use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.
the class TestACLPermissionCache method testIndirectGroupMembershipChanged.
@Test
public void testIndirectGroupMembershipChanged() throws Exception {
Right right = A_USER_RIGHT_DISTRIBUTION_LIST;
Domain domain = createDomain();
DistributionList grantTarget = createUserDistributionList(GRANTTARGET_USER_GROUP, domain);
DistributionList subGroup = createUserDistributionList(SUBGROUP_OF_GRANTTARGET_USER_GROUP, domain);
DistributionList target = createUserDistributionList(TARGET_USER_GROUP, domain);
Account grantee = createUserAccount(GRANTEE_USER_ACCT, domain);
mProv.addMembers(grantTarget, new String[] { subGroup.getName() });
mProv.addMembers(subGroup, new String[] { target.getName() });
boolean allow;
grantRight(TargetType.dl, grantTarget, GranteeType.GT_USER, grantee, right);
allow = accessMgr.canDo(grantee, target, right, false, null);
assertTrue(allow);
// this test won't work because although the permission cache is cleared,
// the upward groups are still cached on the account, it has been the
// behavior predates the permission cache enhancement
// mProv.removeMembers(grantTarget, new String[]{subGroup.getName()});
// allow = accessMgr.canDo(grantee, target, right, false, null);
// assertFalse(allow);
// this works
mProv.removeMembers(subGroup, new String[] { target.getName() });
allow = accessMgr.canDo(grantee, target, right, false, null);
assertFalse(allow);
mProv.addMembers(subGroup, new String[] { target.getName() });
allow = accessMgr.canDo(grantee, target, right, false, null);
assertTrue(allow);
}
use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.
the class CalendarUtils method getRemovedAttendees.
// Compare the old and new attendee lists to figure out which attendees are being removed.
// Distribution lists are taken into consideration if requested.
public static List<ZAttendee> getRemovedAttendees(List<ZAttendee> oldAttendees, List<ZAttendee> newAttendees, boolean checkListMembership, Account account) throws ServiceException {
List<ZAttendee> list = new ArrayList<ZAttendee>();
Provisioning prov = Provisioning.getInstance();
// if attendees have been removed, then we need to send them individual cancellation messages
for (ZAttendee old : oldAttendees) {
boolean matches = false;
String oldAddr = old.getAddress();
if (oldAddr != null) {
Account oldAcct = prov.get(AccountBy.name, oldAddr);
if (oldAcct != null) {
// local user - consider aliases
AccountAddressMatcher acctMatcher = new AccountAddressMatcher(oldAcct);
for (ZAttendee newAt : newAttendees) {
if (acctMatcher.matches(newAt.getAddress())) {
matches = true;
break;
}
}
} else {
// external email - simple string comparison of email addresses
for (ZAttendee newAt : newAttendees) {
if (oldAddr.equalsIgnoreCase(newAt.getAddress())) {
matches = true;
break;
}
}
}
}
if (!matches)
list.add(old);
}
if (list.isEmpty())
return list;
//bug 68728, skip checking in ZD
checkListMembership = checkListMembership && LC.check_dl_membership_enabled.booleanValue();
// Find out which of the new attendees are local distribution lists or GAL groups.
if (checkListMembership) {
List<DistributionList> newAtsDL = new ArrayList<DistributionList>();
List<String> /* GAL group email */
newAtsGALGroup = new ArrayList<String>();
for (ZAttendee at : newAttendees) {
String addr = at.getAddress();
if (addr != null) {
DistributionList dl = prov.get(Key.DistributionListBy.name, addr);
if (dl != null)
newAtsDL.add(dl);
else if (GalGroup.isGroup(addr, account))
newAtsGALGroup.add(addr);
}
}
// GAL groups: Iterate over GAL groups first because fetching member list is expensive.
for (String galAddr : newAtsGALGroup) {
if (list.isEmpty())
break;
Set<String> galMembers = GalGroupMembers.getGroupMembers(galAddr, account);
for (Iterator<ZAttendee> removedIter = list.iterator(); removedIter.hasNext(); ) {
ZAttendee removedAt = removedIter.next();
String addr = removedAt.getAddress();
if (addr != null && galMembers.contains(addr))
removedIter.remove();
}
}
Set<String> remoteAddrs = new HashSet<String>();
// via alias address.
for (Iterator<ZAttendee> removedIter = list.iterator(); removedIter.hasNext(); ) {
ZAttendee removedAt = removedIter.next();
String addr = removedAt.getAddress();
if (addr != null) {
Account removedAcct = prov.get(AccountBy.name, addr);
if (removedAcct != null) {
Set<String> acctDLs = prov.getDistributionLists(removedAcct);
for (DistributionList dl : newAtsDL) {
if (acctDLs.contains(dl.getId())) {
removedIter.remove();
break;
}
}
} else {
// Removed address is not a local account.
remoteAddrs.add(addr);
}
}
}
// Check non-local attendee membership in local DLs. Only direct membership is checked.
if (!remoteAddrs.isEmpty()) {
for (DistributionList dl : newAtsDL) {
// Get list members. We won't do recursive expansion; let's keep it sane.
String[] members = dl.getAllMembers();
if (members != null && members.length > 0) {
Set<String> membersLower = new HashSet<String>();
for (String member : members) {
membersLower.add(member.toLowerCase());
}
for (Iterator<ZAttendee> removedIter = list.iterator(); removedIter.hasNext(); ) {
ZAttendee removedAt = removedIter.next();
String addr = removedAt.getAddress();
if (addr != null && remoteAddrs.contains(addr) && membersLower.contains(addr.toLowerCase())) {
removedIter.remove();
}
}
}
}
}
}
return list;
}
use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.
the class TestProvAlias method testRemoveAlias_entryNotExist_aliasNotExist.
//
// D
//
@Test
public void testRemoveAlias_entryNotExist_aliasNotExist() throws Exception {
String testName = getTestName();
// create the domain
String domainName = "EN-AN" + "." + BASE_DOMAIN_NAME;
domainName = domainName.toLowerCase();
Map<String, Object> attrs = new HashMap<String, Object>();
attrs.put(Provisioning.A_zimbraDomainType, Provisioning.DomainType.local.name());
Domain domain = prov.createDomain(domainName, attrs);
// create the account
String acctName = getEmail("acct-1", domainName);
Account acct = prov.createAccount(acctName, PASSWORD, new HashMap<String, Object>());
// add an alias to the account
String aliasName = getEmail("alias-1", domainName);
prov.addAlias(acct, aliasName);
// create 2 DLs
String dl1Name = getEmail("dl-1", domainName);
DistributionList dl1 = prov.createDistributionList(dl1Name, new HashMap<String, Object>());
String dl2Name = getEmail("dl-2", domainName);
DistributionList dl2 = prov.createDistributionList(dl2Name, new HashMap<String, Object>());
// add the alias to the two DLs
prov.addMembers(dl1, new String[] { aliasName });
prov.addMembers(dl2, new String[] { aliasName });
// now, hack it to delete the alias entry
{
List<NamedEntry> aliases = searchAliasesInDomain(domain);
assertEquals(aliases.size(), 1);
LdapEntry ldapAlias = (LdapEntry) aliases.get(0);
String aliasDn = ldapAlias.getDN();
((LdapProv) prov).getHelper().deleteEntry(aliasDn, LdapUsage.UNITTEST);
}
Account nonExistingAcct = null;
// remove the alias
// we should *not* get a NO_SUCH_ALIAS exception
prov.removeAlias(nonExistingAcct, aliasName);
// reload all entries
prov.reload(acct);
prov.reload(dl1);
prov.reload(dl2);
Set<String> values;
// ensure the alias is still on the account's mail/zimbraMailAlias attrs
values = acct.getMultiAttrSet(Provisioning.A_mail);
assertTrue(values.contains(aliasName));
values = acct.getMultiAttrSet(Provisioning.A_zimbraMailAlias);
assertTrue(values.contains(aliasName));
// ensure the alias is removed from all the DLs
values = dl1.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
assertFalse(values.contains(aliasName));
values = dl2.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
assertFalse(values.contains(aliasName));
// ensure the alias entry is removed (should have been removed when we hacked to unbind it)
List<NamedEntry> aliases = searchAliasesInDomain(domain);
assertEquals(aliases.size(), 0);
}
use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.
the class TestProvAlias method testRemoveAlias_entryNotExist_aliasExist_aliasPointToNonExistEntry.
//
// C - alias points to a non-existing entry
//
@Test
public void testRemoveAlias_entryNotExist_aliasExist_aliasPointToNonExistEntry() throws Exception {
String testName = getTestName();
// create the domain
String domainName = "EN-AE-aliasPointToNonExistEntry" + "." + BASE_DOMAIN_NAME;
domainName = domainName.toLowerCase();
Map<String, Object> attrs = new HashMap<String, Object>();
attrs.put(Provisioning.A_zimbraDomainType, Provisioning.DomainType.local.name());
Domain domain = prov.createDomain(domainName, attrs);
// create the account
String acctName = getEmail("acct-1", domainName);
Account acct = prov.createAccount(acctName, PASSWORD, new HashMap<String, Object>());
// add an alias to the account
String aliasName = getEmail("alias-1", domainName);
prov.addAlias(acct, aliasName);
// create 2 DLs
String dl1Name = getEmail("dl-1", domainName);
DistributionList dl1 = prov.createDistributionList(dl1Name, new HashMap<String, Object>());
String dl2Name = getEmail("dl-2", domainName);
DistributionList dl2 = prov.createDistributionList(dl2Name, new HashMap<String, Object>());
// add the alias to the two DLs
prov.addMembers(dl1, new String[] { aliasName });
prov.addMembers(dl2, new String[] { aliasName });
// now, hack it so the alias points to a non-existing entry
{
Map<String, Object> attributes = new HashMap<String, Object>();
attributes.put(Provisioning.A_zimbraAliasTargetId, LdapUtil.generateUUID());
List<NamedEntry> aliases = searchAliasesInDomain(domain);
assertEquals(aliases.size(), 1);
LdapEntry ldapAlias = (LdapEntry) aliases.get(0);
((LdapProv) prov).getHelper().modifyEntry(ldapAlias.getDN(), attributes, (Entry) ldapAlias, LdapUsage.UNITTEST);
}
Account nonExistingAcct = null;
// remove the alias, on a "not found" account, and the alias is pointing to a non-existing entry
// we should *not* get the NO_SUCH_ALIAS exception
prov.removeAlias(nonExistingAcct, aliasName);
// reload all entries
prov.reload(acct);
prov.reload(dl1);
prov.reload(dl2);
Set<String> values;
// ensure the alias is still on the account's mail/zimbraMailAlias attrs
// because there is no ref to this account so there is no way to remove them
// (note, to remove them, A - aliasPointToNonExistEntry is the test for this)
values = acct.getMultiAttrSet(Provisioning.A_mail);
assertTrue(values.contains(aliasName));
values = acct.getMultiAttrSet(Provisioning.A_zimbraMailAlias);
assertTrue(values.contains(aliasName));
// ensure the alias is removed from all the DLs
values = dl1.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
assertFalse(values.contains(aliasName));
values = dl2.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
assertFalse(values.contains(aliasName));
// ensure the alias entry is removed
List<NamedEntry> aliases = searchAliasesInDomain(domain);
assertEquals(aliases.size(), 0);
}
use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.
the class TestProvAlias method testCreateAlias_aliasNameExistsButIsNotAnAlias.
@Test
public void testCreateAlias_aliasNameExistsButIsNotAnAlias() throws Exception {
String testName = getTestName();
// create the domain
String domainName = underscoreToHyphen(testName) + "." + BASE_DOMAIN_NAME;
domainName = domainName.toLowerCase();
Map<String, Object> attrs = new HashMap<String, Object>();
attrs.put(Provisioning.A_zimbraDomainType, Provisioning.DomainType.local.name());
Domain domain = prov.createDomain(domainName, attrs);
// create the account
String acctName = getEmail("acct-1", domainName);
Account acct = prov.createAccount(acctName, PASSWORD, new HashMap<String, Object>());
// create another account
String acct2Name = getEmail("acct-2", domainName);
Account acct2 = prov.createAccount(acct2Name, PASSWORD, new HashMap<String, Object>());
// create a distribution list
String dlName = getEmail("dl", domainName);
DistributionList dl = prov.createDistributionList(dlName, new HashMap<String, Object>());
boolean good = false;
try {
prov.addAlias(acct, acct2Name);
} catch (ServiceException e) {
if (AccountServiceException.ACCOUNT_EXISTS.equals(e.getCode()))
good = true;
}
assertTrue(good);
try {
prov.addAlias(acct, dlName);
} catch (ServiceException e) {
if (AccountServiceException.ACCOUNT_EXISTS.equals(e.getCode()))
good = true;
}
assertTrue(good);
}
Aggregations