Example 1 with AttrRightChecker
use of com.zimbra.cs.account.AccessManager.AttrRightChecker in project zm-mailbox by Zimbra.
the class GetDistributionList method handle.
@Override
public Element handle(Element request, Map<String, Object> context) throws ServiceException {
ZimbraSoapContext zsc = getZimbraSoapContext(context);
GetDistributionListRequest req = zsc.elementToJaxb(request);
int limit = (req.getLimit() == null) ? 0 : req.getLimit();
if (limit < 0) {
throw ServiceException.INVALID_REQUEST("limit" + limit + " is negative", null);
}
int offset = (req.getOffset() == null) ? 0 : req.getOffset();
if (offset < 0) {
throw ServiceException.INVALID_REQUEST("offset" + offset + " is negative", null);
}
boolean sortAscending = !Boolean.FALSE.equals(req.isSortAscending());
Set<String> reqAttrs = getReqAttrs(req.getAttrs(), AttributeClass.distributionList);
DistributionListSelector dlSel = req.getDl();
DistributionListBy dlBy = dlSel.getBy().toKeyDistributionListBy();
AttrRightChecker arc = null;
Group group = getGroupFromContext(context);
if (group == null) {
if (DistributionListBy.name.equals(dlBy)) {
Entry pseudoTarget = pseudoTargetInSameDomainAsEmail(TargetType.dl, dlSel.getKey());
if (null != pseudoTarget) {
AdminAccessControl aac = checkDistributionListRight(zsc, (DistributionList) pseudoTarget, AdminRight.PR_ALWAYS_ALLOW);
arc = aac.getAttrRightChecker(pseudoTarget);
}
}
if (arc != null) {
defendAgainstGroupHarvestingWhenAbsent(dlBy, dlSel.getKey(), zsc, new GroupHarvestingCheckerUsingGetAttrsPerms(zsc, arc, Arrays.asList(minimumAttrs)));
} else {
defendAgainstGroupHarvestingWhenAbsent(dlBy, dlSel.getKey(), zsc, Admin.R_getDistributionList);
}
} else if (group.isDynamic()) {
AdminAccessControl aac = checkDynamicGroupRight(zsc, (DynamicGroup) group, AdminRight.PR_ALWAYS_ALLOW);
arc = aac.getAttrRightChecker(group);
} else {
AdminAccessControl aac = checkDistributionListRight(zsc, (DistributionList) group, AdminRight.PR_ALWAYS_ALLOW);
arc = aac.getAttrRightChecker(group);
}
defendAgainstGroupHarvesting(group, dlBy, dlSel.getKey(), zsc, new GroupHarvestingCheckerUsingGetAttrsPerms(zsc, arc, Arrays.asList(minimumAttrs)));
Element response = zsc.createElement(AdminConstants.GET_DISTRIBUTION_LIST_RESPONSE);
Element eDL = encodeDistributionList(response, group, true, false, reqAttrs, arc);
// return member info only if the authed has right to see zimbraMailForwardingAddress
boolean allowMembers = true;
if (group.isDynamic()) {
allowMembers = arc == null ? true : arc.allowAttr(Provisioning.A_member);
} else {
allowMembers = arc == null ? true : arc.allowAttr(Provisioning.A_zimbraMailForwardingAddress);
}
if (allowMembers) {
encodeMembers(response, eDL, group, offset, limit, sortAscending);
}
return response;
}
Also used :
DynamicGroup(com.zimbra.cs.account.DynamicGroup)
Group(com.zimbra.cs.account.Group)
DynamicGroup(com.zimbra.cs.account.DynamicGroup)
DistributionListBy(com.zimbra.common.account.Key.DistributionListBy)
Element(com.zimbra.common.soap.Element)
DistributionListSelector(com.zimbra.soap.admin.type.DistributionListSelector)
GetDistributionListRequest(com.zimbra.soap.admin.message.GetDistributionListRequest)
AttrRightChecker(com.zimbra.cs.account.AccessManager.AttrRightChecker)
Entry(com.zimbra.cs.account.Entry)
ZimbraSoapContext(com.zimbra.soap.ZimbraSoapContext)
DistributionList(com.zimbra.cs.account.DistributionList)
Aggregations
DistributionListBy (com.zimbra.common.account.Key.DistributionListBy)1
Element (com.zimbra.common.soap.Element)1
AttrRightChecker (com.zimbra.cs.account.AccessManager.AttrRightChecker)1
DistributionList (com.zimbra.cs.account.DistributionList)1
DynamicGroup (com.zimbra.cs.account.DynamicGroup)1
Entry (com.zimbra.cs.account.Entry)1
Group (com.zimbra.cs.account.Group)1
ZimbraSoapContext (com.zimbra.soap.ZimbraSoapContext)1
GetDistributionListRequest (com.zimbra.soap.admin.message.GetDistributionListRequest)1
DistributionListSelector (com.zimbra.soap.admin.type.DistributionListSelector)1
