TSK-1024: add LDAP lookup for group by dn
This commit is contained in:
parent
6a5736527e
commit
226c30bf73
|
@ -30,27 +30,44 @@ import pro.taskana.rest.resource.AccessIdResource;
|
|||
public class LdapClient {
|
||||
|
||||
public static final String TASKANA_USE_LDAP_PROP_NAME = "taskana.ldap.useLdap";
|
||||
|
||||
private static final Logger LOGGER = LoggerFactory.getLogger(LdapClient.class);
|
||||
|
||||
private static final String CN = "cn";
|
||||
|
||||
private boolean active = false;
|
||||
|
||||
@Autowired private Environment env;
|
||||
|
||||
@Autowired(required = false)
|
||||
private LdapTemplate ldapTemplate;
|
||||
|
||||
private String userSearchBase;
|
||||
|
||||
private String userSearchFilterName;
|
||||
|
||||
private String userSearchFilterValue;
|
||||
|
||||
private String userFirstnameAttribute;
|
||||
|
||||
private String userLastnameAttribute;
|
||||
|
||||
private String userIdAttribute;
|
||||
|
||||
private String groupSearchBase;
|
||||
|
||||
private String groupSearchFilterName;
|
||||
|
||||
private String groupSearchFilterValue;
|
||||
|
||||
private String groupNameAttribute;
|
||||
|
||||
private String groupsOfUser;
|
||||
|
||||
private int minSearchForLength;
|
||||
|
||||
private int maxNumberOfReturnedAccessIds;
|
||||
|
||||
private String message;
|
||||
|
||||
public List<AccessIdResource> searchUsersAndGroups(final String name)
|
||||
|
@ -62,19 +79,25 @@ public class LdapClient {
|
|||
}
|
||||
testMinSearchForLength(name);
|
||||
|
||||
List<AccessIdResource> users = searchUsersByName(name);
|
||||
users.addAll(searchGroupsByName(name));
|
||||
users.sort(
|
||||
List<AccessIdResource> accessIds = searchUsersByName(name);
|
||||
accessIds.addAll(searchGroupsByName(name));
|
||||
// TODO: remove try/catch as once the fix is verified
|
||||
try {
|
||||
accessIds.add(searchGroupByDn(name));
|
||||
} catch (Throwable t) {
|
||||
t.printStackTrace();
|
||||
}
|
||||
accessIds.sort(
|
||||
(AccessIdResource a, AccessIdResource b) -> {
|
||||
return a.getAccessId().compareToIgnoreCase(b.getAccessId());
|
||||
});
|
||||
|
||||
List<AccessIdResource> result =
|
||||
users.subList(0, Math.min(users.size(), maxNumberOfReturnedAccessIds));
|
||||
accessIds.subList(0, Math.min(accessIds.size(), maxNumberOfReturnedAccessIds));
|
||||
LOGGER.debug(
|
||||
"exit from searchUsersAndGroups(name = {}). Returning {} users and groups: {}",
|
||||
name,
|
||||
users.size(),
|
||||
accessIds.size(),
|
||||
LoggerUtils.listToString(result));
|
||||
|
||||
return result;
|
||||
|
@ -153,6 +176,26 @@ public class LdapClient {
|
|||
return accessIds;
|
||||
}
|
||||
|
||||
public AccessIdResource searchGroupByDn(final String name) {
|
||||
LOGGER.debug("entry to searchGroupByDn(name = {}).", name);
|
||||
if (!active) {
|
||||
throw new SystemException(
|
||||
"LdapClient was called but is not active due to missing configuration: " + message);
|
||||
}
|
||||
|
||||
String[] groupAttributesToReturn;
|
||||
if (CN.equals(groupNameAttribute)) {
|
||||
groupAttributesToReturn = new String[] {CN};
|
||||
} else {
|
||||
groupAttributesToReturn = new String[] {getGroupNameAttribute(), CN};
|
||||
}
|
||||
|
||||
final AccessIdResource accessId =
|
||||
ldapTemplate.lookup(name, groupAttributesToReturn, new GroupContextMapper());
|
||||
LOGGER.debug("Exit from searchGroupByDn. Retrieved the following group: {}", accessId);
|
||||
return accessId;
|
||||
}
|
||||
|
||||
public List<AccessIdResource> searchGroupsofUsersIsMember(final String name)
|
||||
throws InvalidArgumentException {
|
||||
LOGGER.debug("entry to searchGroupsofUsersIsMember(name = {}).", name);
|
||||
|
|
|
@ -0,0 +1,52 @@
|
|||
package pro.taskana.rest;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
import java.util.List;
|
||||
import org.junit.jupiter.api.BeforeAll;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.core.ParameterizedTypeReference;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
import pro.taskana.RestHelper;
|
||||
import pro.taskana.TaskanaSpringBootTest;
|
||||
import pro.taskana.rest.resource.AccessIdResource;
|
||||
|
||||
@TaskanaSpringBootTest
|
||||
class AccessIdControllerIntTest {
|
||||
|
||||
private static RestTemplate template;
|
||||
|
||||
@Autowired RestHelper restHelper;
|
||||
|
||||
@BeforeAll
|
||||
static void init() {
|
||||
template = RestHelper.getRestTemplate();
|
||||
}
|
||||
|
||||
@Test
|
||||
void testQueryGroupsByDn() {
|
||||
ResponseEntity<List<AccessIdResource>> response =
|
||||
template.exchange(
|
||||
restHelper.toUrl(Mapping.URL_ACCESSID)
|
||||
+ "?search-for=cn=developersgroup,ou=groups,o=taskanatest",
|
||||
HttpMethod.GET,
|
||||
restHelper.defaultRequest(),
|
||||
ParameterizedTypeReference.forType(List.class));
|
||||
assertEquals(1, response.getBody().size());
|
||||
}
|
||||
|
||||
@Test
|
||||
void testQueryGroupsByCn() {
|
||||
ResponseEntity<List<AccessIdResource>> response =
|
||||
template.exchange(
|
||||
restHelper.toUrl(Mapping.URL_ACCESSID) + "?search-for=developer",
|
||||
HttpMethod.GET,
|
||||
restHelper.defaultRequest(),
|
||||
ParameterizedTypeReference.forType(List.class));
|
||||
assertEquals(1, response.getBody().size());
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue