Search in sources :

Example 26 with SoapProvisioning

use of com.zimbra.cs.account.soap.SoapProvisioning in project zm-mailbox by Zimbra.

the class TestProvisioningUtil method getSoapProvisioning.

public static SoapProvisioning getSoapProvisioning(String userName, String password) throws ServiceException {
    SoapProvisioning sp = new SoapProvisioning();
    sp.soapSetURI("https://localhost:7071" + AdminConstants.ADMIN_SERVICE_URI);
    sp.soapAdminAuthenticate(userName, password);
    return sp;
}
Also used : SoapProvisioning(com.zimbra.cs.account.soap.SoapProvisioning)

Example 27 with SoapProvisioning

use of com.zimbra.cs.account.soap.SoapProvisioning in project zm-mailbox by Zimbra.

the class TestDomainAdmin method testDelegatedAdminAssignSendToDistList.

/**
     * Test that delegated admin with adminConsoleDLACLTabRights can grant sendToDistList right
     * @throws Exception
     */
@Test
public void testDelegatedAdminAssignSendToDistList() throws Exception {
    createAdminConsoleStyleDomainAdmin(DOMADMIN);
    adminSoapProv.createAccount(TARGET_ACCT, TestUtil.DEFAULT_PASSWORD, null);
    SoapProvisioning domAdminSoapProv = getSoapProvisioning(DOMADMIN, TestUtil.DEFAULT_PASSWORD);
    CreateDistributionListResponse caResp;
    caResp = domAdminSoapProv.invokeJaxb(new CreateDistributionListRequest(TARGET_DL));
    assertNotNull("CreateDistributionListResponse for " + TARGET_DL + " simple as domAdmin", caResp);
    caResp = adminSoapProv.invokeJaxb(new CreateDistributionListRequest(DIFF_DL));
    assertNotNull("CreateDistributionListResponse for " + TARGET_DL + " simple as domAdmin", caResp);
    failToGrantRight(domAdminSoapProv, TargetType.dl, TARGET_DL, TARGET_ACCT, RightConsts.RT_sendToDistList, "permission denied: insufficient right to grant 'sendToDistList' right");
    grantRight(adminSoapProv, TargetType.domain, ADMINISTERED_DOMAIN, DOMADMIN, /* grantee */
    RightConsts.RT_adminConsoleDLACLTabRights);
    grantRight(domAdminSoapProv, TargetType.dl, TARGET_DL, TARGET_ACCT, RightConsts.RT_sendToDistList);
    /* Check that doesn't allow it for a dl in a different domain */
    failToGrantRight(domAdminSoapProv, TargetType.dl, DIFF_DL, TARGET_ACCT, RightConsts.RT_sendToDistList, "permission denied: insufficient right to grant 'sendToDistList' right");
}
Also used : CreateDistributionListRequest(com.zimbra.soap.admin.message.CreateDistributionListRequest) SoapProvisioning(com.zimbra.cs.account.soap.SoapProvisioning) CreateDistributionListResponse(com.zimbra.soap.admin.message.CreateDistributionListResponse) Test(org.junit.Test)

Example 28 with SoapProvisioning

use of com.zimbra.cs.account.soap.SoapProvisioning in project zm-mailbox by Zimbra.

the class TestDomainAdmin method testAccountPassword.

@Test
public void testAccountPassword() throws Exception {
    Account acct = adminSoapProv.createAccount(TARGET_ACCT, TestUtil.DEFAULT_PASSWORD, null);
    String domAdminId = createAdminConsoleStyleDomainAdmin(DOMADMIN);
    adminSoapProv.authAccount(acct, TestUtil.DEFAULT_PASSWORD, AuthContext.Protocol.test);
    assertNotNull("Account for " + TARGET_ACCT, acct);
    // first as admin
    adminSoapProv.changePassword(acct, TestUtil.DEFAULT_PASSWORD, "DelTA4Pa555");
    adminSoapProv.checkPasswordStrength(acct, "2ndDelTA4Pa555");
    adminSoapProv.setPassword(acct, "2ndDelTA4Pa555");
    SoapProvisioning domAdminSoapProv = getSoapProvisioning(DOMADMIN, TestUtil.DEFAULT_PASSWORD);
    try {
        domAdminSoapProv.changePassword(acct, "DelTA4Pa555", TestUtil.DEFAULT_PASSWORD);
        fail("changePassword succeeded when shouldn't");
    } catch (SoapFaultException sfe) {
        checkSoapReason(sfe, "authentication failed for");
    }
    try {
        domAdminSoapProv.checkPasswordStrength(acct, "2ndDelTA4Pa555");
        fail("checkPasswordStrength succeeded in spite of not having checkPasswordStrength right!!");
    } catch (SoapFaultException sfe) {
        checkSoapReason(sfe, "permission denied: need right: checkPasswordStrength for account");
    }
    domAdminSoapProv.setPassword(acct, TestUtil.DEFAULT_PASSWORD);
}
Also used : Account(com.zimbra.cs.account.Account) SoapProvisioning(com.zimbra.cs.account.soap.SoapProvisioning) SoapFaultException(com.zimbra.common.soap.SoapFaultException) Test(org.junit.Test)

Example 29 with SoapProvisioning

use of com.zimbra.cs.account.soap.SoapProvisioning in project zm-mailbox by Zimbra.

the class TestDomainAdmin method testGetAccountInDiffDomain.

@Test
public void testGetAccountInDiffDomain() throws Exception {
    Account acct = TestJaxbProvisioning.ensureAccountExists(DIFF_ACCT);
    String acctId = acct.getId();
    String domAdminId = createAdminConsoleStyleDomainAdmin(DOMADMIN);
    SoapProvisioning domAdminSoapProv = getSoapProvisioning(DOMADMIN, TestUtil.DEFAULT_PASSWORD);
    GetAccountRequest getAcctReq = new GetAccountRequest(AccountSelector.fromName(DIFF_ACCT), true);
    try {
        domAdminSoapProv.invokeJaxb(getAcctReq);
        fail("GetAccountRequest succeeded for account in other domain!");
    } catch (SoapFaultException sfe) {
        checkSoapReason(sfe, "permission denied: can not access account ");
    }
    try {
        domAdminSoapProv.invokeJaxbOnTargetAccount(getAcctReq, acctId);
        fail("GetAccountRequest succeeded for account in other domain!");
    } catch (SoapFaultException sfe) {
        checkSoapReason(sfe, "permission denied: can not access account ");
    }
    // try non-existent acct
    getAcctReq = new GetAccountRequest(AccountSelector.fromName(DIFF_ACCT2), true);
    try {
        domAdminSoapProv.invokeJaxb(getAcctReq);
        fail("GetAccountRequest succeeded for non-existent account in other domain!");
    } catch (SoapFaultException sfe) {
        checkSoapReason(sfe, "permission denied: can not access account ");
    }
    GetMailboxRequest gmReq = new GetMailboxRequest(new MailboxByAccountIdSelector(acctId));
    try {
        domAdminSoapProv.invokeJaxb(gmReq);
        fail("GetMailboxRequest succeeded for account in other domain!");
    } catch (SoapFaultException sfe) {
        checkSoapReason(sfe, "permission denied: can not access account ");
    }
    try {
        domAdminSoapProv.invokeJaxbOnTargetAccount(gmReq, acctId);
        fail("GetMailboxRequest succeeded for account in other domain!");
    } catch (SoapFaultException sfe) {
        checkSoapReason(sfe, "permission denied: can not access account ");
    }
    AddAccountAliasResponse aaaResp;
    try {
        aaaResp = domAdminSoapProv.invokeJaxb(new AddAccountAliasRequest(acctId, ALIAS_FOR_TARGET_ACCT));
        fail("AddAccountAliasRequest succeeded for account in other domain!");
    } catch (SoapFaultException sfe) {
        checkSoapReason(sfe, "permission denied: can not access account ");
    }
    try {
        aaaResp = domAdminSoapProv.invokeJaxbOnTargetAccount(new AddAccountAliasRequest(acctId, ALIAS_FOR_TARGET_ACCT2), acctId);
        fail("AddAccountAliasRequest succeeded for account in other domain!");
    } catch (SoapFaultException sfe) {
        checkSoapReason(sfe, "permission denied: can not access account ");
    }
    aaaResp = adminSoapProv.invokeJaxb(new AddAccountAliasRequest(acctId, ALIAS_FOR_TARGET_ACCT));
    assertNotNull("AddAccountAliasResponse for " + TARGET_ACCT + " as FULL ADMIN", aaaResp);
    try {
        domAdminSoapProv.invokeJaxb(new RemoveAccountAliasRequest(acctId, ALIAS_FOR_TARGET_ACCT));
        fail("RemoveAccountAliasRequest succeeded for account in other domain!");
    } catch (SoapFaultException sfe) {
        checkSoapReason(sfe, "permission denied: can not access account ");
    }
    try {
        domAdminSoapProv.invokeJaxb(new RenameAccountRequest(acctId, TARGET_ACCT_RENAMED));
        fail("RenameAccountRequest succeeded for account in other domain!");
    } catch (SoapFaultException sfe) {
        checkSoapReason(sfe, "permission denied: can not access account ");
    }
    try {
        domAdminSoapProv.invokeJaxb(new DeleteAccountRequest(acctId));
        fail("DeleteAccountRequest succeeded for account in other domain!");
    } catch (SoapFaultException sfe) {
        checkSoapReason(sfe, "permission denied: can not access account ");
    }
}
Also used : Account(com.zimbra.cs.account.Account) DeleteAccountRequest(com.zimbra.soap.admin.message.DeleteAccountRequest) AddAccountAliasRequest(com.zimbra.soap.admin.message.AddAccountAliasRequest) SoapProvisioning(com.zimbra.cs.account.soap.SoapProvisioning) RemoveAccountAliasRequest(com.zimbra.soap.admin.message.RemoveAccountAliasRequest) GetMailboxRequest(com.zimbra.soap.admin.message.GetMailboxRequest) RenameAccountRequest(com.zimbra.soap.admin.message.RenameAccountRequest) MailboxByAccountIdSelector(com.zimbra.soap.admin.type.MailboxByAccountIdSelector) AddAccountAliasResponse(com.zimbra.soap.admin.message.AddAccountAliasResponse) GetAccountRequest(com.zimbra.soap.admin.message.GetAccountRequest) SoapFaultException(com.zimbra.common.soap.SoapFaultException) Test(org.junit.Test)

Example 30 with SoapProvisioning

use of com.zimbra.cs.account.soap.SoapProvisioning in project zm-mailbox by Zimbra.

the class TestDomainAdmin method testGetDistributionListInDomAdminDomain.

@Test
public void testGetDistributionListInDomAdminDomain() throws Exception {
    String domAdminId = createAdminConsoleStyleDomainAdmin(DOMADMIN);
    SoapProvisioning domAdminSoapProv = getSoapProvisioning(DOMADMIN, TestUtil.DEFAULT_PASSWORD);
    CreateDistributionListResponse caResp;
    caResp = domAdminSoapProv.invokeJaxb(new CreateDistributionListRequest(TARGET_DL));
    assertNotNull("CreateDistributionListResponse for " + TARGET_DL + " simple as domAdmin", caResp);
    String dlId = caResp.getDl().getId();
    GetDistributionListRequest getDlReq = new GetDistributionListRequest(DistributionListSelector.fromName(TARGET_DL));
    GetDistributionListResponse getDlResp = domAdminSoapProv.invokeJaxb(getDlReq);
    assertNotNull("GetDistributionListResponse for " + TARGET_DL + " simple as domAdmin", getDlResp);
    AddDistributionListAliasResponse aaaResp;
    aaaResp = domAdminSoapProv.invokeJaxb(new AddDistributionListAliasRequest(dlId, ALIAS_FOR_TARGET_DL));
    assertNotNull("AddDistributionListAliasResponse for " + TARGET_DL + " simple as domAdmin", aaaResp);
    RemoveDistributionListAliasResponse daaResp;
    daaResp = domAdminSoapProv.invokeJaxb(new RemoveDistributionListAliasRequest(dlId, ALIAS_FOR_TARGET_DL));
    assertNotNull("RemoveDistributionListAliasResponse for " + TARGET_DL + " simple as domAdmin", daaResp);
    RenameDistributionListResponse renAResp;
    renAResp = domAdminSoapProv.invokeJaxb(new RenameDistributionListRequest(dlId, TARGET_DL_RENAMED));
    assertNotNull("RenameDistributionListResponse for " + TARGET_DL + " simple as domAdmin", renAResp);
    DeleteDistributionListRequest delDLReq;
    DeleteDistributionListResponse delDlResp;
    delDLReq = new DeleteDistributionListRequest(null);
    try {
        delDlResp = domAdminSoapProv.invokeJaxb(delDLReq);
        fail("DeleteDistributionListRequest succeeded in spite of having no 'id' specified!!");
    } catch (SoapFaultException sfe) {
        checkSoapReason(sfe, "invalid request: missing required attribute: id");
    }
    delDLReq = new DeleteDistributionListRequest(dlId);
    delDlResp = domAdminSoapProv.invokeJaxb(delDLReq);
    assertNotNull("DeleteDistributionListResponse for " + TARGET_DL + " as domAdmin", delDlResp);
    try {
        getDlResp = domAdminSoapProv.invokeJaxb(getDlReq);
        fail("GetDistributionListRequest succeeded after delete!");
    } catch (SoapFaultException sfe) {
        checkSoapReason(sfe, "no such distribution list:");
    }
    try {
        getDlResp = domAdminSoapProv.invokeJaxb(new GetDistributionListRequest(DistributionListSelector.fromId(dlId)));
        fail("GetDistributionListRequest succeeded after delete!");
    } catch (SoapFaultException sfe) {
        // because by id not name
        checkSoapReason(sfe, "permission denied: can not access distribution list");
    }
}
Also used : GetDistributionListResponse(com.zimbra.soap.admin.message.GetDistributionListResponse) RemoveDistributionListAliasRequest(com.zimbra.soap.admin.message.RemoveDistributionListAliasRequest) AddDistributionListAliasRequest(com.zimbra.soap.admin.message.AddDistributionListAliasRequest) CreateDistributionListResponse(com.zimbra.soap.admin.message.CreateDistributionListResponse) GetDistributionListRequest(com.zimbra.soap.admin.message.GetDistributionListRequest) SoapFaultException(com.zimbra.common.soap.SoapFaultException) RemoveDistributionListAliasResponse(com.zimbra.soap.admin.message.RemoveDistributionListAliasResponse) RenameDistributionListResponse(com.zimbra.soap.admin.message.RenameDistributionListResponse) RenameDistributionListRequest(com.zimbra.soap.admin.message.RenameDistributionListRequest) CreateDistributionListRequest(com.zimbra.soap.admin.message.CreateDistributionListRequest) SoapProvisioning(com.zimbra.cs.account.soap.SoapProvisioning) DeleteDistributionListRequest(com.zimbra.soap.admin.message.DeleteDistributionListRequest) DeleteDistributionListResponse(com.zimbra.soap.admin.message.DeleteDistributionListResponse) AddDistributionListAliasResponse(com.zimbra.soap.admin.message.AddDistributionListAliasResponse) Test(org.junit.Test)

Aggregations

SoapProvisioning (com.zimbra.cs.account.soap.SoapProvisioning)78 Test (org.junit.Test)18 SoapFaultException (com.zimbra.common.soap.SoapFaultException)14 Account (com.zimbra.cs.account.Account)13 Attr (com.zimbra.soap.admin.type.Attr)10 ServiceException (com.zimbra.common.service.ServiceException)9 CreateDistributionListRequest (com.zimbra.soap.admin.message.CreateDistributionListRequest)6 CreateDistributionListResponse (com.zimbra.soap.admin.message.CreateDistributionListResponse)6 AccountLogger (com.zimbra.common.util.AccountLogger)5 Server (com.zimbra.cs.account.Server)5 CreateCalendarResourceRequest (com.zimbra.soap.admin.message.CreateCalendarResourceRequest)4 CreateCalendarResourceResponse (com.zimbra.soap.admin.message.CreateCalendarResourceResponse)4 DeleteCalendarResourceRequest (com.zimbra.soap.admin.message.DeleteCalendarResourceRequest)4 List (java.util.List)4 SoapHttpTransport (com.zimbra.common.soap.SoapHttpTransport)3 AccountServiceException (com.zimbra.cs.account.AccountServiceException)3 Provisioning (com.zimbra.cs.account.Provisioning)3 CacheEntry (com.zimbra.cs.account.Provisioning.CacheEntry)3 DeleteAccountRequest (com.zimbra.soap.admin.message.DeleteAccountRequest)3 DeleteAccountResponse (com.zimbra.soap.admin.message.DeleteAccountResponse)3