Package org.sakaiproject.unboundid

Class SimpleLdapAttributeMapper

    • Constructor Detail

      • SimpleLdapAttributeMapper

        public SimpleLdapAttributeMapper()

    • Method Detail

      • getFindUserByEmailFilter

        public String getFindUserByEmailFilter​(String emailAddr)
        Builds a filter of the form <email-attr>=<emailAddr>
        Specified by:
        getFindUserByEmailFilter in interface LdapAttributeMapper
        Parameters:
        emailAddr - an email address to search on
        Returns:
        an LDAP search filter

      • getFindUserByEidFilter

        public String getFindUserByEidFilter​(String eid)
        Builds a filter of the form <login-attr>=<eid>
        Specified by:
        getFindUserByEidFilter in interface LdapAttributeMapper
        Parameters:
        eid - a user eid to search on
        Returns:
        an LDAP search filter

      • getFindUserByAidFilter

        public String getFindUserByAidFilter​(String aid)
        Description copied from interface: LdapAttributeMapper
        Output a filter string for searching the directory with the specified user aid as a key.
        Specified by:
        getFindUserByAidFilter in interface LdapAttributeMapper
        Parameters:
        aid - a user authentication id.
        Returns:
        an LDAP search filter

      • getUserBindDn

        public String getUserBindDn​(LdapUserData userData)
        Description copied from interface: LdapAttributeMapper
        Determine the DN to which to bind when executing an authentication attempt for the given user. An invocation implies that the DN can be derived from attributes already mapped onto the given LdapUserData by this LdapAttributeMapper. For example, the mapper could have cached the DN in the user's property map, or the bind DN could be reliably calculated from a combination of the user's eid and some other configured RDN string.
        Specified by:
        getUserBindDn in interface LdapAttributeMapper
        Parameters:
        userData - a mapped collection of user attributes from which to derive a bindable DN. Should not be null
        Returns:
        a bindable DN derived from userData or null if the DN is not known.

      • setUserDataDn

        protected void setUserDataDn​(com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPEntry entry,
                             LdapUserData targetUserData)

      • mapLdapAttributeOntoUserData

        protected void mapLdapAttributeOntoUserData​(com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPAttribute attribute,
                                            LdapUserData userData,
                                            String logicalAttrName)
        A delegate of mapLdapAttributeOntoUserData(LDAPAttribute, LdapUserData, Collection) that allows for discrete handling of each logical attribute name associated with the given LDAPAttribute
        Parameters:
        attribute -
        userData -
        logicalAttrName -

      • mapLdapEntryToSakaiUserType

        protected String mapLdapEntryToSakaiUserType​(com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPEntry ldapEntry)
        Passes the given LDAPEntry and a reference to this SimpleLdapAttributeMapper to UserTypeMapper.mapLdapEntryToSakaiUserType(LDAPEntry, LdapAttributeMapper). By default, this will just return an empty String.
        Parameters:
        ldapEntry - the LDAPEntry to map
        Returns:
        a String representing a Sakai user type. nulls and empty Strings are possible.

      • mapUserDataOntoUserEdit

        public void mapUserDataOntoUserEdit​(LdapUserData userData,
                                    org.sakaiproject.user.api.UserEdit userEdit)
        Straightforward LdapUserData to UserEdit field-to-field mapping, including properties.
        Specified by:
        mapUserDataOntoUserEdit in interface LdapAttributeMapper
        Parameters:
        userData - a non-null user cache entry
        userEdit - a non-null user domain object

      • escapeSearchFilterTerm

        public String escapeSearchFilterTerm​(String unescapedTerm)
        Description copied from interface: LdapAttributeMapper
        Scrubs the given search filter term (i.e. a value to be matched, or not, in a search predicate) for reserved characters. I.e. protects against query injection.
        Specified by:
        escapeSearchFilterTerm in interface LdapAttributeMapper
        Parameters:
        unescapedTerm - The string value to be scrubbed
        Returns:
        null if the received String is null, otherwise a copy of the received String with reserved characters escaped.

      • getAttributeMapping

        public String getAttributeMapping​(String key)
        Map the given logical attribute name to a physical attribute name.
        Specified by:
        getAttributeMapping in interface LdapAttributeMapper
        Parameters:
        key - the logical attribute name
        Returns:
        the corresponding physical attribute name, or null if no mapping exists.

      • getReverseAttributeMappings

        public Collection<String> getReverseAttributeMappings​(String physicalAttrName)
        Access the configured logical names associated with the given physical attribute name. May return null.
        Parameters:
        physicalAttrName - a physical LDAP attribute name to reverse map to zero or more logical attribute names
        Returns:
        a collection of logical attribute names; may be null or empty.

      • getSearchResultAttributes

        public String[] getSearchResultAttributes()
        Implemented to return the current values of {link {@link #getAttributeMappings().values()} as a String array.
        Specified by:
        getSearchResultAttributes in interface LdapAttributeMapper
        Returns:
        an array of directory attribute names

      • reverseAttributeMap

        protected Map<String,​Collection<String>> reverseAttributeMap​(Map<String,​String> toReverse)
        Creates a reverse lookup map of a given attribute map's values. That is, creates a map of physical to logical LDAP attribute names. Since a multiple logical names may point to a single physical name, values in this map are actually Collection's.

        Protected access control mainly to enable testing

        Parameters:
        toReverse -
        Returns:

      • getUserTypeMapper

        public UserTypeMapper getUserTypeMapper()
        Access the strategy for calculating the Sakai user type given a LDAPEntry

      • setUserTypeMapper

        public void setUserTypeMapper​(UserTypeMapper userTypeMapper)
        Assign the strategy for calculating the Sakai user type given a LDAPEntry

      • usePreferredFirstName

        protected String usePreferredFirstName​(LdapUserData userData)
        Determines if a user has a preferredFirstName set and if so, returns it for use. Otherwise, returns their firstName as normal.
        Parameters:
        userData - the LdapUserData for the user
        Returns:
        a String of the user's first name.

      • getFindUserByCrossAttributeSearchFilter

        public String getFindUserByCrossAttributeSearchFilter​(String unescapedCriteria)
        Description copied from interface: LdapAttributeMapper
        Builds a filter to perform a wildcard search for criteria in uid, email, first name or last name

        In order to minimise hitting the limits of searches, this only performs a wildcard match on anything after the supplied criteria.
        For example, a search for 'john' will match 'john' and 'johnson' but not 'gudjohnsen'.

        For reference, the LDAP search filter is of the form: "(|(uid=criteria*)(mail=criteria*)(givenName=criteria*)(sn=criteria*))"

        Specified by:
        getFindUserByCrossAttributeSearchFilter in interface LdapAttributeMapper
        Returns:
        the formatted search filter

      • getManyUsersInOneSearch

        public String getManyUsersInOneSearch​(Set<String> criteria)
        Description copied from interface: LdapAttributeMapper
        Builds a filter to a uid search against many users at once For reference, the LDAP search filter is of the form: "(|(uid=sample.user)(uid=john.doe)(uid=jane.smith))"
        Specified by:
        getManyUsersInOneSearch in interface LdapAttributeMapper
        Returns:
        the formatted search filter

      • getValueMappings

        public Map<String,​MessageFormat> getValueMappings()
        Returns:
        A Map of message formats used for extracting values from LDAP data.

      • setValueMappings

        public void setValueMappings​(Map<String,​MessageFormat> valueMappings)
        Parameters:
        valueMappings - A Map of message formats used for extracting values from LDAP data.