Search in sources :

Example 6 with ZAttributes

use of com.zimbra.cs.ldap.ZAttributes in project zm-mailbox by Zimbra.

the class LdapProvisioning method deleteMemberOfOnAccounts.

// TODO: change to ldif and do in background
private void deleteMemberOfOnAccounts(ZLdapContext zlc, String dynGroupId) throws ServiceException {
    final List<Account> accts = new ArrayList<Account>();
    SearchLdapVisitor visitor = new SearchLdapVisitor(false) {

        @Override
        public void visit(String dn, IAttributes ldapAttrs) throws StopIteratingException {
            Account acct;
            try {
                acct = makeAccountNoDefaults(dn, (ZAttributes) ldapAttrs);
                accts.add(acct);
            } catch (ServiceException e) {
                ZimbraLog.account.warn("unable to make account " + dn, e);
            }
        }
    };
    searchDynamicGroupInternalMembers(zlc, dynGroupId, visitor);
    // do in background?
    for (Account acct : accts) {
        Map<String, Object> attrs = new HashMap<String, Object>();
        attrs.put("-" + Provisioning.A_zimbraMemberOf, dynGroupId);
        modifyLdapAttrs(acct, zlc, attrs);
        // remove the account from cache
        // note: cannnot just removeFromCache(acct) because acct only
        // contains the name, so id/alias/foreignPrincipal cached in NamedCache
        // won't be cleared.
        Account cached = getFromCache(AccountBy.name, acct.getName());
        if (cached != null) {
            removeFromCache(cached);
        }
    }
}
Also used : Account(com.zimbra.cs.account.Account) GuestAccount(com.zimbra.cs.account.GuestAccount) LdapAccount(com.zimbra.cs.account.ldap.entry.LdapAccount) SearchLdapVisitor(com.zimbra.cs.ldap.SearchLdapOptions.SearchLdapVisitor) AccountServiceException(com.zimbra.cs.account.AccountServiceException) AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException) ServiceException(com.zimbra.common.service.ServiceException) HashMap(java.util.HashMap) IAttributes(com.zimbra.cs.ldap.IAttributes) ZAttributes(com.zimbra.cs.ldap.ZAttributes) ArrayList(java.util.ArrayList)

Example 7 with ZAttributes

use of com.zimbra.cs.ldap.ZAttributes in project zm-mailbox by Zimbra.

the class LdapProvisioning method refreshEntry.

void refreshEntry(Entry entry, ZLdapContext initZlc) throws ServiceException {
    try {
        String dn = ((LdapEntry) entry).getDN();
        ZAttributes attributes = helper.getAttributes(initZlc, dn);
        Map<String, Object> attrs = attributes.getAttrs();
        Map<String, Object> defaults = null;
        Map<String, Object> secondaryDefaults = null;
        Map<String, Object> overrideDefaults = null;
        if (entry instanceof Account) {
            //
            // We can get here from either modifyAttrsInternal or reload path.
            //
            // If we got here from modifyAttrsInternal, zimbraCOSId on account
            // might have been changed, added, removed, but entry now still contains
            // the old attrs.  Create a temp Account object from the new attrs, and then
            // use the same cos of the temp Account object for our entry object.
            //
            // If we got here from reload, attrs are likely not changed, the callsites
            // just want a refreshed object.  For this case it's best if we still
            // always resolve the COS correctly.  makeAccount is a cheap call and won't
            // add any overhead like loading cos/domain from LDAP: even if cos/domain
            // has to be loaded (because not in cache) in the getCOS(temp) call, it's
            // just the same as calling (buggy) getCOS(entry) before.
            //
            // We only need the temp object for the getCOS call, don't need to setup
            // primary/secondary defaults on the temp object because:
            //     zimbraCOSId is only on account(of course), and that's all needed
            //     for determining the COS for the account in the getCOS call: if
            //     zimbraCOSId is not set on account, it will fallback to the domain
            //     default COS, then fallback to the system default COS.
            //
            Account temp = makeAccountNoDefaults(dn, attributes);
            Cos cos = getCOS(temp);
            if (cos != null)
                defaults = cos.getAccountDefaults();
            Domain domain = getDomain((Account) entry);
            if (domain != null)
                secondaryDefaults = domain.getAccountDefaults();
        } else if (entry instanceof Domain) {
            defaults = getConfig().getDomainDefaults();
        } else if (entry instanceof Server) {
            defaults = getConfig().getServerDefaults();
            AlwaysOnCluster aoc = getAlwaysOnCluster((Server) entry);
            if (aoc != null) {
                overrideDefaults = aoc.getServerOverrides();
            }
        }
        if (defaults == null && secondaryDefaults == null)
            entry.setAttrs(attrs);
        else
            entry.setAttrs(attrs, defaults, secondaryDefaults, overrideDefaults);
        extendLifeInCacheOrFlush(entry);
    } catch (ServiceException e) {
        throw ServiceException.FAILURE("unable to refresh entry", e);
    }
}
Also used : Account(com.zimbra.cs.account.Account) GuestAccount(com.zimbra.cs.account.GuestAccount) LdapAccount(com.zimbra.cs.account.ldap.entry.LdapAccount) InMemoryLdapServer(com.zimbra.cs.ldap.unboundid.InMemoryLdapServer) LdapServer(com.zimbra.cs.account.ldap.entry.LdapServer) Server(com.zimbra.cs.account.Server) LdapAlwaysOnCluster(com.zimbra.cs.account.ldap.entry.LdapAlwaysOnCluster) AlwaysOnCluster(com.zimbra.cs.account.AlwaysOnCluster) AccountServiceException(com.zimbra.cs.account.AccountServiceException) AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException) ServiceException(com.zimbra.common.service.ServiceException) LdapCos(com.zimbra.cs.account.ldap.entry.LdapCos) Cos(com.zimbra.cs.account.Cos) ZAttributes(com.zimbra.cs.ldap.ZAttributes) LdapEntry(com.zimbra.cs.account.ldap.entry.LdapEntry) LdapDomain(com.zimbra.cs.account.ldap.entry.LdapDomain) Domain(com.zimbra.cs.account.Domain)

Example 8 with ZAttributes

use of com.zimbra.cs.ldap.ZAttributes in project zm-mailbox by Zimbra.

the class LdapProvisioning method getGroupByQuery.

private Group getGroupByQuery(ZLdapFilter filter, ZLdapContext initZlc, boolean basicAttrsOnly, boolean loadFromMaster) throws ServiceException {
    try {
        String[] returnAttrs = basicAttrsOnly ? BASIC_GROUP_ATTRS : null;
        ZSearchResultEntry sr = helper.searchForEntry(mDIT.mailBranchBaseDN(), filter, initZlc, loadFromMaster, returnAttrs);
        if (sr != null) {
            ZAttributes attrs = sr.getAttributes();
            List<String> objectclass = attrs.getMultiAttrStringAsList(Provisioning.A_objectClass, CheckBinary.NOCHECK);
            if (objectclass.contains(AttributeClass.OC_zimbraDistributionList)) {
                return makeDistributionList(sr.getDN(), attrs, basicAttrsOnly);
            } else if (objectclass.contains(AttributeClass.OC_zimbraGroup)) {
                return makeDynamicGroup(initZlc, sr.getDN(), attrs);
            }
        }
    } catch (LdapMultipleEntriesMatchedException e) {
        throw AccountServiceException.MULTIPLE_ENTRIES_MATCHED("getGroupByQuery", e);
    } catch (ServiceException e) {
        throw ServiceException.FAILURE("unable to lookup group via query: " + filter.toFilterString() + " message:" + e.getMessage(), e);
    }
    return null;
}
Also used : AccountServiceException(com.zimbra.cs.account.AccountServiceException) AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException) ServiceException(com.zimbra.common.service.ServiceException) LdapMultipleEntriesMatchedException(com.zimbra.cs.ldap.LdapException.LdapMultipleEntriesMatchedException) ZAttributes(com.zimbra.cs.ldap.ZAttributes) ZSearchResultEntry(com.zimbra.cs.ldap.ZSearchResultEntry)

Example 9 with ZAttributes

use of com.zimbra.cs.ldap.ZAttributes in project zm-mailbox by Zimbra.

the class LdapProvisioning method getUCServiceByName.

private UCService getUCServiceByName(String name, boolean nocache) throws ServiceException {
    if (!nocache) {
        UCService s = ucServiceCache.getByName(name);
        if (s != null) {
            return s;
        }
    }
    try {
        String dn = mDIT.ucServiceNameToDN(name);
        ZAttributes attrs = helper.getAttributes(LdapUsage.GET_UCSERVICE, dn);
        LdapUCService s = new LdapUCService(dn, attrs, this);
        ucServiceCache.put(s);
        return s;
    } catch (LdapEntryNotFoundException e) {
        return null;
    } catch (ServiceException e) {
        throw ServiceException.FAILURE("unable to lookup ucservice by name: " + name + " message: " + e.getMessage(), e);
    }
}
Also used : LdapUCService(com.zimbra.cs.account.ldap.entry.LdapUCService) UCService(com.zimbra.cs.account.UCService) AccountServiceException(com.zimbra.cs.account.AccountServiceException) AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException) ServiceException(com.zimbra.common.service.ServiceException) LdapEntryNotFoundException(com.zimbra.cs.ldap.LdapException.LdapEntryNotFoundException) ZAttributes(com.zimbra.cs.ldap.ZAttributes) LdapUCService(com.zimbra.cs.account.ldap.entry.LdapUCService)

Example 10 with ZAttributes

use of com.zimbra.cs.ldap.ZAttributes in project zm-mailbox by Zimbra.

the class LdapProvisioning method getNonDefaultDynamicGroupMembers.

public String[] getNonDefaultDynamicGroupMembers(DynamicGroup group) {
    final List<String> members = Lists.newArrayList();
    ZLdapContext zlc = null;
    try {
        zlc = LdapClient.getContext(LdapServerType.REPLICA, LdapUsage.GET_GROUP_MEMBER);
        /*
             * this DynamicGroup object must not be a basic group with minimum
             * attrs, we need the member attribute
             */
        String[] memberDNs = group.getMultiAttr(Provisioning.A_member);
        final String[] attrsToGet = new String[] { Provisioning.A_zimbraMailDeliveryAddress, Provisioning.A_zimbraIsExternalVirtualAccount };
        for (String memberDN : memberDNs) {
            ZAttributes memberAttrs = zlc.getAttributes(memberDN, attrsToGet);
            String memberAddr = memberAttrs.getAttrString(Provisioning.A_zimbraMailDeliveryAddress);
            boolean isVirtualAcct = memberAttrs.hasAttributeValue(Provisioning.A_zimbraIsExternalVirtualAccount, "TRUE");
            if (memberAddr != null && !isVirtualAcct) {
                members.add(memberAddr);
            }
        }
    } catch (ServiceException e) {
        ZimbraLog.account.warn("unable to get dynamic group members", e);
    } finally {
        LdapClient.closeContext(zlc);
    }
    return members.toArray(new String[members.size()]);
}
Also used : ZLdapContext(com.zimbra.cs.ldap.ZLdapContext) AccountServiceException(com.zimbra.cs.account.AccountServiceException) AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException) ServiceException(com.zimbra.common.service.ServiceException) ZAttributes(com.zimbra.cs.ldap.ZAttributes)

Aggregations

ZAttributes (com.zimbra.cs.ldap.ZAttributes)30 ServiceException (com.zimbra.common.service.ServiceException)18 AccountServiceException (com.zimbra.cs.account.AccountServiceException)16 AuthFailedServiceException (com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)15 LdapEntryNotFoundException (com.zimbra.cs.ldap.LdapException.LdapEntryNotFoundException)8 Account (com.zimbra.cs.account.Account)6 ZLdapContext (com.zimbra.cs.ldap.ZLdapContext)6 Domain (com.zimbra.cs.account.Domain)4 GuestAccount (com.zimbra.cs.account.GuestAccount)4 LdapAccount (com.zimbra.cs.account.ldap.entry.LdapAccount)4 HashMap (java.util.HashMap)4 LdapDomain (com.zimbra.cs.account.ldap.entry.LdapDomain)3 LdapDynamicGroup (com.zimbra.cs.account.ldap.entry.LdapDynamicGroup)3 ZMutableEntry (com.zimbra.cs.ldap.ZMutableEntry)3 Alias (com.zimbra.cs.account.Alias)2 AlwaysOnCluster (com.zimbra.cs.account.AlwaysOnCluster)2 DynamicGroup (com.zimbra.cs.account.DynamicGroup)2 Group (com.zimbra.cs.account.Group)2 NamedEntry (com.zimbra.cs.account.NamedEntry)2 Server (com.zimbra.cs.account.Server)2