Search in sources :

Example 76 with DistributionList

use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.

the class TestGalGroupMembers method setupExternalDomain.

private static void setupExternalDomain() throws Exception {
    Provisioning prov = Provisioning.getInstance();
    // create a domain to simulate entries in external GAL
    if (prov.get(Key.DomainBy.name, EXTERNAL_DOMAIN) == null) {
        ZimbraLog.test.info("Creating domain " + EXTERNAL_DOMAIN);
        prov.createDomain(EXTERNAL_DOMAIN, new HashMap<String, Object>());
    }
    // create groups in the external domain
    String groupAddr = TestUtil.getAddress(EXTERNAL_GROUP, EXTERNAL_DOMAIN);
    DistributionList group = prov.get(Key.DistributionListBy.name, groupAddr);
    if (group == null) {
        group = prov.createDistributionList(groupAddr, new HashMap<String, Object>());
        prov.addMembers(group, ExternalGroupMembers.getAllMembersAsArray());
    }
}
Also used : HashMap(java.util.HashMap) Provisioning(com.zimbra.cs.account.Provisioning) DistributionList(com.zimbra.cs.account.DistributionList)

Example 77 with DistributionList

use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.

the class TestGalGroupMembers method setupZimbraDomain.

private static void setupZimbraDomain() throws Exception {
    Provisioning prov = Provisioning.getInstance();
    // create the zimbra domain
    if (prov.get(Key.DomainBy.name, ZIMBRA_DOMAIN) == null) {
        ZimbraLog.test.info("Creating domain " + ZIMBRA_DOMAIN);
        Domain domain = prov.createDomain(ZIMBRA_DOMAIN, new HashMap<String, Object>());
        // configure external GAL
        Map<String, Object> attrs = new HashMap<String, Object>();
        domain.setGalMode(GalMode.both, attrs);
        domain.addGalLdapURL("ldap://localhost:389", attrs);
        domain.setGalLdapBindDn("cn=config", attrs);
        domain.setGalLdapBindPassword("zimbra");
        domain.setGalLdapSearchBase(LdapUtil.domainToDN(EXTERNAL_DOMAIN));
        domain.setGalAutoCompleteLdapFilter("zimbraAccountAutoComplete");
        domain.setGalLdapFilter("zimbraAccounts");
        prov.modifyAttrs(domain, attrs);
    }
    // create the test user
    String userAddr = TestUtil.getAddress(USER, ZIMBRA_DOMAIN);
    if (prov.get(AccountBy.name, userAddr) == null) {
        prov.createAccount(userAddr, "test123", null);
    }
    // create accounts in the zimbra domain
    for (ZimbraGroupMembers member : ZimbraGroupMembers.values()) {
        if (member.isZimbraAccount()) {
            String addr = member.getAddress();
            if (prov.get(AccountBy.name, addr) == null) {
                prov.createAccount(addr, "test123", null);
            }
        }
    }
    // create zimbra group and add members
    String groupAddr = TestUtil.getAddress(ZIMBRA_GROUP, ZIMBRA_DOMAIN);
    DistributionList group = prov.get(Key.DistributionListBy.name, groupAddr);
    if (group == null) {
        group = prov.createDistributionList(groupAddr, new HashMap<String, Object>());
        prov.addMembers(group, ZimbraGroupMembers.getAllMembersAsArray());
    }
}
Also used : HashMap(java.util.HashMap) Domain(com.zimbra.cs.account.Domain) Provisioning(com.zimbra.cs.account.Provisioning) DistributionList(com.zimbra.cs.account.DistributionList)

Example 78 with DistributionList

use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.

the class TestProv method createDistributionList.

private DistributionList createDistributionList(String localpart, Domain domain, Map<String, Object> attrs) throws Exception {
    if (domain == null)
        domain = createDomain();
    String email = localpart + "@" + domain.getName();
    DistributionList dl = mProv.createDistributionList(email, attrs);
    mCreatedEntries.add(dl);
    return dl;
}
Also used : DistributionList(com.zimbra.cs.account.DistributionList)

Example 79 with DistributionList

use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.

the class TestACLAll method setupTarget.

private void setupTarget(List<Entry> goodTargets, List<Entry> badTargets, Domain domain, Entry grantedOnTarget, TargetType grantedOnTargetType, TargetType targetTypeOfRight, Right right) throws Exception {
    Entry good = null;
    Entry bad = null;
    switch(targetTypeOfRight) {
        case account:
            if (grantedOnTargetType == TargetType.account) {
                goodTargets.add(grantedOnTarget);
                badTargets.add(createUserAccount(domain));
            } else if (grantedOnTargetType == TargetType.calresource) {
                if (right.isUserRight()) {
                    goodTargets.add(grantedOnTarget);
                    badTargets.add(createCalendarResource(domain));
                } else {
                    badTargets.add(grantedOnTarget);
                }
            } else if (grantedOnTargetType == TargetType.dl) {
                if (CheckRight.allowGroupTarget(right)) {
                    good = createUserAccount(domain);
                    goodTargets.add(good);
                    // create a subgroup of the group on which the right is granted (testing multi levels of dl)
                    DistributionList subGroup = createUserDistributionList(domain);
                    prov.addMembers((DistributionList) grantedOnTarget, new String[] { subGroup.getName() });
                    prov.addMembers(subGroup, new String[] { ((Account) good).getName() });
                } else {
                    bad = createUserAccount(domain);
                    prov.addMembers((DistributionList) grantedOnTarget, new String[] { ((Account) bad).getName() });
                    badTargets.add(bad);
                }
            } else if (grantedOnTargetType == TargetType.group) {
                if (CheckRight.allowGroupTarget(right)) {
                    good = createUserAccount(domain);
                    prov.addGroupMembers((DynamicGroup) grantedOnTarget, new String[] { ((Account) good).getName() });
                    goodTargets.add(good);
                } else {
                    bad = createUserAccount(domain);
                    prov.addGroupMembers((DynamicGroup) grantedOnTarget, new String[] { ((Account) bad).getName() });
                    badTargets.add(bad);
                }
            } else if (grantedOnTargetType == TargetType.domain) {
                goodTargets.add(createUserAccount(domain));
                Domain anyDomain = createDomain();
                badTargets.add(createUserAccount(anyDomain));
            } else if (grantedOnTargetType == TargetType.global) {
                Domain anyDomain = createDomain();
                goodTargets.add(createUserAccount(anyDomain));
            } else {
                badTargets.add(grantedOnTarget);
            }
            break;
        case calresource:
            if (grantedOnTargetType == TargetType.calresource) {
                goodTargets.add(grantedOnTarget);
                badTargets.add(createCalendarResource(domain));
            } else if (grantedOnTargetType == TargetType.dl) {
                if (CheckRight.allowGroupTarget(right)) {
                    good = createCalendarResource(domain);
                    prov.addMembers((DistributionList) grantedOnTarget, new String[] { ((Account) good).getName() });
                    goodTargets.add(good);
                } else {
                    bad = createCalendarResource(domain);
                    prov.addMembers((DistributionList) grantedOnTarget, new String[] { ((Account) bad).getName() });
                    badTargets.add(bad);
                }
            } else if (grantedOnTargetType == TargetType.group) {
                if (CheckRight.allowGroupTarget(right)) {
                    good = createCalendarResource(domain);
                    prov.addGroupMembers((DynamicGroup) grantedOnTarget, new String[] { ((Account) good).getName() });
                    goodTargets.add(good);
                } else {
                    bad = createCalendarResource(domain);
                    prov.addGroupMembers((DynamicGroup) grantedOnTarget, new String[] { ((Account) bad).getName() });
                    badTargets.add(bad);
                }
            } else if (grantedOnTargetType == TargetType.domain) {
                good = createCalendarResource(domain);
                goodTargets.add(good);
                Domain anyDomain = createDomain();
                bad = createUserAccount(anyDomain);
                badTargets.add(bad);
            } else if (grantedOnTargetType == TargetType.global) {
                Domain anyDomain = createDomain();
                goodTargets.add(createCalendarResource(anyDomain));
            } else {
                badTargets.add(grantedOnTarget);
            }
            break;
        case cos:
            if (grantedOnTargetType == TargetType.cos) {
                good = grantedOnTarget;
            } else if (grantedOnTargetType == TargetType.global) {
                good = createCos();
            }
            if (good == null) {
                bad = grantedOnTarget;
                badTargets.add(bad);
            } else {
                goodTargets.add(good);
            }
            break;
        case dl:
            if (grantedOnTargetType == TargetType.dl) {
                // create a subgroup of the group on which the right is granted (testing multi levels of dl)
                DistributionList subGroup = createUserDistributionList(domain);
                prov.addMembers((DistributionList) grantedOnTarget, new String[] { subGroup.getName() });
                goodTargets.add(subGroup);
                goodTargets.add(grantedOnTarget);
                badTargets.add(createUserDistributionList(domain));
            } else if (grantedOnTargetType == TargetType.group) {
                // dl rights apply to dynamic groups only for user rights
                if (right.isUserRight()) {
                    goodTargets.add(grantedOnTarget);
                } else {
                    badTargets.add(grantedOnTarget);
                }
            } else if (grantedOnTargetType == TargetType.domain) {
                goodTargets.add(createUserDistributionList(domain));
                if (right.isUserRight()) {
                    goodTargets.add(createUserDynamicGroup(domain));
                } else {
                    badTargets.add(createUserDynamicGroup(domain));
                }
                Domain anyDomain = createDomain();
                badTargets.add(createUserDistributionList(anyDomain));
                badTargets.add(createUserDynamicGroup(anyDomain));
            } else if (grantedOnTargetType == TargetType.global) {
                Domain anyDomain = createDomain();
                goodTargets.add(createUserDistributionList(anyDomain));
                if (right.isUserRight()) {
                    goodTargets.add(createUserDynamicGroup(anyDomain));
                } else {
                    badTargets.add(createUserDynamicGroup(anyDomain));
                }
            } else {
                badTargets.add(grantedOnTarget);
            }
            break;
        case group:
            if (grantedOnTargetType == TargetType.dl) {
                badTargets.add(grantedOnTarget);
            } else if (grantedOnTargetType == TargetType.group) {
                goodTargets.add(grantedOnTarget);
            } else if (grantedOnTargetType == TargetType.domain) {
                goodTargets.add(createUserDynamicGroup(domain));
                badTargets.add(createUserDistributionList(domain));
                Domain anyDomain = createDomain();
                badTargets.add(createUserDistributionList(anyDomain));
                badTargets.add(createUserDynamicGroup(anyDomain));
            } else if (grantedOnTargetType == TargetType.global) {
                Domain anyDomain = createDomain();
                goodTargets.add(createUserDynamicGroup(anyDomain));
                badTargets.add(createUserDistributionList(anyDomain));
            } else {
                badTargets.add(grantedOnTarget);
            }
            break;
        case domain:
            if (grantedOnTargetType == TargetType.domain) {
                goodTargets.add(grantedOnTarget);
                badTargets.add(createDomain());
            } else if (grantedOnTargetType == TargetType.global) {
                goodTargets.add(createDomain());
            } else {
                badTargets.add(grantedOnTarget);
            }
            break;
        case server:
            if (grantedOnTargetType == TargetType.server) {
                goodTargets.add(grantedOnTarget);
                badTargets.add(createServer());
            } else if (grantedOnTargetType == TargetType.global) {
                goodTargets.add(createServer());
            } else {
                badTargets.add(grantedOnTarget);
            }
            break;
        case alwaysoncluster:
            if (grantedOnTargetType == TargetType.alwaysoncluster) {
                goodTargets.add(grantedOnTarget);
                badTargets.add(createAlwaysOnCluster());
            } else if (grantedOnTargetType == TargetType.global) {
                goodTargets.add(createAlwaysOnCluster());
            } else {
                badTargets.add(grantedOnTarget);
            }
            break;
        case ucservice:
            if (grantedOnTargetType == TargetType.ucservice) {
                goodTargets.add(grantedOnTarget);
                badTargets.add(createUCService());
            } else if (grantedOnTargetType == TargetType.global) {
                goodTargets.add(createUCService());
            } else {
                badTargets.add(grantedOnTarget);
            }
            break;
        case xmppcomponent:
            // skip for now
            return;
        case zimlet:
            // zimlet is trouble, need to reload it or else the grant is not on the object
            // ldapProvisioning.getZimlet does not return a cached entry so our grantedOnTarget
            // object does not have the grant
            prov.reload(grantedOnTarget);
            if (grantedOnTargetType == TargetType.zimlet) {
                goodTargets.add(grantedOnTarget);
                badTargets.add(createZimlet());
            } else if (grantedOnTargetType == TargetType.global) {
                goodTargets.add(createZimlet());
            } else {
                badTargets.add(grantedOnTarget);
            }
            break;
        case config:
            if (grantedOnTargetType == TargetType.config)
                goodTargets.add(grantedOnTarget);
            else if (grantedOnTargetType == TargetType.global)
                goodTargets.add(getConfig());
            else
                badTargets.add(grantedOnTarget);
            break;
        case global:
            if (grantedOnTargetType == TargetType.global)
                goodTargets.add(getGlobalGrant());
            else
                badTargets.add(grantedOnTarget);
            break;
        default:
            fail();
    }
}
Also used : DynamicGroup(com.zimbra.cs.account.DynamicGroup) GuestAccount(com.zimbra.cs.account.GuestAccount) Account(com.zimbra.cs.account.Account) NamedEntry(com.zimbra.cs.account.NamedEntry) Entry(com.zimbra.cs.account.Entry) LdapDomain(com.zimbra.cs.account.ldap.entry.LdapDomain) Domain(com.zimbra.cs.account.Domain) DistributionList(com.zimbra.cs.account.DistributionList)

Example 80 with DistributionList

use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.

the class TestACLPermissionCache method testGranteeGroupMembershipChanged.

/*
     * =================
     * grantee side test
     * =================
     */
@Test
public void testGranteeGroupMembershipChanged() throws Exception {
    Right right = A_USER_RIGHT;
    Domain domain = createDomain();
    Account grantTarget = createUserAccount(GRANTTARGET_USER_ACCT, domain);
    Account target = grantTarget;
    DistributionList grantee = createUserDistributionList(GRANTEE_USER_GROUP, domain);
    Account account = createUserAccount(GRANTEE_USER_ACCT, domain);
    mProv.addMembers(grantee, new String[] { account.getName() });
    boolean allow;
    grantRight(TargetType.account, grantTarget, GranteeType.GT_GROUP, grantee, right);
    allow = accessMgr.canDo(account, target, right, false, null);
    assertTrue(allow);
    mProv.removeMembers(grantee, new String[] { account.getName() });
    allow = accessMgr.canDo(account, target, right, false, null);
    assertFalse(allow);
}
Also used : GuestAccount(com.zimbra.cs.account.GuestAccount) Account(com.zimbra.cs.account.Account) Right(com.zimbra.cs.account.accesscontrol.Right) Domain(com.zimbra.cs.account.Domain) DistributionList(com.zimbra.cs.account.DistributionList) Test(org.junit.Test)

Aggregations

DistributionList (com.zimbra.cs.account.DistributionList)120 Account (com.zimbra.cs.account.Account)58 Domain (com.zimbra.cs.account.Domain)43 HashMap (java.util.HashMap)24 Test (org.junit.Test)24 Provisioning (com.zimbra.cs.account.Provisioning)22 NamedEntry (com.zimbra.cs.account.NamedEntry)18 HashSet (java.util.HashSet)18 ArrayList (java.util.ArrayList)14 ServiceException (com.zimbra.common.service.ServiceException)13 AccountServiceException (com.zimbra.cs.account.AccountServiceException)13 Right (com.zimbra.cs.account.accesscontrol.Right)12 DynamicGroup (com.zimbra.cs.account.DynamicGroup)10 LdapDistributionList (com.zimbra.cs.account.ldap.entry.LdapDistributionList)10 Group (com.zimbra.cs.account.Group)9 GuestAccount (com.zimbra.cs.account.GuestAccount)9 LdapProv (com.zimbra.cs.account.ldap.LdapProv)8 List (java.util.List)7 Entry (com.zimbra.cs.account.Entry)6 LdapEntry (com.zimbra.cs.account.ldap.entry.LdapEntry)6