Examples with GroupMembership com.zimbra.cs.account.Provisioning.GroupMembership used on opensource projects

Search in sources :

Example 1 with GroupMembership

use of com.zimbra.cs.account.Provisioning.GroupMembership in project zm-mailbox by Zimbra.

the class ParticallyDenied method isSubTarget.

private static boolean isSubTarget(Provisioning prov, Entry targetSup, Entry targetSub) throws ServiceException {
    if (targetSup instanceof Domain) {
        Domain domain = (Domain) targetSup;
        Domain targetSubInDomain = TargetType.getTargetDomain(prov, targetSub);
        if (targetSubInDomain == null)
            // not a domain-ed entry
            return false;
        else {
            if (domain.getId().equals(targetSubInDomain.getId()))
                return true;
            else {
                // see if targetSub is in a group that is in the domain
                GroupMembership groups = null;
                if (targetSub instanceof Account)
                    groups = prov.getGroupMembership((Account) targetSub, false);
                else if (targetSub instanceof DistributionList)
                    groups = prov.getGroupMembership((DistributionList) targetSub, false);
                else
                    return false;
                for (String groupId : groups.groupIds()) {
                    DistributionList group = prov.getDLBasic(Key.DistributionListBy.id, groupId);
                    Domain groupInDomain = prov.getDomain(group);
                    if (// hmm, log a warn if groupInDomain is null? throw internal err?
                    groupInDomain != null && domain.getId().equals(groupInDomain.getId()))
                        return true;
                }
            }
        }
        return false;
    } else if (targetSup instanceof DistributionList) {
        DistributionList dl = (DistributionList) targetSup;
        String subId = null;
        if (// covers cr too
        targetSub instanceof Account)
            return prov.inDistributionList((Account) targetSub, dl.getId());
        else if (targetSub instanceof DistributionList)
            return prov.inDistributionList((DistributionList) targetSub, dl.getId());
        else
            return false;
    } else if (targetSup instanceof GlobalGrant)
        return true;
    else {
        /*
             * is really an error, somehow our logic of finding sub-targets
             * is wrong, throw FAILURE and fix if we get here.  The granting attemp
             * will be denied, but that's fine.
             */
        throw ServiceException.FAILURE("internal error, unexpected entry type: " + targetSup.getLabel(), null);
    }
}
Also used : Account(com.zimbra.cs.account.Account) GlobalGrant(com.zimbra.cs.account.GlobalGrant) GroupMembership(com.zimbra.cs.account.Provisioning.GroupMembership) Domain(com.zimbra.cs.account.Domain) DistributionList(com.zimbra.cs.account.DistributionList)

Example 2 with GroupMembership

use of com.zimbra.cs.account.Provisioning.GroupMembership in project zm-mailbox by Zimbra.

the class GetAdminConsoleUIComp method handle.

@Override
public Element handle(Element request, Map<String, Object> context) throws ServiceException {
    ZimbraSoapContext zsc = getZimbraSoapContext(context);
    Provisioning prov = Provisioning.getInstance();
    GetAdminConsoleUICompRequest req = JaxbUtil.elementToJaxb(request);
    AccountSelector accountSel = req.getAccount();
    DistributionListSelector dlSel = req.getDl();
    Element resp = zsc.createElement(AdminConstants.GET_ADMIN_CONSOLE_UI_COMP_RESPONSE);
    if ((null != accountSel) && (null != dlSel)) {
        throw ServiceException.INVALID_REQUEST("can only specify eith account or dl", null);
    }
    Account authedAcct = getAuthenticatedAccount(zsc);
    Set<String> added = new HashSet<String>();
    GroupMembership aclGroups = null;
    if (accountSel != null) {
        AccountBy by = accountSel.getBy().toKeyAccountBy();
        String key = accountSel.getKey();
        Account acct = prov.get(by, key);
        AccountHarvestingCheckerUsingCheckRight checker = new AccountHarvestingCheckerUsingCheckRight(zsc, context, Admin.R_viewAccountAdminUI);
        if (acct == null) {
            defendAgainstAccountHarvestingWhenAbsent(by, key, zsc, checker);
        } else {
            if (!authedAcct.getId().equals(acct.getId())) {
                defendAgainstAccountHarvesting(acct, by, key, zsc, checker);
            }
            addValues(acct, resp, added, false);
            aclGroups = prov.getGroupMembership(acct, true);
        }
    } else if (dlSel != null) {
        Key.DistributionListBy by = dlSel.getBy().toKeyDistributionListBy();
        String key = dlSel.getKey();
        DistributionList dl = prov.getDLBasic(by, key);
        GroupHarvestingCheckerUsingCheckRight checker = new GroupHarvestingCheckerUsingCheckRight(zsc, context, Admin.R_viewDistributionListAdminUI);
        if (dl == null) {
            defendAgainstGroupHarvestingWhenAbsent(by, key, zsc, checker);
        } else {
            defendAgainstGroupHarvesting(dl, by, key, zsc, checker);
            addValues(dl, resp, added, false);
            aclGroups = prov.getGroupMembership(dl, true);
        }
    } else {
        // use the authed account
        addValues(authedAcct, resp, added, false);
        aclGroups = prov.getGroupMembership(authedAcct, true);
    }
    if (aclGroups != null) {
        for (String groupId : aclGroups.groupIds()) {
            DistributionList dl = prov.get(Key.DistributionListBy.id, groupId);
            addValues(dl, resp, added, true);
        }
    }
    return resp;
}
Also used : Account(com.zimbra.cs.account.Account) Element(com.zimbra.common.soap.Element) AccountSelector(com.zimbra.soap.type.AccountSelector) GroupMembership(com.zimbra.cs.account.Provisioning.GroupMembership) DistributionListSelector(com.zimbra.soap.admin.type.DistributionListSelector) Provisioning(com.zimbra.cs.account.Provisioning) AccountBy(com.zimbra.common.account.Key.AccountBy) ZimbraSoapContext(com.zimbra.soap.ZimbraSoapContext) GetAdminConsoleUICompRequest(com.zimbra.soap.admin.message.GetAdminConsoleUICompRequest) HashSet(java.util.HashSet) DistributionList(com.zimbra.cs.account.DistributionList)

Example 3 with GroupMembership

use of com.zimbra.cs.account.Provisioning.GroupMembership in project zm-mailbox by Zimbra.

the class TestLdapProvDynamicGroup method getGroupMembership.

/*
     * Test Provisioning.getGroupMembership
     */
@Test
public void getGroupMembership() throws Exception {
    Group group = createDynamicGroup(genGroupNameLocalPart());
    Group otherDynamicGroup = createDynamicGroup(genGroupNameLocalPart("other-dynamic"));
    Group otherStaticGroup = provUtil.createDistributionList(genGroupNameLocalPart("other-static"), domain);
    Account acct = provUtil.createAccount(genAcctNameLocalPart(), domain);
    String externalAddr = "user@external.com";
    GuestAccount guestAcct = new GuestAccount(externalAddr, null);
    prov.addGroupMembers(group, new String[] { acct.getName(), externalAddr });
    prov.addGroupMembers(otherDynamicGroup, new String[] { acct.getName(), externalAddr });
    prov.addGroupMembers(otherStaticGroup, new String[] { acct.getName(), externalAddr });
    Set<String> expectedMemberOf = Sets.newHashSet(Verify.makeResultStr(group.getId(), Boolean.FALSE), Verify.makeResultStr(otherDynamicGroup.getId(), Boolean.FALSE), Verify.makeResultStr(otherStaticGroup.getId(), Boolean.FALSE));
    Set<String> expectedIds = Sets.newHashSet(Verify.makeResultStr(group.getId()), Verify.makeResultStr(otherDynamicGroup.getId()), Verify.makeResultStr(otherStaticGroup.getId()));
    /*
         * verify membership for acct
         */
    GroupMembership membership = prov.getGroupMembership(acct, false);
    List<MemberOf> memberOfList = membership.memberOf();
    List<String> groupIdList = membership.groupIds();
    Set<String> actualMemberOf = Sets.newHashSet();
    for (MemberOf memberOf : memberOfList) {
        actualMemberOf.add(Verify.makeResultStr(memberOf.getId(), memberOf.isAdminGroup()));
    }
    Set<String> actualIds = Sets.newHashSet();
    for (String id : groupIdList) {
        actualIds.add(Verify.makeResultStr(id));
    }
    Verify.verifyEquals(expectedMemberOf, actualMemberOf);
    Verify.verifyEquals(expectedIds, actualIds);
    /*
         * verify membership for guest acct
         */
    membership = prov.getGroupMembership(guestAcct, false);
    memberOfList = membership.memberOf();
    groupIdList = membership.groupIds();
    actualMemberOf = Sets.newHashSet();
    for (MemberOf memberOf : memberOfList) {
        actualMemberOf.add(Verify.makeResultStr(memberOf.getId(), memberOf.isAdminGroup()));
    }
    actualIds = Sets.newHashSet();
    for (String id : groupIdList) {
        actualIds.add(Verify.makeResultStr(id));
    }
    Verify.verifyEquals(expectedMemberOf, actualMemberOf);
    Verify.verifyEquals(expectedIds, actualIds);
}
Also used : DynamicGroup(com.zimbra.cs.account.DynamicGroup) Group(com.zimbra.cs.account.Group) LdapDynamicGroup(com.zimbra.cs.account.ldap.entry.LdapDynamicGroup) LdapAccount(com.zimbra.cs.account.ldap.entry.LdapAccount) GuestAccount(com.zimbra.cs.account.GuestAccount) Account(com.zimbra.cs.account.Account) GuestAccount(com.zimbra.cs.account.GuestAccount) MemberOf(com.zimbra.cs.account.Provisioning.MemberOf) GroupMembership(com.zimbra.cs.account.Provisioning.GroupMembership) Test(org.junit.Test)

Example 4 with GroupMembership

use of com.zimbra.cs.account.Provisioning.GroupMembership in project zm-mailbox by Zimbra.

the class TestGroups method doGetCustomDynamicGroupMembership.

private void doGetCustomDynamicGroupMembership(int acctNum) throws ServiceException {
    String acctName = String.format(acctPatt, acctNum);
    Account acct = ldapProv.getAccountByName(acctName);
    GroupMembership membership = ldapProv.getCustomDynamicGroupMembership(acct, false);
    String groupNames = groupInfo(membership.groupIds());
    assertEquals(String.format("Number of dynamic groups with custom memberURL s which contain %s groups=%s", acct.getName(), groupNames), 1, membership.groupIds().size());
    String cosName = String.format(customDLPatt, acctNum % NUM_COS + 1);
    Group grp = groups.get(membership.groupIds().get(0));
    String groupName = (grp == null) ? "UNKNOWN(not created by this test)" : grp.getName();
    assertEquals(String.format("Name of dynamic group with custom memberURL s which contains %s", acctName), cosName, groupName);
}
Also used : Account(com.zimbra.cs.account.Account) Group(com.zimbra.cs.account.Group) GroupMembership(com.zimbra.cs.account.Provisioning.GroupMembership)

Example 5 with GroupMembership

use of com.zimbra.cs.account.Provisioning.GroupMembership in project zm-mailbox by Zimbra.

the class TestGroups method testDLupdateGroupMembershipWithoutViaWithAliases.

public void testDLupdateGroupMembershipWithoutViaWithAliases() throws Exception {
    Account acct = ldapProv.getAccountByName(acctWithAlias);
    GroupMembership membership = new GroupMembership();
    long start = System.currentTimeMillis();
    DistributionList.updateGroupMembership(ldapProv, (ZLdapContext) null, membership, acct, null, /* via */
    false, /* adminGroupsOnly */
    false);
    ZimbraLog.test.info("testDLupdateGroupMembershipWithoutVia %s size=%d", ZimbraLog.elapsedTime(start, System.currentTimeMillis()), membership.groupIds().size());
    for (int cnt = 1; cnt <= NUM_NORMAL_DL; cnt++) {
        String nam = String.format(normalDLPatt, cnt);
        DistributionList dl = ldapProv.get(DistributionListBy.name, nam);
        Assert.assertTrue(String.format("DL %s (id=%s) in membership", nam, dl.getId()), membership.groupIds().contains(dl.getId()));
    }
    DistributionList dl = ldapProv.get(DistributionListBy.name, dlWithAlias);
    Assert.assertTrue(String.format("DL %s (id=%s) in membership", dl.getId(), dl.getId()), membership.groupIds().contains(dl.getId()));
    dl = ldapProv.get(DistributionListBy.name, dlWithAlias2);
    Assert.assertTrue(String.format("DL %s (id=%s) in membership", dl.getId(), dl.getId()), membership.groupIds().contains(dl.getId()));
    Assert.assertEquals(String.format("Number of DLs User %s is a member of", acctWithAlias), NUM_NORMAL_DL + 2, membership.memberOf().size());
    acct = ldapProv.getAccountByName(acctWithAlias2);
    membership = new GroupMembership();
    start = System.currentTimeMillis();
    DistributionList.updateGroupMembership(ldapProv, (ZLdapContext) null, membership, acct, null, /* via */
    false, /* adminGroupsOnly */
    false);
    ZimbraLog.test.info("testDLupdateGroupMembershipWithoutVia %s size=%d", ZimbraLog.elapsedTime(start, System.currentTimeMillis()), membership.groupIds().size());
    dl = ldapProv.get(DistributionListBy.name, dlWithAlias);
    Assert.assertTrue(String.format("DL %s (id=%s) in membership", dl.getName(), dl.getId()), membership.groupIds().contains(dl.getId()));
    dl = ldapProv.get(DistributionListBy.name, dlWithAlias2);
    Assert.assertTrue(String.format("DL %s (id=%s) in membership", dl.getName(), dl.getId()), membership.groupIds().contains(dl.getId()));
    Assert.assertEquals(String.format("Number of DLs User %s is a member of", acctWithAlias2), 2, membership.memberOf().size());
}
Also used : Account(com.zimbra.cs.account.Account) GroupMembership(com.zimbra.cs.account.Provisioning.GroupMembership) DistributionList(com.zimbra.cs.account.DistributionList)

Aggregations

GroupMembership (com.zimbra.cs.account.Provisioning.GroupMembership)8 Account (com.zimbra.cs.account.Account)7 DistributionList (com.zimbra.cs.account.DistributionList)4 Group (com.zimbra.cs.account.Group)3 DynamicGroup (com.zimbra.cs.account.DynamicGroup)2 GuestAccount (com.zimbra.cs.account.GuestAccount)2 LdapAccount (com.zimbra.cs.account.ldap.entry.LdapAccount)2 LdapDynamicGroup (com.zimbra.cs.account.ldap.entry.LdapDynamicGroup)2 Test (org.junit.Test)2 AccountBy (com.zimbra.common.account.Key.AccountBy)1 Element (com.zimbra.common.soap.Element)1 Domain (com.zimbra.cs.account.Domain)1 GlobalGrant (com.zimbra.cs.account.GlobalGrant)1 Provisioning (com.zimbra.cs.account.Provisioning)1 MemberOf (com.zimbra.cs.account.Provisioning.MemberOf)1 Right (com.zimbra.cs.account.accesscontrol.Right)1 ZimbraSoapContext (com.zimbra.soap.ZimbraSoapContext)1 GetAdminConsoleUICompRequest (com.zimbra.soap.admin.message.GetAdminConsoleUICompRequest)1 DistributionListSelector (com.zimbra.soap.admin.type.DistributionListSelector)1 AccountSelector (com.zimbra.soap.type.AccountSelector)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial