Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/UserPersistence.java +15 −15 Original line number Diff line number Diff line Loading @@ -100,7 +100,7 @@ public interface UserPersistence<T extends Principal> * @throws TransientException If an temporary, unexpected problem occurred. * @throws AccessControlException If the operation is not permitted. */ User<T> addUser(UserRequest<T> user) void addUser(UserRequest<T> user) throws TransientException, AccessControlException, UserAlreadyExistsException; Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java +20 −20 Original line number Diff line number Diff line Loading @@ -284,7 +284,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO * @throws AccessControlException If the operation is not permitted. * @throws UserAlreadyExistsException If the user already exists. */ public User<T> addUser(final UserRequest<T> userRequest) public void addUser(final UserRequest<T> userRequest) throws TransientException, UserAlreadyExistsException { DN userDN; Loading @@ -301,19 +301,6 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO userDN = getUserRequestsDN(userID.getName()); addUser(userRequest, userDN); // AD: Search results sometimes come incomplete if // connection is not reset - not sure why. getConnection().reconnect(); try { return getUser(userID, config.getUserRequestsDN()); } catch (UserNotFoundException e) { throw new RuntimeException("BUG: new user " + userDN.toNormalizedString() + " not found"); } } catch (LDAPException e) { Loading Loading @@ -507,9 +494,13 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO searchField, userAttribs); if (proxy && isSecure(usersDN)) { searchRequest.addControl( new ProxiedAuthorizationV2RequestControl( "dn:" + getSubjectDN().toNormalizedString())); String proxyDN = "dn:" + getSubjectDN().toNormalizedString(); logger.debug("Proxying auth as: " + proxyDN); searchRequest.addControl(new ProxiedAuthorizationV2RequestControl(proxyDN)); } else { logger.debug("Not proxying authorization"); } searchResult = getConnection().searchForEntry(searchRequest); Loading @@ -530,9 +521,18 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO user.getIdentities().add(new HttpPrincipal( searchResult.getAttributeValue( userLdapAttrib.get(HttpPrincipal.class)))); user.getIdentities().add(new NumericPrincipal( searchResult.getAttributeValueAsLong( userLdapAttrib.get(NumericPrincipal.class)))); Long numericID = searchResult.getAttributeValueAsLong(userLdapAttrib.get(NumericPrincipal.class)); logger.debug("Numeric id is: " + numericID); if (numericID == null) { // If the numeric ID does not return it means the user // does not have permission throw new AccessControlException("Permission denied"); } NumericPrincipal numericPrincipal = new NumericPrincipal(numericID); user.getIdentities().add(numericPrincipal); user.getIdentities().add(new X500Principal( searchResult.getAttributeValue( userLdapAttrib.get(X500Principal.class)))); Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java +2 −2 Original line number Diff line number Diff line Loading @@ -126,7 +126,7 @@ public class LdapUserPersistence<T extends Principal> * @throws TransientException If an temporary, unexpected problem occurred. * @throws AccessControlException If the operation is not permitted. */ public User<T> addUser(UserRequest<T> user) public void addUser(UserRequest<T> user) throws TransientException, AccessControlException, UserAlreadyExistsException { Loading @@ -134,7 +134,7 @@ public class LdapUserPersistence<T extends Principal> try { userDAO = new LdapUserDAO<T>(this.config); return userDAO.addUser(user); userDAO.addUser(user); } finally { Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/CreateUserAction.java +2 −2 Original line number Diff line number Diff line Loading @@ -93,10 +93,10 @@ public class CreateUserAction extends AbstractUserAction { final UserPersistence<Principal> userPersistence = getUserPersistence(); final UserRequest<Principal> userRequest = readUserRequest(this.inputStream); final User<Principal> newUser = userPersistence.addUser(userRequest); userPersistence.addUser(userRequest); syncOut.setCode(201); logUserInfo(newUser.getUserID().getName()); logUserInfo(userRequest.getUser().getUserID().getName()); } } projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java +8 −5 Original line number Diff line number Diff line Loading @@ -194,7 +194,10 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest subject.getPrincipals().add(testUser.getUserID()); final LdapUserDAO<HttpPrincipal> userDAO = getUserDAO(); User<HttpPrincipal> actual = userDAO.addUser(userRequest); userDAO.addUser(userRequest); User<HttpPrincipal> actual = userDAO.getPendingUser(userRequest.getUser().getUserID()); check(expected, actual); } Loading Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/UserPersistence.java +15 −15 Original line number Diff line number Diff line Loading @@ -100,7 +100,7 @@ public interface UserPersistence<T extends Principal> * @throws TransientException If an temporary, unexpected problem occurred. * @throws AccessControlException If the operation is not permitted. */ User<T> addUser(UserRequest<T> user) void addUser(UserRequest<T> user) throws TransientException, AccessControlException, UserAlreadyExistsException; Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java +20 −20 Original line number Diff line number Diff line Loading @@ -284,7 +284,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO * @throws AccessControlException If the operation is not permitted. * @throws UserAlreadyExistsException If the user already exists. */ public User<T> addUser(final UserRequest<T> userRequest) public void addUser(final UserRequest<T> userRequest) throws TransientException, UserAlreadyExistsException { DN userDN; Loading @@ -301,19 +301,6 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO userDN = getUserRequestsDN(userID.getName()); addUser(userRequest, userDN); // AD: Search results sometimes come incomplete if // connection is not reset - not sure why. getConnection().reconnect(); try { return getUser(userID, config.getUserRequestsDN()); } catch (UserNotFoundException e) { throw new RuntimeException("BUG: new user " + userDN.toNormalizedString() + " not found"); } } catch (LDAPException e) { Loading Loading @@ -507,9 +494,13 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO searchField, userAttribs); if (proxy && isSecure(usersDN)) { searchRequest.addControl( new ProxiedAuthorizationV2RequestControl( "dn:" + getSubjectDN().toNormalizedString())); String proxyDN = "dn:" + getSubjectDN().toNormalizedString(); logger.debug("Proxying auth as: " + proxyDN); searchRequest.addControl(new ProxiedAuthorizationV2RequestControl(proxyDN)); } else { logger.debug("Not proxying authorization"); } searchResult = getConnection().searchForEntry(searchRequest); Loading @@ -530,9 +521,18 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO user.getIdentities().add(new HttpPrincipal( searchResult.getAttributeValue( userLdapAttrib.get(HttpPrincipal.class)))); user.getIdentities().add(new NumericPrincipal( searchResult.getAttributeValueAsLong( userLdapAttrib.get(NumericPrincipal.class)))); Long numericID = searchResult.getAttributeValueAsLong(userLdapAttrib.get(NumericPrincipal.class)); logger.debug("Numeric id is: " + numericID); if (numericID == null) { // If the numeric ID does not return it means the user // does not have permission throw new AccessControlException("Permission denied"); } NumericPrincipal numericPrincipal = new NumericPrincipal(numericID); user.getIdentities().add(numericPrincipal); user.getIdentities().add(new X500Principal( searchResult.getAttributeValue( userLdapAttrib.get(X500Principal.class)))); Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java +2 −2 Original line number Diff line number Diff line Loading @@ -126,7 +126,7 @@ public class LdapUserPersistence<T extends Principal> * @throws TransientException If an temporary, unexpected problem occurred. * @throws AccessControlException If the operation is not permitted. */ public User<T> addUser(UserRequest<T> user) public void addUser(UserRequest<T> user) throws TransientException, AccessControlException, UserAlreadyExistsException { Loading @@ -134,7 +134,7 @@ public class LdapUserPersistence<T extends Principal> try { userDAO = new LdapUserDAO<T>(this.config); return userDAO.addUser(user); userDAO.addUser(user); } finally { Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/CreateUserAction.java +2 −2 Original line number Diff line number Diff line Loading @@ -93,10 +93,10 @@ public class CreateUserAction extends AbstractUserAction { final UserPersistence<Principal> userPersistence = getUserPersistence(); final UserRequest<Principal> userRequest = readUserRequest(this.inputStream); final User<Principal> newUser = userPersistence.addUser(userRequest); userPersistence.addUser(userRequest); syncOut.setCode(201); logUserInfo(newUser.getUserID().getName()); logUserInfo(userRequest.getUser().getUserID().getName()); } }
projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java +8 −5 Original line number Diff line number Diff line Loading @@ -194,7 +194,10 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest subject.getPrincipals().add(testUser.getUserID()); final LdapUserDAO<HttpPrincipal> userDAO = getUserDAO(); User<HttpPrincipal> actual = userDAO.addUser(userRequest); userDAO.addUser(userRequest); User<HttpPrincipal> actual = userDAO.getPendingUser(userRequest.getUser().getUserID()); check(expected, actual); } Loading
