Search in sources :

Example 6 with DynamicGroup

use of com.zimbra.cs.account.DynamicGroup in project zm-mailbox by Zimbra.

the class GetDistributionList method handle.

@Override
public Element handle(Element request, Map<String, Object> context) throws ServiceException {
    ZimbraSoapContext zsc = getZimbraSoapContext(context);
    GetDistributionListRequest req = JaxbUtil.elementToJaxb(request);
    int limit = (req.getLimit() == null) ? 0 : req.getLimit();
    if (limit < 0) {
        throw ServiceException.INVALID_REQUEST("limit" + limit + " is negative", null);
    }
    int offset = (req.getOffset() == null) ? 0 : req.getOffset();
    if (offset < 0) {
        throw ServiceException.INVALID_REQUEST("offset" + offset + " is negative", null);
    }
    boolean sortAscending = !Boolean.FALSE.equals(req.isSortAscending());
    Set<String> reqAttrs = getReqAttrs(req.getAttrs(), AttributeClass.distributionList);
    DistributionListSelector dlSel = req.getDl();
    DistributionListBy dlBy = dlSel.getBy().toKeyDistributionListBy();
    AttrRightChecker arc = null;
    Group group = getGroupFromContext(context);
    if (group == null) {
        if (DistributionListBy.name.equals(dlBy)) {
            Entry pseudoTarget = pseudoTargetInSameDomainAsEmail(TargetType.dl, dlSel.getKey());
            if (null != pseudoTarget) {
                AdminAccessControl aac = checkDistributionListRight(zsc, (DistributionList) pseudoTarget, AdminRight.PR_ALWAYS_ALLOW);
                arc = aac.getAttrRightChecker(pseudoTarget);
            }
        }
        if (arc != null) {
            defendAgainstGroupHarvestingWhenAbsent(dlBy, dlSel.getKey(), zsc, new GroupHarvestingCheckerUsingGetAttrsPerms(zsc, arc, Arrays.asList(minimumAttrs)));
        } else {
            defendAgainstGroupHarvestingWhenAbsent(dlBy, dlSel.getKey(), zsc, Admin.R_getDistributionList);
        }
    } else if (group.isDynamic()) {
        AdminAccessControl aac = checkDynamicGroupRight(zsc, (DynamicGroup) group, AdminRight.PR_ALWAYS_ALLOW);
        arc = aac.getAttrRightChecker(group);
    } else {
        AdminAccessControl aac = checkDistributionListRight(zsc, (DistributionList) group, AdminRight.PR_ALWAYS_ALLOW);
        arc = aac.getAttrRightChecker(group);
    }
    defendAgainstGroupHarvesting(group, dlBy, dlSel.getKey(), zsc, new GroupHarvestingCheckerUsingGetAttrsPerms(zsc, arc, Arrays.asList(minimumAttrs)));
    Element response = zsc.createElement(AdminConstants.GET_DISTRIBUTION_LIST_RESPONSE);
    Element eDL = encodeDistributionList(response, group, true, false, reqAttrs, arc);
    // return member info only if the authed has right to see zimbraMailForwardingAddress
    boolean allowMembers = true;
    if (group.isDynamic()) {
        allowMembers = arc == null ? true : arc.allowAttr(Provisioning.A_member);
    } else {
        allowMembers = arc == null ? true : arc.allowAttr(Provisioning.A_zimbraMailForwardingAddress);
    }
    if (allowMembers) {
        encodeMembers(response, eDL, group, offset, limit, sortAscending);
    }
    return response;
}
Also used : DynamicGroup(com.zimbra.cs.account.DynamicGroup) Group(com.zimbra.cs.account.Group) DynamicGroup(com.zimbra.cs.account.DynamicGroup) DistributionListBy(com.zimbra.common.account.Key.DistributionListBy) Element(com.zimbra.common.soap.Element) DistributionListSelector(com.zimbra.soap.admin.type.DistributionListSelector) GetDistributionListRequest(com.zimbra.soap.admin.message.GetDistributionListRequest) AttrRightChecker(com.zimbra.cs.account.AccessManager.AttrRightChecker) Entry(com.zimbra.cs.account.Entry) ZimbraSoapContext(com.zimbra.soap.ZimbraSoapContext) DistributionList(com.zimbra.cs.account.DistributionList)

Example 7 with DynamicGroup

use of com.zimbra.cs.account.DynamicGroup in project zm-mailbox by Zimbra.

the class TestProv method createDynamicGroup.

private DynamicGroup createDynamicGroup(String localpart, Domain domain, Map<String, Object> attrs) throws Exception {
    if (domain == null) {
        domain = createDomain();
    }
    String email = localpart + "@" + domain.getName();
    DynamicGroup dynGroup = mProv.createDynamicGroup(email, attrs);
    mCreatedEntries.add(dynGroup);
    return dynGroup;
}
Also used : DynamicGroup(com.zimbra.cs.account.DynamicGroup)

Example 8 with DynamicGroup

use of com.zimbra.cs.account.DynamicGroup in project zm-mailbox by Zimbra.

the class TestLdapProvRenameDomain method populateDomain.

/*
     * create and setup entries in the domain
     */
private void populateDomain(int domainIdx) throws Exception {
    Names.IDNName domainName = new Names.IDNName(DOMAIN_NAME(domainIdx));
    System.out.println("setupDomain: " + domainName.uName());
    // create accounts and their aliases
    for (int a = 0; a < NUM_ACCOUNTS; a++) {
        Account acct = createAccount(ACCOUNT_NAME(a, domainIdx), domainName);
        for (int d = 0; d < NUM_DOMAINS; d++) prov.addAlias(acct, ACCOUNT_ALIAS_NAME(a, domainIdx, d));
        String[] signatureIds = createSignatures(acct);
        createIdentities(acct, signatureIds);
        createDataSources(acct, signatureIds);
    }
    // create nested dls and their aliases
    for (int nd = 0; nd < NUM_DLS_NESTED; nd++) {
        Map<String, Object> dlAttrs = new HashMap<String, Object>();
        DistributionList dl = prov.createDistributionList(NESTED_DL_NAME(nd, domainIdx), dlAttrs);
        for (int d = 0; d < NUM_DOMAINS; d++) {
            prov.addAlias(dl, NESTED_DL_ALIAS_NAME(nd, domainIdx, d));
        }
    }
    // create top dls and their aliases
    for (int td = 0; td < NUM_DLS_TOP; td++) {
        Map<String, Object> dlAttrs = new HashMap<String, Object>();
        DistributionList dl = prov.createDistributionList(TOP_DL_NAME(td, domainIdx), dlAttrs);
        for (int d = 0; d < NUM_DOMAINS; d++) {
            prov.addAlias(dl, TOP_DL_ALIAS_NAME(td, domainIdx, d));
        }
    }
    // create dynamic groups and their aliases
    for (int dg = 0; dg < NUM_DYNAMIC_GROUPS; dg++) {
        Map<String, Object> dlAttrs = new HashMap<String, Object>();
        DynamicGroup dynGroup = prov.createDynamicGroup(DYNAMIC_GROUP_NAME(dg, domainIdx), dlAttrs);
        for (int d = 0; d < NUM_DOMAINS; d++) {
            prov.addGroupAlias(dynGroup, DYNAMIC_GROUP_ALIAS_NAME(dg, domainIdx, d));
        }
    }
}
Also used : Names(com.zimbra.qa.unittest.prov.Names) Account(com.zimbra.cs.account.Account) DynamicGroup(com.zimbra.cs.account.DynamicGroup) HashMap(java.util.HashMap) DistributionList(com.zimbra.cs.account.DistributionList)

Example 9 with DynamicGroup

use of com.zimbra.cs.account.DynamicGroup in project zm-mailbox by Zimbra.

the class TestLdapProvSearchDirectory method dnSubtreeMatchFilter.

@Test
public void dnSubtreeMatchFilter() throws Exception {
    String SUB_DOMAIN_BASE = genDomainSegmentName() + "." + baseDomainName();
    String SUB_DOMAIN_NAME = "sub." + SUB_DOMAIN_BASE;
    Domain subDomain = provUtil.createDomain(SUB_DOMAIN_NAME);
    String SUB_SUB_DOMAIN_NAME = "sub." + SUB_DOMAIN_NAME;
    Domain subSubDomain = provUtil.createDomain(SUB_SUB_DOMAIN_NAME);
    // create objects in subDomain
    Account acct = provUtil.createAccount(genAcctNameLocalPart("acct"), subDomain);
    DistributionList dl = provUtil.createDistributionList(genGroupNameLocalPart("dl"), subDomain);
    DynamicGroup dg = provUtil.createDynamicGroup(genGroupNameLocalPart("dg"), subDomain);
    // create objects in subSubDomain
    Account acctSub = provUtil.createAccount(genAcctNameLocalPart("acct"), subSubDomain);
    DistributionList dlSub = provUtil.createDistributionList(genGroupNameLocalPart("dl"), subSubDomain);
    DynamicGroup dgSub = provUtil.createDynamicGroup(genGroupNameLocalPart("dg"), subSubDomain);
    SearchDirectoryOptions options;
    List<NamedEntry> entries;
    try {
        SKIP_FOR_INMEM_LDAP_SERVER(SkipTestReason.DN_SUBTREE_MATCH_FILTER);
        // do not specify a domain, so DnSubtreeMatchFilter won't be appened again in Ldapprovisioning
        options = new SearchDirectoryOptions();
        options.setTypes(ObjectType.accounts, ObjectType.distributionlists, ObjectType.dynamicgroups);
        options.setSortOpt(SortOpt.SORT_ASCENDING);
        options.setFilterString(FilterId.UNITTEST, ((LdapDomain) subDomain).getDnSubtreeMatchFilter().toFilterString());
        entries = prov.searchDirectory(options);
        Verify.verifyEquals(Lists.newArrayList(acct, dg, dl), entries, true);
    } catch (ProvTest.SkippedForInMemLdapServerException e) {
    }
    // specify a domain, search for accounts, distribution lists, and dynamic groups
    options = new SearchDirectoryOptions(subDomain);
    options.setTypes(ObjectType.accounts, ObjectType.distributionlists, ObjectType.dynamicgroups);
    options.setSortOpt(SortOpt.SORT_ASCENDING);
    options.setFilterString(FilterId.UNITTEST, null);
    entries = prov.searchDirectory(options);
    Verify.verifyEquals(Lists.newArrayList(acct, dg, dl), entries, true);
    // specify a domain, search for accounts, distribution lists
    options = new SearchDirectoryOptions(subDomain);
    options.setTypes(ObjectType.accounts, ObjectType.distributionlists);
    options.setSortOpt(SortOpt.SORT_ASCENDING);
    options.setFilterString(FilterId.UNITTEST, null);
    entries = prov.searchDirectory(options);
    Verify.verifyEquals(Lists.newArrayList(acct, dl), entries, true);
    // specify a domain, search for dynamic groups
    options = new SearchDirectoryOptions(subDomain);
    options.setTypes(ObjectType.dynamicgroups);
    options.setSortOpt(SortOpt.SORT_ASCENDING);
    options.setFilterString(FilterId.UNITTEST, null);
    entries = prov.searchDirectory(options);
    Verify.verifyEquals(Lists.newArrayList(dg), entries, true);
    // specify a domain, search for accounts and dynamic groups
    options = new SearchDirectoryOptions(subDomain);
    options.setTypes(ObjectType.accounts, ObjectType.dynamicgroups);
    options.setSortOpt(SortOpt.SORT_ASCENDING);
    options.setFilterString(FilterId.UNITTEST, null);
    entries = prov.searchDirectory(options);
    Verify.verifyEquals(Lists.newArrayList(acct, dg), entries, true);
    // cleanup
    deleteAccount(acct);
    deleteGroup(dl);
    deleteGroup(dg);
    deleteAccount(acctSub);
    deleteGroup(dlSub);
    deleteGroup(dgSub);
    deleteDomain(subSubDomain);
    deleteDomain(subDomain);
}
Also used : Account(com.zimbra.cs.account.Account) DynamicGroup(com.zimbra.cs.account.DynamicGroup) SearchDirectoryOptions(com.zimbra.cs.account.SearchDirectoryOptions) NamedEntry(com.zimbra.cs.account.NamedEntry) LdapDomain(com.zimbra.cs.account.ldap.entry.LdapDomain) Domain(com.zimbra.cs.account.Domain) LdapDomain(com.zimbra.cs.account.ldap.entry.LdapDomain) DistributionList(com.zimbra.cs.account.DistributionList) ProvTest(com.zimbra.qa.unittest.prov.ProvTest) ProvTest(com.zimbra.qa.unittest.prov.ProvTest)

Example 10 with DynamicGroup

use of com.zimbra.cs.account.DynamicGroup in project zm-mailbox by Zimbra.

the class TestLdapProvSearchDirectory method searchAliasTarget.

@Test
public void searchAliasTarget() throws Exception {
    Account acct = createAccount(genAcctNameLocalPart("acct"));
    CalendarResource cr = createCalendarResource(genAcctNameLocalPart("cr"));
    DistributionList dl = createDistributionList(genGroupNameLocalPart("dl"));
    DynamicGroup dg = createDynamicGroup(genGroupNameLocalPart("dg"));
    // prepend a digit so the order returned from SearchDirectory is predictable
    prov.addAlias(acct, TestUtil.getAddress("1-acct-alias", domain.getName()));
    prov.addAlias(cr, TestUtil.getAddress("2-cr-alias", domain.getName()));
    prov.addGroupAlias(dl, TestUtil.getAddress("3-dl-alias", domain.getName()));
    prov.addGroupAlias(dg, TestUtil.getAddress("4-dg-alias", domain.getName()));
    SearchDirectoryOptions options = new SearchDirectoryOptions(domain);
    options.setTypes(ObjectType.aliases);
    options.setSortOpt(SortOpt.SORT_ASCENDING);
    options.setFilterString(FilterId.UNITTEST, null);
    List<NamedEntry> aliases = prov.searchDirectory(options);
    assertEquals(4, aliases.size());
    Alias acctAlias = (Alias) aliases.get(0);
    Alias crAlias = (Alias) aliases.get(1);
    Alias dlAlias = (Alias) aliases.get(2);
    Alias dgAlias = (Alias) aliases.get(3);
    NamedEntry acctAliasTarget = prov.searchAliasTarget(acctAlias, true);
    assertEquals(acct.getId(), acctAliasTarget.getId());
    NamedEntry crAliasTarget = prov.searchAliasTarget(crAlias, true);
    assertEquals(cr.getId(), crAliasTarget.getId());
    NamedEntry dlAliasTarget = prov.searchAliasTarget(dlAlias, true);
    assertEquals(dl.getId(), dlAliasTarget.getId());
    NamedEntry dgAliasTarget = prov.searchAliasTarget(dgAlias, true);
    assertEquals(dg.getId(), dgAliasTarget.getId());
    deleteAccount(acct);
    deleteAccount(cr);
    deleteGroup(dl);
    deleteGroup(dg);
}
Also used : Account(com.zimbra.cs.account.Account) DynamicGroup(com.zimbra.cs.account.DynamicGroup) SearchDirectoryOptions(com.zimbra.cs.account.SearchDirectoryOptions) NamedEntry(com.zimbra.cs.account.NamedEntry) Alias(com.zimbra.cs.account.Alias) CalendarResource(com.zimbra.cs.account.CalendarResource) DistributionList(com.zimbra.cs.account.DistributionList) ProvTest(com.zimbra.qa.unittest.prov.ProvTest)

Aggregations

DynamicGroup (com.zimbra.cs.account.DynamicGroup)24 LdapDynamicGroup (com.zimbra.cs.account.ldap.entry.LdapDynamicGroup)10 ServiceException (com.zimbra.common.service.ServiceException)9 Account (com.zimbra.cs.account.Account)9 DistributionList (com.zimbra.cs.account.DistributionList)9 Group (com.zimbra.cs.account.Group)7 Test (org.junit.Test)7 Domain (com.zimbra.cs.account.Domain)6 NamedEntry (com.zimbra.cs.account.NamedEntry)6 LdapDomain (com.zimbra.cs.account.ldap.entry.LdapDomain)5 HashMap (java.util.HashMap)5 Entry (com.zimbra.cs.account.Entry)4 GuestAccount (com.zimbra.cs.account.GuestAccount)3 SearchDirectoryOptions (com.zimbra.cs.account.SearchDirectoryOptions)3 ProvTest (com.zimbra.qa.unittest.prov.ProvTest)3 Element (com.zimbra.common.soap.Element)2 Provisioning (com.zimbra.cs.account.Provisioning)2 Names (com.zimbra.qa.unittest.prov.Names)2 ZimbraSoapContext (com.zimbra.soap.ZimbraSoapContext)2 HashSet (java.util.HashSet)2