com.atlassian.crowd.directory
Class RFC4519Directory
java.lang.Object
com.atlassian.crowd.directory.SpringLDAPConnector
com.atlassian.crowd.directory.RFC4519Directory
- All Implemented Interfaces:
- LDAPDirectory, RemoteDirectory, Attributes
- Direct Known Subclasses:
- ApacheDS, MicrosoftActiveDirectory, NovelleDirectory, OpenLDAP, SunONE
public abstract class RFC4519Directory
- extends SpringLDAPConnector
Read-write, nesting-aware implementation of RFC4519 user-group membership
interactions.
A user is a member of a group if either:
- the DN of user is present in the collection of member attribute values of the group
- the user has a memberOf attribute which contains the DN of the group (must be enabled via LDAPPropertiesMapper)
- See Also:
RFC2307GidNumberMapper,
RFC2307MemberUidMapper
|
Method Summary |
protected void |
addDnToGroup(String dn,
LDAPGroupWithAttributes group)
|
void |
addGroupToGroup(String childGroup,
String parentGroup)
|
void |
addUserToGroup(String username,
String groupName)
|
Iterable<LdapName> |
findDirectMembersOfGroup(LdapName groupDn)
This method is not part of RemoteDirectory's contract. |
protected Iterable<String> |
findGroupMembershipNames(MembershipQuery<String> query)
|
protected List<? extends LDAPGroupWithAttributes> |
findGroupMemberships(MembershipQuery<? extends LDAPGroupWithAttributes> query)
|
protected
|
findGroupMembershipsOfUserViaMemberOf(String username,
int startIndex,
int maxResults,
com.atlassian.crowd.directory.RFC4519Directory.LookupByDn<T> mapper)
|
protected List<LDAPUserWithAttributes> |
findUserMembersOfGroupViaMemberDN(String groupName,
GroupType groupType,
int startIndex,
int maxResults)
|
protected Iterable<LDAPUserWithAttributes> |
findUserMembersOfGroupViaMemberOf(String groupName,
GroupType groupType,
int startIndex,
int maxResults)
|
protected List<AttributeMapper> |
getCustomGroupAttributeMappers()
As a minimum, this SHOULD provide an attribute mapper that maps the group members attribute (if available). |
protected List<AttributeMapper> |
getCustomUserAttributeMappers()
|
protected static LdapName |
getLdapName(LDAPDirectoryEntity entity)
|
protected List<AttributeMapper> |
getMemberDnMappers()
|
Iterable<Membership> |
getMemberships()
|
protected boolean |
isDnDirectGroupMember(String memberDN,
LDAPGroupWithAttributes parentGroup)
|
boolean |
isGroupDirectGroupMember(String childGroup,
String parentGroup)
|
boolean |
isUserDirectGroupMember(String username,
String groupName)
|
protected void |
removeDnFromGroup(String dn,
LDAPGroupWithAttributes group)
|
void |
removeGroupFromGroup(String childGroup,
String parentGroup)
|
void |
removeUserFromGroup(String username,
String groupName)
|
protected
|
searchGroupRelationshipsWithGroupTypeSpecified(MembershipQuery<T> query)
Execute the search for group relationships given that a group of type GROUP or LEGACY_ROLE has
been specified in the EntityDescriptor for the group(s). |
protected static
|
toGenericIterable(Iterable list)
Converts an Iterable to a generic Iterable. |
| Methods inherited from class com.atlassian.crowd.directory.SpringLDAPConnector |
addDefaultSnToUserAttributes, addDefaultValueToUserAttributesForAttribute, addGroup, addUser, asLdapGroupName, asLdapName, asLdapUserName, authenticate, createModificationItem, encodePassword, findEntityByDN, findEntityByDN, findGroupByName, findGroupByNameAndType, findGroupWithAttributesByName, findUserByExternalId, findUserByName, findUserWithAttributesByName, getAttributeAsBoolean, getAttributeAsLong, getAuthoritativeDirectory, getBaseEnvironmentProperties, getContextSource, getDirectoryId, getGroupContextMapper, getInitialGroupMemberDN, getKeys, getLdapPropertiesMapper, getNewGroupAttributes, getNewGroupDirectorySpecificAttributes, getNewUserAttributes, getNewUserDirectorySpecificAttributes, getSearchDN, getStandardisedDN, getSubTreeSearchControls, getUserContextMapper, getUserModificationItems, getValue, getValues, isEmpty, isRolesDisabled, pageSearchResults, postprocessGroups, removeGroup, removeGroupAttributes, removeUser, removeUserAttributes, renameGroup, renameUser, searchEntities, searchEntitiesWithRequestControls, searchGroupObjects, searchGroupObjectsOfSpecifiedGroupType, searchGroupRelationships, searchGroups, searchUserObjects, searchUsers, setAttributes, setDirectoryId, storeGroupAttributes, storeUserAttributes, supportsInactiveAccounts, supportsNestedGroups, testConnection, typedEntityNotFoundException, updateGroup, updateUser, updateUserCredential |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
RFC4519Directory
public RFC4519Directory(LDAPQueryTranslater ldapQueryTranslater,
com.atlassian.event.api.EventPublisher eventPublisher,
InstanceFactory instanceFactory)
getCustomGroupAttributeMappers
protected List<AttributeMapper> getCustomGroupAttributeMappers()
- Description copied from class:
SpringLDAPConnector
- As a minimum, this SHOULD provide an attribute mapper that maps the group members attribute (if available).
- Overrides:
getCustomGroupAttributeMappers in class SpringLDAPConnector
- Returns:
- collection of custom attribute mappers (cannot be null but can be an empty list).
getMemberDnMappers
protected List<AttributeMapper> getMemberDnMappers()
getCustomUserAttributeMappers
protected List<AttributeMapper> getCustomUserAttributeMappers()
- Overrides:
getCustomUserAttributeMappers in class SpringLDAPConnector
- Returns:
- a collection of custom attribute mappers. By default just return an empty list.
isDnDirectGroupMember
protected boolean isDnDirectGroupMember(String memberDN,
LDAPGroupWithAttributes parentGroup)
isUserDirectGroupMember
public boolean isUserDirectGroupMember(String username,
String groupName)
throws OperationFailedException
- Throws:
OperationFailedException
isGroupDirectGroupMember
public boolean isGroupDirectGroupMember(String childGroup,
String parentGroup)
throws OperationFailedException
- Throws:
OperationFailedException
addDnToGroup
protected void addDnToGroup(String dn,
LDAPGroupWithAttributes group)
throws OperationFailedException
- Throws:
OperationFailedException
addUserToGroup
public void addUserToGroup(String username,
String groupName)
throws GroupNotFoundException,
OperationFailedException,
UserNotFoundException,
MembershipAlreadyExistsException
- Throws:
GroupNotFoundException
OperationFailedException
UserNotFoundException
MembershipAlreadyExistsException
addGroupToGroup
public void addGroupToGroup(String childGroup,
String parentGroup)
throws GroupNotFoundException,
InvalidMembershipException,
OperationFailedException,
MembershipAlreadyExistsException
- Throws:
GroupNotFoundException
InvalidMembershipException
OperationFailedException
MembershipAlreadyExistsException
removeDnFromGroup
protected void removeDnFromGroup(String dn,
LDAPGroupWithAttributes group)
throws OperationFailedException
- Throws:
OperationFailedException
removeUserFromGroup
public void removeUserFromGroup(String username,
String groupName)
throws UserNotFoundException,
GroupNotFoundException,
MembershipNotFoundException,
OperationFailedException
- Throws:
UserNotFoundException
GroupNotFoundException
MembershipNotFoundException
OperationFailedException
removeGroupFromGroup
public void removeGroupFromGroup(String childGroup,
String parentGroup)
throws GroupNotFoundException,
MembershipNotFoundException,
InvalidMembershipException,
OperationFailedException
- Throws:
GroupNotFoundException
MembershipNotFoundException
InvalidMembershipException
OperationFailedException
getMemberships
public Iterable<Membership> getMemberships()
throws OperationFailedException
- Throws:
OperationFailedException
getLdapName
protected static LdapName getLdapName(LDAPDirectoryEntity entity)
throws OperationFailedException
- Parameters:
entity - an LDAP entity
- Returns:
- the LdapName of the entity
- Throws:
OperationFailedException - if the entity DN cannot be parsed
searchGroupRelationshipsWithGroupTypeSpecified
protected <T> Iterable<T> searchGroupRelationshipsWithGroupTypeSpecified(MembershipQuery<T> query)
throws OperationFailedException
- Description copied from class:
SpringLDAPConnector
- Execute the search for group relationships given that a group of type GROUP or LEGACY_ROLE has
been specified in the EntityDescriptor for the group(s).
- Specified by:
searchGroupRelationshipsWithGroupTypeSpecified in class SpringLDAPConnector
- Parameters:
query - membership query with all GroupType's not null.
- Returns:
- list of members or memberships depending on the query.
- Throws:
OperationFailedException - if the operation failed due to a communication error with the remote directory,
or if the query is invalid
findGroupMemberships
protected List<? extends LDAPGroupWithAttributes> findGroupMemberships(MembershipQuery<? extends LDAPGroupWithAttributes> query)
throws OperationFailedException
- Throws:
OperationFailedException
findGroupMembershipNames
protected Iterable<String> findGroupMembershipNames(MembershipQuery<String> query)
throws OperationFailedException
- Throws:
OperationFailedException
findGroupMembershipsOfUserViaMemberOf
protected <T> List<T> findGroupMembershipsOfUserViaMemberOf(String username,
int startIndex,
int maxResults,
com.atlassian.crowd.directory.RFC4519Directory.LookupByDn<T> mapper)
throws OperationFailedException
- Throws:
OperationFailedException
findUserMembersOfGroupViaMemberDN
protected List<LDAPUserWithAttributes> findUserMembersOfGroupViaMemberDN(String groupName,
GroupType groupType,
int startIndex,
int maxResults)
throws OperationFailedException
- Throws:
OperationFailedException
findUserMembersOfGroupViaMemberOf
protected Iterable<LDAPUserWithAttributes> findUserMembersOfGroupViaMemberOf(String groupName,
GroupType groupType,
int startIndex,
int maxResults)
throws OperationFailedException
- Throws:
OperationFailedException
toGenericIterable
protected static <T> Iterable<T> toGenericIterable(Iterable list)
- Converts an Iterable to a generic Iterable.
findDirectMembersOfGroup
public Iterable<LdapName> findDirectMembersOfGroup(LdapName groupDn)
throws OperationFailedException
- This method is not part of
RemoteDirectory's contract. It is introduced by RFC4519Directory to
support RFC4519DirectoryMembershipsIterable.
- Parameters:
groupDn - LDAP name of a group
- Returns:
- the LDAP names of the direct members (users and groups) of the given group
- Throws:
OperationFailedException - if the operation fails for any reason
Copyright © 2014 Atlassian. All Rights Reserved.