Search in sources :

Example 6 with LdapEntry

use of com.zimbra.cs.account.ldap.entry.LdapEntry in project zm-mailbox by Zimbra.

the class LdapProvisioning method createDataSource.

private DataSource createDataSource(Account account, DataSourceType dsType, String dsName, Map<String, Object> dataSourceAttrs, boolean passwdAlreadyEncrypted, boolean restoring) throws ServiceException {
    removeAttrIgnoreCase("objectclass", dataSourceAttrs);
    LdapEntry ldapEntry = (LdapEntry) (account instanceof LdapEntry ? account : getAccountById(account.getId()));
    if (ldapEntry == null) {
        throw AccountServiceException.NO_SUCH_ACCOUNT(account.getName());
    }
    List<DataSource> existing = getAllDataSources(account);
    if (existing.size() >= account.getLongAttr(A_zimbraDataSourceMaxNumEntries, 20)) {
        throw AccountServiceException.TOO_MANY_DATA_SOURCES();
    }
    String dsEmailAddr = (String) dataSourceAttrs.get(A_zimbraDataSourceEmailAddress);
    if (!StringUtil.isNullOrEmpty(dsEmailAddr)) {
        for (DataSource ds : existing) {
            if (dsEmailAddr.equals(ds.getEmailAddress())) {
                throw AccountServiceException.DATA_SOURCE_EXISTS(dsEmailAddr);
            }
        }
    }
    // must be the same
    dataSourceAttrs.put(A_zimbraDataSourceName, dsName);
    dataSourceAttrs.put(Provisioning.A_zimbraDataSourceType, dsType.toString());
    account.setCachedData(DATA_SOURCE_LIST_CACHE_KEY, null);
    boolean checkImmutable = !restoring;
    CallbackContext callbackContext = new CallbackContext(CallbackContext.Op.CREATE);
    AttributeManager.getInstance().preModify(dataSourceAttrs, null, callbackContext, checkImmutable);
    ZLdapContext zlc = null;
    try {
        zlc = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.CREATE_DATASOURCE);
        String dn = getDataSourceDn(ldapEntry, dsName);
        ZMutableEntry entry = LdapClient.createMutableEntry();
        entry.setDN(dn);
        entry.mapToAttrs(dataSourceAttrs);
        entry.setAttr(A_objectClass, "zimbraDataSource");
        String extraOc = LdapDataSource.getObjectClass(dsType);
        if (extraOc != null) {
            entry.addAttr(A_objectClass, Sets.newHashSet(extraOc));
        }
        String dsId = entry.getAttrString(A_zimbraDataSourceId);
        if (dsId == null) {
            dsId = LdapUtil.generateUUID();
            entry.setAttr(A_zimbraDataSourceId, dsId);
        }
        String password = entry.getAttrString(A_zimbraDataSourcePassword);
        if (password != null) {
            String encrypted = passwdAlreadyEncrypted ? password : DataSource.encryptData(dsId, password);
            entry.setAttr(A_zimbraDataSourcePassword, encrypted);
        }
        String oauthToken = entry.getAttrString(A_zimbraDataSourceOAuthToken);
        if (oauthToken != null) {
            String encrypted = passwdAlreadyEncrypted ? oauthToken : DataSource.encryptData(dsId, oauthToken);
            entry.setAttr(A_zimbraDataSourceOAuthToken, encrypted);
        }
        String clientSecret = entry.getAttrString(A_zimbraDataSourceOAuthClientSecret);
        if (clientSecret != null) {
            String encrypted = passwdAlreadyEncrypted ? clientSecret : DataSource.encryptData(dsId, clientSecret);
            entry.setAttr(A_zimbraDataSourceOAuthClientSecret, encrypted);
        }
        String smtpPassword = entry.getAttrString(A_zimbraDataSourceSmtpAuthPassword);
        if (smtpPassword != null) {
            String encrypted = passwdAlreadyEncrypted ? smtpPassword : DataSource.encryptData(dsId, smtpPassword);
            entry.setAttr(A_zimbraDataSourceSmtpAuthPassword, encrypted);
        }
        entry.setAttr(Provisioning.A_zimbraCreateTimestamp, LdapDateUtil.toGeneralizedTime(new Date()));
        zlc.createEntry(entry);
        DataSource ds = getDataSourceById(ldapEntry, dsId, zlc);
        AttributeManager.getInstance().postModify(dataSourceAttrs, ds, callbackContext);
        return ds;
    } catch (LdapEntryAlreadyExistException nabe) {
        throw AccountServiceException.DATA_SOURCE_EXISTS(dsName);
    } catch (LdapException e) {
        throw e;
    } catch (AccountServiceException e) {
        throw e;
    } catch (ServiceException e) {
        throw ServiceException.FAILURE("unable to create data source: " + dsName, e);
    } finally {
        LdapClient.closeContext(zlc);
    }
}
Also used : ZMutableEntry(com.zimbra.cs.ldap.ZMutableEntry) LdapEntryAlreadyExistException(com.zimbra.cs.ldap.LdapException.LdapEntryAlreadyExistException) ZLdapContext(com.zimbra.cs.ldap.ZLdapContext) LdapEntry(com.zimbra.cs.account.ldap.entry.LdapEntry) Date(java.util.Date) DataSource(com.zimbra.cs.account.DataSource) LdapDataSource(com.zimbra.cs.account.ldap.entry.LdapDataSource) AccountServiceException(com.zimbra.cs.account.AccountServiceException) AccountServiceException(com.zimbra.cs.account.AccountServiceException) AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException) ServiceException(com.zimbra.common.service.ServiceException) CallbackContext(com.zimbra.cs.account.callback.CallbackContext) LdapException(com.zimbra.cs.ldap.LdapException)

Example 7 with LdapEntry

use of com.zimbra.cs.account.ldap.entry.LdapEntry in project zm-mailbox by Zimbra.

the class LdapProvisioning method modifyIdentity.

@Override
public void modifyIdentity(Account account, String identityName, Map<String, Object> identityAttrs) throws ServiceException {
    removeAttrIgnoreCase("objectclass", identityAttrs);
    validateIdentityAttrs(identityAttrs);
    LdapEntry ldapEntry = (LdapEntry) (account instanceof LdapEntry ? account : getAccountById(account.getId()));
    if (ldapEntry == null)
        throw AccountServiceException.NO_SUCH_ACCOUNT(account.getName());
    // clear cache
    account.setCachedData(IDENTITY_LIST_CACHE_KEY, null);
    if (identityName.equalsIgnoreCase(ProvisioningConstants.DEFAULT_IDENTITY_NAME)) {
        modifyAttrs(account, identityAttrs);
    } else {
        LdapIdentity identity = (LdapIdentity) getIdentityByName(ldapEntry, identityName, null);
        if (identity == null)
            throw AccountServiceException.NO_SUCH_IDENTITY(identityName);
        String name = (String) identityAttrs.get(A_zimbraPrefIdentityName);
        boolean newName = (name != null && !name.equals(identityName));
        if (newName)
            identityAttrs.remove(A_zimbraPrefIdentityName);
        modifyAttrs(identity, identityAttrs, true);
        if (newName) {
            // the identity cache could've been loaded again if getAllIdentities were called in pre/poseModify callback, so we clear it again
            account.setCachedData(IDENTITY_LIST_CACHE_KEY, null);
            renameIdentity(ldapEntry, identity, name);
        }
    }
}
Also used : LdapEntry(com.zimbra.cs.account.ldap.entry.LdapEntry) LdapIdentity(com.zimbra.cs.account.ldap.entry.LdapIdentity)

Example 8 with LdapEntry

use of com.zimbra.cs.account.ldap.entry.LdapEntry in project zm-mailbox by Zimbra.

the class TestProvAlias method testRemoveAlias_entryNotExist_aliasNotExist.

//
// D
//
@Test
public void testRemoveAlias_entryNotExist_aliasNotExist() throws Exception {
    String testName = getTestName();
    // create the domain
    String domainName = "EN-AN" + "." + BASE_DOMAIN_NAME;
    domainName = domainName.toLowerCase();
    Map<String, Object> attrs = new HashMap<String, Object>();
    attrs.put(Provisioning.A_zimbraDomainType, Provisioning.DomainType.local.name());
    Domain domain = prov.createDomain(domainName, attrs);
    // create the account
    String acctName = getEmail("acct-1", domainName);
    Account acct = prov.createAccount(acctName, PASSWORD, new HashMap<String, Object>());
    // add an alias to the account
    String aliasName = getEmail("alias-1", domainName);
    prov.addAlias(acct, aliasName);
    // create 2 DLs
    String dl1Name = getEmail("dl-1", domainName);
    DistributionList dl1 = prov.createDistributionList(dl1Name, new HashMap<String, Object>());
    String dl2Name = getEmail("dl-2", domainName);
    DistributionList dl2 = prov.createDistributionList(dl2Name, new HashMap<String, Object>());
    // add the alias to the two DLs
    prov.addMembers(dl1, new String[] { aliasName });
    prov.addMembers(dl2, new String[] { aliasName });
    // now, hack it to delete the alias entry
    {
        List<NamedEntry> aliases = searchAliasesInDomain(domain);
        assertEquals(aliases.size(), 1);
        LdapEntry ldapAlias = (LdapEntry) aliases.get(0);
        String aliasDn = ldapAlias.getDN();
        ((LdapProv) prov).getHelper().deleteEntry(aliasDn, LdapUsage.UNITTEST);
    }
    Account nonExistingAcct = null;
    // remove the alias
    // we should *not* get a NO_SUCH_ALIAS exception
    prov.removeAlias(nonExistingAcct, aliasName);
    // reload all entries
    prov.reload(acct);
    prov.reload(dl1);
    prov.reload(dl2);
    Set<String> values;
    // ensure the alias is still on the account's mail/zimbraMailAlias attrs
    values = acct.getMultiAttrSet(Provisioning.A_mail);
    assertTrue(values.contains(aliasName));
    values = acct.getMultiAttrSet(Provisioning.A_zimbraMailAlias);
    assertTrue(values.contains(aliasName));
    // ensure the alias is removed from all the DLs
    values = dl1.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
    assertFalse(values.contains(aliasName));
    values = dl2.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
    assertFalse(values.contains(aliasName));
    // ensure the alias entry is removed (should have been removed when we hacked to unbind it)
    List<NamedEntry> aliases = searchAliasesInDomain(domain);
    assertEquals(aliases.size(), 0);
}
Also used : Account(com.zimbra.cs.account.Account) HashMap(java.util.HashMap) LdapEntry(com.zimbra.cs.account.ldap.entry.LdapEntry) LdapProv(com.zimbra.cs.account.ldap.LdapProv) NamedEntry(com.zimbra.cs.account.NamedEntry) DistributionList(com.zimbra.cs.account.DistributionList) List(java.util.List) Domain(com.zimbra.cs.account.Domain) DistributionList(com.zimbra.cs.account.DistributionList)

Example 9 with LdapEntry

use of com.zimbra.cs.account.ldap.entry.LdapEntry in project zm-mailbox by Zimbra.

the class TestProvAlias method testRemoveAlias_entryNotExist_aliasExist_aliasPointToNonExistEntry.

//
// C - alias points to a non-existing entry
//
@Test
public void testRemoveAlias_entryNotExist_aliasExist_aliasPointToNonExistEntry() throws Exception {
    String testName = getTestName();
    // create the domain
    String domainName = "EN-AE-aliasPointToNonExistEntry" + "." + BASE_DOMAIN_NAME;
    domainName = domainName.toLowerCase();
    Map<String, Object> attrs = new HashMap<String, Object>();
    attrs.put(Provisioning.A_zimbraDomainType, Provisioning.DomainType.local.name());
    Domain domain = prov.createDomain(domainName, attrs);
    // create the account
    String acctName = getEmail("acct-1", domainName);
    Account acct = prov.createAccount(acctName, PASSWORD, new HashMap<String, Object>());
    // add an alias to the account
    String aliasName = getEmail("alias-1", domainName);
    prov.addAlias(acct, aliasName);
    // create 2 DLs
    String dl1Name = getEmail("dl-1", domainName);
    DistributionList dl1 = prov.createDistributionList(dl1Name, new HashMap<String, Object>());
    String dl2Name = getEmail("dl-2", domainName);
    DistributionList dl2 = prov.createDistributionList(dl2Name, new HashMap<String, Object>());
    // add the alias to the two DLs
    prov.addMembers(dl1, new String[] { aliasName });
    prov.addMembers(dl2, new String[] { aliasName });
    // now, hack it so the alias points to a non-existing entry
    {
        Map<String, Object> attributes = new HashMap<String, Object>();
        attributes.put(Provisioning.A_zimbraAliasTargetId, LdapUtil.generateUUID());
        List<NamedEntry> aliases = searchAliasesInDomain(domain);
        assertEquals(aliases.size(), 1);
        LdapEntry ldapAlias = (LdapEntry) aliases.get(0);
        ((LdapProv) prov).getHelper().modifyEntry(ldapAlias.getDN(), attributes, (Entry) ldapAlias, LdapUsage.UNITTEST);
    }
    Account nonExistingAcct = null;
    // remove the alias, on a "not found" account, and the alias is pointing to a non-existing entry
    // we should *not* get the NO_SUCH_ALIAS exception
    prov.removeAlias(nonExistingAcct, aliasName);
    // reload all entries
    prov.reload(acct);
    prov.reload(dl1);
    prov.reload(dl2);
    Set<String> values;
    // ensure the alias is still on the account's mail/zimbraMailAlias attrs
    // because there is no ref to this account so there is no way to remove them
    // (note, to remove them, A - aliasPointToNonExistEntry is the test for this)
    values = acct.getMultiAttrSet(Provisioning.A_mail);
    assertTrue(values.contains(aliasName));
    values = acct.getMultiAttrSet(Provisioning.A_zimbraMailAlias);
    assertTrue(values.contains(aliasName));
    // ensure the alias is removed from all the DLs
    values = dl1.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
    assertFalse(values.contains(aliasName));
    values = dl2.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
    assertFalse(values.contains(aliasName));
    // ensure the alias entry is removed
    List<NamedEntry> aliases = searchAliasesInDomain(domain);
    assertEquals(aliases.size(), 0);
}
Also used : Account(com.zimbra.cs.account.Account) HashMap(java.util.HashMap) LdapEntry(com.zimbra.cs.account.ldap.entry.LdapEntry) LdapProv(com.zimbra.cs.account.ldap.LdapProv) NamedEntry(com.zimbra.cs.account.NamedEntry) NamedEntry(com.zimbra.cs.account.NamedEntry) CacheEntry(com.zimbra.cs.account.Provisioning.CacheEntry) Entry(com.zimbra.cs.account.Entry) LdapEntry(com.zimbra.cs.account.ldap.entry.LdapEntry) DistributionList(com.zimbra.cs.account.DistributionList) List(java.util.List) Domain(com.zimbra.cs.account.Domain) HashMap(java.util.HashMap) Map(java.util.Map) DistributionList(com.zimbra.cs.account.DistributionList)

Example 10 with LdapEntry

use of com.zimbra.cs.account.ldap.entry.LdapEntry in project zm-mailbox by Zimbra.

the class TestProvAlias method testCreateAlias_aliasExistAndDangling.

/*
     * test adding an alias to account but the alias is "dangling"
     * i.e. the alias entry exists but points to a non-existing entry
     * 
     * The dangling alias should be removed then recreated and then added to the account
     */
@Test
public void testCreateAlias_aliasExistAndDangling() throws Exception {
    String testName = getTestName();
    // create the domain
    String domainName = underscoreToHyphen(testName) + "." + BASE_DOMAIN_NAME;
    domainName = domainName.toLowerCase();
    Map<String, Object> attrs = new HashMap<String, Object>();
    attrs.put(Provisioning.A_zimbraDomainType, Provisioning.DomainType.local.name());
    Domain domain = prov.createDomain(domainName, attrs);
    // create the account
    String acctName = getEmail("acct-1", domainName);
    Account acct = prov.createAccount(acctName, PASSWORD, new HashMap<String, Object>());
    // add an alias to the account
    String aliasName = getEmail("alias-1", domainName);
    prov.addAlias(acct, aliasName);
    // remember the zimbraId of the alias entry
    List<NamedEntry> aliases = searchAliasesInDomain(domain);
    assertEquals(aliases.size(), 1);
    String origZimbraIdOfAlias = aliases.get(0).getId();
    // create 2 DLs
    String dl1Name = getEmail("dl-1", domainName);
    DistributionList dl1 = prov.createDistributionList(dl1Name, new HashMap<String, Object>());
    String dl2Name = getEmail("dl-2", domainName);
    DistributionList dl2 = prov.createDistributionList(dl2Name, new HashMap<String, Object>());
    // add the alias to the two DLs
    prov.addMembers(dl1, new String[] { aliasName });
    prov.addMembers(dl2, new String[] { aliasName });
    // now, hack it to delete the orig account entry
    {
        LdapEntry ldapAccount = (LdapEntry) acct;
        ((LdapProv) prov).getHelper().deleteEntry(ldapAccount.getDN(), LdapUsage.UNITTEST);
    }
    // now , try to add the alias to another account
    String otherAcctName = getEmail("acct-other", domainName);
    Account otherAcct = prov.createAccount(otherAcctName, PASSWORD, new HashMap<String, Object>());
    prov.addAlias(otherAcct, aliasName);
    // reload all entries
    // mProv.reload(acct); this account should be gone already
    prov.reload(otherAcct);
    prov.reload(dl1);
    prov.reload(dl2);
    Set<String> values;
    // ensure the alias is added to the other account
    values = acct.getMultiAttrSet(Provisioning.A_mail);
    assertTrue(values.contains(aliasName));
    values = acct.getMultiAttrSet(Provisioning.A_zimbraMailAlias);
    assertTrue(values.contains(aliasName));
    // ensure the alias is removed from all the DLs
    values = dl1.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
    assertFalse(values.contains(aliasName));
    values = dl2.getMultiAttrSet(Provisioning.A_zimbraMailForwardingAddress);
    assertFalse(values.contains(aliasName));
    // ensure the alias entry is is recreated (by verifing that it's got a diff zimbraId)
    aliases = searchAliasesInDomain(domain);
    assertEquals(aliases.size(), 1);
    assertFalse(aliases.get(0).getId().equals(origZimbraIdOfAlias));
}
Also used : Account(com.zimbra.cs.account.Account) HashMap(java.util.HashMap) LdapEntry(com.zimbra.cs.account.ldap.entry.LdapEntry) LdapProv(com.zimbra.cs.account.ldap.LdapProv) NamedEntry(com.zimbra.cs.account.NamedEntry) Domain(com.zimbra.cs.account.Domain) DistributionList(com.zimbra.cs.account.DistributionList)

Aggregations

LdapEntry (com.zimbra.cs.account.ldap.entry.LdapEntry)22 ServiceException (com.zimbra.common.service.ServiceException)15 AccountServiceException (com.zimbra.cs.account.AccountServiceException)15 AuthFailedServiceException (com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)12 Account (com.zimbra.cs.account.Account)10 ZLdapContext (com.zimbra.cs.ldap.ZLdapContext)10 DistributionList (com.zimbra.cs.account.DistributionList)9 Domain (com.zimbra.cs.account.Domain)9 HashMap (java.util.HashMap)9 NamedEntry (com.zimbra.cs.account.NamedEntry)7 List (java.util.List)7 LdapProv (com.zimbra.cs.account.ldap.LdapProv)6 LdapException (com.zimbra.cs.ldap.LdapException)5 LdapEntryAlreadyExistException (com.zimbra.cs.ldap.LdapException.LdapEntryAlreadyExistException)5 GuestAccount (com.zimbra.cs.account.GuestAccount)4 Signature (com.zimbra.cs.account.Signature)4 LdapAccount (com.zimbra.cs.account.ldap.entry.LdapAccount)4 LdapDataSource (com.zimbra.cs.account.ldap.entry.LdapDataSource)4 LdapIdentity (com.zimbra.cs.account.ldap.entry.LdapIdentity)4 LdapSignature (com.zimbra.cs.account.ldap.entry.LdapSignature)4