use of com.zimbra.soap.admin.type.DomainSelector in project zm-mailbox by Zimbra.
the class ZSoapProvisioning method getDomainInfo.
public ZDomain getDomainInfo(DomainBy keyType, String key) throws ServiceException {
DomainSelector domSel = new DomainSelector(toJaxb(keyType), key);
try {
GetDomainInfoResponse resp = invokeJaxb(new GetDomainInfoRequest(domSel, null));
DomainInfo domainInfo = resp.getDomain();
return domainInfo == null ? null : new ZDomain(domainInfo);
} catch (ServiceException e) {
if (e.getCode().equals(Constants.ERROR_CODE_NO_SUCH_DOMAIN))
return null;
else
throw e;
}
}
use of com.zimbra.soap.admin.type.DomainSelector in project zm-mailbox by Zimbra.
the class SoapProvisioning method deleteHabOrgUnit.
@Override
public void deleteHabOrgUnit(Domain domain, String habOrgUnitName) throws ServiceException {
DomainSelector domSel = new DomainSelector(toJaxb(DomainBy.name), domain.getName());
invokeJaxb(new HABOrgUnitRequest(domSel, habOrgUnitName, HabOp.delete));
}
use of com.zimbra.soap.admin.type.DomainSelector in project zm-mailbox by Zimbra.
the class TestCountObjects method testRogueAdmin.
@Test
public void testRogueAdmin() throws Exception {
try {
SoapTransport transport = SoapTest.authAdmin(ROGUE_ADMIN_USER_EMAIL, PASSWORD);
// count domains
try {
CountObjectsRequest req = new CountObjectsRequest(CountObjectsType.domain);
CountObjectsResponse resp = SoapTest.invokeJaxb(transport, req);
fail("should not be able to count domains");
} catch (SoapFaultException e) {
assertEquals(ServiceException.PERM_DENIED, e.getCode());
}
// count user accounts
try {
CountObjectsRequest req = new CountObjectsRequest(CountObjectsType.userAccount, new DomainSelector(DomainBy.name, DOMAIN_NAME));
CountObjectsResponse resp = SoapTest.invokeJaxb(transport, req);
fail("should not be able to count accounts");
} catch (SoapFaultException e) {
assertEquals(ServiceException.PERM_DENIED, e.getCode());
}
// count accounts
try {
CountObjectsRequest req = new CountObjectsRequest(CountObjectsType.account, new DomainSelector(DomainBy.name, DOMAIN_NAME));
CountObjectsResponse resp = SoapTest.invokeJaxb(transport, req);
fail("should not be able to count accounts");
} catch (SoapFaultException e) {
assertEquals(ServiceException.PERM_DENIED, e.getCode());
}
// count distribution lists
try {
CountObjectsRequest req = new CountObjectsRequest(CountObjectsType.dl);
req.addDomain(new DomainSelector(DomainBy.name, DOMAIN_NAME));
CountObjectsResponse resp = SoapTest.invokeJaxb(transport, req);
assertTrue("should have at least one distribution list", resp.getNum() > 0);
} catch (ServiceException e) {
fail("should not be throwing exception here " + e.getLocalizedMessage());
}
// count aliases
try {
CountObjectsRequest req = new CountObjectsRequest(CountObjectsType.alias, new DomainSelector(DomainBy.name, DOMAIN_NAME));
CountObjectsResponse resp = SoapTest.invokeJaxb(transport, req);
fail("should not be able to count aliases");
} catch (SoapFaultException e) {
assertEquals(ServiceException.PERM_DENIED, e.getCode());
}
} catch (Exception e) {
fail(e.getLocalizedMessage());
}
}
use of com.zimbra.soap.admin.type.DomainSelector in project zm-mailbox by Zimbra.
the class TestCountObjects method testDomainAdmin.
@Test
public void testDomainAdmin() throws Exception {
try {
SoapTransport transport = SoapTest.authAdmin(DOMAIN_ADMIN_USER_EMAIL, PASSWORD);
// count domains
try {
CountObjectsRequest req = new CountObjectsRequest(CountObjectsType.domain);
CountObjectsResponse resp = SoapTest.invokeJaxb(transport, req);
fail("should not be able to count domains");
} catch (SoapFaultException e) {
assertEquals("should not be able to count domains", ServiceException.PERM_DENIED, e.getCode());
}
// count COSes
try {
CountObjectsRequest req = new CountObjectsRequest(CountObjectsType.cos);
CountObjectsResponse resp = SoapTest.invokeJaxb(transport, req);
fail("should not be able to count COSes");
} catch (SoapFaultException e) {
assertEquals("should not be able to count COSes", ServiceException.PERM_DENIED, e.getCode());
}
// count user accounts
CountObjectsRequest req = new CountObjectsRequest(CountObjectsType.userAccount);
CountObjectsResponse resp = SoapTest.invokeJaxb(transport, req);
assertTrue("should have at least one account", resp.getNum() > 0);
assertEquals("object type in response should be 'userAccount'", "userAccount", resp.getType());
// count accounts
req = new CountObjectsRequest(CountObjectsType.account);
resp = SoapTest.invokeJaxb(transport, req);
assertTrue("should have at least one account", resp.getNum() > 0);
assertEquals("object type in response should be 'account'", "account", resp.getType());
// count distribution lists
req = new CountObjectsRequest(CountObjectsType.dl);
resp = SoapTest.invokeJaxb(transport, req);
assertTrue("should have at least one distribution list", resp.getNum() > 0);
assertEquals("object type in response should be 'dl'", "dl", resp.getType());
// count aliases without a domain filter
req = new CountObjectsRequest(CountObjectsType.alias);
resp = SoapTest.invokeJaxb(transport, req);
assertTrue("should have at least one alias", resp.getNum() > 0);
assertEquals("object type in response should be 'alias'", "alias", resp.getType());
// count user accounts with domain filter
req = new CountObjectsRequest(CountObjectsType.userAccount);
req.addDomain(new DomainSelector(DomainBy.name, DOMAIN_NAME));
resp = SoapTest.invokeJaxb(transport, req);
assertTrue("should have at least one userAccount", resp.getNum() > 0);
assertEquals("object type in response should be 'userAccount'", "userAccount", resp.getType());
// count accounts with domain filter
req = new CountObjectsRequest(CountObjectsType.account, new DomainSelector(DomainBy.name, DOMAIN_NAME));
resp = SoapTest.invokeJaxb(transport, req);
assertTrue("should have at least one account", resp.getNum() > 0);
assertEquals("object type in response should be 'account'", "account", resp.getType());
// count DLs with domain filter
req = new CountObjectsRequest(CountObjectsType.dl, new DomainSelector(DomainBy.name, DOMAIN_NAME));
resp = SoapTest.invokeJaxb(transport, req);
assertTrue("should have at least one distribution list", resp.getNum() > 0);
assertEquals("object type in response should be 'dl'", "dl", resp.getType());
// count aliases with domain filter
req = new CountObjectsRequest(CountObjectsType.alias, new DomainSelector(DomainBy.name, DOMAIN_NAME));
resp = SoapTest.invokeJaxb(transport, req);
assertTrue("should have at least one alias", resp.getNum() > 0);
assertEquals("object type in response should be 'alias'", "alias", resp.getType());
} catch (Exception e) {
fail(e.getLocalizedMessage());
}
}
use of com.zimbra.soap.admin.type.DomainSelector in project zm-mailbox by Zimbra.
the class CountObjects method handle.
@Override
public Element handle(Element request, Map<String, Object> context) throws ServiceException {
ZimbraSoapContext zsc = getZimbraSoapContext(context);
CountObjectsRequest req = zsc.elementToJaxb(request);
CountObjectsType countObjectsType = req.getType();
if (countObjectsType == null) {
throw ServiceException.INVALID_REQUEST("No type specified", null);
}
Provisioning prov = Provisioning.getInstance();
UCService ucService = null;
UCServiceSelector ucserviceSelector = req.getUcService();
if (null != ucserviceSelector) {
if (!countObjectsType.allowsUCService()) {
throw ServiceException.INVALID_REQUEST("UCService cannot be specified for type: " + countObjectsType.name(), null);
}
String value = ucserviceSelector.getKey();
ucService = prov.get(Key.UCServiceBy.fromString(ucserviceSelector.getBy().name()), value);
if (ucService == null) {
throw AccountServiceException.NO_SUCH_UC_SERVICE(value);
}
}
List<DomainSelector> specifiedDomains = req.getDomains();
if (!countObjectsType.allowsDomain() && !specifiedDomains.isEmpty()) {
throw ServiceException.INVALID_REQUEST("domain cannot be specified for type: " + countObjectsType.name(), null);
}
long count = 0;
if (specifiedDomains.isEmpty() && !zsc.getAuthToken().isAdmin() && countObjectsType.allowsDomain() && !countObjectsType.equals(CountObjectsType.domain)) {
// if a delegated admin is trying to count objects that exist within
// a domain, count only within this admin's domains
List<Domain> domains = prov.getAllDomains();
AdminAccessControl aac = AdminAccessControl.getAdminAccessControl(zsc);
AdminRight associatedRight = getAssociatedRight(countObjectsType);
for (Iterator<Domain> it = domains.iterator(); it.hasNext(); ) {
Domain domain = it.next();
if (!aac.hasRight(domain, associatedRight)) {
it.remove();
}
}
count = 0;
int threshold = DebugConfig.minimumDomainsToUseThreadsForDomainAdminCountObjects;
if (threshold > 0 && domains.size() >= threshold) {
// For a large number of domains, counting can be slow. Do the LDAP queries in parallel.
// As they all use different bases, they don't interfere with each other much.
AtomicLong atomicCount = new AtomicLong(0);
List<Thread> threads = Lists.newArrayList();
final int chunkSize = (domains.size() / DebugConfig.numberOfThreadsToUseForDomainAdminCountObjects) + 1;
int lastIndex = domains.size() - 1;
int begin = 0;
int end = (lastIndex < chunkSize) ? lastIndex : chunkSize - 1;
while (end <= lastIndex) {
threads.add(new Thread(new GetDomainCountsThread(atomicCount, prov, domains.subList(begin, end + 1), countObjectsType, ucService), String.format("%s-CountsForDomains-%d", Thread.currentThread().getName(), threads.size())));
if (end >= lastIndex) {
break;
}
begin += chunkSize;
end += chunkSize;
if (end > lastIndex) {
end = lastIndex;
}
}
for (Thread thread : threads) {
thread.start();
}
for (Thread thread : threads) {
try {
thread.join();
} catch (InterruptedException e) {
ZimbraLog.search.debug("Unexpected exception counting for domain", e);
}
}
count = atomicCount.get();
} else {
for (Domain domain : domains) {
count += prov.countObjects(countObjectsType, domain, ucService);
}
}
} else if (!specifiedDomains.isEmpty() && countObjectsType.allowsDomain()) {
// count objects within specified domains
for (DomainSelector specifiedDomain : specifiedDomains) {
DomainBy by = specifiedDomain.getBy();
String domValue = specifiedDomain.getKey();
Domain domain = prov.get(Key.DomainBy.fromString(by.name()), domValue);
if (domain == null) {
throw AccountServiceException.NO_SUCH_DOMAIN(domValue);
}
checkDomainRight(zsc, domain, getAssociatedRight(countObjectsType));
count += prov.countObjects(countObjectsType, domain, ucService);
}
} else if (countObjectsType.equals(CountObjectsType.domain) && (zsc.getAuthToken().isDelegatedAdmin() || zsc.getAuthToken().isDomainAdmin()) && req.getOnlyRelated()) {
RightCommand.Grants grants = prov.getGrants(null, null, null, GranteeType.GT_USER.getCode(), GranteeSelector.GranteeBy.id, zsc.getAuthtokenAccountId(), false);
if (grants != null) {
Set<RightCommand.ACE> acEs = grants.getACEs();
Set<String> domainIds = new HashSet<String>();
for (RightCommand.ACE acE : acEs) {
if (acE.targetType().equals(TargetType.domain.getCode()) && !domainIds.contains(acE.targetId())) {
count++;
domainIds.add(acE.targetId());
}
}
}
} else {
// count objects globally
this.checkRight(zsc, context, null, getAssociatedRight(countObjectsType));
count += prov.countObjects(countObjectsType, null, ucService);
}
return zsc.jaxbToElement(new CountObjectsResponse(count, countObjectsType.name()));
}
Aggregations