Replace filter in UGSubsystem.listGroups().

The UGSubsystem.listGroups() has been modified to generate an
LDAP filter from a keyword. The filter itself cannot contain
wildcards. The wildcard will be added in listGroups(). In the
future the filter will be made configurable to allow searching
different attributes.

Ticket #920

4 files changed, 29 insertions, 15 deletions

diff --git a/base/server/cms/src/com/netscape/cms/servlet/admin/GroupMemberProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/admin/GroupMemberProcessor.java
index ff56c2139..78f602acd 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/admin/GroupMemberProcessor.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/admin/GroupMemberProcessor.java
@@ -300,7 +300,7 @@ public class GroupMemberProcessor extends Processor {
         }
 
         try {
-            Enumeration<IGroup> groups = userGroupManager.listGroups("*");
+            Enumeration<IGroup> groups = userGroupManager.listGroups(null);
             while (groups.hasMoreElements()) {
                 IGroup group = groups.nextElement();
                 String name = group.getName();
diff --git a/base/server/cms/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java b/base/server/cms/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java
index c4eed9068..836369bc4 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java
@@ -555,7 +555,7 @@ public class UsrGrpAdminServlet extends AdminServlet {
         Enumeration<IGroup> e = null;
 
         try {
-            e = mMgr.listGroups("*");
+            e = mMgr.listGroups(null);
         } catch (Exception ex) {
             ex.printStackTrace();
             sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp);
@@ -2068,6 +2068,9 @@ public class UsrGrpAdminServlet extends AdminServlet {
         return false;
     }
 
+    /**
+     * TODO: replace this with GroupMemberProcessor.isDuplicate()
+     */
     private boolean isDuplicate(String groupName, String memberName) {
         Enumeration<IGroup> groups = null;
 
@@ -2082,7 +2085,7 @@ public class UsrGrpAdminServlet extends AdminServlet {
             return false;
         }
         try {
-            groups = mMgr.listGroups("*");
+            groups = mMgr.listGroups(null);
             while (groups.hasMoreElements()) {
                 IGroup group = groups.nextElement();
                 String name = group.getName();
diff --git a/base/server/cms/src/org/dogtagpki/server/rest/GroupService.java b/base/server/cms/src/org/dogtagpki/server/rest/GroupService.java
index 365326315..fdfbbd966 100644
--- a/base/server/cms/src/org/dogtagpki/server/rest/GroupService.java
+++ b/base/server/cms/src/org/dogtagpki/server/rest/GroupService.java
@@ -51,7 +51,6 @@ import com.netscape.certsrv.usrgrp.IGroup;
 import com.netscape.certsrv.usrgrp.IUGSubsystem;
 import com.netscape.cms.servlet.admin.GroupMemberProcessor;
 import com.netscape.cms.servlet.base.PKIService;
-import com.netscape.cmsutil.ldap.LDAPUtil;
 
 /**
  * @author Endi S. Dewata
@@ -104,7 +103,6 @@ public class GroupService extends PKIService implements GroupResource {
     @Override
     public Response findGroups(String filter, Integer start, Integer size) {
         try {
-            filter = StringUtils.isEmpty(filter) ? "*" : "*"+LDAPUtil.escapeFilter(filter)+"*";
             start = start == null ? 0 : start;
             size = size == null ? DEFAULT_SIZE : size;
 
diff --git a/base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java b/base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
index ea6149d1a..5d7d773fd 100644
--- a/base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
+++ b/base/server/cmscore/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
@@ -1378,33 +1378,46 @@ public final class UGSubsystem implements IUGSubsystem {
      * group names and description.
      */
     public Enumeration<IGroup> listGroups(String filter) throws EUsrGrpException {
+
+        String ldapFilter;
+
         if (filter == null) {
-            return null;
+            ldapFilter = "(objectclass=groupofuniquenames)";
+
+        } else {
+            filter = LDAPUtil.escapeFilter(filter);
+            ldapFilter = "(&(objectclass=groupofuniquenames)(cn=*" + filter + "*))";
         }
 
+        String attrs[] = new String[2];
+        attrs[0] = "cn";
+        attrs[1] = "description";
+
         LDAPConnection ldapconn = null;
 
         try {
-            String attrs[] = new String[2];
-
-            attrs[0] = "cn";
-            attrs[1] = "description";
-
             ldapconn = getConn();
-            LDAPSearchResults res =
-                    ldapconn.search(getGroupBaseDN(), LDAPv2.SCOPE_SUB,
-                            "(&(objectclass=groupofuniquenames)(cn=" + filter + "))",
-                            attrs, false);
+            LDAPSearchResults res = ldapconn.search(
+                    getGroupBaseDN(),
+                    LDAPv2.SCOPE_ONE,
+                    ldapFilter,
+                    attrs,
+                    false);
 
+            // doesn't throw exception if result is empty
             return buildGroups(res);
+
         } catch (LDAPException e) {
             log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LIST_GROUPS", e.toString()));
+
         } catch (ELdapException e) {
             log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LIST_GROUPS", e.toString()));
+
         } finally {
             if (ldapconn != null)
                 returnConn(ldapconn);
         }
+
         return null;
     }