Example 76 with ZLdapFilter
use of com.zimbra.cs.ldap.ZLdapFilter in project zm-mailbox by Zimbra.
the class UBIDLdapContext method deleteChildren.
@Override
public void deleteChildren(String dn) throws ServiceException {
try {
// use ZLdapFilter instead of just the native Filter so it's
// convenient for stating
ZLdapFilter filter = ZLdapFilterFactory.getInstance().anyEntry();
// Filter filter = Filter.createPresenceFilter(LdapConstants.ATTR_OBJECTCLASS);
SearchRequest searchRequest = new SearchRequest(dn, SearchScope.ONE, derefAliasPolicy, // size limit
0, // time limit
0, // getTypesOnly
false, ((UBIDLdapFilter) filter).getNative());
searchRequest.setAttributes("dn");
SearchResult result = UBIDLdapOperation.SEARCH.execute(this, searchRequest, filter);
List<SearchResultEntry> entries = result.getSearchEntries();
for (SearchResultEntry entry : entries) {
deleteEntry(entry.getDN());
}
} catch (LDAPException e) {
throw mapToLdapException("unable to delete children", e);
}
}
Also used :
ZLdapFilter(com.zimbra.cs.ldap.ZLdapFilter)
SearchRequest(com.unboundid.ldap.sdk.SearchRequest)
LDAPException(com.unboundid.ldap.sdk.LDAPException)
SearchResult(com.unboundid.ldap.sdk.SearchResult)
SearchResultEntry(com.unboundid.ldap.sdk.SearchResultEntry)
Example 77 with ZLdapFilter
use of com.zimbra.cs.ldap.ZLdapFilter in project zm-mailbox by Zimbra.
the class UBIDLdapContext method searchPaged.
@Override
public void searchPaged(SearchLdapOptions searchOptions) throws ServiceException {
int maxResults = searchOptions.getMaxResults();
String base = searchOptions.getSearchBase();
ZLdapFilter filter = searchOptions.getFilter();
Set<String> binaryAttrs = searchOptions.getBinaryAttrs();
SearchScope searchScope = ((UBIDSearchScope) searchOptions.getSearchScope()).getNative();
SearchLdapOptions.SearchLdapVisitor visitor = searchOptions.getVisitor();
SearchGalResult searchGalResult = searchOptions.getSearchGalResult();
int pageSize = searchOptions.getResultPageSize();
int offset = 0;
boolean pagination = false;
int limit = 0;
String prevLastReturnedItemCreateDate = null;
if (searchGalResult != null) {
offset = searchGalResult.getLdapMatchCount();
prevLastReturnedItemCreateDate = searchGalResult.getLdapTimeStamp();
pagination = searchGalResult.getHadMore();
limit = searchGalResult.getLimit();
}
if (GalOp.sync == searchOptions.getGalOp() && !pagination) {
limit = 0;
}
if (limit == 0) {
limit = Integer.MAX_VALUE;
}
int pageCount = 0;
int pageOffset = 0;
int currentPage = 0;
int index = 0;
if (offset > 0) {
pageCount = offset / pageSize;
pageOffset = offset % pageSize;
}
String newToken = "";
// TODO: this is the legacy behavior, we can make it a param
boolean wantPartialResult = true;
try {
SearchRequest searchRequest = new SearchRequest(base, searchScope, derefAliasPolicy, maxResults, 0, false, ((UBIDLdapFilter) filter).getNative());
searchRequest.setAttributes(searchOptions.getReturnAttrs());
// Set the page size and initialize the cookie that we pass back in subsequent pages
ASN1OctetString cookie = null;
int count = offset;
do {
List<Control> controls = Lists.newArrayListWithCapacity(2);
if (searchOptions.isUseControl()) {
controls.add(new SimplePagedResultsControl(pageSize, cookie));
}
if (searchOptions.isManageDSAit()) {
controls.add(new ManageDsaITRequestControl(false));
}
searchRequest.setControls(controls.toArray(new Control[0]));
SearchResult result = null;
try {
result = UBIDLdapOperation.SEARCH.execute(this, searchRequest, filter);
} catch (LDAPException e) {
if (ResultCode.SIZE_LIMIT_EXCEEDED == e.getResultCode() && wantPartialResult) {
// if callsite wants partial result, return them
LDAPResult ldapResult = e.toLDAPResult();
if (ldapResult instanceof SearchResult) {
SearchResult searchResult = (SearchResult) ldapResult;
for (SearchResultEntry entry : searchResult.getSearchEntries()) {
String dn = entry.getDN();
UBIDAttributes ubidAttrs = new UBIDAttributes(entry);
if (visitor.wantAttrMapOnVisit()) {
visitor.visit(dn, ubidAttrs.getAttrs(binaryAttrs), ubidAttrs);
} else {
visitor.visit(dn, ubidAttrs);
}
newToken = ubidAttrs.getAttrString("whenCreated") != null ? ubidAttrs.getAttrString("whenCreated") : ubidAttrs.getAttrString("createTimeStamp");
}
if (searchGalResult != null) {
searchGalResult.setLdapTimeStamp(newToken);
searchGalResult.setLdapMatchCount(1);
searchGalResult.setHadMore(true);
}
}
}
// always re-throw
throw e;
}
List<SearchResultEntry> entries = result.getSearchEntries();
boolean hasMore = false;
int resultSize = entries.size();
if (resultSize > (limit + pageOffset)) {
hasMore = true;
}
String leCreateDate = null;
if (currentPage >= pageCount) {
leCreateDate = getLastEntryCreationDate(limit + pageOffset, entries);
if (prevLastReturnedItemCreateDate != null && !prevLastReturnedItemCreateDate.equals(leCreateDate)) {
count = 0;
}
for (index = pageOffset; index < entries.size() && limit > 0; index++) {
SearchResultEntry entry = entries.get(index);
String dn = entry.getDN();
UBIDAttributes ubidAttrs = new UBIDAttributes(entry);
if (visitor.wantAttrMapOnVisit()) {
visitor.visit(dn, ubidAttrs.getAttrs(binaryAttrs), ubidAttrs);
} else {
visitor.visit(dn, ubidAttrs);
}
limit--;
newToken = ubidAttrs.getAttrString("whenCreated") != null ? ubidAttrs.getAttrString("whenCreated") : ubidAttrs.getAttrString("createTimeStamp");
if (newToken != null && newToken.equals(leCreateDate)) {
count++;
}
}
prevLastReturnedItemCreateDate = leCreateDate;
pageOffset = 0;
}
cookie = null;
for (Control c : result.getResponseControls()) {
if (c instanceof SimplePagedResultsControl) {
cookie = ((SimplePagedResultsControl) c).getCookie();
}
}
if (searchGalResult != null && (GalOp.sync == searchOptions.getGalOp())) {
if (limit == 0 && (((cookie != null) && (cookie.getValueLength() > 0)) || hasMore)) {
searchGalResult.setHadMore(true);
searchGalResult.setLdapTimeStamp(newToken);
searchGalResult.setLdapMatchCount(count);
} else if (((cookie != null) && (cookie.getValueLength() == 0))) {
searchGalResult.setHadMore(false);
searchGalResult.setLdapMatchCount(0);
}
}
currentPage++;
} while ((cookie != null) && (cookie.getValueLength() > 0) && limit > 0);
} catch (SearchLdapOptions.StopIteratingException e) {
// break out of the loop and close the ne
} catch (LDAPException e) {
throw mapToLdapException("unable to search ldap", e);
}
}
Also used :
ASN1OctetString(com.unboundid.asn1.ASN1OctetString)
SearchRequest(com.unboundid.ldap.sdk.SearchRequest)
LDAPResult(com.unboundid.ldap.sdk.LDAPResult)
SearchResult(com.unboundid.ldap.sdk.SearchResult)
ASN1OctetString(com.unboundid.asn1.ASN1OctetString)
SearchGalResult(com.zimbra.cs.account.Provisioning.SearchGalResult)
SearchLdapOptions(com.zimbra.cs.ldap.SearchLdapOptions)
ZLdapFilter(com.zimbra.cs.ldap.ZLdapFilter)
Control(com.unboundid.ldap.sdk.Control)
SimplePagedResultsControl(com.unboundid.ldap.sdk.controls.SimplePagedResultsControl)
AssertionRequestControl(com.unboundid.ldap.sdk.controls.AssertionRequestControl)
ManageDsaITRequestControl(com.unboundid.ldap.sdk.controls.ManageDsaITRequestControl)
LDAPException(com.unboundid.ldap.sdk.LDAPException)
SearchScope(com.unboundid.ldap.sdk.SearchScope)
SimplePagedResultsControl(com.unboundid.ldap.sdk.controls.SimplePagedResultsControl)
ManageDsaITRequestControl(com.unboundid.ldap.sdk.controls.ManageDsaITRequestControl)
SearchResultEntry(com.unboundid.ldap.sdk.SearchResultEntry)
Example 78 with ZLdapFilter
use of com.zimbra.cs.ldap.ZLdapFilter in project zm-mailbox by Zimbra.
the class TestLdapProvSearchDirectory method CMBSearchNonSystemResourceAccountsOnly.
@Test
public void CMBSearchNonSystemResourceAccountsOnly() throws Exception {
Account acct1 = createAccount(genAcctNameLocalPart("1"));
Map<String, Object> acct2Attrs = Maps.newHashMap();
acct2Attrs.put(Provisioning.A_zimbraExcludeFromCMBSearch, "TRUE");
Account acct2 = createAccount(genAcctNameLocalPart("2"), acct2Attrs);
Map<String, Object> acct3Attrs = Maps.newHashMap();
acct3Attrs.put(Provisioning.A_zimbraExcludeFromCMBSearch, "FALSE");
Account acct3 = createAccount(genAcctNameLocalPart("3"), acct3Attrs);
Map<String, Object> acct4Attrs = Maps.newHashMap();
acct4Attrs.put(Provisioning.A_zimbraExcludeFromCMBSearch, "FALSE");
acct4Attrs.put(Provisioning.A_zimbraIsSystemResource, "TRUE");
Account acct4 = createAccount(genAcctNameLocalPart("4"), acct4Attrs);
Map<String, Object> acct5Attrs = Maps.newHashMap();
acct5Attrs.put(Provisioning.A_zimbraExcludeFromCMBSearch, "FALSE");
acct5Attrs.put(Provisioning.A_zimbraIsSystemResource, "FALSE");
Account acct5 = createAccount(genAcctNameLocalPart("5"), acct5Attrs);
String[] returnAttrs = { Provisioning.A_displayName, Provisioning.A_zimbraId, Provisioning.A_uid, Provisioning.A_zimbraArchiveAccount, Provisioning.A_zimbraMailHost };
// use domain so our assertion will work, production code does not a domain
SearchAccountsOptions searchOpts = new SearchAccountsOptions(domain, returnAttrs);
searchOpts.setIncludeType(IncludeType.ACCOUNTS_ONLY);
searchOpts.setSortOpt(SortOpt.SORT_DESCENDING);
ZLdapFilter filter = ZLdapFilterFactory.getInstance().CMBSearchNonSystemResourceAccountsOnly();
searchOpts.setFilter(filter);
List<NamedEntry> accounts = prov.searchDirectory(searchOpts);
Verify.verifyEquals(Lists.newArrayList(acct5, acct3, acct1), accounts, true);
deleteAccount(acct1);
deleteAccount(acct2);
deleteAccount(acct3);
deleteAccount(acct4);
deleteAccount(acct5);
/*
// legacy code and LDAP trace before refactoring
List<NamedEntry> accounts = prov.searchAccounts(
"(&(!(" + Provisioning.A_zimbraIsSystemResource + "=*))(|(!(" +
Provisioning.A_zimbraExcludeFromCMBSearch + "=*))(" +
Provisioning.A_zimbraExcludeFromCMBSearch + "=FALSE)))",
returnAttrs, null, false, Provisioning.searchDirectoryStringToMask("accounts"));
Oct 9 14:55:09 pshao-macbookpro-2 slapd[73952]: conn=1352 op=172 SRCH base="" scope=2 deref=0 filter="(&(&(!(zimbraIsSystemResource=*))(|(!(zimbraExcludeFromCMBSearch=*))(zimbraExcludeFromCMBSearch=FALSE)))(&(objectClass=zimbraAccount)(!(objectClass=zimbraCalendarResource))))"
Oct 9 14:55:09 pshao-macbookpro-2 slapd[73952]: conn=1352 op=172 SRCH attr=zimbraCOSId objectClass zimbraDomainName zimbraACE displayName zimbraId uid zimbraArchiveAccount zimbraMailHost
*/
/*
* LDAP trace after reactoring
*
Oct 9 16:18:04 pshao-macbookpro-2 slapd[73952]: conn=1381 op=127 SRCH base="ou=people,dc=com,dc=zimbra,dc=qa,dc=unittest,dc=testldapprovaccount" scope=2 deref=0 filter="(&(&(objectClass=zimbraAccount)(!(objectClass=zimbraCalendarResource)))(!(zimbraIsSystemResource=TRUE))(|(!(zimbraExcludeFromCMBSearch=*))(zimbraExcludeFromCMBSearch=FALSE)))"
Oct 9 16:18:04 pshao-macbookpro-2 slapd[73952]: conn=1381 op=127 SRCH attr=zimbraCOSId objectClass zimbraDomainName zimbraACE displayName zimbraId uid zimbraArchiveAccount zimbraMailHost
*/
}
Also used :
ZLdapFilter(com.zimbra.cs.ldap.ZLdapFilter)
Account(com.zimbra.cs.account.Account)
NamedEntry(com.zimbra.cs.account.NamedEntry)
SearchAccountsOptions(com.zimbra.cs.account.SearchAccountsOptions)
ProvTest(com.zimbra.qa.unittest.prov.ProvTest)
Example 79 with ZLdapFilter
use of com.zimbra.cs.ldap.ZLdapFilter in project zm-mailbox by Zimbra.
the class TestLdapProvSearchDirectory method CMBSearchAccountsOnlyWithArchive.
@Test
public void CMBSearchAccountsOnlyWithArchive() throws Exception {
Account acct1 = createAccount(genAcctNameLocalPart("1"));
Map<String, Object> acct2Attrs = Maps.newHashMap();
acct2Attrs.put(Provisioning.A_zimbraExcludeFromCMBSearch, "TRUE");
Account acct2 = createAccount(genAcctNameLocalPart("2"), acct2Attrs);
Map<String, Object> acct3Attrs = Maps.newHashMap();
acct3Attrs.put(Provisioning.A_zimbraExcludeFromCMBSearch, "FALSE");
Account acct3 = createAccount(genAcctNameLocalPart("3"), acct3Attrs);
Map<String, Object> acct4Attrs = Maps.newHashMap();
acct4Attrs.put(Provisioning.A_zimbraExcludeFromCMBSearch, "FALSE");
acct4Attrs.put(Provisioning.A_zimbraArchiveAccount, "archive@test.com");
Account acct4 = createAccount(genAcctNameLocalPart("4"), acct4Attrs);
String[] returnAttrs = { Provisioning.A_displayName, Provisioning.A_zimbraId, Provisioning.A_uid, Provisioning.A_zimbraArchiveAccount, Provisioning.A_zimbraMailHost };
// use domain so our assertion will work, production code does not a domain
SearchAccountsOptions searchOpts = new SearchAccountsOptions(domain, returnAttrs);
searchOpts.setIncludeType(IncludeType.ACCOUNTS_ONLY);
searchOpts.setSortOpt(SortOpt.SORT_DESCENDING);
ZLdapFilter filter = ZLdapFilterFactory.getInstance().CMBSearchAccountsOnlyWithArchive();
searchOpts.setFilter(filter);
List<NamedEntry> accounts = prov.searchDirectory(searchOpts);
Verify.verifyEquals(Lists.newArrayList(acct4), accounts, true);
deleteAccount(acct1);
deleteAccount(acct2);
deleteAccount(acct3);
deleteAccount(acct4);
/*
// legacy code and LDAP trace before refactoring
List<NamedEntry> accounts = prov.searchAccounts(
"(&(" + Provisioning.A_zimbraArchiveAccount + "=*)(|(!(" +
Provisioning.A_zimbraExcludeFromCMBSearch + "=*))(" +
Provisioning.A_zimbraExcludeFromCMBSearch + "=FALSE)))",
returnAttrs,null,false,Provisioning.searchDirectoryStringToMask("accounts"));
Oct 9 16:40:05 pshao-macbookpro-2 slapd[73952]: conn=1388 op=172 SRCH base="" scope=2 deref=0 filter="(&(&(zimbraArchiveAccount=*)(|(!(zimbraExcludeFromCMBSearch=*))(zimbraExcludeFromCMBSearch=FALSE)))(&(objectClass=zimbraAccount)(!(objectClass=zimbraCalendarResource))))"
Oct 9 16:40:05 pshao-macbookpro-2 slapd[73952]: conn=1388 op=172 SRCH attr=zimbraCOSId objectClass zimbraDomainName zimbraACE displayName zimbraId uid zimbraArchiveAccount zimbraMailHost
*/
/*
* LDAP trace after reactoring
*
Oct 9 17:03:11 pshao-macbookpro-2 slapd[73952]: conn=1413 op=125 SRCH base="ou=people,dc=com,dc=zimbra,dc=qa,dc=unittest,dc=testldapprovaccount" scope=2 deref=0 filter="(&(&(objectClass=zimbraAccount)(!(objectClass=zimbraCalendarResource)))(zimbraArchiveAccount=*)(|(!(zimbraExcludeFromCMBSearch=*))(zimbraExcludeFromCMBSearch=FALSE)))"
Oct 9 17:03:11 pshao-macbookpro-2 slapd[73952]: conn=1413 op=125 SRCH attr=zimbraCOSId objectClass zimbraDomainName zimbraACE displayName zimbraId uid zimbraArchiveAccount zimbraMailHost
*/
}
Also used :
ZLdapFilter(com.zimbra.cs.ldap.ZLdapFilter)
Account(com.zimbra.cs.account.Account)
NamedEntry(com.zimbra.cs.account.NamedEntry)
SearchAccountsOptions(com.zimbra.cs.account.SearchAccountsOptions)
ProvTest(com.zimbra.qa.unittest.prov.ProvTest)
Example 80 with ZLdapFilter
use of com.zimbra.cs.ldap.ZLdapFilter in project zm-mailbox by Zimbra.
the class TestLdapHelper method searchForEntry.
@Test
public void searchForEntry() throws Exception {
LdapDIT dit = prov.getDIT();
String base = dit.configBranchBaseDN();
ZLdapFilter filter = filterFactory.fromFilterString(FilterId.UNITTEST, "(cn=config)");
ZSearchResultEntry sr = ldapHelper.searchForEntry(base, filter, null, false);
assertNotNull(sr);
assertEquals("cn=config,cn=zimbra", sr.getDN());
}
Also used :
ZLdapFilter(com.zimbra.cs.ldap.ZLdapFilter)
LdapDIT(com.zimbra.cs.account.ldap.LdapDIT)
ZSearchResultEntry(com.zimbra.cs.ldap.ZSearchResultEntry)
Aggregations
ZLdapFilter (com.zimbra.cs.ldap.ZLdapFilter)123
ZSearchResultEntry (com.zimbra.cs.ldap.ZSearchResultEntry)15
ZSearchResultEnumeration (com.zimbra.cs.ldap.ZSearchResultEnumeration)13
ZLdapContext (com.zimbra.cs.ldap.ZLdapContext)10
ZSearchControls (com.zimbra.cs.ldap.ZSearchControls)10
ServiceException (com.zimbra.common.service.ServiceException)9
AccountServiceException (com.zimbra.cs.account.AccountServiceException)8
AuthFailedServiceException (com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)8
ArrayList (java.util.ArrayList)8
Server (com.zimbra.cs.account.Server)7
LdapDIT (com.zimbra.cs.account.ldap.LdapDIT)7
Account (com.zimbra.cs.account.Account)6
LdapSizeLimitExceededException (com.zimbra.cs.ldap.LdapException.LdapSizeLimitExceededException)6
NamedEntry (com.zimbra.cs.account.NamedEntry)5
SearchAccountsOptions (com.zimbra.cs.account.SearchAccountsOptions)5
BySearchResultEntrySearcher (com.zimbra.cs.account.ldap.BySearchResultEntrySearcher)5
SearchLdapOptions (com.zimbra.cs.ldap.SearchLdapOptions)5
ProvTest (com.zimbra.qa.unittest.prov.ProvTest)5
LDAPException (com.unboundid.ldap.sdk.LDAPException)3
SearchRequest (com.unboundid.ldap.sdk.SearchRequest)3
