protected internal virtual string getUserSearchFilter(LdapUserQueryImpl query) { StringWriter search = new StringWriter(); search.write("(&"); // restrict to users search.write(ldapConfiguration.UserSearchFilter); // add additional filters from query if (!string.ReferenceEquals(query.Id, null)) { addFilter(ldapConfiguration.UserIdAttribute, escapeLDAPSearchFilter(query.Id), search); } if (query.Ids != null && query.Ids.Length > 0) { // wrap ids in OR statement search.write("(|"); foreach (string userId in query.Ids) { addFilter(ldapConfiguration.UserIdAttribute, escapeLDAPSearchFilter(userId), search); } search.write(")"); } if (!string.ReferenceEquals(query.Email, null)) { addFilter(ldapConfiguration.UserEmailAttribute, query.Email, search); } if (!string.ReferenceEquals(query.EmailLike, null)) { addFilter(ldapConfiguration.UserEmailAttribute, query.EmailLike, search); } if (!string.ReferenceEquals(query.FirstName, null)) { addFilter(ldapConfiguration.UserFirstnameAttribute, query.FirstName, search); } if (!string.ReferenceEquals(query.FirstNameLike, null)) { addFilter(ldapConfiguration.UserFirstnameAttribute, query.FirstNameLike, search); } if (!string.ReferenceEquals(query.LastName, null)) { addFilter(ldapConfiguration.UserLastnameAttribute, query.LastName, search); } if (!string.ReferenceEquals(query.LastNameLike, null)) { addFilter(ldapConfiguration.UserLastnameAttribute, query.LastNameLike, search); } search.write(")"); return(search.ToString()); }
public virtual IList <User> findUserByQueryCriteria(LdapUserQueryImpl query) { ensureContextInitialized(); if (!string.ReferenceEquals(query.GroupId, null)) { // if restriction on groupId is provided, we need to search in group tree first, look for the group and then further restrict on the members return(findUsersByGroupId(query)); } else { string userBaseDn = composeDn(ldapConfiguration.UserSearchBase, ldapConfiguration.BaseDn); return(findUsersWithoutGroupId(query, userBaseDn, false)); } }
public virtual IList <User> findUsersWithoutGroupId(LdapUserQueryImpl query, string userBaseDn, bool ignorePagination) { if (ldapConfiguration.SortControlSupported) { applyRequestControls(query); } NamingEnumeration <SearchResult> enumeration = null; try { string filter = getUserSearchFilter(query); enumeration = initialContext.search(userBaseDn, filter, ldapConfiguration.SearchControls); // perform client-side paging int resultCount = 0; IList <User> userList = new List <User>(); StringBuilder resultLogger = new StringBuilder(); if (LdapPluginLogger.INSTANCE.DebugEnabled) { resultLogger.Append("LDAP user query results: ["); } while (enumeration.hasMoreElements() && (userList.Count < query.MaxResults || ignorePagination)) { SearchResult result = enumeration.nextElement(); UserEntity user = transformUser(result); string userId = user.Id; if (string.ReferenceEquals(userId, null)) { LdapPluginLogger.INSTANCE.invalidLdapUserReturned(user, result); } else { if (isAuthenticatedUser(user) || isAuthorized(READ, USER, userId)) { if (resultCount >= query.FirstResult || ignorePagination) { if (LdapPluginLogger.INSTANCE.DebugEnabled) { resultLogger.Append(user); resultLogger.Append(" based on "); resultLogger.Append(result); resultLogger.Append(", "); } userList.Add(user); } resultCount++; } } } if (LdapPluginLogger.INSTANCE.DebugEnabled) { resultLogger.Append("]"); LdapPluginLogger.INSTANCE.userQueryResult(resultLogger.ToString()); } return(userList); } catch (NamingException e) { throw new IdentityProviderException("Could not query for users", e); } finally { try { if (enumeration != null) { enumeration.close(); } } catch (Exception) { // ignore silently } } }
protected internal virtual IList <User> findUsersByGroupId(LdapUserQueryImpl query) { string baseDn = getDnForGroup(query.GroupId); // compose group search filter string groupSearchFilter = "(& " + ldapConfiguration.GroupSearchFilter + ")"; NamingEnumeration <SearchResult> enumeration = null; try { enumeration = initialContext.search(baseDn, groupSearchFilter, ldapConfiguration.SearchControls); IList <string> groupMemberList = new List <string>(); // first find group while (enumeration.hasMoreElements()) { SearchResult result = enumeration.nextElement(); Attribute memberAttribute = result.Attributes.get(ldapConfiguration.GroupMemberAttribute); if (null != memberAttribute) { //JAVA TO C# CONVERTER WARNING: Java wildcard generics have no direct equivalent in .NET: //ORIGINAL LINE: javax.naming.NamingEnumeration<?> allMembers = memberAttribute.getAll(); NamingEnumeration <object> allMembers = memberAttribute.All; // iterate group members while (allMembers.hasMoreElements()) { groupMemberList.Add((string)allMembers.nextElement()); } } } IList <User> userList = new List <User>(); string userBaseDn = composeDn(ldapConfiguration.UserSearchBase, ldapConfiguration.BaseDn); int memberCount = 0; foreach (string memberId in groupMemberList) { if (userList.Count < query.MaxResults && memberCount >= query.FirstResult) { if (ldapConfiguration.UsePosixGroups) { query.userId(memberId); } IList <User> users = ldapConfiguration.UsePosixGroups ? findUsersWithoutGroupId(query, userBaseDn, true) : findUsersWithoutGroupId(query, memberId, true); if (users.Count > 0) { userList.Add(users[0]); } } memberCount++; } return(userList); } catch (NamingException e) { throw new IdentityProviderException("Could not query for users", e); } finally { try { if (enumeration != null) { enumeration.close(); } } catch (Exception) { // ignore silently } } }
public virtual long findUserCountByQueryCriteria(LdapUserQueryImpl query) { ensureContextInitialized(); return(findUserByQueryCriteria(query).Count); }