Example 11 with LdapEntry
use of com.zimbra.cs.account.ldap.entry.LdapEntry in project zm-mailbox by Zimbra.
the class LdapProvisioning method createIdentity.
private Identity createIdentity(Account account, String identityName, Map<String, Object> identityAttrs, boolean restoring) throws ServiceException {
removeAttrIgnoreCase("objectclass", identityAttrs);
validateIdentityAttrs(identityAttrs);
LdapEntry ldapEntry = (LdapEntry) (account instanceof LdapEntry ? account : getAccountById(account.getId()));
if (ldapEntry == null)
throw AccountServiceException.NO_SUCH_ACCOUNT(account.getName());
if (identityName.equalsIgnoreCase(ProvisioningConstants.DEFAULT_IDENTITY_NAME))
throw AccountServiceException.IDENTITY_EXISTS(identityName);
List<Identity> existing = getAllIdentities(account);
if (existing.size() >= account.getLongAttr(A_zimbraIdentityMaxNumEntries, 20))
throw AccountServiceException.TOO_MANY_IDENTITIES();
account.setCachedData(IDENTITY_LIST_CACHE_KEY, null);
boolean checkImmutable = !restoring;
CallbackContext callbackContext = new CallbackContext(CallbackContext.Op.CREATE);
AttributeManager.getInstance().preModify(identityAttrs, null, callbackContext, checkImmutable);
ZLdapContext zlc = null;
try {
zlc = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.CREATE_IDENTITY);
String dn = getIdentityDn(ldapEntry, identityName);
ZMutableEntry entry = LdapClient.createMutableEntry();
entry.setDN(dn);
entry.mapToAttrs(identityAttrs);
entry.setAttr(A_objectClass, "zimbraIdentity");
if (!entry.hasAttribute(A_zimbraPrefIdentityId)) {
String identityId = LdapUtil.generateUUID();
entry.setAttr(A_zimbraPrefIdentityId, identityId);
}
entry.setAttr(Provisioning.A_zimbraCreateTimestamp, LdapDateUtil.toGeneralizedTime(new Date()));
zlc.createEntry(entry);
Identity identity = getIdentityByName(ldapEntry, identityName, zlc);
AttributeManager.getInstance().postModify(identityAttrs, identity, callbackContext);
return identity;
} catch (LdapEntryAlreadyExistException nabe) {
throw AccountServiceException.IDENTITY_EXISTS(identityName);
} catch (LdapException e) {
throw e;
} catch (AccountServiceException e) {
throw e;
} catch (ServiceException e) {
throw ServiceException.FAILURE("unable to create identity " + identityName, e);
} finally {
LdapClient.closeContext(zlc);
}
}
Also used :
ZMutableEntry(com.zimbra.cs.ldap.ZMutableEntry)
LdapEntryAlreadyExistException(com.zimbra.cs.ldap.LdapException.LdapEntryAlreadyExistException)
ZLdapContext(com.zimbra.cs.ldap.ZLdapContext)
LdapEntry(com.zimbra.cs.account.ldap.entry.LdapEntry)
Date(java.util.Date)
AccountServiceException(com.zimbra.cs.account.AccountServiceException)
AccountServiceException(com.zimbra.cs.account.AccountServiceException)
AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)
ServiceException(com.zimbra.common.service.ServiceException)
CallbackContext(com.zimbra.cs.account.callback.CallbackContext)
LdapIdentity(com.zimbra.cs.account.ldap.entry.LdapIdentity)
Identity(com.zimbra.cs.account.Identity)
LdapException(com.zimbra.cs.ldap.LdapException)
Example 12 with LdapEntry
use of com.zimbra.cs.account.ldap.entry.LdapEntry in project zm-mailbox by Zimbra.
the class LdapProvisioning method getAllDataSources.
@Override
public List<DataSource> getAllDataSources(Account account) throws ServiceException {
@SuppressWarnings("unchecked") List<DataSource> result = (List<DataSource>) account.getCachedData(DATA_SOURCE_LIST_CACHE_KEY);
if (result != null) {
return result;
}
LdapEntry ldapEntry = (LdapEntry) (account instanceof LdapEntry ? account : getAccountById(account.getId()));
if (ldapEntry == null)
throw AccountServiceException.NO_SUCH_ACCOUNT(account.getName());
result = getDataSourcesByQuery(ldapEntry, filterFactory.allDataSources(), null);
result = Collections.unmodifiableList(result);
account.setCachedData(DATA_SOURCE_LIST_CACHE_KEY, result);
return result;
}
Also used :
LdapDistributionList(com.zimbra.cs.account.ldap.entry.LdapDistributionList)
ArrayList(java.util.ArrayList)
List(java.util.List)
DistributionList(com.zimbra.cs.account.DistributionList)
LdapEntry(com.zimbra.cs.account.ldap.entry.LdapEntry)
DataSource(com.zimbra.cs.account.DataSource)
LdapDataSource(com.zimbra.cs.account.ldap.entry.LdapDataSource)
Example 13 with LdapEntry
use of com.zimbra.cs.account.ldap.entry.LdapEntry in project zm-mailbox by Zimbra.
the class LdapProvisioning method deleteSignature.
@Override
public void deleteSignature(Account account, String signatureId) throws ServiceException {
LdapEntry ldapEntry = (LdapEntry) (account instanceof LdapEntry ? account : getAccountById(account.getId()));
if (ldapEntry == null)
throw AccountServiceException.NO_SUCH_ACCOUNT(account.getName());
account.setCachedData(SIGNATURE_LIST_CACHE_KEY, null);
if (LdapSignature.isAccountSignature(account, signatureId)) {
LdapSignature.deleteAccountSignature(this, account);
} else {
ZLdapContext zlc = null;
try {
zlc = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.DELETE_SIGNATURE);
Signature signature = getSignatureById(account, ldapEntry, signatureId, zlc);
if (signature == null)
throw AccountServiceException.NO_SUCH_SIGNATURE(signatureId);
String dn = getSignatureDn(ldapEntry, signature.getName());
zlc.deleteEntry(dn);
} catch (ServiceException e) {
throw ServiceException.FAILURE("unable to delete signarure: " + signatureId, e);
} finally {
LdapClient.closeContext(zlc);
}
}
if (signatureId.equals(account.getPrefDefaultSignatureId())) {
account.unsetPrefDefaultSignatureId();
}
}
Also used :
ZLdapContext(com.zimbra.cs.ldap.ZLdapContext)
AccountServiceException(com.zimbra.cs.account.AccountServiceException)
AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)
ServiceException(com.zimbra.common.service.ServiceException)
Signature(com.zimbra.cs.account.Signature)
LdapSignature(com.zimbra.cs.account.ldap.entry.LdapSignature)
LdapEntry(com.zimbra.cs.account.ldap.entry.LdapEntry)
Example 14 with LdapEntry
use of com.zimbra.cs.account.ldap.entry.LdapEntry in project zm-mailbox by Zimbra.
the class LdapProvisioning method renameAccount.
@Override
public void renameAccount(String zimbraId, String newName) throws ServiceException {
newName = IDNUtil.toAsciiEmail(newName);
validEmailAddress(newName);
ZLdapContext zlc = null;
Account acct = getAccountById(zimbraId, zlc, true);
// prune cache
accountCache.remove(acct);
LdapEntry entry = (LdapEntry) acct;
if (acct == null)
throw AccountServiceException.NO_SUCH_ACCOUNT(zimbraId);
String oldEmail = acct.getName();
boolean domainChanged = false;
Account oldAccount = acct;
try {
zlc = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.RENAME_ACCOUNT);
String oldDn = entry.getDN();
String[] parts = EmailUtil.getLocalPartAndDomain(oldEmail);
String oldLocal = parts[0];
String oldDomain = parts[1];
newName = newName.toLowerCase().trim();
parts = EmailUtil.getLocalPartAndDomain(newName);
if (parts == null) {
throw ServiceException.INVALID_REQUEST("bad value for newName", null);
}
String newLocal = parts[0];
String newDomain = parts[1];
Domain domain = getDomainByAsciiName(newDomain, zlc);
if (domain == null) {
throw AccountServiceException.NO_SUCH_DOMAIN(newDomain);
}
domainChanged = !newDomain.equals(oldDomain);
if (domainChanged) {
validate(ProvisioningValidator.RENAME_ACCOUNT, newName, acct.getMultiAttr(Provisioning.A_objectClass, false), acct.getAttrs(false));
validate(ProvisioningValidator.RENAME_ACCOUNT_CHECK_DOMAIN_COS_AND_FEATURE, newName, acct.getAttrs(false));
// make sure the new domain is a local domain
if (!domain.isLocal()) {
throw ServiceException.INVALID_REQUEST("domain type must be local", null);
}
}
String newDn = mDIT.accountDNRename(oldDn, newLocal, domain.getName());
boolean dnChanged = (!newDn.equals(oldDn));
Map<String, Object> newAttrs = acct.getAttrs(false);
if (dnChanged) {
// uid will be changed during renameEntry, so no need to modify it
// OpenLDAP is OK modifying it, as long as it matches the new DN, but
// InMemoryDirectoryServer does not like it.
newAttrs.remove(Provisioning.A_uid);
} else {
newAttrs.put(Provisioning.A_uid, newLocal);
}
newAttrs.put(Provisioning.A_zimbraMailDeliveryAddress, newName);
if (oldEmail.equals(newAttrs.get(Provisioning.A_zimbraPrefFromAddress))) {
newAttrs.put(Provisioning.A_zimbraPrefFromAddress, newName);
}
ReplaceAddressResult replacedMails = replaceMailAddresses(acct, Provisioning.A_mail, oldEmail, newName);
if (replacedMails.newAddrs().length == 0) {
// Set mail to newName if the account currently does not have a mail
newAttrs.put(Provisioning.A_mail, newName);
} else {
newAttrs.put(Provisioning.A_mail, replacedMails.newAddrs());
}
ReplaceAddressResult replacedAliases = replaceMailAddresses(acct, Provisioning.A_zimbraMailAlias, oldEmail, newName);
if (replacedAliases.newAddrs().length > 0) {
newAttrs.put(Provisioning.A_zimbraMailAlias, replacedAliases.newAddrs());
String newDomainDN = mDIT.domainToAccountSearchDN(newDomain);
String[] aliasNewAddrs = replacedAliases.newAddrs();
// (if domain also got changed)
if (domainChanged && addressExistsUnderDN(zlc, newDomainDN, aliasNewAddrs)) {
throw AccountServiceException.ALIAS_EXISTS(Arrays.toString(aliasNewAddrs));
}
// it won't be caught by the above check, do a separate check.
for (int i = 0; i < aliasNewAddrs.length; i++) {
if (newName.equalsIgnoreCase(aliasNewAddrs[i])) {
throw AccountServiceException.ACCOUNT_EXISTS(newName);
}
}
}
ReplaceAddressResult replacedAllowAddrForDelegatedSender = replaceMailAddresses(acct, Provisioning.A_zimbraPrefAllowAddressForDelegatedSender, oldEmail, newName);
if (replacedAllowAddrForDelegatedSender.newAddrs().length > 0) {
newAttrs.put(Provisioning.A_zimbraPrefAllowAddressForDelegatedSender, replacedAllowAddrForDelegatedSender.newAddrs());
}
if (newAttrs.get(Provisioning.A_displayName) == null && oldLocal.equals(newAttrs.get(Provisioning.A_cn)))
newAttrs.put(Provisioning.A_cn, newLocal);
if (dnChanged) {
zlc.renameEntry(oldDn, newDn);
// re-get the acct object, make sure we don't get it from cache
// Note: this account object contains the old address, it should never
// be cached
acct = getAccountByQuery(mDIT.mailBranchBaseDN(), filterFactory.accountById(zimbraId), zlc, true);
if (acct == null) {
throw ServiceException.FAILURE("cannot find account by id after modrdn", null);
}
}
// rename the account and all it's renamed aliases to the new name in all
// distribution lists. Doesn't throw exceptions, just logs
renameAddressesInAllDistributionLists(oldEmail, newName, replacedAliases);
// doesn't throw exceptions, just logs
if (domainChanged) {
moveAliases(zlc, replacedAliases, newDomain, null, oldDn, newDn, oldDomain, newDomain);
}
modifyLdapAttrs(acct, zlc, newAttrs);
// re-get the account again, now attrs contains new addrs
acct = getAccountByQuery(mDIT.mailBranchBaseDN(), filterFactory.accountById(zimbraId), zlc, true);
if (acct == null) {
throw ServiceException.FAILURE("cannot find account by id after modrdn", null);
}
removeExternalAddrsFromAllDynamicGroups(acct.getAllAddrsSet(), zlc);
} catch (LdapEntryAlreadyExistException nabe) {
throw AccountServiceException.ACCOUNT_EXISTS(newName);
} catch (LdapException e) {
throw e;
} catch (AccountServiceException e) {
throw e;
} catch (ServiceException e) {
throw ServiceException.FAILURE("unable to rename account: " + newName, e);
} finally {
LdapClient.closeContext(zlc);
// prune cache
accountCache.remove(oldAccount);
}
// reload it to cache using the master, bug 45736
Account renamedAcct = getAccountById(zimbraId, null, true);
if (domainChanged) {
PermissionCache.invalidateCache(renamedAcct);
}
}
Also used :
Account(com.zimbra.cs.account.Account)
GuestAccount(com.zimbra.cs.account.GuestAccount)
LdapAccount(com.zimbra.cs.account.ldap.entry.LdapAccount)
LdapEntryAlreadyExistException(com.zimbra.cs.ldap.LdapException.LdapEntryAlreadyExistException)
ZLdapContext(com.zimbra.cs.ldap.ZLdapContext)
LdapEntry(com.zimbra.cs.account.ldap.entry.LdapEntry)
AccountServiceException(com.zimbra.cs.account.AccountServiceException)
AccountServiceException(com.zimbra.cs.account.AccountServiceException)
AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)
ServiceException(com.zimbra.common.service.ServiceException)
LdapDomain(com.zimbra.cs.account.ldap.entry.LdapDomain)
Domain(com.zimbra.cs.account.Domain)
LdapException(com.zimbra.cs.ldap.LdapException)
Example 15 with LdapEntry
use of com.zimbra.cs.account.ldap.entry.LdapEntry in project zm-mailbox by Zimbra.
the class LdapProvisioning method deleteDataSource.
@Override
public void deleteDataSource(Account account, String dataSourceId) throws ServiceException {
LdapEntry ldapEntry = (LdapEntry) (account instanceof LdapEntry ? account : getAccountById(account.getId()));
if (ldapEntry == null)
throw AccountServiceException.NO_SUCH_ACCOUNT(account.getName());
account.setCachedData(DATA_SOURCE_LIST_CACHE_KEY, null);
ZLdapContext zlc = null;
try {
zlc = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.DELETE_DATASOURCE);
DataSource dataSource = getDataSourceById(ldapEntry, dataSourceId, zlc);
if (dataSource == null)
throw AccountServiceException.NO_SUCH_DATA_SOURCE(dataSourceId);
String dn = getDataSourceDn(ldapEntry, dataSource.getName());
zlc.deleteEntry(dn);
} catch (ServiceException e) {
throw ServiceException.FAILURE("unable to delete data source: " + dataSourceId, e);
} finally {
LdapClient.closeContext(zlc);
}
}
Also used :
ZLdapContext(com.zimbra.cs.ldap.ZLdapContext)
AccountServiceException(com.zimbra.cs.account.AccountServiceException)
AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)
ServiceException(com.zimbra.common.service.ServiceException)
LdapEntry(com.zimbra.cs.account.ldap.entry.LdapEntry)
DataSource(com.zimbra.cs.account.DataSource)
LdapDataSource(com.zimbra.cs.account.ldap.entry.LdapDataSource)
Aggregations
LdapEntry (com.zimbra.cs.account.ldap.entry.LdapEntry)22
ServiceException (com.zimbra.common.service.ServiceException)15
AccountServiceException (com.zimbra.cs.account.AccountServiceException)15
AuthFailedServiceException (com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)12
Account (com.zimbra.cs.account.Account)10
ZLdapContext (com.zimbra.cs.ldap.ZLdapContext)10
DistributionList (com.zimbra.cs.account.DistributionList)9
Domain (com.zimbra.cs.account.Domain)9
HashMap (java.util.HashMap)9
NamedEntry (com.zimbra.cs.account.NamedEntry)7
List (java.util.List)7
LdapProv (com.zimbra.cs.account.ldap.LdapProv)6
LdapException (com.zimbra.cs.ldap.LdapException)5
LdapEntryAlreadyExistException (com.zimbra.cs.ldap.LdapException.LdapEntryAlreadyExistException)5
GuestAccount (com.zimbra.cs.account.GuestAccount)4
Signature (com.zimbra.cs.account.Signature)4
LdapAccount (com.zimbra.cs.account.ldap.entry.LdapAccount)4
LdapDataSource (com.zimbra.cs.account.ldap.entry.LdapDataSource)4
LdapIdentity (com.zimbra.cs.account.ldap.entry.LdapIdentity)4
LdapSignature (com.zimbra.cs.account.ldap.entry.LdapSignature)4
