private boolean doesExist(final DirContext ctx, final String ou, final String... organizationalUnits) throws NamingException { NamingEnumeration< ? > results = null; final SearchControls controls = new SearchControls(); controls.setSearchScope(SearchControls.ONELEVEL_SCOPE); final String searchBase = LdapUtils.getOu(organizationalUnits); results = ctx.search(searchBase, "(&(objectClass=" + OBJECT_CLASS + ")(" + LdapUtils.getOu(ou) + "))", controls); return results.hasMore() == true; }
protected String getSearchBase(final String... organizationalUnits) { String searchBase = LdapUtils.getOu(organizationalUnits); if (StringUtils.isBlank(searchBase) == true) { searchBase = getOuBase(); if (StringUtils.isBlank(searchBase) == true) { log.warn("Oups, no search-base (ou) given. Searching in whole LDAP tree!"); } } return searchBase; }
@Override protected Object call() throws NameNotFoundException, Exception { final String path = LdapUtils.getOu(ou, organizationalUnits); if (doesExist(ctx, ou, organizationalUnits) == false) { log.info(OBJECT_CLASS + " doesn't exist and can't delete it (OK): " + path); return null; } log.info("Delete " + OBJECT_CLASS + ": " + path); ctx.unbind(path); return null; } }.excecute();
public void reactivateUser(final DirContext ctx, final LdapUser user) throws NamingException { log.info("Reactivate deactivated user: " + buildDn(null, user)); final String ou = LdapUtils.getOu(user.getOrganizationalUnit()); if (ou.startsWith(DEACTIVATED_SUB_CONTEXT2) == false) { log.info("Object isn't in a deactivated sub-context, nothing will be done: " + buildDn(null, user)); return; } String newPath; if (ou.startsWith(DEACTIVATED_SUB_CONTEXT3) == true) { newPath = ou.substring(DEACTIVATED_SUB_CONTEXT3.length()); } else { newPath = ou.substring(DEACTIVATED_SUB_CONTEXT2.length()); } move(ctx, user, newPath); user.setOrganizationalUnit(newPath); }
public boolean isRestrictedUser(final LdapUser user) { return user.isRestrictedUser() || user.getOrganizationalUnit() != null && LdapUtils.getOu(user.getOrganizationalUnit()).contains(RESTRICTED_USER_SUB_CONTEXT) == true; }
public boolean isDeactivated(final LdapUser user) { return user.isDeactivated() || user.getOrganizationalUnit() != null && LdapUtils.getOu(user.getOrganizationalUnit()).contains(DEACTIVATED_SUB_CONTEXT) == true; }
void updateActivatedStatus(final DirContext ctx, final LdapUser user) throws NamingException { final String ou = LdapUtils.getOu(user.getOrganizationalUnit()); if (user.isDeactivated() == true) { if (ou.startsWith(DEACTIVATED_SUB_CONTEXT2) == true) { // User is already stored in deactivated context. Nothing to be done. return; } else { deactivateUser(ctx, user); } } else { if (ou.startsWith(DEACTIVATED_SUB_CONTEXT2) == false) { // User isn't stored in deactivated context. Nothing to be done. return; } else { reactivateUser(ctx, user); } } }
void updateRestrictedUserStatus(final DirContext ctx, final LdapUser user) throws NamingException final String ou = LdapUtils.getOu(user.getOrganizationalUnit()); if (user.isDeactivated() == true) {
private void setUserAsRestrictedUser(final DirContext ctx, final LdapUser user) throws NamingException { log.info("Move user to restricted sub context: " + buildDn(null, user)); if (user.isDeactivated() == true) { log.info("User is deactivated, thus the restricted-user-status is ignored: " + buildDn(null, user)); return; } final String ou = user.getOrganizationalUnit(); if (ou.startsWith(RESTRICTED_USER_SUB_CONTEXT2) == false) { // Move user to the sub-context "restricted". final String newOu = LdapUtils.getOu(RESTRICTED_USER_SUB_CONTEXT, user.getOrganizationalUnit()); move(ctx, user, newOu); user.setOrganizationalUnit(newOu); } }
@Test public void getOu() { assertEquals("", LdapUtils.getOu()); assertEquals("", LdapUtils.getOu(new String[0])); assertEquals("ou=users", LdapUtils.getOu("ou=users")); assertEquals("ou=users", LdapUtils.getOu("users")); assertEquals("ou=users,ou=pf", LdapUtils.getOu("ou=users,ou=pf")); assertEquals("ou=users,ou=pf", LdapUtils.getOu("users", "pf")); assertEquals("ou=users,ou=pf", LdapUtils.getOu("ou=users", "pf")); assertEquals("ou=users,ou=pf", LdapUtils.getOu("ou=users", "ou=pf")); assertEquals("ou=users,ou=pf", LdapUtils.getOu("users", "ou=pf")); assertEquals("", LdapUtils.getOu(null, null)); assertEquals("", LdapUtils.getOu(null, new String[] {})); assertEquals("ou=pf", LdapUtils.getOu(null, new String[] { "ou=pf" })); assertEquals("ou=pf,ou=pf-users", LdapUtils.getOu(null, new String[] { "ou=pf", "pf-users" })); assertEquals("ou=deactivated,ou=pf,ou=pf-users", LdapUtils.getOu("ou=deactivated", new String[] { "ou=pf", "pf-users" })); }
public void deactivateUser(final DirContext ctx, final LdapUser user) throws NamingException { log.info("Deactivate user: " + buildDn(null, user)); final List<ModificationItem> modificationItems = new ArrayList<ModificationItem>(); modificationItems.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("userPassword", null))); modificationItems .add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("mail", DEACTIVATED_MAIL))); buildDn(null, user); modify(ctx, user, modificationItems); final String ou = user.getOrganizationalUnit(); if (ou.startsWith(DEACTIVATED_SUB_CONTEXT2) == false) { // Move user to the sub-context "deactivated". final String newOu = LdapUtils.getOu(DEACTIVATED_SUB_CONTEXT, getOuBase()); move(ctx, user, newOu); user.setOrganizationalUnit(newOu); } }
public void move(final DirContext ctx, final T obj, final String newOrganizationalUnit) throws NamingException { final Object id = getId(obj); // The dn is may-be changed, so find the original dn by id: final T origObject = findById(id, obj.getOrganizationalUnit()); if (origObject == null) { throw new RuntimeException("Object with id " + id + " not found in search base '" + StringHelper.listToString(",", obj.getOrganizationalUnit()) + "'. Can't move the object: " + obj); } final String ou = LdapUtils.getOrganizationalUnit(newOrganizationalUnit); final String origOu = LdapUtils.getOu(origObject.getOrganizationalUnit()); if (StringUtils.equals(origOu, ou) == false) { log.info("Move object with id '" + obj.getId() + "' from '" + origOu + "' to '" + ou); final String dnIdentifier = buildDnIdentifier(obj); ctx.rename(dnIdentifier + "," + origOu, dnIdentifier + "," + ou); } }
@Override protected Object call() throws NameNotFoundException, Exception { final String path = LdapUtils.getOu(ou, organizationalUnits); if (doesExist(ctx, ou, organizationalUnits) == true) { log.info(OBJECT_CLASS + " does already exist (OK): " + path); return null; } log.info("Create " + OBJECT_CLASS + ": " + path); final Attributes attrs = new BasicAttributes(); final BasicAttribute ocattr = new BasicAttribute("objectclass"); ocattr.add("top"); ocattr.add(OBJECT_CLASS); attrs.put(ocattr); LdapUtils.putAttribute(attrs, "ou", ou); LdapUtils.putAttribute(attrs, "description", description); ctx.bind(path, null, attrs); return null; } }.excecute();
public void rename(final DirContext ctx, final T obj, final T oldObj) throws NamingException { final String newDnIdentifier = buildDnIdentifier(obj); final String oldDnIdentifier = buildDnIdentifier(oldObj); if (StringUtils.equals(newDnIdentifier, oldDnIdentifier) == true) { // Nothing to rename. return; } final Object id = getId(obj); // The dn is may-be changed, so find the original dn by id: final T origObject = findById(id, obj.getOrganizationalUnit()); if (origObject == null) { throw new RuntimeException("Object with id " + id + " not found in search base '" + StringHelper.listToString(",", obj.getOrganizationalUnit()) + "'. Can't rename the object: " + obj); } final String ou = LdapUtils.getOu(origObject.getOrganizationalUnit()); log.info("Rename object with id '" + obj.getId() + "' from '" + oldDnIdentifier + "' to '" + newDnIdentifier); ctx.rename(oldDnIdentifier + "," + ou, newDnIdentifier + "," + ou); }