Search in sources :

Example 11 with SearchResultToAttrValueList

use of org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList in project pentaho-platform by pentaho.

the class DefaultLdapUserRoleListServiceTest method testGetUsernamesInRole3.

/**
 * Search for all users starting at <code>ou=groups</code>, looking for objects with
 * <code>(&(objectClass=groupOfUniqueNames)(cn={0}))</code>, and extracting the <code>uid</code> token of the
 * <code>uniqueMember</code> attribute. This search implies that the schema is setup such that a user's roles come
 * from that user's DN being present in the <code>uniqueMember</code> attribute of a child object under the
 * <code>ou=groups</code> object.
 */
@Test
public void testGetUsernamesInRole3() {
    SearchControls con1 = new SearchControls();
    // $NON-NLS-1$
    con1.setReturningAttributes(new String[] { "uniqueMember" });
    LdapSearchParamsFactory paramFactory = // $NON-NLS-1$//$NON-NLS-2$
    new LdapSearchParamsFactoryImpl("ou=groups", "(&(objectClass=groupOfUniqueNames)(cn={0}))", con1);
    // $NON-NLS-1$ //$NON-NLS-2$
    Transformer transformer1 = new SearchResultToAttrValueList("uniqueMember", "uid");
    GrantedAuthorityToString transformer2 = new GrantedAuthorityToString();
    LdapSearch usernamesInRoleSearch = new GenericLdapSearch(getContextSource(), paramFactory, transformer1, transformer2);
    DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService();
    userRoleListService.setUsernamesInRoleSearch(usernamesInRoleSearch);
    // $NON-NLS-1$
    List<String> res = userRoleListService.getUsersInRole(null, "DEVELOPMENT");
    // $NON-NLS-1$
    assertTrue(res.contains("pat"));
    // $NON-NLS-1$
    assertTrue(res.contains("tiffany"));
    if (logger.isDebugEnabled()) {
        // $NON-NLS-1$
        logger.debug("results of getUsernamesInRole3(): " + res);
    }
}
Also used : DefaultLdapUserRoleListService(org.pentaho.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListService) LdapSearchParamsFactory(org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactory) ChainedTransformer(org.apache.commons.collections.functors.ChainedTransformer) Transformer(org.apache.commons.collections.Transformer) SearchControls(javax.naming.directory.SearchControls) SearchResultToAttrValueList(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList) GenericLdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.GenericLdapSearch) GrantedAuthorityToString(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.GrantedAuthorityToString) UnionizingLdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.UnionizingLdapSearch) LdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearch) GenericLdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.GenericLdapSearch) GrantedAuthorityToString(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.GrantedAuthorityToString) LdapSearchParamsFactoryImpl(org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactoryImpl) Test(org.junit.Test)

Example 12 with SearchResultToAttrValueList

use of org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList in project pentaho-platform by pentaho.

the class DefaultLdapUserRoleListServiceTest method testGetUsernamesInRole4.

/**
 * Search for all users starting at <code>ou=groups</code>, looking for objects with
 * <code>(&(objectClass=groupOfUniqueNames)(cn={0}))</code>, and extracting the <code>uid</code> token of the
 * <code>uniqueMember</code> attribute. This search implies that the schema is setup such that a user's roles come
 * from that user's DN being present in the <code>uniqueMember</code> attribute of a child object under the
 * <code>ou=groups</code> object.
 *
 * @throws Exception
 */
@Test
public void testGetUsernamesInRole4() throws Exception {
    SearchControls con1 = new SearchControls();
    // $NON-NLS-1$
    con1.setReturningAttributes(new String[] { "uniqueMember" });
    LdapSearchParamsFactory paramFactory = // $NON-NLS-1$//$NON-NLS-2$
    new LdapSearchParamsFactoryImpl("ou=groups", "(&(objectClass=groupOfUniqueNames)(cn={0}))", con1);
    // $NON-NLS-1$ //$NON-NLS-2$
    Transformer transformer1 = new SearchResultToAttrValueList("uniqueMember", "uid");
    GrantedAuthorityToString transformer2 = new GrantedAuthorityToString();
    LdapSearch usernamesInRoleSearch = new GenericLdapSearch(getContextSource(), paramFactory, transformer1, transformer2);
    SearchControls con2 = new SearchControls();
    // $NON-NLS-1$
    con2.setReturningAttributes(new String[] { "uid" });
    LdapSearchParamsFactory paramFactory2 = // $NON-NLS-1$//$NON-NLS-2$
    new LdapSearchParamsFactoryImpl("ou=users", "(businessCategory=cn={0}*)", con2);
    // $NON-NLS-1$
    Transformer transformer3 = new SearchResultToAttrValueList("uid");
    GrantedAuthorityToString transformer4 = new GrantedAuthorityToString();
    LdapSearch usernamesInRoleSearch2 = new GenericLdapSearch(getContextSource(), paramFactory2, transformer3, transformer4);
    Set searches = new HashSet();
    searches.add(usernamesInRoleSearch);
    searches.add(usernamesInRoleSearch2);
    UnionizingLdapSearch unionSearch = new UnionizingLdapSearch(searches);
    unionSearch.afterPropertiesSet();
    DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService();
    userRoleListService.setUsernamesInRoleSearch(unionSearch);
    // $NON-NLS-1$
    List<String> res = userRoleListService.getUsersInRole(null, "DEV");
    // $NON-NLS-1$
    assertTrue(res.contains("pat"));
    // $NON-NLS-1$
    assertTrue(res.contains("tiffany"));
    if (logger.isDebugEnabled()) {
        // $NON-NLS-1$
        logger.debug("results of getUsernamesInRole4() with role=ROLE_DEV: " + res);
    }
    // $NON-NLS-1$
    res = userRoleListService.getUsersInRole(null, "DEVELOPMENT");
    // $NON-NLS-1$
    assertTrue(res.contains("pat"));
    // $NON-NLS-1$
    assertTrue(res.contains("tiffany"));
    if (logger.isDebugEnabled()) {
        // $NON-NLS-1$
        logger.debug("results of getUsernamesInRole4() with role=DEVELOPMENT: " + res);
    }
}
Also used : DefaultLdapUserRoleListService(org.pentaho.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListService) ChainedTransformer(org.apache.commons.collections.functors.ChainedTransformer) Transformer(org.apache.commons.collections.Transformer) HashSet(java.util.HashSet) Set(java.util.Set) UnionizingLdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.UnionizingLdapSearch) GenericLdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.GenericLdapSearch) GrantedAuthorityToString(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.GrantedAuthorityToString) LdapSearchParamsFactory(org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactory) SearchControls(javax.naming.directory.SearchControls) SearchResultToAttrValueList(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList) GrantedAuthorityToString(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.GrantedAuthorityToString) UnionizingLdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.UnionizingLdapSearch) LdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearch) GenericLdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.GenericLdapSearch) LdapSearchParamsFactoryImpl(org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactoryImpl) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 13 with SearchResultToAttrValueList

use of org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList in project pentaho-platform by pentaho.

the class DefaultLdapUserRoleListServiceTest method testGetUsernamesInRole1ForTenant.

@Test
public void testGetUsernamesInRole1ForTenant() {
    ITenant defaultTenant = new Tenant("/pentaho/tenant0", true);
    login("suzy", defaultTenant);
    SearchControls con1 = new SearchControls();
    // $NON-NLS-1$
    con1.setReturningAttributes(new String[] { "uid" });
    LdapSearchParamsFactory paramFactory = // $NON-NLS-1$//$NON-NLS-2$
    new LdapSearchParamsFactoryImpl("ou=users", "(businessCategory=cn={0}*)", con1);
    // $NON-NLS-1$
    Transformer transformer1 = new SearchResultToAttrValueList("uid");
    GrantedAuthorityToString transformer2 = new GrantedAuthorityToString();
    LdapSearch usernamesInRoleSearch = new GenericLdapSearch(getContextSource(), paramFactory, transformer1, transformer2);
    DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService();
    userRoleListService.setUsernamesInRoleSearch(usernamesInRoleSearch);
    // $NON-NLS-1$
    List<String> res = userRoleListService.getUsersInRole(defaultTenant, "DEV");
    // $NON-NLS-1$
    assertTrue(res.contains("pat"));
    // $NON-NLS-1$
    assertTrue(res.contains("tiffany"));
    if (logger.isDebugEnabled()) {
        // $NON-NLS-1$
        logger.debug("results of getUsernamesInRole1(): " + res);
    }
    try {
        userRoleListService.getUsersInRole(new Tenant("/pentaho", true), "DEV");
    } catch (UnsupportedOperationException uoe) {
        assertNotNull(uoe);
    }
}
Also used : DefaultLdapUserRoleListService(org.pentaho.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListService) ChainedTransformer(org.apache.commons.collections.functors.ChainedTransformer) Transformer(org.apache.commons.collections.Transformer) GenericLdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.GenericLdapSearch) GrantedAuthorityToString(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.GrantedAuthorityToString) ITenant(org.pentaho.platform.api.mt.ITenant) Tenant(org.pentaho.platform.core.mt.Tenant) ITenant(org.pentaho.platform.api.mt.ITenant) LdapSearchParamsFactory(org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactory) SearchControls(javax.naming.directory.SearchControls) SearchResultToAttrValueList(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList) GrantedAuthorityToString(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.GrantedAuthorityToString) UnionizingLdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.UnionizingLdapSearch) LdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearch) GenericLdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.GenericLdapSearch) LdapSearchParamsFactoryImpl(org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactoryImpl) Test(org.junit.Test)

Example 14 with SearchResultToAttrValueList

use of org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList in project pentaho-platform by pentaho.

the class DefaultLdapUserRoleListServiceTest method testGetAllUserNames1ForTenant.

@Test
public void testGetAllUserNames1ForTenant() throws Exception {
    ITenant defaultTenant = new Tenant("/pentaho/tenant0", true);
    login("suzy", defaultTenant);
    SearchControls con1 = new SearchControls();
    // $NON-NLS-1$
    con1.setReturningAttributes(new String[] { "uniqueMember" });
    LdapSearchParamsFactoryImpl paramFactory = // $NON-NLS-1$//$NON-NLS-2$
    new LdapSearchParamsFactoryImpl("ou=groups", "(objectClass=groupOfUniqueNames)", con1);
    paramFactory.afterPropertiesSet();
    // $NON-NLS-1$ //$NON-NLS-2$
    Transformer transformer1 = new SearchResultToAttrValueList("uniqueMember", "uid");
    GenericLdapSearch allUsernamesSearch = new GenericLdapSearch(getContextSource(), paramFactory, transformer1);
    allUsernamesSearch.afterPropertiesSet();
    DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService();
    userRoleListService.setAllUsernamesSearch(allUsernamesSearch);
    List res = userRoleListService.getAllUsers(defaultTenant);
    // $NON-NLS-1$
    assertTrue(res.contains("pat"));
    // $NON-NLS-1$
    assertTrue(res.contains("admin"));
    if (logger.isDebugEnabled()) {
        // $NON-NLS-1$
        logger.debug("results of getAllUserNames1(): " + res);
    }
    try {
        userRoleListService.getAllUsers(new Tenant("/pentaho", true));
    } catch (UnsupportedOperationException uoe) {
        assertNotNull(uoe);
    }
}
Also used : DefaultLdapUserRoleListService(org.pentaho.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListService) ITenant(org.pentaho.platform.api.mt.ITenant) Tenant(org.pentaho.platform.core.mt.Tenant) ITenant(org.pentaho.platform.api.mt.ITenant) ChainedTransformer(org.apache.commons.collections.functors.ChainedTransformer) Transformer(org.apache.commons.collections.Transformer) SearchControls(javax.naming.directory.SearchControls) SearchResultToAttrValueList(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList) GenericLdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.GenericLdapSearch) ArrayList(java.util.ArrayList) SearchResultToAttrValueList(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList) List(java.util.List) LdapSearchParamsFactoryImpl(org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactoryImpl) Test(org.junit.Test)

Example 15 with SearchResultToAttrValueList

use of org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList in project pentaho-platform by pentaho.

the class DefaultLdapUserRoleListServiceTest method testGetAllAuthorities3.

/**
 * Union the results of two different searches.
 * <ul>
 * <li>Search 1: Search for all roles (aka authorities) starting at <code>ou=groups</code>, looking for objects with
 * <code>objectClass=groupOfUniqueNames</code>, and returning the <code>cn</code> attribute.</li>
 * <li>Search 2: Search for all roles (aka authorities) starting at <code>ou=roles</code>, looking for objects with
 * <code>objectClass=organizationalRole</code>, and returning the <code>cn</code> attribute.</li>
 * </ul>
 */
@Test
public void testGetAllAuthorities3() throws Exception {
    SearchControls con1 = new SearchControls();
    // $NON-NLS-1$
    con1.setReturningAttributes(new String[] { "cn" });
    LdapSearchParamsFactory paramsFactory = // $NON-NLS-1$ //$NON-NLS-2$
    new LdapSearchParamsFactoryImpl("ou=roles", "(objectClass=organizationalRole)", con1);
    // $NON-NLS-1$
    Transformer one = new SearchResultToAttrValueList("cn");
    Transformer two = new StringToGrantedAuthority();
    Transformer[] transformers = { one, two };
    Transformer transformer = new ChainedTransformer(transformers);
    LdapSearch rolesSearch = new GenericLdapSearch(getContextSource(), paramsFactory, transformer);
    SearchControls con2 = new SearchControls();
    // $NON-NLS-1$
    con1.setReturningAttributes(new String[] { "cn" });
    LdapSearchParamsFactory paramsFactory2 = // $NON-NLS-1$//$NON-NLS-2$
    new LdapSearchParamsFactoryImpl("ou=groups", "(objectClass=groupOfUniqueNames)", con2);
    // $NON-NLS-1$
    Transformer oneB = new SearchResultToAttrValueList("cn");
    Transformer twoB = new StringToGrantedAuthority();
    Transformer[] transformers2 = { oneB, twoB };
    Transformer transformer2 = new ChainedTransformer(transformers2);
    LdapSearch rolesSearch2 = new GenericLdapSearch(getContextSource(), paramsFactory2, transformer2);
    Set searches = new HashSet();
    searches.add(rolesSearch);
    searches.add(rolesSearch2);
    UnionizingLdapSearch unionSearch = new UnionizingLdapSearch(searches);
    DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService();
    userRoleListService.setAllAuthoritiesSearch(unionSearch);
    List res = userRoleListService.getAllRoles();
    // $NON-NLS-1$
    assertTrue(res.contains("ROLE_DEVMGR"));
    // $NON-NLS-1$
    assertTrue(res.contains("ROLE_DEVELOPMENT"));
    if (logger.isDebugEnabled()) {
        // $NON-NLS-1$
        logger.debug("results of getAllAuthorities3(): " + res);
    }
}
Also used : DefaultLdapUserRoleListService(org.pentaho.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListService) ChainedTransformer(org.apache.commons.collections.functors.ChainedTransformer) Transformer(org.apache.commons.collections.Transformer) HashSet(java.util.HashSet) Set(java.util.Set) StringToGrantedAuthority(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.StringToGrantedAuthority) ChainedTransformer(org.apache.commons.collections.functors.ChainedTransformer) UnionizingLdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.UnionizingLdapSearch) GenericLdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.GenericLdapSearch) LdapSearchParamsFactory(org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactory) SearchControls(javax.naming.directory.SearchControls) SearchResultToAttrValueList(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList) ArrayList(java.util.ArrayList) SearchResultToAttrValueList(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList) List(java.util.List) UnionizingLdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.UnionizingLdapSearch) LdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearch) GenericLdapSearch(org.pentaho.platform.plugin.services.security.userrole.ldap.search.GenericLdapSearch) LdapSearchParamsFactoryImpl(org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactoryImpl) HashSet(java.util.HashSet) Test(org.junit.Test)

Aggregations

SearchControls (javax.naming.directory.SearchControls)16 Transformer (org.apache.commons.collections.Transformer)16 ChainedTransformer (org.apache.commons.collections.functors.ChainedTransformer)16 Test (org.junit.Test)16 DefaultLdapUserRoleListService (org.pentaho.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListService)16 GenericLdapSearch (org.pentaho.platform.plugin.services.security.userrole.ldap.search.GenericLdapSearch)16 LdapSearchParamsFactoryImpl (org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactoryImpl)16 SearchResultToAttrValueList (org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList)16 LdapSearch (org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearch)13 LdapSearchParamsFactory (org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactory)13 UnionizingLdapSearch (org.pentaho.platform.plugin.services.security.userrole.ldap.search.UnionizingLdapSearch)13 ArrayList (java.util.ArrayList)10 List (java.util.List)10 GrantedAuthorityToString (org.pentaho.platform.plugin.services.security.userrole.ldap.transform.GrantedAuthorityToString)6 StringToGrantedAuthority (org.pentaho.platform.plugin.services.security.userrole.ldap.transform.StringToGrantedAuthority)5 ITenant (org.pentaho.platform.api.mt.ITenant)3 Tenant (org.pentaho.platform.core.mt.Tenant)3 HashSet (java.util.HashSet)2 Set (java.util.Set)2 DefaultUsernameComparator (org.pentaho.platform.engine.security.DefaultUsernameComparator)2