Search in sources :

Example 6 with LdapDynamicGroup

use of com.zimbra.cs.account.ldap.entry.LdapDynamicGroup in project zm-mailbox by Zimbra.

the class GetAccountDistributionLists method handle.

@Override
public Element handle(Element request, Map<String, Object> context) throws ServiceException {
    ZimbraSoapContext zsc = getZimbraSoapContext(context);
    Account acct = getRequestedAccount(zsc);
    Provisioning prov = Provisioning.getInstance();
    if (!canAccessAccount(zsc, acct)) {
        throw ServiceException.PERM_DENIED("can not access account");
    }
    boolean needOwnerOf = request.getAttributeBool(AccountConstants.A_OWNER_OF, false);
    MemberOfSelector needMemberOf = MemberOfSelector.fromString(request.getAttribute(AccountConstants.A_MEMBER_OF, MemberOfSelector.directOnly.name()));
    Iterable<String> needAttrs = Splitter.on(',').trimResults().split(request.getAttribute(AccountConstants.A_ATTRS, ""));
    Set<Group> ownerOf = null;
    List<Group> memberOf = null;
    HashMap<String, String> via = new HashMap<String, String>();
    if (needOwnerOf) {
        ownerOf = Group.GroupOwner.getOwnedGroups(acct);
    }
    if (MemberOfSelector.none != needMemberOf) {
        memberOf = prov.getGroups(acct, MemberOfSelector.directOnly == needMemberOf, via);
    }
    /*
         * merge the two results into one locale-sensitive sorted list
         */
    Set<Entry> combined = Sets.newHashSet();
    Set<String> combinedIds = Sets.newHashSet();
    Set<String> ownerOfGroupIds = Sets.newHashSet();
    Set<String> memberOfGroupIds = Sets.newHashSet();
    if (ownerOf != null) {
        for (Group group : ownerOf) {
            String groupId = group.getId();
            ownerOfGroupIds.add(groupId);
            if (!combinedIds.contains(groupId)) {
                combined.add(group);
                combinedIds.add(groupId);
            }
        }
    }
    if (memberOf != null) {
        for (Group group : memberOf) {
            String groupId = group.getId();
            memberOfGroupIds.add(groupId);
            if (!combinedIds.contains(groupId)) {
                combined.add(group);
                combinedIds.add(groupId);
            }
        }
    }
    // sort it
    List<Entry> sortedGroups = Entry.sortByDisplayName(combined, acct.getLocale());
    Element response = zsc.createElement(AccountConstants.GET_ACCOUNT_DISTRIBUTION_LISTS_RESPONSE);
    for (Entry entry : sortedGroups) {
        Group group = (Group) entry;
        Element eDL = response.addElement(AccountConstants.E_DL);
        eDL.addAttribute(AccountConstants.A_NAME, group.getName());
        if (group.isDynamic()) {
            eDL.addAttribute(AccountConstants.A_REF, ((LdapDynamicGroup) group).getDN());
        } else {
            eDL.addAttribute(AccountConstants.A_REF, ((LdapDistributionList) group).getDN());
        }
        eDL.addAttribute(AccountConstants.A_ID, group.getId());
        eDL.addAttribute(AccountConstants.A_DISPLAY, group.getDisplayName());
        eDL.addAttribute(AccountConstants.A_DYNAMIC, group.isDynamic());
        boolean isOwner = ownerOfGroupIds.contains(group.getId());
        if (needOwnerOf) {
            eDL.addAttribute(AccountConstants.A_IS_OWNER, isOwner);
        }
        if (MemberOfSelector.none != needMemberOf) {
            boolean isMember = memberOfGroupIds.contains(group.getId());
            eDL.addAttribute(AccountConstants.A_IS_MEMBER, isMember);
            if (isMember) {
                String viaDl = via.get(group.getName());
                if (viaDl != null) {
                    eDL.addAttribute(AccountConstants.A_VIA, viaDl);
                }
            }
        }
        Set<String> returnAttrs = GetDistributionList.visibleAttrs(needAttrs, isOwner);
        if (!returnAttrs.isEmpty()) {
            GetDistributionList.encodeAttrs(group, eDL, returnAttrs);
        }
    }
    return response;
}
Also used : Account(com.zimbra.cs.account.Account) LdapDynamicGroup(com.zimbra.cs.account.ldap.entry.LdapDynamicGroup) Group(com.zimbra.cs.account.Group) HashMap(java.util.HashMap) Element(com.zimbra.common.soap.Element) Provisioning(com.zimbra.cs.account.Provisioning) Entry(com.zimbra.cs.account.Entry) MemberOfSelector(com.zimbra.soap.account.type.MemberOfSelector) ZimbraSoapContext(com.zimbra.soap.ZimbraSoapContext)

Example 7 with LdapDynamicGroup

use of com.zimbra.cs.account.ldap.entry.LdapDynamicGroup in project zm-mailbox by Zimbra.

the class CreateDistributionList method handle.

public Element handle(Element request, Map<String, Object> context) throws ServiceException {
    ZimbraSoapContext zsc = getZimbraSoapContext(context);
    Provisioning prov = Provisioning.getInstance();
    Account acct = getAuthenticatedAccount(zsc);
    String name = request.getAttribute(AccountConstants.E_NAME).toLowerCase();
    if (!AccessManager.getInstance().canCreateGroup(acct, name)) {
        throw ServiceException.PERM_DENIED("you do not have sufficient rights to create distribution list");
    }
    Map<String, Object> attrs = AccountService.getKeyValuePairs(request, AccountConstants.E_A, AccountConstants.A_N);
    boolean dynamic = request.getAttributeBool(AccountConstants.A_DYNAMIC, true);
    // creator of the group will automatically become the first owner of the group
    Account creator = getAuthenticatedAccount(zsc);
    Group group = prov.createDelegatedGroup(name, attrs, dynamic, creator);
    ZimbraLog.security.info(ZimbraLog.encodeAttrs(new String[] { "cmd", "CreateDistributionList", "name", name }, attrs));
    Element response = zsc.createElement(AccountConstants.CREATE_DISTRIBUTION_LIST_RESPONSE);
    Element eDL = response.addElement(AccountConstants.E_DL);
    eDL.addAttribute(AccountConstants.A_NAME, group.getName());
    if (group.isDynamic()) {
        eDL.addAttribute(AccountConstants.A_REF, ((LdapDynamicGroup) group).getDN());
    } else {
        eDL.addAttribute(AccountConstants.A_REF, ((LdapDistributionList) group).getDN());
    }
    eDL.addAttribute(AccountConstants.A_ID, group.getId());
    GetDistributionList.encodeAttrs(group, eDL, null);
    return response;
}
Also used : Account(com.zimbra.cs.account.Account) LdapDynamicGroup(com.zimbra.cs.account.ldap.entry.LdapDynamicGroup) Group(com.zimbra.cs.account.Group) ZimbraSoapContext(com.zimbra.soap.ZimbraSoapContext) Element(com.zimbra.common.soap.Element) Provisioning(com.zimbra.cs.account.Provisioning)

Example 8 with LdapDynamicGroup

use of com.zimbra.cs.account.ldap.entry.LdapDynamicGroup in project zm-mailbox by Zimbra.

the class LdapProvisioning method searchDynamicGroupMembers.

/*
     * returns all internal and external member addresses of the DynamicGroup
     */
private List<String> searchDynamicGroupMembers(DynamicGroup group) throws ServiceException {
    if (group.isMembershipDefinedByCustomURL()) {
        throw ServiceException.INVALID_REQUEST("cannot search members to dynamic group with custom memberURL", null);
    }
    final List<String> members = Lists.newArrayList();
    ZLdapContext zlc = null;
    try {
        // always use master to search for dynamic group members
        zlc = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.SEARCH);
        // search internal members
        searchDynamicGroupInternalMemberDeliveryAddresses(zlc, group.getId(), members);
        // add external members
        LdapDynamicGroup.StaticUnit staticUnit = ((LdapDynamicGroup) group).getStaticUnit();
        // need to refresh, the StaticUnit instance updated by add/remove
        // dynamic group members may be the cached instance.
        refreshEntry(staticUnit, zlc);
        for (String extAddr : staticUnit.getMembers()) {
            members.add(extAddr);
        }
    } catch (ServiceException e) {
        ZimbraLog.account.warn("unable to search dynamic group members", e);
    } finally {
        LdapClient.closeContext(zlc);
    }
    return members;
}
Also used : ZLdapContext(com.zimbra.cs.ldap.ZLdapContext) AccountServiceException(com.zimbra.cs.account.AccountServiceException) AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException) ServiceException(com.zimbra.common.service.ServiceException) LdapDynamicGroup(com.zimbra.cs.account.ldap.entry.LdapDynamicGroup)

Example 9 with LdapDynamicGroup

use of com.zimbra.cs.account.ldap.entry.LdapDynamicGroup in project zm-mailbox by Zimbra.

the class TestLdapProvDynamicGroup method memberAttrViaSlapdOverlay.

/*
     * Test member attr, which is populated by OpenLDAP dyngroup overlay
     */
@Test
public void memberAttrViaSlapdOverlay() throws Exception {
    SKIP_FOR_INMEM_LDAP_SERVER(SkipTestReason.DYNAMIC_GROUP_OVERLAY);
    Group group = createDynamicGroup(genGroupNameLocalPart());
    Account acct1 = provUtil.createAccount(genAcctNameLocalPart("1"), domain);
    Account acct2 = provUtil.createAccount(genAcctNameLocalPart("2"), domain);
    prov.addGroupMembers(group, new String[] { acct1.getName(), acct2.getName() });
    group = prov.getGroup(DistributionListBy.id, group.getId());
    String[] memberDNs = group.getMultiAttr(Provisioning.A_member);
    Set<String> expected = Sets.newHashSet(((LdapAccount) acct1).getDN(), ((LdapAccount) acct2).getDN(), // LdapProvisioning.DYNAMIC_GROUP_STATIC_UNIT_NAME
    "cn=external," + ((LdapDynamicGroup) group).getDN());
    Verify.verifyEquals(expected, memberDNs);
}
Also used : DynamicGroup(com.zimbra.cs.account.DynamicGroup) Group(com.zimbra.cs.account.Group) LdapDynamicGroup(com.zimbra.cs.account.ldap.entry.LdapDynamicGroup) LdapAccount(com.zimbra.cs.account.ldap.entry.LdapAccount) GuestAccount(com.zimbra.cs.account.GuestAccount) Account(com.zimbra.cs.account.Account) LdapDynamicGroup(com.zimbra.cs.account.ldap.entry.LdapDynamicGroup) Test(org.junit.Test)

Aggregations

LdapDynamicGroup (com.zimbra.cs.account.ldap.entry.LdapDynamicGroup)9 Account (com.zimbra.cs.account.Account)5 ZLdapContext (com.zimbra.cs.ldap.ZLdapContext)5 HashMap (java.util.HashMap)4 ServiceException (com.zimbra.common.service.ServiceException)3 AccountServiceException (com.zimbra.cs.account.AccountServiceException)3 AuthFailedServiceException (com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)3 Group (com.zimbra.cs.account.Group)3 GuestAccount (com.zimbra.cs.account.GuestAccount)3 LdapAccount (com.zimbra.cs.account.ldap.entry.LdapAccount)3 Element (com.zimbra.common.soap.Element)2 Provisioning (com.zimbra.cs.account.Provisioning)2 ZimbraSoapContext (com.zimbra.soap.ZimbraSoapContext)2 ArrayList (java.util.ArrayList)2 Domain (com.zimbra.cs.account.Domain)1 DynamicGroup (com.zimbra.cs.account.DynamicGroup)1 Entry (com.zimbra.cs.account.Entry)1 LdapDomain (com.zimbra.cs.account.ldap.entry.LdapDomain)1 LdapException (com.zimbra.cs.ldap.LdapException)1 LdapEntryAlreadyExistException (com.zimbra.cs.ldap.LdapException.LdapEntryAlreadyExistException)1