Merge branch 's1711' of /srv/cadc/git/wopencadc into s1711

cdbeff2d · Dustin Jenkins · 3477988f · a1739694 · cdbeff2d · cdbeff2d
Commit cdbeff2d authored 10 years ago by Dustin Jenkins
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/GroupPersistence.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/GroupPersistence.java
@@ -118,10 +118,13 @@ public abstract interface GroupPersistence<T extends Principal>
     * @throws TransientException If an temporary, unexpected problem occurred.
     * @throws AccessControlException If the operation is not permitted.
     * @throws UserNotFoundException If owner or a member not valid user.
+     * @throws GroupNotFoundException if one of the groups in group members or
+     * group admins does not exist in the server.
     */
    public abstract Group addGroup(Group group)
        throws GroupAlreadyExistsException, TransientException,
-               AccessControlException, UserNotFoundException;
+               AccessControlException, UserNotFoundException, 
+               GroupNotFoundException;

    /**
     * Deletes the group.

--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAO.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAO.java
@@ -135,10 +135,12 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
     *                                     exists.
     * @throws TransientException If an temporary, unexpected problem occurred.
     * @throws UserNotFoundException If owner or a member not valid user.
+     * @throws GroupNotFoundException 
     */
    public Group addGroup(final Group group)
        throws GroupAlreadyExistsException, TransientException,
-               UserNotFoundException, AccessControlException
+               UserNotFoundException, AccessControlException, 
+               GroupNotFoundException
    {
        if (group.getOwner() == null)
        {
@@ -205,7 +207,8 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
                                final DN ownerDN, final String description, 
                                final Set<User<? extends Principal>> users, 
                                final Set<Group> groups)
-        throws UserNotFoundException, LDAPException, TransientException
+        throws UserNotFoundException, LDAPException, TransientException, 
+        AccessControlException, GroupNotFoundException
    {
        // add new group
        List<Attribute> attributes = new ArrayList<Attribute>();
@@ -228,6 +231,10 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
        }
        for (Group groupMember : groups)
        {
+            if (!checkGroupExists(groupID))
+            {
+                throw new GroupNotFoundException(groupID);
+            }
            DN memberDN = getGroupDN(groupMember.getID());
            members.add(memberDN.toNormalizedString());
        }
@@ -316,7 +323,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
     * @throws TransientException If an temporary, unexpected problem occurred.
     */
    public Collection<String> getGroupNames()
-        throws TransientException, AccessControlException
+        throws TransientException
    {
        try
        {
@@ -604,6 +611,10 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
        }
        for (Group gr : group.getGroupMembers())
        {
+            if (!checkGroupExists(gr.getID()))
+            {
+                throw new GroupNotFoundException(gr.getID());
+            }
            DN grDN = getGroupDN(gr.getID());
            newMembers.add(grDN.toNormalizedString());
        }
@@ -615,6 +626,10 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
        }
        for (Group gr : group.getGroupAdmins())
        {
+            if (!checkGroupExists(gr.getID()))
+            {
+                throw new GroupNotFoundException(gr.getID());
+            }
            DN grDN = getGroupDN(gr.getID());
            newAdmins.add(grDN.toNormalizedString());
        }
@@ -751,7 +766,16 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
               GroupNotFoundException, UserNotFoundException
    {
        User<T> user = new User<T>(userID);
-        DN userDN = userPersist.getUserDN(user);
+        DN userDN = null;
+        try
+        {
+            userDN = userPersist.getUserDN(user);
+        }
+        catch (UserNotFoundException e)
+        {
+            // no anonymous searches
+            throw new AccessControlException("Not authorized to search");
+        }
        
        Collection<DN> groupDNs = new HashSet<DN>();
        if (role == Role.OWNER)
@@ -993,4 +1017,17 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
        }
    }
    
+    private boolean checkGroupExists(String groupID) 
+            throws TransientException
+    {
+        for (String groupName : getGroupNames())
+        {
+            if (groupName.equalsIgnoreCase(groupID))
+            {
+                return true;
+            }
+        }
+        return false;
+    }
+
 }
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupPersistence.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupPersistence.java
@@ -147,7 +147,8 @@ public class LdapGroupPersistence<T extends Principal>

    public Group addGroup(Group group)
        throws GroupAlreadyExistsException, TransientException, 
-               AccessControlException, UserNotFoundException
+               AccessControlException, UserNotFoundException, 
+               GroupNotFoundException
    {
        LdapGroupDAO<T> groupDAO = null;
        LdapUserDAO<T> userDAO = null;

--- a/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapDAOTest.java
+++ b/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapDAOTest.java
@@ -182,7 +182,7 @@ public class LdapDAOTest
    private void testConnection(final LDAPConnection ldapCon)
    {
        assertTrue("Not connected but should be.", ldapCon.isConnected());
-        assertFalse("Should be SSLSocketFactory.",
+        assertTrue("Should be SSLSocketFactory.",
                   (ldapCon.getSocketFactory() instanceof SSLSocketFactory));
    }
 }
--- a/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAOTest.java
+++ b/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAOTest.java
@@ -65,9 +65,9 @@ public class LdapGroupDAOTest
 {
    private static final Logger log = Logger.getLogger(LdapGroupDAOTest.class);

-    static String usersDN = "ou=Users,ou=ds,dc=canfartest,dc=net";
-    static String groupsDN = "ou=Groups,ou=ds,dc=canfartest,dc=net";
-    static String adminGroupsDN = "ou=adminGroups,ou=ds,dc=canfartest,dc=net";
+    static String usersDN = "ou=Users,ou=ds,dc=testcanfar";
+    static String groupsDN = "ou=Groups,ou=ds,dc=testcanfar";
+    static String adminGroupsDN = "ou=adminGroups,ou=ds,dc=testcanfar";
    
    static String daoTestDN1 = "cn=cadcdaotest1,ou=cadc,o=hia,c=ca";
    static String daoTestDN2 = "cn=cadcdaotest2,ou=cadc,o=hia,c=ca";

--- a/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java
+++ b/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java
@@ -101,9 +101,9 @@ public class LdapUserDAOTest
 {
    private static final Logger log = Logger.getLogger(LdapUserDAOTest.class);
    
-    static String usersDN = "ou=Users,ou=ds,dc=canfartest,dc=net";
-    static String groupsDN = "ou=Groups,ou=ds,dc=canfartest,dc=net";
-    static String adminGroupsDN = "ou=adminGroups,ou=ds,dc=canfartest,dc=net";
+    static String usersDN = "ou=Users,ou=ds,dc=testcanfar";
+    static String groupsDN = "ou=Groups,ou=ds,dc=testcanfar";
+    static String adminGroupsDN = "ou=adminGroups,ou=ds,dc=testcanfar";
 //    static String userBaseDN = "ou=Users,ou=ds,dc=canfar,dc=net";
 //    static String groupBaseDN = "ou=Groups,ou=ds,dc=canfar,dc=net";