nosu
/
taskana
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

TSK-1024: Refactor and clean up LdapClient changes

This commit is contained in:
Benjamin Eckstein 2020-01-30 09:09:29 +01:00
parent 34d6bfdae6
commit 99e2caadec
2 changed files with 36 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
rest/taskana-rest-spring/src/main/java/pro/taskana/ldap/LdapClient.java
View File

@ -73,6 +73,14 @@ public class LdapClient {
private String message; private String message;
/**
* Search LDAP for matching users or groups.
*
* @param name lookup string for names or groups
* @return a list of AccessIdResources sorted by AccessId and limited to
* maxNumberOfReturnedAccessIds
* @throws InvalidArgumentException if input is shorter than minSearchForLength
*/
public List<AccessIdResource> searchUsersAndGroups(final String name) public List<AccessIdResource> searchUsersAndGroups(final String name)
throws InvalidArgumentException { throws InvalidArgumentException {
LOGGER.debug("entry to searchUsersAndGroups(name = {})", name); LOGGER.debug("entry to searchUsersAndGroups(name = {})", name);
@ -159,19 +167,12 @@ public class LdapClient {
} }
andFilter.and(orFilter); andFilter.and(orFilter);
String[] groupAttributesToReturn;
if (CN.equals(groupNameAttribute)) {
groupAttributesToReturn = new String[] {CN};
} else {
groupAttributesToReturn = new String[] {getGroupNameAttribute(), CN};
}
final List<AccessIdResource> accessIds = final List<AccessIdResource> accessIds =
ldapTemplate.search( ldapTemplate.search(
getGroupSearchBase(), getGroupSearchBase(),
andFilter.encode(), andFilter.encode(),
SearchControls.SUBTREE_SCOPE, SearchControls.SUBTREE_SCOPE,
groupAttributesToReturn, getLookUpGoupAttributesToReturn(),
new GroupContextMapper()); new GroupContextMapper());
LOGGER.debug( LOGGER.debug(
"Exit from searchGroupsByName. Retrieved the following groups: {}", "Exit from searchGroupsByName. Retrieved the following groups: {}",
@ -189,22 +190,29 @@ public class LdapClient {
// given DN. // given DN.
// https://stackoverflow.com/questions/55285743/spring-ldaptemplate-how-to-lookup-fully-qualified-dn-with-configured-base-dn // https://stackoverflow.com/questions/55285743/spring-ldaptemplate-how-to-lookup-fully-qualified-dn-with-configured-base-dn
// Therefore we have to remove the base name from the dn before performing the lookup // Therefore we have to remove the base name from the dn before performing the lookup
// (?i) --> case insensitive replacement String nameWithoutBaseDn = getNameWithoutBaseDn(name);
String nameWithoutBaseDn = name.replaceAll("(?i)" + Pattern.quote("," + baseDn), "");
LOGGER.debug( LOGGER.debug(
"Removes baseDN {} from given DN. New DN to be used: {}", baseDn, nameWithoutBaseDn); "Removes baseDN {} from given DN. New DN to be used: {}", baseDn, nameWithoutBaseDn);
String[] groupAttributesToReturn;
if (CN.equals(groupNameAttribute)) {
groupAttributesToReturn = new String[] {CN};
} else {
groupAttributesToReturn = new String[] {getGroupNameAttribute(), CN};
}
final AccessIdResource accessId = final AccessIdResource accessId =
ldapTemplate.lookup(nameWithoutBaseDn, groupAttributesToReturn, new GroupContextMapper()); ldapTemplate.lookup(
nameWithoutBaseDn, getLookUpGoupAttributesToReturn(), new GroupContextMapper());
LOGGER.debug("Exit from searchGroupByDn. Retrieved the following group: {}", accessId); LOGGER.debug("Exit from searchGroupByDn. Retrieved the following group: {}", accessId);
return accessId; return accessId;
} }
String getNameWithoutBaseDn(String name) {
// (?i) --> case insensitive replacement
return name.replaceAll("(?i)" + Pattern.quote("," + baseDn), "");
}
String[] getLookUpGoupAttributesToReturn() {
if (CN.equals(groupNameAttribute)) {
return new String[] {CN};
} else {
return new String[] {getGroupNameAttribute(), CN};
}
}
public List<AccessIdResource> searchGroupsofUsersIsMember(final String name) public List<AccessIdResource> searchGroupsofUsersIsMember(final String name)
throws InvalidArgumentException { throws InvalidArgumentException {
LOGGER.debug("entry to searchGroupsofUsersIsMember(name = {}).", name); LOGGER.debug("entry to searchGroupsofUsersIsMember(name = {}).", name);

12
rest/taskana-rest-spring/src/test/java/pro/taskana/ldap/LdapClientTest.java
View File

@ -1,5 +1,6 @@
package pro.taskana.ldap; package pro.taskana.ldap;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq; import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verify;
@ -24,7 +25,7 @@ class LdapClientTest {
@InjectMocks LdapClient cut; @InjectMocks LdapClient cut;
@Test @Test
void testLdap() { void testLdap_searchGroupByDn() {
setUpEnvMock(); setUpEnvMock();
cut.init(); cut.init();
@ -36,6 +37,15 @@ class LdapClientTest {
eq("cn=developersgroup,ou=groups"), any(), any(LdapClient.GroupContextMapper.class)); eq("cn=developersgroup,ou=groups"), any(), any(LdapClient.GroupContextMapper.class));
} }
@Test
void testLdap_getNameWithoutBaseDn() {
setUpEnvMock();
cut.init();
assertThat(cut.getNameWithoutBaseDn("cn=developersgroup,ou=groups,o=taskanatest"))
.isEqualTo("cn=developersgroup,ou=groups");
}
private void setUpEnvMock() { private void setUpEnvMock() {
Stream.of( Stream.of(