Loading cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java +3 −3 Original line number Original line Diff line number Diff line Loading @@ -815,7 +815,7 @@ public class LdapUserDAO extends LdapDAO logger.debug("search filter: " + filter); logger.debug("search filter: " + filter); final String[] attributes = new String[] final String[] attributes = new String[] { LDAP_UID, LDAP_FIRST_NAME, LDAP_LAST_NAME }; { LDAP_USER_NAME, LDAP_FIRST_NAME, LDAP_LAST_NAME }; final SearchRequest searchRequest = final SearchRequest searchRequest = new SearchRequest(usersDN, SearchScope.ONE, filter, attributes); new SearchRequest(usersDN, SearchScope.ONE, filter, attributes); Loading @@ -831,10 +831,10 @@ public class LdapUserDAO extends LdapDAO next.getAttributeValue(LDAP_FIRST_NAME); next.getAttributeValue(LDAP_FIRST_NAME); final String lastName = final String lastName = next.getAttributeValue(LDAP_LAST_NAME).trim(); next.getAttributeValue(LDAP_LAST_NAME).trim(); final String uid = next.getAttributeValue(LDAP_UID); final String username = next.getAttributeValue(LDAP_USER_NAME); User user = new User(); User user = new User(); user.getIdentities().add(new HttpPrincipal(uid)); user.getIdentities().add(new HttpPrincipal(username)); // Only add Personal Details if it is relevant. // Only add Personal Details if it is relevant. if (StringUtil.hasLength(firstName) && if (StringUtil.hasLength(firstName) && Loading cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/CreateGroupAction.java +1 −1 Original line number Original line Diff line number Diff line Loading @@ -107,7 +107,7 @@ public class CreateGroupAction extends AbstractGroupAction } } for (User usr : group.getUserMembers()) for (User usr : group.getUserMembers()) { { addedMembers.add(usr.getHttpPrincipal().getName()); addedMembers.add(usr.getX500Principal().getName()); } } } } logGroupInfo(group.getID(), null, addedMembers); logGroupInfo(group.getID(), null, addedMembers); Loading cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberAction.java +7 −1 Original line number Original line Diff line number Diff line Loading @@ -78,6 +78,7 @@ import ca.nrc.cadc.ac.User; import ca.nrc.cadc.ac.server.PluginFactory; import ca.nrc.cadc.ac.server.PluginFactory; import ca.nrc.cadc.ac.server.UserPersistence; import ca.nrc.cadc.ac.server.UserPersistence; import ca.nrc.cadc.auth.AuthenticationUtil; import ca.nrc.cadc.auth.AuthenticationUtil; import ca.nrc.cadc.util.ObjectUtil; public class RemoveUserMemberAction extends AbstractGroupAction public class RemoveUserMemberAction extends AbstractGroupAction { { Loading @@ -99,7 +100,12 @@ public class RemoveUserMemberAction extends AbstractGroupAction Group group = groupPersistence.getGroup(this.groupName); Group group = groupPersistence.getGroup(this.groupName); Principal userPrincipal = AuthenticationUtil.createPrincipal(this.userID, this.userIDType); Principal userPrincipal = AuthenticationUtil.createPrincipal(this.userID, this.userIDType); User toRemove = getUserPersistence().getUser(userPrincipal); User user = getUserPersistence().getAugmentedUser(userPrincipal); User toRemove = new User(); ObjectUtil.setField(toRemove, user.getID(), "id"); toRemove.getIdentities().addAll(user.getIdentities()); if (!group.getUserMembers().remove(toRemove)) if (!group.getUserMembers().remove(toRemove)) { { throw new MemberNotFoundException(); throw new MemberNotFoundException(); Loading cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberActionTest.java +17 −6 Original line number Original line Diff line number Diff line Loading @@ -71,11 +71,16 @@ package ca.nrc.cadc.ac.server.web.groups; import static org.easymock.EasyMock.createMock; import static org.easymock.EasyMock.createMock; import static org.junit.Assert.fail; import static org.junit.Assert.fail; import java.net.URI; import java.security.Principal; import java.security.Principal; import java.util.UUID; import javax.security.auth.x500.X500Principal; import javax.security.auth.x500.X500Principal; import ca.nrc.cadc.ac.AC; import ca.nrc.cadc.ac.InternalID; import ca.nrc.cadc.auth.HttpPrincipal; import ca.nrc.cadc.auth.HttpPrincipal; import ca.nrc.cadc.util.ObjectUtil; import org.apache.log4j.Level; import org.apache.log4j.Level; import org.apache.log4j.Logger; import org.apache.log4j.Logger; import org.easymock.EasyMock; import org.easymock.EasyMock; Loading Loading @@ -111,11 +116,14 @@ public class RemoveUserMemberActionTest { { try try { { User user = new User(); InternalID internalID = new InternalID(new URI(AC.USER_URI + "?" + UUID.randomUUID())); ObjectUtil.setField(user, internalID, "id"); String userID = "cn=foo,c=ca"; String userID = "cn=foo,c=ca"; String userIDType = IdentityType.X500.getValue(); String userIDType = IdentityType.X500.getValue(); Principal userPrincipal = AuthenticationUtil.createPrincipal(userID, userIDType); Principal x500Principal = AuthenticationUtil.createPrincipal(userID, userIDType); User user = new User(); user.getIdentities().add(x500Principal); user.getIdentities().add(userPrincipal); Group group = new Group("group"); Group group = new Group("group"); User member = new User(); User member = new User(); Loading @@ -126,7 +134,7 @@ public class RemoveUserMemberActionTest EasyMock.expect(mockGroupPersistence.getGroup("group")).andReturn(group); EasyMock.expect(mockGroupPersistence.getGroup("group")).andReturn(group); final UserPersistence mockUserPersistence = EasyMock.createMock(UserPersistence.class); final UserPersistence mockUserPersistence = EasyMock.createMock(UserPersistence.class); EasyMock.expect(mockUserPersistence.getUser(userPrincipal)).andReturn(user); EasyMock.expect(mockUserPersistence.getAugmentedUser(x500Principal)).andReturn(user); EasyMock.replay(mockGroupPersistence, mockUserPersistence); EasyMock.replay(mockGroupPersistence, mockUserPersistence); Loading Loading @@ -160,10 +168,13 @@ public class RemoveUserMemberActionTest { { try try { { User user = new User(); InternalID internalID = new InternalID(new URI(AC.USER_URI + "?" + UUID.randomUUID())); ObjectUtil.setField(user, internalID, "id"); String userID = "cn=foo,c=ca"; String userID = "cn=foo,c=ca"; String userIDType = IdentityType.X500.getValue(); String userIDType = IdentityType.X500.getValue(); Principal userPrincipal = AuthenticationUtil.createPrincipal(userID, userIDType); Principal userPrincipal = AuthenticationUtil.createPrincipal(userID, userIDType); User user = new User(); user.getIdentities().add(new X500Principal(userID)); user.getIdentities().add(new X500Principal(userID)); user.getIdentities().add(new HttpPrincipal("foo")); user.getIdentities().add(new HttpPrincipal("foo")); Loading @@ -176,7 +187,7 @@ public class RemoveUserMemberActionTest EasyMock.expectLastCall(); EasyMock.expectLastCall(); final UserPersistence mockUserPersistence = EasyMock.createMock(UserPersistence.class); final UserPersistence mockUserPersistence = EasyMock.createMock(UserPersistence.class); EasyMock.expect(mockUserPersistence.getUser(userPrincipal)).andReturn(user); EasyMock.expect(mockUserPersistence.getAugmentedUser(userPrincipal)).andReturn(user); EasyMock.replay(mockGroupPersistence, mockUserPersistence); EasyMock.replay(mockGroupPersistence, mockUserPersistence); Loading cadcAccessControl/src/ca/nrc/cadc/ac/User.java +13 −0 Original line number Original line Diff line number Diff line Loading @@ -68,6 +68,7 @@ */ */ package ca.nrc.cadc.ac; package ca.nrc.cadc.ac; import java.io.PrintWriter; import java.security.Principal; import java.security.Principal; import java.util.Comparator; import java.util.Comparator; import java.util.Date; import java.util.Date; Loading @@ -77,8 +78,12 @@ import java.util.TreeSet; import ca.nrc.cadc.auth.HttpPrincipal; import ca.nrc.cadc.auth.HttpPrincipal; import javax.security.auth.x500.X500Principal; public class User public class User { { // How on God's green earth is this used? Where is it set? // jenkinsd 2016.03.24 private InternalID id; private InternalID id; private Set<Principal> identities = new TreeSet<Principal>(new PrincipalComparator()); private Set<Principal> identities = new TreeSet<Principal>(new PrincipalComparator()); Loading Loading @@ -141,6 +146,14 @@ public class User return null; return null; } } public X500Principal getX500Principal() { final Set<X500Principal> identities = getIdentities(X500Principal.class); return identities.isEmpty() ? null : identities.iterator().next(); } /** /** * A User is considered consistent if the User's set of identities are a superset * A User is considered consistent if the User's set of identities are a superset * of this Users set of identities. * of this Users set of identities. Loading Loading
cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java +3 −3 Original line number Original line Diff line number Diff line Loading @@ -815,7 +815,7 @@ public class LdapUserDAO extends LdapDAO logger.debug("search filter: " + filter); logger.debug("search filter: " + filter); final String[] attributes = new String[] final String[] attributes = new String[] { LDAP_UID, LDAP_FIRST_NAME, LDAP_LAST_NAME }; { LDAP_USER_NAME, LDAP_FIRST_NAME, LDAP_LAST_NAME }; final SearchRequest searchRequest = final SearchRequest searchRequest = new SearchRequest(usersDN, SearchScope.ONE, filter, attributes); new SearchRequest(usersDN, SearchScope.ONE, filter, attributes); Loading @@ -831,10 +831,10 @@ public class LdapUserDAO extends LdapDAO next.getAttributeValue(LDAP_FIRST_NAME); next.getAttributeValue(LDAP_FIRST_NAME); final String lastName = final String lastName = next.getAttributeValue(LDAP_LAST_NAME).trim(); next.getAttributeValue(LDAP_LAST_NAME).trim(); final String uid = next.getAttributeValue(LDAP_UID); final String username = next.getAttributeValue(LDAP_USER_NAME); User user = new User(); User user = new User(); user.getIdentities().add(new HttpPrincipal(uid)); user.getIdentities().add(new HttpPrincipal(username)); // Only add Personal Details if it is relevant. // Only add Personal Details if it is relevant. if (StringUtil.hasLength(firstName) && if (StringUtil.hasLength(firstName) && Loading
cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/CreateGroupAction.java +1 −1 Original line number Original line Diff line number Diff line Loading @@ -107,7 +107,7 @@ public class CreateGroupAction extends AbstractGroupAction } } for (User usr : group.getUserMembers()) for (User usr : group.getUserMembers()) { { addedMembers.add(usr.getHttpPrincipal().getName()); addedMembers.add(usr.getX500Principal().getName()); } } } } logGroupInfo(group.getID(), null, addedMembers); logGroupInfo(group.getID(), null, addedMembers); Loading
cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberAction.java +7 −1 Original line number Original line Diff line number Diff line Loading @@ -78,6 +78,7 @@ import ca.nrc.cadc.ac.User; import ca.nrc.cadc.ac.server.PluginFactory; import ca.nrc.cadc.ac.server.PluginFactory; import ca.nrc.cadc.ac.server.UserPersistence; import ca.nrc.cadc.ac.server.UserPersistence; import ca.nrc.cadc.auth.AuthenticationUtil; import ca.nrc.cadc.auth.AuthenticationUtil; import ca.nrc.cadc.util.ObjectUtil; public class RemoveUserMemberAction extends AbstractGroupAction public class RemoveUserMemberAction extends AbstractGroupAction { { Loading @@ -99,7 +100,12 @@ public class RemoveUserMemberAction extends AbstractGroupAction Group group = groupPersistence.getGroup(this.groupName); Group group = groupPersistence.getGroup(this.groupName); Principal userPrincipal = AuthenticationUtil.createPrincipal(this.userID, this.userIDType); Principal userPrincipal = AuthenticationUtil.createPrincipal(this.userID, this.userIDType); User toRemove = getUserPersistence().getUser(userPrincipal); User user = getUserPersistence().getAugmentedUser(userPrincipal); User toRemove = new User(); ObjectUtil.setField(toRemove, user.getID(), "id"); toRemove.getIdentities().addAll(user.getIdentities()); if (!group.getUserMembers().remove(toRemove)) if (!group.getUserMembers().remove(toRemove)) { { throw new MemberNotFoundException(); throw new MemberNotFoundException(); Loading
cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberActionTest.java +17 −6 Original line number Original line Diff line number Diff line Loading @@ -71,11 +71,16 @@ package ca.nrc.cadc.ac.server.web.groups; import static org.easymock.EasyMock.createMock; import static org.easymock.EasyMock.createMock; import static org.junit.Assert.fail; import static org.junit.Assert.fail; import java.net.URI; import java.security.Principal; import java.security.Principal; import java.util.UUID; import javax.security.auth.x500.X500Principal; import javax.security.auth.x500.X500Principal; import ca.nrc.cadc.ac.AC; import ca.nrc.cadc.ac.InternalID; import ca.nrc.cadc.auth.HttpPrincipal; import ca.nrc.cadc.auth.HttpPrincipal; import ca.nrc.cadc.util.ObjectUtil; import org.apache.log4j.Level; import org.apache.log4j.Level; import org.apache.log4j.Logger; import org.apache.log4j.Logger; import org.easymock.EasyMock; import org.easymock.EasyMock; Loading Loading @@ -111,11 +116,14 @@ public class RemoveUserMemberActionTest { { try try { { User user = new User(); InternalID internalID = new InternalID(new URI(AC.USER_URI + "?" + UUID.randomUUID())); ObjectUtil.setField(user, internalID, "id"); String userID = "cn=foo,c=ca"; String userID = "cn=foo,c=ca"; String userIDType = IdentityType.X500.getValue(); String userIDType = IdentityType.X500.getValue(); Principal userPrincipal = AuthenticationUtil.createPrincipal(userID, userIDType); Principal x500Principal = AuthenticationUtil.createPrincipal(userID, userIDType); User user = new User(); user.getIdentities().add(x500Principal); user.getIdentities().add(userPrincipal); Group group = new Group("group"); Group group = new Group("group"); User member = new User(); User member = new User(); Loading @@ -126,7 +134,7 @@ public class RemoveUserMemberActionTest EasyMock.expect(mockGroupPersistence.getGroup("group")).andReturn(group); EasyMock.expect(mockGroupPersistence.getGroup("group")).andReturn(group); final UserPersistence mockUserPersistence = EasyMock.createMock(UserPersistence.class); final UserPersistence mockUserPersistence = EasyMock.createMock(UserPersistence.class); EasyMock.expect(mockUserPersistence.getUser(userPrincipal)).andReturn(user); EasyMock.expect(mockUserPersistence.getAugmentedUser(x500Principal)).andReturn(user); EasyMock.replay(mockGroupPersistence, mockUserPersistence); EasyMock.replay(mockGroupPersistence, mockUserPersistence); Loading Loading @@ -160,10 +168,13 @@ public class RemoveUserMemberActionTest { { try try { { User user = new User(); InternalID internalID = new InternalID(new URI(AC.USER_URI + "?" + UUID.randomUUID())); ObjectUtil.setField(user, internalID, "id"); String userID = "cn=foo,c=ca"; String userID = "cn=foo,c=ca"; String userIDType = IdentityType.X500.getValue(); String userIDType = IdentityType.X500.getValue(); Principal userPrincipal = AuthenticationUtil.createPrincipal(userID, userIDType); Principal userPrincipal = AuthenticationUtil.createPrincipal(userID, userIDType); User user = new User(); user.getIdentities().add(new X500Principal(userID)); user.getIdentities().add(new X500Principal(userID)); user.getIdentities().add(new HttpPrincipal("foo")); user.getIdentities().add(new HttpPrincipal("foo")); Loading @@ -176,7 +187,7 @@ public class RemoveUserMemberActionTest EasyMock.expectLastCall(); EasyMock.expectLastCall(); final UserPersistence mockUserPersistence = EasyMock.createMock(UserPersistence.class); final UserPersistence mockUserPersistence = EasyMock.createMock(UserPersistence.class); EasyMock.expect(mockUserPersistence.getUser(userPrincipal)).andReturn(user); EasyMock.expect(mockUserPersistence.getAugmentedUser(userPrincipal)).andReturn(user); EasyMock.replay(mockGroupPersistence, mockUserPersistence); EasyMock.replay(mockGroupPersistence, mockUserPersistence); Loading
cadcAccessControl/src/ca/nrc/cadc/ac/User.java +13 −0 Original line number Original line Diff line number Diff line Loading @@ -68,6 +68,7 @@ */ */ package ca.nrc.cadc.ac; package ca.nrc.cadc.ac; import java.io.PrintWriter; import java.security.Principal; import java.security.Principal; import java.util.Comparator; import java.util.Comparator; import java.util.Date; import java.util.Date; Loading @@ -77,8 +78,12 @@ import java.util.TreeSet; import ca.nrc.cadc.auth.HttpPrincipal; import ca.nrc.cadc.auth.HttpPrincipal; import javax.security.auth.x500.X500Principal; public class User public class User { { // How on God's green earth is this used? Where is it set? // jenkinsd 2016.03.24 private InternalID id; private InternalID id; private Set<Principal> identities = new TreeSet<Principal>(new PrincipalComparator()); private Set<Principal> identities = new TreeSet<Principal>(new PrincipalComparator()); Loading Loading @@ -141,6 +146,14 @@ public class User return null; return null; } } public X500Principal getX500Principal() { final Set<X500Principal> identities = getIdentities(X500Principal.class); return identities.isEmpty() ? null : identities.iterator().next(); } /** /** * A User is considered consistent if the User's set of identities are a superset * A User is considered consistent if the User's set of identities are a superset * of this Users set of identities. * of this Users set of identities. Loading
