Example 36 with Group
use of com.zimbra.cs.account.Group in project zm-mailbox by Zimbra.
the class DistributionListDocumentHandler method getGroupBasic.
protected Group getGroupBasic(Element request, Provisioning prov) throws ServiceException {
Element eDL = request.getElement(AccountConstants.E_DL);
String key = eDL.getAttribute(AccountConstants.A_BY);
String value = eDL.getText();
Group group = prov.getGroupBasic(Key.DistributionListBy.fromString(key), value);
if (group == null) {
throw AccountServiceException.NO_SUCH_DISTRIBUTION_LIST(value);
}
return group;
}Example 37 with Group
use of com.zimbra.cs.account.Group in project zm-mailbox by Zimbra.
the class GrantRights method handleACE.
/**
* @param eACE
* @param zsc
* @param granting true if granting, false if revoking
* @return
* @throws ServiceException
*/
static ZimbraACE handleACE(Element eACE, ZimbraSoapContext zsc, boolean granting) throws ServiceException {
/*
* Interface and parameter checking style was modeled after FolderAction,
* not admin Grant/RevokeRight
*/
Right right = RightManager.getInstance().getUserRight(eACE.getAttribute(AccountConstants.A_RIGHT));
GranteeType gtype = GranteeType.fromCode(eACE.getAttribute(AccountConstants.A_GRANT_TYPE));
String zid = eACE.getAttribute(AccountConstants.A_ZIMBRA_ID, null);
boolean deny = eACE.getAttributeBool(AccountConstants.A_DENY, false);
boolean checkGranteeType = eACE.getAttributeBool(AccountConstants.A_CHECK_GRANTEE_TYPE, false);
String secret = null;
NamedEntry nentry = null;
if (gtype == GranteeType.GT_AUTHUSER) {
zid = GuestAccount.GUID_AUTHUSER;
} else if (gtype == GranteeType.GT_PUBLIC) {
zid = GuestAccount.GUID_PUBLIC;
} else if (gtype == GranteeType.GT_GUEST) {
zid = eACE.getAttribute(AccountConstants.A_DISPLAY);
if (zid == null || zid.indexOf('@') < 0)
throw ServiceException.INVALID_REQUEST("invalid guest id or password", null);
// make sure they didn't accidentally specify "guest" instead of "usr"
try {
nentry = lookupGranteeByName(zid, GranteeType.GT_USER, zsc);
zid = nentry.getId();
gtype = nentry instanceof DistributionList ? GranteeType.GT_GROUP : GranteeType.GT_USER;
} catch (ServiceException e) {
// this is the normal path, where lookupGranteeByName throws account.NO_SUCH_USER
secret = eACE.getAttribute(AccountConstants.A_PASSWORD);
}
} else if (gtype == GranteeType.GT_KEY) {
zid = eACE.getAttribute(AccountConstants.A_DISPLAY);
// unlike guest, we do not require the display name to be an email address
/*
if (zid == null || zid.indexOf('@') < 0)
throw ServiceException.INVALID_REQUEST("invalid guest id or key", null);
*/
// unlike guest, we do not fixup grantee type for key grantees if they specify an internal user
// get the optional accesskey
secret = eACE.getAttribute(AccountConstants.A_ACCESSKEY, null);
} else if (zid != null) {
nentry = lookupGranteeByZimbraId(zid, gtype, granting);
} else {
nentry = lookupGranteeByName(eACE.getAttribute(AccountConstants.A_DISPLAY), gtype, zsc);
zid = nentry.getId();
// make sure they didn't accidentally specify "usr" instead of "grp"
if (gtype == GranteeType.GT_USER && nentry instanceof Group) {
if (checkGranteeType) {
throw AccountServiceException.INVALID_REQUEST(eACE.getAttribute(AccountConstants.A_DISPLAY) + " is not a valid grantee for grantee type '" + gtype.getCode() + "'.", null);
} else {
gtype = GranteeType.GT_GROUP;
}
}
}
RightModifier rightModifier = null;
if (deny)
rightModifier = RightModifier.RM_DENY;
return new ZimbraACE(zid, gtype, right, rightModifier, secret);
}
Also used :
ZimbraACE(com.zimbra.cs.account.accesscontrol.ZimbraACE)
NamedEntry(com.zimbra.cs.account.NamedEntry)
Group(com.zimbra.cs.account.Group)
GranteeType(com.zimbra.cs.account.accesscontrol.GranteeType)
AccountServiceException(com.zimbra.cs.account.AccountServiceException)
ServiceException(com.zimbra.common.service.ServiceException)
Right(com.zimbra.cs.account.accesscontrol.Right)
RightModifier(com.zimbra.cs.account.accesscontrol.RightModifier)
DistributionList(com.zimbra.cs.account.DistributionList)
Example 38 with Group
use of com.zimbra.cs.account.Group in project zm-mailbox by Zimbra.
the class GetDistributionList method handle.
public Element handle(Element request, Map<String, Object> context) throws ServiceException {
ZimbraSoapContext zsc = getZimbraSoapContext(context);
Provisioning prov = Provisioning.getInstance();
Account acct = getAuthenticatedAccount(zsc);
Element response = zsc.createElement(AccountConstants.GET_DISTRIBUTION_LIST_RESPONSE);
Group group = getGroupBasic(request, prov);
GetDistributionListHandler handler = new GetDistributionListHandler(group, request, response, prov, acct);
handler.handle();
return response;
}
Also used :
Account(com.zimbra.cs.account.Account)
Group(com.zimbra.cs.account.Group)
ZimbraSoapContext(com.zimbra.soap.ZimbraSoapContext)
Element(com.zimbra.common.soap.Element)
Provisioning(com.zimbra.cs.account.Provisioning)
Example 39 with Group
use of com.zimbra.cs.account.Group in project zm-mailbox by Zimbra.
the class GetAccountDistributionLists method handle.
@Override
public Element handle(Element request, Map<String, Object> context) throws ServiceException {
ZimbraSoapContext zsc = getZimbraSoapContext(context);
Account acct = getRequestedAccount(zsc);
Provisioning prov = Provisioning.getInstance();
if (!canAccessAccount(zsc, acct)) {
throw ServiceException.PERM_DENIED("can not access account");
}
boolean needOwnerOf = request.getAttributeBool(AccountConstants.A_OWNER_OF, false);
MemberOfSelector needMemberOf = MemberOfSelector.fromString(request.getAttribute(AccountConstants.A_MEMBER_OF, MemberOfSelector.directOnly.name()));
Iterable<String> needAttrs = Splitter.on(',').trimResults().split(request.getAttribute(AccountConstants.A_ATTRS, ""));
Set<Group> ownerOf = null;
List<Group> memberOf = null;
HashMap<String, String> via = new HashMap<String, String>();
if (needOwnerOf) {
ownerOf = Group.GroupOwner.getOwnedGroups(acct);
}
if (MemberOfSelector.none != needMemberOf) {
memberOf = prov.getGroups(acct, MemberOfSelector.directOnly == needMemberOf, via);
}
/*
* merge the two results into one locale-sensitive sorted list
*/
Set<Entry> combined = Sets.newHashSet();
Set<String> combinedIds = Sets.newHashSet();
Set<String> ownerOfGroupIds = Sets.newHashSet();
Set<String> memberOfGroupIds = Sets.newHashSet();
if (ownerOf != null) {
for (Group group : ownerOf) {
String groupId = group.getId();
ownerOfGroupIds.add(groupId);
if (!combinedIds.contains(groupId)) {
combined.add(group);
combinedIds.add(groupId);
}
}
}
if (memberOf != null) {
for (Group group : memberOf) {
String groupId = group.getId();
memberOfGroupIds.add(groupId);
if (!combinedIds.contains(groupId)) {
combined.add(group);
combinedIds.add(groupId);
}
}
}
// sort it
List<Entry> sortedGroups = Entry.sortByDisplayName(combined, acct.getLocale());
Element response = zsc.createElement(AccountConstants.GET_ACCOUNT_DISTRIBUTION_LISTS_RESPONSE);
for (Entry entry : sortedGroups) {
Group group = (Group) entry;
Element eDL = response.addElement(AccountConstants.E_DL);
eDL.addAttribute(AccountConstants.A_NAME, group.getName());
if (group.isDynamic()) {
eDL.addAttribute(AccountConstants.A_REF, ((LdapDynamicGroup) group).getDN());
} else {
eDL.addAttribute(AccountConstants.A_REF, ((LdapDistributionList) group).getDN());
}
eDL.addAttribute(AccountConstants.A_ID, group.getId());
eDL.addAttribute(AccountConstants.A_DISPLAY, group.getDisplayName());
eDL.addAttribute(AccountConstants.A_DYNAMIC, group.isDynamic());
boolean isOwner = ownerOfGroupIds.contains(group.getId());
if (needOwnerOf) {
eDL.addAttribute(AccountConstants.A_IS_OWNER, isOwner);
}
if (MemberOfSelector.none != needMemberOf) {
boolean isMember = memberOfGroupIds.contains(group.getId());
eDL.addAttribute(AccountConstants.A_IS_MEMBER, isMember);
if (isMember) {
String viaDl = via.get(group.getName());
if (viaDl != null) {
eDL.addAttribute(AccountConstants.A_VIA, viaDl);
}
}
}
Set<String> returnAttrs = GetDistributionList.visibleAttrs(needAttrs, isOwner);
if (!returnAttrs.isEmpty()) {
GetDistributionList.encodeAttrs(group, eDL, returnAttrs);
}
}
return response;
}
Also used :
Account(com.zimbra.cs.account.Account)
LdapDynamicGroup(com.zimbra.cs.account.ldap.entry.LdapDynamicGroup)
Group(com.zimbra.cs.account.Group)
HashMap(java.util.HashMap)
Element(com.zimbra.common.soap.Element)
Provisioning(com.zimbra.cs.account.Provisioning)
Entry(com.zimbra.cs.account.Entry)
MemberOfSelector(com.zimbra.soap.account.type.MemberOfSelector)
ZimbraSoapContext(com.zimbra.soap.ZimbraSoapContext)
Example 40 with Group
use of com.zimbra.cs.account.Group in project zm-mailbox by Zimbra.
the class CreateDistributionList method handle.
public Element handle(Element request, Map<String, Object> context) throws ServiceException {
ZimbraSoapContext zsc = getZimbraSoapContext(context);
Provisioning prov = Provisioning.getInstance();
Account acct = getAuthenticatedAccount(zsc);
String name = request.getAttribute(AccountConstants.E_NAME).toLowerCase();
if (!AccessManager.getInstance().canCreateGroup(acct, name)) {
throw ServiceException.PERM_DENIED("you do not have sufficient rights to create distribution list");
}
Map<String, Object> attrs = AccountService.getKeyValuePairs(request, AccountConstants.E_A, AccountConstants.A_N);
boolean dynamic = request.getAttributeBool(AccountConstants.A_DYNAMIC, true);
// creator of the group will automatically become the first owner of the group
Account creator = getAuthenticatedAccount(zsc);
Group group = prov.createDelegatedGroup(name, attrs, dynamic, creator);
ZimbraLog.security.info(ZimbraLog.encodeAttrs(new String[] { "cmd", "CreateDistributionList", "name", name }, attrs));
Element response = zsc.createElement(AccountConstants.CREATE_DISTRIBUTION_LIST_RESPONSE);
Element eDL = response.addElement(AccountConstants.E_DL);
eDL.addAttribute(AccountConstants.A_NAME, group.getName());
if (group.isDynamic()) {
eDL.addAttribute(AccountConstants.A_REF, ((LdapDynamicGroup) group).getDN());
} else {
eDL.addAttribute(AccountConstants.A_REF, ((LdapDistributionList) group).getDN());
}
eDL.addAttribute(AccountConstants.A_ID, group.getId());
GetDistributionList.encodeAttrs(group, eDL, null);
return response;
}
Also used :
Account(com.zimbra.cs.account.Account)
LdapDynamicGroup(com.zimbra.cs.account.ldap.entry.LdapDynamicGroup)
Group(com.zimbra.cs.account.Group)
ZimbraSoapContext(com.zimbra.soap.ZimbraSoapContext)
Element(com.zimbra.common.soap.Element)
Provisioning(com.zimbra.cs.account.Provisioning)
Aggregations
Group (com.zimbra.cs.account.Group)110
Account (com.zimbra.cs.account.Account)53
Test (org.junit.Test)42
DynamicGroup (com.zimbra.cs.account.DynamicGroup)27
ServiceException (com.zimbra.common.service.ServiceException)23
SoapTransport (com.zimbra.common.soap.SoapTransport)23
Provisioning (com.zimbra.cs.account.Provisioning)23
LdapDynamicGroup (com.zimbra.cs.account.ldap.entry.LdapDynamicGroup)21
Domain (com.zimbra.cs.account.Domain)17
GuestAccount (com.zimbra.cs.account.GuestAccount)17
ZimbraSoapContext (com.zimbra.soap.ZimbraSoapContext)17
Element (com.zimbra.common.soap.Element)16
AccountServiceException (com.zimbra.cs.account.AccountServiceException)15
NamedEntry (com.zimbra.cs.account.NamedEntry)14
LdapAccount (com.zimbra.cs.account.ldap.entry.LdapAccount)12
DistributionListActionRequest (com.zimbra.soap.account.message.DistributionListActionRequest)12
DistributionListAction (com.zimbra.soap.account.type.DistributionListAction)12
DistributionListActionResponse (com.zimbra.soap.account.message.DistributionListActionResponse)11
DistributionList (com.zimbra.cs.account.DistributionList)9
Entry (com.zimbra.cs.account.Entry)9
