You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@james.apache.org by bt...@apache.org on 2021/06/11 07:37:10 UTC
[james-project] 14/18: JAMES-3594 Strong typing for DN
This is an automated email from the ASF dual-hosted git repository.
btellier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git
commit 6b91bb487e23045a8a9a02221ae9165fa7348f3d
Author: Benoit Tellier <bt...@linagora.com>
AuthorDate: Thu Jun 10 11:00:49 2021 +0700
JAMES-3594 Strong typing for DN
---
.../user/ldap/ReadOnlyLDAPGroupRestriction.java | 10 +++--
.../apache/james/user/ldap/ReadOnlyLDAPUser.java | 7 ++--
.../james/user/ldap/ReadOnlyLDAPUsersDAO.java | 45 +++++++++++-----------
3 files changed, 33 insertions(+), 29 deletions(-)
diff --git a/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPGroupRestriction.java b/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPGroupRestriction.java
index d9023b7..25af9ed 100644
--- a/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPGroupRestriction.java
+++ b/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPGroupRestriction.java
@@ -29,8 +29,9 @@ import java.util.Map;
import org.apache.commons.configuration2.HierarchicalConfiguration;
import org.apache.commons.configuration2.tree.ImmutableNode;
+import com.github.fge.lambdas.Throwing;
import com.github.steveash.guavate.Guavate;
-import com.unboundid.ldap.sdk.LDAPConnection;
+import com.unboundid.ldap.sdk.DN;
import com.unboundid.ldap.sdk.LDAPConnectionPool;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.SearchResultEntry;
@@ -114,8 +115,8 @@ public class ReadOnlyLDAPGroupRestriction {
*
* @return Returns a map of groupDNs to userDN lists.
*/
- protected Map<String, Collection<String>> getGroupMembershipLists(LDAPConnectionPool connection) throws LDAPException {
- Map<String, Collection<String>> result = new HashMap<>();
+ protected Map<String, Collection<DN>> getGroupMembershipLists(LDAPConnectionPool connection) throws LDAPException {
+ Map<String, Collection<DN>> result = new HashMap<>();
for (String groupDN : groupDNs) {
result.put(groupDN, extractMembers(connection.getEntry(groupDN)));
@@ -133,9 +134,10 @@ public class ReadOnlyLDAPGroupRestriction {
* @return A collection of distinguished-names for the users belonging to
* the group with the specified attributes.
*/
- private Collection<String> extractMembers(SearchResultEntry entry) {
+ private Collection<DN> extractMembers(SearchResultEntry entry) {
com.unboundid.ldap.sdk.Attribute members = entry.getAttribute(memberAttribute);
return Arrays.stream(members.getValues())
+ .map(Throwing.function(DN::new))
.collect(Guavate.toImmutableList());
}
}
diff --git a/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPUser.java b/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPUser.java
index 5baaf02..1bc7147 100644
--- a/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPUser.java
+++ b/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPUser.java
@@ -27,6 +27,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.unboundid.ldap.sdk.BindResult;
+import com.unboundid.ldap.sdk.DN;
import com.unboundid.ldap.sdk.LDAPConnectionPool;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.ResultCode;
@@ -62,7 +63,7 @@ public class ReadOnlyLDAPUser implements User, Serializable {
/**
* The distinguished name of the user-record in the LDAP directory.
*/
- private final String userDN;
+ private final DN userDN;
/**
* The context for the LDAP server from which to retrieve the
@@ -88,7 +89,7 @@ public class ReadOnlyLDAPUser implements User, Serializable {
* invoked.
* @param configuration
*/
- public ReadOnlyLDAPUser(Username userName, String userDN, LDAPConnectionPool connectionPool, LdapRepositoryConfiguration configuration) {
+ public ReadOnlyLDAPUser(Username userName, DN userDN, LDAPConnectionPool connectionPool, LdapRepositoryConfiguration configuration) {
this.userName = userName;
this.userDN = userDN;
this.connectionPool = connectionPool;
@@ -144,7 +145,7 @@ public class ReadOnlyLDAPUser implements User, Serializable {
}
private boolean doVerifyPassword(String password) throws LDAPException {
- BindResult bindResult = connectionPool.bindAndRevertAuthentication(userDN, password);
+ BindResult bindResult = connectionPool.bindAndRevertAuthentication(userDN.toString(), password);
return bindResult.getResultCode() == ResultCode.SUCCESS;
}
}
diff --git a/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPUsersDAO.java b/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPUsersDAO.java
index 7a2301b..3839126 100644
--- a/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPUsersDAO.java
+++ b/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPUsersDAO.java
@@ -47,6 +47,7 @@ import org.slf4j.LoggerFactory;
import com.github.fge.lambdas.Throwing;
import com.github.steveash.guavate.Guavate;
import com.unboundid.ldap.sdk.Attribute;
+import com.unboundid.ldap.sdk.DN;
import com.unboundid.ldap.sdk.Entry;
import com.unboundid.ldap.sdk.Filter;
import com.unboundid.ldap.sdk.LDAPConnection;
@@ -156,22 +157,22 @@ public class ReadOnlyLDAPUsersDAO implements UsersDAO, Configurable {
* least one group in the parameter map, and <code>False</code>
* otherwise.
*/
- private boolean userInGroupsMembershipList(String userDN,
- Map<String, Collection<String>> groupMembershipList) {
+ private boolean userInGroupsMembershipList(DN userDN,
+ Map<String, Collection<DN>> groupMembershipList) {
boolean result = false;
- Collection<Collection<String>> memberLists = groupMembershipList.values();
- Iterator<Collection<String>> memberListsIterator = memberLists.iterator();
+ Collection<Collection<DN>> memberLists = groupMembershipList.values();
+ Iterator<Collection<DN>> memberListsIterator = memberLists.iterator();
while (memberListsIterator.hasNext() && !result) {
- Collection<String> groupMembers = memberListsIterator.next();
+ Collection<DN> groupMembers = memberListsIterator.next();
result = groupMembers.contains(userDN);
}
return result;
}
- private Set<String> getAllUsersDNFromLDAP() throws LDAPException {
+ private Set<DN> getAllUsersDNFromLDAP() throws LDAPException {
SearchRequest searchRequest = new SearchRequest(ldapConfiguration.getUserBase(),
SearchScope.SUB,
createFilter(),
@@ -181,7 +182,7 @@ public class ReadOnlyLDAPUsersDAO implements UsersDAO, Configurable {
return searchResult.getSearchEntries()
.stream()
- .map(Entry::getDN)
+ .map(Throwing.function(Entry::getParsedDN))
.collect(Guavate.toImmutableSet());
}
@@ -204,7 +205,7 @@ public class ReadOnlyLDAPUsersDAO implements UsersDAO, Configurable {
* Extract the user attributes for the given collection of userDNs, and
* encapsulates the user list as a collection of {@link ReadOnlyLDAPUser}s.
* This method delegates the extraction of a single user's details to the
- * method {@link #buildUser(String)}.
+ * method {@link #buildUser(DN)}.
*
* @param userDNs
* The distinguished-names (DNs) of the users whose information
@@ -214,10 +215,10 @@ public class ReadOnlyLDAPUsersDAO implements UsersDAO, Configurable {
* @throws LDAPException
* Propagated from the underlying LDAP communication layer.
*/
- private Collection<ReadOnlyLDAPUser> buildUserCollection(Collection<String> userDNs) throws LDAPException {
+ private Collection<ReadOnlyLDAPUser> buildUserCollection(Collection<DN> userDNs) throws LDAPException {
List<ReadOnlyLDAPUser> results = new ArrayList<>();
- for (String userDN : userDNs) {
+ for (DN userDN : userDNs) {
Optional<ReadOnlyLDAPUser> user = buildUser(userDN);
user.ifPresent(results::add);
}
@@ -240,15 +241,15 @@ public class ReadOnlyLDAPUsersDAO implements UsersDAO, Configurable {
}
if (!ldapConfiguration.getRestriction().isActivated()
- || userInGroupsMembershipList(result.getDN(), ldapConfiguration.getRestriction().getGroupMembershipLists(ldapConnectionPool))) {
+ || userInGroupsMembershipList(result.getParsedDN(), ldapConfiguration.getRestriction().getGroupMembershipLists(ldapConnectionPool))) {
- return new ReadOnlyLDAPUser(name, result.getDN(), ldapConnectionPool, ldapConfiguration);
+ return new ReadOnlyLDAPUser(name, result.getParsedDN(), ldapConnectionPool, ldapConfiguration);
}
return null;
}
- private Optional<ReadOnlyLDAPUser> buildUser(String userDN) throws LDAPException {
- SearchResultEntry userAttributes = ldapConnectionPool.getEntry(userDN);
+ private Optional<ReadOnlyLDAPUser> buildUser(DN userDN) throws LDAPException {
+ SearchResultEntry userAttributes = ldapConnectionPool.getEntry(userDN.toString());
Optional<String> userName = Optional.ofNullable(userAttributes.getAttributeValue(ldapConfiguration.getUserIdAttribute()));
return userName
.map(Username::of)
@@ -292,7 +293,7 @@ public class ReadOnlyLDAPUsersDAO implements UsersDAO, Configurable {
return getAllUsernamesFromLDAP().count();
}
- return getValidUsers().stream()
+ return getValidUserDNs().stream()
.map(Throwing.function(this::buildUser).sneakyThrow())
.flatMap(Optional::stream)
.count();
@@ -335,22 +336,22 @@ public class ReadOnlyLDAPUsersDAO implements UsersDAO, Configurable {
return getAllUsernamesFromLDAP().iterator();
}
- return buildUserCollection(getValidUsers())
+ return buildUserCollection(getValidUserDNs())
.stream()
.map(ReadOnlyLDAPUser::getUserName)
.iterator();
}
- private Collection<String> getValidUsers() throws LDAPException {
- Set<String> userDNs = getAllUsersDNFromLDAP();
- Collection<String> validUserDNs;
+ private Collection<DN> getValidUserDNs() throws LDAPException {
+ Set<DN> userDNs = getAllUsersDNFromLDAP();
+ Collection<DN> validUserDNs;
if (ldapConfiguration.getRestriction().isActivated()) {
- Map<String, Collection<String>> groupMembershipList = ldapConfiguration.getRestriction()
+ Map<String, Collection<DN>> groupMembershipList = ldapConfiguration.getRestriction()
.getGroupMembershipLists(ldapConnectionPool);
validUserDNs = new ArrayList<>();
- Iterator<String> userDNIterator = userDNs.iterator();
- String userDN;
+ Iterator<DN> userDNIterator = userDNs.iterator();
+ DN userDN;
while (userDNIterator.hasNext()) {
userDN = userDNIterator.next();
if (userInGroupsMembershipList(userDN, groupMembershipList)) {
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org
For additional commands, e-mail: notifications-help@james.apache.org