Search in sources :

Example 6 with UCService

use of com.zimbra.cs.account.UCService in project zm-mailbox by Zimbra.

the class LdapProvisioning method createUCService.

@Override
public UCService createUCService(String name, Map<String, Object> attrs) throws ServiceException {
    name = name.toLowerCase().trim();
    CallbackContext callbackContext = new CallbackContext(CallbackContext.Op.CREATE);
    AttributeManager.getInstance().preModify(attrs, null, callbackContext, true);
    ZLdapContext zlc = null;
    try {
        zlc = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.CREATE_UCSERVICE);
        ZMutableEntry entry = LdapClient.createMutableEntry();
        entry.mapToAttrs(attrs);
        Set<String> ocs = LdapObjectClass.getUCServiceObjectClasses(this);
        entry.addAttr(A_objectClass, ocs);
        String zimbraIdStr = LdapUtil.generateUUID();
        entry.setAttr(A_zimbraId, zimbraIdStr);
        entry.setAttr(A_zimbraCreateTimestamp, LdapDateUtil.toGeneralizedTime(new Date()));
        entry.setAttr(A_cn, name);
        String dn = mDIT.ucServiceNameToDN(name);
        entry.setDN(dn);
        zlc.createEntry(entry);
        UCService ucService = getUCServiceById(zimbraIdStr, zlc, true);
        AttributeManager.getInstance().postModify(attrs, ucService, callbackContext);
        return ucService;
    } catch (LdapEntryAlreadyExistException nabe) {
        throw AccountServiceException.SERVER_EXISTS(name);
    } catch (LdapException e) {
        throw e;
    } catch (AccountServiceException e) {
        throw e;
    } catch (ServiceException e) {
        throw ServiceException.FAILURE("unable to create ucservice: " + name, e);
    } finally {
        LdapClient.closeContext(zlc);
    }
}
Also used : ZMutableEntry(com.zimbra.cs.ldap.ZMutableEntry) LdapEntryAlreadyExistException(com.zimbra.cs.ldap.LdapException.LdapEntryAlreadyExistException) AccountServiceException(com.zimbra.cs.account.AccountServiceException) ZLdapContext(com.zimbra.cs.ldap.ZLdapContext) LdapUCService(com.zimbra.cs.account.ldap.entry.LdapUCService) UCService(com.zimbra.cs.account.UCService) AccountServiceException(com.zimbra.cs.account.AccountServiceException) AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException) ServiceException(com.zimbra.common.service.ServiceException) CallbackContext(com.zimbra.cs.account.callback.CallbackContext) LdapException(com.zimbra.cs.ldap.LdapException) Date(java.util.Date)

Example 7 with UCService

use of com.zimbra.cs.account.UCService in project zm-mailbox by Zimbra.

the class LdapProvisioning method getUCServiceById.

private UCService getUCServiceById(String zimbraId, ZLdapContext zlc, boolean nocache) throws ServiceException {
    if (zimbraId == null) {
        return null;
    }
    UCService s = null;
    if (!nocache) {
        s = ucServiceCache.getById(zimbraId);
    }
    if (s == null) {
        s = getUCServiceByQuery(filterFactory.ucServiceById(zimbraId), zlc);
        ucServiceCache.put(s);
    }
    return s;
}
Also used : LdapUCService(com.zimbra.cs.account.ldap.entry.LdapUCService) UCService(com.zimbra.cs.account.UCService)

Example 8 with UCService

use of com.zimbra.cs.account.UCService in project zm-mailbox by Zimbra.

the class CountObjects method handle.

@Override
public Element handle(Element request, Map<String, Object> context) throws ServiceException {
    ZimbraSoapContext zsc = getZimbraSoapContext(context);
    CountObjectsRequest req = zsc.elementToJaxb(request);
    CountObjectsType countObjectsType = req.getType();
    if (countObjectsType == null) {
        throw ServiceException.INVALID_REQUEST("No type specified", null);
    }
    Provisioning prov = Provisioning.getInstance();
    UCService ucService = null;
    UCServiceSelector ucserviceSelector = req.getUcService();
    if (null != ucserviceSelector) {
        if (!countObjectsType.allowsUCService()) {
            throw ServiceException.INVALID_REQUEST("UCService cannot be specified for type: " + countObjectsType.name(), null);
        }
        String value = ucserviceSelector.getKey();
        ucService = prov.get(Key.UCServiceBy.fromString(ucserviceSelector.getBy().name()), value);
        if (ucService == null) {
            throw AccountServiceException.NO_SUCH_UC_SERVICE(value);
        }
    }
    List<DomainSelector> specifiedDomains = req.getDomains();
    if (!countObjectsType.allowsDomain() && !specifiedDomains.isEmpty()) {
        throw ServiceException.INVALID_REQUEST("domain cannot be specified for type: " + countObjectsType.name(), null);
    }
    long count = 0;
    if (specifiedDomains.isEmpty() && !zsc.getAuthToken().isAdmin() && countObjectsType.allowsDomain() && !countObjectsType.equals(CountObjectsType.domain)) {
        // if a delegated admin is trying to count objects that exist within
        // a domain, count only within this admin's domains
        List<Domain> domains = prov.getAllDomains();
        AdminAccessControl aac = AdminAccessControl.getAdminAccessControl(zsc);
        AdminRight associatedRight = getAssociatedRight(countObjectsType);
        for (Iterator<Domain> it = domains.iterator(); it.hasNext(); ) {
            Domain domain = it.next();
            if (!aac.hasRight(domain, associatedRight)) {
                it.remove();
            }
        }
        count = 0;
        int threshold = DebugConfig.minimumDomainsToUseThreadsForDomainAdminCountObjects;
        if (threshold > 0 && domains.size() >= threshold) {
            // For a large number of domains, counting can be slow.  Do the LDAP queries in parallel.
            // As they all use different bases, they don't interfere with each other much.
            AtomicLong atomicCount = new AtomicLong(0);
            List<Thread> threads = Lists.newArrayList();
            final int chunkSize = (domains.size() / DebugConfig.numberOfThreadsToUseForDomainAdminCountObjects) + 1;
            int lastIndex = domains.size() - 1;
            int begin = 0;
            int end = (lastIndex < chunkSize) ? lastIndex : chunkSize - 1;
            while (end <= lastIndex) {
                threads.add(new Thread(new GetDomainCountsThread(atomicCount, prov, domains.subList(begin, end + 1), countObjectsType, ucService), String.format("%s-CountsForDomains-%d", Thread.currentThread().getName(), threads.size())));
                if (end >= lastIndex) {
                    break;
                }
                begin += chunkSize;
                end += chunkSize;
                if (end > lastIndex) {
                    end = lastIndex;
                }
            }
            for (Thread thread : threads) {
                thread.start();
            }
            for (Thread thread : threads) {
                try {
                    thread.join();
                } catch (InterruptedException e) {
                    ZimbraLog.search.debug("Unexpected exception counting for domain", e);
                }
            }
            count = atomicCount.get();
        } else {
            for (Domain domain : domains) {
                count += prov.countObjects(countObjectsType, domain, ucService);
            }
        }
    } else if (!specifiedDomains.isEmpty() && countObjectsType.allowsDomain()) {
        // count objects within specified domains
        for (DomainSelector specifiedDomain : specifiedDomains) {
            DomainBy by = specifiedDomain.getBy();
            String domValue = specifiedDomain.getKey();
            Domain domain = prov.get(Key.DomainBy.fromString(by.name()), domValue);
            if (domain == null) {
                throw AccountServiceException.NO_SUCH_DOMAIN(domValue);
            }
            checkDomainRight(zsc, domain, getAssociatedRight(countObjectsType));
            count += prov.countObjects(countObjectsType, domain, ucService);
        }
    } else if (countObjectsType.equals(CountObjectsType.domain) && (zsc.getAuthToken().isDelegatedAdmin() || zsc.getAuthToken().isDomainAdmin()) && req.getOnlyRelated()) {
        RightCommand.Grants grants = prov.getGrants(null, null, null, GranteeType.GT_USER.getCode(), GranteeSelector.GranteeBy.id, zsc.getAuthtokenAccountId(), false);
        if (grants != null) {
            Set<RightCommand.ACE> acEs = grants.getACEs();
            Set<String> domainIds = new HashSet<String>();
            for (RightCommand.ACE acE : acEs) {
                if (acE.targetType().equals(TargetType.domain.getCode()) && !domainIds.contains(acE.targetId())) {
                    count++;
                    domainIds.add(acE.targetId());
                }
            }
        }
    } else {
        // count objects globally
        this.checkRight(zsc, context, null, getAssociatedRight(countObjectsType));
        count += prov.countObjects(countObjectsType, null, ucService);
    }
    return zsc.jaxbToElement(new CountObjectsResponse(count, countObjectsType.name()));
}
Also used : UCServiceSelector(com.zimbra.soap.admin.type.UCServiceSelector) DomainSelector(com.zimbra.soap.admin.type.DomainSelector) Provisioning(com.zimbra.cs.account.Provisioning) RightCommand(com.zimbra.cs.account.accesscontrol.RightCommand) HashSet(java.util.HashSet) UCService(com.zimbra.cs.account.UCService) CountObjectsRequest(com.zimbra.soap.admin.message.CountObjectsRequest) CountObjectsType(com.zimbra.soap.admin.type.CountObjectsType) AtomicLong(java.util.concurrent.atomic.AtomicLong) AdminRight(com.zimbra.cs.account.accesscontrol.AdminRight) ZimbraSoapContext(com.zimbra.soap.ZimbraSoapContext) DomainBy(com.zimbra.soap.admin.type.DomainSelector.DomainBy) Domain(com.zimbra.cs.account.Domain) CountObjectsResponse(com.zimbra.soap.admin.message.CountObjectsResponse)

Example 9 with UCService

use of com.zimbra.cs.account.UCService in project zm-mailbox by Zimbra.

the class GetAllUCServices method handle.

public Element handle(Element request, Map<String, Object> context) throws ServiceException {
    ZimbraSoapContext zsc = getZimbraSoapContext(context);
    Provisioning prov = Provisioning.getInstance();
    List<UCService> ucServices = prov.getAllUCServices();
    AdminAccessControl aac = AdminAccessControl.getAdminAccessControl(zsc);
    Element response = zsc.createElement(AdminConstants.GET_ALL_UC_SERVICES_RESPONSE);
    for (UCService ucSservice : ucServices) {
        if (aac.hasRightsToList(ucSservice, Admin.R_listUCService, null)) {
            GetUCService.encodeUCService(response, ucSservice, null, aac.getAttrRightChecker(ucSservice));
        }
    }
    return response;
}
Also used : UCService(com.zimbra.cs.account.UCService) ZimbraSoapContext(com.zimbra.soap.ZimbraSoapContext) Element(com.zimbra.common.soap.Element) Provisioning(com.zimbra.cs.account.Provisioning)

Example 10 with UCService

use of com.zimbra.cs.account.UCService in project zm-mailbox by Zimbra.

the class GetUCService method handle.

public Element handle(Element request, Map<String, Object> context) throws ServiceException {
    ZimbraSoapContext zsc = getZimbraSoapContext(context);
    Provisioning prov = Provisioning.getInstance();
    Set<String> reqAttrs = getReqAttrs(request, AttributeClass.ucService);
    Element eUCService = request.getElement(AdminConstants.E_UC_SERVICE);
    String by = eUCService.getAttribute(AdminConstants.A_BY);
    String name = eUCService.getText();
    if (Strings.isNullOrEmpty(name)) {
        throw ServiceException.INVALID_REQUEST("must specify a value for a uc service", null);
    }
    UCService ucService = prov.get(Key.UCServiceBy.fromString(by), name);
    if (ucService == null) {
        throw AccountServiceException.NO_SUCH_UC_SERVICE(name);
    }
    AdminAccessControl aac = checkRight(zsc, context, ucService, AdminRight.PR_ALWAYS_ALLOW);
    // reload the uc service
    prov.reload(ucService);
    Element response = zsc.createElement(AdminConstants.GET_UC_SERVICE_RESPONSE);
    encodeUCService(response, ucService, reqAttrs, aac.getAttrRightChecker(ucService));
    return response;
}
Also used : UCService(com.zimbra.cs.account.UCService) ZimbraSoapContext(com.zimbra.soap.ZimbraSoapContext) Element(com.zimbra.common.soap.Element) Provisioning(com.zimbra.cs.account.Provisioning)

Aggregations

UCService (com.zimbra.cs.account.UCService)14 Provisioning (com.zimbra.cs.account.Provisioning)7 ZimbraSoapContext (com.zimbra.soap.ZimbraSoapContext)7 Element (com.zimbra.common.soap.Element)6 LdapUCService (com.zimbra.cs.account.ldap.entry.LdapUCService)5 ServiceException (com.zimbra.common.service.ServiceException)3 AccountServiceException (com.zimbra.cs.account.AccountServiceException)3 AuthFailedServiceException (com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)3 Domain (com.zimbra.cs.account.Domain)2 Account (com.zimbra.cs.account.Account)1 AlwaysOnCluster (com.zimbra.cs.account.AlwaysOnCluster)1 DynamicGroup (com.zimbra.cs.account.DynamicGroup)1 Group (com.zimbra.cs.account.Group)1 GuestAccount (com.zimbra.cs.account.GuestAccount)1 Server (com.zimbra.cs.account.Server)1 XMPPComponent (com.zimbra.cs.account.XMPPComponent)1 AdminRight (com.zimbra.cs.account.accesscontrol.AdminRight)1 RightCommand (com.zimbra.cs.account.accesscontrol.RightCommand)1 CallbackContext (com.zimbra.cs.account.callback.CallbackContext)1 LdapAccount (com.zimbra.cs.account.ldap.entry.LdapAccount)1