Search in sources :

Example 76 with ZLdapFilter

use of com.zimbra.cs.ldap.ZLdapFilter in project zm-mailbox by Zimbra.

the class UBIDLdapContext method deleteChildren.

@Override
public void deleteChildren(String dn) throws ServiceException {
    try {
        // use ZLdapFilter instead of just the native Filter so it's
        // convenient for stating
        ZLdapFilter filter = ZLdapFilterFactory.getInstance().anyEntry();
        // Filter filter = Filter.createPresenceFilter(LdapConstants.ATTR_OBJECTCLASS);
        SearchRequest searchRequest = new SearchRequest(dn, SearchScope.ONE, derefAliasPolicy, // size limit
        0, // time limit
        0, // getTypesOnly
        false, ((UBIDLdapFilter) filter).getNative());
        searchRequest.setAttributes("dn");
        SearchResult result = UBIDLdapOperation.SEARCH.execute(this, searchRequest, filter);
        List<SearchResultEntry> entries = result.getSearchEntries();
        for (SearchResultEntry entry : entries) {
            deleteEntry(entry.getDN());
        }
    } catch (LDAPException e) {
        throw mapToLdapException("unable to delete children", e);
    }
}
Also used : ZLdapFilter(com.zimbra.cs.ldap.ZLdapFilter) SearchRequest(com.unboundid.ldap.sdk.SearchRequest) LDAPException(com.unboundid.ldap.sdk.LDAPException) SearchResult(com.unboundid.ldap.sdk.SearchResult) SearchResultEntry(com.unboundid.ldap.sdk.SearchResultEntry)

Example 77 with ZLdapFilter

use of com.zimbra.cs.ldap.ZLdapFilter in project zm-mailbox by Zimbra.

the class UBIDLdapContext method searchPaged.

@Override
public void searchPaged(SearchLdapOptions searchOptions) throws ServiceException {
    int maxResults = searchOptions.getMaxResults();
    String base = searchOptions.getSearchBase();
    ZLdapFilter filter = searchOptions.getFilter();
    Set<String> binaryAttrs = searchOptions.getBinaryAttrs();
    SearchScope searchScope = ((UBIDSearchScope) searchOptions.getSearchScope()).getNative();
    SearchLdapOptions.SearchLdapVisitor visitor = searchOptions.getVisitor();
    SearchGalResult searchGalResult = searchOptions.getSearchGalResult();
    int pageSize = searchOptions.getResultPageSize();
    int offset = 0;
    boolean pagination = false;
    int limit = 0;
    String prevLastReturnedItemCreateDate = null;
    if (searchGalResult != null) {
        offset = searchGalResult.getLdapMatchCount();
        prevLastReturnedItemCreateDate = searchGalResult.getLdapTimeStamp();
        pagination = searchGalResult.getHadMore();
        limit = searchGalResult.getLimit();
    }
    if (GalOp.sync == searchOptions.getGalOp() && !pagination) {
        limit = 0;
    }
    if (limit == 0) {
        limit = Integer.MAX_VALUE;
    }
    int pageCount = 0;
    int pageOffset = 0;
    int currentPage = 0;
    int index = 0;
    if (offset > 0) {
        pageCount = offset / pageSize;
        pageOffset = offset % pageSize;
    }
    String newToken = "";
    // TODO: this is the legacy behavior, we can make it a param
    boolean wantPartialResult = true;
    try {
        SearchRequest searchRequest = new SearchRequest(base, searchScope, derefAliasPolicy, maxResults, 0, false, ((UBIDLdapFilter) filter).getNative());
        searchRequest.setAttributes(searchOptions.getReturnAttrs());
        // Set the page size and initialize the cookie that we pass back in subsequent pages
        ASN1OctetString cookie = null;
        int count = offset;
        do {
            List<Control> controls = Lists.newArrayListWithCapacity(2);
            if (searchOptions.isUseControl()) {
                controls.add(new SimplePagedResultsControl(pageSize, cookie));
            }
            if (searchOptions.isManageDSAit()) {
                controls.add(new ManageDsaITRequestControl(false));
            }
            searchRequest.setControls(controls.toArray(new Control[0]));
            SearchResult result = null;
            try {
                result = UBIDLdapOperation.SEARCH.execute(this, searchRequest, filter);
            } catch (LDAPException e) {
                if (ResultCode.SIZE_LIMIT_EXCEEDED == e.getResultCode() && wantPartialResult) {
                    // if callsite wants partial result, return them
                    LDAPResult ldapResult = e.toLDAPResult();
                    if (ldapResult instanceof SearchResult) {
                        SearchResult searchResult = (SearchResult) ldapResult;
                        for (SearchResultEntry entry : searchResult.getSearchEntries()) {
                            String dn = entry.getDN();
                            UBIDAttributes ubidAttrs = new UBIDAttributes(entry);
                            if (visitor.wantAttrMapOnVisit()) {
                                visitor.visit(dn, ubidAttrs.getAttrs(binaryAttrs), ubidAttrs);
                            } else {
                                visitor.visit(dn, ubidAttrs);
                            }
                            newToken = ubidAttrs.getAttrString("whenCreated") != null ? ubidAttrs.getAttrString("whenCreated") : ubidAttrs.getAttrString("createTimeStamp");
                        }
                        if (searchGalResult != null) {
                            searchGalResult.setLdapTimeStamp(newToken);
                            searchGalResult.setLdapMatchCount(1);
                            searchGalResult.setHadMore(true);
                        }
                    }
                }
                // always re-throw
                throw e;
            }
            List<SearchResultEntry> entries = result.getSearchEntries();
            boolean hasMore = false;
            int resultSize = entries.size();
            if (resultSize > (limit + pageOffset)) {
                hasMore = true;
            }
            String leCreateDate = null;
            if (currentPage >= pageCount) {
                leCreateDate = getLastEntryCreationDate(limit + pageOffset, entries);
                if (prevLastReturnedItemCreateDate != null && !prevLastReturnedItemCreateDate.equals(leCreateDate)) {
                    count = 0;
                }
                for (index = pageOffset; index < entries.size() && limit > 0; index++) {
                    SearchResultEntry entry = entries.get(index);
                    String dn = entry.getDN();
                    UBIDAttributes ubidAttrs = new UBIDAttributes(entry);
                    if (visitor.wantAttrMapOnVisit()) {
                        visitor.visit(dn, ubidAttrs.getAttrs(binaryAttrs), ubidAttrs);
                    } else {
                        visitor.visit(dn, ubidAttrs);
                    }
                    limit--;
                    newToken = ubidAttrs.getAttrString("whenCreated") != null ? ubidAttrs.getAttrString("whenCreated") : ubidAttrs.getAttrString("createTimeStamp");
                    if (newToken != null && newToken.equals(leCreateDate)) {
                        count++;
                    }
                }
                prevLastReturnedItemCreateDate = leCreateDate;
                pageOffset = 0;
            }
            cookie = null;
            for (Control c : result.getResponseControls()) {
                if (c instanceof SimplePagedResultsControl) {
                    cookie = ((SimplePagedResultsControl) c).getCookie();
                }
            }
            if (searchGalResult != null && (GalOp.sync == searchOptions.getGalOp())) {
                if (limit == 0 && (((cookie != null) && (cookie.getValueLength() > 0)) || hasMore)) {
                    searchGalResult.setHadMore(true);
                    searchGalResult.setLdapTimeStamp(newToken);
                    searchGalResult.setLdapMatchCount(count);
                } else if (((cookie != null) && (cookie.getValueLength() == 0))) {
                    searchGalResult.setHadMore(false);
                    searchGalResult.setLdapMatchCount(0);
                }
            }
            currentPage++;
        } while ((cookie != null) && (cookie.getValueLength() > 0) && limit > 0);
    } catch (SearchLdapOptions.StopIteratingException e) {
    // break out of the loop and close the ne
    } catch (LDAPException e) {
        throw mapToLdapException("unable to search ldap", e);
    }
}
Also used : ASN1OctetString(com.unboundid.asn1.ASN1OctetString) SearchRequest(com.unboundid.ldap.sdk.SearchRequest) LDAPResult(com.unboundid.ldap.sdk.LDAPResult) SearchResult(com.unboundid.ldap.sdk.SearchResult) ASN1OctetString(com.unboundid.asn1.ASN1OctetString) SearchGalResult(com.zimbra.cs.account.Provisioning.SearchGalResult) SearchLdapOptions(com.zimbra.cs.ldap.SearchLdapOptions) ZLdapFilter(com.zimbra.cs.ldap.ZLdapFilter) Control(com.unboundid.ldap.sdk.Control) SimplePagedResultsControl(com.unboundid.ldap.sdk.controls.SimplePagedResultsControl) AssertionRequestControl(com.unboundid.ldap.sdk.controls.AssertionRequestControl) ManageDsaITRequestControl(com.unboundid.ldap.sdk.controls.ManageDsaITRequestControl) LDAPException(com.unboundid.ldap.sdk.LDAPException) SearchScope(com.unboundid.ldap.sdk.SearchScope) SimplePagedResultsControl(com.unboundid.ldap.sdk.controls.SimplePagedResultsControl) ManageDsaITRequestControl(com.unboundid.ldap.sdk.controls.ManageDsaITRequestControl) SearchResultEntry(com.unboundid.ldap.sdk.SearchResultEntry)

Example 78 with ZLdapFilter

use of com.zimbra.cs.ldap.ZLdapFilter in project zm-mailbox by Zimbra.

the class TestLdapProvSearchDirectory method CMBSearchNonSystemResourceAccountsOnly.

@Test
public void CMBSearchNonSystemResourceAccountsOnly() throws Exception {
    Account acct1 = createAccount(genAcctNameLocalPart("1"));
    Map<String, Object> acct2Attrs = Maps.newHashMap();
    acct2Attrs.put(Provisioning.A_zimbraExcludeFromCMBSearch, "TRUE");
    Account acct2 = createAccount(genAcctNameLocalPart("2"), acct2Attrs);
    Map<String, Object> acct3Attrs = Maps.newHashMap();
    acct3Attrs.put(Provisioning.A_zimbraExcludeFromCMBSearch, "FALSE");
    Account acct3 = createAccount(genAcctNameLocalPart("3"), acct3Attrs);
    Map<String, Object> acct4Attrs = Maps.newHashMap();
    acct4Attrs.put(Provisioning.A_zimbraExcludeFromCMBSearch, "FALSE");
    acct4Attrs.put(Provisioning.A_zimbraIsSystemResource, "TRUE");
    Account acct4 = createAccount(genAcctNameLocalPart("4"), acct4Attrs);
    Map<String, Object> acct5Attrs = Maps.newHashMap();
    acct5Attrs.put(Provisioning.A_zimbraExcludeFromCMBSearch, "FALSE");
    acct5Attrs.put(Provisioning.A_zimbraIsSystemResource, "FALSE");
    Account acct5 = createAccount(genAcctNameLocalPart("5"), acct5Attrs);
    String[] returnAttrs = { Provisioning.A_displayName, Provisioning.A_zimbraId, Provisioning.A_uid, Provisioning.A_zimbraArchiveAccount, Provisioning.A_zimbraMailHost };
    // use domain so our assertion will work, production code does not a domain
    SearchAccountsOptions searchOpts = new SearchAccountsOptions(domain, returnAttrs);
    searchOpts.setIncludeType(IncludeType.ACCOUNTS_ONLY);
    searchOpts.setSortOpt(SortOpt.SORT_DESCENDING);
    ZLdapFilter filter = ZLdapFilterFactory.getInstance().CMBSearchNonSystemResourceAccountsOnly();
    searchOpts.setFilter(filter);
    List<NamedEntry> accounts = prov.searchDirectory(searchOpts);
    Verify.verifyEquals(Lists.newArrayList(acct5, acct3, acct1), accounts, true);
    deleteAccount(acct1);
    deleteAccount(acct2);
    deleteAccount(acct3);
    deleteAccount(acct4);
    deleteAccount(acct5);
/*
        // legacy code and LDAP trace before refactoring
        List<NamedEntry> accounts = prov.searchAccounts(
                "(&(!(" + Provisioning.A_zimbraIsSystemResource + "=*))(|(!(" +
                Provisioning.A_zimbraExcludeFromCMBSearch + "=*))(" +
                Provisioning.A_zimbraExcludeFromCMBSearch + "=FALSE)))",
                returnAttrs, null, false, Provisioning.searchDirectoryStringToMask("accounts"));

        Oct  9 14:55:09 pshao-macbookpro-2 slapd[73952]: conn=1352 op=172 SRCH base="" scope=2 deref=0 filter="(&(&(!(zimbraIsSystemResource=*))(|(!(zimbraExcludeFromCMBSearch=*))(zimbraExcludeFromCMBSearch=FALSE)))(&(objectClass=zimbraAccount)(!(objectClass=zimbraCalendarResource))))"
        Oct  9 14:55:09 pshao-macbookpro-2 slapd[73952]: conn=1352 op=172 SRCH attr=zimbraCOSId objectClass zimbraDomainName zimbraACE displayName zimbraId uid zimbraArchiveAccount zimbraMailHost
        */
/*
         * LDAP trace after reactoring
         *
        Oct  9 16:18:04 pshao-macbookpro-2 slapd[73952]: conn=1381 op=127 SRCH base="ou=people,dc=com,dc=zimbra,dc=qa,dc=unittest,dc=testldapprovaccount" scope=2 deref=0 filter="(&(&(objectClass=zimbraAccount)(!(objectClass=zimbraCalendarResource)))(!(zimbraIsSystemResource=TRUE))(|(!(zimbraExcludeFromCMBSearch=*))(zimbraExcludeFromCMBSearch=FALSE)))"
        Oct  9 16:18:04 pshao-macbookpro-2 slapd[73952]: conn=1381 op=127 SRCH attr=zimbraCOSId objectClass zimbraDomainName zimbraACE displayName zimbraId uid zimbraArchiveAccount zimbraMailHost
        */
}
Also used : ZLdapFilter(com.zimbra.cs.ldap.ZLdapFilter) Account(com.zimbra.cs.account.Account) NamedEntry(com.zimbra.cs.account.NamedEntry) SearchAccountsOptions(com.zimbra.cs.account.SearchAccountsOptions) ProvTest(com.zimbra.qa.unittest.prov.ProvTest)

Example 79 with ZLdapFilter

use of com.zimbra.cs.ldap.ZLdapFilter in project zm-mailbox by Zimbra.

the class TestLdapProvSearchDirectory method CMBSearchAccountsOnlyWithArchive.

@Test
public void CMBSearchAccountsOnlyWithArchive() throws Exception {
    Account acct1 = createAccount(genAcctNameLocalPart("1"));
    Map<String, Object> acct2Attrs = Maps.newHashMap();
    acct2Attrs.put(Provisioning.A_zimbraExcludeFromCMBSearch, "TRUE");
    Account acct2 = createAccount(genAcctNameLocalPart("2"), acct2Attrs);
    Map<String, Object> acct3Attrs = Maps.newHashMap();
    acct3Attrs.put(Provisioning.A_zimbraExcludeFromCMBSearch, "FALSE");
    Account acct3 = createAccount(genAcctNameLocalPart("3"), acct3Attrs);
    Map<String, Object> acct4Attrs = Maps.newHashMap();
    acct4Attrs.put(Provisioning.A_zimbraExcludeFromCMBSearch, "FALSE");
    acct4Attrs.put(Provisioning.A_zimbraArchiveAccount, "archive@test.com");
    Account acct4 = createAccount(genAcctNameLocalPart("4"), acct4Attrs);
    String[] returnAttrs = { Provisioning.A_displayName, Provisioning.A_zimbraId, Provisioning.A_uid, Provisioning.A_zimbraArchiveAccount, Provisioning.A_zimbraMailHost };
    // use domain so our assertion will work, production code does not a domain
    SearchAccountsOptions searchOpts = new SearchAccountsOptions(domain, returnAttrs);
    searchOpts.setIncludeType(IncludeType.ACCOUNTS_ONLY);
    searchOpts.setSortOpt(SortOpt.SORT_DESCENDING);
    ZLdapFilter filter = ZLdapFilterFactory.getInstance().CMBSearchAccountsOnlyWithArchive();
    searchOpts.setFilter(filter);
    List<NamedEntry> accounts = prov.searchDirectory(searchOpts);
    Verify.verifyEquals(Lists.newArrayList(acct4), accounts, true);
    deleteAccount(acct1);
    deleteAccount(acct2);
    deleteAccount(acct3);
    deleteAccount(acct4);
/*
        // legacy code and LDAP trace before refactoring
        List<NamedEntry> accounts = prov.searchAccounts(
                "(&(" + Provisioning.A_zimbraArchiveAccount + "=*)(|(!(" +
                Provisioning.A_zimbraExcludeFromCMBSearch + "=*))(" +
                Provisioning.A_zimbraExcludeFromCMBSearch + "=FALSE)))",
                returnAttrs,null,false,Provisioning.searchDirectoryStringToMask("accounts"));

        Oct  9 16:40:05 pshao-macbookpro-2 slapd[73952]: conn=1388 op=172 SRCH base="" scope=2 deref=0 filter="(&(&(zimbraArchiveAccount=*)(|(!(zimbraExcludeFromCMBSearch=*))(zimbraExcludeFromCMBSearch=FALSE)))(&(objectClass=zimbraAccount)(!(objectClass=zimbraCalendarResource))))"
        Oct  9 16:40:05 pshao-macbookpro-2 slapd[73952]: conn=1388 op=172 SRCH attr=zimbraCOSId objectClass zimbraDomainName zimbraACE displayName zimbraId uid zimbraArchiveAccount zimbraMailHost
        */
/*
         * LDAP trace after reactoring
         *
        Oct  9 17:03:11 pshao-macbookpro-2 slapd[73952]: conn=1413 op=125 SRCH base="ou=people,dc=com,dc=zimbra,dc=qa,dc=unittest,dc=testldapprovaccount" scope=2 deref=0 filter="(&(&(objectClass=zimbraAccount)(!(objectClass=zimbraCalendarResource)))(zimbraArchiveAccount=*)(|(!(zimbraExcludeFromCMBSearch=*))(zimbraExcludeFromCMBSearch=FALSE)))"
        Oct  9 17:03:11 pshao-macbookpro-2 slapd[73952]: conn=1413 op=125 SRCH attr=zimbraCOSId objectClass zimbraDomainName zimbraACE displayName zimbraId uid zimbraArchiveAccount zimbraMailHost
        */
}
Also used : ZLdapFilter(com.zimbra.cs.ldap.ZLdapFilter) Account(com.zimbra.cs.account.Account) NamedEntry(com.zimbra.cs.account.NamedEntry) SearchAccountsOptions(com.zimbra.cs.account.SearchAccountsOptions) ProvTest(com.zimbra.qa.unittest.prov.ProvTest)

Example 80 with ZLdapFilter

use of com.zimbra.cs.ldap.ZLdapFilter in project zm-mailbox by Zimbra.

the class TestLdapHelper method searchForEntry.

@Test
public void searchForEntry() throws Exception {
    LdapDIT dit = prov.getDIT();
    String base = dit.configBranchBaseDN();
    ZLdapFilter filter = filterFactory.fromFilterString(FilterId.UNITTEST, "(cn=config)");
    ZSearchResultEntry sr = ldapHelper.searchForEntry(base, filter, null, false);
    assertNotNull(sr);
    assertEquals("cn=config,cn=zimbra", sr.getDN());
}
Also used : ZLdapFilter(com.zimbra.cs.ldap.ZLdapFilter) LdapDIT(com.zimbra.cs.account.ldap.LdapDIT) ZSearchResultEntry(com.zimbra.cs.ldap.ZSearchResultEntry)

Aggregations

ZLdapFilter (com.zimbra.cs.ldap.ZLdapFilter)123 ZSearchResultEntry (com.zimbra.cs.ldap.ZSearchResultEntry)15 ZSearchResultEnumeration (com.zimbra.cs.ldap.ZSearchResultEnumeration)13 ZLdapContext (com.zimbra.cs.ldap.ZLdapContext)10 ZSearchControls (com.zimbra.cs.ldap.ZSearchControls)10 ServiceException (com.zimbra.common.service.ServiceException)9 AccountServiceException (com.zimbra.cs.account.AccountServiceException)8 AuthFailedServiceException (com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)8 ArrayList (java.util.ArrayList)8 Server (com.zimbra.cs.account.Server)7 LdapDIT (com.zimbra.cs.account.ldap.LdapDIT)7 Account (com.zimbra.cs.account.Account)6 LdapSizeLimitExceededException (com.zimbra.cs.ldap.LdapException.LdapSizeLimitExceededException)6 NamedEntry (com.zimbra.cs.account.NamedEntry)5 SearchAccountsOptions (com.zimbra.cs.account.SearchAccountsOptions)5 BySearchResultEntrySearcher (com.zimbra.cs.account.ldap.BySearchResultEntrySearcher)5 SearchLdapOptions (com.zimbra.cs.ldap.SearchLdapOptions)5 ProvTest (com.zimbra.qa.unittest.prov.ProvTest)5 LDAPException (com.unboundid.ldap.sdk.LDAPException)3 SearchRequest (com.unboundid.ldap.sdk.SearchRequest)3