Examples with NamedEntry com.zimbra.cs.account.NamedEntry used on opensource projects

Search in sources :

Example 56 with NamedEntry

use of com.zimbra.cs.account.NamedEntry in project zm-mailbox by Zimbra.

the class TestACLAttrRight method grantRight.

/*
     * TODO: following methods (grantRight and verify) copied from legacy
     *       com.zimbra.qa.unittest.TestACL.
     *       Move to ACLTestUtil if used in other classes as we continue to renovate ACL
     *       unit tests.
     *
     *
     * utility methods to grant/revoke right
     *
     * To simulate how grants are done in the real server/zmprov, we first call TargetType.lookupTarget to
     * "look for" the taret, then use the returned entry instead of giving the target entry passed in
     * directly to RightUtil.
     *
     * This is for testing user rights, which goes to RightUtil directly (i.e. not through RightCommand)
     *
     */
private List<ZimbraACE> grantRight(TargetType targetType, Entry target, Set<ZimbraACE> aces) throws ServiceException {
    /*
         * make sure all rights are user right, tests written earlier could still be using
         * this to grant
         */
    for (ZimbraACE ace : aces) {
        assertTrue(ace.getRight().isUserRight());
    }
    Entry targetEntry;
    if (target instanceof Zimlet) {
        // must be by name
        String targetName = ((Zimlet) target).getName();
        targetEntry = TargetType.lookupTarget(prov, targetType, TargetBy.name, targetName);
    } else {
        String targetId = (target instanceof NamedEntry) ? ((NamedEntry) target).getId() : null;
        targetEntry = TargetType.lookupTarget(prov, targetType, TargetBy.id, targetId);
    }
    return ACLUtil.grantRight(prov, targetEntry, aces);
}
Also used : ZimbraACE(com.zimbra.cs.account.accesscontrol.ZimbraACE) NamedEntry(com.zimbra.cs.account.NamedEntry) NamedEntry(com.zimbra.cs.account.NamedEntry) Entry(com.zimbra.cs.account.Entry) Zimlet(com.zimbra.cs.account.Zimlet)

Example 57 with NamedEntry

use of com.zimbra.cs.account.NamedEntry in project zm-mailbox by Zimbra.

the class Verify method verifyEntries.

// verify list contains all the entries
// if checkCount == true, verify the count matches too
public static void verifyEntries(List<NamedEntry> list, NamedEntry[] entries, boolean checkCount) throws Exception {
    try {
        if (checkCount)
            assertEquals(list.size(), entries.length);
        Set<String> ids = new HashSet<String>();
        for (NamedEntry entry : list) ids.add(entry.getId());
        for (NamedEntry entry : entries) {
            assertTrue(ids.contains(entry.getId()));
            ids.remove(entry.getId());
        }
        // make sure all ids in list is present is entries
        if (checkCount)
            assertEquals(ids.size(), 0);
    } catch (AssertionError e) {
        System.out.println();
        System.out.println("===== verifyEntries failed =====");
        System.out.println("Message: " + e.getMessage());
        System.out.println();
        System.out.println("list contains " + list.size() + " entries:");
        for (NamedEntry entry : list) {
            System.out.println("    " + entry.getName());
        }
        System.out.println();
        System.out.println("entries contains " + entries.length + " entries:");
        for (NamedEntry entry : entries) {
            System.out.println("    " + entry.getName());
        }
        System.out.println();
        throw e;
    }
}
Also used : NamedEntry(com.zimbra.cs.account.NamedEntry) HashSet(java.util.HashSet)

Example 58 with NamedEntry

use of com.zimbra.cs.account.NamedEntry in project zm-mailbox by Zimbra.

the class ProvTestUtil method deleteAllEntries.

public void deleteAllEntries() throws Exception {
    for (NamedEntry entry : createdAccountSubordinates) {
        deleteEntry(entry);
    }
    createdAccountSubordinates.clear();
    for (NamedEntry entry : createdEntries) {
        deleteEntry(entry);
    }
    createdEntries.clear();
    for (NamedEntry entry : createdDomains) {
        deleteEntry(entry);
    }
    createdDomains.clear();
}
Also used : NamedEntry(com.zimbra.cs.account.NamedEntry)

Example 59 with NamedEntry

use of com.zimbra.cs.account.NamedEntry in project zm-mailbox by Zimbra.

the class RightCommand method getGrants.

public static Grants getGrants(Provisioning prov, String targetType, TargetBy targetBy, String target, String granteeType, GranteeBy granteeBy, String grantee, boolean granteeIncludeGroupsGranteeBelongs) throws ServiceException {
    verifyAccessManager();
    if (targetType == null && granteeType == null) {
        throw ServiceException.INVALID_REQUEST("at least one of target or grantee must be specified", null);
    }
    // target
    TargetType tt = null;
    Entry targetEntry = null;
    if (targetType != null) {
        tt = TargetType.fromCode(targetType);
        targetEntry = TargetType.lookupTarget(prov, tt, targetBy, target);
    }
    // grantee
    GranteeType gt = null;
    NamedEntry granteeEntry = null;
    Set<String> granteeFilter = null;
    Boolean isGranteeAnAdmin = null;
    if (granteeType != null) {
        gt = GranteeType.fromCode(granteeType);
        granteeEntry = GranteeType.lookupGrantee(prov, gt, granteeBy, grantee);
        isGranteeAnAdmin = RightBearer.isValidGranteeForAdminRights(gt, granteeEntry);
        if (granteeIncludeGroupsGranteeBelongs) {
            Grantee theGrantee = Grantee.getGrantee(granteeEntry, false);
            granteeFilter = theGrantee.getIdAndGroupIds();
        } else {
            granteeFilter = new HashSet<String>();
            granteeFilter.add(granteeEntry.getId());
        }
    }
    Grants grants = new Grants();
    if (targetEntry != null) {
        // get ACL from the target
        ZimbraACL zimbraAcl = ACLUtil.getACL(targetEntry);
        // then filter by grnatee if grantee is specified
        grants.addGrants(tt, targetEntry, zimbraAcl, granteeFilter, isGranteeAnAdmin);
    } else {
        /*
             * no specific target, search for grants granted to
             * the grantee (and optionally groups the specified
             * grantee belongs to)
             *
             * If we come to this path, grantee must have been
             * specified.
             */
        // we want all target types
        Set<TargetType> targetTypesToSearch = new HashSet<TargetType>(Arrays.asList(TargetType.values()));
        SearchGrants searchGrants = new SearchGrants(prov, targetTypesToSearch, granteeFilter);
        Set<GrantsOnTarget> grantsOnTargets = searchGrants.doSearch().getResults();
        for (GrantsOnTarget grantsOnTarget : grantsOnTargets) {
            Entry grantedOnEntry = grantsOnTarget.getTargetEntry();
            ZimbraACL acl = grantsOnTarget.getAcl();
            TargetType grantedOnTargetType = TargetType.getTargetType(grantedOnEntry);
            grants.addGrants(grantedOnTargetType, grantedOnEntry, acl, granteeFilter, isGranteeAnAdmin);
        }
    }
    return grants;
}
Also used : GrantsOnTarget(com.zimbra.cs.account.accesscontrol.SearchGrants.GrantsOnTarget) NamedEntry(com.zimbra.cs.account.NamedEntry) Grantee(com.zimbra.cs.account.accesscontrol.RightBearer.Grantee) NamedEntry(com.zimbra.cs.account.NamedEntry) Entry(com.zimbra.cs.account.Entry) HashSet(java.util.HashSet)

Example 60 with NamedEntry

use of com.zimbra.cs.account.NamedEntry in project zm-mailbox by Zimbra.

the class ImapHandler method doGETACL.

boolean doGETACL(String tag, ImapPath path) throws IOException {
    if (!checkState(tag, State.AUTHENTICATED)) {
        return true;
    }
    StringBuilder i4acl = new StringBuilder("ACL ").append(path.asUtf7String());
    try {
        // make sure the requester has sufficient permissions to make the request
        if ((path.getFolderRights() & ACL.RIGHT_ADMIN) == 0) {
            ZimbraLog.imap.info("GETACL failed: user does not have admin access: %s", path);
            sendNO(tag, "GETACL failed");
            return true;
        }
        // the target folder's owner always has full rights
        Account owner = path.getOwnerAccount();
        if (owner != null) {
            i4acl.append(" \"").append(owner.getName()).append("\" ").append(IMAP_CONCATENATED_RIGHTS);
        }
        // write out the grants to all users and groups
        Short anyoneRights = null;
        Object folderobj = path.getFolder();
        if (folderobj instanceof Folder) {
            ACL acl = ((Folder) folderobj).getEffectiveACL();
            if (acl != null) {
                for (ACL.Grant grant : acl.getGrants()) {
                    byte type = grant.getGranteeType();
                    short rights = grant.getGrantedRights();
                    if (type == ACL.GRANTEE_AUTHUSER || type == ACL.GRANTEE_PUBLIC) {
                        anyoneRights = (short) ((anyoneRights == null ? 0 : anyoneRights) | rights);
                    } else if (type == ACL.GRANTEE_USER || type == ACL.GRANTEE_GROUP) {
                        NamedEntry entry = FolderAction.lookupGranteeByZimbraId(grant.getGranteeId(), type);
                        if (entry != null) {
                            i4acl.append(" \"").append(entry.getName()).append("\" ").append(exportRights(rights));
                        }
                    }
                }
            }
        } else {
            for (ZGrant zgrant : ((ZFolder) folderobj).getGrants()) {
                ZGrant.GranteeType ztype = zgrant.getGranteeType();
                short rights = ACL.stringToRights(zgrant.getPermissions());
                if (ztype == ZGrant.GranteeType.pub || ztype == ZGrant.GranteeType.all) {
                    anyoneRights = (short) ((anyoneRights == null ? 0 : anyoneRights) | rights);
                } else if (ztype == ZGrant.GranteeType.usr || ztype == ZGrant.GranteeType.grp) {
                    byte granteeType = ztype == ZGrant.GranteeType.usr ? ACL.GRANTEE_USER : ACL.GRANTEE_GROUP;
                    NamedEntry entry = FolderAction.lookupGranteeByZimbraId(zgrant.getGranteeId(), granteeType);
                    if (entry != null) {
                        i4acl.append(" \"").append(entry.getName()).append("\" ").append(exportRights(rights));
                    }
                }
            }
        }
        // aggregate all the "public" and "auth user" grants into the "anyone" IMAP ACL
        if (anyoneRights != null) {
            i4acl.append(" anyone ").append(exportRights(anyoneRights));
        }
    } catch (ServiceException e) {
        if (e.getCode().equals(ServiceException.PERM_DENIED)) {
            ZimbraLog.imap.info("GETACL failed: permission denied on folder: %s", path);
        } else if (e.getCode().equals(MailServiceException.NO_SUCH_FOLDER)) {
            ZimbraLog.imap.info("GETACL failed: no such folder: %s", path);
        } else {
            ZimbraLog.imap.warn("GETACL failed", e);
        }
        sendNO(tag, "GETACL failed");
        return true;
    }
    sendUntagged(i4acl.toString());
    sendNotifications(true, false);
    sendOK(tag, "GETACL completed");
    return true;
}
Also used : GuestAccount(com.zimbra.cs.account.GuestAccount) Account(com.zimbra.cs.account.Account) ACL(com.zimbra.cs.mailbox.ACL) SearchFolder(com.zimbra.cs.mailbox.SearchFolder) Folder(com.zimbra.cs.mailbox.Folder) ZFolder(com.zimbra.client.ZFolder) NamedEntry(com.zimbra.cs.account.NamedEntry) ZGrant(com.zimbra.client.ZGrant) AccountServiceException(com.zimbra.cs.account.AccountServiceException) ServiceException(com.zimbra.common.service.ServiceException) MailServiceException(com.zimbra.cs.mailbox.MailServiceException) ZFolder(com.zimbra.client.ZFolder)

Aggregations

NamedEntry (com.zimbra.cs.account.NamedEntry)109 Account (com.zimbra.cs.account.Account)51 ServiceException (com.zimbra.common.service.ServiceException)26 Domain (com.zimbra.cs.account.Domain)24 Provisioning (com.zimbra.cs.account.Provisioning)23 AccountServiceException (com.zimbra.cs.account.AccountServiceException)19 ProvTest (com.zimbra.qa.unittest.prov.ProvTest)19 DistributionList (com.zimbra.cs.account.DistributionList)18 SearchDirectoryOptions (com.zimbra.cs.account.SearchDirectoryOptions)18 HashSet (java.util.HashSet)17 Entry (com.zimbra.cs.account.Entry)15 HashMap (java.util.HashMap)15 Element (com.zimbra.common.soap.Element)14 Group (com.zimbra.cs.account.Group)14 SearchAccountsOptions (com.zimbra.cs.account.SearchAccountsOptions)12 GuestAccount (com.zimbra.cs.account.GuestAccount)8 MailTarget (com.zimbra.cs.account.MailTarget)8 LdapDomain (com.zimbra.cs.account.ldap.entry.LdapDomain)8 AccessManager (com.zimbra.cs.account.AccessManager)7 DynamicGroup (com.zimbra.cs.account.DynamicGroup)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial