added ignored files
This commit is contained in:
parent
38bf638352
commit
8c2b5232a7
@ -0,0 +1,173 @@
|
||||
/*
|
||||
*
|
||||
* (c) Copyright Ascensio System Limited 2010-2021
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
using System.Net.Security;
|
||||
using System.Runtime.Serialization;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
|
||||
using ASC.Common.Logging;
|
||||
|
||||
namespace ASC.ActiveDirectory.Base.Data
|
||||
{
|
||||
[Serializable]
|
||||
[DataContract]
|
||||
public class LdapCertificateConfirmRequest
|
||||
{
|
||||
private volatile bool _approved;
|
||||
private volatile bool _requested;
|
||||
private volatile string _serialNumber;
|
||||
private volatile string _issuerName;
|
||||
private volatile string _subjectName;
|
||||
private volatile string _hash;
|
||||
private volatile int[] _certificateErrors;
|
||||
|
||||
[DataMember]
|
||||
public bool Approved { get { return _approved; } set { _approved = value; } }
|
||||
|
||||
[DataMember]
|
||||
public bool Requested { get { return _requested; } set { _requested = value; } }
|
||||
|
||||
[DataMember]
|
||||
public string SerialNumber { get { return _serialNumber; } set { _serialNumber = value; } }
|
||||
|
||||
[DataMember]
|
||||
public string IssuerName { get { return _issuerName; } set { _issuerName = value; } }
|
||||
|
||||
[DataMember]
|
||||
public string SubjectName { get { return _subjectName; } set { _subjectName = value; } }
|
||||
|
||||
[DataMember]
|
||||
public DateTime ValidFrom { get; set; }
|
||||
|
||||
[DataMember]
|
||||
public DateTime ValidUntil { get; set; }
|
||||
|
||||
[DataMember]
|
||||
public string Hash { get { return _hash; } set { _hash = value; } }
|
||||
|
||||
[DataMember]
|
||||
public int[] CertificateErrors { get { return _certificateErrors; } set { _certificateErrors = value; } }
|
||||
|
||||
private enum LdapCertificateProblem
|
||||
{
|
||||
CertExpired = -2146762495,
|
||||
CertCnNoMatch = -2146762481,
|
||||
// ReSharper disable once UnusedMember.Local
|
||||
CertIssuerChaining = -2146762489,
|
||||
CertUntrustedCa = -2146762478,
|
||||
// ReSharper disable once UnusedMember.Local
|
||||
CertUntrustedRoot = -2146762487,
|
||||
CertMalformed = -2146762488,
|
||||
CertUnrecognizedError = -2146762477
|
||||
}
|
||||
|
||||
public static int[] GetLdapCertProblems(X509Certificate certificate, X509Chain chain,
|
||||
SslPolicyErrors sslPolicyErrors, ILog log = null)
|
||||
{
|
||||
var certificateErrors = new List<int>();
|
||||
try
|
||||
{
|
||||
if (sslPolicyErrors == SslPolicyErrors.None)
|
||||
{
|
||||
return certificateErrors.ToArray();
|
||||
}
|
||||
|
||||
var expDate = DateTime.Parse(certificate.GetExpirationDateString()).ToUniversalTime();
|
||||
var utcNow = DateTime.UtcNow;
|
||||
if (expDate < utcNow && expDate.AddDays(1) >= utcNow)
|
||||
{
|
||||
certificateErrors.Add((int)LdapCertificateProblem.CertExpired);
|
||||
}
|
||||
|
||||
if (sslPolicyErrors.HasFlag(SslPolicyErrors.RemoteCertificateChainErrors))
|
||||
{
|
||||
certificateErrors.Add((int)LdapCertificateProblem.CertMalformed);
|
||||
}
|
||||
|
||||
if (sslPolicyErrors.HasFlag(SslPolicyErrors.RemoteCertificateNameMismatch))
|
||||
{
|
||||
if (log != null)
|
||||
{
|
||||
log.WarnFormat("GetLdapCertProblems: {0}",
|
||||
Enum.GetName(typeof(SslPolicyErrors), LdapCertificateProblem.CertCnNoMatch));
|
||||
}
|
||||
|
||||
certificateErrors.Add((int)LdapCertificateProblem.CertCnNoMatch);
|
||||
}
|
||||
|
||||
if (sslPolicyErrors.HasFlag(SslPolicyErrors.RemoteCertificateNotAvailable))
|
||||
{
|
||||
if (log != null)
|
||||
{
|
||||
log.WarnFormat("GetLdapCertProblems: {0}",
|
||||
Enum.GetName(typeof(SslPolicyErrors), LdapCertificateProblem.CertCnNoMatch));
|
||||
}
|
||||
|
||||
certificateErrors.Add((int)LdapCertificateProblem.CertUntrustedCa);
|
||||
}
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
if (log != null)
|
||||
log.ErrorFormat("GetLdapCertProblems() failed. Error: {0}", ex);
|
||||
certificateErrors.Add((int)LdapCertificateProblem.CertUnrecognizedError);
|
||||
}
|
||||
|
||||
return certificateErrors.ToArray();
|
||||
}
|
||||
|
||||
public static LdapCertificateConfirmRequest FromCert(X509Certificate certificate, X509Chain chain,
|
||||
SslPolicyErrors sslPolicyErrors, bool approved = false, bool requested = false, ILog log = null)
|
||||
{
|
||||
var certificateErrors = GetLdapCertProblems(certificate, chain, sslPolicyErrors, log);
|
||||
|
||||
try
|
||||
{
|
||||
string serialNumber = "", issuerName = "", subjectName = "", hash = "";
|
||||
DateTime validFrom = DateTime.UtcNow, validUntil = DateTime.UtcNow;
|
||||
|
||||
LdapUtils.SkipErrors(() => serialNumber = certificate.GetSerialNumberString(), log);
|
||||
LdapUtils.SkipErrors(() => issuerName = certificate.Issuer, log);
|
||||
LdapUtils.SkipErrors(() => subjectName = certificate.Subject, log);
|
||||
LdapUtils.SkipErrors(() => validFrom = DateTime.Parse(certificate.GetEffectiveDateString()), log);
|
||||
LdapUtils.SkipErrors(() => validUntil = DateTime.Parse(certificate.GetExpirationDateString()), log);
|
||||
LdapUtils.SkipErrors(() => hash = certificate.GetCertHashString(), log);
|
||||
|
||||
var certificateConfirmRequest = new LdapCertificateConfirmRequest
|
||||
{
|
||||
SerialNumber = serialNumber,
|
||||
IssuerName = issuerName,
|
||||
SubjectName = subjectName,
|
||||
ValidFrom = validFrom,
|
||||
ValidUntil = validUntil,
|
||||
Hash = hash,
|
||||
CertificateErrors = certificateErrors,
|
||||
Approved = approved,
|
||||
Requested = requested
|
||||
};
|
||||
|
||||
return certificateConfirmRequest;
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
if (log != null)
|
||||
log.ErrorFormat("LdapCertificateConfirmRequest.FromCert() failed. Error: {0}", ex);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
74
common/ASC.ActiveDirectory/Base/Data/LdapLogin.cs
Normal file
74
common/ASC.ActiveDirectory/Base/Data/LdapLogin.cs
Normal file
@ -0,0 +1,74 @@
|
||||
/*
|
||||
*
|
||||
* (c) Copyright Ascensio System Limited 2010-2021
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace ASC.ActiveDirectory.Base.Data
|
||||
{
|
||||
public class LdapLogin
|
||||
{
|
||||
public string Username { get; private set; }
|
||||
public string Domain { get; private set; }
|
||||
|
||||
public LdapLogin(string username, string domain)
|
||||
{
|
||||
Username = username;
|
||||
Domain = domain;
|
||||
}
|
||||
|
||||
public override string ToString()
|
||||
{
|
||||
return !string.IsNullOrEmpty(Domain) ? string.Format("{0}@{1}", Username, Domain) : Username;
|
||||
}
|
||||
|
||||
public static LdapLogin ParseLogin(string login)
|
||||
{
|
||||
if (string.IsNullOrEmpty(login))
|
||||
return null;
|
||||
|
||||
string username;
|
||||
string domain = null;
|
||||
|
||||
if (login.Contains("\\"))
|
||||
{
|
||||
var splited = login.Split('\\');
|
||||
|
||||
if (!splited.Any() || splited.Length != 2)
|
||||
return null;
|
||||
|
||||
domain = splited[0];
|
||||
username = splited[1];
|
||||
|
||||
}
|
||||
else if (login.Contains("@"))
|
||||
{
|
||||
var splited = login.Split('@');
|
||||
|
||||
if (!splited.Any() || splited.Length != 2)
|
||||
return null;
|
||||
|
||||
username = splited[0];
|
||||
domain = splited[1];
|
||||
}
|
||||
else
|
||||
{
|
||||
username = login;
|
||||
}
|
||||
|
||||
var result = new LdapLogin(username, domain);
|
||||
|
||||
return result;
|
||||
}
|
||||
}
|
||||
}
|
50
common/ASC.ActiveDirectory/Base/Data/LdapObject.cs
Normal file
50
common/ASC.ActiveDirectory/Base/Data/LdapObject.cs
Normal file
@ -0,0 +1,50 @@
|
||||
/*
|
||||
*
|
||||
* (c) Copyright Ascensio System Limited 2010-2021
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace ASC.ActiveDirectory.Base.Data
|
||||
{
|
||||
/// <summary>
|
||||
/// LDAP object class
|
||||
/// </summary>
|
||||
public abstract class LdapObject
|
||||
{
|
||||
#region .Public
|
||||
|
||||
public abstract string DistinguishedName { get; }
|
||||
|
||||
public abstract string Sid { get; }
|
||||
|
||||
public abstract string SidAttribute { get; }
|
||||
|
||||
public abstract bool IsDisabled { get; }
|
||||
|
||||
#endregion
|
||||
|
||||
/// <summary>
|
||||
/// Get property object
|
||||
/// </summary>
|
||||
/// <param name="propertyName">property name</param>
|
||||
/// <returns>value object</returns>
|
||||
public abstract object GetValue(string propertyName, bool getBytes = false);
|
||||
|
||||
/// <summary>
|
||||
/// Get property values
|
||||
/// </summary>
|
||||
/// <param name="propertyName">property name</param>
|
||||
/// <returns>list of values</returns>
|
||||
public abstract List<string> GetValues(string propertyName);
|
||||
}
|
||||
}
|
254
common/ASC.ActiveDirectory/Base/Data/LdapObjectExtension.cs
Normal file
254
common/ASC.ActiveDirectory/Base/Data/LdapObjectExtension.cs
Normal file
@ -0,0 +1,254 @@
|
||||
/*
|
||||
*
|
||||
* (c) Copyright Ascensio System Limited 2010-2021
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
using ASC.ActiveDirectory.Base.Settings;
|
||||
using ASC.Common;
|
||||
using ASC.Common.Logging;
|
||||
using ASC.Core.Tenants;
|
||||
using ASC.Core.Users;
|
||||
|
||||
using Mapping = ASC.ActiveDirectory.Base.Settings.LdapSettings.MappingFields;
|
||||
|
||||
namespace ASC.ActiveDirectory.Base.Data
|
||||
{
|
||||
/// <summary>
|
||||
/// LDAP object extensions class
|
||||
/// </summary>
|
||||
[Scope]
|
||||
public class LdapObjectExtension
|
||||
{
|
||||
private readonly TenantUtil _tenantUtil;
|
||||
public LdapObjectExtension(TenantUtil tenantUtil)
|
||||
{
|
||||
_tenantUtil = tenantUtil;
|
||||
}
|
||||
public static string GetAttribute(LdapObject ldapObject, string attribute, ILog log = null)
|
||||
{
|
||||
if (string.IsNullOrEmpty(attribute))
|
||||
return string.Empty;
|
||||
|
||||
try
|
||||
{
|
||||
return ldapObject.GetValue(attribute) as string;
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
if (log != null)
|
||||
log.ErrorFormat("Can't get attribute from ldap object (attr = {0}, dn = {1}) error: {2}",
|
||||
attribute, ldapObject.DistinguishedName, e);
|
||||
|
||||
return string.Empty;
|
||||
}
|
||||
}
|
||||
|
||||
public static List<string> GetAttributes(LdapObject ldapObject, string attribute, ILog log = null)
|
||||
{
|
||||
var list = new List<string>();
|
||||
|
||||
if (string.IsNullOrEmpty(attribute))
|
||||
return list;
|
||||
|
||||
try
|
||||
{
|
||||
return ldapObject.GetValues(attribute);
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
if (log != null)
|
||||
log.ErrorFormat("Can't get attributes from ldap object (attr = {0}, dn = {1}) error: {2}",
|
||||
attribute, ldapObject.DistinguishedName, e);
|
||||
|
||||
return list;
|
||||
}
|
||||
}
|
||||
|
||||
private const int MAX_NUMBER_OF_SYMBOLS = 64;
|
||||
private const string EXT_MOB_PHONE = "extmobphone";
|
||||
private const string EXT_MAIL = "extmail";
|
||||
private const string EXT_PHONE = "extphone";
|
||||
private const string EXT_SKYPE = "extskype";
|
||||
|
||||
private static List<string> GetContacts(LdapObject ldapUser, Mapping key, LdapSettings settings, ILog log = null)
|
||||
{
|
||||
if (!settings.LdapMapping.ContainsKey(key))
|
||||
return null;
|
||||
|
||||
var bindings = settings.LdapMapping[key].Split(',').Select(x => x.Trim()).ToArray();
|
||||
if (bindings.Length > 1)
|
||||
{
|
||||
var list = new List<string>();
|
||||
foreach (var bind in bindings)
|
||||
{
|
||||
list.AddRange(GetAttributes(ldapUser, bind, log));
|
||||
}
|
||||
return list;
|
||||
}
|
||||
else
|
||||
{
|
||||
return GetAttributes(ldapUser, bindings[0], log);
|
||||
}
|
||||
}
|
||||
|
||||
private static void PopulateContacts(List<string> Contacts, string type, List<string> values)
|
||||
{
|
||||
if (values == null || !values.Any())
|
||||
return;
|
||||
foreach (var val in values)
|
||||
{
|
||||
Contacts.Add(type);
|
||||
Contacts.Add(val);
|
||||
}
|
||||
}
|
||||
|
||||
public UserInfo ToUserInfo(LdapObject ldapUser, LdapUserImporter ldapUserImporter, ILog log = null)
|
||||
{
|
||||
var settings = ldapUserImporter.Settings;
|
||||
var resource = ldapUserImporter.Resource;
|
||||
|
||||
var userName = GetAttribute(ldapUser, settings.LoginAttribute, log);
|
||||
|
||||
var firstName = settings.LdapMapping.ContainsKey(Mapping.FirstNameAttribute) ? GetAttribute(ldapUser, settings.LdapMapping[Mapping.FirstNameAttribute], log) : string.Empty;
|
||||
var secondName = settings.LdapMapping.ContainsKey(Mapping.SecondNameAttribute) ? GetAttribute(ldapUser, settings.LdapMapping[Mapping.SecondNameAttribute], log) : string.Empty;
|
||||
var birthDay = settings.LdapMapping.ContainsKey(Mapping.BirthDayAttribute) ? GetAttribute(ldapUser, settings.LdapMapping[Mapping.BirthDayAttribute], log) : string.Empty;
|
||||
var gender = settings.LdapMapping.ContainsKey(Mapping.GenderAttribute) ? GetAttribute(ldapUser, settings.LdapMapping[Mapping.GenderAttribute], log) : string.Empty;
|
||||
var primaryPhone = settings.LdapMapping.ContainsKey(Mapping.MobilePhoneAttribute) ? GetAttribute(ldapUser, settings.LdapMapping[Mapping.MobilePhoneAttribute], log) : string.Empty;
|
||||
var mail = settings.LdapMapping.ContainsKey(Mapping.MailAttribute) ? GetAttribute(ldapUser, settings.LdapMapping[Mapping.MailAttribute], log) : string.Empty;
|
||||
var title = settings.LdapMapping.ContainsKey(Mapping.TitleAttribute) ? GetAttribute(ldapUser, settings.LdapMapping[Mapping.TitleAttribute], log) : string.Empty;
|
||||
var location = settings.LdapMapping.ContainsKey(Mapping.LocationAttribute) ? GetAttribute(ldapUser, settings.LdapMapping[Mapping.LocationAttribute], log) : string.Empty;
|
||||
|
||||
var phones = GetContacts(ldapUser, Mapping.AdditionalPhone, settings, log);
|
||||
var mobilePhones = GetContacts(ldapUser, Mapping.AdditionalMobilePhone, settings, log);
|
||||
var emails = GetContacts(ldapUser, Mapping.AdditionalMail, settings, log);
|
||||
var skype = GetContacts(ldapUser, Mapping.Skype, settings, log);
|
||||
|
||||
|
||||
if (string.IsNullOrEmpty(userName))
|
||||
throw new Exception("LDAP LoginAttribute is empty");
|
||||
|
||||
var contacts = new List<string>();
|
||||
|
||||
PopulateContacts(contacts, EXT_PHONE, phones);
|
||||
PopulateContacts(contacts, EXT_MOB_PHONE, mobilePhones);
|
||||
PopulateContacts(contacts, EXT_MAIL, emails);
|
||||
PopulateContacts(contacts, EXT_SKYPE, skype);
|
||||
|
||||
var user = new UserInfo
|
||||
{
|
||||
ID = Guid.Empty,
|
||||
UserName = userName,
|
||||
Sid = ldapUser.Sid,
|
||||
ActivationStatus = settings.SendWelcomeEmail && !string.IsNullOrEmpty(mail) ? EmployeeActivationStatus.Pending : EmployeeActivationStatus.NotActivated,
|
||||
Status = ldapUser.IsDisabled ? EmployeeStatus.Terminated : EmployeeStatus.Active,
|
||||
Title = !string.IsNullOrEmpty(title) ? title : string.Empty,
|
||||
Location = !string.IsNullOrEmpty(location) ? location : string.Empty,
|
||||
WorkFromDate = _tenantUtil.DateTimeNow(),
|
||||
ContactsList = contacts
|
||||
};
|
||||
|
||||
if (!string.IsNullOrEmpty(firstName))
|
||||
{
|
||||
user.FirstName = firstName.Length > MAX_NUMBER_OF_SYMBOLS
|
||||
? firstName.Substring(0, MAX_NUMBER_OF_SYMBOLS)
|
||||
: firstName;
|
||||
}
|
||||
else
|
||||
{
|
||||
user.FirstName = resource.FirstName;
|
||||
}
|
||||
|
||||
if (!string.IsNullOrEmpty(secondName))
|
||||
{
|
||||
user.LastName = secondName.Length > MAX_NUMBER_OF_SYMBOLS
|
||||
? secondName.Substring(0, MAX_NUMBER_OF_SYMBOLS)
|
||||
: secondName;
|
||||
}
|
||||
else
|
||||
{
|
||||
user.LastName = resource.LastName;
|
||||
}
|
||||
|
||||
if (!string.IsNullOrEmpty(birthDay))
|
||||
{
|
||||
DateTime date;
|
||||
if (DateTime.TryParse(birthDay, out date))
|
||||
user.BirthDate = date;
|
||||
}
|
||||
|
||||
if (!string.IsNullOrEmpty(gender))
|
||||
{
|
||||
bool b;
|
||||
if (bool.TryParse(gender, out b))
|
||||
{
|
||||
user.Sex = b;
|
||||
}
|
||||
else
|
||||
{
|
||||
switch (gender.ToLowerInvariant())
|
||||
{
|
||||
case "male":
|
||||
case "m":
|
||||
user.Sex = true;
|
||||
break;
|
||||
case "female":
|
||||
case "f":
|
||||
user.Sex = false;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (string.IsNullOrEmpty(mail))
|
||||
{
|
||||
user.Email = userName.Contains("@") ? userName : string.Format("{0}@{1}", userName, ldapUserImporter.LDAPDomain);
|
||||
user.ActivationStatus = EmployeeActivationStatus.AutoGenerated;
|
||||
}
|
||||
else
|
||||
{
|
||||
user.Email = mail;
|
||||
}
|
||||
|
||||
user.MobilePhone = string.IsNullOrEmpty(primaryPhone)
|
||||
? null : primaryPhone;
|
||||
|
||||
return user;
|
||||
}
|
||||
|
||||
public static GroupInfo ToGroupInfo(LdapObject ldapGroup, LdapSettings settings, ILog log = null)
|
||||
{
|
||||
var name = GetAttribute(ldapGroup, settings.GroupNameAttribute, log);
|
||||
|
||||
if (string.IsNullOrEmpty(name))
|
||||
throw new Exception("LDAP GroupNameAttribute is empty");
|
||||
|
||||
var group = new GroupInfo
|
||||
{
|
||||
Name = name,
|
||||
Sid = ldapGroup.Sid
|
||||
};
|
||||
|
||||
return group;
|
||||
}
|
||||
|
||||
public static string GetDomainFromDn(LdapObject ldapObject)
|
||||
{
|
||||
if (ldapObject == null || string.IsNullOrEmpty(ldapObject.DistinguishedName))
|
||||
return null;
|
||||
|
||||
return LdapUtils.DistinguishedNameToDomain(ldapObject.DistinguishedName);
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,54 @@
|
||||
/*
|
||||
*
|
||||
* (c) Copyright Ascensio System Limited 2010-2021
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
using System.Text.Json.Serialization;
|
||||
|
||||
namespace ASC.ActiveDirectory.ComplexOperations.Data
|
||||
{
|
||||
public class LdapChange
|
||||
{
|
||||
[JsonConverter(typeof(JsonStringEnumConverter))]
|
||||
public LdapChangeAction Action { get; private set; }
|
||||
|
||||
public string Sid { get; private set; }
|
||||
|
||||
public string Name { get; private set; }
|
||||
|
||||
[JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)]
|
||||
public string Email { get; private set; }
|
||||
|
||||
[JsonConverter(typeof(JsonStringEnumConverter))]
|
||||
public LdapChangeType Type { get; private set; }
|
||||
|
||||
public List<LdapItemChange> Changes { get; private set; }
|
||||
|
||||
public LdapChange(string sid, string name, LdapChangeType type, LdapChangeAction action,
|
||||
List<LdapItemChange> changes = null) : this(sid, name, null, type, action, changes)
|
||||
{
|
||||
}
|
||||
|
||||
public LdapChange(string sid, string name, string email, LdapChangeType type, LdapChangeAction action, List<LdapItemChange> changes = null)
|
||||
{
|
||||
Sid = sid;
|
||||
Name = name;
|
||||
Type = type;
|
||||
Action = action;
|
||||
Changes = changes ?? new List<LdapItemChange>();
|
||||
Email = email;
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,215 @@
|
||||
/*
|
||||
*
|
||||
* (c) Copyright Ascensio System Limited 2010-2021
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
using System.ComponentModel;
|
||||
|
||||
using ASC.Common;
|
||||
using ASC.Common.Logging;
|
||||
using ASC.Core.Tenants;
|
||||
using ASC.Core.Users;
|
||||
|
||||
namespace ASC.ActiveDirectory.ComplexOperations.Data
|
||||
{
|
||||
[Scope]
|
||||
public class LdapChangeCollection : List<LdapChange>
|
||||
{
|
||||
public Tenant Tenant { get; set; }
|
||||
private UserFormatter UserFormatter { get; set; }
|
||||
public LdapChangeCollection(UserFormatter userFormatter)
|
||||
{
|
||||
UserFormatter = userFormatter;
|
||||
}
|
||||
|
||||
#region User
|
||||
|
||||
public void SetSkipUserChange(UserInfo user)
|
||||
{
|
||||
var change = new LdapChange(user.Sid,
|
||||
UserFormatter.GetUserName(user, DisplayUserNameFormat.Default),
|
||||
user.Email,
|
||||
LdapChangeType.User, LdapChangeAction.Skip);
|
||||
|
||||
Add(change);
|
||||
}
|
||||
|
||||
public void SetSaveAsPortalUserChange(UserInfo user)
|
||||
{
|
||||
var fieldChanges = new List<LdapItemChange>
|
||||
{
|
||||
new LdapItemChange(LdapItemChangeKey.Sid, user.Sid, null)
|
||||
};
|
||||
|
||||
var change = new LdapChange(user.Sid,
|
||||
UserFormatter.GetUserName(user, DisplayUserNameFormat.Default),
|
||||
user.Email, LdapChangeType.User, LdapChangeAction.SaveAsPortal, fieldChanges);
|
||||
|
||||
Add(change);
|
||||
}
|
||||
|
||||
public void SetNoneUserChange(UserInfo user)
|
||||
{
|
||||
var change = new LdapChange(user.Sid,
|
||||
UserFormatter.GetUserName(user, DisplayUserNameFormat.Default), user.Email,
|
||||
LdapChangeType.User, LdapChangeAction.None);
|
||||
|
||||
Add(change);
|
||||
}
|
||||
|
||||
public void SetUpdateUserChange(UserInfo beforeUserInfo, UserInfo afterUserInfo, ILog log = null)
|
||||
{
|
||||
var fieldChanges =
|
||||
LdapUserMapping.Fields.Select(field => GetPropChange(field, beforeUserInfo, afterUserInfo, log))
|
||||
.Where(pch => pch != null)
|
||||
.ToList();
|
||||
|
||||
var change = new LdapChange(beforeUserInfo.Sid,
|
||||
UserFormatter.GetUserName(afterUserInfo, DisplayUserNameFormat.Default), afterUserInfo.Email,
|
||||
LdapChangeType.User, LdapChangeAction.Update, fieldChanges);
|
||||
|
||||
Add(change);
|
||||
}
|
||||
|
||||
public void SetAddUserChange(UserInfo user, ILog log = null)
|
||||
{
|
||||
var fieldChanges =
|
||||
LdapUserMapping.Fields.Select(field => GetPropChange(field, after: user, log: log))
|
||||
.Where(pch => pch != null)
|
||||
.ToList();
|
||||
|
||||
var change = new LdapChange(user.Sid,
|
||||
UserFormatter.GetUserName(user, DisplayUserNameFormat.Default), user.Email,
|
||||
LdapChangeType.User, LdapChangeAction.Add, fieldChanges);
|
||||
|
||||
Add(change);
|
||||
}
|
||||
|
||||
public void SetRemoveUserChange(UserInfo user)
|
||||
{
|
||||
var change = new LdapChange(user.Sid,
|
||||
UserFormatter.GetUserName(user, DisplayUserNameFormat.Default), user.Email,
|
||||
LdapChangeType.User, LdapChangeAction.Remove);
|
||||
|
||||
Add(change);
|
||||
}
|
||||
#endregion
|
||||
|
||||
#region Group
|
||||
|
||||
public void SetAddGroupChange(GroupInfo group, ILog log = null)
|
||||
{
|
||||
var fieldChanges = new List<LdapItemChange>
|
||||
{
|
||||
new LdapItemChange(LdapItemChangeKey.Name, null, group.Name),
|
||||
new LdapItemChange(LdapItemChangeKey.Sid, null, group.Sid)
|
||||
};
|
||||
|
||||
var change = new LdapChange(group.Sid, group.Name,
|
||||
LdapChangeType.Group, LdapChangeAction.Add, fieldChanges);
|
||||
|
||||
Add(change);
|
||||
}
|
||||
|
||||
public void SetAddGroupMembersChange(GroupInfo group,
|
||||
List<UserInfo> members)
|
||||
{
|
||||
var fieldChanges =
|
||||
members.Select(
|
||||
member =>
|
||||
new LdapItemChange(LdapItemChangeKey.Member, null,
|
||||
UserFormatter.GetUserName(member, DisplayUserNameFormat.Default))).ToList();
|
||||
|
||||
var change = new LdapChange(group.Sid, group.Name,
|
||||
LdapChangeType.Group, LdapChangeAction.AddMember, fieldChanges);
|
||||
|
||||
Add(change);
|
||||
}
|
||||
|
||||
public void SetSkipGroupChange(GroupInfo group)
|
||||
{
|
||||
var change = new LdapChange(group.Sid, group.Name, LdapChangeType.Group,
|
||||
LdapChangeAction.Skip);
|
||||
|
||||
Add(change);
|
||||
}
|
||||
|
||||
public void SetUpdateGroupChange(GroupInfo group)
|
||||
{
|
||||
var fieldChanges = new List<LdapItemChange>
|
||||
{
|
||||
new LdapItemChange(LdapItemChangeKey.Name, group.Name, group.Name)
|
||||
};
|
||||
|
||||
var change = new LdapChange(group.Sid, group.Name,
|
||||
LdapChangeType.Group, LdapChangeAction.Update, fieldChanges);
|
||||
|
||||
Add(change);
|
||||
}
|
||||
|
||||
public void SetRemoveGroupChange(GroupInfo group, ILog log = null)
|
||||
{
|
||||
var change = new LdapChange(group.Sid, group.Name,
|
||||
LdapChangeType.Group, LdapChangeAction.Remove);
|
||||
|
||||
Add(change);
|
||||
}
|
||||
|
||||
public void SetRemoveGroupMembersChange(GroupInfo group,
|
||||
List<UserInfo> members)
|
||||
{
|
||||
var fieldChanges =
|
||||
members.Select(
|
||||
member =>
|
||||
new LdapItemChange(LdapItemChangeKey.Member, null,
|
||||
UserFormatter.GetUserName(member, DisplayUserNameFormat.Default))).ToList();
|
||||
|
||||
var change = new LdapChange(group.Sid, group.Name,
|
||||
LdapChangeType.Group, LdapChangeAction.RemoveMember, fieldChanges);
|
||||
|
||||
Add(change);
|
||||
}
|
||||
|
||||
#endregion
|
||||
|
||||
private static LdapItemChange GetPropChange(string propName, UserInfo before = null, UserInfo after = null, ILog log = null)
|
||||
{
|
||||
try
|
||||
{
|
||||
var valueSrc = before != null
|
||||
? before.GetType().GetProperty(propName).GetValue(before, null) as string
|
||||
: "";
|
||||
var valueDst = after != null
|
||||
? after.GetType().GetProperty(propName).GetValue(before, null) as string
|
||||
: "";
|
||||
|
||||
LdapItemChangeKey key;
|
||||
if (!Enum.TryParse(propName, out key))
|
||||
throw new InvalidEnumArgumentException(propName);
|
||||
|
||||
var change = new LdapItemChange(key, valueSrc, valueDst);
|
||||
|
||||
return change;
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
if (log != null)
|
||||
log.ErrorFormat("GetPropChange({0}) error: {1}", propName, ex);
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,65 @@
|
||||
/*
|
||||
*
|
||||
* (c) Copyright Ascensio System Limited 2010-2021
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace ASC.ActiveDirectory.ComplexOperations.Data
|
||||
{
|
||||
public enum LdapChangeType
|
||||
{
|
||||
User,
|
||||
Group
|
||||
}
|
||||
|
||||
public enum LdapItemChangeKey
|
||||
{
|
||||
Sid,
|
||||
Name,
|
||||
FirstName,
|
||||
LastName,
|
||||
Mail,
|
||||
Phone,
|
||||
Title,
|
||||
Location,
|
||||
Member
|
||||
}
|
||||
|
||||
public enum LdapChangeAction
|
||||
{
|
||||
None,
|
||||
Skip,
|
||||
Add,
|
||||
AddMember,
|
||||
Merge,
|
||||
Update,
|
||||
Remove,
|
||||
RemoveMember,
|
||||
SaveAsPortal
|
||||
}
|
||||
|
||||
public static class LdapUserMapping
|
||||
{
|
||||
public static readonly List<string> Fields = new List<string>
|
||||
{
|
||||
Enum.GetName(typeof(LdapItemChangeKey), LdapItemChangeKey.FirstName),
|
||||
Enum.GetName(typeof(LdapItemChangeKey), LdapItemChangeKey.LastName),
|
||||
Enum.GetName(typeof(LdapItemChangeKey), LdapItemChangeKey.Mail),
|
||||
Enum.GetName(typeof(LdapItemChangeKey), LdapItemChangeKey.Phone),
|
||||
Enum.GetName(typeof(LdapItemChangeKey), LdapItemChangeKey.Title),
|
||||
Enum.GetName(typeof(LdapItemChangeKey), LdapItemChangeKey.Location),
|
||||
Enum.GetName(typeof(LdapItemChangeKey), LdapItemChangeKey.Sid),
|
||||
Enum.GetName(typeof(LdapItemChangeKey), LdapItemChangeKey.Member)
|
||||
};
|
||||
}
|
||||
}
|
@ -0,0 +1,43 @@
|
||||
/*
|
||||
*
|
||||
* (c) Copyright Ascensio System Limited 2010-2021
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
|
||||
using System.Text.Json.Serialization;
|
||||
|
||||
|
||||
namespace ASC.ActiveDirectory.ComplexOperations.Data
|
||||
{
|
||||
public class LdapItemChange
|
||||
{
|
||||
[JsonConverter(typeof(JsonStringEnumConverter))]
|
||||
public LdapItemChangeKey Key { get; private set; }
|
||||
|
||||
public string Before { get; private set; }
|
||||
public string After { get; private set; }
|
||||
|
||||
public bool IsChanged { get; private set; }
|
||||
|
||||
public LdapItemChange(LdapItemChangeKey key, string before, string after)
|
||||
{
|
||||
Key = key;
|
||||
Before = before;
|
||||
After = after;
|
||||
|
||||
IsChanged = Before != null && !Before.Equals(After) || After != null && !After.Equals(Before);
|
||||
}
|
||||
}
|
||||
}
|
138
common/ASC.ActiveDirectory/Novell/Data/NovellLdapObject.cs
Normal file
138
common/ASC.ActiveDirectory/Novell/Data/NovellLdapObject.cs
Normal file
@ -0,0 +1,138 @@
|
||||
/*
|
||||
*
|
||||
* (c) Copyright Ascensio System Limited 2010-2021
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
using ASC.ActiveDirectory.Base;
|
||||
using ASC.ActiveDirectory.Base.Data;
|
||||
using ASC.ActiveDirectory.Novell.Extensions;
|
||||
using ASC.Common;
|
||||
using ASC.Common.Logging;
|
||||
|
||||
using Microsoft.Extensions.Options;
|
||||
|
||||
using Novell.Directory.Ldap;
|
||||
|
||||
namespace ASC.ActiveDirectory.Novell.Data
|
||||
{
|
||||
/// <summary>
|
||||
/// Novell LDAP object class
|
||||
/// </summary>
|
||||
public class NovellLdapObject : LdapObject
|
||||
{
|
||||
private LdapEntry _ldapEntry;
|
||||
private readonly ILog _log;
|
||||
private string _sid;
|
||||
private string _sidAttribute;
|
||||
private readonly NovellLdapEntryExtension _novellLdapEntryExtension;
|
||||
|
||||
/// <summary>
|
||||
/// Constructor
|
||||
/// </summary>
|
||||
/// <param name="ldapEntry">init ldap entry</param>
|
||||
/// <param name="ldapUniqueIdAttribute"></param>
|
||||
public NovellLdapObject(IOptionsMonitor<ILog> option, NovellLdapEntryExtension novellLdapEntryExtension)
|
||||
{
|
||||
_novellLdapEntryExtension = novellLdapEntryExtension;
|
||||
_log = option.Get("ASC");
|
||||
}
|
||||
|
||||
public void Init(LdapEntry ldapEntry, string ldapUniqueIdAttribute = null)
|
||||
{
|
||||
if (ldapEntry == null)
|
||||
throw new ArgumentNullException("ldapEntry");
|
||||
|
||||
_ldapEntry = ldapEntry;
|
||||
|
||||
if (string.IsNullOrEmpty(ldapUniqueIdAttribute))
|
||||
return;
|
||||
|
||||
try
|
||||
{
|
||||
_sid = GetValue(ldapUniqueIdAttribute) as string;
|
||||
_sidAttribute = ldapUniqueIdAttribute;
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
_log.ErrorFormat("Can't get LDAPObject Sid property. {0}", e);
|
||||
}
|
||||
}
|
||||
|
||||
#region .Public
|
||||
|
||||
public override string DistinguishedName
|
||||
{
|
||||
get { return _ldapEntry.Dn; }
|
||||
}
|
||||
|
||||
public override string Sid
|
||||
{
|
||||
get { return _sid; }
|
||||
}
|
||||
|
||||
public override string SidAttribute
|
||||
{
|
||||
get { return _sidAttribute; }
|
||||
}
|
||||
|
||||
public override bool IsDisabled
|
||||
{
|
||||
get
|
||||
{
|
||||
var userAccauntControl = LdapConstants.UserAccountControl.EMPTY;
|
||||
try
|
||||
{
|
||||
var uac = Convert.ToInt32(GetValue(LdapConstants.ADSchemaAttributes.USER_ACCOUNT_CONTROL));
|
||||
userAccauntControl = (LdapConstants.UserAccountControl)uac;
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
_log.ErrorFormat("Can't get LDAPUser UserAccauntControl property. {0}", e);
|
||||
}
|
||||
|
||||
return (userAccauntControl & LdapConstants.UserAccountControl.ADS_UF_ACCOUNTDISABLE) > 0;
|
||||
}
|
||||
}
|
||||
|
||||
#endregion
|
||||
|
||||
/// <summary>
|
||||
/// Get property object
|
||||
/// </summary>
|
||||
/// <param name="propertyName">property name</param>
|
||||
/// <returns>value object</returns>
|
||||
public sealed override object GetValue(string propertyName, bool getBytes = false)
|
||||
{
|
||||
return _novellLdapEntryExtension.GetAttributeValue(_ldapEntry, propertyName, getBytes);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Get property values
|
||||
/// </summary>
|
||||
/// <param name="propertyName">property name</param>
|
||||
/// <returns>list of values</returns>
|
||||
public override List<string> GetValues(string propertyName)
|
||||
{
|
||||
var propertyValueArray = _novellLdapEntryExtension.GetAttributeArrayValue(_ldapEntry, propertyName);
|
||||
if (propertyValueArray == null)
|
||||
{
|
||||
return new List<string>();
|
||||
}
|
||||
|
||||
var properties = propertyValueArray.ToList();
|
||||
return properties;
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user