/** * Returns a query for checking whether specified user is a member of specified group. * * The query requires {@value HiveConf#HIVE_SERVER2_AUTHENTICATION_LDAP_USERMEMBERSHIPKEY_NAME} * Hive configuration property to be set. * * @param userId user unique identifier * @param groupDn group DN * @return an instance of {@link Query} * @see HiveConf.ConfVars#HIVE_SERVER2_PLAIN_LDAP_USERMEMBERSHIP_KEY * @throws NullPointerException when * {@value HiveConf#HIVE_SERVER2_AUTHENTICATION_LDAP_USERMEMBERSHIPKEY_NAME} is not set. */ public Query isUserMemberOfGroup(String userId, String groupDn) { Preconditions.checkState(!Strings.isNullOrEmpty(userMembershipAttr), "hive.server2.authentication.ldap.userMembershipKey is not configured."); return Query.builder() .filter("(&(|<classes:{ class |(objectClass=<class>)}>)" + "(<userMembershipAttr>=<groupDn>)(<guidAttr>=<userId>))") .map("classes", USER_OBJECT_CLASSES) .map("guidAttr", guidAttr) .map("userMembershipAttr", userMembershipAttr) .map("userId", userId) .map("groupDn", groupDn) .limit(2) .build(); }
/** * Returns a query for checking whether specified user is a member of specified group. * * The query requires {@value HiveConf#HIVE_SERVER2_AUTHENTICATION_LDAP_USERMEMBERSHIPKEY_NAME} * Hive configuration property to be set. * * @param userId user unique identifier * @param groupDn group DN * @return an instance of {@link Query} * @see HiveConf.ConfVars#HIVE_SERVER2_PLAIN_LDAP_USERMEMBERSHIP_KEY * @throws NullPointerException when * {@value HiveConf#HIVE_SERVER2_AUTHENTICATION_LDAP_USERMEMBERSHIPKEY_NAME} is not set. */ public Query isUserMemberOfGroup(String userId, String groupDn) { Preconditions.checkState(!Strings.isNullOrEmpty(userMembershipAttr), "hive.server2.authentication.ldap.userMembershipKey is not configured."); return Query.builder() .filter("(&(|<classes:{ class |(objectClass=<class>)}>)" + "(<userMembershipAttr>=<groupDn>)(<guidAttr>=<userId>))") .map("classes", USER_OBJECT_CLASSES) .map("guidAttr", guidAttr) .map("userMembershipAttr", userMembershipAttr) .map("userId", userId) .map("groupDn", groupDn) .limit(2) .build(); }
/** * Returns a query for finding user DN based on DN pattern. * <br> * Name of this method was derived from the original implementation of LDAP authentication. * This method should be replaced by {@link QueryFactory#findUserDnByRdn(java.lang.String). * * @param rdn user RDN * @return an instance of {@link Query} */ public Query findDnByPattern(String rdn) { return Query.builder() .filter("(<rdn>)") .map("rdn", rdn) .limit(2) .build(); }
/** * Returns a query for finding user DN based on user RDN. * @param userRdn user RDN * @return an instance of {@link Query} */ public Query findUserDnByRdn(String userRdn) { return Query.builder() .filter("(&(|<classes:{ class |(objectClass=<class>)}>)" + "(<userRdn>))") .limit(2) .map("classes", USER_OBJECT_CLASSES) .map("userRdn", userRdn) .build(); }
/** * Returns a query for finding Group DN based on group unique ID. * @param groupId group unique identifier * @return an instance of {@link Query} */ public Query findGroupDnById(String groupId) { return Query.builder() .filter("(&(objectClass=<groupClassAttr>)(<guidAttr>=<groupID>))") .map("guidAttr", guidAttr) .map("groupClassAttr", groupClassAttr) .map("groupID", groupId) .limit(2) .build(); }
/** * Returns a query for finding user DN based on user unique name. * @param userName user unique name (uid or sAMAccountName) * @return an instance of {@link Query} */ public Query findUserDnByName(String userName) { return Query.builder() .filter("(&(|<classes:{ class |(objectClass=<class>)}>)" + "(|(uid=<userName>)(sAMAccountName=<userName>)))") .map("classes", USER_OBJECT_CLASSES) .map("userName", userName) .limit(2) .build(); }
/** * Returns a query for finding user DN based on DN pattern. * <br> * Name of this method was derived from the original implementation of LDAP authentication. * This method should be replaced by {@link QueryFactory#findUserDnByRdn(java.lang.String). * * @param rdn user RDN * @return an instance of {@link Query} */ public Query findDnByPattern(String rdn) { return Query.builder() .filter("(<rdn>)") .map("rdn", rdn) .limit(2) .build(); }
/** * Returns a query for finding user DN based on user RDN. * @param userRdn user RDN * @return an instance of {@link Query} */ public Query findUserDnByRdn(String userRdn) { return Query.builder() .filter("(&(|<classes:{ class |(objectClass=<class>)}>)" + "(<userRdn>))") .limit(2) .map("classes", USER_OBJECT_CLASSES) .map("userRdn", userRdn) .build(); }
/** * Returns a query for finding user DN based on user unique name. * @param userName user unique name (uid or sAMAccountName) * @return an instance of {@link Query} */ public Query findUserDnByName(String userName) { return Query.builder() .filter("(&(|<classes:{ class |(objectClass=<class>)}>)" + "(|(uid=<userName>)(sAMAccountName=<userName>)))") .map("classes", USER_OBJECT_CLASSES) .map("userName", userName) .limit(2) .build(); }
/** * Returns a query for finding Group DN based on group unique ID. * @param groupId group unique identifier * @return an instance of {@link Query} */ public Query findGroupDnById(String groupId) { return Query.builder() .filter("(&(objectClass=<groupClassAttr>)(<guidAttr>=<groupID>))") .map("guidAttr", guidAttr) .map("groupClassAttr", groupClassAttr) .map("groupID", groupId) .limit(2) .build(); }
@Test public void testQueryBuilderLimit() { Query q = Query.builder() .filter("<key1>,<key2>") .map("key1", "value1") .map("key2", "value2") .limit(8) .build(); assertEquals("value1,value2", q.getFilter()); assertEquals(8, q.getControls().getCountLimit()); }