Merge "Allow LDAP group names to be configurable"

gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/Helper.java

@@ -242,6 +242,7 @@ import javax.net.ssl.SSLSocketFactory;
     final List<String> groupBases;
     final SearchScope groupScope;
     final ParameterizedString groupPattern;
+    final ParameterizedString groupName;
     final List<LdapQuery> groupMemberQueryList;
 
     LdapSchema(final DirContext ctx) {
@@ -257,6 +258,7 @@ import javax.net.ssl.SSLSocketFactory;
       groupBases = LdapRealm.optionalList(config, "groupBase");
       groupScope = LdapRealm.scope(config, "groupScope");
       groupPattern = LdapRealm.paramString(config, "groupPattern", type.groupPattern());
+      groupName = LdapRealm.paramString(config, "groupName", type.groupName());
       final String groupMemberPattern =
           LdapRealm.optdef(config, "groupMemberPattern", type.groupMemberPattern());
 

gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapGroupBackend.java

@@ -41,6 +41,7 @@ import org.slf4j.LoggerFactory;
 
 import java.util.Collection;
 import java.util.Collections;
+import java.util.HashSet;
 import java.util.Map;
 import java.util.Set;
 import java.util.concurrent.ExecutionException;
@@ -81,11 +82,11 @@ public class LdapGroupBackend implements GroupBackend {
     return uuid.get().startsWith(LDAP_UUID);
   }
 
-  private static GroupReference groupReference(LdapQuery.Result res)
-      throws NamingException {
+  private static GroupReference groupReference(ParameterizedString p,
+      LdapQuery.Result res) throws NamingException {
     return new GroupReference(
         new AccountGroup.UUID(LDAP_UUID + res.getDN()),
-        LDAP_NAME + cnFor(res.getDN()));
+        LDAP_NAME + LdapRealm.apply(p, res));
   }
 
   private static String cnFor(String dn) {
@@ -203,13 +204,14 @@ public class LdapGroupBackend implements GroupBackend {
         LdapSchema schema = helper.getSchema(ctx);
         ParameterizedString filter = ParameterizedString.asis(
             schema.groupPattern.replace(GROUPNAME, name).toString());
-        Set<String> returnAttrs = Collections.<String>emptySet();
+        Set<String> returnAttrs =
+            new HashSet<String>(schema.groupName.getParameterNames());
         Map<String, String> params = Collections.emptyMap();
         for (String groupBase : schema.groupBases) {
           LdapQuery query = new LdapQuery(
               groupBase, schema.groupScope, filter, returnAttrs);
           for (LdapQuery.Result res : query.query(ctx, params)) {
-            out.add(groupReference(res));
+            out.add(groupReference(schema.groupName, res));
           }
         }
       } finally {

gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapRealm.java

@@ -167,7 +167,7 @@ class LdapRealm implements Realm {
     return !readOnlyAccountFields.contains(field);
   }
 
-  private static String apply(ParameterizedString p, LdapQuery.Result m)
+  static String apply(ParameterizedString p, LdapQuery.Result m)
       throws NamingException {
     if (p == null) {
       return null;

gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapType.java

@@ -36,6 +36,8 @@ abstract class LdapType {
 
   abstract String groupMemberPattern();
 
+  abstract String groupName();
+
   abstract String accountFullName();
 
   abstract String accountEmailAddress();
@@ -57,6 +59,11 @@ abstract class LdapType {
       return "(memberUid=${username})";
     }
 
+    @Override
+    String groupName() {
+      return "cn";
+    }
+
     @Override
     String accountFullName() {
       return "displayName";
@@ -100,6 +107,11 @@ abstract class LdapType {
       return "(&(objectClass=group)(cn=${groupname}))";
     }
 
+    @Override
+    String groupName() {
+      return "cn";
+    }
+
     @Override
     String groupMemberPattern() {
       return null; // Active Directory uses memberOf in the account