Examples with ModifyAccountRequest com.zimbra.soap.admin.message.ModifyAccountRequest used on opensource projects

Example 1 with ModifyAccountRequest

use of com.zimbra.soap.admin.message.ModifyAccountRequest in project zm-mailbox by Zimbra.

the class TestServerEnumeration method testModifyAccountAsGlobalAdmin.

@Test
public void testModifyAccountAsGlobalAdmin() throws Exception {
    ModifyAccountRequest req = new ModifyAccountRequest(myUser.getId());
    req.addAttr(new Attr(Provisioning.A_zimbraMailHost, NON_EXISTING_SERVER));
    req.addAttr(new Attr(Provisioning.A_description, "test description"));
    try {
        adminSoapProv.invokeJaxb(req);
        fail("should have caught an exception");
    } catch (SoapFaultException e) {
        assertEquals("should be getting 'no such server' response", AccountServiceException.NO_SUCH_SERVER, e.getCode());
    }
}

Example 2 with ModifyAccountRequest

use of com.zimbra.soap.admin.message.ModifyAccountRequest in project zm-mailbox by Zimbra.

the class TestServerEnumeration method testModifyAccount.

@Test
public void testModifyAccount() throws Exception {
    List<AdminRight> relatedRights = new ArrayList<AdminRight>();
    List<String> notes = new ArrayList<String>();
    AdminDocumentHandler handler = new ModifyAccount();
    handler.docRights(relatedRights, notes);
    createDelegatedAdmin(relatedRights);
    grantRightToAdmin(adminSoapProv, com.zimbra.soap.type.TargetType.fromString(com.zimbra.cs.account.accesscontrol.TargetType.account.toString()), MY_USER, DELEGATED_ADMIN_NAME, Admin.R_modifyAccount.getName());
    adminSoapProv.flushCache(CacheEntryType.acl, null);
    ModifyAccountRequest req = new ModifyAccountRequest(myUser.getId());
    req.addAttr(new Attr(Provisioning.A_zimbraMailHost, NON_EXISTING_SERVER));
    req.addAttr(new Attr(Provisioning.A_description, "test description"));
    try {
        delegatedSoapProv.invokeJaxb(req);
        fail("should have caught an exception");
    } catch (SoapFaultException e) {
        assertEquals("should be getting 'Permission Denied' response", ServiceException.PERM_DENIED, e.getCode());
    }
}

Example 3 with ModifyAccountRequest

use of com.zimbra.soap.admin.message.ModifyAccountRequest in project zm-mailbox by Zimbra.

the class TestServerEnumeration method testModifyAccountSufficientPermissions.

@Test
public void testModifyAccountSufficientPermissions() throws Exception {
    List<AdminRight> relatedRights = new ArrayList<AdminRight>();
    List<String> notes = new ArrayList<String>();
    AdminDocumentHandler handler = new ModifyAccount();
    handler.docRights(relatedRights, notes);
    createDelegatedAdmin(relatedRights);
    grantRightToAdmin(adminSoapProv, com.zimbra.soap.type.TargetType.fromString(com.zimbra.cs.account.accesscontrol.TargetType.account.toString()), MY_USER, DELEGATED_ADMIN_NAME, Admin.R_modifyAccount.getName());
    grantRightToAdmin(adminSoapProv, com.zimbra.soap.type.TargetType.fromString(com.zimbra.cs.account.accesscontrol.TargetType.global.toString()), null, DELEGATED_ADMIN_NAME, Admin.R_listServer.getName());
    adminSoapProv.flushCache(CacheEntryType.acl, null);
    ModifyAccountRequest req = new ModifyAccountRequest(myUser.getId());
    req.addAttr(new Attr(Provisioning.A_zimbraMailHost, NON_EXISTING_SERVER));
    req.addAttr(new Attr(Provisioning.A_description, "test description"));
    try {
        delegatedSoapProv.invokeJaxb(req);
        fail("should have caught an exception");
    } catch (SoapFaultException e) {
        assertEquals("should be getting 'no such server' response", AccountServiceException.NO_SUCH_SERVER, e.getCode());
    }
}

Example 4 with ModifyAccountRequest

use of com.zimbra.soap.admin.message.ModifyAccountRequest in project zm-mailbox by Zimbra.

the class ModifyAccount method handle.

@Override
public Element handle(Element request, Map<String, Object> context) throws ServiceException {
    ZimbraSoapContext zsc = getZimbraSoapContext(context);
    Provisioning prov = Provisioning.getInstance();
    ModifyAccountRequest req = JaxbUtil.elementToJaxb(request);
    AuthToken authToken = zsc.getAuthToken();
    String id = req.getId();
    if (null == id) {
        throw ServiceException.INVALID_REQUEST("missing required attribute: " + AdminConstants.E_ID, null);
    }
    Account account = prov.get(AccountBy.id, id, authToken);
    Map<String, Object> attrs = req.getAttrsAsOldMultimap();
    defendAgainstAccountHarvesting(account, AccountBy.id, id, zsc, attrs);
    // check to see if quota is being changed
    long curQuota = account.getLongAttr(Provisioning.A_zimbraMailQuota, 0);
    /*
         * // Note: isDomainAdminOnly *always* returns false for pure ACL based AccessManager // checkQuota is called
         * only for domain based access manager, remove when we // can totally deprecate domain based access manager if
         * (isDomainAdminOnly(zsc)) checkQuota(zsc, account, attrs);
         */
    /*
         * for bug 42896, the above is no longer true.
         * 
         * For quota, we have to support the per admin limitation zimbraDomainAdminMaxMailQuota, until we come up with a
         * framework to support constraints on a per admin basis.
         * 
         * for now, always call checkQuota, which will check zimbraDomainAdminMaxMailQuota.
         * 
         * If the access manager, and if we have come here, it has already passed the constraint checking, in the
         * checkAccountRight call. If it had violated any constraint, it would have errored out. i.e. for
         * zimbraMailQuota, both zimbraConstraint and zimbraDomainAdminMaxMailQuota are enforced.
         */
    checkQuota(zsc, account, attrs);
    // check to see if cos is being changed, need right on new cos
    checkCos(zsc, account, attrs);
    Server newServer = null;
    String newServerName = getStringAttrNewValue(Provisioning.A_zimbraMailHost, attrs);
    if (newServerName != null) {
        newServer = Provisioning.getInstance().getServerByName(newServerName);
        defendAgainstServerNameHarvesting(newServer, Key.ServerBy.name, newServerName, zsc, Admin.R_listServer);
    }
    // pass in true to checkImmutable
    prov.modifyAttrs(account, attrs, true);
    // get account again, in the case when zimbraCOSId or zimbraForeignPrincipal
    // is changed, the cache object(he one we are holding on to) would'd been
    // flushed out from cache. Get the account again to get the fresh one.
    account = prov.get(AccountBy.id, id, zsc.getAuthToken());
    ZimbraLog.security.info(ZimbraLog.encodeAttrs(new String[] { "cmd", "ModifyAccount", "name", account.getName() }, attrs));
    if (newServer != null) {
        checkNewServer(zsc, context, account, newServer);
    }
    long newQuota = account.getLongAttr(Provisioning.A_zimbraMailQuota, 0);
    if (newQuota != curQuota) {
        // clear the quota cache
        AdminSession session = (AdminSession) getSession(zsc, Session.Type.ADMIN);
        if (session != null) {
            GetQuotaUsage.clearCachedQuotaUsage(session);
        }
    }
    Element response = zsc.createElement(AdminConstants.MODIFY_ACCOUNT_RESPONSE);
    ToXML.encodeAccount(response, account);
    return response;
}

Example 5 with ModifyAccountRequest

use of com.zimbra.soap.admin.message.ModifyAccountRequest in project zm-mailbox by Zimbra.

the class TestPurgeDataSource method setThreadingAlgorithm.

private void setThreadingAlgorithm(String algorithm) throws ServiceException, IOException {
    Map<String, Object> attrs = new HashMap<String, Object>();
    attrs.put(Provisioning.A_zimbraMailThreadingAlgorithm, algorithm);
    ModifyAccountRequest modifyRequest = new ModifyAccountRequest(account.getId());
    modifyRequest.setAttrs(attrs);
    SoapTest.invokeJaxb(transport, modifyRequest);
}