Added search method which will be used for finding roles.

2006-04-30 21:37:18 +00:00 · 2006-04-30 21:37:18 +00:00 · 0b2be28def
parent 8e5b0a5d5f
commit 0b2be28def
2 changed files with 82 additions and 0 deletions
--- a/core/src/main/java/org/acegisecurity/ldap/LdapTemplate.java
+++ b/core/src/main/java/org/acegisecurity/ldap/LdapTemplate.java
@ -19,12 +19,22 @@ import javax.naming.NamingException;
 import javax.naming.NamingEnumeration;
 import javax.naming.directory.DirContext;
 import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.Attribute;

 import org.springframework.dao.DataAccessException;
 import org.springframework.util.Assert;

+import java.util.Set;
+import java.util.HashSet;
+
 /**
 * LDAP equivalent of the Spring JdbcTemplate class.
+ * <p>
+ * This is mainly intended to simplify Ldap access within Acegi Security's
+ * LDAP-related services.
+ * </p>
 *
 * @author Ben Alex
 * @author Luke Taylor
@ -36,6 +46,8 @@ public class LdapTemplate {
    private InitialDirContextFactory dirContextFactory;
    private String userDn = null;
    private String password = null;
+    /** Default search scope */
+    private int searchScope = SearchControls.SUBTREE_SCOPE;

    public LdapTemplate(InitialDirContextFactory dirContextFactory) {
        Assert.notNull(dirContextFactory, "An InitialDirContextFactory is required");
@ -52,6 +64,10 @@ public class LdapTemplate {
        this.password = password;
    }

+    public void setSearchScope(int searchScope) {
+        this.searchScope = searchScope;
+    }
+
    public Object execute(LdapCallback callback) throws DataAccessException {
        DirContext ctx = null;

@ -93,4 +109,57 @@ public class LdapTemplate {

        return matches.booleanValue();
    }
+
+    /**
+     * Performs a search using the supplied filter and returns the union of the values of the named
+     * attribute found in all entries matched by the search. Note that one directory entry may have several
+     * values for the attribute.
+     *
+     * @param base the DN to search in
+     * @param filter search filter to use
+     * @param params the parameters to substitute in the search filter
+     * @param attributeName the attribute who's values are to be retrieved.
+     * @return the set of values for the attribute as a union of the values found in all the matching entries.
+     */
+    public Set searchForSingleAttributeValues(final String base, final String filter, final Object[] params, final String attributeName) {
+
+
+        class LdapSearchCallback implements LdapCallback {
+
+            public Object execute(DirContext ctx) throws NamingException {
+                Set unionOfValues = new HashSet();
+
+                SearchControls ctls = new SearchControls();
+
+                ctls.setSearchScope(searchScope);
+                ctls.setReturningAttributes(new String[] {attributeName});
+
+                NamingEnumeration matchingEntries =
+                        ctx.search(base, filter, params, ctls);
+
+                while (matchingEntries.hasMore()) {
+                    SearchResult result = (SearchResult) matchingEntries.next();
+                    Attributes attrs = result.getAttributes();
+
+                    // There should only be one attribute in each matching entry.
+                    NamingEnumeration returnedAttributes = attrs.getAll();
+
+                    while(returnedAttributes.hasMore()) {
+                        Attribute returnedAttribute = (Attribute) returnedAttributes.next();
+                        NamingEnumeration attributeValues = returnedAttribute.getAll();
+
+                        while(attributeValues.hasMore()) {
+                            Object value = attributeValues.next();
+                            unionOfValues.add(value);
+                        }
+
+                    }
+                }
+
+                return unionOfValues;
+            }
+        }
+
+        return (Set)execute(new LdapSearchCallback());
+    }
 }
--- a/core/src/test/java/org/acegisecurity/ldap/LdapTemplateTests.java
+++ b/core/src/test/java/org/acegisecurity/ldap/LdapTemplateTests.java
@ -15,7 +15,10 @@

 package org.acegisecurity.ldap;

+import java.util.Set;
+
 /**
+ *
 * @author Luke Taylor
 * @version $Id$
 */
@ -41,5 +44,15 @@ public class LdapTemplateTests extends AbstractLdapServerTestCase {
 //        assertFalse(template.compare("uid=bob,ou=people", "userPassword", LdapUtils.getUtf8Bytes("wrongvalue")));
    }

+    public void testSearchForSingleAttributeValues() {
+        LdapTemplate template = new LdapTemplate(getInitialCtxFactory());

+        String param = "uid=ben,ou=people," + getInitialCtxFactory().getRootDn();
+
+        Set values = template.searchForSingleAttributeValues("ou=groups", "(member={0})", new String[] {param}, "ou");
+
+        assertEquals("Expected 2 results from search", 2, values.size());
+        assertTrue(values.contains("developer"));
+        assertTrue(values.contains("manager"));
+    }
 }