Search in sources :

Example 26 with DistributionList

use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.

the class TestACLPermissionCache method testIndirectGroupMembershipChanged.

@Test
public void testIndirectGroupMembershipChanged() throws Exception {
    Right right = A_USER_RIGHT_DISTRIBUTION_LIST;
    Domain domain = createDomain();
    DistributionList grantTarget = createUserDistributionList(GRANTTARGET_USER_GROUP, domain);
    DistributionList subGroup = createUserDistributionList(SUBGROUP_OF_GRANTTARGET_USER_GROUP, domain);
    DistributionList target = createUserDistributionList(TARGET_USER_GROUP, domain);
    Account grantee = createUserAccount(GRANTEE_USER_ACCT, domain);
    mProv.addMembers(grantTarget, new String[] { subGroup.getName() });
    mProv.addMembers(subGroup, new String[] { target.getName() });
    boolean allow;
    grantRight(TargetType.dl, grantTarget, GranteeType.GT_USER, grantee, right);
    allow = accessMgr.canDo(grantee, target, right, false, null);
    assertTrue(allow);
    // this test won't work because although the permission cache is cleared,
    // the upward groups are still cached on the account, it has been the
    // behavior predates the permission cache enhancement
    // mProv.removeMembers(grantTarget, new String[]{subGroup.getName()});
    // allow = accessMgr.canDo(grantee, target, right, false, null);
    // assertFalse(allow);
    // this works
    mProv.removeMembers(subGroup, new String[] { target.getName() });
    allow = accessMgr.canDo(grantee, target, right, false, null);
    assertFalse(allow);
    mProv.addMembers(subGroup, new String[] { target.getName() });
    allow = accessMgr.canDo(grantee, target, right, false, null);
    assertTrue(allow);
}
Also used : GuestAccount(com.zimbra.cs.account.GuestAccount) Account(com.zimbra.cs.account.Account) Right(com.zimbra.cs.account.accesscontrol.Right) Domain(com.zimbra.cs.account.Domain) DistributionList(com.zimbra.cs.account.DistributionList) Test(org.junit.Test)

Example 27 with DistributionList

use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.

the class CalendarUtils method getRemovedAttendees.

// Compare the old and new attendee lists to figure out which attendees are being removed.
// Distribution lists are taken into consideration if requested.
public static List<ZAttendee> getRemovedAttendees(List<ZAttendee> oldAttendees, List<ZAttendee> newAttendees, boolean checkListMembership, Account account) throws ServiceException {
    List<ZAttendee> list = new ArrayList<ZAttendee>();
    Provisioning prov = Provisioning.getInstance();
    // if attendees have been removed, then we need to send them individual cancellation messages
    for (ZAttendee old : oldAttendees) {
        boolean matches = false;
        String oldAddr = old.getAddress();
        if (oldAddr != null) {
            Account oldAcct = prov.get(AccountBy.name, oldAddr);
            if (oldAcct != null) {
                // local user - consider aliases
                AccountAddressMatcher acctMatcher = new AccountAddressMatcher(oldAcct);
                for (ZAttendee newAt : newAttendees) {
                    if (acctMatcher.matches(newAt.getAddress())) {
                        matches = true;
                        break;
                    }
                }
            } else {
                // external email - simple string comparison of email addresses
                for (ZAttendee newAt : newAttendees) {
                    if (oldAddr.equalsIgnoreCase(newAt.getAddress())) {
                        matches = true;
                        break;
                    }
                }
            }
        }
        if (!matches)
            list.add(old);
    }
    if (list.isEmpty())
        return list;
    //bug 68728, skip checking in ZD
    checkListMembership = checkListMembership && LC.check_dl_membership_enabled.booleanValue();
    // Find out which of the new attendees are local distribution lists or GAL groups.
    if (checkListMembership) {
        List<DistributionList> newAtsDL = new ArrayList<DistributionList>();
        List<String> /* GAL group email */
        newAtsGALGroup = new ArrayList<String>();
        for (ZAttendee at : newAttendees) {
            String addr = at.getAddress();
            if (addr != null) {
                DistributionList dl = prov.get(Key.DistributionListBy.name, addr);
                if (dl != null)
                    newAtsDL.add(dl);
                else if (GalGroup.isGroup(addr, account))
                    newAtsGALGroup.add(addr);
            }
        }
        // GAL groups: Iterate over GAL groups first because fetching member list is expensive.
        for (String galAddr : newAtsGALGroup) {
            if (list.isEmpty())
                break;
            Set<String> galMembers = GalGroupMembers.getGroupMembers(galAddr, account);
            for (Iterator<ZAttendee> removedIter = list.iterator(); removedIter.hasNext(); ) {
                ZAttendee removedAt = removedIter.next();
                String addr = removedAt.getAddress();
                if (addr != null && galMembers.contains(addr))
                    removedIter.remove();
            }
        }
        Set<String> remoteAddrs = new HashSet<String>();
        // via alias address.
        for (Iterator<ZAttendee> removedIter = list.iterator(); removedIter.hasNext(); ) {
            ZAttendee removedAt = removedIter.next();
            String addr = removedAt.getAddress();
            if (addr != null) {
                Account removedAcct = prov.get(AccountBy.name, addr);
                if (removedAcct != null) {
                    Set<String> acctDLs = prov.getDistributionLists(removedAcct);
                    for (DistributionList dl : newAtsDL) {
                        if (acctDLs.contains(dl.getId())) {
                            removedIter.remove();
                            break;
                        }
                    }
                } else {
                    // Removed address is not a local account.
                    remoteAddrs.add(addr);
                }
            }
        }
        // Check non-local attendee membership in local DLs.  Only direct membership is checked.
        if (!remoteAddrs.isEmpty()) {
            for (DistributionList dl : newAtsDL) {
                // Get list members.  We won't do recursive expansion; let's keep it sane.
                String[] members = dl.getAllMembers();
                if (members != null && members.length > 0) {
                    Set<String> membersLower = new HashSet<String>();
                    for (String member : members) {
                        membersLower.add(member.toLowerCase());
                    }
                    for (Iterator<ZAttendee> removedIter = list.iterator(); removedIter.hasNext(); ) {
                        ZAttendee removedAt = removedIter.next();
                        String addr = removedAt.getAddress();
                        if (addr != null && remoteAddrs.contains(addr) && membersLower.contains(addr.toLowerCase())) {
                            removedIter.remove();
                        }
                    }
                }
            }
        }
    }
    return list;
}
Also used : Account(com.zimbra.cs.account.Account) ArrayList(java.util.ArrayList) Provisioning(com.zimbra.cs.account.Provisioning) AccountAddressMatcher(com.zimbra.cs.util.AccountUtil.AccountAddressMatcher) ZAttendee(com.zimbra.cs.mailbox.calendar.ZAttendee) DistributionList(com.zimbra.cs.account.DistributionList) HashSet(java.util.HashSet)

Example 28 with DistributionList

use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.

the class TestProvAlias method testRemoveAlias_entryNotExist_aliasNotExist.

//
// D
//
@Test
public void testRemoveAlias_entryNotExist_aliasNotExist() throws Exception {
    String testName = getTestName();
    // create the domain
    String domainName = "EN-AN" + "." + BASE_DOMAIN_NAME;
    domainName = domainName.toLowerCase();
    Map<String, Object> attrs = new HashMap<String, Object>();
    attrs.put(Provisioning.A_zimbraDomainType, Provisioning.DomainType.local.name());
    Domain domain = prov.createDomain(domainName, attrs);
    // create the account
    String acctName = getEmail("acct-1", domainName);
    Account acct = prov.createAccount(acctName, PASSWORD, new HashMap<String, Object>());
    // add an alias to the account
    String aliasName = getEmail("alias-1", domainName);
    prov.addAlias(acct, aliasName);
    // create 2 DLs
    String dl1Name = getEmail("dl-1", domainName);
    DistributionList dl1 = prov.createDistributionList(dl1Name, new HashMap<String, Object>());
    String dl2Name = getEmail("dl-2", domainName);
    DistributionList dl2 = prov.createDistributionList(dl2Name, new HashMap<String, Object>());
    // add the alias to the two DLs
    prov.addMembers(dl1, new String[] { aliasName });
    prov.addMembers(dl2, new String[] { aliasName });
    // now, hack it to delete the alias entry
    {
        List<NamedEntry> aliases = searchAliasesInDomain(domain);
        assertEquals(aliases.size(), 1);
        LdapEntry ldapAlias = (LdapEntry) aliases.get(0);
        String aliasDn = ldapAlias.getDN();
        ((LdapProv) prov).getHelper().deleteEntry(aliasDn, LdapUsage.UNITTEST);
    }
    Account nonExistingAcct = null;
    // remove the alias
    // we should *not* get a NO_SUCH_ALIAS exception
    prov.removeAlias(nonExistingAcct, aliasName);
    // reload all entries
    prov.reload(acct);
    prov.reload(dl1);
    prov.reload(dl2);
    Set<String> values;
    // ensure the alias is still on the account's mail/zimbraMailAlias attrs
    values = acct.getMultiAttrSet(Provisioning.A_mail);
    assertTrue(values.contains(aliasName));
    values = acct.getMultiAttrSet(Provisioning.A_zimbraMailAlias);
    assertTrue(values.contains(aliasName));
    // ensure the alias is removed from all the DLs
    values = dl1.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
    assertFalse(values.contains(aliasName));
    values = dl2.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
    assertFalse(values.contains(aliasName));
    // ensure the alias entry is removed (should have been removed when we hacked to unbind it)
    List<NamedEntry> aliases = searchAliasesInDomain(domain);
    assertEquals(aliases.size(), 0);
}
Also used : Account(com.zimbra.cs.account.Account) HashMap(java.util.HashMap) LdapEntry(com.zimbra.cs.account.ldap.entry.LdapEntry) LdapProv(com.zimbra.cs.account.ldap.LdapProv) NamedEntry(com.zimbra.cs.account.NamedEntry) DistributionList(com.zimbra.cs.account.DistributionList) List(java.util.List) Domain(com.zimbra.cs.account.Domain) DistributionList(com.zimbra.cs.account.DistributionList)

Example 29 with DistributionList

use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.

the class TestProvAlias method testRemoveAlias_entryNotExist_aliasExist_aliasPointToNonExistEntry.

//
// C - alias points to a non-existing entry
//
@Test
public void testRemoveAlias_entryNotExist_aliasExist_aliasPointToNonExistEntry() throws Exception {
    String testName = getTestName();
    // create the domain
    String domainName = "EN-AE-aliasPointToNonExistEntry" + "." + BASE_DOMAIN_NAME;
    domainName = domainName.toLowerCase();
    Map<String, Object> attrs = new HashMap<String, Object>();
    attrs.put(Provisioning.A_zimbraDomainType, Provisioning.DomainType.local.name());
    Domain domain = prov.createDomain(domainName, attrs);
    // create the account
    String acctName = getEmail("acct-1", domainName);
    Account acct = prov.createAccount(acctName, PASSWORD, new HashMap<String, Object>());
    // add an alias to the account
    String aliasName = getEmail("alias-1", domainName);
    prov.addAlias(acct, aliasName);
    // create 2 DLs
    String dl1Name = getEmail("dl-1", domainName);
    DistributionList dl1 = prov.createDistributionList(dl1Name, new HashMap<String, Object>());
    String dl2Name = getEmail("dl-2", domainName);
    DistributionList dl2 = prov.createDistributionList(dl2Name, new HashMap<String, Object>());
    // add the alias to the two DLs
    prov.addMembers(dl1, new String[] { aliasName });
    prov.addMembers(dl2, new String[] { aliasName });
    // now, hack it so the alias points to a non-existing entry
    {
        Map<String, Object> attributes = new HashMap<String, Object>();
        attributes.put(Provisioning.A_zimbraAliasTargetId, LdapUtil.generateUUID());
        List<NamedEntry> aliases = searchAliasesInDomain(domain);
        assertEquals(aliases.size(), 1);
        LdapEntry ldapAlias = (LdapEntry) aliases.get(0);
        ((LdapProv) prov).getHelper().modifyEntry(ldapAlias.getDN(), attributes, (Entry) ldapAlias, LdapUsage.UNITTEST);
    }
    Account nonExistingAcct = null;
    // remove the alias, on a "not found" account, and the alias is pointing to a non-existing entry
    // we should *not* get the NO_SUCH_ALIAS exception
    prov.removeAlias(nonExistingAcct, aliasName);
    // reload all entries
    prov.reload(acct);
    prov.reload(dl1);
    prov.reload(dl2);
    Set<String> values;
    // ensure the alias is still on the account's mail/zimbraMailAlias attrs
    // because there is no ref to this account so there is no way to remove them
    // (note, to remove them, A - aliasPointToNonExistEntry is the test for this)
    values = acct.getMultiAttrSet(Provisioning.A_mail);
    assertTrue(values.contains(aliasName));
    values = acct.getMultiAttrSet(Provisioning.A_zimbraMailAlias);
    assertTrue(values.contains(aliasName));
    // ensure the alias is removed from all the DLs
    values = dl1.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
    assertFalse(values.contains(aliasName));
    values = dl2.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
    assertFalse(values.contains(aliasName));
    // ensure the alias entry is removed
    List<NamedEntry> aliases = searchAliasesInDomain(domain);
    assertEquals(aliases.size(), 0);
}
Also used : Account(com.zimbra.cs.account.Account) HashMap(java.util.HashMap) LdapEntry(com.zimbra.cs.account.ldap.entry.LdapEntry) LdapProv(com.zimbra.cs.account.ldap.LdapProv) NamedEntry(com.zimbra.cs.account.NamedEntry) NamedEntry(com.zimbra.cs.account.NamedEntry) CacheEntry(com.zimbra.cs.account.Provisioning.CacheEntry) Entry(com.zimbra.cs.account.Entry) LdapEntry(com.zimbra.cs.account.ldap.entry.LdapEntry) DistributionList(com.zimbra.cs.account.DistributionList) List(java.util.List) Domain(com.zimbra.cs.account.Domain) HashMap(java.util.HashMap) Map(java.util.Map) DistributionList(com.zimbra.cs.account.DistributionList)

Example 30 with DistributionList

use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.

the class TestProvAlias method testCreateAlias_aliasNameExistsButIsNotAnAlias.

@Test
public void testCreateAlias_aliasNameExistsButIsNotAnAlias() throws Exception {
    String testName = getTestName();
    // create the domain
    String domainName = underscoreToHyphen(testName) + "." + BASE_DOMAIN_NAME;
    domainName = domainName.toLowerCase();
    Map<String, Object> attrs = new HashMap<String, Object>();
    attrs.put(Provisioning.A_zimbraDomainType, Provisioning.DomainType.local.name());
    Domain domain = prov.createDomain(domainName, attrs);
    // create the account
    String acctName = getEmail("acct-1", domainName);
    Account acct = prov.createAccount(acctName, PASSWORD, new HashMap<String, Object>());
    // create another account
    String acct2Name = getEmail("acct-2", domainName);
    Account acct2 = prov.createAccount(acct2Name, PASSWORD, new HashMap<String, Object>());
    // create a distribution list
    String dlName = getEmail("dl", domainName);
    DistributionList dl = prov.createDistributionList(dlName, new HashMap<String, Object>());
    boolean good = false;
    try {
        prov.addAlias(acct, acct2Name);
    } catch (ServiceException e) {
        if (AccountServiceException.ACCOUNT_EXISTS.equals(e.getCode()))
            good = true;
    }
    assertTrue(good);
    try {
        prov.addAlias(acct, dlName);
    } catch (ServiceException e) {
        if (AccountServiceException.ACCOUNT_EXISTS.equals(e.getCode()))
            good = true;
    }
    assertTrue(good);
}
Also used : Account(com.zimbra.cs.account.Account) AccountServiceException(com.zimbra.cs.account.AccountServiceException) ServiceException(com.zimbra.common.service.ServiceException) HashMap(java.util.HashMap) Domain(com.zimbra.cs.account.Domain) DistributionList(com.zimbra.cs.account.DistributionList)

Aggregations

DistributionList (com.zimbra.cs.account.DistributionList)120 Account (com.zimbra.cs.account.Account)58 Domain (com.zimbra.cs.account.Domain)43 HashMap (java.util.HashMap)24 Test (org.junit.Test)24 Provisioning (com.zimbra.cs.account.Provisioning)22 NamedEntry (com.zimbra.cs.account.NamedEntry)18 HashSet (java.util.HashSet)18 ArrayList (java.util.ArrayList)14 ServiceException (com.zimbra.common.service.ServiceException)13 AccountServiceException (com.zimbra.cs.account.AccountServiceException)13 Right (com.zimbra.cs.account.accesscontrol.Right)12 DynamicGroup (com.zimbra.cs.account.DynamicGroup)10 LdapDistributionList (com.zimbra.cs.account.ldap.entry.LdapDistributionList)10 Group (com.zimbra.cs.account.Group)9 GuestAccount (com.zimbra.cs.account.GuestAccount)9 LdapProv (com.zimbra.cs.account.ldap.LdapProv)8 List (java.util.List)7 Entry (com.zimbra.cs.account.Entry)6 LdapEntry (com.zimbra.cs.account.ldap.entry.LdapEntry)6