public abstract class RFC4519Directory extends SpringLDAPConnector
A user is a member of a group if either:
RFC2307GidNumberMapper
,
RFC2307MemberUidMapper
attributes, contextSource, contextSourceTransactionManager, DEFAULT_PAGE_SIZE, eventPublisher, ldapPropertiesMapper, ldapQueryTranslater, ldapTemplate, nameConverter, searchDN
Constructor and Description |
---|
RFC4519Directory(LDAPQueryTranslater ldapQueryTranslater,
com.atlassian.event.api.EventPublisher eventPublisher,
InstanceFactory instanceFactory) |
Modifier and Type | Method and Description |
---|---|
protected void |
addDnToGroup(String dn,
LDAPGroupWithAttributes group) |
void |
addGroupToGroup(String childGroup,
String parentGroup)
Adds a group as a member of a parent group.
|
void |
addUserToGroup(String username,
String groupName)
Adds a user as a member of a group.
|
protected Iterable<LdapName> |
findAdditionalDirectMembers(LdapName groupDn,
Supplier<Optional<LDAPGroupWithAttributes>> group) |
Iterable<LdapName> |
findDirectMembersOfGroup(LdapName groupDn)
This method is not part of
RemoteDirectory 's contract. |
protected Iterable<String> |
findGroupMembershipNames(MembershipQuery<String> query) |
protected List<? extends LDAPGroupWithAttributes> |
findGroupMemberships(MembershipQuery<? extends LDAPGroupWithAttributes> query) |
protected <T> List<T> |
findGroupMembershipsOfUserViaMemberOf(String username,
int startIndex,
int maxResults,
com.atlassian.crowd.directory.RFC4519Directory.LookupByDn<T> mapper) |
protected List<LDAPUserWithAttributes> |
findUserMembersOfGroupViaMemberDN(String groupName,
GroupType groupType,
int startIndex,
int maxResults) |
protected Iterable<LDAPUserWithAttributes> |
findUserMembersOfGroupViaMemberOf(String groupName,
GroupType groupType,
int startIndex,
int maxResults) |
protected List<AttributeMapper> |
getCustomGroupAttributeMappers()
As a minimum, this SHOULD provide an attribute mapper that maps the group members attribute (if available).
|
protected List<AttributeMapper> |
getCustomUserAttributeMappers(UserContextMapperConfig config) |
protected List<AttributeMapper> |
getMemberDnMappers() |
Iterable<Membership> |
getMemberships()
Get an iterable view of the available group memberships.
|
protected boolean |
isDirectGroupMemberOf(LDAPUserWithAttributes user,
String groupDN) |
protected boolean |
isDnDirectGroupMember(String memberDN,
LDAPGroupWithAttributes parentGroup) |
boolean |
isGroupDirectGroupMember(String childGroup,
String parentGroup)
Determines if a group is a direct member of another group.
|
boolean |
isUserDirectGroupMember(String username,
String groupName)
Determines if a user is a direct member of a group.
|
protected org.springframework.ldap.filter.AndFilter |
prepareOrFilterForGroupProperty(String propertyName,
List<String> propertyValues) |
protected void |
removeDnFromGroup(String dn,
LDAPGroupWithAttributes group) |
void |
removeGroupFromGroup(String childGroup,
String parentGroup)
Removes a group as a member of a parent group.
|
void |
removeUserFromGroup(String username,
String groupName)
Removes a user as a member of a group.
|
protected <T> Iterable<T> |
searchGroupRelationshipsWithGroupTypeSpecified(MembershipQuery<T> query)
Execute the search for group relationships given that a group of type GROUP or LEGACY_ROLE has
been specified in the EntityDescriptor for the group(s).
|
protected Collection<LDAPGroupWithAttributes> |
searchGroupsByAttribute(Set<String> propertyValues,
Function<List<String>,org.springframework.ldap.filter.Filter> filterFunction) |
Collection<LDAPGroupWithAttributes> |
searchGroupsByDns(Set<String> groupsDn) |
protected static <T> Iterable<T> |
toGenericIterable(Iterable list)
Converts an Iterable to a generic Iterable.
|
addDefaultSnToUserAttributes, addDefaultValueToUserAttributesForAttribute, addGroup, addUser, addUser, asLdapGroupName, asLdapName, asLdapUserName, authenticate, avatarMapper, countDirectMembersOfGroup, createMinimalContextSource, createModificationItem, expireAllPasswords, findEntityByDN, findEntityByDN, findGroupByName, findGroupByNameAndType, findGroupWithAttributesByName, findUserByExternalId, findUserByName, findUserWithAttributesByName, getAttributeAsBoolean, getAttributeAsLong, getAuthoritativeDirectory, getBaseEnvironmentProperties, getContextSource, getCredentialEncoder, getDirectoryId, getGroupContextMapper, getInitialGroupMemberDN, getKeys, getLdapPropertiesMapper, getNewGroupAttributes, getNewGroupDirectorySpecificAttributes, getNewUserAttributes, getNewUserDirectorySpecificAttributes, getRequiredCustomGroupAttributeMappers, getSearchControls, getSearchDN, getUserAvatarByName, getUserModificationItems, getValue, getValues, initializeContextSource, initializeMinimalContextSource, isEmpty, isRolesDisabled, pageSearchResults, postprocessGroups, removeGroup, removeGroupAttributes, removeUser, removeUserAttributes, renameGroup, renameUser, searchEntities, searchEntitiesWithRequestControls, searchGroupObjects, searchGroupObjectsOfSpecifiedGroupType, searchGroupRelationships, searchGroups, searchUserObjects, searchUsers, setAttributes, setDirectoryId, setLdapPropertiesMapperAttributes, storeGroupAttributes, storeUserAttributes, supportsInactiveAccounts, supportsNestedGroups, supportsPasswordExpiration, supportsSettingEncryptedCredential, testConnection, typedEntityNotFoundException, updateGroup, updateUser, updateUserCredential
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
getDescriptiveName, getLocallyFilteredGroupNames, updateUserFromRemoteDirectory, userAuthenticated
public RFC4519Directory(LDAPQueryTranslater ldapQueryTranslater, com.atlassian.event.api.EventPublisher eventPublisher, InstanceFactory instanceFactory)
protected List<AttributeMapper> getCustomGroupAttributeMappers()
SpringLDAPConnector
getCustomGroupAttributeMappers
in class SpringLDAPConnector
protected List<AttributeMapper> getMemberDnMappers()
protected List<AttributeMapper> getCustomUserAttributeMappers(UserContextMapperConfig config)
getCustomUserAttributeMappers
in class SpringLDAPConnector
public Collection<LDAPGroupWithAttributes> searchGroupsByDns(Set<String> groupsDn) throws OperationFailedException
OperationFailedException
protected Collection<LDAPGroupWithAttributes> searchGroupsByAttribute(Set<String> propertyValues, Function<List<String>,org.springframework.ldap.filter.Filter> filterFunction) throws OperationFailedException
OperationFailedException
protected org.springframework.ldap.filter.AndFilter prepareOrFilterForGroupProperty(String propertyName, List<String> propertyValues)
protected boolean isDnDirectGroupMember(String memberDN, LDAPGroupWithAttributes parentGroup)
protected boolean isDirectGroupMemberOf(LDAPUserWithAttributes user, String groupDN)
public boolean isUserDirectGroupMember(String username, String groupName) throws OperationFailedException
RemoteDirectory
username
- name of user.groupName
- name of group.true
iff the user is a direct member of the group.OperationFailedException
- underlying directory implementation failed to execute the operation.public boolean isGroupDirectGroupMember(String childGroup, String parentGroup) throws OperationFailedException
RemoteDirectory
childGroup
- name of child group.parentGroup
- name of parent group.true
iff the childGroup is a direct member of the parentGroup.OperationFailedException
- underlying directory implementation failed to execute the operation.protected void addDnToGroup(String dn, LDAPGroupWithAttributes group) throws OperationFailedException
OperationFailedException
public void addUserToGroup(String username, String groupName) throws GroupNotFoundException, OperationFailedException, UserNotFoundException, MembershipAlreadyExistsException
RemoteDirectory
childGroup
will
appear as members of parentGroup
to querying applications.username
- The user that will become a member of groupName
groupName
- The group that will gain a new member.GroupNotFoundException
- If the group cannot be found.OperationFailedException
- underlying directory implementation failed to execute the operation.UserNotFoundException
- If the user cannot be found.MembershipAlreadyExistsException
- if the user is already a member of the grouppublic void addGroupToGroup(String childGroup, String parentGroup) throws GroupNotFoundException, InvalidMembershipException, OperationFailedException, MembershipAlreadyExistsException
RemoteDirectory
childGroup
- The group that will become a member of parentGroup
parentGroup
- The group that will gain a new memberGroupNotFoundException
- One or both of the groups cannot be found.InvalidMembershipException
- if the childGroup and parentGroup exist but are of different GroupTypes.OperationFailedException
- underlying directory implementation failed to execute the operation.MembershipAlreadyExistsException
- if the child group is already a child of the parent groupprotected void removeDnFromGroup(String dn, LDAPGroupWithAttributes group) throws OperationFailedException
OperationFailedException
public void removeUserFromGroup(String username, String groupName) throws UserNotFoundException, GroupNotFoundException, MembershipNotFoundException, OperationFailedException
RemoteDirectory
username
- The user that will be removed from parentGroup
groupName
- The group that will lose the member.UserNotFoundException
- If the user cannot be found.GroupNotFoundException
- If the group cannot be found.MembershipNotFoundException
- if the user is not a direct member of the group.OperationFailedException
- underlying directory implementation failed to execute the operation.public void removeGroupFromGroup(String childGroup, String parentGroup) throws GroupNotFoundException, MembershipNotFoundException, InvalidMembershipException, OperationFailedException
RemoteDirectory
childGroup
- The group that will be removed from parentGroup
parentGroup
- The group that will lose the member.GroupNotFoundException
- One or both of the groups cannot be found.MembershipNotFoundException
- if the childGroup is not a direct member of the parentGroup.InvalidMembershipException
- if the childGroup and parentGroup exist but are of different GroupTypes.OperationFailedException
- underlying directory implementation failed to execute the operation.public Iterable<Membership> getMemberships() throws OperationFailedException
RemoteDirectory
Get an iterable view of the available group memberships. This may be implemented as a single remote call or separate calls, depending on the directory.
If there is a failure in the underlying retrieval, the iterator may throw
Membership.MembershipIterationException
at runtime.
If the directory does not have a bulk call interface then a typical implementation would be:
return new DirectoryMembershipsIterable(this);
OperationFailedException
- if the underlying directory implementation failed to execute the operationprotected <T> Iterable<T> searchGroupRelationshipsWithGroupTypeSpecified(MembershipQuery<T> query) throws OperationFailedException
SpringLDAPConnector
searchGroupRelationshipsWithGroupTypeSpecified
in class SpringLDAPConnector
query
- membership query with all GroupType's not null.OperationFailedException
- if the operation failed due to a communication error with the remote directory,
or if the query is invalidprotected List<? extends LDAPGroupWithAttributes> findGroupMemberships(MembershipQuery<? extends LDAPGroupWithAttributes> query) throws OperationFailedException
OperationFailedException
protected Iterable<String> findGroupMembershipNames(MembershipQuery<String> query) throws OperationFailedException
OperationFailedException
protected <T> List<T> findGroupMembershipsOfUserViaMemberOf(String username, int startIndex, int maxResults, com.atlassian.crowd.directory.RFC4519Directory.LookupByDn<T> mapper) throws OperationFailedException
OperationFailedException
protected List<LDAPUserWithAttributes> findUserMembersOfGroupViaMemberDN(String groupName, GroupType groupType, int startIndex, int maxResults) throws OperationFailedException
OperationFailedException
protected Iterable<LDAPUserWithAttributes> findUserMembersOfGroupViaMemberOf(String groupName, GroupType groupType, int startIndex, int maxResults) throws OperationFailedException
OperationFailedException
protected static <T> Iterable<T> toGenericIterable(Iterable list)
public Iterable<LdapName> findDirectMembersOfGroup(LdapName groupDn) throws OperationFailedException
RemoteDirectory
's contract. It is introduced by RFC4519Directory
to
support RFC4519DirectoryMembershipsIterable
.
Children of this class can add additional groups by overriding findAdditionalDirectMembers(LdapName, Supplier)
groupDn
- LDAP name of a groupOperationFailedException
- if the operation fails for any reasonprotected Iterable<LdapName> findAdditionalDirectMembers(LdapName groupDn, @Nullable Supplier<Optional<LDAPGroupWithAttributes>> group) throws OperationFailedException
OperationFailedException
Copyright © 2021 Atlassian. All rights reserved.