From 05322c296d427cf7b085b6aa1bf1d3039c3b3928 Mon Sep 17 00:00:00 2001 From: ryzheboka <25465835+ryzheboka@users.noreply.github.com> Date: Tue, 3 Sep 2024 17:43:26 +0200 Subject: [PATCH] Fix permission attributes - no error should occur in case they are empty --- .../io/kadai/common/rest/ldap/LdapClient.java | 37 +++++++++++++++---- 1 file changed, 30 insertions(+), 7 deletions(-) diff --git a/rest/kadai-rest-spring/src/main/java/io/kadai/common/rest/ldap/LdapClient.java b/rest/kadai-rest-spring/src/main/java/io/kadai/common/rest/ldap/LdapClient.java index 253ebc9335..36eb83a0aa 100644 --- a/rest/kadai-rest-spring/src/main/java/io/kadai/common/rest/ldap/LdapClient.java +++ b/rest/kadai-rest-spring/src/main/java/io/kadai/common/rest/ldap/LdapClient.java @@ -222,10 +222,17 @@ public List searchGroupsByName(final String name) if (!CN.equals(getGroupNameAttribute())) { orFilter.or(new WhitespaceWildcardsFilter(CN, name)); } - final AndFilter andFilter2 = new AndFilter(); - andFilter2.and(new NotPresentFilter(getUserPermissionsAttribute())); + andFilter.and(orFilter); - andFilter2.and(andFilter); + final AndFilter andFilter2; + if (!getUserPermissionsAttribute().isEmpty()) { + andFilter2 = new AndFilter(); + andFilter2.and(new NotPresentFilter(getUserPermissionsAttribute())); + andFilter2.and(andFilter); + } + else { + andFilter2 = andFilter; + } LOGGER.debug("Using filter '{}' for LDAP query.", andFilter); @@ -261,6 +268,9 @@ public Map> searchAccessIdForGroupsAndPermissionsByDn(List< public List searchPermissionsByName(final String name) throws InvalidArgumentException { + if (getUserPermissionsAttribute().isEmpty() || getPermissionSearchFilterName().isEmpty()) { + return Collections.emptyList(); + } isInitOrFail(); testMinSearchForLength(name); @@ -323,10 +333,16 @@ public List searchGroupsAccessIdIsMemberOf(final St orFilter.or(new EqualsFilter(getGroupsOfUserName(), accessId)); } orFilter.or(new EqualsFilter(getGroupsOfUserName(), dn)); - final AndFilter andFilter2 = new AndFilter(); - andFilter2.and(new NotPresentFilter(getUserPermissionsAttribute())); andFilter.and(orFilter); - andFilter2.and(andFilter); + final AndFilter andFilter2; + if (!getUserPermissionsAttribute().isEmpty()) { + andFilter2 = new AndFilter(); + andFilter2.and(new NotPresentFilter(getUserPermissionsAttribute())); + andFilter2.and(andFilter); + } + else { + andFilter2 = andFilter; + } String[] userAttributesToReturn = {getUserIdAttribute(), getGroupNameAttribute()}; if (LOGGER.isDebugEnabled()) { @@ -346,6 +362,9 @@ public List searchGroupsAccessIdIsMemberOf(final St public List searchPermissionsAccessIdHas(final String accessId) throws InvalidArgumentException, InvalidNameException { + if (getUserPermissionsAttribute().isEmpty() || getPermissionSearchFilterName().isEmpty()) { + return Collections.emptyList(); + } isInitOrFail(); testMinSearchForLength(accessId); @@ -449,6 +468,9 @@ private List searchDnForUserAccessId(String accessId) { } private List searchDnForPermissionAccessId(String accessId) { + if (getUserPermissionsAttribute().isEmpty() || getPermissionSearchFilterName().isEmpty()) { + return Collections.emptyList(); + } final AndFilter andFilter = new AndFilter(); andFilter.and( new EqualsFilter(getPermissionSearchFilterName(), getPermissionSearchFilterValue())); @@ -967,7 +989,8 @@ public AccessIdRepresentationModel doMapFromContext(final DirContextOperations c String firstName = context.getStringAttribute(getUserFirstnameAttribute()); String lastName = context.getStringAttribute(getUserLastnameAttribute()); accessId.setName(String.format("%s, %s", lastName, firstName)); - } else if (context.getStringAttribute(getUserPermissionsAttribute()) == null) { + } else if (getUserPermissionsAttribute().isEmpty() || + context.getStringAttribute(getUserPermissionsAttribute()) == null) { if (useDnForGroups()) { accessId.setAccessId(getDnFromContext(context)); // fully qualified dn } else {