Story 1890: Fix for removing users.

6b3dc505 · Dustin Jenkins · cbe3df3b · 6b3dc505 · 6b3dc505 · 6b3dc505
Commit 6b3dc505 authored Mar 24, 2016 by Dustin Jenkins
--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
@@ -815,7 +815,7 @@ public class LdapUserDAO extends LdapDAO
        logger.debug("search filter: " + filter);

        final String[] attributes = new String[]
-            { LDAP_UID, LDAP_FIRST_NAME, LDAP_LAST_NAME };
+            { LDAP_USER_NAME, LDAP_FIRST_NAME, LDAP_LAST_NAME };
        final SearchRequest searchRequest =
            new SearchRequest(usersDN, SearchScope.ONE, filter, attributes);

@@ -831,10 +831,10 @@ public class LdapUserDAO extends LdapDAO
                    next.getAttributeValue(LDAP_FIRST_NAME);
                final String lastName =
                    next.getAttributeValue(LDAP_LAST_NAME).trim();
-                final String uid = next.getAttributeValue(LDAP_UID);
+                final String username = next.getAttributeValue(LDAP_USER_NAME);

                User user = new User();
-                user.getIdentities().add(new HttpPrincipal(uid));
+                user.getIdentities().add(new HttpPrincipal(username));

                // Only add Personal Details if it is relevant.
                if (StringUtil.hasLength(firstName) &&

--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/CreateGroupAction.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/CreateGroupAction.java
@@ -107,7 +107,7 @@ public class CreateGroupAction extends AbstractGroupAction
            }
            for (User usr : group.getUserMembers())
            {
-                addedMembers.add(usr.getHttpPrincipal().getName());
+                addedMembers.add(usr.getX500Principal().getName());
            }
        }
        logGroupInfo(group.getID(), null, addedMembers);

--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberAction.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberAction.java
@@ -78,6 +78,7 @@ import ca.nrc.cadc.ac.User;
 import ca.nrc.cadc.ac.server.PluginFactory;
 import ca.nrc.cadc.ac.server.UserPersistence;
 import ca.nrc.cadc.auth.AuthenticationUtil;
+import ca.nrc.cadc.util.ObjectUtil;

 public class RemoveUserMemberAction extends AbstractGroupAction
 {
@@ -102,6 +103,7 @@ public class RemoveUserMemberAction extends AbstractGroupAction

        User user = getUserPersistence().getAugmentedUser(userPrincipal);
        User toRemove = new User();
+        ObjectUtil.setField(toRemove, user.getID(), "id");
        toRemove.getIdentities().addAll(user.getIdentities());

        if (!group.getUserMembers().remove(toRemove))

--- a/cadcAccessControl/src/ca/nrc/cadc/ac/User.java
+++ b/cadcAccessControl/src/ca/nrc/cadc/ac/User.java
@@ -68,6 +68,7 @@
 */
 package ca.nrc.cadc.ac;

+import java.io.PrintWriter;
 import java.security.Principal;
 import java.util.Comparator;
 import java.util.Date;
@@ -77,8 +78,12 @@ import java.util.TreeSet;

 import ca.nrc.cadc.auth.HttpPrincipal;

+import javax.security.auth.x500.X500Principal;
+
 public class User
 {
+    // How on God's green earth is this used?  Where is it set?
+    // jenkinsd 2016.03.24
    private InternalID id;

    private Set<Principal> identities = new TreeSet<Principal>(new PrincipalComparator());
@@ -141,6 +146,14 @@ public class User
        return null;
    }

+    public X500Principal getX500Principal()
+    {
+        final Set<X500Principal> identities =
+                getIdentities(X500Principal.class);
+        return identities.isEmpty() ? null : identities.iterator().next();
+    }
+
+
    /**
     * A User is considered consistent if the User's set of identities are a superset
     * of this Users set of identities.

--- a/cadcAccessControl/src/ca/nrc/cadc/ac/client/UserClient.java
+++ b/cadcAccessControl/src/ca/nrc/cadc/ac/client/UserClient.java
@@ -117,8 +117,8 @@ public class UserClient
    /**
     * Constructor.
     *
-     * @param baseURL The URL of the supporting access control web service
-     *                obtained from the registry.
+     * @param serviceURI    The URI of the supporting access control web service
+     *                      obtained from the registry.
     */
    public UserClient(URI serviceURI)
            throws IllegalArgumentException
@@ -129,7 +129,7 @@ public class UserClient
    public UserClient(URI serviceURI, RegistryClient registryClient)
    {
        if (serviceURI == null)
-            throw new IllegalArgumentException("invalid serviceURI: " + serviceURI);
+            throw new IllegalArgumentException("Service URI cannot be null.");
        if (serviceURI.getFragment() != null)
            throw new IllegalArgumentException("invalid serviceURI (fragment not allowed): " + serviceURI);

@@ -204,7 +204,9 @@ public class UserClient
    {
        URL usersURL = registryClient.getServiceURL(usersURI, "https");
        final List<User> webUsers = new ArrayList<User>();
-        HttpDownload httpDownload = new HttpDownload(usersURL, new JsonUserListInputStreamWrapper(webUsers));
+        HttpDownload httpDownload =
+                new HttpDownload(usersURL,
+                                 new JsonUserListInputStreamWrapper(webUsers));
        httpDownload.setRequestProperty("Accept", "application/json");
        httpDownload.run();