Replaced filter in UGSubsystem.findUsers().

The findUsers() method in UGSubsystem has been modified to search additional attributes in the user database. This method is only used by the UserService, so the impact is limited to user-find CLI command in all subsystems and TPS UI. Ticket #920
author: Endi S. Dewata <edewata@redhat.com> 2014-04-30 11:50:21 -0400
committer: Endi S. Dewata <edewata@redhat.com> 2014-05-05 14:59:49 -0400
commit: b2d2cbaa9123f021de229e3f249378e22e91a18b (patch)
tree: e3bb49380e74bcfb8d3362a341a34511c5380555 /base/server/cmscore/src/com/netscape/cmscore/usrgrp
parent: f79297ea22cbe880863cfa77dafc99a09eb923ef (diff)
download: pki-b2d2cbaa9123f021de229e3f249378e22e91a18b.tar.gz
pki-b2d2cbaa9123f021de229e3f249378e22e91a18b.tar.xz
pki-b2d2cbaa9123f021de229e3f249378e22e91a18b.zip
1 files changed, 22 insertions, 5 deletions
diff --git a/base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java b/base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
index 0bdea6319..ea6149d1a 100644
--- a/base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
+++ b/base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
@@ -38,6 +38,8 @@ import netscape.ldap.LDAPSearchResults;
 import netscape.ldap.LDAPv2;
 import netscape.security.x509.X509CertImpl;
 
+import org.apache.commons.lang.StringUtils;
+
 import com.netscape.certsrv.apps.CMS;
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.IConfigStore;
@@ -328,25 +330,40 @@ public final class UGSubsystem implements IUGSubsystem {
      * Searchs for identities that matches the filter.
      */
     public Enumeration<IUser> findUsers(String filter) throws EUsrGrpException {
-        if (filter == null) {
-            return null;
+
+        String ldapFilter;
+        if (StringUtils.isEmpty(filter)) {
+            ldapFilter = "(uid=*)";
+
+        } else {
+            filter = LDAPUtil.escapeFilter(filter);
+            ldapFilter = "(|(uid=*" + filter + "*)(cn=*" + filter + "*)(mail=*" + filter + "*))";
         }
 
         LDAPConnection ldapconn = null;
 
         try {
             ldapconn = getConn();
-            LDAPSearchResults res = ldapconn.search(getUserBaseDN(),
-                    LDAPv2.SCOPE_SUB, "(uid=" + filter + ")",
-                    null, false);
 
+            // use one-level search to search users in flat tree
+            LDAPSearchResults res = ldapconn.search(
+                    getUserBaseDN(),
+                    LDAPv2.SCOPE_ONE,
+                    ldapFilter,
+                    null,
+                    false);
+
+            // throw EUsrGrpException if result is empty
             Enumeration<IUser> e = buildUsers(res);
 
             return e;
+
         } catch (LDAPException e) {
             log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USERS", e.toString()));
+
         } catch (ELdapException e) {
             log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USERS", e.toString()));
+
         } finally {
             if (ldapconn != null)
                 returnConn(ldapconn);
author	Endi S. Dewata <edewata@redhat.com>	2014-04-30 11:50:21 -0400
committer	Endi S. Dewata <edewata@redhat.com>	2014-05-05 14:59:49 -0400
commit	b2d2cbaa9123f021de229e3f249378e22e91a18b (patch)
tree	e3bb49380e74bcfb8d3362a341a34511c5380555 /base/server/cmscore/src/com/netscape/cmscore/usrgrp
parent	f79297ea22cbe880863cfa77dafc99a09eb923ef (diff)
download	pki-b2d2cbaa9123f021de229e3f249378e22e91a18b.tar.gz pki-b2d2cbaa9123f021de229e3f249378e22e91a18b.tar.xz pki-b2d2cbaa9123f021de229e3f249378e22e91a18b.zip