Remove old LDAP group code.
Change-Id: I38fdd7b0dba73df61f9b7085c202c6f36ecfc04e
This commit is contained in:
Colby Ranger
@@ -24,7 +24,6 @@ import com.google.gwtjsonrpc.common.RpcImpl;
|
||||
import com.google.gwtjsonrpc.common.VoidResult;
|
||||
import com.google.gwtjsonrpc.common.RpcImpl.Version;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
@RpcImpl(version = Version.V2_0)
|
||||
@@ -59,14 +58,6 @@ public interface GroupAdminService extends RemoteJsonService {
|
||||
void changeGroupType(AccountGroup.Id groupId, AccountGroup.Type newType,
|
||||
AsyncCallback<VoidResult> callback);
|
||||
|
||||
@SignInRequired
|
||||
void changeExternalGroup(AccountGroup.Id groupId,
|
||||
AccountGroup.ExternalNameKey bindTo, AsyncCallback<VoidResult> callback);
|
||||
|
||||
@SignInRequired
|
||||
void searchExternalGroups(String searchFilter,
|
||||
AsyncCallback<List<AccountGroup.ExternalNameKey>> callback);
|
||||
|
||||
@SignInRequired
|
||||
void addGroupMember(AccountGroup.Id groupId, String nameOrEmail,
|
||||
AsyncCallback<GroupDetail> callback);
|
||||
|
||||
@@ -27,17 +27,10 @@ import com.google.gwt.event.dom.client.ChangeEvent;
|
||||
import com.google.gwt.event.dom.client.ChangeHandler;
|
||||
import com.google.gwt.event.dom.client.ClickEvent;
|
||||
import com.google.gwt.event.dom.client.ClickHandler;
|
||||
import com.google.gwt.event.dom.client.KeyCodes;
|
||||
import com.google.gwt.event.dom.client.KeyPressEvent;
|
||||
import com.google.gwt.event.dom.client.KeyPressHandler;
|
||||
import com.google.gwt.user.client.ui.Button;
|
||||
import com.google.gwt.user.client.ui.CheckBox;
|
||||
import com.google.gwt.user.client.ui.FlowPanel;
|
||||
import com.google.gwt.user.client.ui.Grid;
|
||||
import com.google.gwt.user.client.ui.HTMLTable.CellFormatter;
|
||||
import com.google.gwt.user.client.ui.Label;
|
||||
import com.google.gwt.user.client.ui.ListBox;
|
||||
import com.google.gwt.user.client.ui.Panel;
|
||||
import com.google.gwt.user.client.ui.SuggestBox;
|
||||
import com.google.gwt.user.client.ui.VerticalPanel;
|
||||
import com.google.gwtexpui.clippy.client.CopyableLabel;
|
||||
@@ -45,8 +38,6 @@ import com.google.gwtexpui.globalkey.client.NpTextArea;
|
||||
import com.google.gwtexpui.globalkey.client.NpTextBox;
|
||||
import com.google.gwtjsonrpc.common.VoidResult;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public class AccountGroupInfoScreen extends AccountGroupScreen {
|
||||
private CopyableLabel groupUUIDLabel;
|
||||
|
||||
@@ -64,12 +55,6 @@ public class AccountGroupInfoScreen extends AccountGroupScreen {
|
||||
private ListBox typeSelect;
|
||||
private Button saveType;
|
||||
|
||||
private Panel externalPanel;
|
||||
private Label externalName;
|
||||
private NpTextBox externalNameFilter;
|
||||
private Button externalNameSearch;
|
||||
private Grid externalMatches;
|
||||
|
||||
private CheckBox visibleToAllCheckBox;
|
||||
private Button saveGroupOptions;
|
||||
|
||||
@@ -86,8 +71,6 @@ public class AccountGroupInfoScreen extends AccountGroupScreen {
|
||||
initDescription();
|
||||
initGroupOptions();
|
||||
initGroupType();
|
||||
|
||||
initExternal();
|
||||
}
|
||||
|
||||
private void enableForm(final boolean canModify) {
|
||||
@@ -95,8 +78,6 @@ public class AccountGroupInfoScreen extends AccountGroupScreen {
|
||||
ownerTxtBox.setEnabled(canModify);
|
||||
descTxt.setEnabled(canModify);
|
||||
typeSelect.setEnabled(canModify);
|
||||
externalNameFilter.setEnabled(canModify);
|
||||
externalNameSearch.setEnabled(canModify);
|
||||
visibleToAllCheckBox.setEnabled(canModify);
|
||||
}
|
||||
|
||||
@@ -243,7 +224,6 @@ public class AccountGroupInfoScreen extends AccountGroupScreen {
|
||||
typeSelect = new ListBox();
|
||||
typeSelect.setStyleName(Gerrit.RESOURCES.css().groupTypeSelectListBox());
|
||||
typeSelect.addItem(Util.C.groupType_INTERNAL(), AccountGroup.Type.INTERNAL.name());
|
||||
typeSelect.addItem(Util.C.groupType_LDAP(), AccountGroup.Type.LDAP.name());
|
||||
typeSelect.addChangeHandler(new ChangeHandler() {
|
||||
@Override
|
||||
public void onChange(ChangeEvent event) {
|
||||
@@ -279,54 +259,12 @@ public class AccountGroupInfoScreen extends AccountGroupScreen {
|
||||
add(fp);
|
||||
}
|
||||
|
||||
private void initExternal() {
|
||||
externalName = new Label();
|
||||
|
||||
externalNameFilter = new NpTextBox();
|
||||
externalNameFilter.setStyleName(Gerrit.RESOURCES.css()
|
||||
.groupExternalNameFilterTextBox());
|
||||
externalNameFilter.setVisibleLength(30);
|
||||
externalNameFilter.addKeyPressHandler(new KeyPressHandler() {
|
||||
@Override
|
||||
public void onKeyPress(final KeyPressEvent event) {
|
||||
if (event.getNativeEvent().getKeyCode() == KeyCodes.KEY_ENTER) {
|
||||
doExternalSearch();
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
externalNameSearch = new Button(Gerrit.C.searchButton());
|
||||
externalNameSearch.addClickHandler(new ClickHandler() {
|
||||
@Override
|
||||
public void onClick(ClickEvent event) {
|
||||
doExternalSearch();
|
||||
}
|
||||
});
|
||||
|
||||
externalMatches = new Grid();
|
||||
externalMatches.setStyleName(Gerrit.RESOURCES.css().infoTable());
|
||||
externalMatches.setVisible(false);
|
||||
|
||||
final FlowPanel searchLine = new FlowPanel();
|
||||
searchLine.add(externalNameFilter);
|
||||
searchLine.add(externalNameSearch);
|
||||
|
||||
externalPanel = new VerticalPanel();
|
||||
externalPanel.add(new SmallHeading(Util.C.headingExternalGroup()));
|
||||
externalPanel.add(externalName);
|
||||
externalPanel.add(searchLine);
|
||||
externalPanel.add(externalMatches);
|
||||
add(externalPanel);
|
||||
}
|
||||
|
||||
private void setType(final AccountGroup.Type newType) {
|
||||
final boolean system = newType == AccountGroup.Type.SYSTEM;
|
||||
|
||||
typeSystem.setVisible(system);
|
||||
typeSelect.setVisible(!system);
|
||||
saveType.setVisible(!system);
|
||||
externalPanel.setVisible(newType == AccountGroup.Type.LDAP);
|
||||
externalNameFilter.setText(groupNameTxt.getText());
|
||||
|
||||
if (!system) {
|
||||
for (int i = 0; i < typeSelect.getItemCount(); i++) {
|
||||
@@ -367,77 +305,6 @@ public class AccountGroupInfoScreen extends AccountGroupScreen {
|
||||
});
|
||||
}
|
||||
|
||||
private void doExternalSearch() {
|
||||
externalNameFilter.setEnabled(false);
|
||||
externalNameSearch.setEnabled(false);
|
||||
Util.GROUP_SVC.searchExternalGroups(externalNameFilter.getText(),
|
||||
new GerritCallback<List<AccountGroup.ExternalNameKey>>() {
|
||||
@Override
|
||||
public void onSuccess(List<AccountGroup.ExternalNameKey> result) {
|
||||
try {
|
||||
final CellFormatter fmt = externalMatches.getCellFormatter();
|
||||
|
||||
if (result.isEmpty()) {
|
||||
externalMatches.resize(1, 1);
|
||||
externalMatches.setText(0, 0, Util.C.errorNoMatchingGroups());
|
||||
fmt.setStyleName(0, 0, Gerrit.RESOURCES.css().header());
|
||||
return;
|
||||
}
|
||||
|
||||
externalMatches.resize(1 + result.size(), 2);
|
||||
|
||||
externalMatches.setText(0, 0, Util.C.columnGroupName());
|
||||
externalMatches.setText(0, 1, "");
|
||||
fmt.setStyleName(0, 0, Gerrit.RESOURCES.css().header());
|
||||
fmt.setStyleName(0, 1, Gerrit.RESOURCES.css().header());
|
||||
|
||||
for (int row = 0; row < result.size(); row++) {
|
||||
final AccountGroup.ExternalNameKey key = result.get(row);
|
||||
final Button b = new Button(Util.C.buttonSelectGroup());
|
||||
b.addClickHandler(new ClickHandler() {
|
||||
@Override
|
||||
public void onClick(ClickEvent event) {
|
||||
setExternalGroup(key);
|
||||
}
|
||||
});
|
||||
externalMatches.setText(1 + row, 0, key.get());
|
||||
externalMatches.setWidget(1 + row, 1, b);
|
||||
fmt.setStyleName(1 + row, 1, Gerrit.RESOURCES.css().rightmost());
|
||||
}
|
||||
} finally {
|
||||
externalMatches.setVisible(true);
|
||||
externalNameFilter.setEnabled(true);
|
||||
externalNameSearch.setEnabled(true);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void onFailure(Throwable caught) {
|
||||
externalNameFilter.setEnabled(true);
|
||||
externalNameSearch.setEnabled(true);
|
||||
super.onFailure(caught);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private void setExternalGroup(final AccountGroup.ExternalNameKey key) {
|
||||
externalMatches.setVisible(false);
|
||||
|
||||
Util.GROUP_SVC.changeExternalGroup(getGroupId(), key,
|
||||
new GerritCallback<VoidResult>() {
|
||||
@Override
|
||||
public void onSuccess(VoidResult result) {
|
||||
externalName.setText(key.get());
|
||||
}
|
||||
|
||||
@Override
|
||||
public void onFailure(Throwable caught) {
|
||||
externalMatches.setVisible(true);
|
||||
super.onFailure(caught);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void display(final GroupDetail groupDetail) {
|
||||
final AccountGroup group = groupDetail.group;
|
||||
@@ -452,13 +319,6 @@ public class AccountGroupInfoScreen extends AccountGroupScreen {
|
||||
|
||||
visibleToAllCheckBox.setValue(group.isVisibleToAll());
|
||||
|
||||
switch (group.getType()) {
|
||||
case LDAP:
|
||||
externalName.setText(group.getExternalNameKey() != null ? group
|
||||
.getExternalNameKey().get() : Util.C.noGroupSelected());
|
||||
break;
|
||||
}
|
||||
|
||||
setType(group.getType());
|
||||
|
||||
enableForm(groupDetail.canModify);
|
||||
|
||||
@@ -37,25 +37,21 @@ import com.google.gerrit.server.account.AccountResolver;
|
||||
import com.google.gerrit.server.account.GroupCache;
|
||||
import com.google.gerrit.server.account.GroupControl;
|
||||
import com.google.gerrit.server.account.GroupIncludeCache;
|
||||
import com.google.gerrit.server.account.Realm;
|
||||
import com.google.gwtjsonrpc.common.AsyncCallback;
|
||||
import com.google.gwtjsonrpc.common.VoidResult;
|
||||
import com.google.gwtorm.server.OrmException;
|
||||
import com.google.inject.Inject;
|
||||
import com.google.inject.Provider;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.Comparator;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
class GroupAdminServiceImpl extends BaseServiceImplementation implements
|
||||
GroupAdminService {
|
||||
private final AccountCache accountCache;
|
||||
private final AccountResolver accountResolver;
|
||||
private final Realm accountRealm;
|
||||
private final GroupCache groupCache;
|
||||
private final GroupIncludeCache groupIncludeCache;
|
||||
private final GroupControl.Factory groupControlFactory;
|
||||
@@ -70,7 +66,7 @@ class GroupAdminServiceImpl extends BaseServiceImplementation implements
|
||||
final Provider<IdentifiedUser> currentUser,
|
||||
final AccountCache accountCache,
|
||||
final GroupIncludeCache groupIncludeCache,
|
||||
final AccountResolver accountResolver, final Realm accountRealm,
|
||||
final AccountResolver accountResolver,
|
||||
final GroupCache groupCache,
|
||||
final GroupControl.Factory groupControlFactory,
|
||||
final CreateGroup.Factory createGroupFactory,
|
||||
@@ -81,7 +77,6 @@ class GroupAdminServiceImpl extends BaseServiceImplementation implements
|
||||
this.accountCache = accountCache;
|
||||
this.groupIncludeCache = groupIncludeCache;
|
||||
this.accountResolver = accountResolver;
|
||||
this.accountRealm = accountRealm;
|
||||
this.groupCache = groupCache;
|
||||
this.groupControlFactory = groupControlFactory;
|
||||
this.createGroupFactory = createGroupFactory;
|
||||
@@ -178,36 +173,6 @@ class GroupAdminServiceImpl extends BaseServiceImplementation implements
|
||||
});
|
||||
}
|
||||
|
||||
public void changeExternalGroup(final AccountGroup.Id groupId,
|
||||
final AccountGroup.ExternalNameKey bindTo,
|
||||
final AsyncCallback<VoidResult> callback) {
|
||||
run(callback, new Action<VoidResult>() {
|
||||
public VoidResult run(final ReviewDb db) throws OrmException, Failure {
|
||||
final AccountGroup group = db.accountGroups().get(groupId);
|
||||
assertAmGroupOwner(db, group);
|
||||
group.setExternalNameKey(bindTo);
|
||||
db.accountGroups().update(Collections.singleton(group));
|
||||
groupCache.evict(group);
|
||||
return VoidResult.INSTANCE;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
public void searchExternalGroups(final String searchFilter,
|
||||
final AsyncCallback<List<AccountGroup.ExternalNameKey>> callback) {
|
||||
final ArrayList<AccountGroup.ExternalNameKey> matches =
|
||||
new ArrayList<AccountGroup.ExternalNameKey>(
|
||||
accountRealm.lookupGroups(searchFilter));
|
||||
Collections.sort(matches, new Comparator<AccountGroup.ExternalNameKey>() {
|
||||
@Override
|
||||
public int compare(AccountGroup.ExternalNameKey a,
|
||||
AccountGroup.ExternalNameKey b) {
|
||||
return a.get().compareTo(b.get());
|
||||
}
|
||||
});
|
||||
callback.onSuccess(matches);
|
||||
}
|
||||
|
||||
public void addGroupMember(final AccountGroup.Id groupId,
|
||||
final String nameOrEmail, final AsyncCallback<GroupDetail> callback) {
|
||||
run(callback, new Action<GroupDetail>() {
|
||||
|
||||
@@ -79,32 +79,6 @@ public final class AccountGroup {
|
||||
}
|
||||
}
|
||||
|
||||
/** Distinguished name, within organization directory server. */
|
||||
public static class ExternalNameKey extends
|
||||
StringKey<com.google.gwtorm.client.Key<?>> {
|
||||
private static final long serialVersionUID = 1L;
|
||||
|
||||
@Column(id = 1)
|
||||
protected String name;
|
||||
|
||||
protected ExternalNameKey() {
|
||||
}
|
||||
|
||||
public ExternalNameKey(final String n) {
|
||||
name = n;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String get() {
|
||||
return name;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void set(String newValue) {
|
||||
name = newValue;
|
||||
}
|
||||
}
|
||||
|
||||
/** Synthetic key to link to within the database */
|
||||
public static class Id extends IntKey<com.google.gwtorm.client.Key<?>> {
|
||||
private static final long serialVersionUID = 1L;
|
||||
@@ -157,20 +131,7 @@ public final class AccountGroup {
|
||||
* who is a member of the owner group. These groups are not treated special
|
||||
* in the code.
|
||||
*/
|
||||
INTERNAL,
|
||||
|
||||
/**
|
||||
* Group defined by external LDAP database.
|
||||
* <p>
|
||||
* A group whose membership is determined by the LDAP directory that we
|
||||
* connect to for user and group information. In UI contexts the membership
|
||||
* of the group is not displayed, as it may be exceedingly large, or might
|
||||
* contain users who have never logged into this server before (and thus
|
||||
* have no matching account record). Adding or removing users from an LDAP
|
||||
* group requires making edits through the LDAP directory, and cannot be
|
||||
* done through our UI.
|
||||
*/
|
||||
LDAP;
|
||||
INTERNAL;
|
||||
}
|
||||
|
||||
/** Common UUID assigned to the "Project Owners" placeholder group. */
|
||||
@@ -201,10 +162,6 @@ public final class AccountGroup {
|
||||
@Column(id = 5, length = 8)
|
||||
protected String groupType;
|
||||
|
||||
/** Distinguished name in the directory server. */
|
||||
@Column(id = 6, notNull = false)
|
||||
protected ExternalNameKey externalName;
|
||||
|
||||
@Column(id = 7)
|
||||
protected boolean visibleToAll;
|
||||
|
||||
@@ -273,14 +230,6 @@ public final class AccountGroup {
|
||||
groupType = t.name();
|
||||
}
|
||||
|
||||
public ExternalNameKey getExternalNameKey() {
|
||||
return externalName;
|
||||
}
|
||||
|
||||
public void setExternalNameKey(final ExternalNameKey k) {
|
||||
externalName = k;
|
||||
}
|
||||
|
||||
public void setVisibleToAll(final boolean visibleToAll) {
|
||||
this.visibleToAll = visibleToAll;
|
||||
}
|
||||
|
||||
@@ -29,10 +29,6 @@ public interface AccountGroupAccess extends
|
||||
@Query("WHERE groupUUID = ?")
|
||||
ResultSet<AccountGroup> byUUID(AccountGroup.UUID uuid) throws OrmException;
|
||||
|
||||
@Query("WHERE externalName = ?")
|
||||
ResultSet<AccountGroup> byExternalName(AccountGroup.ExternalNameKey name)
|
||||
throws OrmException;
|
||||
|
||||
@Query
|
||||
ResultSet<AccountGroup> all() throws OrmException;
|
||||
}
|
||||
|
||||
@@ -79,9 +79,4 @@ public class DefaultRealm implements Realm {
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<AccountGroup.ExternalNameKey> lookupGroups(String name) {
|
||||
return Collections.emptySet();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -16,8 +16,6 @@ package com.google.gerrit.server.account;
|
||||
|
||||
import com.google.gerrit.reviewdb.client.AccountGroup;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
import javax.annotation.Nullable;
|
||||
|
||||
/** Tracks group objects in memory for efficient access. */
|
||||
@@ -34,8 +32,6 @@ public interface GroupCache {
|
||||
@Nullable
|
||||
public AccountGroup get(AccountGroup.UUID uuid);
|
||||
|
||||
public Collection<AccountGroup> get(AccountGroup.ExternalNameKey externalName);
|
||||
|
||||
/** @return sorted iteration of groups. */
|
||||
public abstract Iterable<AccountGroup> all();
|
||||
|
||||
|
||||
@@ -17,7 +17,6 @@ package com.google.gerrit.server.account;
|
||||
import com.google.common.base.Optional;
|
||||
import com.google.common.cache.CacheLoader;
|
||||
import com.google.common.cache.LoadingCache;
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.gerrit.reviewdb.client.AccountGroup;
|
||||
import com.google.gerrit.reviewdb.client.AccountGroupName;
|
||||
import com.google.gerrit.reviewdb.server.ReviewDb;
|
||||
@@ -34,7 +33,6 @@ import com.google.inject.name.Named;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.ExecutionException;
|
||||
@@ -48,7 +46,6 @@ public class GroupCacheImpl implements GroupCache {
|
||||
private static final String BYID_NAME = "groups";
|
||||
private static final String BYNAME_NAME = "groups_byname";
|
||||
private static final String BYUUID_NAME = "groups_byuuid";
|
||||
private static final String BYEXT_NAME = "groups_byext";
|
||||
|
||||
public static Module module() {
|
||||
return new CacheModule() {
|
||||
@@ -69,11 +66,6 @@ public class GroupCacheImpl implements GroupCache {
|
||||
new TypeLiteral<Optional<AccountGroup>>() {})
|
||||
.loader(ByUUIDLoader.class);
|
||||
|
||||
cache(BYEXT_NAME,
|
||||
String.class,
|
||||
new TypeLiteral<Collection<AccountGroup>>() {})
|
||||
.loader(ByExternalNameLoader.class);
|
||||
|
||||
bind(GroupCacheImpl.class);
|
||||
bind(GroupCache.class).to(GroupCacheImpl.class);
|
||||
}
|
||||
@@ -83,7 +75,6 @@ public class GroupCacheImpl implements GroupCache {
|
||||
private final LoadingCache<AccountGroup.Id, Optional<AccountGroup>> byId;
|
||||
private final LoadingCache<String, Optional<AccountGroup>> byName;
|
||||
private final LoadingCache<String, Optional<AccountGroup>> byUUID;
|
||||
private final LoadingCache<String, Collection<AccountGroup>> byExternalName;
|
||||
private final SchemaFactory<ReviewDb> schema;
|
||||
|
||||
@Inject
|
||||
@@ -91,15 +82,14 @@ public class GroupCacheImpl implements GroupCache {
|
||||
@Named(BYID_NAME) LoadingCache<AccountGroup.Id, Optional<AccountGroup>> byId,
|
||||
@Named(BYNAME_NAME) LoadingCache<String, Optional<AccountGroup>> byName,
|
||||
@Named(BYUUID_NAME) LoadingCache<String, Optional<AccountGroup>> byUUID,
|
||||
@Named(BYEXT_NAME) LoadingCache<String, Collection<AccountGroup>> byExternalName,
|
||||
SchemaFactory<ReviewDb> schema) {
|
||||
this.byId = byId;
|
||||
this.byName = byName;
|
||||
this.byUUID = byUUID;
|
||||
this.byExternalName = byExternalName;
|
||||
this.schema = schema;
|
||||
}
|
||||
|
||||
@Override
|
||||
public AccountGroup get(final AccountGroup.Id groupId) {
|
||||
try {
|
||||
Optional<AccountGroup> g = byId.get(groupId);
|
||||
@@ -110,6 +100,7 @@ public class GroupCacheImpl implements GroupCache {
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void evict(final AccountGroup group) {
|
||||
if (group.getId() != null) {
|
||||
byId.invalidate(group.getId());
|
||||
@@ -120,11 +111,9 @@ public class GroupCacheImpl implements GroupCache {
|
||||
if (group.getGroupUUID() != null) {
|
||||
byUUID.invalidate(group.getGroupUUID().get());
|
||||
}
|
||||
if (group.getExternalNameKey() != null) {
|
||||
byExternalName.invalidate(group.getExternalNameKey().get());
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void evictAfterRename(final AccountGroup.NameKey oldName,
|
||||
final AccountGroup.NameKey newName) {
|
||||
if (oldName != null) {
|
||||
@@ -135,6 +124,7 @@ public class GroupCacheImpl implements GroupCache {
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public AccountGroup get(AccountGroup.NameKey name) {
|
||||
if (name == null) {
|
||||
return null;
|
||||
@@ -147,6 +137,7 @@ public class GroupCacheImpl implements GroupCache {
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public AccountGroup get(AccountGroup.UUID uuid) {
|
||||
if (uuid == null) {
|
||||
return null;
|
||||
@@ -159,18 +150,6 @@ public class GroupCacheImpl implements GroupCache {
|
||||
}
|
||||
}
|
||||
|
||||
public Collection<AccountGroup> get(AccountGroup.ExternalNameKey name) {
|
||||
if (name == null) {
|
||||
return Collections.emptyList();
|
||||
}
|
||||
try {
|
||||
return byExternalName.get(name.get());
|
||||
} catch (ExecutionException e) {
|
||||
log.warn("Cannot lookup external group " + name, e);
|
||||
return Collections.emptyList();
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public Iterable<AccountGroup> all() {
|
||||
try {
|
||||
@@ -272,27 +251,4 @@ public class GroupCacheImpl implements GroupCache {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
static class ByExternalNameLoader extends
|
||||
CacheLoader<String, Collection<AccountGroup>> {
|
||||
private final SchemaFactory<ReviewDb> schema;
|
||||
|
||||
@Inject
|
||||
ByExternalNameLoader(final SchemaFactory<ReviewDb> sf) {
|
||||
schema = sf;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<AccountGroup> load(String name)
|
||||
throws Exception {
|
||||
final ReviewDb db = schema.open();
|
||||
try {
|
||||
return ImmutableList.copyOf(db.accountGroups()
|
||||
.byExternalName(new AccountGroup.ExternalNameKey(name))
|
||||
.toList());
|
||||
} finally {
|
||||
db.close();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -45,9 +45,4 @@ public interface Realm {
|
||||
* user by that email address.
|
||||
*/
|
||||
public Account.Id lookup(String accountName);
|
||||
|
||||
/**
|
||||
* Search for matching external groups.
|
||||
*/
|
||||
public Set<AccountGroup.ExternalNameKey> lookupGroups(String name);
|
||||
}
|
||||
|
||||
@@ -17,7 +17,6 @@ package com.google.gerrit.server.auth.ldap;
|
||||
import com.google.gerrit.common.data.ParameterizedString;
|
||||
import com.google.gerrit.reviewdb.client.AccountGroup;
|
||||
import com.google.gerrit.server.account.AccountException;
|
||||
import com.google.gerrit.server.account.GroupCache;
|
||||
import com.google.gerrit.server.config.ConfigUtil;
|
||||
import com.google.gerrit.server.config.GerritServerConfig;
|
||||
import com.google.gerrit.util.ssl.BlindSSLSocketFactory;
|
||||
@@ -47,7 +46,8 @@ import javax.naming.directory.InitialDirContext;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
|
||||
@Singleton class Helper {
|
||||
private final GroupCache groupCache;
|
||||
static final String LDAP_UUID = "ldap:";
|
||||
|
||||
private final Config config;
|
||||
private final String server;
|
||||
private final String username;
|
||||
@@ -58,8 +58,7 @@ import javax.net.ssl.SSLSocketFactory;
|
||||
private final String readTimeOutMillis;
|
||||
|
||||
@Inject
|
||||
Helper(@GerritServerConfig final Config config, final GroupCache groupCache) {
|
||||
this.groupCache = groupCache;
|
||||
Helper(@GerritServerConfig final Config config) {
|
||||
this.config = config;
|
||||
this.server = LdapRealm.required(config, "server");
|
||||
this.username = LdapRealm.optional(config, "username");
|
||||
@@ -195,12 +194,7 @@ import javax.net.ssl.SSLSocketFactory;
|
||||
|
||||
final Set<AccountGroup.UUID> actual = new HashSet<AccountGroup.UUID>();
|
||||
for (String dn : groupDNs) {
|
||||
for (AccountGroup group : groupCache
|
||||
.get(new AccountGroup.ExternalNameKey(dn))) {
|
||||
if (group.getType() == AccountGroup.Type.LDAP) {
|
||||
actual.add(group.getGroupUUID());
|
||||
}
|
||||
}
|
||||
actual.add(new AccountGroup.UUID(LDAP_UUID + dn));
|
||||
}
|
||||
|
||||
if (actual.isEmpty()) {
|
||||
|
||||
@@ -35,7 +35,6 @@ import com.google.gerrit.server.account.GroupMembership;
|
||||
import com.google.gerrit.server.account.MaterializedGroupMembership;
|
||||
import com.google.gerrit.server.account.Realm;
|
||||
import com.google.gerrit.server.auth.AuthenticationUnavailableException;
|
||||
import com.google.gerrit.server.auth.ldap.Helper.LdapSchema;
|
||||
import com.google.gerrit.server.config.AuthConfig;
|
||||
import com.google.gerrit.server.config.ConfigUtil;
|
||||
import com.google.gerrit.server.config.GerritServerConfig;
|
||||
@@ -67,7 +66,6 @@ class LdapRealm implements Realm {
|
||||
static final Logger log = LoggerFactory.getLogger(LdapRealm.class);
|
||||
static final String LDAP = "com.sun.jndi.ldap.LdapCtxFactory";
|
||||
static final String USERNAME = "username";
|
||||
private static final String GROUPNAME = "groupname";
|
||||
|
||||
private final Helper helper;
|
||||
private final AuthConfig authConfig;
|
||||
@@ -191,6 +189,7 @@ class LdapRealm implements Realm {
|
||||
return r.isEmpty() ? null : r;
|
||||
}
|
||||
|
||||
@Override
|
||||
public AuthRequest authenticate(final AuthRequest who)
|
||||
throws AccountException {
|
||||
if (config.getBoolean("ldap", "localUsernameToLowerCase", false)) {
|
||||
@@ -308,40 +307,6 @@ class LdapRealm implements Realm {
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<AccountGroup.ExternalNameKey> lookupGroups(String name) {
|
||||
final Set<AccountGroup.ExternalNameKey> out;
|
||||
final Map<String, String> params = Collections.<String, String> emptyMap();
|
||||
|
||||
out = new HashSet<AccountGroup.ExternalNameKey>();
|
||||
try {
|
||||
final DirContext ctx = helper.open();
|
||||
try {
|
||||
final LdapSchema schema = helper.getSchema(ctx);
|
||||
final ParameterizedString filter =
|
||||
ParameterizedString.asis(schema.groupPattern
|
||||
.replace(GROUPNAME, name).toString());
|
||||
for (String groupBase : schema.groupBases) {
|
||||
final LdapQuery query =
|
||||
new LdapQuery(groupBase, schema.groupScope, filter, Collections
|
||||
.<String> emptySet());
|
||||
for (LdapQuery.Result res : query.query(ctx, params)) {
|
||||
out.add(new AccountGroup.ExternalNameKey(res.getDN()));
|
||||
}
|
||||
}
|
||||
} finally {
|
||||
try {
|
||||
ctx.close();
|
||||
} catch (NamingException e) {
|
||||
log.warn("Cannot close LDAP query handle", e);
|
||||
}
|
||||
}
|
||||
} catch (NamingException e) {
|
||||
log.warn("Cannot query LDAP for groups matching requested name", e);
|
||||
}
|
||||
return out;
|
||||
}
|
||||
|
||||
static class UserLoader extends CacheLoader<String, Optional<Account.Id>> {
|
||||
private final SchemaFactory<ReviewDb> schema;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user