use of org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactoryImpl in project pentaho-platform by pentaho.
the class DefaultLdapUserRoleListServiceTest method testGetUsernamesInRole3.
/**
* Search for all users starting at <code>ou=groups</code>, looking for objects with
* <code>(&(objectClass=groupOfUniqueNames)(cn={0}))</code>, and extracting the <code>uid</code> token of the
* <code>uniqueMember</code> attribute. This search implies that the schema is setup such that a user's roles come
* from that user's DN being present in the <code>uniqueMember</code> attribute of a child object under the
* <code>ou=groups</code> object.
*/
@Test
public void testGetUsernamesInRole3() {
SearchControls con1 = new SearchControls();
// $NON-NLS-1$
con1.setReturningAttributes(new String[] { "uniqueMember" });
LdapSearchParamsFactory paramFactory = // $NON-NLS-1$//$NON-NLS-2$
new LdapSearchParamsFactoryImpl("ou=groups", "(&(objectClass=groupOfUniqueNames)(cn={0}))", con1);
// $NON-NLS-1$ //$NON-NLS-2$
Transformer transformer1 = new SearchResultToAttrValueList("uniqueMember", "uid");
GrantedAuthorityToString transformer2 = new GrantedAuthorityToString();
LdapSearch usernamesInRoleSearch = new GenericLdapSearch(getContextSource(), paramFactory, transformer1, transformer2);
DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService();
userRoleListService.setUsernamesInRoleSearch(usernamesInRoleSearch);
// $NON-NLS-1$
List<String> res = userRoleListService.getUsersInRole(null, "DEVELOPMENT");
// $NON-NLS-1$
assertTrue(res.contains("pat"));
// $NON-NLS-1$
assertTrue(res.contains("tiffany"));
if (logger.isDebugEnabled()) {
// $NON-NLS-1$
logger.debug("results of getUsernamesInRole3(): " + res);
}
}
use of org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactoryImpl in project pentaho-platform by pentaho.
the class DefaultLdapUserRoleListServiceTest method testGetUsernamesInRole4.
/**
* Search for all users starting at <code>ou=groups</code>, looking for objects with
* <code>(&(objectClass=groupOfUniqueNames)(cn={0}))</code>, and extracting the <code>uid</code> token of the
* <code>uniqueMember</code> attribute. This search implies that the schema is setup such that a user's roles come
* from that user's DN being present in the <code>uniqueMember</code> attribute of a child object under the
* <code>ou=groups</code> object.
*
* @throws Exception
*/
@Test
public void testGetUsernamesInRole4() throws Exception {
SearchControls con1 = new SearchControls();
// $NON-NLS-1$
con1.setReturningAttributes(new String[] { "uniqueMember" });
LdapSearchParamsFactory paramFactory = // $NON-NLS-1$//$NON-NLS-2$
new LdapSearchParamsFactoryImpl("ou=groups", "(&(objectClass=groupOfUniqueNames)(cn={0}))", con1);
// $NON-NLS-1$ //$NON-NLS-2$
Transformer transformer1 = new SearchResultToAttrValueList("uniqueMember", "uid");
GrantedAuthorityToString transformer2 = new GrantedAuthorityToString();
LdapSearch usernamesInRoleSearch = new GenericLdapSearch(getContextSource(), paramFactory, transformer1, transformer2);
SearchControls con2 = new SearchControls();
// $NON-NLS-1$
con2.setReturningAttributes(new String[] { "uid" });
LdapSearchParamsFactory paramFactory2 = // $NON-NLS-1$//$NON-NLS-2$
new LdapSearchParamsFactoryImpl("ou=users", "(businessCategory=cn={0}*)", con2);
// $NON-NLS-1$
Transformer transformer3 = new SearchResultToAttrValueList("uid");
GrantedAuthorityToString transformer4 = new GrantedAuthorityToString();
LdapSearch usernamesInRoleSearch2 = new GenericLdapSearch(getContextSource(), paramFactory2, transformer3, transformer4);
Set searches = new HashSet();
searches.add(usernamesInRoleSearch);
searches.add(usernamesInRoleSearch2);
UnionizingLdapSearch unionSearch = new UnionizingLdapSearch(searches);
unionSearch.afterPropertiesSet();
DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService();
userRoleListService.setUsernamesInRoleSearch(unionSearch);
// $NON-NLS-1$
List<String> res = userRoleListService.getUsersInRole(null, "DEV");
// $NON-NLS-1$
assertTrue(res.contains("pat"));
// $NON-NLS-1$
assertTrue(res.contains("tiffany"));
if (logger.isDebugEnabled()) {
// $NON-NLS-1$
logger.debug("results of getUsernamesInRole4() with role=ROLE_DEV: " + res);
}
// $NON-NLS-1$
res = userRoleListService.getUsersInRole(null, "DEVELOPMENT");
// $NON-NLS-1$
assertTrue(res.contains("pat"));
// $NON-NLS-1$
assertTrue(res.contains("tiffany"));
if (logger.isDebugEnabled()) {
// $NON-NLS-1$
logger.debug("results of getUsernamesInRole4() with role=DEVELOPMENT: " + res);
}
}
use of org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactoryImpl in project pentaho-platform by pentaho.
the class DefaultLdapUserRoleListServiceTest method testGetUsernamesInRole1ForTenant.
@Test
public void testGetUsernamesInRole1ForTenant() {
ITenant defaultTenant = new Tenant("/pentaho/tenant0", true);
login("suzy", defaultTenant);
SearchControls con1 = new SearchControls();
// $NON-NLS-1$
con1.setReturningAttributes(new String[] { "uid" });
LdapSearchParamsFactory paramFactory = // $NON-NLS-1$//$NON-NLS-2$
new LdapSearchParamsFactoryImpl("ou=users", "(businessCategory=cn={0}*)", con1);
// $NON-NLS-1$
Transformer transformer1 = new SearchResultToAttrValueList("uid");
GrantedAuthorityToString transformer2 = new GrantedAuthorityToString();
LdapSearch usernamesInRoleSearch = new GenericLdapSearch(getContextSource(), paramFactory, transformer1, transformer2);
DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService();
userRoleListService.setUsernamesInRoleSearch(usernamesInRoleSearch);
// $NON-NLS-1$
List<String> res = userRoleListService.getUsersInRole(defaultTenant, "DEV");
// $NON-NLS-1$
assertTrue(res.contains("pat"));
// $NON-NLS-1$
assertTrue(res.contains("tiffany"));
if (logger.isDebugEnabled()) {
// $NON-NLS-1$
logger.debug("results of getUsernamesInRole1(): " + res);
}
try {
userRoleListService.getUsersInRole(new Tenant("/pentaho", true), "DEV");
} catch (UnsupportedOperationException uoe) {
assertNotNull(uoe);
}
}
use of org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactoryImpl in project pentaho-platform by pentaho.
the class DefaultLdapUserRoleListServiceTest method testGetAllUserNames1ForTenant.
@Test
public void testGetAllUserNames1ForTenant() throws Exception {
ITenant defaultTenant = new Tenant("/pentaho/tenant0", true);
login("suzy", defaultTenant);
SearchControls con1 = new SearchControls();
// $NON-NLS-1$
con1.setReturningAttributes(new String[] { "uniqueMember" });
LdapSearchParamsFactoryImpl paramFactory = // $NON-NLS-1$//$NON-NLS-2$
new LdapSearchParamsFactoryImpl("ou=groups", "(objectClass=groupOfUniqueNames)", con1);
paramFactory.afterPropertiesSet();
// $NON-NLS-1$ //$NON-NLS-2$
Transformer transformer1 = new SearchResultToAttrValueList("uniqueMember", "uid");
GenericLdapSearch allUsernamesSearch = new GenericLdapSearch(getContextSource(), paramFactory, transformer1);
allUsernamesSearch.afterPropertiesSet();
DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService();
userRoleListService.setAllUsernamesSearch(allUsernamesSearch);
List res = userRoleListService.getAllUsers(defaultTenant);
// $NON-NLS-1$
assertTrue(res.contains("pat"));
// $NON-NLS-1$
assertTrue(res.contains("admin"));
if (logger.isDebugEnabled()) {
// $NON-NLS-1$
logger.debug("results of getAllUserNames1(): " + res);
}
try {
userRoleListService.getAllUsers(new Tenant("/pentaho", true));
} catch (UnsupportedOperationException uoe) {
assertNotNull(uoe);
}
}
use of org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactoryImpl in project pentaho-platform by pentaho.
the class DefaultLdapUserRoleListServiceTest method testGetAllAuthorities3.
/**
* Union the results of two different searches.
* <ul>
* <li>Search 1: Search for all roles (aka authorities) starting at <code>ou=groups</code>, looking for objects with
* <code>objectClass=groupOfUniqueNames</code>, and returning the <code>cn</code> attribute.</li>
* <li>Search 2: Search for all roles (aka authorities) starting at <code>ou=roles</code>, looking for objects with
* <code>objectClass=organizationalRole</code>, and returning the <code>cn</code> attribute.</li>
* </ul>
*/
@Test
public void testGetAllAuthorities3() throws Exception {
SearchControls con1 = new SearchControls();
// $NON-NLS-1$
con1.setReturningAttributes(new String[] { "cn" });
LdapSearchParamsFactory paramsFactory = // $NON-NLS-1$ //$NON-NLS-2$
new LdapSearchParamsFactoryImpl("ou=roles", "(objectClass=organizationalRole)", con1);
// $NON-NLS-1$
Transformer one = new SearchResultToAttrValueList("cn");
Transformer two = new StringToGrantedAuthority();
Transformer[] transformers = { one, two };
Transformer transformer = new ChainedTransformer(transformers);
LdapSearch rolesSearch = new GenericLdapSearch(getContextSource(), paramsFactory, transformer);
SearchControls con2 = new SearchControls();
// $NON-NLS-1$
con1.setReturningAttributes(new String[] { "cn" });
LdapSearchParamsFactory paramsFactory2 = // $NON-NLS-1$//$NON-NLS-2$
new LdapSearchParamsFactoryImpl("ou=groups", "(objectClass=groupOfUniqueNames)", con2);
// $NON-NLS-1$
Transformer oneB = new SearchResultToAttrValueList("cn");
Transformer twoB = new StringToGrantedAuthority();
Transformer[] transformers2 = { oneB, twoB };
Transformer transformer2 = new ChainedTransformer(transformers2);
LdapSearch rolesSearch2 = new GenericLdapSearch(getContextSource(), paramsFactory2, transformer2);
Set searches = new HashSet();
searches.add(rolesSearch);
searches.add(rolesSearch2);
UnionizingLdapSearch unionSearch = new UnionizingLdapSearch(searches);
DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService();
userRoleListService.setAllAuthoritiesSearch(unionSearch);
List res = userRoleListService.getAllRoles();
// $NON-NLS-1$
assertTrue(res.contains("ROLE_DEVMGR"));
// $NON-NLS-1$
assertTrue(res.contains("ROLE_DEVELOPMENT"));
if (logger.isDebugEnabled()) {
// $NON-NLS-1$
logger.debug("results of getAllAuthorities3(): " + res);
}
}
Aggregations