diff options
author | Endi S. Dewata <edewata@redhat.com> | 2014-05-05 16:05:28 -0400 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2014-05-08 22:59:31 -0400 |
commit | 4448fb5f16af237f6e9a04d545f515d7726c4618 (patch) | |
tree | 30dbc6b4c363f002bace25acfa862da13bc313ce /base/server/cmscore/src | |
parent | 47724f3c91e124f1856e4b4f3bbd0068d6ca6ff6 (diff) | |
download | pki-4448fb5f16af237f6e9a04d545f515d7726c4618.tar.gz pki-4448fb5f16af237f6e9a04d545f515d7726c4618.tar.xz pki-4448fb5f16af237f6e9a04d545f515d7726c4618.zip |
Added filter to UserService.findUserMemberships().
The UserService.findUserMemberships() has been modified to accept
an additional parameter to filter the groups in which the user
is a member. The CLI has been updated accordingly.
Ticket #920
Diffstat (limited to 'base/server/cmscore/src')
-rw-r--r-- | base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java | 30 |
1 files changed, 24 insertions, 6 deletions
diff --git a/base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java b/base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java index 5d7d773fd..245115e75 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java +++ b/base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java @@ -1421,34 +1421,52 @@ public final class UGSubsystem implements IUGSubsystem { return null; } - public Enumeration<IGroup> findGroupsByUser(String userDn) throws EUsrGrpException { + public Enumeration<IGroup> findGroupsByUser(String userDn, String filter) throws EUsrGrpException { + if (userDn == null) { return null; } + // search groups where the user is a member + String ldapFilter = "(&(objectclass=groupofuniquenames)(uniqueMember=" + LDAPUtil.escapeFilter(userDn) + ")"; + + if (!StringUtils.isEmpty(filter)) { + // combine search filter if specified + filter = LDAPUtil.escapeFilter(filter); + ldapFilter += "(cn=*" + filter + "*)"; + } + + ldapFilter += ")"; + LDAPConnection ldapconn = null; try { String attrs[] = new String[2]; - attrs[0] = "cn"; attrs[1] = "description"; ldapconn = getConn(); - LDAPSearchResults res = - ldapconn.search(getGroupBaseDN(), LDAPv2.SCOPE_SUB, - "(&(objectclass=groupofuniquenames)(uniqueMember=" + LDAPUtil.escapeFilter(userDn) + "))", - attrs, false); + + LDAPSearchResults res = ldapconn.search( + getGroupBaseDN(), + LDAPv2.SCOPE_ONE, + ldapFilter, + attrs, + false); return buildGroups(res); + } catch (LDAPException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LIST_GROUPS", e.toString())); + } catch (ELdapException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LIST_GROUPS", e.toString())); + } finally { if (ldapconn != null) returnConn(ldapconn); } + return null; } |