Examples with DistributionList com.zimbra.cs.account.DistributionList used on opensource projects

Example 31 with DistributionList

use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.

the class TestDistListACL method testMilterExternalDomainSendToDL.

/**
     * "edom" GranteeType testing.  Check that a sender whose address has a domain which matches the
     * external domain will be able to send to the DL
     */
@Test
public void testMilterExternalDomainSendToDL() throws Exception {
    DistributionList dl = prov.createDistributionList(listAddress, new HashMap<String, Object>());
    String user1email = TestUtil.getAddress(USER_NAME);
    prov.grantRight("dl", TargetBy.name, listAddress, GranteeType.GT_EXT_DOMAIN.getCode(), GranteeBy.name, "example.test", null, /* secret */
    RightConsts.RT_sendToDistList, (RightModifier) null);
    ZimbraLog.test.info("DL name %s ID %s", dl.getName(), dl.getId());
    Group group = prov.getGroupBasic(Key.DistributionListBy.name, listAddress);
    Assert.assertNotNull("Unable to find Group object for DL by name", group);
    Assert.assertTrue("pete@example.test should be able to send to DL (in domain example.test)", accessMgr.canDo("pete@example.test", group, User.R_sendToDistList, false));
    Assert.assertFalse(String.format("%s should NOT be able to send to DL (in domain example.test)", user1email), accessMgr.canDo(user1email, group, User.R_sendToDistList, false));
}

Example 32 with DistributionList

use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.

the class TestDistListACL method testMilterEmailSendToDL.

/**
     * "email" GranteeType testing.
     * Sender must match the configured email address - address can be internal, dl, guest etc
     */
@Test
public void testMilterEmailSendToDL() throws Exception {
    DistributionList dl = prov.createDistributionList(listAddress, new HashMap<String, Object>());
    String guestName = "fred@example.test";
    prov.grantRight("dl", TargetBy.name, listAddress, GranteeType.GT_EMAIL.getCode(), GranteeBy.name, guestName, null, /* secret */
    RightConsts.RT_sendToDistList, (RightModifier) null);
    prov.createDistributionList(listAddress2, new HashMap<String, Object>());
    prov.grantRight("dl", TargetBy.name, listAddress, GranteeType.GT_EMAIL.getCode(), GranteeBy.name, listAddress2, null, /* secret */
    RightConsts.RT_sendToDistList, (RightModifier) null);
    String user1email = TestUtil.getAddress(USER_NAME);
    String user2email = TestUtil.getAddress(USER_NAME2);
    prov.grantRight("dl", TargetBy.name, listAddress, GranteeType.GT_EMAIL.getCode(), GranteeBy.name, user1email, null, /* secret */
    RightConsts.RT_sendToDistList, (RightModifier) null);
    doCheckSentToDistListEmailRight(dl, guestName, guestName, true);
    doCheckSentToDistListEmailRight(dl, "pete@example.test", guestName, false);
    doCheckSentToDistListEmailRight(dl, "FreD@example.test", guestName, true);
    doCheckSentToDistListEmailRight(dl, listAddress2, listAddress2, true);
    doCheckSentToDistListEmailRight(dl, listAddress, listAddress2, false);
    doCheckSentToDistListEmailRight(dl, user1email.toUpperCase(Locale.ENGLISH), user1email, true);
    doCheckSentToDistListEmailRight(dl, user2email, user1email, false);
    prov.revokeRight("dl", TargetBy.name, listAddress, GranteeType.GT_EMAIL.getCode(), GranteeBy.name, guestName, RightConsts.RT_sendToDistList, (RightModifier) null);
    prov.revokeRight("dl", TargetBy.name, listAddress, GranteeType.GT_EMAIL.getCode(), GranteeBy.name, listAddress2, RightConsts.RT_sendToDistList, (RightModifier) null);
    prov.revokeRight("dl", TargetBy.name, listAddress, GranteeType.GT_EMAIL.getCode(), GranteeBy.name, user1email, RightConsts.RT_sendToDistList, (RightModifier) null);
    doCheckSentToDistListEmailRight(dl, user2email, "no grants in place", true);
}

Example 33 with DistributionList

use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.

the class GrantRights method handleACE.

/**
     * @param eACE
     * @param zsc
     * @param granting true if granting, false if revoking
     * @return
     * @throws ServiceException
     */
static ZimbraACE handleACE(Element eACE, ZimbraSoapContext zsc, boolean granting) throws ServiceException {
    /*
         * Interface and parameter checking style was modeled after FolderAction, 
         * not admin Grant/RevokeRight
         */
    Right right = RightManager.getInstance().getUserRight(eACE.getAttribute(AccountConstants.A_RIGHT));
    GranteeType gtype = GranteeType.fromCode(eACE.getAttribute(AccountConstants.A_GRANT_TYPE));
    String zid = eACE.getAttribute(AccountConstants.A_ZIMBRA_ID, null);
    boolean deny = eACE.getAttributeBool(AccountConstants.A_DENY, false);
    boolean checkGranteeType = eACE.getAttributeBool(AccountConstants.A_CHECK_GRANTEE_TYPE, false);
    String secret = null;
    NamedEntry nentry = null;
    if (gtype == GranteeType.GT_AUTHUSER) {
        zid = GuestAccount.GUID_AUTHUSER;
    } else if (gtype == GranteeType.GT_PUBLIC) {
        zid = GuestAccount.GUID_PUBLIC;
    } else if (gtype == GranteeType.GT_GUEST) {
        zid = eACE.getAttribute(AccountConstants.A_DISPLAY);
        if (zid == null || zid.indexOf('@') < 0)
            throw ServiceException.INVALID_REQUEST("invalid guest id or password", null);
        // make sure they didn't accidentally specify "guest" instead of "usr"
        try {
            nentry = lookupGranteeByName(zid, GranteeType.GT_USER, zsc);
            zid = nentry.getId();
            gtype = nentry instanceof DistributionList ? GranteeType.GT_GROUP : GranteeType.GT_USER;
        } catch (ServiceException e) {
            // this is the normal path, where lookupGranteeByName throws account.NO_SUCH_USER
            secret = eACE.getAttribute(AccountConstants.A_PASSWORD);
        }
    } else if (gtype == GranteeType.GT_KEY) {
        zid = eACE.getAttribute(AccountConstants.A_DISPLAY);
        // unlike guest, we do not require the display name to be an email address
        /*
            if (zid == null || zid.indexOf('@') < 0)
                throw ServiceException.INVALID_REQUEST("invalid guest id or key", null);
            */
        // unlike guest, we do not fixup grantee type for key grantees if they specify an internal user
        // get the optional accesskey
        secret = eACE.getAttribute(AccountConstants.A_ACCESSKEY, null);
    } else if (zid != null) {
        nentry = lookupGranteeByZimbraId(zid, gtype, granting);
    } else {
        nentry = lookupGranteeByName(eACE.getAttribute(AccountConstants.A_DISPLAY), gtype, zsc);
        zid = nentry.getId();
        // make sure they didn't accidentally specify "usr" instead of "grp"
        if (gtype == GranteeType.GT_USER && nentry instanceof Group) {
            if (checkGranteeType) {
                throw AccountServiceException.INVALID_REQUEST(eACE.getAttribute(AccountConstants.A_DISPLAY) + " is not a valid grantee for grantee type '" + gtype.getCode() + "'.", null);
            } else {
                gtype = GranteeType.GT_GROUP;
            }
        }
    }
    RightModifier rightModifier = null;
    if (deny)
        rightModifier = RightModifier.RM_DENY;
    return new ZimbraACE(zid, gtype, right, rightModifier, secret);
}

Example 34 with DistributionList

use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.

the class TestProvAlias method testRemoveAlias_entryNotExist_aliasNotExist.

//
// D
//
@Test
public void testRemoveAlias_entryNotExist_aliasNotExist() throws Exception {
    String testName = getTestName();
    // create the domain
    String domainName = "EN-AN" + "." + BASE_DOMAIN_NAME;
    domainName = domainName.toLowerCase();
    Map<String, Object> attrs = new HashMap<String, Object>();
    attrs.put(Provisioning.A_zimbraDomainType, Provisioning.DomainType.local.name());
    Domain domain = prov.createDomain(domainName, attrs);
    // create the account
    String acctName = getEmail("acct-1", domainName);
    Account acct = prov.createAccount(acctName, PASSWORD, new HashMap<String, Object>());
    // add an alias to the account
    String aliasName = getEmail("alias-1", domainName);
    prov.addAlias(acct, aliasName);
    // create 2 DLs
    String dl1Name = getEmail("dl-1", domainName);
    DistributionList dl1 = prov.createDistributionList(dl1Name, new HashMap<String, Object>());
    String dl2Name = getEmail("dl-2", domainName);
    DistributionList dl2 = prov.createDistributionList(dl2Name, new HashMap<String, Object>());
    // add the alias to the two DLs
    prov.addMembers(dl1, new String[] { aliasName });
    prov.addMembers(dl2, new String[] { aliasName });
    // now, hack it to delete the alias entry
    {
        List<NamedEntry> aliases = searchAliasesInDomain(domain);
        assertEquals(aliases.size(), 1);
        LdapEntry ldapAlias = (LdapEntry) aliases.get(0);
        String aliasDn = ldapAlias.getDN();
        ((LdapProv) prov).getHelper().deleteEntry(aliasDn, LdapUsage.UNITTEST);
    }
    Account nonExistingAcct = null;
    // remove the alias
    // we should *not* get a NO_SUCH_ALIAS exception
    prov.removeAlias(nonExistingAcct, aliasName);
    // reload all entries
    prov.reload(acct);
    prov.reload(dl1);
    prov.reload(dl2);
    Set<String> values;
    // ensure the alias is still on the account's mail/zimbraMailAlias attrs
    values = acct.getMultiAttrSet(Provisioning.A_mail);
    assertTrue(values.contains(aliasName));
    values = acct.getMultiAttrSet(Provisioning.A_zimbraMailAlias);
    assertTrue(values.contains(aliasName));
    // ensure the alias is removed from all the DLs
    values = dl1.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
    assertFalse(values.contains(aliasName));
    values = dl2.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
    assertFalse(values.contains(aliasName));
    // ensure the alias entry is removed (should have been removed when we hacked to unbind it)
    List<NamedEntry> aliases = searchAliasesInDomain(domain);
    assertEquals(aliases.size(), 0);
}

Example 35 with DistributionList

use of com.zimbra.cs.account.DistributionList in project zm-mailbox by Zimbra.

the class TestProvAlias method testRemoveAlias_entryNotExist_aliasExist_aliasPointToNonExistEntry.

//
// C - alias points to a non-existing entry
//
@Test
public void testRemoveAlias_entryNotExist_aliasExist_aliasPointToNonExistEntry() throws Exception {
    String testName = getTestName();
    // create the domain
    String domainName = "EN-AE-aliasPointToNonExistEntry" + "." + BASE_DOMAIN_NAME;
    domainName = domainName.toLowerCase();
    Map<String, Object> attrs = new HashMap<String, Object>();
    attrs.put(Provisioning.A_zimbraDomainType, Provisioning.DomainType.local.name());
    Domain domain = prov.createDomain(domainName, attrs);
    // create the account
    String acctName = getEmail("acct-1", domainName);
    Account acct = prov.createAccount(acctName, PASSWORD, new HashMap<String, Object>());
    // add an alias to the account
    String aliasName = getEmail("alias-1", domainName);
    prov.addAlias(acct, aliasName);
    // create 2 DLs
    String dl1Name = getEmail("dl-1", domainName);
    DistributionList dl1 = prov.createDistributionList(dl1Name, new HashMap<String, Object>());
    String dl2Name = getEmail("dl-2", domainName);
    DistributionList dl2 = prov.createDistributionList(dl2Name, new HashMap<String, Object>());
    // add the alias to the two DLs
    prov.addMembers(dl1, new String[] { aliasName });
    prov.addMembers(dl2, new String[] { aliasName });
    // now, hack it so the alias points to a non-existing entry
    {
        Map<String, Object> attributes = new HashMap<String, Object>();
        attributes.put(Provisioning.A_zimbraAliasTargetId, LdapUtil.generateUUID());
        List<NamedEntry> aliases = searchAliasesInDomain(domain);
        assertEquals(aliases.size(), 1);
        LdapEntry ldapAlias = (LdapEntry) aliases.get(0);
        ((LdapProv) prov).getHelper().modifyEntry(ldapAlias.getDN(), attributes, (Entry) ldapAlias, LdapUsage.UNITTEST);
    }
    Account nonExistingAcct = null;
    // remove the alias, on a "not found" account, and the alias is pointing to a non-existing entry
    // we should *not* get the NO_SUCH_ALIAS exception
    prov.removeAlias(nonExistingAcct, aliasName);
    // reload all entries
    prov.reload(acct);
    prov.reload(dl1);
    prov.reload(dl2);
    Set<String> values;
    // ensure the alias is still on the account's mail/zimbraMailAlias attrs
    // because there is no ref to this account so there is no way to remove them
    // (note, to remove them, A - aliasPointToNonExistEntry is the test for this)
    values = acct.getMultiAttrSet(Provisioning.A_mail);
    assertTrue(values.contains(aliasName));
    values = acct.getMultiAttrSet(Provisioning.A_zimbraMailAlias);
    assertTrue(values.contains(aliasName));
    // ensure the alias is removed from all the DLs
    values = dl1.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
    assertFalse(values.contains(aliasName));
    values = dl2.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
    assertFalse(values.contains(aliasName));
    // ensure the alias entry is removed
    List<NamedEntry> aliases = searchAliasesInDomain(domain);
    assertEquals(aliases.size(), 0);
}