protected internal virtual string getUserSearchFilter(LdapUserQueryImpl query)
{
StringWriter search = new StringWriter();
search.write("(&");
// restrict to users
search.write(ldapConfiguration.UserSearchFilter);
// add additional filters from query
if (!string.ReferenceEquals(query.Id, null))
{
addFilter(ldapConfiguration.UserIdAttribute, escapeLDAPSearchFilter(query.Id), search);
}
if (query.Ids != null && query.Ids.Length > 0)
{
// wrap ids in OR statement
search.write("(|");
foreach (string userId in query.Ids)
{
addFilter(ldapConfiguration.UserIdAttribute, escapeLDAPSearchFilter(userId), search);
}
search.write(")");
}
if (!string.ReferenceEquals(query.Email, null))
{
addFilter(ldapConfiguration.UserEmailAttribute, query.Email, search);
}
if (!string.ReferenceEquals(query.EmailLike, null))
{
addFilter(ldapConfiguration.UserEmailAttribute, query.EmailLike, search);
}
if (!string.ReferenceEquals(query.FirstName, null))
{
addFilter(ldapConfiguration.UserFirstnameAttribute, query.FirstName, search);
}
if (!string.ReferenceEquals(query.FirstNameLike, null))
{
addFilter(ldapConfiguration.UserFirstnameAttribute, query.FirstNameLike, search);
}
if (!string.ReferenceEquals(query.LastName, null))
{
addFilter(ldapConfiguration.UserLastnameAttribute, query.LastName, search);
}
if (!string.ReferenceEquals(query.LastNameLike, null))
{
addFilter(ldapConfiguration.UserLastnameAttribute, query.LastNameLike, search);
}
search.write(")");
return(search.ToString());
}
public virtual IList <User> findUserByQueryCriteria(LdapUserQueryImpl query)
{
ensureContextInitialized();
if (!string.ReferenceEquals(query.GroupId, null))
{
// if restriction on groupId is provided, we need to search in group tree first, look for the group and then further restrict on the members
return(findUsersByGroupId(query));
}
else
{
string userBaseDn = composeDn(ldapConfiguration.UserSearchBase, ldapConfiguration.BaseDn);
return(findUsersWithoutGroupId(query, userBaseDn, false));
}
}
public virtual IList <User> findUsersWithoutGroupId(LdapUserQueryImpl query, string userBaseDn, bool ignorePagination)
{
if (ldapConfiguration.SortControlSupported)
{
applyRequestControls(query);
}
NamingEnumeration <SearchResult> enumeration = null;
try
{
string filter = getUserSearchFilter(query);
enumeration = initialContext.search(userBaseDn, filter, ldapConfiguration.SearchControls);
// perform client-side paging
int resultCount = 0;
IList <User> userList = new List <User>();
StringBuilder resultLogger = new StringBuilder();
if (LdapPluginLogger.INSTANCE.DebugEnabled)
{
resultLogger.Append("LDAP user query results: [");
}
while (enumeration.hasMoreElements() && (userList.Count < query.MaxResults || ignorePagination))
{
SearchResult result = enumeration.nextElement();
UserEntity user = transformUser(result);
string userId = user.Id;
if (string.ReferenceEquals(userId, null))
{
LdapPluginLogger.INSTANCE.invalidLdapUserReturned(user, result);
}
else
{
if (isAuthenticatedUser(user) || isAuthorized(READ, USER, userId))
{
if (resultCount >= query.FirstResult || ignorePagination)
{
if (LdapPluginLogger.INSTANCE.DebugEnabled)
{
resultLogger.Append(user);
resultLogger.Append(" based on ");
resultLogger.Append(result);
resultLogger.Append(", ");
}
userList.Add(user);
}
resultCount++;
}
}
}
if (LdapPluginLogger.INSTANCE.DebugEnabled)
{
resultLogger.Append("]");
LdapPluginLogger.INSTANCE.userQueryResult(resultLogger.ToString());
}
return(userList);
}
catch (NamingException e)
{
throw new IdentityProviderException("Could not query for users", e);
}
finally
{
try
{
if (enumeration != null)
{
enumeration.close();
}
}
catch (Exception)
{
// ignore silently
}
}
}
protected internal virtual IList <User> findUsersByGroupId(LdapUserQueryImpl query)
{
string baseDn = getDnForGroup(query.GroupId);
// compose group search filter
string groupSearchFilter = "(& " + ldapConfiguration.GroupSearchFilter + ")";
NamingEnumeration <SearchResult> enumeration = null;
try
{
enumeration = initialContext.search(baseDn, groupSearchFilter, ldapConfiguration.SearchControls);
IList <string> groupMemberList = new List <string>();
// first find group
while (enumeration.hasMoreElements())
{
SearchResult result = enumeration.nextElement();
Attribute memberAttribute = result.Attributes.get(ldapConfiguration.GroupMemberAttribute);
if (null != memberAttribute)
{
//JAVA TO C# CONVERTER WARNING: Java wildcard generics have no direct equivalent in .NET:
//ORIGINAL LINE: javax.naming.NamingEnumeration<?> allMembers = memberAttribute.getAll();
NamingEnumeration <object> allMembers = memberAttribute.All;
// iterate group members
while (allMembers.hasMoreElements())
{
groupMemberList.Add((string)allMembers.nextElement());
}
}
}
IList <User> userList = new List <User>();
string userBaseDn = composeDn(ldapConfiguration.UserSearchBase, ldapConfiguration.BaseDn);
int memberCount = 0;
foreach (string memberId in groupMemberList)
{
if (userList.Count < query.MaxResults && memberCount >= query.FirstResult)
{
if (ldapConfiguration.UsePosixGroups)
{
query.userId(memberId);
}
IList <User> users = ldapConfiguration.UsePosixGroups ? findUsersWithoutGroupId(query, userBaseDn, true) : findUsersWithoutGroupId(query, memberId, true);
if (users.Count > 0)
{
userList.Add(users[0]);
}
}
memberCount++;
}
return(userList);
}
catch (NamingException e)
{
throw new IdentityProviderException("Could not query for users", e);
}
finally
{
try
{
if (enumeration != null)
{
enumeration.close();
}
}
catch (Exception)
{
// ignore silently
}
}
}
public virtual long findUserCountByQueryCriteria(LdapUserQueryImpl query)
{
ensureContextInitialized();
return(findUserByQueryCriteria(query).Count);
}
