Search in sources :

Example 1 with DomainSelector

use of com.zimbra.soap.admin.type.DomainSelector in project zm-mailbox by Zimbra.

the class ZSoapProvisioning method getDomainInfo.

public ZDomain getDomainInfo(DomainBy keyType, String key) throws ServiceException {
    DomainSelector domSel = new DomainSelector(toJaxb(keyType), key);
    try {
        GetDomainInfoResponse resp = invokeJaxb(new GetDomainInfoRequest(domSel, null));
        DomainInfo domainInfo = resp.getDomain();
        return domainInfo == null ? null : new ZDomain(domainInfo);
    } catch (ServiceException e) {
        if (e.getCode().equals(Constants.ERROR_CODE_NO_SUCH_DOMAIN))
            return null;
        else
            throw e;
    }
}
Also used : ServiceException(com.zimbra.common.service.ServiceException) DomainSelector(com.zimbra.soap.admin.type.DomainSelector) GetDomainInfoRequest(com.zimbra.soap.admin.message.GetDomainInfoRequest) DomainInfo(com.zimbra.soap.admin.type.DomainInfo) GetDomainInfoResponse(com.zimbra.soap.admin.message.GetDomainInfoResponse)

Example 2 with DomainSelector

use of com.zimbra.soap.admin.type.DomainSelector in project zm-mailbox by Zimbra.

the class SoapProvisioning method deleteHabOrgUnit.

@Override
public void deleteHabOrgUnit(Domain domain, String habOrgUnitName) throws ServiceException {
    DomainSelector domSel = new DomainSelector(toJaxb(DomainBy.name), domain.getName());
    invokeJaxb(new HABOrgUnitRequest(domSel, habOrgUnitName, HabOp.delete));
}
Also used : HABOrgUnitRequest(com.zimbra.soap.admin.message.HABOrgUnitRequest) DomainSelector(com.zimbra.soap.admin.type.DomainSelector)

Example 3 with DomainSelector

use of com.zimbra.soap.admin.type.DomainSelector in project zm-mailbox by Zimbra.

the class TestCountObjects method testRogueAdmin.

@Test
public void testRogueAdmin() throws Exception {
    try {
        SoapTransport transport = SoapTest.authAdmin(ROGUE_ADMIN_USER_EMAIL, PASSWORD);
        // count domains
        try {
            CountObjectsRequest req = new CountObjectsRequest(CountObjectsType.domain);
            CountObjectsResponse resp = SoapTest.invokeJaxb(transport, req);
            fail("should not be able to count domains");
        } catch (SoapFaultException e) {
            assertEquals(ServiceException.PERM_DENIED, e.getCode());
        }
        // count user accounts
        try {
            CountObjectsRequest req = new CountObjectsRequest(CountObjectsType.userAccount, new DomainSelector(DomainBy.name, DOMAIN_NAME));
            CountObjectsResponse resp = SoapTest.invokeJaxb(transport, req);
            fail("should not be able to count accounts");
        } catch (SoapFaultException e) {
            assertEquals(ServiceException.PERM_DENIED, e.getCode());
        }
        // count accounts
        try {
            CountObjectsRequest req = new CountObjectsRequest(CountObjectsType.account, new DomainSelector(DomainBy.name, DOMAIN_NAME));
            CountObjectsResponse resp = SoapTest.invokeJaxb(transport, req);
            fail("should not be able to count accounts");
        } catch (SoapFaultException e) {
            assertEquals(ServiceException.PERM_DENIED, e.getCode());
        }
        // count distribution lists
        try {
            CountObjectsRequest req = new CountObjectsRequest(CountObjectsType.dl);
            req.addDomain(new DomainSelector(DomainBy.name, DOMAIN_NAME));
            CountObjectsResponse resp = SoapTest.invokeJaxb(transport, req);
            assertTrue("should have at least one distribution list", resp.getNum() > 0);
        } catch (ServiceException e) {
            fail("should not be throwing exception here " + e.getLocalizedMessage());
        }
        // count aliases
        try {
            CountObjectsRequest req = new CountObjectsRequest(CountObjectsType.alias, new DomainSelector(DomainBy.name, DOMAIN_NAME));
            CountObjectsResponse resp = SoapTest.invokeJaxb(transport, req);
            fail("should not be able to count aliases");
        } catch (SoapFaultException e) {
            assertEquals(ServiceException.PERM_DENIED, e.getCode());
        }
    } catch (Exception e) {
        fail(e.getLocalizedMessage());
    }
}
Also used : ServiceException(com.zimbra.common.service.ServiceException) CountObjectsRequest(com.zimbra.soap.admin.message.CountObjectsRequest) DomainSelector(com.zimbra.soap.admin.type.DomainSelector) SoapTransport(com.zimbra.common.soap.SoapTransport) SoapFaultException(com.zimbra.common.soap.SoapFaultException) SoapFaultException(com.zimbra.common.soap.SoapFaultException) ServiceException(com.zimbra.common.service.ServiceException) CountObjectsResponse(com.zimbra.soap.admin.message.CountObjectsResponse) Test(org.junit.Test) SoapTest(com.zimbra.qa.unittest.prov.soap.SoapTest)

Example 4 with DomainSelector

use of com.zimbra.soap.admin.type.DomainSelector in project zm-mailbox by Zimbra.

the class TestCountObjects method testDomainAdmin.

@Test
public void testDomainAdmin() throws Exception {
    try {
        SoapTransport transport = SoapTest.authAdmin(DOMAIN_ADMIN_USER_EMAIL, PASSWORD);
        // count domains
        try {
            CountObjectsRequest req = new CountObjectsRequest(CountObjectsType.domain);
            CountObjectsResponse resp = SoapTest.invokeJaxb(transport, req);
            fail("should not be able to count domains");
        } catch (SoapFaultException e) {
            assertEquals("should not be able to count domains", ServiceException.PERM_DENIED, e.getCode());
        }
        // count COSes
        try {
            CountObjectsRequest req = new CountObjectsRequest(CountObjectsType.cos);
            CountObjectsResponse resp = SoapTest.invokeJaxb(transport, req);
            fail("should not be able to count COSes");
        } catch (SoapFaultException e) {
            assertEquals("should not be able to count COSes", ServiceException.PERM_DENIED, e.getCode());
        }
        // count user accounts
        CountObjectsRequest req = new CountObjectsRequest(CountObjectsType.userAccount);
        CountObjectsResponse resp = SoapTest.invokeJaxb(transport, req);
        assertTrue("should have at least one account", resp.getNum() > 0);
        assertEquals("object type in response should be 'userAccount'", "userAccount", resp.getType());
        // count accounts
        req = new CountObjectsRequest(CountObjectsType.account);
        resp = SoapTest.invokeJaxb(transport, req);
        assertTrue("should have at least one account", resp.getNum() > 0);
        assertEquals("object type in response should be 'account'", "account", resp.getType());
        // count distribution lists
        req = new CountObjectsRequest(CountObjectsType.dl);
        resp = SoapTest.invokeJaxb(transport, req);
        assertTrue("should have at least one distribution list", resp.getNum() > 0);
        assertEquals("object type in response should be 'dl'", "dl", resp.getType());
        // count aliases without a domain filter
        req = new CountObjectsRequest(CountObjectsType.alias);
        resp = SoapTest.invokeJaxb(transport, req);
        assertTrue("should have at least one alias", resp.getNum() > 0);
        assertEquals("object type in response should be 'alias'", "alias", resp.getType());
        // count user accounts with domain filter
        req = new CountObjectsRequest(CountObjectsType.userAccount);
        req.addDomain(new DomainSelector(DomainBy.name, DOMAIN_NAME));
        resp = SoapTest.invokeJaxb(transport, req);
        assertTrue("should have at least one userAccount", resp.getNum() > 0);
        assertEquals("object type in response should be 'userAccount'", "userAccount", resp.getType());
        // count accounts with domain filter
        req = new CountObjectsRequest(CountObjectsType.account, new DomainSelector(DomainBy.name, DOMAIN_NAME));
        resp = SoapTest.invokeJaxb(transport, req);
        assertTrue("should have at least one account", resp.getNum() > 0);
        assertEquals("object type in response should be 'account'", "account", resp.getType());
        // count DLs with domain filter
        req = new CountObjectsRequest(CountObjectsType.dl, new DomainSelector(DomainBy.name, DOMAIN_NAME));
        resp = SoapTest.invokeJaxb(transport, req);
        assertTrue("should have at least one distribution list", resp.getNum() > 0);
        assertEquals("object type in response should be 'dl'", "dl", resp.getType());
        // count aliases with domain filter
        req = new CountObjectsRequest(CountObjectsType.alias, new DomainSelector(DomainBy.name, DOMAIN_NAME));
        resp = SoapTest.invokeJaxb(transport, req);
        assertTrue("should have at least one alias", resp.getNum() > 0);
        assertEquals("object type in response should be 'alias'", "alias", resp.getType());
    } catch (Exception e) {
        fail(e.getLocalizedMessage());
    }
}
Also used : CountObjectsRequest(com.zimbra.soap.admin.message.CountObjectsRequest) DomainSelector(com.zimbra.soap.admin.type.DomainSelector) SoapTransport(com.zimbra.common.soap.SoapTransport) SoapFaultException(com.zimbra.common.soap.SoapFaultException) SoapFaultException(com.zimbra.common.soap.SoapFaultException) ServiceException(com.zimbra.common.service.ServiceException) CountObjectsResponse(com.zimbra.soap.admin.message.CountObjectsResponse) Test(org.junit.Test) SoapTest(com.zimbra.qa.unittest.prov.soap.SoapTest)

Example 5 with DomainSelector

use of com.zimbra.soap.admin.type.DomainSelector in project zm-mailbox by Zimbra.

the class CountObjects method handle.

@Override
public Element handle(Element request, Map<String, Object> context) throws ServiceException {
    ZimbraSoapContext zsc = getZimbraSoapContext(context);
    CountObjectsRequest req = zsc.elementToJaxb(request);
    CountObjectsType countObjectsType = req.getType();
    if (countObjectsType == null) {
        throw ServiceException.INVALID_REQUEST("No type specified", null);
    }
    Provisioning prov = Provisioning.getInstance();
    UCService ucService = null;
    UCServiceSelector ucserviceSelector = req.getUcService();
    if (null != ucserviceSelector) {
        if (!countObjectsType.allowsUCService()) {
            throw ServiceException.INVALID_REQUEST("UCService cannot be specified for type: " + countObjectsType.name(), null);
        }
        String value = ucserviceSelector.getKey();
        ucService = prov.get(Key.UCServiceBy.fromString(ucserviceSelector.getBy().name()), value);
        if (ucService == null) {
            throw AccountServiceException.NO_SUCH_UC_SERVICE(value);
        }
    }
    List<DomainSelector> specifiedDomains = req.getDomains();
    if (!countObjectsType.allowsDomain() && !specifiedDomains.isEmpty()) {
        throw ServiceException.INVALID_REQUEST("domain cannot be specified for type: " + countObjectsType.name(), null);
    }
    long count = 0;
    if (specifiedDomains.isEmpty() && !zsc.getAuthToken().isAdmin() && countObjectsType.allowsDomain() && !countObjectsType.equals(CountObjectsType.domain)) {
        // if a delegated admin is trying to count objects that exist within
        // a domain, count only within this admin's domains
        List<Domain> domains = prov.getAllDomains();
        AdminAccessControl aac = AdminAccessControl.getAdminAccessControl(zsc);
        AdminRight associatedRight = getAssociatedRight(countObjectsType);
        for (Iterator<Domain> it = domains.iterator(); it.hasNext(); ) {
            Domain domain = it.next();
            if (!aac.hasRight(domain, associatedRight)) {
                it.remove();
            }
        }
        count = 0;
        int threshold = DebugConfig.minimumDomainsToUseThreadsForDomainAdminCountObjects;
        if (threshold > 0 && domains.size() >= threshold) {
            // For a large number of domains, counting can be slow.  Do the LDAP queries in parallel.
            // As they all use different bases, they don't interfere with each other much.
            AtomicLong atomicCount = new AtomicLong(0);
            List<Thread> threads = Lists.newArrayList();
            final int chunkSize = (domains.size() / DebugConfig.numberOfThreadsToUseForDomainAdminCountObjects) + 1;
            int lastIndex = domains.size() - 1;
            int begin = 0;
            int end = (lastIndex < chunkSize) ? lastIndex : chunkSize - 1;
            while (end <= lastIndex) {
                threads.add(new Thread(new GetDomainCountsThread(atomicCount, prov, domains.subList(begin, end + 1), countObjectsType, ucService), String.format("%s-CountsForDomains-%d", Thread.currentThread().getName(), threads.size())));
                if (end >= lastIndex) {
                    break;
                }
                begin += chunkSize;
                end += chunkSize;
                if (end > lastIndex) {
                    end = lastIndex;
                }
            }
            for (Thread thread : threads) {
                thread.start();
            }
            for (Thread thread : threads) {
                try {
                    thread.join();
                } catch (InterruptedException e) {
                    ZimbraLog.search.debug("Unexpected exception counting for domain", e);
                }
            }
            count = atomicCount.get();
        } else {
            for (Domain domain : domains) {
                count += prov.countObjects(countObjectsType, domain, ucService);
            }
        }
    } else if (!specifiedDomains.isEmpty() && countObjectsType.allowsDomain()) {
        // count objects within specified domains
        for (DomainSelector specifiedDomain : specifiedDomains) {
            DomainBy by = specifiedDomain.getBy();
            String domValue = specifiedDomain.getKey();
            Domain domain = prov.get(Key.DomainBy.fromString(by.name()), domValue);
            if (domain == null) {
                throw AccountServiceException.NO_SUCH_DOMAIN(domValue);
            }
            checkDomainRight(zsc, domain, getAssociatedRight(countObjectsType));
            count += prov.countObjects(countObjectsType, domain, ucService);
        }
    } else if (countObjectsType.equals(CountObjectsType.domain) && (zsc.getAuthToken().isDelegatedAdmin() || zsc.getAuthToken().isDomainAdmin()) && req.getOnlyRelated()) {
        RightCommand.Grants grants = prov.getGrants(null, null, null, GranteeType.GT_USER.getCode(), GranteeSelector.GranteeBy.id, zsc.getAuthtokenAccountId(), false);
        if (grants != null) {
            Set<RightCommand.ACE> acEs = grants.getACEs();
            Set<String> domainIds = new HashSet<String>();
            for (RightCommand.ACE acE : acEs) {
                if (acE.targetType().equals(TargetType.domain.getCode()) && !domainIds.contains(acE.targetId())) {
                    count++;
                    domainIds.add(acE.targetId());
                }
            }
        }
    } else {
        // count objects globally
        this.checkRight(zsc, context, null, getAssociatedRight(countObjectsType));
        count += prov.countObjects(countObjectsType, null, ucService);
    }
    return zsc.jaxbToElement(new CountObjectsResponse(count, countObjectsType.name()));
}
Also used : UCServiceSelector(com.zimbra.soap.admin.type.UCServiceSelector) DomainSelector(com.zimbra.soap.admin.type.DomainSelector) Provisioning(com.zimbra.cs.account.Provisioning) RightCommand(com.zimbra.cs.account.accesscontrol.RightCommand) HashSet(java.util.HashSet) UCService(com.zimbra.cs.account.UCService) CountObjectsRequest(com.zimbra.soap.admin.message.CountObjectsRequest) CountObjectsType(com.zimbra.soap.admin.type.CountObjectsType) AtomicLong(java.util.concurrent.atomic.AtomicLong) AdminRight(com.zimbra.cs.account.accesscontrol.AdminRight) ZimbraSoapContext(com.zimbra.soap.ZimbraSoapContext) DomainBy(com.zimbra.soap.admin.type.DomainSelector.DomainBy) Domain(com.zimbra.cs.account.Domain) CountObjectsResponse(com.zimbra.soap.admin.message.CountObjectsResponse)

Aggregations

DomainSelector (com.zimbra.soap.admin.type.DomainSelector)11 ServiceException (com.zimbra.common.service.ServiceException)5 HABOrgUnitRequest (com.zimbra.soap.admin.message.HABOrgUnitRequest)4 HashSet (java.util.HashSet)4 SoapTransport (com.zimbra.common.soap.SoapTransport)3 Domain (com.zimbra.cs.account.Domain)3 CountObjectsRequest (com.zimbra.soap.admin.message.CountObjectsRequest)3 CountObjectsResponse (com.zimbra.soap.admin.message.CountObjectsResponse)3 HABOrgUnitResponse (com.zimbra.soap.admin.message.HABOrgUnitResponse)3 Test (org.junit.Test)3 SoapFaultException (com.zimbra.common.soap.SoapFaultException)2 AccountServiceException (com.zimbra.cs.account.AccountServiceException)2 Provisioning (com.zimbra.cs.account.Provisioning)2 SoapTest (com.zimbra.qa.unittest.prov.soap.SoapTest)2 GetDomainInfoRequest (com.zimbra.soap.admin.message.GetDomainInfoRequest)2 GetDomainInfoResponse (com.zimbra.soap.admin.message.GetDomainInfoResponse)2 DomainInfo (com.zimbra.soap.admin.type.DomainInfo)2 UCService (com.zimbra.cs.account.UCService)1 AdminRight (com.zimbra.cs.account.accesscontrol.AdminRight)1 RightCommand (com.zimbra.cs.account.accesscontrol.RightCommand)1