Example 46 with ZLdapContext
use of com.zimbra.cs.ldap.ZLdapContext in project zm-mailbox by Zimbra.
the class BUG_63475 method doUpgrade.
@Override
void doUpgrade() throws ServiceException {
ZLdapContext zlc = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.UPGRADE);
try {
doGlobalConfig(zlc);
doAllServers(zlc);
} finally {
LdapClient.closeContext(zlc);
}
}
Also used :
ZLdapContext(com.zimbra.cs.ldap.ZLdapContext)
Example 47 with ZLdapContext
use of com.zimbra.cs.ldap.ZLdapContext in project zm-mailbox by Zimbra.
the class BUG_53745 method doUpgrade.
@Override
void doUpgrade() throws ServiceException {
ZLdapContext zlc = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.UPGRADE);
try {
doCos(zlc);
doAccount(zlc);
} finally {
LdapClient.closeContext(zlc);
}
}
Also used :
ZLdapContext(com.zimbra.cs.ldap.ZLdapContext)
Example 48 with ZLdapContext
use of com.zimbra.cs.ldap.ZLdapContext in project zm-mailbox by Zimbra.
the class LdapProvisioning method createServer.
@Override
public Server createServer(String name, Map<String, Object> serverAttrs) throws ServiceException {
name = name.toLowerCase().trim();
CallbackContext callbackContext = new CallbackContext(CallbackContext.Op.CREATE);
AttributeManager.getInstance().preModify(serverAttrs, null, callbackContext, true);
ZLdapContext zlc = null;
try {
zlc = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.CREATE_SERVER);
ZMutableEntry entry = LdapClient.createMutableEntry();
entry.mapToAttrs(serverAttrs);
Set<String> ocs = LdapObjectClass.getServerObjectClasses(this);
entry.addAttr(A_objectClass, ocs);
String zimbraIdStr = LdapUtil.generateUUID();
entry.setAttr(A_zimbraId, zimbraIdStr);
entry.setAttr(A_zimbraCreateTimestamp, LdapDateUtil.toGeneralizedTime(new Date()));
entry.setAttr(A_cn, name);
String dn = mDIT.serverNameToDN(name);
if (!entry.hasAttribute(Provisioning.A_zimbraServiceHostname)) {
entry.setAttr(Provisioning.A_zimbraServiceHostname, name);
}
entry.setDN(dn);
zlc.createEntry(entry);
Server server = getServerById(zimbraIdStr, zlc, true);
AttributeManager.getInstance().postModify(serverAttrs, server, callbackContext);
return server;
} catch (LdapEntryAlreadyExistException nabe) {
throw AccountServiceException.SERVER_EXISTS(name);
} catch (LdapException e) {
throw e;
} catch (AccountServiceException e) {
throw e;
} catch (ServiceException e) {
throw ServiceException.FAILURE("unable to create server: " + name, e);
} finally {
LdapClient.closeContext(zlc);
}
}
Also used :
ZMutableEntry(com.zimbra.cs.ldap.ZMutableEntry)
LdapEntryAlreadyExistException(com.zimbra.cs.ldap.LdapException.LdapEntryAlreadyExistException)
AccountServiceException(com.zimbra.cs.account.AccountServiceException)
ZLdapContext(com.zimbra.cs.ldap.ZLdapContext)
InMemoryLdapServer(com.zimbra.cs.ldap.unboundid.InMemoryLdapServer)
LdapServer(com.zimbra.cs.account.ldap.entry.LdapServer)
Server(com.zimbra.cs.account.Server)
AccountServiceException(com.zimbra.cs.account.AccountServiceException)
AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)
ServiceException(com.zimbra.common.service.ServiceException)
CallbackContext(com.zimbra.cs.account.callback.CallbackContext)
LdapException(com.zimbra.cs.ldap.LdapException)
Date(java.util.Date)
Example 49 with ZLdapContext
use of com.zimbra.cs.ldap.ZLdapContext in project zm-mailbox by Zimbra.
the class LdapProvisioning method createDynamicGroup.
private DynamicGroup createDynamicGroup(String groupAddress, Map<String, Object> groupAttrs, Account creator) throws ServiceException {
boolean isHabGroup = false;
SpecialAttrs specialAttrs = mDIT.handleSpecialAttrs(groupAttrs);
String baseDn = specialAttrs.getLdapBaseDn();
groupAddress = groupAddress.toLowerCase().trim();
EmailAddress addr = new EmailAddress(groupAddress);
String localPart = addr.getLocalPart();
String domainName = addr.getDomain();
domainName = IDNUtil.toAsciiDomainName(domainName);
groupAddress = EmailAddress.getAddress(localPart, domainName);
validEmailAddress(groupAddress);
CallbackContext callbackContext = new CallbackContext(CallbackContext.Op.CREATE);
callbackContext.setCreatingEntryName(groupAddress);
// remove zimbraIsACLGroup from attrs if provided, to avoid the immutable check
Object providedZimbraIsACLGroup = groupAttrs.get(A_zimbraIsACLGroup);
if (providedZimbraIsACLGroup != null) {
groupAttrs.remove(A_zimbraIsACLGroup);
}
AttributeManager.getInstance().preModify(groupAttrs, null, callbackContext, true);
// put zimbraIsACLGroup back
if (providedZimbraIsACLGroup != null) {
groupAttrs.put(A_zimbraIsACLGroup, providedZimbraIsACLGroup);
}
ZLdapContext zlc = null;
try {
zlc = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.CREATE_DYNAMICGROUP);
Domain domain = getDomainByAsciiName(domainName, zlc);
if (domain == null) {
throw AccountServiceException.NO_SUCH_DOMAIN(domainName);
}
if (!domain.isLocal()) {
throw ServiceException.INVALID_REQUEST("domain type must be local", null);
}
String domainDN = ((LdapDomain) domain).getDN();
/*
* ====================================
* create the main dynamic group entry
* ====================================
*/
ZMutableEntry entry = LdapClient.createMutableEntry();
isHabGroup = populateEntryForHABGroup(entry, groupAttrs, localPart, domain, zlc);
entry.mapToAttrs(groupAttrs);
Set<String> ocs = LdapObjectClass.getGroupObjectClasses(this, isHabGroup);
entry.addAttr(A_objectClass, ocs);
String zimbraId = LdapUtil.generateUUID();
// create a UUID for the static unit entry
String staticUnitZimbraId = LdapUtil.generateUUID();
String createTimestamp = LdapDateUtil.toGeneralizedTime(new Date());
entry.setAttr(A_zimbraId, zimbraId);
entry.setAttr(A_zimbraCreateTimestamp, createTimestamp);
entry.setAttr(A_mail, groupAddress);
entry.setAttr(A_dgIdentity, LC.zimbra_ldap_userdn.value());
// unlike accounts (which have a zimbraMailDeliveryAddress for the primary,
// and zimbraMailAliases only for aliases), DLs use zimbraMailAlias for both.
// Postfix uses these two attributes to route mail, and zimbraMailDeliveryAddress
// indicates that something has a physical mailbox, which DLs don't.
entry.setAttr(A_zimbraMailAlias, groupAddress);
/*
// allow only users in the same domain
String memberURL = String.format("ldap:///%s??one?(zimbraMemberOf=%s)",
mDIT.domainDNToAccountBaseDN(domainDN), groupAddress);
*/
String specifiedIsACLGroup = entry.getAttrString(A_zimbraIsACLGroup);
boolean isACLGroup;
if (!entry.hasAttribute(A_memberURL)) {
String memberURL = LdapDynamicGroup.getDefaultMemberURL(zimbraId, staticUnitZimbraId);
entry.setAttr(Provisioning.A_memberURL, memberURL);
// or specified to be TRUE;
if (specifiedIsACLGroup == null) {
entry.setAttr(A_zimbraIsACLGroup, ProvisioningConstants.TRUE);
} else if (ProvisioningConstants.FALSE.equals(specifiedIsACLGroup)) {
throw ServiceException.INVALID_REQUEST("No custom " + A_memberURL + " is provided, " + A_zimbraIsACLGroup + " cannot be set to FALSE", null);
}
isACLGroup = true;
} else {
// We want to be able to use dynamic groups as ACLs, for instance when sharing a folder with a group
// This used to be disallowed via a requirement that zimbraIsACLGroup be specified and set to FALSE.
// That requirement has been dropped.
isACLGroup = !ProvisioningConstants.FALSE.equals(specifiedIsACLGroup);
}
// by default a dynamic group is always created enabled
if (!entry.hasAttribute(Provisioning.A_zimbraMailStatus)) {
entry.setAttr(A_zimbraMailStatus, MAIL_STATUS_ENABLED);
}
String mailStatus = entry.getAttrString(A_zimbraMailStatus);
entry.setAttr(A_cn, localPart);
// entry.setAttr(A_uid, localPart); need to use uid if we move dynamic groups to the ou=people tree
setGroupHomeServer(entry, creator);
String dn = null;
if (!isHabGroup) {
dn = mDIT.dynamicGroupNameLocalPartToDN(localPart, domainDN);
entry.setDN(dn);
}
zlc.createEntry(entry);
if (isACLGroup) {
/*
* ===========================================================
* create the dynamic group unit entry, for internal addresses
* ===========================================================
*/
String dynamicUnitLocalpart = dynamicGroupDynamicUnitLocalpart(localPart);
String dynamicUnitAddr = EmailAddress.getAddress(dynamicUnitLocalpart, domainName);
entry = LdapClient.createMutableEntry();
ocs = LdapObjectClass.getGroupDynamicUnitObjectClasses(this);
entry.addAttr(A_objectClass, ocs);
String dynamicUnitZimbraId = LdapUtil.generateUUID();
entry.setAttr(A_cn, DYNAMIC_GROUP_DYNAMIC_UNIT_NAME);
entry.setAttr(A_zimbraId, dynamicUnitZimbraId);
// id of the main group
entry.setAttr(A_zimbraGroupId, zimbraId);
entry.setAttr(A_zimbraCreateTimestamp, createTimestamp);
entry.setAttr(A_mail, dynamicUnitAddr);
entry.setAttr(A_zimbraMailAlias, dynamicUnitAddr);
entry.setAttr(A_zimbraMailStatus, mailStatus);
entry.setAttr(A_dgIdentity, LC.zimbra_ldap_userdn.value());
// id of the main group
String memberURL = LdapDynamicGroup.getDefaultDynamicUnitMemberURL(zimbraId);
entry.setAttr(Provisioning.A_memberURL, memberURL);
String dynamicUnitDN = mDIT.dynamicGroupUnitNameToDN(DYNAMIC_GROUP_DYNAMIC_UNIT_NAME, dn);
entry.setDN(dynamicUnitDN);
zlc.createEntry(entry);
/*
* ==========================================================
* create the static group unit entry, for external addresses
* ==========================================================
*/
entry = LdapClient.createMutableEntry();
ocs = LdapObjectClass.getGroupStaticUnitObjectClasses(this);
entry.addAttr(A_objectClass, ocs);
entry.setAttr(A_cn, DYNAMIC_GROUP_STATIC_UNIT_NAME);
entry.setAttr(A_zimbraId, staticUnitZimbraId);
// id of the main group
entry.setAttr(A_zimbraGroupId, zimbraId);
entry.setAttr(A_zimbraCreateTimestamp, createTimestamp);
String staticUnitDN = mDIT.dynamicGroupUnitNameToDN(DYNAMIC_GROUP_STATIC_UNIT_NAME, dn);
entry.setDN(staticUnitDN);
zlc.createEntry(entry);
}
/*
* all is well, get the group by id
*/
DynamicGroup group = getDynamicGroupBasic(DistributionListBy.id, zimbraId, zlc);
if (group != null) {
AttributeManager.getInstance().postModify(groupAttrs, group, callbackContext);
removeExternalAddrsFromAllDynamicGroups(group.getAllAddrsSet(), zlc);
allDLs.addGroup(group);
} else {
throw ServiceException.FAILURE("unable to get dynamic group after creating LDAP entry: " + groupAddress, null);
}
return group;
} catch (LdapEntryAlreadyExistException nabe) {
throw AccountServiceException.DISTRIBUTION_LIST_EXISTS(groupAddress);
} catch (LdapException e) {
throw e;
} catch (AccountServiceException e) {
throw e;
} finally {
LdapClient.closeContext(zlc);
}
}
Also used :
ZMutableEntry(com.zimbra.cs.ldap.ZMutableEntry)
DynamicGroup(com.zimbra.cs.account.DynamicGroup)
LdapDynamicGroup(com.zimbra.cs.account.ldap.entry.LdapDynamicGroup)
LdapEntryAlreadyExistException(com.zimbra.cs.ldap.LdapException.LdapEntryAlreadyExistException)
ZLdapContext(com.zimbra.cs.ldap.ZLdapContext)
LdapDomain(com.zimbra.cs.account.ldap.entry.LdapDomain)
EmailAddress(com.zimbra.cs.account.names.NameUtil.EmailAddress)
Date(java.util.Date)
AccountServiceException(com.zimbra.cs.account.AccountServiceException)
CallbackContext(com.zimbra.cs.account.callback.CallbackContext)
LdapDomain(com.zimbra.cs.account.ldap.entry.LdapDomain)
Domain(com.zimbra.cs.account.Domain)
LdapException(com.zimbra.cs.ldap.LdapException)
Example 50 with ZLdapContext
use of com.zimbra.cs.ldap.ZLdapContext in project zm-mailbox by Zimbra.
the class LdapProvisioning method copyCos.
private Cos copyCos(String srcCosId, String destCosName, Map<String, Object> cosAttrs) throws ServiceException {
destCosName = destCosName.toLowerCase().trim();
Cos srcCos = getCosById(srcCosId, null);
if (srcCos == null)
throw AccountServiceException.NO_SUCH_COS(srcCosId);
// bug 67716, use a case insensitive map because provided attr names may not be
// the canonical name and that will cause multiple entries in the map
Map<String, Object> allAttrs = new TreeMap<String, Object>(String.CASE_INSENSITIVE_ORDER);
allAttrs.putAll(srcCos.getAttrs());
allAttrs.remove(Provisioning.A_objectClass);
allAttrs.remove(Provisioning.A_zimbraId);
allAttrs.remove(Provisioning.A_zimbraCreateTimestamp);
allAttrs.remove(Provisioning.A_zimbraACE);
allAttrs.remove(Provisioning.A_cn);
allAttrs.remove(Provisioning.A_description);
if (cosAttrs != null) {
for (Map.Entry<String, Object> e : cosAttrs.entrySet()) {
String attr = e.getKey();
Object value = e.getValue();
if (value instanceof String && Strings.isNullOrEmpty((String) value)) {
allAttrs.remove(attr);
} else {
allAttrs.put(attr, value);
}
}
}
CallbackContext callbackContext = new CallbackContext(CallbackContext.Op.CREATE);
// get rid of deprecated attrs
Map<String, Object> allNewAttrs = new HashMap<String, Object>(allAttrs);
for (String attr : allAttrs.keySet()) {
AttributeInfo info = AttributeManager.getInstance().getAttributeInfo(attr);
if (info != null && info.isDeprecated()) {
allNewAttrs.remove(attr);
}
}
allAttrs = allNewAttrs;
AttributeManager.getInstance().preModify(allAttrs, null, callbackContext, true);
ZLdapContext zlc = null;
try {
zlc = LdapClient.getContext(LdapServerType.MASTER, LdapUsage.CREATE_COS);
ZMutableEntry entry = LdapClient.createMutableEntry();
entry.mapToAttrs(allAttrs);
Set<String> ocs = LdapObjectClass.getCosObjectClasses(this);
entry.addAttr(A_objectClass, ocs);
String zimbraIdStr = LdapUtil.generateUUID();
entry.setAttr(A_zimbraId, zimbraIdStr);
entry.setAttr(A_zimbraCreateTimestamp, LdapDateUtil.toGeneralizedTime(new Date()));
entry.setAttr(A_cn, destCosName);
String dn = mDIT.cosNametoDN(destCosName);
entry.setDN(dn);
zlc.createEntry(entry);
Cos cos = getCosById(zimbraIdStr, zlc);
AttributeManager.getInstance().postModify(allAttrs, cos, callbackContext);
return cos;
} catch (LdapEntryAlreadyExistException nabe) {
throw AccountServiceException.COS_EXISTS(destCosName);
} catch (LdapException e) {
throw e;
} catch (AccountServiceException e) {
throw e;
} catch (ServiceException e) {
throw ServiceException.FAILURE("unable to create cos: " + destCosName, e);
} finally {
LdapClient.closeContext(zlc);
}
}
Also used :
ZMutableEntry(com.zimbra.cs.ldap.ZMutableEntry)
LdapEntryAlreadyExistException(com.zimbra.cs.ldap.LdapException.LdapEntryAlreadyExistException)
ZLdapContext(com.zimbra.cs.ldap.ZLdapContext)
HashMap(java.util.HashMap)
LdapCos(com.zimbra.cs.account.ldap.entry.LdapCos)
Cos(com.zimbra.cs.account.Cos)
TreeMap(java.util.TreeMap)
Date(java.util.Date)
AttributeInfo(com.zimbra.cs.account.AttributeInfo)
AccountServiceException(com.zimbra.cs.account.AccountServiceException)
AccountServiceException(com.zimbra.cs.account.AccountServiceException)
AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)
ServiceException(com.zimbra.common.service.ServiceException)
CallbackContext(com.zimbra.cs.account.callback.CallbackContext)
Map(java.util.Map)
TreeMap(java.util.TreeMap)
HashMap(java.util.HashMap)
LdapException(com.zimbra.cs.ldap.LdapException)
Aggregations
ZLdapContext (com.zimbra.cs.ldap.ZLdapContext)126
ServiceException (com.zimbra.common.service.ServiceException)65
AccountServiceException (com.zimbra.cs.account.AccountServiceException)62
AuthFailedServiceException (com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)60
LdapEntryAlreadyExistException (com.zimbra.cs.ldap.LdapException.LdapEntryAlreadyExistException)23
LdapException (com.zimbra.cs.ldap.LdapException)22
ZMutableEntry (com.zimbra.cs.ldap.ZMutableEntry)21
Domain (com.zimbra.cs.account.Domain)19
LdapEntry (com.zimbra.cs.account.ldap.entry.LdapEntry)18
CallbackContext (com.zimbra.cs.account.callback.CallbackContext)16
Date (java.util.Date)16
LdapDomain (com.zimbra.cs.account.ldap.entry.LdapDomain)14
HashMap (java.util.HashMap)14
SearchLdapOptions (com.zimbra.cs.ldap.SearchLdapOptions)13
ZLdapFilter (com.zimbra.cs.ldap.ZLdapFilter)12
Account (com.zimbra.cs.account.Account)11
LdapDynamicGroup (com.zimbra.cs.account.ldap.entry.LdapDynamicGroup)11
ZAttributes (com.zimbra.cs.ldap.ZAttributes)10
HashSet (java.util.HashSet)10
GuestAccount (com.zimbra.cs.account.GuestAccount)9
