use of com.zimbra.cs.account.ldap.entry.LdapDynamicGroup in project zm-mailbox by Zimbra.
the class GetAccountDistributionLists method handle.
@Override
public Element handle(Element request, Map<String, Object> context) throws ServiceException {
ZimbraSoapContext zsc = getZimbraSoapContext(context);
Account acct = getRequestedAccount(zsc);
Provisioning prov = Provisioning.getInstance();
if (!canAccessAccount(zsc, acct)) {
throw ServiceException.PERM_DENIED("can not access account");
}
boolean needOwnerOf = request.getAttributeBool(AccountConstants.A_OWNER_OF, false);
MemberOfSelector needMemberOf = MemberOfSelector.fromString(request.getAttribute(AccountConstants.A_MEMBER_OF, MemberOfSelector.directOnly.name()));
Iterable<String> needAttrs = Splitter.on(',').trimResults().split(request.getAttribute(AccountConstants.A_ATTRS, ""));
Set<Group> ownerOf = null;
List<Group> memberOf = null;
HashMap<String, String> via = new HashMap<String, String>();
if (needOwnerOf) {
ownerOf = Group.GroupOwner.getOwnedGroups(acct);
}
if (MemberOfSelector.none != needMemberOf) {
memberOf = prov.getGroups(acct, MemberOfSelector.directOnly == needMemberOf, via);
}
/*
* merge the two results into one locale-sensitive sorted list
*/
Set<Entry> combined = Sets.newHashSet();
Set<String> combinedIds = Sets.newHashSet();
Set<String> ownerOfGroupIds = Sets.newHashSet();
Set<String> memberOfGroupIds = Sets.newHashSet();
if (ownerOf != null) {
for (Group group : ownerOf) {
String groupId = group.getId();
ownerOfGroupIds.add(groupId);
if (!combinedIds.contains(groupId)) {
combined.add(group);
combinedIds.add(groupId);
}
}
}
if (memberOf != null) {
for (Group group : memberOf) {
String groupId = group.getId();
memberOfGroupIds.add(groupId);
if (!combinedIds.contains(groupId)) {
combined.add(group);
combinedIds.add(groupId);
}
}
}
// sort it
List<Entry> sortedGroups = Entry.sortByDisplayName(combined, acct.getLocale());
Element response = zsc.createElement(AccountConstants.GET_ACCOUNT_DISTRIBUTION_LISTS_RESPONSE);
for (Entry entry : sortedGroups) {
Group group = (Group) entry;
Element eDL = response.addElement(AccountConstants.E_DL);
eDL.addAttribute(AccountConstants.A_NAME, group.getName());
if (group.isDynamic()) {
eDL.addAttribute(AccountConstants.A_REF, ((LdapDynamicGroup) group).getDN());
} else {
eDL.addAttribute(AccountConstants.A_REF, ((LdapDistributionList) group).getDN());
}
eDL.addAttribute(AccountConstants.A_ID, group.getId());
eDL.addAttribute(AccountConstants.A_DISPLAY, group.getDisplayName());
eDL.addAttribute(AccountConstants.A_DYNAMIC, group.isDynamic());
boolean isOwner = ownerOfGroupIds.contains(group.getId());
if (needOwnerOf) {
eDL.addAttribute(AccountConstants.A_IS_OWNER, isOwner);
}
if (MemberOfSelector.none != needMemberOf) {
boolean isMember = memberOfGroupIds.contains(group.getId());
eDL.addAttribute(AccountConstants.A_IS_MEMBER, isMember);
if (isMember) {
String viaDl = via.get(group.getName());
if (viaDl != null) {
eDL.addAttribute(AccountConstants.A_VIA, viaDl);
}
}
}
Set<String> returnAttrs = GetDistributionList.visibleAttrs(needAttrs, isOwner);
if (!returnAttrs.isEmpty()) {
GetDistributionList.encodeAttrs(group, eDL, returnAttrs);
}
}
return response;
}
use of com.zimbra.cs.account.ldap.entry.LdapDynamicGroup in project zm-mailbox by Zimbra.
the class CreateDistributionList method handle.
public Element handle(Element request, Map<String, Object> context) throws ServiceException {
ZimbraSoapContext zsc = getZimbraSoapContext(context);
Provisioning prov = Provisioning.getInstance();
Account acct = getAuthenticatedAccount(zsc);
String name = request.getAttribute(AccountConstants.E_NAME).toLowerCase();
if (!AccessManager.getInstance().canCreateGroup(acct, name)) {
throw ServiceException.PERM_DENIED("you do not have sufficient rights to create distribution list");
}
Map<String, Object> attrs = AccountService.getKeyValuePairs(request, AccountConstants.E_A, AccountConstants.A_N);
boolean dynamic = request.getAttributeBool(AccountConstants.A_DYNAMIC, true);
// creator of the group will automatically become the first owner of the group
Account creator = getAuthenticatedAccount(zsc);
Group group = prov.createDelegatedGroup(name, attrs, dynamic, creator);
ZimbraLog.security.info(ZimbraLog.encodeAttrs(new String[] { "cmd", "CreateDistributionList", "name", name }, attrs));
Element response = zsc.createElement(AccountConstants.CREATE_DISTRIBUTION_LIST_RESPONSE);
Element eDL = response.addElement(AccountConstants.E_DL);
eDL.addAttribute(AccountConstants.A_NAME, group.getName());
if (group.isDynamic()) {
eDL.addAttribute(AccountConstants.A_REF, ((LdapDynamicGroup) group).getDN());
} else {
eDL.addAttribute(AccountConstants.A_REF, ((LdapDistributionList) group).getDN());
}
eDL.addAttribute(AccountConstants.A_ID, group.getId());
GetDistributionList.encodeAttrs(group, eDL, null);
return response;
}
use of com.zimbra.cs.account.ldap.entry.LdapDynamicGroup in project zm-mailbox by Zimbra.
the class LdapProvisioning method searchDynamicGroupMembers.
/*
* returns all internal and external member addresses of the DynamicGroup
*/
private List<String> searchDynamicGroupMembers(DynamicGroup group) throws ServiceException {
if (group.isMembershipDefinedByCustomURL()) {
throw ServiceException.INVALID_REQUEST("cannot search members to dynamic group with custom memberURL", null);
}
final List<String> members = Lists.newArrayList();
ZLdapContext zlc = null;
try {
// always use master to search for dynamic group members
zlc = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.SEARCH);
// search internal members
searchDynamicGroupInternalMemberDeliveryAddresses(zlc, group.getId(), members);
// add external members
LdapDynamicGroup.StaticUnit staticUnit = ((LdapDynamicGroup) group).getStaticUnit();
// need to refresh, the StaticUnit instance updated by add/remove
// dynamic group members may be the cached instance.
refreshEntry(staticUnit, zlc);
for (String extAddr : staticUnit.getMembers()) {
members.add(extAddr);
}
} catch (ServiceException e) {
ZimbraLog.account.warn("unable to search dynamic group members", e);
} finally {
LdapClient.closeContext(zlc);
}
return members;
}
use of com.zimbra.cs.account.ldap.entry.LdapDynamicGroup in project zm-mailbox by Zimbra.
the class TestLdapProvDynamicGroup method memberAttrViaSlapdOverlay.
/*
* Test member attr, which is populated by OpenLDAP dyngroup overlay
*/
@Test
public void memberAttrViaSlapdOverlay() throws Exception {
SKIP_FOR_INMEM_LDAP_SERVER(SkipTestReason.DYNAMIC_GROUP_OVERLAY);
Group group = createDynamicGroup(genGroupNameLocalPart());
Account acct1 = provUtil.createAccount(genAcctNameLocalPart("1"), domain);
Account acct2 = provUtil.createAccount(genAcctNameLocalPart("2"), domain);
prov.addGroupMembers(group, new String[] { acct1.getName(), acct2.getName() });
group = prov.getGroup(DistributionListBy.id, group.getId());
String[] memberDNs = group.getMultiAttr(Provisioning.A_member);
Set<String> expected = Sets.newHashSet(((LdapAccount) acct1).getDN(), ((LdapAccount) acct2).getDN(), // LdapProvisioning.DYNAMIC_GROUP_STATIC_UNIT_NAME
"cn=external," + ((LdapDynamicGroup) group).getDN());
Verify.verifyEquals(expected, memberDNs);
}
Aggregations