@Test public void testQueryBuilderReturningAttributes() { Query q = Query.builder() .filter("(query)") .returnAttribute("attr1") .returnAttribute("attr2") .build(); assertEquals("(query)", q.getFilter()); assertArrayEquals(new String[] {"attr1", "attr2"}, q.getControls().getReturningAttributes()); } }
/** * Builds an instance of {@link Query}. * @return configured directory service query */ public Query build() { validate(); String filter = createFilter(); updateControls(); return new Query(filter, controls); } }
private SearchResultHandler execute(Collection<String> baseDns, Query query) { List<NamingEnumeration<SearchResult>> searchResults = new ArrayList<>(); LOG.debug("Executing a query: '{}' with base DNs {}.", query.getFilter(), baseDns); for (String aBaseDn : baseDns) { try { NamingEnumeration<SearchResult> searchResult = ctx.search(aBaseDn, query.getFilter(), query.getControls()); if (searchResult != null) { searchResults.add(searchResult); } } catch (NamingException ex) { LOG.debug("Exception happened for query '" + query.getFilter() + "' with base DN '" + aBaseDn + "'", ex); } } return new SearchResultHandler(searchResults); } }
/** * Returns a query object created for the custom filter. * <br> * This query is configured to return a group membership attribute as part of the search result. * @param searchFilter custom search filter * @return an instance of {@link Query} */ public Query customQuery(String searchFilter) { Query.QueryBuilder builder = Query.builder(); builder.filter(searchFilter); if (!Strings.isNullOrEmpty(groupMembershipAttr)) { builder.returnAttribute(groupMembershipAttr); } return builder.build(); } }
@Test public void testFindDnByPattern() { Query q = queries.findDnByPattern("cn=User1"); String expected = "(cn=User1)"; String actual = q.getFilter(); assertEquals(expected, actual); }
/** * Returns a query for finding user DN based on DN pattern. * <br> * Name of this method was derived from the original implementation of LDAP authentication. * This method should be replaced by {@link QueryFactory#findUserDnByRdn(java.lang.String). * * @param rdn user RDN * @return an instance of {@link Query} */ public Query findDnByPattern(String rdn) { return Query.builder() .filter("(<rdn>)") .map("rdn", rdn) .limit(2) .build(); }
private SearchResultHandler execute(Collection<String> baseDns, Query query) { List<NamingEnumeration<SearchResult>> searchResults = new ArrayList<>(); LOG.debug("Executing a query: '{}' with base DNs {}.", query.getFilter(), baseDns); for (String aBaseDn : baseDns) { try { NamingEnumeration<SearchResult> searchResult = ctx.search(aBaseDn, query.getFilter(), query.getControls()); if (searchResult != null) { searchResults.add(searchResult); } } catch (NamingException ex) { LOG.debug("Exception happened for query '" + query.getFilter() + "' with base DN '" + aBaseDn + "'", ex); } } return new SearchResultHandler(searchResults); } }
@Test public void testIsUserMemberOfGroup() { Query q = queries.isUserMemberOfGroup("unique_user", "cn=MyGroup,ou=Groups,dc=mycompany,dc=com"); String expected = "(&(|(objectClass=person)(objectClass=user)(objectClass=inetOrgPerson))" + "(partOf=cn=MyGroup,ou=Groups,dc=mycompany,dc=com)(guid=unique_user))"; String actual = q.getFilter(); assertEquals(expected, actual); }
@Test public void testQueryBuilderFilter() { Query q = Query.builder() .filter("test <uid_attr>=<value> query") .map("uid_attr", "uid") .map("value", "Hello!") .build(); assertEquals("test uid=Hello! query", q.getFilter()); assertEquals(0, q.getControls().getCountLimit()); }
/** * Returns a query for finding user DN based on user unique name. * @param userName user unique name (uid or sAMAccountName) * @return an instance of {@link Query} */ public Query findUserDnByName(String userName) { return Query.builder() .filter("(&(|<classes:{ class |(objectClass=<class>)}>)" + "(|(uid=<userName>)(sAMAccountName=<userName>)))") .map("classes", USER_OBJECT_CLASSES) .map("userName", userName) .limit(2) .build(); }
@Test public void testFindGroupDnById() { Query q = queries.findGroupDnById("unique_group_id"); String expected = "(&(objectClass=superGroups)(guid=unique_group_id))"; String actual = q.getFilter(); assertEquals(expected, actual); }
/** * Builds an instance of {@link Query}. * @return configured directory service query */ public Query build() { validate(); String filter = createFilter(); updateControls(); return new Query(filter, controls); } }
@Test public void testQueryBuilderLimit() { Query q = Query.builder() .filter("<key1>,<key2>") .map("key1", "value1") .map("key2", "value2") .limit(8) .build(); assertEquals("value1,value2", q.getFilter()); assertEquals(8, q.getControls().getCountLimit()); }
/** * Returns a query for finding user DN based on user RDN. * @param userRdn user RDN * @return an instance of {@link Query} */ public Query findUserDnByRdn(String userRdn) { return Query.builder() .filter("(&(|<classes:{ class |(objectClass=<class>)}>)" + "(<userRdn>))") .limit(2) .map("classes", USER_OBJECT_CLASSES) .map("userRdn", userRdn) .build(); }
@Test public void testFindGroupsForUser() { Query q = queries.findGroupsForUser("user_name", "user_Dn"); String expected = "(&(objectClass=superGroups)(|(member=user_Dn)(member=user_name)))"; String actual = q.getFilter(); assertEquals(expected, actual); }
/** * Returns a query for finding Group DN based on group unique ID. * @param groupId group unique identifier * @return an instance of {@link Query} */ public Query findGroupDnById(String groupId) { return Query.builder() .filter("(&(objectClass=<groupClassAttr>)(<guidAttr>=<groupID>))") .map("guidAttr", guidAttr) .map("groupClassAttr", groupClassAttr) .map("groupID", groupId) .limit(2) .build(); }
@Test public void testFindUserDnByRdn() { Query q = queries.findUserDnByRdn("cn=User1"); String expected = "(&(|(objectClass=person)(objectClass=user)(objectClass=inetOrgPerson))(cn=User1))"; String actual = q.getFilter(); assertEquals(expected, actual); }
/** * Returns a query for checking whether specified user is a member of specified group. * * The query requires {@value HiveConf#HIVE_SERVER2_AUTHENTICATION_LDAP_USERMEMBERSHIPKEY_NAME} * Hive configuration property to be set. * * @param userId user unique identifier * @param groupDn group DN * @return an instance of {@link Query} * @see HiveConf.ConfVars#HIVE_SERVER2_PLAIN_LDAP_USERMEMBERSHIP_KEY * @throws NullPointerException when * {@value HiveConf#HIVE_SERVER2_AUTHENTICATION_LDAP_USERMEMBERSHIPKEY_NAME} is not set. */ public Query isUserMemberOfGroup(String userId, String groupDn) { Preconditions.checkState(!Strings.isNullOrEmpty(userMembershipAttr), "hive.server2.authentication.ldap.userMembershipKey is not configured."); return Query.builder() .filter("(&(|<classes:{ class |(objectClass=<class>)}>)" + "(<userMembershipAttr>=<groupDn>)(<guidAttr>=<userId>))") .map("classes", USER_OBJECT_CLASSES) .map("guidAttr", guidAttr) .map("userMembershipAttr", userMembershipAttr) .map("userId", userId) .map("groupDn", groupDn) .limit(2) .build(); }
@Test public void testFindUserDnByName() { Query q = queries.findUserDnByName("unique_user_id"); String expected = "(&(|(objectClass=person)(objectClass=user)(objectClass=inetOrgPerson))(|(uid=unique_user_id)(sAMAccountName=unique_user_id)))"; String actual = q.getFilter(); assertEquals(expected, actual); }
/** * Returns a query for finding groups to which the user belongs. * @param userName username * @param userDn user DN * @return an instance of {@link Query} */ public Query findGroupsForUser(String userName, String userDn) { return Query.builder() .filter("(&(objectClass=<groupClassAttr>)(|(<groupMembershipAttr>=<userDn>)" + "(<groupMembershipAttr>=<userName>)))") .map("groupClassAttr", groupClassAttr) .map("groupMembershipAttr", groupMembershipAttr) .map("userName", userName) .map("userDn", userDn) .build(); }