Replace filter in UGSubsystem.listGroups().

The UGSubsystem.listGroups() has been modified to generate an
LDAP filter from a keyword. The filter itself cannot contain
wildcards. The wildcard will be added in listGroups(). In the
future the filter will be made configurable to allow searching
different attributes.

Ticket #920

1 files changed, 23 insertions, 10 deletions

diff --git a/base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java b/base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
index ea6149d1a..5d7d773fd 100644
--- a/base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
+++ b/base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
@@ -1378,33 +1378,46 @@ public final class UGSubsystem implements IUGSubsystem {
      * group names and description.
      */
     public Enumeration<IGroup> listGroups(String filter) throws EUsrGrpException {
+
+        String ldapFilter;
+
         if (filter == null) {
-            return null;
+            ldapFilter = "(objectclass=groupofuniquenames)";
+
+        } else {
+            filter = LDAPUtil.escapeFilter(filter);
+            ldapFilter = "(&(objectclass=groupofuniquenames)(cn=*" + filter + "*))";
         }
 
+        String attrs[] = new String[2];
+        attrs[0] = "cn";
+        attrs[1] = "description";
+
         LDAPConnection ldapconn = null;
 
         try {
-            String attrs[] = new String[2];
-
-            attrs[0] = "cn";
-            attrs[1] = "description";
-
             ldapconn = getConn();
-            LDAPSearchResults res =
-                    ldapconn.search(getGroupBaseDN(), LDAPv2.SCOPE_SUB,
-                            "(&(objectclass=groupofuniquenames)(cn=" + filter + "))",
-                            attrs, false);
+            LDAPSearchResults res = ldapconn.search(
+                    getGroupBaseDN(),
+                    LDAPv2.SCOPE_ONE,
+                    ldapFilter,
+                    attrs,
+                    false);
 
+            // doesn't throw exception if result is empty
             return buildGroups(res);
+
         } catch (LDAPException e) {
             log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LIST_GROUPS", e.toString()));
+
         } catch (ELdapException e) {
             log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LIST_GROUPS", e.toString()));
+
         } finally {
             if (ldapconn != null)
                 returnConn(ldapconn);
         }
+
         return null;
     }