Loading cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java +15 −5 Original line number Diff line number Diff line Loading @@ -520,7 +520,9 @@ public class LdapUserDAO extends LdapDAO { name = userID.getName(); } Filter filter = Filter.createEqualityFilter(searchField, name); Filter notFilter = Filter.createNOTFilter(Filter.createPresenceFilter(LDAP_NSACCOUNTLOCK)); Filter equalsFilter = Filter.createEqualityFilter(searchField, name); Filter filter = Filter.createANDFilter(notFilter, equalsFilter); logger.debug("getUser: search filter = " + filter); SearchRequest searchRequest = new SearchRequest(usersDN, SearchScope.ONE, filter, userAttribs); Loading Loading @@ -620,8 +622,10 @@ public class LdapUserDAO extends LdapDAO Filter filter = null; try { filter = Filter.createEqualityFilter("email", emailAddress); logger.debug("getUserByEmailAddress: search filter = " + filter); Filter notFilter = Filter.createNOTFilter(Filter.createPresenceFilter(LDAP_NSACCOUNTLOCK)); Filter equalsFilter = Filter.createEqualityFilter("email", emailAddress); filter = Filter.createANDFilter(notFilter, equalsFilter); logger.debug("search filter: " + filter); SearchRequest searchRequest = new SearchRequest(usersDN, SearchScope.ONE, filter, userAttribs); Loading Loading @@ -695,7 +699,11 @@ public class LdapUserDAO extends LdapDAO { name = userID.getName(); } Filter filter = Filter.createEqualityFilter(searchField, name); Filter notFilter = Filter.createNOTFilter(Filter.createPresenceFilter(LDAP_NSACCOUNTLOCK)); Filter equalsFilter = Filter.createEqualityFilter(searchField, name); Filter filter = Filter.createANDFilter(notFilter, equalsFilter); profiler.checkpoint("getAugmentedUser.createFilter"); logger.debug("getAugmentedUser: search filter = " + filter); Loading Loading @@ -811,7 +819,9 @@ public class LdapUserDAO extends LdapDAO { final Collection<User> users = new ArrayList<User>(); Filter filter = Filter.createPresenceFilter(LDAP_UID); Filter notFilter = Filter.createNOTFilter(Filter.createPresenceFilter(LDAP_NSACCOUNTLOCK)); Filter presenceFilter = Filter.createPresenceFilter(LDAP_UID); Filter filter = Filter.createANDFilter(notFilter, presenceFilter); logger.debug("search filter: " + filter); final String[] attributes = new String[] Loading cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/CreateGroupAction.java +7 −1 Original line number Diff line number Diff line Loading @@ -69,6 +69,7 @@ package ca.nrc.cadc.ac.server.web.groups; import java.io.InputStream; import java.security.Principal; import java.util.ArrayList; import java.util.List; Loading Loading @@ -107,7 +108,12 @@ public class CreateGroupAction extends AbstractGroupAction } for (User usr : group.getUserMembers()) { addedMembers.add(usr.getX500Principal().getName()); Principal p = usr.getHttpPrincipal(); if (p == null) { p = usr.getX500Principal(); } addedMembers.add(p.getName()); } } logGroupInfo(group.getID(), null, addedMembers); Loading cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAOTest.java +17 −16 Original line number Diff line number Diff line Loading @@ -67,23 +67,25 @@ package ca.nrc.cadc.ac.server.ldap; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.GroupNotFoundException; import ca.nrc.cadc.ac.GroupProperty; import ca.nrc.cadc.ac.User; import org.apache.log4j.Logger; import org.junit.Assert; import org.junit.Test; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; import javax.security.auth.Subject; import java.security.Principal; import java.security.PrivilegedExceptionAction; import java.util.Collection; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; import javax.security.auth.Subject; import org.apache.log4j.Logger; import org.junit.Assert; import org.junit.Test; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.GroupNotFoundException; import ca.nrc.cadc.ac.GroupProperty; import ca.nrc.cadc.ac.User; public class LdapGroupDAOTest extends AbstractLdapDAOTest { Loading Loading @@ -156,7 +158,7 @@ public class LdapGroupDAOTest extends AbstractLdapDAOTest expectGroup.getUserMembers().add(cadcDaoTest2_User); expectGroup.getUserMembers().add(duplicateIdentity); actualGroup = getGroupDAO().modifyGroup(expectGroup); expectGroup.getUserMembers().remove(duplicateIdentity); //expectGroup.getUserMembers().remove(duplicateIdentity); assertGroupsEqual(expectGroup, actualGroup); expectGroup.getUserMembers().remove(cadcDaoTest2_User); Loading Loading @@ -205,7 +207,7 @@ public class LdapGroupDAOTest extends AbstractLdapDAOTest expectGroup.getUserAdmins().add(cadcDaoTest2_User); expectGroup.getUserAdmins().add(duplicateIdentity); actualGroup = getGroupDAO().modifyGroup(expectGroup); expectGroup.getUserAdmins().remove(duplicateIdentity); //expectGroup.getUserAdmins().remove(duplicateIdentity); assertGroupsEqual(expectGroup, actualGroup); // delete the group Loading Loading @@ -443,9 +445,8 @@ public class LdapGroupDAOTest extends AbstractLdapDAOTest assertTrue(gr2.getGroupMembers().contains(gr)); } assertEquals(gr1.getUserMembers().size(), gr2.getUserMembers().size()); assertEquals(gr1.getUserMembers(), gr2.getUserMembers()); assertEquals(gr1.getUserMembers().size(), gr2.getUserMembers() .size()); for (User user : gr1.getUserMembers()) { assertTrue(gr2.getUserMembers().contains(user)); Loading cadcAccessControl/src/ca/nrc/cadc/ac/Group.java +18 −17 Original line number Diff line number Diff line Loading @@ -71,6 +71,7 @@ package ca.nrc.cadc.ac; import java.util.Date; import java.util.HashSet; import java.util.Set; import java.util.TreeSet; public class Group { Loading @@ -82,13 +83,13 @@ public class Group protected Set<GroupProperty> properties = new HashSet<GroupProperty>(); // group's user members private Set<User> userMembers = new HashSet<User>(); private Set<User> userMembers = new TreeSet<User>(); // group's group members private Set<Group> groupMembers = new HashSet<Group>(); // group's user admins private Set<User> userAdmins = new HashSet<User>(); private Set<User> userAdmins = new TreeSet<User>(); // group's group admins private Set<Group> groupAdmins = new HashSet<Group>(); Loading cadcAccessControl/src/ca/nrc/cadc/ac/InternalID.java +36 −0 Original line number Diff line number Diff line Loading @@ -94,10 +94,46 @@ public class InternalID throw new IllegalArgumentException("uri is null"); } if (uri.getFragment() != null) { throw new IllegalArgumentException("fragment not allowed"); } this.uri = uri; uuid = UUID.fromString(uri.getQuery()); } /** * Ctor * @param uri unique identifier * @param id The uuid of the identifier */ public InternalID(URI uri, UUID id) { if (uri == null) { throw new IllegalArgumentException("uri is null"); } if (id == null) { throw new IllegalArgumentException("id is null"); } if (uri.getQuery() != null) { throw new IllegalArgumentException("query not allowed in base uri"); } if (uri.getFragment() != null) { throw new IllegalArgumentException("fragment not allowed"); } this.uri = URI.create(uri.toASCIIString() + "?" + id.toString()); this.uuid = id; } public URI getURI() { return uri; Loading Loading
cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java +15 −5 Original line number Diff line number Diff line Loading @@ -520,7 +520,9 @@ public class LdapUserDAO extends LdapDAO { name = userID.getName(); } Filter filter = Filter.createEqualityFilter(searchField, name); Filter notFilter = Filter.createNOTFilter(Filter.createPresenceFilter(LDAP_NSACCOUNTLOCK)); Filter equalsFilter = Filter.createEqualityFilter(searchField, name); Filter filter = Filter.createANDFilter(notFilter, equalsFilter); logger.debug("getUser: search filter = " + filter); SearchRequest searchRequest = new SearchRequest(usersDN, SearchScope.ONE, filter, userAttribs); Loading Loading @@ -620,8 +622,10 @@ public class LdapUserDAO extends LdapDAO Filter filter = null; try { filter = Filter.createEqualityFilter("email", emailAddress); logger.debug("getUserByEmailAddress: search filter = " + filter); Filter notFilter = Filter.createNOTFilter(Filter.createPresenceFilter(LDAP_NSACCOUNTLOCK)); Filter equalsFilter = Filter.createEqualityFilter("email", emailAddress); filter = Filter.createANDFilter(notFilter, equalsFilter); logger.debug("search filter: " + filter); SearchRequest searchRequest = new SearchRequest(usersDN, SearchScope.ONE, filter, userAttribs); Loading Loading @@ -695,7 +699,11 @@ public class LdapUserDAO extends LdapDAO { name = userID.getName(); } Filter filter = Filter.createEqualityFilter(searchField, name); Filter notFilter = Filter.createNOTFilter(Filter.createPresenceFilter(LDAP_NSACCOUNTLOCK)); Filter equalsFilter = Filter.createEqualityFilter(searchField, name); Filter filter = Filter.createANDFilter(notFilter, equalsFilter); profiler.checkpoint("getAugmentedUser.createFilter"); logger.debug("getAugmentedUser: search filter = " + filter); Loading Loading @@ -811,7 +819,9 @@ public class LdapUserDAO extends LdapDAO { final Collection<User> users = new ArrayList<User>(); Filter filter = Filter.createPresenceFilter(LDAP_UID); Filter notFilter = Filter.createNOTFilter(Filter.createPresenceFilter(LDAP_NSACCOUNTLOCK)); Filter presenceFilter = Filter.createPresenceFilter(LDAP_UID); Filter filter = Filter.createANDFilter(notFilter, presenceFilter); logger.debug("search filter: " + filter); final String[] attributes = new String[] Loading
cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/CreateGroupAction.java +7 −1 Original line number Diff line number Diff line Loading @@ -69,6 +69,7 @@ package ca.nrc.cadc.ac.server.web.groups; import java.io.InputStream; import java.security.Principal; import java.util.ArrayList; import java.util.List; Loading Loading @@ -107,7 +108,12 @@ public class CreateGroupAction extends AbstractGroupAction } for (User usr : group.getUserMembers()) { addedMembers.add(usr.getX500Principal().getName()); Principal p = usr.getHttpPrincipal(); if (p == null) { p = usr.getX500Principal(); } addedMembers.add(p.getName()); } } logGroupInfo(group.getID(), null, addedMembers); Loading
cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAOTest.java +17 −16 Original line number Diff line number Diff line Loading @@ -67,23 +67,25 @@ package ca.nrc.cadc.ac.server.ldap; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.GroupNotFoundException; import ca.nrc.cadc.ac.GroupProperty; import ca.nrc.cadc.ac.User; import org.apache.log4j.Logger; import org.junit.Assert; import org.junit.Test; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; import javax.security.auth.Subject; import java.security.Principal; import java.security.PrivilegedExceptionAction; import java.util.Collection; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; import javax.security.auth.Subject; import org.apache.log4j.Logger; import org.junit.Assert; import org.junit.Test; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.GroupNotFoundException; import ca.nrc.cadc.ac.GroupProperty; import ca.nrc.cadc.ac.User; public class LdapGroupDAOTest extends AbstractLdapDAOTest { Loading Loading @@ -156,7 +158,7 @@ public class LdapGroupDAOTest extends AbstractLdapDAOTest expectGroup.getUserMembers().add(cadcDaoTest2_User); expectGroup.getUserMembers().add(duplicateIdentity); actualGroup = getGroupDAO().modifyGroup(expectGroup); expectGroup.getUserMembers().remove(duplicateIdentity); //expectGroup.getUserMembers().remove(duplicateIdentity); assertGroupsEqual(expectGroup, actualGroup); expectGroup.getUserMembers().remove(cadcDaoTest2_User); Loading Loading @@ -205,7 +207,7 @@ public class LdapGroupDAOTest extends AbstractLdapDAOTest expectGroup.getUserAdmins().add(cadcDaoTest2_User); expectGroup.getUserAdmins().add(duplicateIdentity); actualGroup = getGroupDAO().modifyGroup(expectGroup); expectGroup.getUserAdmins().remove(duplicateIdentity); //expectGroup.getUserAdmins().remove(duplicateIdentity); assertGroupsEqual(expectGroup, actualGroup); // delete the group Loading Loading @@ -443,9 +445,8 @@ public class LdapGroupDAOTest extends AbstractLdapDAOTest assertTrue(gr2.getGroupMembers().contains(gr)); } assertEquals(gr1.getUserMembers().size(), gr2.getUserMembers().size()); assertEquals(gr1.getUserMembers(), gr2.getUserMembers()); assertEquals(gr1.getUserMembers().size(), gr2.getUserMembers() .size()); for (User user : gr1.getUserMembers()) { assertTrue(gr2.getUserMembers().contains(user)); Loading
cadcAccessControl/src/ca/nrc/cadc/ac/Group.java +18 −17 Original line number Diff line number Diff line Loading @@ -71,6 +71,7 @@ package ca.nrc.cadc.ac; import java.util.Date; import java.util.HashSet; import java.util.Set; import java.util.TreeSet; public class Group { Loading @@ -82,13 +83,13 @@ public class Group protected Set<GroupProperty> properties = new HashSet<GroupProperty>(); // group's user members private Set<User> userMembers = new HashSet<User>(); private Set<User> userMembers = new TreeSet<User>(); // group's group members private Set<Group> groupMembers = new HashSet<Group>(); // group's user admins private Set<User> userAdmins = new HashSet<User>(); private Set<User> userAdmins = new TreeSet<User>(); // group's group admins private Set<Group> groupAdmins = new HashSet<Group>(); Loading
cadcAccessControl/src/ca/nrc/cadc/ac/InternalID.java +36 −0 Original line number Diff line number Diff line Loading @@ -94,10 +94,46 @@ public class InternalID throw new IllegalArgumentException("uri is null"); } if (uri.getFragment() != null) { throw new IllegalArgumentException("fragment not allowed"); } this.uri = uri; uuid = UUID.fromString(uri.getQuery()); } /** * Ctor * @param uri unique identifier * @param id The uuid of the identifier */ public InternalID(URI uri, UUID id) { if (uri == null) { throw new IllegalArgumentException("uri is null"); } if (id == null) { throw new IllegalArgumentException("id is null"); } if (uri.getQuery() != null) { throw new IllegalArgumentException("query not allowed in base uri"); } if (uri.getFragment() != null) { throw new IllegalArgumentException("fragment not allowed"); } this.uri = URI.create(uri.toASCIIString() + "?" + id.toString()); this.uuid = id; } public URI getURI() { return uri; Loading
