use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.
the class TestGalGroupMembers method setupExternalDomain.
private static void setupExternalDomain() throws Exception {
Provisioning prov = Provisioning.getInstance();
// create a domain to simulate entries in external GAL
if (prov.get(Key.DomainBy.name, EXTERNAL_DOMAIN) == null) {
ZimbraLog.test.info("Creating domain " + EXTERNAL_DOMAIN);
prov.createDomain(EXTERNAL_DOMAIN, new HashMap<String, Object>());
}
// create groups in the external domain
String groupAddr = TestUtil.getAddress(EXTERNAL_GROUP, EXTERNAL_DOMAIN);
DistributionList group = prov.get(Key.DistributionListBy.name, groupAddr);
if (group == null) {
group = prov.createDistributionList(groupAddr, new HashMap<String, Object>());
prov.addMembers(group, ExternalGroupMembers.getAllMembersAsArray());
}
}
use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.
the class TestGalGroupMembers method setupZimbraDomain.
private static void setupZimbraDomain() throws Exception {
Provisioning prov = Provisioning.getInstance();
// create the zimbra domain
if (prov.get(Key.DomainBy.name, ZIMBRA_DOMAIN) == null) {
ZimbraLog.test.info("Creating domain " + ZIMBRA_DOMAIN);
Domain domain = prov.createDomain(ZIMBRA_DOMAIN, new HashMap<String, Object>());
// configure external GAL
Map<String, Object> attrs = new HashMap<String, Object>();
domain.setGalMode(GalMode.both, attrs);
domain.addGalLdapURL("ldap://localhost:389", attrs);
domain.setGalLdapBindDn("cn=config", attrs);
domain.setGalLdapBindPassword("zimbra");
domain.setGalLdapSearchBase(LdapUtil.domainToDN(EXTERNAL_DOMAIN));
domain.setGalAutoCompleteLdapFilter("zimbraAccountAutoComplete");
domain.setGalLdapFilter("zimbraAccounts");
prov.modifyAttrs(domain, attrs);
}
// create the test user
String userAddr = TestUtil.getAddress(USER, ZIMBRA_DOMAIN);
if (prov.get(AccountBy.name, userAddr) == null) {
prov.createAccount(userAddr, "test123", null);
}
// create accounts in the zimbra domain
for (ZimbraGroupMembers member : ZimbraGroupMembers.values()) {
if (member.isZimbraAccount()) {
String addr = member.getAddress();
if (prov.get(AccountBy.name, addr) == null) {
prov.createAccount(addr, "test123", null);
}
}
}
// create zimbra group and add members
String groupAddr = TestUtil.getAddress(ZIMBRA_GROUP, ZIMBRA_DOMAIN);
DistributionList group = prov.get(Key.DistributionListBy.name, groupAddr);
if (group == null) {
group = prov.createDistributionList(groupAddr, new HashMap<String, Object>());
prov.addMembers(group, ZimbraGroupMembers.getAllMembersAsArray());
}
}
use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.
the class TestProv method createDistributionList.
private DistributionList createDistributionList(String localpart, Domain domain, Map<String, Object> attrs) throws Exception {
if (domain == null)
domain = createDomain();
String email = localpart + "@" + domain.getName();
DistributionList dl = mProv.createDistributionList(email, attrs);
mCreatedEntries.add(dl);
return dl;
}
use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.
the class TestACLAll method setupTarget.
private void setupTarget(List<Entry> goodTargets, List<Entry> badTargets, Domain domain, Entry grantedOnTarget, TargetType grantedOnTargetType, TargetType targetTypeOfRight, Right right) throws Exception {
Entry good = null;
Entry bad = null;
switch(targetTypeOfRight) {
case account:
if (grantedOnTargetType == TargetType.account) {
goodTargets.add(grantedOnTarget);
badTargets.add(createUserAccount(domain));
} else if (grantedOnTargetType == TargetType.calresource) {
if (right.isUserRight()) {
goodTargets.add(grantedOnTarget);
badTargets.add(createCalendarResource(domain));
} else {
badTargets.add(grantedOnTarget);
}
} else if (grantedOnTargetType == TargetType.dl) {
if (CheckRight.allowGroupTarget(right)) {
good = createUserAccount(domain);
goodTargets.add(good);
// create a subgroup of the group on which the right is granted (testing multi levels of dl)
DistributionList subGroup = createUserDistributionList(domain);
prov.addMembers((DistributionList) grantedOnTarget, new String[] { subGroup.getName() });
prov.addMembers(subGroup, new String[] { ((Account) good).getName() });
} else {
bad = createUserAccount(domain);
prov.addMembers((DistributionList) grantedOnTarget, new String[] { ((Account) bad).getName() });
badTargets.add(bad);
}
} else if (grantedOnTargetType == TargetType.group) {
if (CheckRight.allowGroupTarget(right)) {
good = createUserAccount(domain);
prov.addGroupMembers((DynamicGroup) grantedOnTarget, new String[] { ((Account) good).getName() });
goodTargets.add(good);
} else {
bad = createUserAccount(domain);
prov.addGroupMembers((DynamicGroup) grantedOnTarget, new String[] { ((Account) bad).getName() });
badTargets.add(bad);
}
} else if (grantedOnTargetType == TargetType.domain) {
goodTargets.add(createUserAccount(domain));
Domain anyDomain = createDomain();
badTargets.add(createUserAccount(anyDomain));
} else if (grantedOnTargetType == TargetType.global) {
Domain anyDomain = createDomain();
goodTargets.add(createUserAccount(anyDomain));
} else {
badTargets.add(grantedOnTarget);
}
break;
case calresource:
if (grantedOnTargetType == TargetType.calresource) {
goodTargets.add(grantedOnTarget);
badTargets.add(createCalendarResource(domain));
} else if (grantedOnTargetType == TargetType.dl) {
if (CheckRight.allowGroupTarget(right)) {
good = createCalendarResource(domain);
prov.addMembers((DistributionList) grantedOnTarget, new String[] { ((Account) good).getName() });
goodTargets.add(good);
} else {
bad = createCalendarResource(domain);
prov.addMembers((DistributionList) grantedOnTarget, new String[] { ((Account) bad).getName() });
badTargets.add(bad);
}
} else if (grantedOnTargetType == TargetType.group) {
if (CheckRight.allowGroupTarget(right)) {
good = createCalendarResource(domain);
prov.addGroupMembers((DynamicGroup) grantedOnTarget, new String[] { ((Account) good).getName() });
goodTargets.add(good);
} else {
bad = createCalendarResource(domain);
prov.addGroupMembers((DynamicGroup) grantedOnTarget, new String[] { ((Account) bad).getName() });
badTargets.add(bad);
}
} else if (grantedOnTargetType == TargetType.domain) {
good = createCalendarResource(domain);
goodTargets.add(good);
Domain anyDomain = createDomain();
bad = createUserAccount(anyDomain);
badTargets.add(bad);
} else if (grantedOnTargetType == TargetType.global) {
Domain anyDomain = createDomain();
goodTargets.add(createCalendarResource(anyDomain));
} else {
badTargets.add(grantedOnTarget);
}
break;
case cos:
if (grantedOnTargetType == TargetType.cos) {
good = grantedOnTarget;
} else if (grantedOnTargetType == TargetType.global) {
good = createCos();
}
if (good == null) {
bad = grantedOnTarget;
badTargets.add(bad);
} else {
goodTargets.add(good);
}
break;
case dl:
if (grantedOnTargetType == TargetType.dl) {
// create a subgroup of the group on which the right is granted (testing multi levels of dl)
DistributionList subGroup = createUserDistributionList(domain);
prov.addMembers((DistributionList) grantedOnTarget, new String[] { subGroup.getName() });
goodTargets.add(subGroup);
goodTargets.add(grantedOnTarget);
badTargets.add(createUserDistributionList(domain));
} else if (grantedOnTargetType == TargetType.group) {
// dl rights apply to dynamic groups only for user rights
if (right.isUserRight()) {
goodTargets.add(grantedOnTarget);
} else {
badTargets.add(grantedOnTarget);
}
} else if (grantedOnTargetType == TargetType.domain) {
goodTargets.add(createUserDistributionList(domain));
if (right.isUserRight()) {
goodTargets.add(createUserDynamicGroup(domain));
} else {
badTargets.add(createUserDynamicGroup(domain));
}
Domain anyDomain = createDomain();
badTargets.add(createUserDistributionList(anyDomain));
badTargets.add(createUserDynamicGroup(anyDomain));
} else if (grantedOnTargetType == TargetType.global) {
Domain anyDomain = createDomain();
goodTargets.add(createUserDistributionList(anyDomain));
if (right.isUserRight()) {
goodTargets.add(createUserDynamicGroup(anyDomain));
} else {
badTargets.add(createUserDynamicGroup(anyDomain));
}
} else {
badTargets.add(grantedOnTarget);
}
break;
case group:
if (grantedOnTargetType == TargetType.dl) {
badTargets.add(grantedOnTarget);
} else if (grantedOnTargetType == TargetType.group) {
goodTargets.add(grantedOnTarget);
} else if (grantedOnTargetType == TargetType.domain) {
goodTargets.add(createUserDynamicGroup(domain));
badTargets.add(createUserDistributionList(domain));
Domain anyDomain = createDomain();
badTargets.add(createUserDistributionList(anyDomain));
badTargets.add(createUserDynamicGroup(anyDomain));
} else if (grantedOnTargetType == TargetType.global) {
Domain anyDomain = createDomain();
goodTargets.add(createUserDynamicGroup(anyDomain));
badTargets.add(createUserDistributionList(anyDomain));
} else {
badTargets.add(grantedOnTarget);
}
break;
case domain:
if (grantedOnTargetType == TargetType.domain) {
goodTargets.add(grantedOnTarget);
badTargets.add(createDomain());
} else if (grantedOnTargetType == TargetType.global) {
goodTargets.add(createDomain());
} else {
badTargets.add(grantedOnTarget);
}
break;
case server:
if (grantedOnTargetType == TargetType.server) {
goodTargets.add(grantedOnTarget);
badTargets.add(createServer());
} else if (grantedOnTargetType == TargetType.global) {
goodTargets.add(createServer());
} else {
badTargets.add(grantedOnTarget);
}
break;
case alwaysoncluster:
if (grantedOnTargetType == TargetType.alwaysoncluster) {
goodTargets.add(grantedOnTarget);
badTargets.add(createAlwaysOnCluster());
} else if (grantedOnTargetType == TargetType.global) {
goodTargets.add(createAlwaysOnCluster());
} else {
badTargets.add(grantedOnTarget);
}
break;
case ucservice:
if (grantedOnTargetType == TargetType.ucservice) {
goodTargets.add(grantedOnTarget);
badTargets.add(createUCService());
} else if (grantedOnTargetType == TargetType.global) {
goodTargets.add(createUCService());
} else {
badTargets.add(grantedOnTarget);
}
break;
case xmppcomponent:
// skip for now
return;
case zimlet:
// zimlet is trouble, need to reload it or else the grant is not on the object
// ldapProvisioning.getZimlet does not return a cached entry so our grantedOnTarget
// object does not have the grant
prov.reload(grantedOnTarget);
if (grantedOnTargetType == TargetType.zimlet) {
goodTargets.add(grantedOnTarget);
badTargets.add(createZimlet());
} else if (grantedOnTargetType == TargetType.global) {
goodTargets.add(createZimlet());
} else {
badTargets.add(grantedOnTarget);
}
break;
case config:
if (grantedOnTargetType == TargetType.config)
goodTargets.add(grantedOnTarget);
else if (grantedOnTargetType == TargetType.global)
goodTargets.add(getConfig());
else
badTargets.add(grantedOnTarget);
break;
case global:
if (grantedOnTargetType == TargetType.global)
goodTargets.add(getGlobalGrant());
else
badTargets.add(grantedOnTarget);
break;
default:
fail();
}
}
use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.
the class TestACLPermissionCache method testGranteeGroupMembershipChanged.
/*
* =================
* grantee side test
* =================
*/
@Test
public void testGranteeGroupMembershipChanged() throws Exception {
Right right = A_USER_RIGHT;
Domain domain = createDomain();
Account grantTarget = createUserAccount(GRANTTARGET_USER_ACCT, domain);
Account target = grantTarget;
DistributionList grantee = createUserDistributionList(GRANTEE_USER_GROUP, domain);
Account account = createUserAccount(GRANTEE_USER_ACCT, domain);
mProv.addMembers(grantee, new String[] { account.getName() });
boolean allow;
grantRight(TargetType.account, grantTarget, GranteeType.GT_GROUP, grantee, right);
allow = accessMgr.canDo(account, target, right, false, null);
assertTrue(allow);
mProv.removeMembers(grantee, new String[] { account.getName() });
allow = accessMgr.canDo(account, target, right, false, null);
assertFalse(allow);
}
Aggregations