From a173969449b6197024bccda68f7d4b586869d11a Mon Sep 17 00:00:00 2001
From: Adrian Damian <Adrian.Damian@nrc-cnrc.gc.ca>
Date: Fri, 31 Oct 2014 15:20:53 -0700
Subject: [PATCH] Added check if group exists
---
.../nrc/cadc/ac/server/GroupPersistence.java | 5 ++-
.../nrc/cadc/ac/server/ldap/LdapGroupDAO.java | 34 +++++++++++++++++--
.../ac/server/ldap/LdapGroupPersistence.java | 3 +-
.../nrc/cadc/ac/server/ldap/LdapDAOTest.java | 2 +-
.../cadc/ac/server/ldap/LdapGroupDAOTest.java | 6 ++--
.../cadc/ac/server/ldap/LdapUserDAOTest.java | 6 ++--
6 files changed, 44 insertions(+), 12 deletions(-)
diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/GroupPersistence.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/GroupPersistence.java
index 7637d728..bdfa4e05 100755
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/GroupPersistence.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/GroupPersistence.java
@@ -118,10 +118,13 @@ public abstract interface GroupPersistence<T extends Principal>
* @throws TransientException If an temporary, unexpected problem occurred.
* @throws AccessControlException If the operation is not permitted.
* @throws UserNotFoundException If owner or a member not valid user.
+ * @throws GroupNotFoundException if one of the groups in group members or
+ * group admins does not exist in the server.
*/
public abstract Group addGroup(Group group)
throws GroupAlreadyExistsException, TransientException,
- AccessControlException, UserNotFoundException;
+ AccessControlException, UserNotFoundException,
+ GroupNotFoundException;
/**
* Deletes the group.
diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAO.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAO.java
index 64fe6d8c..e09dfdce 100755
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAO.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAO.java
@@ -135,10 +135,12 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
* exists.
* @throws TransientException If an temporary, unexpected problem occurred.
* @throws UserNotFoundException If owner or a member not valid user.
+ * @throws GroupNotFoundException
*/
public Group addGroup(final Group group)
throws GroupAlreadyExistsException, TransientException,
- UserNotFoundException, AccessControlException
+ UserNotFoundException, AccessControlException,
+ GroupNotFoundException
{
if (group.getOwner() == null)
{
@@ -205,7 +207,8 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
final DN ownerDN, final String description,
final Set<User<? extends Principal>> users,
final Set<Group> groups)
- throws UserNotFoundException, LDAPException, TransientException, AccessControlException
+ throws UserNotFoundException, LDAPException, TransientException,
+ AccessControlException, GroupNotFoundException
{
// add new group
List<Attribute> attributes = new ArrayList<Attribute>();
@@ -228,6 +231,10 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
}
for (Group groupMember : groups)
{
+ if (!checkGroupExists(groupID))
+ {
+ throw new GroupNotFoundException(groupID);
+ }
DN memberDN = getGroupDN(groupMember.getID());
members.add(memberDN.toNormalizedString());
}
@@ -316,7 +323,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
* @throws TransientException If an temporary, unexpected problem occurred.
*/
public Collection<String> getGroupNames()
- throws TransientException, AccessControlException
+ throws TransientException
{
try
{
@@ -604,6 +611,10 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
}
for (Group gr : group.getGroupMembers())
{
+ if (!checkGroupExists(gr.getID()))
+ {
+ throw new GroupNotFoundException(gr.getID());
+ }
DN grDN = getGroupDN(gr.getID());
newMembers.add(grDN.toNormalizedString());
}
@@ -615,6 +626,10 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
}
for (Group gr : group.getGroupAdmins())
{
+ if (!checkGroupExists(gr.getID()))
+ {
+ throw new GroupNotFoundException(gr.getID());
+ }
DN grDN = getGroupDN(gr.getID());
newAdmins.add(grDN.toNormalizedString());
}
@@ -1001,5 +1016,18 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
throw new RuntimeException(e);
}
}
+
+ private boolean checkGroupExists(String groupID)
+ throws TransientException
+ {
+ for (String groupName : getGroupNames())
+ {
+ if (groupName.equalsIgnoreCase(groupID))
+ {
+ return true;
+ }
+ }
+ return false;
+ }
}
diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupPersistence.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupPersistence.java
index 66727c6e..f59bc151 100755
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupPersistence.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupPersistence.java
@@ -147,7 +147,8 @@ public class LdapGroupPersistence<T extends Principal>
public Group addGroup(Group group)
throws GroupAlreadyExistsException, TransientException,
- AccessControlException, UserNotFoundException
+ AccessControlException, UserNotFoundException,
+ GroupNotFoundException
{
LdapGroupDAO<T> groupDAO = null;
LdapUserDAO<T> userDAO = null;
diff --git a/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapDAOTest.java b/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapDAOTest.java
index e92c1cbc..926d41ae 100644
--- a/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapDAOTest.java
+++ b/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapDAOTest.java
@@ -182,7 +182,7 @@ public class LdapDAOTest
private void testConnection(final LDAPConnection ldapCon)
{
assertTrue("Not connected but should be.", ldapCon.isConnected());
- assertFalse("Should be SSLSocketFactory.",
+ assertTrue("Should be SSLSocketFactory.",
(ldapCon.getSocketFactory() instanceof SSLSocketFactory));
}
}
diff --git a/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAOTest.java b/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAOTest.java
index a74ba612..79866c3d 100644
--- a/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAOTest.java
+++ b/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAOTest.java
@@ -65,9 +65,9 @@ public class LdapGroupDAOTest
{
private static final Logger log = Logger.getLogger(LdapGroupDAOTest.class);
- static String usersDN = "ou=Users,ou=ds,dc=canfartest,dc=net";
- static String groupsDN = "ou=Groups,ou=ds,dc=canfartest,dc=net";
- static String adminGroupsDN = "ou=adminGroups,ou=ds,dc=canfartest,dc=net";
+ static String usersDN = "ou=Users,ou=ds,dc=testcanfar";
+ static String groupsDN = "ou=Groups,ou=ds,dc=testcanfar";
+ static String adminGroupsDN = "ou=adminGroups,ou=ds,dc=testcanfar";
static String daoTestDN1 = "cn=cadcdaotest1,ou=cadc,o=hia,c=ca";
static String daoTestDN2 = "cn=cadcdaotest2,ou=cadc,o=hia,c=ca";
diff --git a/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java b/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java
index a00cc0a1..dd1e86bf 100644
--- a/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java
+++ b/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java
@@ -101,9 +101,9 @@ public class LdapUserDAOTest
{
private static final Logger log = Logger.getLogger(LdapUserDAOTest.class);
- static String usersDN = "ou=Users,ou=ds,dc=canfartest,dc=net";
- static String groupsDN = "ou=Groups,ou=ds,dc=canfartest,dc=net";
- static String adminGroupsDN = "ou=adminGroups,ou=ds,dc=canfartest,dc=net";
+ static String usersDN = "ou=Users,ou=ds,dc=testcanfar";
+ static String groupsDN = "ou=Groups,ou=ds,dc=testcanfar";
+ static String adminGroupsDN = "ou=adminGroups,ou=ds,dc=testcanfar";
// static String userBaseDN = "ou=Users,ou=ds,dc=canfar,dc=net";
// static String groupBaseDN = "ou=Groups,ou=ds,dc=canfar,dc=net";
--
GitLab