This is an automated email from the ASF dual-hosted git repository. btellier pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/james-project.git
commit 2fb75fc636d39802f781725b8ded3143a23f70e1 Author: Benoit Tellier <[email protected]> AuthorDate: Thu Jun 10 10:47:17 2021 +0700 JAMES-3594 Group restrictions should use connection pooling --- .../user/ldap/ReadOnlyLDAPGroupRestriction.java | 3 +- .../james/user/ldap/ReadOnlyLDAPUsersDAO.java | 62 +++++++++------------- 2 files changed, 28 insertions(+), 37 deletions(-) diff --git a/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPGroupRestriction.java b/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPGroupRestriction.java index 9123f65..d9023b7 100644 --- a/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPGroupRestriction.java +++ b/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPGroupRestriction.java @@ -31,6 +31,7 @@ import org.apache.commons.configuration2.tree.ImmutableNode; import com.github.steveash.guavate.Guavate; import com.unboundid.ldap.sdk.LDAPConnection; +import com.unboundid.ldap.sdk.LDAPConnectionPool; import com.unboundid.ldap.sdk.LDAPException; import com.unboundid.ldap.sdk.SearchResultEntry; @@ -113,7 +114,7 @@ public class ReadOnlyLDAPGroupRestriction { * * @return Returns a map of groupDNs to userDN lists. */ - protected Map<String, Collection<String>> getGroupMembershipLists(LDAPConnection connection) throws LDAPException { + protected Map<String, Collection<String>> getGroupMembershipLists(LDAPConnectionPool connection) throws LDAPException { Map<String, Collection<String>> result = new HashMap<>(); for (String groupDN : groupDNs) { diff --git a/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPUsersDAO.java b/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPUsersDAO.java index f1c1819..81b8375 100644 --- a/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPUsersDAO.java +++ b/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyLDAPUsersDAO.java @@ -226,30 +226,25 @@ public class ReadOnlyLDAPUsersDAO implements UsersDAO, Configurable { } private ReadOnlyLDAPUser searchAndBuildUser(Username name) throws LDAPException { - LDAPConnection connection = ldapConnectionPool.getConnection(); - try { - SearchResult searchResult = connection.search(ldapConfiguration.getUserBase(), - SearchScope.SUB, - createFilter(name.asString()), - ldapConfiguration.getUserIdAttribute()); - - SearchResultEntry result = searchResult.getSearchEntries() - .stream() - .findFirst() - .orElse(null); - if (result == null) { - return null; - } - - if (!ldapConfiguration.getRestriction().isActivated() - || userInGroupsMembershipList(result.getDN(), ldapConfiguration.getRestriction().getGroupMembershipLists(connection))) { + SearchResult searchResult = ldapConnectionPool.search(ldapConfiguration.getUserBase(), + SearchScope.SUB, + createFilter(name.asString()), + ldapConfiguration.getUserIdAttribute()); - return new ReadOnlyLDAPUser(name, result.getDN(), ldapConnectionPool, ldapConfiguration); - } + SearchResultEntry result = searchResult.getSearchEntries() + .stream() + .findFirst() + .orElse(null); + if (result == null) { return null; - } finally { - ldapConnectionPool.releaseConnection(connection); } + + if (!ldapConfiguration.getRestriction().isActivated() + || userInGroupsMembershipList(result.getDN(), ldapConfiguration.getRestriction().getGroupMembershipLists(ldapConnectionPool))) { + + return new ReadOnlyLDAPUser(name, result.getDN(), ldapConnectionPool, ldapConfiguration); + } + return null; } private Optional<ReadOnlyLDAPUser> buildUser(String userDN) throws LDAPException { @@ -346,22 +341,17 @@ public class ReadOnlyLDAPUsersDAO implements UsersDAO, Configurable { Set<String> userDNs = getAllUsersDNFromLDAP(); Collection<String> validUserDNs; if (ldapConfiguration.getRestriction().isActivated()) { - final LDAPConnection connection = ldapConnectionPool.getConnection(); - try { - Map<String, Collection<String>> groupMembershipList = ldapConfiguration.getRestriction() - .getGroupMembershipLists(connection); - validUserDNs = new ArrayList<>(); - - Iterator<String> userDNIterator = userDNs.iterator(); - String userDN; - while (userDNIterator.hasNext()) { - userDN = userDNIterator.next(); - if (userInGroupsMembershipList(userDN, groupMembershipList)) { - validUserDNs.add(userDN); - } + Map<String, Collection<String>> groupMembershipList = ldapConfiguration.getRestriction() + .getGroupMembershipLists(ldapConnectionPool); + validUserDNs = new ArrayList<>(); + + Iterator<String> userDNIterator = userDNs.iterator(); + String userDN; + while (userDNIterator.hasNext()) { + userDN = userDNIterator.next(); + if (userInGroupsMembershipList(userDN, groupMembershipList)) { + validUserDNs.add(userDN); } - } finally { - ldapConnectionPool.releaseConnection(connection); } } else { validUserDNs = userDNs; --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
