Repository: james-project Updated Branches: refs/heads/master 42b574dcb -> d54953523
JAMES-1930 Introduce administratorId configuration option to UsersRepository Project: http://git-wip-us.apache.org/repos/asf/james-project/repo Commit: http://git-wip-us.apache.org/repos/asf/james-project/commit/dfb28bd0 Tree: http://git-wip-us.apache.org/repos/asf/james-project/tree/dfb28bd0 Diff: http://git-wip-us.apache.org/repos/asf/james-project/diff/dfb28bd0 Branch: refs/heads/master Commit: dfb28bd07b19951facc214bfcca210cdf1b081cc Parents: 42b574d Author: Raphael Ouazana <[email protected]> Authored: Wed Feb 8 15:34:48 2017 +0100 Committer: Antoine Duprat <[email protected]> Committed: Tue Feb 14 09:16:55 2017 +0100 ---------------------------------------------------------------------- .../apache/james/user/api/UsersRepository.java | 5 ++++ .../user/ldap/ReadOnlyUsersLDAPRepository.java | 21 ++++++++++++++++ .../james/user/lib/AbstractUsersRepository.java | 17 +++++++++++++ .../user/lib/AbstractUsersRepositoryTest.java | 25 ++++++++++++++++++++ 4 files changed, 68 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/james-project/blob/dfb28bd0/server/data/data-api/src/main/java/org/apache/james/user/api/UsersRepository.java ---------------------------------------------------------------------- diff --git a/server/data/data-api/src/main/java/org/apache/james/user/api/UsersRepository.java b/server/data/data-api/src/main/java/org/apache/james/user/api/UsersRepository.java index 666fdd7..ea02cc3 100644 --- a/server/data/data-api/src/main/java/org/apache/james/user/api/UsersRepository.java +++ b/server/data/data-api/src/main/java/org/apache/james/user/api/UsersRepository.java @@ -136,5 +136,10 @@ public interface UsersRepository { * @throws UsersRepositoryException */ String getUser(MailAddress mailAddress) throws UsersRepositoryException; + + /** + * Return true if the user is an admin for this repository + */ + boolean isAdministrator(String username) throws UsersRepositoryException; } http://git-wip-us.apache.org/repos/asf/james-project/blob/dfb28bd0/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyUsersLDAPRepository.java ---------------------------------------------------------------------- diff --git a/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyUsersLDAPRepository.java b/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyUsersLDAPRepository.java index 6e07236..cc9eeb2 100644 --- a/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyUsersLDAPRepository.java +++ b/server/data/data-ldap/src/main/java/org/apache/james/user/ldap/ReadOnlyUsersLDAPRepository.java @@ -54,6 +54,8 @@ import org.apache.james.util.retry.naming.ldap.RetryingLdapContext; import org.apache.mailet.MailAddress; import org.slf4j.Logger; +import com.google.common.base.Optional; + /** * <p> * This repository implementation serves as a bridge between Apache James and @@ -91,6 +93,7 @@ import org.slf4j.Logger; * retryStartInterval="0" * retryMaxInterval="30" * retryIntervalScale="1000" + * administratorId="ldapAdmin" * </users-store> * </pre> * @@ -213,6 +216,9 @@ import org.slf4j.Logger; * <b>readTimeout:</b> (optional) Sets property * <code>com.sun.jndi.ldap.read.timeout</code> to the specified integer value. * Applicable to Java 6 and above. + * <li> + * <b>administratorId:</b> (optional) User identifier of the administrator user. + * The administrator user is allowed to authenticate as other users. * </ul> * * @see ReadOnlyLDAPUser @@ -295,6 +301,12 @@ public class ReadOnlyUsersLDAPRepository implements UsersRepository, Configurabl */ private LdapContext ldapContext; private boolean supportsVirtualHosting; + + /** + * UserId of the administrator + * The administrator is allowed to log in as other users + */ + private Optional<String> administratorId; // Use a connection pool. Default is true. private boolean useConnectionPool = true; @@ -366,6 +378,7 @@ public class ReadOnlyUsersLDAPRepository implements UsersRepository, Configurabl //see if there is a filter argument filter = configuration.getString("[@filter]"); + administratorId = Optional.fromNullable(configuration.getString("[@administratorId]")); } /** @@ -770,4 +783,12 @@ public class ReadOnlyUsersLDAPRepository implements UsersRepository, Configurabl public String getUser(MailAddress mailAddress) throws UsersRepositoryException { return mailAddress.getLocalPart(); } + + @Override + public boolean isAdministrator(String username) throws UsersRepositoryException { + if (administratorId.isPresent()) { + return administratorId.get().equals(username); + } + return false; + } } http://git-wip-us.apache.org/repos/asf/james-project/blob/dfb28bd0/server/data/data-library/src/main/java/org/apache/james/user/lib/AbstractUsersRepository.java ---------------------------------------------------------------------- diff --git a/server/data/data-library/src/main/java/org/apache/james/user/lib/AbstractUsersRepository.java b/server/data/data-library/src/main/java/org/apache/james/user/lib/AbstractUsersRepository.java index 287c482..f0651fe 100644 --- a/server/data/data-library/src/main/java/org/apache/james/user/lib/AbstractUsersRepository.java +++ b/server/data/data-library/src/main/java/org/apache/james/user/lib/AbstractUsersRepository.java @@ -33,11 +33,15 @@ import org.apache.james.user.api.UsersRepositoryException; import org.apache.mailet.MailAddress; import org.slf4j.Logger; +import com.google.common.annotations.VisibleForTesting; +import com.google.common.base.Optional; + public abstract class AbstractUsersRepository implements UsersRepository, LogEnabled, Configurable { private DomainList domainList; private boolean virtualHosting; private Logger logger; + private Optional<String> administratorId; protected Logger getLogger() { return logger; @@ -57,6 +61,7 @@ public abstract class AbstractUsersRepository implements UsersRepository, LogEna public void configure(HierarchicalConfiguration configuration) throws ConfigurationException { virtualHosting = configuration.getBoolean("enableVirtualHosting", getDefaultVirtualHostingValue()); + administratorId = Optional.fromNullable(configuration.getString("administratorId")); doConfigure(configuration); } @@ -142,4 +147,16 @@ public abstract class AbstractUsersRepository implements UsersRepository, LogEna return mailAddress.getLocalPart(); } } + + @VisibleForTesting void setAdministratorId(Optional<String> username) { + this.administratorId = username; + } + + @Override + public boolean isAdministrator(String username) throws UsersRepositoryException { + if (administratorId.isPresent()) { + return administratorId.get().equals(username); + } + return false; + } } http://git-wip-us.apache.org/repos/asf/james-project/blob/dfb28bd0/server/data/data-library/src/test/java/org/apache/james/user/lib/AbstractUsersRepositoryTest.java ---------------------------------------------------------------------- diff --git a/server/data/data-library/src/test/java/org/apache/james/user/lib/AbstractUsersRepositoryTest.java b/server/data/data-library/src/test/java/org/apache/james/user/lib/AbstractUsersRepositoryTest.java index a4908a8..2007354 100644 --- a/server/data/data-library/src/test/java/org/apache/james/user/lib/AbstractUsersRepositoryTest.java +++ b/server/data/data-library/src/test/java/org/apache/james/user/lib/AbstractUsersRepositoryTest.java @@ -34,6 +34,8 @@ import org.junit.Assume; import org.junit.Before; import org.junit.Test; +import com.google.common.base.Optional; + public abstract class AbstractUsersRepositoryTest { @@ -52,6 +54,7 @@ public abstract class AbstractUsersRepositoryTest { private String user1; private String user2; private String user3; + private String admin; @Before public void setUp() throws Exception { @@ -62,6 +65,7 @@ public abstract class AbstractUsersRepositoryTest { user1 = login("username"); user2 = login("username2"); user3 = login("username3"); + admin = login("admin"); } @After @@ -324,4 +328,25 @@ public abstract class AbstractUsersRepositoryTest { protected void disposeUsersRepository() throws UsersRepositoryException { LifecycleUtil.dispose(this.usersRepository); } + + @Test + public void isAdministratorShouldReturnFalseWhenNotConfigured() throws Exception { + usersRepository.setAdministratorId(Optional.<String>absent()); + + assertThat(usersRepository.isAdministrator(admin)).isFalse(); + } + + @Test + public void isAdministratorShouldReturnTrueWhenConfiguredAndUserIsAdmin() throws Exception { + usersRepository.setAdministratorId(Optional.of(admin)); + + assertThat(usersRepository.isAdministrator(admin)).isTrue(); + } + + @Test + public void isAdministratorShouldReturnFalseWhenConfiguredAndUserIsNotAdmin() throws Exception { + usersRepository.setAdministratorId(Optional.of(admin)); + + assertThat(usersRepository.isAdministrator(user1)).isFalse(); + } } --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
