(Key.DistributionListBy.name, DL_NAME);
    Set<String> members = group.getAllMembersSet();
    Verify.verifyEquals(Sets.newHashSet(MEMBER1, MEMBER2), members);
    // removeMembers
    action = new DistributionListAction(Operation.removeMembers);
    req = new DistributionListActionRequest(DistributionListSelector.fromName(DL_NAME), action);
    action.addMember(MEMBER1);
    action.addMember(MEMBER2);
    resp = invokeJaxb(transport, req);
    group = prov.getGroup(Key.DistributionListBy.name, DL_NAME);
    members = group.getAllMembersSet();
    assertEquals(0, members.size());
}

Example 19 with SoapTransport

use of com.zimbra.common.soap.SoapTransport in project zm-mailbox by Zimbra.

the class TestDelegatedDL method distributionListActionRename.

@Test
public void distributionListActionRename() throws Exception {
    String GROUP_NAME = getAddress(genGroupNameLocalPart("group"));
    // create an owner account
    Account ownerAcct = provUtil.createAccount(genAcctNameLocalPart("owner"), domain);
    Group group = createGroupAndAddOwner(GROUP_NAME, ownerAcct.getName());
    DistributionListAction action = new DistributionListAction(Operation.rename);
    String GROUP_NEW_NAME = getAddress(genGroupNameLocalPart("new-name"));
    action.setNewName(GROUP_NEW_NAME);
    DistributionListActionRequest req = new DistributionListActionRequest(DistributionListSelector.fromName(GROUP_NAME), action);
    DistributionListActionResponse resp;
    SoapTransport transport = authUser(ownerAcct.getName());
    String errorCode = null;
    try {
        // only people with create right and owner right can rename
        resp = invokeJaxb(transport, req);
    } catch (ServiceException e) {
        errorCode = e.getCode();
    }
    assertEquals(ServiceException.PERM_DENIED, errorCode);
    // auth as creator and try again, should still fail
    transport = authUser(USER_CREATOR);
    errorCode = null;
    try {
        resp = invokeJaxb(transport, req);
    } catch (ServiceException e) {
        errorCode = e.getCode();
    }
    assertEquals(ServiceException.PERM_DENIED, errorCode);
    // make the creator an owner
    transport = authUser(ownerAcct.getName());
    addOwner(transport, GROUP_NAME, USER_CREATOR);
    // now try reanme as the creator (also an owner now), should succeed
    transport = authUser(USER_CREATOR);
    resp = invokeJaxb(transport, req);
    group = prov.getGroup(Key.DistributionListBy.name, GROUP_NEW_NAME);
    assertEquals(GROUP_NEW_NAME, group.getName());
    // rename into a different domain
    Domain otherDomain = provUtil.createDomain(genDomainName(domain.getName()));
    String GROUP_NEW_NAME_IN_ANOTHER_DOMAIN = TestUtil.getAddress(genGroupNameLocalPart(), otherDomain.getName());
    action = new DistributionListAction(Operation.rename);
    action.setNewName(GROUP_NEW_NAME_IN_ANOTHER_DOMAIN);
    req = new DistributionListActionRequest(DistributionListSelector.fromName(group.getName()), action);
    transport = authUser(USER_CREATOR);
    errorCode = null;
    try {
        // need create right on the other domain
        resp = invokeJaxb(transport, req);
    } catch (ServiceException e) {
        errorCode = e.getCode();
    }
    assertEquals(ServiceException.PERM_DENIED, errorCode);
    transport = authUser(ownerAcct.getName());
    errorCode = null;
    try {
        // need create right on the other domain
        resp = invokeJaxb(transport, req);
    } catch (ServiceException e) {
        errorCode = e.getCode();
    }
    assertEquals(ServiceException.PERM_DENIED, errorCode);
    // grant create right on the other domain
    prov.grantRight(TargetType.domain.getCode(), TargetBy.name, otherDomain.getName(), GranteeType.GT_USER.getCode(), GranteeBy.name, USER_CREATOR, null, User.R_createDistList.getName(), null);
    // do the rename again, should work now
    transport = authUser(USER_CREATOR);
    resp = invokeJaxb(transport, req);
    group = prov.getGroup(Key.DistributionListBy.name, GROUP_NEW_NAME_IN_ANOTHER_DOMAIN);
    assertEquals(GROUP_NEW_NAME_IN_ANOTHER_DOMAIN, group.getName());
    provUtil.deleteAccount(ownerAcct);
    provUtil.deleteGroup(group);
    provUtil.deleteDomain(otherDomain);
}

Example 20 with SoapTransport

use of com.zimbra.common.soap.SoapTransport in project zm-mailbox by Zimbra.

the class TestDelegatedDL method subscribeDistributionList.

@Test
public void subscribeDistributionList() throws Exception {
    SoapTransport transport = authUser(USER_NOT_OWNER);
    // subscribe
    SubscribeDistributionListRequest req = new SubscribeDistributionListRequest(DistributionListSelector.fromName(DL_NAME), DistributionListSubscribeOp.subscribe);
    SubscribeDistributionListResponse resp = invokeJaxb(transport, req);
    assertEquals(DistributionListSubscribeStatus.subscribed, resp.getStatus());
    // unsubscribe
    req = new SubscribeDistributionListRequest(DistributionListSelector.fromName(DL_NAME), DistributionListSubscribeOp.unsubscribe);
    boolean caughtPermDenied = false;
    try {
        resp = invokeJaxb(transport, req);
    } catch (ServiceException e) {
        String code = e.getCode();
        if (ServiceException.PERM_DENIED.equals(code)) {
            caughtPermDenied = true;
        }
    }
    assertTrue(caughtPermDenied);
}