From 6b3dc5051e5a61460f5012a549155b49b808bc3b Mon Sep 17 00:00:00 2001
From: Dustin Jenkins <Dustin.Jenkins@nrc-cnrc.gc.ca>
Date: Thu, 24 Mar 2016 15:28:00 -0700
Subject: [PATCH] Story 1890: Fix for removing users.
---
.../src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java | 6 +++---
.../ac/server/web/groups/CreateGroupAction.java | 2 +-
.../server/web/groups/RemoveUserMemberAction.java | 2 ++
cadcAccessControl/src/ca/nrc/cadc/ac/User.java | 13 +++++++++++++
.../src/ca/nrc/cadc/ac/client/UserClient.java | 10 ++++++----
5 files changed, 25 insertions(+), 8 deletions(-)
diff --git a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
index e2f4371f..9fb16743 100755
--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
@@ -815,7 +815,7 @@ public class LdapUserDAO extends LdapDAO
logger.debug("search filter: " + filter);
final String[] attributes = new String[]
- { LDAP_UID, LDAP_FIRST_NAME, LDAP_LAST_NAME };
+ { LDAP_USER_NAME, LDAP_FIRST_NAME, LDAP_LAST_NAME };
final SearchRequest searchRequest =
new SearchRequest(usersDN, SearchScope.ONE, filter, attributes);
@@ -831,10 +831,10 @@ public class LdapUserDAO extends LdapDAO
next.getAttributeValue(LDAP_FIRST_NAME);
final String lastName =
next.getAttributeValue(LDAP_LAST_NAME).trim();
- final String uid = next.getAttributeValue(LDAP_UID);
+ final String username = next.getAttributeValue(LDAP_USER_NAME);
User user = new User();
- user.getIdentities().add(new HttpPrincipal(uid));
+ user.getIdentities().add(new HttpPrincipal(username));
// Only add Personal Details if it is relevant.
if (StringUtil.hasLength(firstName) &&
diff --git a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/CreateGroupAction.java b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/CreateGroupAction.java
index 37c3e133..d58b5b79 100755
--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/CreateGroupAction.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/CreateGroupAction.java
@@ -107,7 +107,7 @@ public class CreateGroupAction extends AbstractGroupAction
}
for (User usr : group.getUserMembers())
{
- addedMembers.add(usr.getHttpPrincipal().getName());
+ addedMembers.add(usr.getX500Principal().getName());
}
}
logGroupInfo(group.getID(), null, addedMembers);
diff --git a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberAction.java b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberAction.java
index 8d08c6fb..8abb5a7a 100755
--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberAction.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/groups/RemoveUserMemberAction.java
@@ -78,6 +78,7 @@ import ca.nrc.cadc.ac.User;
import ca.nrc.cadc.ac.server.PluginFactory;
import ca.nrc.cadc.ac.server.UserPersistence;
import ca.nrc.cadc.auth.AuthenticationUtil;
+import ca.nrc.cadc.util.ObjectUtil;
public class RemoveUserMemberAction extends AbstractGroupAction
{
@@ -102,6 +103,7 @@ public class RemoveUserMemberAction extends AbstractGroupAction
User user = getUserPersistence().getAugmentedUser(userPrincipal);
User toRemove = new User();
+ ObjectUtil.setField(toRemove, user.getID(), "id");
toRemove.getIdentities().addAll(user.getIdentities());
if (!group.getUserMembers().remove(toRemove))
diff --git a/cadcAccessControl/src/ca/nrc/cadc/ac/User.java b/cadcAccessControl/src/ca/nrc/cadc/ac/User.java
index 19a1b2cd..827f3df6 100644
--- a/cadcAccessControl/src/ca/nrc/cadc/ac/User.java
+++ b/cadcAccessControl/src/ca/nrc/cadc/ac/User.java
@@ -68,6 +68,7 @@
*/
package ca.nrc.cadc.ac;
+import java.io.PrintWriter;
import java.security.Principal;
import java.util.Comparator;
import java.util.Date;
@@ -77,8 +78,12 @@ import java.util.TreeSet;
import ca.nrc.cadc.auth.HttpPrincipal;
+import javax.security.auth.x500.X500Principal;
+
public class User
{
+ // How on God's green earth is this used? Where is it set?
+ // jenkinsd 2016.03.24
private InternalID id;
private Set<Principal> identities = new TreeSet<Principal>(new PrincipalComparator());
@@ -141,6 +146,14 @@ public class User
return null;
}
+ public X500Principal getX500Principal()
+ {
+ final Set<X500Principal> identities =
+ getIdentities(X500Principal.class);
+ return identities.isEmpty() ? null : identities.iterator().next();
+ }
+
+
/**
* A User is considered consistent if the User's set of identities are a superset
* of this Users set of identities.
diff --git a/cadcAccessControl/src/ca/nrc/cadc/ac/client/UserClient.java b/cadcAccessControl/src/ca/nrc/cadc/ac/client/UserClient.java
index 8e278008..baebd048 100644
--- a/cadcAccessControl/src/ca/nrc/cadc/ac/client/UserClient.java
+++ b/cadcAccessControl/src/ca/nrc/cadc/ac/client/UserClient.java
@@ -117,8 +117,8 @@ public class UserClient
/**
* Constructor.
*
- * @param baseURL The URL of the supporting access control web service
- * obtained from the registry.
+ * @param serviceURI The URI of the supporting access control web service
+ * obtained from the registry.
*/
public UserClient(URI serviceURI)
throws IllegalArgumentException
@@ -129,7 +129,7 @@ public class UserClient
public UserClient(URI serviceURI, RegistryClient registryClient)
{
if (serviceURI == null)
- throw new IllegalArgumentException("invalid serviceURI: " + serviceURI);
+ throw new IllegalArgumentException("Service URI cannot be null.");
if (serviceURI.getFragment() != null)
throw new IllegalArgumentException("invalid serviceURI (fragment not allowed): " + serviceURI);
@@ -204,7 +204,9 @@ public class UserClient
{
URL usersURL = registryClient.getServiceURL(usersURI, "https");
final List<User> webUsers = new ArrayList<User>();
- HttpDownload httpDownload = new HttpDownload(usersURL, new JsonUserListInputStreamWrapper(webUsers));
+ HttpDownload httpDownload =
+ new HttpDownload(usersURL,
+ new JsonUserListInputStreamWrapper(webUsers));
httpDownload.setRequestProperty("Accept", "application/json");
httpDownload.run();
--
GitLab