return userConf.getString( UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY + role );
}
- public List<String> getAllGroups()
+ public List<String> getAllGroups( DirContext context )
throws MappingException
{
- LdapConnection ldapConnection = null;
NamingEnumeration<SearchResult> namingEnumeration = null;
try
{
- ldapConnection = ldapConnectionFactory.getConnection();
-
- DirContext context = ldapConnection.getDirContext();
SearchControls searchControls = new SearchControls();
finally
{
- if ( ldapConnection != null )
+ close( namingEnumeration );
+ }
+ }
+
+ protected void closeNamingEnumeration( NamingEnumeration namingEnumeration )
+ {
+ if ( namingEnumeration != null )
+ {
+ try
{
- ldapConnection.close();
+ namingEnumeration.close();
}
- if ( namingEnumeration != null )
+ catch ( NamingException e )
{
- try
- {
- namingEnumeration.close();
- }
- catch ( NamingException e )
- {
- log.warn( "failed to close search results", e );
- }
+ log.warn( "failed to close NamingEnumeration", e );
}
}
}
- public List<String> getAllRoles()
+ public List<String> getAllRoles( DirContext context )
throws MappingException
{
- // TODO read from ldap ?
- List<String> groups = getAllGroups();
+ List<String> groups = getAllGroups( context );
if ( groups.isEmpty() )
{
return roles;
}
- public List<String> getGroupsMember( String group )
+ public List<String> getGroupsMember( String group, DirContext context )
throws MappingException
{
- LdapConnection ldapConnection = null;
NamingEnumeration<SearchResult> namingEnumeration = null;
try
{
- ldapConnection = ldapConnectionFactory.getConnection();
-
- DirContext context = ldapConnection.getDirContext();
SearchControls searchControls = new SearchControls();
finally
{
- if ( ldapConnection != null )
- {
- ldapConnection.close();
- }
close( namingEnumeration );
}
}
- public List<String> getGroups( String username )
+ public List<String> getGroups( String username, DirContext context )
throws MappingException
{
List<String> userGroups = new ArrayList<String>();
- LdapConnection ldapConnection = null;
-
NamingEnumeration<SearchResult> namingEnumeration = null;
try
{
- ldapConnection = ldapConnectionFactory.getConnection();
-
- DirContext context = ldapConnection.getDirContext();
SearchControls searchControls = new SearchControls();
{
throw new MappingException( e.getMessage(), e );
}
-
finally
{
- if ( ldapConnection != null )
- {
- ldapConnection.close();
- }
close( namingEnumeration );
}
}
- public List<String> getRoles( String username )
+ public List<String> getRoles( String username, DirContext context )
throws MappingException
{
- List<String> groups = getGroups( username );
+ List<String> groups = getGroups( username, context );
Map<String, String> rolesMapping = getLdapGroupMappings();
return map;
}
- public boolean saveRole( String roleName )
+ public boolean saveRole( String roleName, DirContext context )
throws MappingException
{
return false;
}
- List<String> allGroups = getAllGroups();
+ List<String> allGroups = getAllGroups( context );
if ( allGroups.contains( groupName ) )
{
log.info( "group {} already exists for role.", groupName, roleName );
basicAttribute.add( "uid=admin," + getBaseDn() );
attributes.put( basicAttribute );
- LdapConnection ldapConnection = null;
-
try
{
- ldapConnection = ldapConnectionFactory.getConnection();
-
- DirContext context = ldapConnection.getDirContext();
-
String dn = "cn=" + groupName + "," + this.groupsDn;
context.createSubcontext( dn, attributes );
{
throw new MappingException( e.getMessage(), e );
}
- finally
- {
- if ( ldapConnection != null )
- {
- ldapConnection.close();
- }
- }
}
- public boolean saveUserRole( String roleName, String username )
+ public boolean saveUserRole( String roleName, String username, DirContext context )
throws MappingException
{
return false;
}
- LdapConnection ldapConnection = null;
-
NamingEnumeration<SearchResult> namingEnumeration = null;
try
{
- ldapConnection = ldapConnectionFactory.getConnection();
-
- DirContext context = ldapConnection.getDirContext();
-
SearchControls searchControls = new SearchControls();
searchControls.setDerefLinkFlag( true );
finally
{
- if ( ldapConnection != null )
- {
- ldapConnection.close();
- }
if ( namingEnumeration != null )
{
try
}
}
- public boolean removeUserRole( String roleName, String username )
+ public boolean removeUserRole( String roleName, String username, DirContext context )
throws MappingException
{
String groupName = HashBiMap.create( getLdapGroupMappings() ).inverse().get( roleName );
return false;
}
- LdapConnection ldapConnection = null;
-
NamingEnumeration<SearchResult> namingEnumeration = null;
try
{
- ldapConnection = ldapConnectionFactory.getConnection();
-
- DirContext context = ldapConnection.getDirContext();
SearchControls searchControls = new SearchControls();
finally
{
- if ( ldapConnection != null )
- {
- ldapConnection.close();
- }
if ( namingEnumeration != null )
{
try
}
}
- public void removeAllRoles()
+ public void removeAllRoles( DirContext context )
throws MappingException
{
//all mapped roles
Collection<String> groups = getLdapGroupMappings().keySet();
- LdapConnection ldapConnection = null;
try
{
- ldapConnection = ldapConnectionFactory.getConnection();
-
- DirContext context = ldapConnection.getDirContext();
-
for ( String groupName : groups )
{
{
throw new MappingException( e.getMessage(), e );
}
- finally
- {
- if ( ldapConnection != null )
- {
- ldapConnection.close();
- }
- }
}
- public void removeRole( String roleName )
+ public void removeRole( String roleName, DirContext context )
throws MappingException
{
String groupName = HashBiMap.create( getLdapGroupMappings() ).inverse().get( roleName );
- LdapConnection ldapConnection = null;
try
{
- ldapConnection = ldapConnectionFactory.getConnection();
-
- DirContext context = ldapConnection.getDirContext();
String dn = "cn=" + groupName + "," + this.groupsDn;
{
throw new MappingException( e.getMessage(), e );
}
- finally
- {
- if ( ldapConnection != null )
- {
- ldapConnection.close();
- }
- }
}
//---------------------------------
*/
import junit.framework.TestCase;
+import org.apache.archiva.redback.common.ldap.connection.LdapConnection;
+import org.apache.archiva.redback.common.ldap.connection.LdapConnectionFactory;
import org.apache.archiva.redback.components.apacheds.ApacheDs;
import org.apache.archiva.redback.policy.PasswordEncoder;
import org.apache.archiva.redback.policy.encoders.SHA1PasswordEncoder;
@Named(value = "ldapRoleMapper#test")
LdapRoleMapper ldapRoleMapper;
+ @Inject
+ LdapConnectionFactory ldapConnectionFactory;
+
+ LdapConnection ldapConnection;
+
+ DirContext context;
+
private Map<String, List<String>> usersPerGroup;
private List<String> users;
makeUsers();
createGroups();
+
+
}
@After
context.unbind( suffix );
+ context.close();
+
+ ldapConnection.close();
+
apacheDs.stopServer();
super.tearDown();
}
+ protected DirContext getDirContext()
+ throws Exception
+ {
+ ldapConnection = ldapConnectionFactory.getConnection();
+ context = ldapConnection.getDirContext();
+ return context;
+ }
+
private void createGroups()
throws Exception
{
return "cn=" + cn + "," + groupSuffix;
}
+
@Test
public void getAllGroups()
throws Exception
{
- List<String> allGroups = ldapRoleMapper.getAllGroups();
+ List<String> allGroups = ldapRoleMapper.getAllGroups( getDirContext() );
log.info( "allGroups: {}", allGroups );
public void getGroupsMember()
throws Exception
{
- List<String> users = ldapRoleMapper.getGroupsMember( "archiva-admin" );
+ List<String> users = ldapRoleMapper.getGroupsMember( "archiva-admin", getDirContext() );
log.info( "users for archiva-admin: {}", users );
Assertions.assertThat( users ).isNotNull().isNotEmpty().hasSize( 2 ).contains( "admin", "user.7" );
- users = ldapRoleMapper.getGroupsMember( "internal-repo-observer" );
+ users = ldapRoleMapper.getGroupsMember( "internal-repo-observer", getDirContext() );
Assertions.assertThat( users ).isNotNull().isNotEmpty().hasSize( 3 ).contains( "admin", "user.7", "user.8" );
}
public void getGroups()
throws Exception
{
- List<String> groups = ldapRoleMapper.getGroups( "admin" );
+ List<String> groups = ldapRoleMapper.getGroups( "admin", getDirContext() );
log.info( "groups for admin: {}", groups );
"internal-repo-manager",
"internal-repo-observer" );
- groups = ldapRoleMapper.getGroups( "user.8" );
+ groups = ldapRoleMapper.getGroups( "user.8", getDirContext() );
Assertions.assertThat( groups ).isNotNull().isNotEmpty().hasSize( 1 ).contains( "internal-repo-observer" );
- groups = ldapRoleMapper.getGroups( "user.7" );
+ groups = ldapRoleMapper.getGroups( "user.7", getDirContext() );
Assertions.assertThat( groups ).isNotNull().isNotEmpty().hasSize( 2 ).contains( "archiva-admin",
"internal-repo-observer" );
public void getRoles()
throws Exception
{
- List<String> roles = ldapRoleMapper.getRoles( "admin" );
+ List<String> roles = ldapRoleMapper.getRoles( "admin", getDirContext() );
log.info( "roles for admin: {}", roles );
"Internal Repo Manager",
"Internal Repo Observer" );
- roles = ldapRoleMapper.getRoles( "user.7" );
+ roles = ldapRoleMapper.getRoles( "user.7", getDirContext() );
log.info( "roles for user.7: {}", roles );
Assertions.assertThat( roles ).isNotNull().isNotEmpty().hasSize( 2 ).contains( "Archiva System Administrator",
"Internal Repo Observer" );
- roles = ldapRoleMapper.getRoles( "user.8" );
+ roles = ldapRoleMapper.getRoles( "user.8", getDirContext() );
log.info( "roles for user.8: {}", roles );
import javax.annotation.PostConstruct;
import javax.inject.Inject;
import javax.inject.Named;
+import javax.naming.NamingException;
+import javax.naming.directory.DirContext;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
{
if ( writableLdap )
{
+ LdapConnection ldapConnection = null;
+ DirContext context = null;
try
{
- ldapRoleMapper.removeAllRoles();
+ ldapConnection = ldapConnectionFactory.getConnection();
+ context = ldapConnection.getDirContext();
+ ldapRoleMapper.removeAllRoles( context );
}
catch ( MappingException e )
{
log.warn( "skip error removing all roles {}", e.getMessage() );
}
+ catch ( LdapException e )
+ {
+ log.warn( "skip error removing all roles {}", e.getMessage() );
+ }
+ finally
+ {
+ closeContext( context );
+ closeLdapConnection( ldapConnection );
+ }
}
this.rbacImpl.eraseDatabase();
}
public List<Role> getAllRoles()
throws RbacManagerException
{
+ LdapConnection ldapConnection = null;
+ DirContext context = null;
try
{
- List<String> groups = ldapRoleMapper.getAllGroups();
+ ldapConnection = ldapConnectionFactory.getConnection();
+ context = ldapConnection.getDirContext();
+
+ List<String> groups = ldapRoleMapper.getAllGroups( context );
return mapToRoles( groups );
}
catch ( MappingException e )
{
throw new RbacManagerException( e.getMessage(), e );
}
+ catch ( LdapException e )
+ {
+ throw new RbacManagerException( e.getMessage(), e );
+ }
+ finally
+ {
+ closeContext( context );
+ closeLdapConnection( ldapConnection );
+ }
//return this.rbacImpl.getAllRoles();
}
public List<UserAssignment> getAllUserAssignments()
throws RbacManagerException
{
- // TODO FROM ldap or from real impl ?
- //return this.rbacImpl.getAllUserAssignments();
LdapConnection ldapConnection = null;
+ DirContext context = null;
try
{
ldapConnection = ldapConnectionFactory.getConnection();
- Map<String, Collection<String>> usersWithRoles =
- ldapController.findUsersWithRoles( ldapConnection.getDirContext() );
+ context = ldapConnection.getDirContext();
+ Map<String, Collection<String>> usersWithRoles = ldapController.findUsersWithRoles( context );
List<UserAssignment> userAssignments = new ArrayList<UserAssignment>( usersWithRoles.size() );
for ( Map.Entry<String, Collection<String>> entry : usersWithRoles.entrySet() )
}
finally
{
- if ( ldapConnection != null )
+ closeContext( context );
+ closeLdapConnection( ldapConnection );
+ }
+ }
+
+ protected void closeLdapConnection( LdapConnection ldapConnection )
+ {
+ if ( ldapConnection != null )
+ {
+ ldapConnection.close();
+ }
+ }
+
+ protected void closeContext( DirContext context )
+ {
+ if ( context != null )
+ {
+ try
+ {
+ context.close();
+ }
+ catch ( NamingException e )
{
- ldapConnection.close();
+ log.warn( "skip issue closing context: {}", e.getMessage() );
}
}
}
public Collection<Role> getAssignedRoles( String username )
throws RbacManagerException
{
+
+ LdapConnection ldapConnection = null;
+ DirContext context = null;
+
try
{
- // TODO here !!
- List<String> roleNames = ldapRoleMapper.getRoles( username );
+
+ ldapConnection = ldapConnectionFactory.getConnection();
+ context = ldapConnection.getDirContext();
+ List<String> roleNames = ldapRoleMapper.getRoles( username, context );
if ( roleNames.isEmpty() )
{
{
throw new RbacManagerException( e.getMessage(), e );
}
+ catch ( LdapException e )
+ {
+ throw new RbacManagerException( e.getMessage(), e );
+ }
}
public Collection<Role> getAssignedRoles( UserAssignment userAssignment )
}
/**
- public Collection<Role> getEffectivelyAssignedRoles( String username )
- throws RbacManagerException
- {
- // TODO here !!
- return this.rbacImpl.getEffectivelyAssignedRoles( username );
- }**/
+ public Collection<Role> getEffectivelyAssignedRoles( String username )
+ throws RbacManagerException
+ {
+ // TODO here !!
+ return this.rbacImpl.getEffectivelyAssignedRoles( username );
+ }**/
/**
- public Collection<Role> getEffectivelyUnassignedRoles( String username )
- throws RbacManagerException
- {
- // TODO here !!
- return this.rbacImpl.getEffectivelyUnassignedRoles( username );
- }**/
+ * public Collection<Role> getEffectivelyUnassignedRoles( String username )
+ * throws RbacManagerException
+ * {
+ * // TODO here !!
+ * return this.rbacImpl.getEffectivelyUnassignedRoles( username );
+ * }*
+ */
public Set<Role> getEffectiveRoles( Role role )
throws RbacManagerException
public Role getRole( String roleName )
throws RbacManagerException
{
+
+ LdapConnection ldapConnection = null;
+ DirContext context = null;
//verify it's a ldap group
try
{
- if ( !ldapRoleMapper.getAllRoles().contains( roleName ) )
+ ldapConnection = ldapConnectionFactory.getConnection();
+ context = ldapConnection.getDirContext();
+ if ( !ldapRoleMapper.getAllRoles( context ).contains( roleName ) )
{
return null;
}
{
throw new RbacManagerException( e.getMessage(), e );
}
+ catch ( LdapException e )
+ {
+ throw new RbacManagerException( e.getMessage(), e );
+ }
return this.rbacImpl.getRole( roleName );
}
public Collection<Role> getUnassignedRoles( String username )
throws RbacManagerException
{
+ LdapConnection ldapConnection = null;
+
+ DirContext context = null;
+
try
{
- List<String> allRoles = ldapRoleMapper.getAllRoles();
- final List<String> userRoles = ldapRoleMapper.getRoles( username );
+
+ ldapConnection = ldapConnectionFactory.getConnection();
+
+ context = ldapConnection.getDirContext();
+
+ List<String> allRoles = ldapRoleMapper.getAllRoles( context );
+ final List<String> userRoles = ldapRoleMapper.getRoles( username, context );
List<Role> unassignedRoles = new ArrayList<Role>();
{
throw new RbacManagerException( e.getMessage(), e );
}
+ catch ( LdapException e )
+ {
+ throw new RbacManagerException( e.getMessage(), e );
+ }
+ finally
+ {
+ closeContext( context );
+ closeLdapConnection( ldapConnection );
+ }
}
public UserAssignment getUserAssignment( String username )
throws RbacManagerException
{
+ LdapConnection ldapConnection = null;
+ DirContext context = null;
try
{
- List<String> roles = ldapRoleMapper.getRoles( username );
+ ldapConnection = ldapConnectionFactory.getConnection();
+ context = ldapConnection.getDirContext();
+ List<String> roles = ldapRoleMapper.getRoles( username, context );
return new UserAssignmentImpl( username, roles );
}
{
throw new RbacManagerException( e.getMessage(), e );
}
+ catch ( LdapException e )
+ {
+ throw new RbacManagerException( e.getMessage(), e );
+ }
+ finally
+ {
+ closeContext( context );
+ closeLdapConnection( ldapConnection );
+ }
//return this.rbacImpl.getUserAssignment( username );
}
}
if ( writableLdap )
{
+ LdapConnection ldapConnection = null;
+ DirContext context = null;
try
{
- ldapRoleMapper.removeRole( role.getName() );
+ ldapConnection = ldapConnectionFactory.getConnection();
+ context = ldapConnection.getDirContext();
+ ldapRoleMapper.removeRole( role.getName(), context );
}
catch ( MappingException e )
{
throw new RbacManagerException( e.getMessage(), e );
}
+ catch ( LdapException e )
+ {
+ throw new RbacManagerException( e.getMessage(), e );
+ }
fireRbacRoleRemoved( role );
}
}
{
return false;
}
+ LdapConnection ldapConnection = null;
+ DirContext context = null;
try
{
- return ldapRoleMapper.getAllRoles().contains( name );
+ ldapConnection = ldapConnectionFactory.getConnection();
+ context = ldapConnection.getDirContext();
+ return ldapRoleMapper.getAllRoles( context ).contains( name );
}
- catch ( Exception e )
+ catch ( MappingException e )
{
throw new RbacManagerException( e.getMessage(), e );
}
+ catch ( LdapException e )
+ {
+ throw new RbacManagerException( e.getMessage(), e );
+ }
+ finally
+ {
+ closeContext( context );
+ closeLdapConnection( ldapConnection );
+ }
}
public Operation saveOperation( Operation operation )
{
if ( writableLdap )
{
+ LdapConnection ldapConnection = null;
+ DirContext context = null;
try
{
- ldapRoleMapper.saveRole( role.getName() );
+ ldapConnection = ldapConnectionFactory.getConnection();
+ context = ldapConnection.getDirContext();
+ ldapRoleMapper.saveRole( role.getName(), context );
if ( !role.getChildRoleNames().isEmpty() )
{
for ( String roleName : role.getChildRoleNames() )
{
- ldapRoleMapper.saveRole( roleName );
+ ldapRoleMapper.saveRole( roleName, context );
}
}
fireRbacRoleSaved( role );
{
throw new RbacManagerException( e.getMessage(), e );
}
+ catch ( LdapException e )
+ {
+ throw new RbacManagerException( e.getMessage(), e );
+ }
}
return this.rbacImpl.saveRole( role );
//return new RoleImpl( role.getName(), role.getPermissions() );
{
if ( writableLdap )
{
+ LdapConnection ldapConnection = null;
+ DirContext context = null;
try
{
+
+ ldapConnection = ldapConnectionFactory.getConnection();
+ context = ldapConnection.getDirContext();
for ( Role role : roles )
{
- ldapRoleMapper.saveRole( role.getName() );
+ ldapRoleMapper.saveRole( role.getName(), context );
fireRbacRoleSaved( role );
}
}
{
throw new RbacManagerException( e.getMessage(), e );
}
+ catch ( LdapException e )
+ {
+ throw new RbacManagerException( e.getMessage(), e );
+ }
}
this.rbacImpl.saveRoles( roles );
public UserAssignment saveUserAssignment( UserAssignment userAssignment )
throws RbacManagerException
{
-
+ LdapConnection ldapConnection = null;
+ DirContext context = null;
try
{
if ( !userManager.userExists( userAssignment.getPrincipal() ) )
User user = userManager.createUser( userAssignment.getPrincipal(), null, null );
userManager.addUser( user );
}
+ ldapConnection = ldapConnectionFactory.getConnection();
+ context = ldapConnection.getDirContext();
+ List<String> allRoles = ldapRoleMapper.getAllRoles( context );
- List<String> allRoles = ldapRoleMapper.getAllRoles();
-
- List<String> currentUserRoles = ldapRoleMapper.getRoles( userAssignment.getPrincipal() );
+ List<String> currentUserRoles = ldapRoleMapper.getRoles( userAssignment.getPrincipal(), context );
for ( String role : userAssignment.getRoleNames() )
{
// role exists in ldap ?
if ( !allRoles.contains( role ) )
{
- ldapRoleMapper.saveRole( role );
+ ldapRoleMapper.saveRole( role, context );
allRoles.add( role );
}
- ldapRoleMapper.saveUserRole( role, userAssignment.getPrincipal() );
+ ldapRoleMapper.saveUserRole( role, userAssignment.getPrincipal(), context );
currentUserRoles.add( role );
}
}
{
if ( !userAssignment.getRoleNames().contains( role ) && writableLdap )
{
- ldapRoleMapper.removeUserRole( role, userAssignment.getPrincipal() );
+ ldapRoleMapper.removeUserRole( role, userAssignment.getPrincipal(), context );
}
}
{
throw new RbacManagerException( e.getMessage(), e );
}
+ catch ( LdapException e )
+ {
+ throw new RbacManagerException( e.getMessage(), e );
+ }
+ finally
+ {
+ closeContext( context );
+ closeLdapConnection( ldapConnection );
+ }
//this.rbacImpl.saveUserAssignment( userAssignment );
projects / archiva.git / commitdiff