Skip to content

O
Openfire
Commit f887cf77 authored by Matt Tucker's avatar Matt Tucker Committed by matt
Browse files
Options

Javadoc, formatting, escape usernames (JM-378). 

git-svn-id: http://svn.igniterealtime.org/svn/repos/messenger/trunk@2697 b35dd754-fafc-0310-a699-88a17e54d16e
parent 2c4a7793
Show whitespace changes
Inline Side-by-side
Showing with 224 additions and 301 deletions
src/java/org/jivesoftware/messenger/ldap/LdapGroupProvider.java
View file @ f887cf77
...@@ -20,12 +20,10 @@ import java.util.ArrayList; ...@@ -20,12 +20,10 @@ import java.util.ArrayList;
import java.util.TreeMap; import java.util.TreeMap;
import java.util.TreeSet; import java.util.TreeSet;
import java.util.Collection; import java.util.Collection;
import java.util.Iterator;
import java.util.Enumeration; import java.util.Enumeration;
import java.util.Vector; import java.util.Vector;
import java.text.MessageFormat; import java.text.MessageFormat;
import javax.naming.Name;
import javax.naming.NamingEnumeration; import javax.naming.NamingEnumeration;
import javax.naming.directory.*; import javax.naming.directory.*;
import javax.naming.ldap.LdapName; import javax.naming.ldap.LdapName;
...@@ -36,8 +34,7 @@ import javax.naming.ldap.LdapName; ...@@ -36,8 +34,7 @@ import javax.naming.ldap.LdapName;
* *
* @author Greg Ferguson and Cameron Moore * @author Greg Ferguson and Cameron Moore
*/ */
public class LdapGroupProvider implements GroupProvider public class LdapGroupProvider implements GroupProvider {
{
private LdapManager manager; private LdapManager manager;
private UserManager userManager; private UserManager userManager;
...@@ -48,7 +45,6 @@ public class LdapGroupProvider implements GroupProvider ...@@ -48,7 +45,6 @@ public class LdapGroupProvider implements GroupProvider
/** /**
* Constructor of the LdapGroupProvider class. * Constructor of the LdapGroupProvider class.
* Gets an LdapManager instance from the LdapManager class. * Gets an LdapManager instance from the LdapManager class.
*
*/ */
public LdapGroupProvider() { public LdapGroupProvider() {
manager = LdapManager.getInstance(); manager = LdapManager.getInstance();
...@@ -62,100 +58,66 @@ public class LdapGroupProvider implements GroupProvider ...@@ -62,100 +58,66 @@ public class LdapGroupProvider implements GroupProvider
} }
/** /**
* Always throws UnsupportedOperationException because * Always throws an UnsupportedOperationException because
* LDAP operations are treated as read only. * LDAP groups are read-only.
*
* @param group Name of the group to be created.
* @throws UnsupportedOperationException when called.
*/
public Group createGroup (String group)
throws UnsupportedOperationException
{
throw new UnsupportedOperationException();
}
/**
* Always throws UnsupportedOperationException because
* LDAP operations are treated as read only.
* *
* @param group Group that should be deleted. * @param name the name of the group to create.
* @throws UnsupportedOperationException when called. * @throws UnsupportedOperationException when called.
*/ */
public void deleteGroup (Group group) public Group createGroup(String name) throws UnsupportedOperationException {
throws UnsupportedOperationException
{
throw new UnsupportedOperationException(); throw new UnsupportedOperationException();
} }
/** /**
* Always throws UnsupportedOperationException because * Always throws an UnsupportedOperationException because
* LDAP operations are treated as read only. * LDAP groups are read-only.
* *
* @param group Group that should be deleted. * @param name the name of the group to delete
* @throws UnsupportedOperationException when called. * @throws UnsupportedOperationException when called.
*/ */
public void deleteGroup (String group) public void deleteGroup(String name) throws UnsupportedOperationException {
throws UnsupportedOperationException
{
throw new UnsupportedOperationException(); throw new UnsupportedOperationException();
} }
/** public Group getGroup(String group) {
* Will populate a group object based on the group name String filter = MessageFormat.format(manager.getGroupSearchFilter(), "*");
* that is given. String searchFilter = "(&" + filter + "(" +
* manager.getGroupNameField() + "=" + group + "))";
* @param group Name of group that should be retrieved. Collection<Group> groups = populateGroups(searchForGroups(searchFilter, standardAttributes));
* @return a populated group based on the name provided. if (groups.size() > 1) {
*/
public Group getGroup (String group)
{
String filter = MessageFormat.format(manager.getGroupSearchFilter(),"*");
String searchFilter = "(&"+filter+"("+
manager.getGroupNameField()+"="+group+"))";
Collection<Group> groups = populateGroups(searchForGroups(searchFilter,standardAttributes));
if (groups.size() > 1)
return null; //if multiple groups found return null return null; //if multiple groups found return null
for (Group g : groups) }
for (Group g : groups) {
return g; //returns the first group found return g; //returns the first group found
}
return null; return null;
} }
/** /**
* Always throws UnsupportedOperationException because * Always throws an UnsupportedOperationException because
* LDAP operations are treated as read only. * LDAP groups are read-only.
* *
* @param name Current name of group. * @param oldName the current name of the group.
* @param s Desired name of group. * @param newName the desired new name of the group.
* @throws UnsupportedOperationException when called. * @throws UnsupportedOperationException when called.
*/ */
public void setName(String name, String s) public void setName(String oldName, String newName) throws UnsupportedOperationException {
throws UnsupportedOperationException
{
throw new UnsupportedOperationException(); throw new UnsupportedOperationException();
} }
/** /**
* Always throws UnsupportedOperationException because * Always throws an UnsupportedOperationException because
* LDAP operations are treated as read only. * LDAP groups are read-only.
* *
* @param description Current description of group. * @param name the group name.
* @param s Desired description of group. * @param description the group description.
* @throws UnsupportedOperationException when called. * @throws UnsupportedOperationException when called.
*/ */
public void setDescription(String description,String s) public void setDescription(String name, String description) throws UnsupportedOperationException {
throws UnsupportedOperationException
{
throw new UnsupportedOperationException(); throw new UnsupportedOperationException();
} }
/** public int getGroupCount() {
* Will return the current number of groups in the
* LDAP server.
*
* @return the number of groups in the LDAP server.
*/
public int getGroupCount()
{
// Cache group count for 5 minutes. // Cache group count for 5 minutes.
if (groupCount != -1 && System.currentTimeMillis() < expiresStamp) { if (groupCount != -1 && System.currentTimeMillis() < expiresStamp) {
return groupCount; return groupCount;
...@@ -166,104 +128,72 @@ public class LdapGroupProvider implements GroupProvider ...@@ -166,104 +128,72 @@ public class LdapGroupProvider implements GroupProvider
Log.debug("Trying to get the number of groups in the system."); Log.debug("Trying to get the number of groups in the system.");
} }
String searchFilter = MessageFormat.format(manager.getGroupSearchFilter(),"*"); String searchFilter = MessageFormat.format(manager.getGroupSearchFilter(), "*");
String returningAttributes[]= { manager.getGroupNameField() }; String returningAttributes[] = {manager.getGroupNameField()};
NamingEnumeration<SearchResult> answer = searchForGroups(searchFilter,returningAttributes); NamingEnumeration<SearchResult> answer = searchForGroups(searchFilter, returningAttributes);
for (; answer.hasMoreElements(); count++) for (; answer.hasMoreElements(); count++) {
{ try {
try
{
answer.next(); answer.next();
} }
catch (Exception e) { } catch (Exception e) {
}
} }
this.groupCount = count; this.groupCount = count;
this.expiresStamp = System.currentTimeMillis() + JiveConstants.MINUTE *5; this.expiresStamp = System.currentTimeMillis() + JiveConstants.MINUTE * 5;
return count; return count;
} }
/** public Collection<Group> getGroups() {
* Will return a collecion of all groups in the system. String filter = MessageFormat.format(manager.getGroupSearchFilter(), "*");
* return populateGroups(searchForGroups(filter, standardAttributes));
* @return collection of all groups in the system.
*/
public Collection<Group> getGroups()
{
String filter = MessageFormat.format(manager.getGroupSearchFilter(),"*");
return populateGroups(searchForGroups(filter,standardAttributes));
} }
/** public Collection<Group> getGroups(int start, int num) {
* Will return a collecion of groups in the system // Get an enumeration of all groups in the system
* based on the start index and number of groups desired. String searchFilter = MessageFormat.format(manager.getGroupSearchFilter(), "*");
* Useful when displaying a certain number of groups NamingEnumeration<SearchResult> answer = searchForGroups(searchFilter, standardAttributes);
* per page on a webpage.
*
* @param start starting index
* @param num number of groups you want
* @return collection of groups.
*/
public Collection<Group> getGroups(int start, int num)
{
ArrayList<Group> returnCollection = new ArrayList<Group>();
// get an enumeration of all groups in the system
String searchFilter = MessageFormat.format(manager.getGroupSearchFilter(),"*");
NamingEnumeration<SearchResult> answer = searchForGroups(searchFilter,standardAttributes);
//place all groups that are wanted into an enumeration
// Place all groups that are wanted into an enumeration
Vector<SearchResult> v = new Vector<SearchResult>(); Vector<SearchResult> v = new Vector<SearchResult>();
for (int i = 1; answer.hasMoreElements() && i <= (start+num); i++) for (int i = 1; answer.hasMoreElements() && i <= (start + num); i++) {
{ try {
try
{
SearchResult sr = answer.next(); SearchResult sr = answer.next();
if (i >= start) if (i >= start) {
v.add(sr); v.add(sr);
} }
catch (Exception e) { } }
catch (Exception e) {
// Ignore.
}
} }
return populateGroups(v.elements()); return populateGroups(v.elements());
} }
/** public Collection<Group> getGroups(User user) {
* Will return a collection of groups in the
* system that the user provided belongs to.
*
* @param user a user
* @return collection of groups.
*/
public Collection<Group> getGroups(User user)
{
String username = JID.unescapeNode(user.getUsername()); String username = JID.unescapeNode(user.getUsername());
if (!manager.getPosixEnabled()) if (!manager.isPosixMode()) {
{ try {
try
{
username = manager.findUserDN(username) + "," + username = manager.findUserDN(username) + "," +
manager.getBaseDN(); manager.getBaseDN();
} }
catch (Exception e) catch (Exception e) {
{
return new ArrayList<Group>(); return new ArrayList<Group>();
} }
} }
String filter = MessageFormat.format(manager.getGroupSearchFilter(),username); String filter = MessageFormat.format(manager.getGroupSearchFilter(), username);
return populateGroups(searchForGroups(filter,standardAttributes)); return populateGroups(searchForGroups(filter, standardAttributes));
} }
/** /**
* Always throws UnsupportedOperationException because * Always throws an UnsupportedOperationException because
* LDAP operations are treated as read only. * LDAP groups are read-only.
* *
* @param groupName Name of a group. * @param groupName name of a group.
* @param username Name of a user. * @param username name of a user.
* @param administrator True if is an administrator. * @param administrator true if is an administrator.
* @throws UnsupportedOperationException when called. * @throws UnsupportedOperationException when called.
*/ */
public void addMember(String groupName, String username, boolean administrator) public void addMember(String groupName, String username, boolean administrator)
...@@ -273,12 +203,12 @@ public class LdapGroupProvider implements GroupProvider ...@@ -273,12 +203,12 @@ public class LdapGroupProvider implements GroupProvider
} }
/** /**
* Always throws UnsupportedOperationException because * Always throws an UnsupportedOperationException because
* LDAP operations are treated as read only. * LDAP groups are read-only.
* *
* @param groupName Name of a group. * @param groupName the naame of a group.
* @param username Name of a user. * @param username the name of a user.
* @param administrator True if is an administrator. * @param administrator true if is an administrator.
* @throws UnsupportedOperationException when called. * @throws UnsupportedOperationException when called.
*/ */
public void updateMember(String groupName, String username, boolean administrator) public void updateMember(String groupName, String username, boolean administrator)
...@@ -288,68 +218,63 @@ public class LdapGroupProvider implements GroupProvider ...@@ -288,68 +218,63 @@ public class LdapGroupProvider implements GroupProvider
} }
/** /**
* Always throws UnsupportedOperationException because * Always throws an UnsupportedOperationException because
* LDAP operations are treated as read only. * LDAP groups are read-only.
* *
* @param groupName Name of a group. * @param groupName the name of a group.
* @param username Name of a user. * @param username the ame of a user.
* @throws UnsupportedOperationException when called. * @throws UnsupportedOperationException when called.
*/ */
public void deleteMember(String groupName, String username) public void deleteMember(String groupName, String username)
throws UnsupportedOperationException throws UnsupportedOperationException {
{
throw new UnsupportedOperationException(); throw new UnsupportedOperationException();
} }
/** /**
* Always returns true because all LDAP operations * Always throws an UnsupportedOperationException because
* are treated as read only. * LDAP groups are read-only.
* *
* @return true always because all LDAP functions are read only. * @return true because all LDAP functions are read-only.
*/ */
public boolean isReadOnly() public boolean isReadOnly() {
{
return true; return true;
} }
/** /**
* An auxilary method used to perform LDAP queries based on a * An auxilary method used to perform LDAP queries based on a
* provided LDAP search filter. * provided LDAP search filter.
* *
* @return an enumeration of SearchResult.
* @param searchFilter LDAP search filter used to query. * @param searchFilter LDAP search filter used to query.
* @return an enumeration of SearchResult.
*/ */
private NamingEnumeration<SearchResult> searchForGroups (String searchFilter, private NamingEnumeration<SearchResult> searchForGroups(String searchFilter,
String[] returningAttributes) String[] returningAttributes) {
{
if (manager.isDebugEnabled()) { if (manager.isDebugEnabled()) {
Log.debug("Trying to find all groups in the system."); Log.debug("Trying to find all groups in the system.");
} }
DirContext ctx = null; DirContext ctx = null;
NamingEnumeration<SearchResult> answer = null; NamingEnumeration<SearchResult> answer = null;
try try {
{
ctx = manager.getContext(); ctx = manager.getContext();
if (manager.isDebugEnabled()) { if (manager.isDebugEnabled()) {
Log.debug("Starting LDAP search..."); Log.debug("Starting LDAP search...");
Log.debug("Using groupSearchFilter: "+searchFilter); Log.debug("Using groupSearchFilter: " + searchFilter);
} }
// Search for the dn based on the groupname. // Search for the dn based on the groupname.
SearchControls searchControls = new SearchControls(); SearchControls searchControls = new SearchControls();
searchControls.setReturningAttributes(returningAttributes); searchControls.setReturningAttributes(returningAttributes);
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
answer = ctx.search("",searchFilter,searchControls); answer = ctx.search("", searchFilter, searchControls);
if (manager.isDebugEnabled()) { if (manager.isDebugEnabled()) {
Log.debug("... search finished"); Log.debug("... search finished");
} }
} }
catch (Exception e) catch (Exception e) {
{ if (manager.isDebugEnabled()) {
if (manager.isDebugEnabled()) Log.debug("Error while searching for groups.", e);
Log.debug("Error while searching for groups.",e); }
} }
return answer; return answer;
} }
...@@ -358,111 +283,109 @@ public class LdapGroupProvider implements GroupProvider ...@@ -358,111 +283,109 @@ public class LdapGroupProvider implements GroupProvider
* An auxilary method used to populate LDAP groups based on a * An auxilary method used to populate LDAP groups based on a
* provided LDAP search result. * provided LDAP search result.
* *
* @return a collection of groups.
* @param answer LDAP search result. * @param answer LDAP search result.
* @return a collection of groups.
*/ */
private Collection<Group> populateGroups (Enumeration<SearchResult> answer) private Collection<Group> populateGroups(Enumeration<SearchResult> answer) {
{
if (manager.isDebugEnabled()) { if (manager.isDebugEnabled()) {
Log.debug("Starting to populate groups with users."); Log.debug("Starting to populate groups with users.");
} }
TreeMap<String,Group> groups = new TreeMap<String,Group>(); TreeMap<String, Group> groups = new TreeMap<String, Group>();
DirContext ctx = null; DirContext ctx = null;
try try {
{
ctx = manager.getContext(); ctx = manager.getContext();
} }
catch (Exception e) catch (Exception e) {
{
return new ArrayList<Group>(); return new ArrayList<Group>();
} }
SearchControls ctrls = new SearchControls(); SearchControls ctrls = new SearchControls();
ctrls.setReturningAttributes( new String[]{manager.getUsernameField()} ); ctrls.setReturningAttributes(new String[]{manager.getUsernameField()});
ctrls.setSearchScope(SearchControls.SUBTREE_SCOPE); ctrls.setSearchScope(SearchControls.SUBTREE_SCOPE);
String userSearchFilter = MessageFormat.format(manager.getSearchFilter(),"*"); String userSearchFilter = MessageFormat.format(manager.getSearchFilter(), "*");
while (answer.hasMoreElements()) while (answer.hasMoreElements()) {
{
String name = ""; String name = "";
try try {
{ Attributes a = (((SearchResult) answer.nextElement()).getAttributes());
Attributes a = (((SearchResult)answer.nextElement()).getAttributes());
String description; String description;
try try {
{ name = ((String) ((a.get(manager.getGroupNameField())).get()));
name = ((String)((a.get(manager.getGroupNameField())).get())); description = ((String) ((a.get(manager.getGroupDescriptionField())).get()));
description = ((String)((a.get(manager.getGroupDescriptionField())).get()));
} }
catch (Exception e) catch (Exception e) {
{
description = ""; description = "";
} }
TreeSet<String> members = new TreeSet<String>(); TreeSet<String> members = new TreeSet<String>();
Attribute member = a.get(manager.getGroupMemberField()); Attribute member = a.get(manager.getGroupMemberField());
NamingEnumeration ne = member.getAll(); NamingEnumeration ne = member.getAll();
while (ne.hasMore()) while (ne.hasMore()) {
{ String username = (String) ne.next();
String userName = (String)ne.next(); if (!manager.isPosixMode()) { //userName is full dn if not posix
if (!manager.getPosixEnabled()) try {
{ //userName is full dn if not posix
try
{
// Get the CN using LDAP // Get the CN using LDAP
LdapName ldapname = new LdapName(userName); LdapName ldapname = new LdapName(username);
String ldapcn = ldapname.get(ldapname.size()-1); String ldapcn = ldapname.get(ldapname.size() - 1);
// We have to do a new search to find the username field // We have to do a new search to find the username field
String combinedFilter = "(&("+ldapcn+")"+userSearchFilter+")"; String combinedFilter = "(&(" + ldapcn + ")" + userSearchFilter + ")";
NamingEnumeration usrAnswer = ctx.search("",combinedFilter,ctrls); NamingEnumeration usrAnswer = ctx.search("", combinedFilter, ctrls);
if (usrAnswer.hasMoreElements()) if (usrAnswer.hasMoreElements()) {
{ username = (String) ((SearchResult) usrAnswer.next()).getAttributes().get(
userName = (String)((SearchResult)usrAnswer.next()).getAttributes().get(
manager.getUsernameField()).get(); manager.getUsernameField()).get();
} }
else else {
throw new UserNotFoundException(); throw new UserNotFoundException();
} }
catch (Exception e)
{
if (manager.isDebugEnabled())
Log.debug("Error populating user with DN: "+userName,e);
} }
catch (Exception e) {
if (manager.isDebugEnabled()) {
Log.debug("Error populating user with DN: " + username, e);
} }
try
{
User user = userManager.getUser(JID.escapeNode(userName));
members.add(user.getUsername());
} }
catch (UserNotFoundException e)
{
if (manager.isDebugEnabled())
Log.debug("User not found: "+userName);
} }
// A search filter may have been defined in the LdapUserProvider.
// Therefore, we have to try to load each user we found to see if
// it passes the filter.
try {
// In order to lookup a username from the manager, the username
// must be a properly escaped JID node.
String escapedUsername = JID.escapeNode(username);
userManager.getUser(escapedUsername);
// No exception, so the user must exist. Add the user as a group
// member using the escaped username.
members.add(escapedUsername);
} }
if (manager.isDebugEnabled()) catch (UserNotFoundException e) {
Log.debug("Adding group \""+name+"\" with "+members.size()+" members."); if (manager.isDebugEnabled()) {
Group g = new Group(this,name,description,members,new ArrayList<String>()); Log.debug("User not found: " + username);
groups.put(name,g);
} }
catch (Exception e)
{
if (manager.isDebugEnabled())
Log.debug("Error while populating group, "+name+".",e);
} }
} }
if (manager.isDebugEnabled()) if (manager.isDebugEnabled()) {
Log.debug("Adding group \"" + name + "\" with " + members.size() + " members.");
}
Group g = new Group(this, name, description, members, new ArrayList<String>());
groups.put(name, g);
}
catch (Exception e) {
if (manager.isDebugEnabled()) {
Log.debug("Error while populating group, " + name + ".", e);
}
}
}
if (manager.isDebugEnabled()) {
Log.debug("Finished populating group(s) with users."); Log.debug("Finished populating group(s) with users.");
}
try try {
{
ctx.close(); ctx.close();
} }
catch (Exception e) { } catch (Exception e) {
}
return groups.values(); return groups.values();
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023