mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
29584 Commits
59 Branches
Tree: a5e56c8d40
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a5e56c8d40'
${ noResults }
sonarqube/server/sonar-auth-ldap/src/main/java/org/sonar/auth/ldap/LdapGroupMapping.java

LdapGroupMapping.java 4.1KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2020 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.auth.ldap;

  21. 

  22. import java.util.Arrays;

  23. import javax.naming.NamingException;

  24. import javax.naming.directory.Attribute;

  25. import javax.naming.directory.SearchResult;

  26. import org.apache.commons.lang.StringUtils;

  27. import org.sonar.api.config.Configuration;

  28. 

  29. /**

  30.  * @author Evgeny Mandrikov

  31.  */

  32. public class LdapGroupMapping {

  33. 

  34.   private static final String DEFAULT_ID_ATTRIBUTE = "cn";

  35.   private static final String DEFAULT_REQUEST = "(&(objectClass=groupOfUniqueNames)(uniqueMember={dn}))";

  36. 

  37.   private final String baseDn;

  38.   private final String idAttribute;

  39.   private final String request;

  40.   private final String[] requiredUserAttributes;

  41. 

  42.   /**

  43.    * Constructs mapping from Sonar settings.

  44.    */

  45.   public LdapGroupMapping(Configuration config, String settingsPrefix) {

  46.     this.baseDn = config.get(settingsPrefix + ".group.baseDn").orElse(null);

  47.     this.idAttribute = StringUtils.defaultString(config.get(settingsPrefix + ".group.idAttribute").orElse(null), DEFAULT_ID_ATTRIBUTE);

  48. 

  49.     String req = StringUtils.defaultString(config.get(settingsPrefix + ".group.request").orElse(null), DEFAULT_REQUEST);

  50.     this.requiredUserAttributes = StringUtils.substringsBetween(req, "{", "}");

  51.     for (int i = 0; i < requiredUserAttributes.length; i++) {

  52.       req = StringUtils.replace(req, "{" + requiredUserAttributes[i] + "}", "{" + i + "}");

  53.     }

  54.     this.request = req;

  55.   }

  56. 

  57.   /**

  58.    * Search for this mapping.

  59.    */

  60.   public LdapSearch createSearch(LdapContextFactory contextFactory, SearchResult user) {

  61.     String[] attrs = getRequiredUserAttributes();

  62.     String[] parameters = new String[attrs.length];

  63.     for (int i = 0; i < parameters.length; i++) {

  64.       String attr = attrs[i];

  65.       if ("dn".equals(attr)) {

  66.         parameters[i] = user.getNameInNamespace();

  67.       } else {

  68.         parameters[i] = getAttributeValue(user, attr);

  69.       }

  70.     }

  71.     return new LdapSearch(contextFactory)

  72.       .setBaseDn(getBaseDn())

  73.       .setRequest(getRequest())

  74.       .setParameters(parameters)

  75.       .returns(getIdAttribute());

  76.   }

  77. 

  78.   private static String getAttributeValue(SearchResult user, String attributeId) {

  79.     Attribute attribute = user.getAttributes().get(attributeId);

  80.     if (attribute == null) {

  81.       return null;

  82.     }

  83.     try {

  84.       return (String) attribute.get();

  85.     } catch (NamingException e) {

  86.       throw new IllegalArgumentException(e);

  87.     }

  88.   }

  89. 

  90.   /**

  91.    * Base DN. For example "ou=groups,o=mycompany".

  92.    */

  93.   public String getBaseDn() {

  94.     return baseDn;

  95.   }

  96. 

  97.   /**

  98.    * Group ID Attribute. For example "cn".

  99.    */

  100.   public String getIdAttribute() {

  101.     return idAttribute;

  102.   }

  103. 

  104.   /**

  105.    * Request. For example:

  106.    * <pre>

  107.    * (&(objectClass=groupOfUniqueNames)(uniqueMember={0}))

  108.    * (&(objectClass=posixGroup)(memberUid={0}))

  109.    * (&(|(objectClass=groupOfUniqueNames)(objectClass=posixGroup))(|(uniqueMember={0})(memberUid={1})))

  110.    * </pre>

  111.    */

  112.   public String getRequest() {

  113.     return request;

  114.   }

  115. 

  116.   /**

  117.    * Attributes of user required for search of groups.

  118.    */

  119.   public String[] getRequiredUserAttributes() {

  120.     return requiredUserAttributes;

  121.   }

  122. 

  123.   @Override

  124.   public String toString() {

  125.     return getClass().getSimpleName() + "{" +

  126.       "baseDn=" + getBaseDn() +

  127.       ", idAttribute=" + getIdAttribute() +

  128.       ", requiredUserAttributes=" + Arrays.toString(getRequiredUserAttributes()) +

  129.       ", request=" + getRequest() +

  130.       "}";

  131.   }

  132. 

  133. }