TSK-1024: add LDAP lookup for group by dn

This commit is contained in:
Holger Hagen 2020-01-23 15:20:40 +01:00 committed by Mustapha Zorgati
parent 6a5736527e
commit 226c30bf73
2 changed files with 100 additions and 5 deletions

View File

@ -30,27 +30,44 @@ import pro.taskana.rest.resource.AccessIdResource;
public class LdapClient {
public static final String TASKANA_USE_LDAP_PROP_NAME = "taskana.ldap.useLdap";
private static final Logger LOGGER = LoggerFactory.getLogger(LdapClient.class);
private static final String CN = "cn";
private boolean active = false;
@Autowired private Environment env;
@Autowired(required = false)
private LdapTemplate ldapTemplate;
private String userSearchBase;
private String userSearchFilterName;
private String userSearchFilterValue;
private String userFirstnameAttribute;
private String userLastnameAttribute;
private String userIdAttribute;
private String groupSearchBase;
private String groupSearchFilterName;
private String groupSearchFilterValue;
private String groupNameAttribute;
private String groupsOfUser;
private int minSearchForLength;
private int maxNumberOfReturnedAccessIds;
private String message;
public List<AccessIdResource> searchUsersAndGroups(final String name)
@ -62,19 +79,25 @@ public class LdapClient {
}
testMinSearchForLength(name);
List<AccessIdResource> users = searchUsersByName(name);
users.addAll(searchGroupsByName(name));
users.sort(
List<AccessIdResource> accessIds = searchUsersByName(name);
accessIds.addAll(searchGroupsByName(name));
// TODO: remove try/catch as once the fix is verified
try {
accessIds.add(searchGroupByDn(name));
} catch (Throwable t) {
t.printStackTrace();
}
accessIds.sort(
(AccessIdResource a, AccessIdResource b) -> {
return a.getAccessId().compareToIgnoreCase(b.getAccessId());
});
List<AccessIdResource> result =
users.subList(0, Math.min(users.size(), maxNumberOfReturnedAccessIds));
accessIds.subList(0, Math.min(accessIds.size(), maxNumberOfReturnedAccessIds));
LOGGER.debug(
"exit from searchUsersAndGroups(name = {}). Returning {} users and groups: {}",
name,
users.size(),
accessIds.size(),
LoggerUtils.listToString(result));
return result;
@ -153,6 +176,26 @@ public class LdapClient {
return accessIds;
}
public AccessIdResource searchGroupByDn(final String name) {
LOGGER.debug("entry to searchGroupByDn(name = {}).", name);
if (!active) {
throw new SystemException(
"LdapClient was called but is not active due to missing configuration: " + message);
}
String[] groupAttributesToReturn;
if (CN.equals(groupNameAttribute)) {
groupAttributesToReturn = new String[] {CN};
} else {
groupAttributesToReturn = new String[] {getGroupNameAttribute(), CN};
}
final AccessIdResource accessId =
ldapTemplate.lookup(name, groupAttributesToReturn, new GroupContextMapper());
LOGGER.debug("Exit from searchGroupByDn. Retrieved the following group: {}", accessId);
return accessId;
}
public List<AccessIdResource> searchGroupsofUsersIsMember(final String name)
throws InvalidArgumentException {
LOGGER.debug("entry to searchGroupsofUsersIsMember(name = {}).", name);

View File

@ -0,0 +1,52 @@
package pro.taskana.rest;
import static org.junit.Assert.assertEquals;
import java.util.List;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.http.HttpMethod;
import org.springframework.http.ResponseEntity;
import org.springframework.web.client.RestTemplate;
import pro.taskana.RestHelper;
import pro.taskana.TaskanaSpringBootTest;
import pro.taskana.rest.resource.AccessIdResource;
@TaskanaSpringBootTest
class AccessIdControllerIntTest {
private static RestTemplate template;
@Autowired RestHelper restHelper;
@BeforeAll
static void init() {
template = RestHelper.getRestTemplate();
}
@Test
void testQueryGroupsByDn() {
ResponseEntity<List<AccessIdResource>> response =
template.exchange(
restHelper.toUrl(Mapping.URL_ACCESSID)
+ "?search-for=cn=developersgroup,ou=groups,o=taskanatest",
HttpMethod.GET,
restHelper.defaultRequest(),
ParameterizedTypeReference.forType(List.class));
assertEquals(1, response.getBody().size());
}
@Test
void testQueryGroupsByCn() {
ResponseEntity<List<AccessIdResource>> response =
template.exchange(
restHelper.toUrl(Mapping.URL_ACCESSID) + "?search-for=developer",
HttpMethod.GET,
restHelper.defaultRequest(),
ParameterizedTypeReference.forType(List.class));
assertEquals(1, response.getBody().size());
}
}