/** * Creates an external IMAP datasource for one-way IMAP import * * @param account * @param host * @param port * @param connectionType * @param accName * @param login * @param password * @param useAdminAuth * @return DataSource * @throws ServiceException */ public static DataSource createIMAPDataSource( Account account, String host, String port, String connectionType, String sourceServerType, String accName, String login, String password, String batchSize, boolean useAdminAuth) throws ServiceException { Map<String, Object> dsAttrs = new HashMap<String, Object>(); /* * Right now we support only plain authorization mechanism which uses either AUTHORIZE PLAIN and LOGIN commands * If we are using admin credentials, we have to use AUTHORIZE PLAIN command, which may be not supported by some IMAP servers * If we are using user's credentials, we will use LOGIN command which is supported by all IMAP servers */ if (useAdminAuth) { StringUtil.addToMultiMap( dsAttrs, Provisioning.A_zimbraDataSourceAuthMechanism, com.zimbra.cs.mailclient.auth.SaslAuthenticator.PLAIN); // this is the account name for the mailbox. If authorizing as admin, this is the user's // login/mailbox name StringUtil.addToMultiMap(dsAttrs, Provisioning.A_zimbraDataSourceAuthorizationId, accName); } if (ZimbraBulkProvisionExt.EXCHANGE_IMAP.equalsIgnoreCase(sourceServerType)) { StringUtil.addToMultiMap(dsAttrs, Provisioning.A_zimbraDataSourceDomain, ".msexchange"); } StringUtil.addToMultiMap(dsAttrs, Provisioning.A_zimbraDataSourceHost, host); StringUtil.addToMultiMap(dsAttrs, Provisioning.A_zimbraDataSourcePort, port); // this is the login name used for authorization. If authorizing as admin, this is the admin's // username StringUtil.addToMultiMap(dsAttrs, Provisioning.A_zimbraDataSourceUsername, login); StringUtil.addToMultiMap(dsAttrs, Provisioning.A_zimbraDataSourcePassword, password); StringUtil.addToMultiMap( dsAttrs, Provisioning.A_zimbraDataSourceConnectionType, connectionType); StringUtil.addToMultiMap(dsAttrs, Provisioning.A_zimbraDataSourceFolderId, "1"); StringUtil.addToMultiMap(dsAttrs, Provisioning.A_zimbraDataSourceImportOnly, "TRUE"); StringUtil.addToMultiMap(dsAttrs, Provisioning.A_zimbraDataSourceIsInternal, "TRUE"); StringUtil.addToMultiMap( dsAttrs, Provisioning.A_zimbraDataSourceName, ZimbraBulkProvisionExt.IMAP_IMPORT_DS_NAME); StringUtil.addToMultiMap(dsAttrs, Provisioning.A_zimbraDataSourceEnabled, "TRUE"); DataSource importDS = Provisioning.getInstance() .createDataSource( account, DataSourceType.imap, ZimbraBulkProvisionExt.IMAP_IMPORT_DS_NAME, dsAttrs); Map<String, Object> accAttrs = new HashMap<String, Object>(); StringUtil.addToMultiMap(accAttrs, Provisioning.A_zimbraBatchedIndexingSize, batchSize); Provisioning.getInstance().modifyAttrs(account, accAttrs, true); return importDS; }
public Domain getDomain() throws ServiceException { if (mDomain != null) return mDomain; Domain domain = Provisioning.getInstance().getDomain(mAccount); if (domain != null) return domain; Account galSyncAcct = getGalSyncAccount(); if (galSyncAcct != null) domain = Provisioning.getInstance().getDomain(galSyncAcct); if (domain != null) return domain; throw ServiceException.FAILURE("Unable to get domain", null); }
@Override public Element handle(Element request, Map<String, Object> context) throws ServiceException { ZimbraSoapContext zsc = getZimbraSoapContext(context); String action = request.getAttribute(AdminConstants.A_ACTION).toLowerCase(); Element content = request.getElement(MailConstants.E_CONTENT); String aid = content.getAttribute(MailConstants.A_ATTACHMENT_ID, null); boolean flushCache = request.getAttributeBool(AdminConstants.A_FLUSH, false); boolean synchronous = request.getAttributeBool(AdminConstants.A_SYNCHRONOUS, false); if (action.equals(AdminConstants.A_STATUS)) { // just print the status } else if (action.equals(AdminConstants.A_DEPLOYALL)) { for (Server server : Provisioning.getInstance().getAllServers()) { checkRight(zsc, context, server, Admin.R_deployZimlet); } deploy(zsc, aid, zsc.getRawAuthToken(), flushCache, synchronous); if (flushCache) { if (ZimbraLog.misc.isDebugEnabled()) { ZimbraLog.misc.debug("DeployZimlet: flushing zimlet cache"); } checkRight(zsc, context, Provisioning.getInstance().getLocalServer(), Admin.R_flushCache); FlushCache.sendFlushRequest(context, "/service", "/zimlet/res/all.js"); } } else if (action.equals(AdminConstants.A_DEPLOYLOCAL)) { Server localServer = Provisioning.getInstance().getLocalServer(); checkRight(zsc, context, localServer, Admin.R_deployZimlet); deploy(zsc, aid, null, false, synchronous); if (flushCache) { if (ZimbraLog.misc.isDebugEnabled()) { ZimbraLog.misc.debug("DeployZimlet: flushing zimlet cache"); } checkRight(zsc, context, localServer, Admin.R_flushCache); FlushCache.sendFlushRequest(context, "/service", "/zimlet/res/all.js"); } } else { throw ServiceException.INVALID_REQUEST("invalid action " + action, null); } Element response = zsc.createElement(AdminConstants.DEPLOY_ZIMLET_RESPONSE); Progress progress = (Progress) mProgressMap.get(aid); if (progress != null) progress.writeResponse(response); return response; }
static Map<Server, Map<String /* account id */, List<Integer> /* folder ids */>> groupByServer( Map<String /* account id */, List<Integer> /* folder ids */> acctFolders) throws ServiceException { Map<Server, Map<String /* account id */, List<Integer> /* folder ids */>> groupedByServer = new HashMap<Server, Map<String, List<Integer>>>(); Provisioning prov = Provisioning.getInstance(); for (Map.Entry<String, List<Integer>> entry : acctFolders.entrySet()) { String acctId = entry.getKey(); List<Integer> folderIds = entry.getValue(); Account acct = prov.get(AccountBy.id, acctId); if (acct == null) { ZimbraLog.calendar.warn("Skipping unknown account " + acctId + " during calendar search"); continue; } Server server = prov.getServer(acct); if (server == null) { ZimbraLog.calendar.warn( "Skipping account " + acctId + " during calendar search because its home server is unknown"); continue; } Map<String, List<Integer>> map = groupedByServer.get(server); if (map == null) { map = new HashMap<String, List<Integer>>(); groupedByServer.put(server, map); } map.put(acctId, folderIds); } return groupedByServer; }
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { try { // check the auth token AuthToken authToken = getAdminAuthTokenFromCookie(req, resp); if (authToken == null) return; // take the host name Provisioning prov = Provisioning.getInstance(); String hostName = req.getParameter(P_HOST); Server server = prov.get(Key.ServerBy.name, hostName); if (server == null) { throw ServiceException.INVALID_REQUEST( "server with name " + hostName + " could not be found", null); } // call RemoteManager RemoteManager rmgr = RemoteManager.getRemoteManager(server); RemoteResult rr = rmgr.execute(RemoteCommands.COLLECT_CONFIG_FILES); // stream the data resp.setContentType(DOWNLOAD_CONTENT_TYPE); ContentDisposition cd = new ContentDisposition(Part.INLINE).setParameter("filename", hostName + ".conf.tgz"); resp.addHeader("Content-Disposition", cd.toString()); ByteUtil.copy(new ByteArrayInputStream(rr.getMStdout()), true, resp.getOutputStream(), false); } catch (ServiceException e) { returnError(resp, e); return; } }
public Element handle(Element request, Map<String, Object> context) throws ServiceException { ZimbraSoapContext zsc = getZimbraSoapContext(context); Provisioning prov = Provisioning.getInstance(); String id = request.getAttribute(AdminConstants.E_ID); Domain domain = prov.get(DomainBy.id, id); if (domain == null) throw AccountServiceException.NO_SUCH_DOMAIN(id); if (domain.isShutdown()) throw ServiceException.PERM_DENIED( "can not access domain, domain is in " + domain.getDomainStatusAsString() + " status"); checkRight(zsc, context, domain, Admin.R_deleteDomain); String name = domain.getName(); prov.deleteDomain(id); ZimbraLog.security.info( ZimbraLog.encodeAttrs(new String[] {"cmd", "DeleteDomain", "name", name, "id", id})); Element response = zsc.createElement(AdminConstants.DELETE_DOMAIN_RESPONSE); return response; }
/* (non-Javadoc) * @see com.zimbra.soap.DocumentHandler#handle(org.dom4j.Element, java.util.Map) */ public Element handle(Element request, Map<String, Object> context) throws ServiceException { ZimbraSoapContext zsc = getZimbraSoapContext(context); Element a = request.getElement(AdminConstants.E_ACCOUNT); String key = a.getAttribute(AdminConstants.A_BY); String value = a.getText(); Provisioning prov = Provisioning.getInstance(); Account account = prov.get(AccountBy.fromString(key), value, zsc.getAuthToken()); if (account == null) throw AccountServiceException.NO_SUCH_ACCOUNT(value); if (account.isCalendarResource()) { // need a CalendarResource instance for RightChecker CalendarResource resource = prov.get(CalendarResourceBy.id, account.getId()); checkCalendarResourceRight(zsc, resource, Admin.R_getCalendarResourceInfo); } else checkAccountRight(zsc, account, Admin.R_getAccountInfo); Element response = zsc.createElement(AdminConstants.GET_ACCOUNT_INFO_RESPONSE); response.addElement(AdminConstants.E_NAME).setText(account.getName()); addAttr(response, Provisioning.A_zimbraId, account.getId()); addAttr( response, Provisioning.A_zimbraMailHost, account.getAttr(Provisioning.A_zimbraMailHost)); doCos(account, response); addUrls(response, account); return response; }
@BeforeClass public static void init() throws Exception { MailboxTestUtil .initServer(); // TODO: allow paths to be specified so we can run tests outside of // ZimbraServer MailboxManager.setInstance( new MailboxManager() { @Override protected Mailbox instantiateMailbox(MailboxData data) { // mock the behaviors we need to test in DesktopMailbox return new Mailbox(data) { @Override protected boolean needRedo(OperationContext octxt, RedoableOp recorder) { return false; } }; } // TODO: eventually move this into ZimbraOffline and implement all of the provisioning // needed for real DesktopMailbox // try { // return new DesktopMailbox(data) { // }; // } catch (ServiceException e) { // throw new RuntimeException(e); // } }); Provisioning prov = Provisioning.getInstance(); prov.createAccount("*****@*****.**", "secret", new HashMap<String, Object>()); }
public Element handle(Element request, Map<String, Object> context) throws ServiceException { ZimbraSoapContext zsc = getZimbraSoapContext(context); Provisioning prov = Provisioning.getInstance(); boolean applyConfig = request.getAttributeBool(AdminConstants.A_APPLY_CONFIG, true); Set<String> reqAttrs = getReqAttrs(request, AttributeClass.server); Element d = request.getElement(AdminConstants.E_SERVER); String method = d.getAttribute(AdminConstants.A_BY); String name = d.getText(); if (name == null || name.equals("")) throw ServiceException.INVALID_REQUEST("must specify a value for a server", null); Server server = prov.get(ServerBy.fromString(method), name); if (server == null) throw AccountServiceException.NO_SUCH_SERVER(name); AdminAccessControl aac = checkRight(zsc, context, server, AdminRight.PR_ALWAYS_ALLOW); // reload the server prov.reload(server); Element response = zsc.createElement(AdminConstants.GET_SERVER_RESPONSE); encodeServer(response, server, applyConfig, reqAttrs, aac.getAttrRightChecker(server)); return response; }
@BeforeClass public static void init() throws Exception { MailboxTestUtil.initServer(); Provisioning prov = Provisioning.getInstance(); prov.createAccount("*****@*****.**", "secret", new HashMap<String, Object>()); Provisioning.setInstance(prov); }
@Override public Element handle(Element request, Map<String, Object> context) throws ServiceException { ZimbraSoapContext zsc = getZimbraSoapContext(context); Element mreq = request.getElement(AdminConstants.E_MAILBOX); String accountId = mreq.getAttribute(AdminConstants.A_ACCOUNTID); Provisioning prov = Provisioning.getInstance(); Account account = prov.get(AccountBy.id, accountId, zsc.getAuthToken()); if (account == null) { throw AccountServiceException.NO_SUCH_ACCOUNT(accountId); } checkAdminLoginAsRight(zsc, prov, account); Mailbox mbox = MailboxManager.getInstance().getMailboxByAccount(account, false); if (mbox == null) { throw MailServiceException.NO_SUCH_MBOX(accountId); } mbox.recalculateFolderAndTagCounts(); Element response = zsc.createElement(AdminConstants.RECALCULATE_MAILBOX_COUNTS_RESPONSE); response .addElement(AdminConstants.E_MAILBOX) .addAttribute(AdminConstants.A_ACCOUNTID, accountId) .addAttribute(AdminConstants.A_QUOTA_USED, mbox.getSize()); return response; }
public Element handle(Element request, Map<String, Object> context) throws ServiceException { ZimbraSoapContext zsc = getZimbraSoapContext(context); Provisioning prov = Provisioning.getInstance(); String id = request.getAttribute(AdminConstants.E_ID); DistributionList distributionList = prov.get(DistributionListBy.id, id); if (distributionList == null) throw AccountServiceException.NO_SUCH_DISTRIBUTION_LIST(id); checkDistributionListRight(zsc, distributionList, Admin.R_deleteDistributionList); prov.deleteDistributionList(distributionList.getId()); ZimbraLog.security.info( ZimbraLog.encodeAttrs( new String[] { "cmd", "DeleteDistributionList", "name", distributionList.getName(), "id", distributionList.getId() })); Element response = zsc.createElement(AdminConstants.DELETE_DISTRIBUTION_LIST_RESPONSE); return response; }
private void populateIdToNameMaps(Set<String>[] idHolders) { Map<String, String> result = null; for (int bucket = 0; bucket < NUM_GRANTEE_TYPES; bucket++) { if (idHolders[bucket] == null || idHolders[bucket].isEmpty()) continue; try { Provisioning.EntryType entryType = null; if (bucket == USR_GRANTEES) entryType = Provisioning.EntryType.account; else if (bucket == GRP_GRANTEES) entryType = Provisioning.EntryType.group; else if (bucket == COS_GRANTEES) entryType = Provisioning.EntryType.cos; else if (bucket == DOM_GRANTEES) entryType = Provisioning.EntryType.domain; if (entryType != null) // should not result = Provisioning.getInstance().getNamesForIds(idHolders[bucket], entryType); } catch (ServiceException e) { // log a warning, return an empty map, and let the flow continue ZimbraLog.mailbox.warn("cannot lookup user grantee names", e); mEncounteredLDAPFailure = true; // so that we don't mark grants invalid } if (result != null) { if (mIdsToNamesMap[bucket] == null) mIdsToNamesMap[bucket] = result; else mIdsToNamesMap[bucket].putAll(result); } } }
private static Account validateAuthTokenInternal( Provisioning prov, AuthToken at, boolean addToLoggingContext) throws ServiceException { if (prov == null) { prov = Provisioning.getInstance(); } if (at.isExpired()) { throw ServiceException.AUTH_EXPIRED(); } // make sure that the authenticated account is still active and has not been deleted since the // last request String acctId = at.getAccountId(); Account acct = prov.get(AccountBy.id, acctId, at); if (acct == null) { throw ServiceException.AUTH_EXPIRED("account " + acctId + " not found"); } if (addToLoggingContext) { ZimbraLog.addAccountNameToContext(acct.getName()); } if (!acct.checkAuthTokenValidityValue(at)) { throw ServiceException.AUTH_EXPIRED("invalid validity value"); } boolean delegatedAuth = at.isDelegatedAuth(); String acctStatus = acct.getAccountStatus(prov); if (!delegatedAuth && !Provisioning.ACCOUNT_STATUS_ACTIVE.equals(acctStatus)) { throw ServiceException.AUTH_EXPIRED("account not active"); } // if using delegated auth, make sure the "admin" is really an active admin account if (delegatedAuth) { // note that delegated auth allows access unless the account's in maintenance mode if (Provisioning.ACCOUNT_STATUS_MAINTENANCE.equals(acctStatus)) { throw ServiceException.AUTH_EXPIRED("delegated account in MAINTENANCE mode"); } Account admin = prov.get(AccountBy.id, at.getAdminAccountId()); if (admin == null) { throw ServiceException.AUTH_EXPIRED( "delegating account " + at.getAdminAccountId() + " not found"); } boolean isAdmin = AdminAccessControl.isAdequateAdminAccount(admin); if (!isAdmin) { throw ServiceException.PERM_DENIED("not an admin for delegated auth"); } if (!Provisioning.ACCOUNT_STATUS_ACTIVE.equals(admin.getAccountStatus(prov))) { throw ServiceException.AUTH_EXPIRED("delegating account is not active"); } } return acct; }
@Override public Account authenticate( String username, String authenticateId, String password, AuthContext.Protocol protocol, String origRemoteIp, String remoteIp, String userAgent) throws ServiceException { Provisioning prov = Provisioning.getInstance(); Account authAccount = prov.get(Key.AccountBy.name, authenticateId); if (authAccount == null) { ZimbraLog.account.info("authentication failed for " + authenticateId + " (no such account)"); return null; } // authenticate the authentication principal Map<String, Object> authCtxt = new HashMap<String, Object>(); authCtxt.put(AuthContext.AC_ORIGINATING_CLIENT_IP, origRemoteIp); authCtxt.put(AuthContext.AC_REMOTE_IP, remoteIp); authCtxt.put(AuthContext.AC_ACCOUNT_NAME_PASSEDIN, authenticateId); authCtxt.put(AuthContext.AC_USER_AGENT, userAgent); prov.authAccount(authAccount, password, protocol, authCtxt); return authorize(authAccount, username, true); }
public static boolean checkGlobalOverride(String attr, Account account) throws ServletException { Provisioning prov = Provisioning.getInstance(); try { return prov.getConfig().getBooleanAttr(attr, false) || account.getBooleanAttr(attr, false); } catch (ServiceException e) { throw new ServletException(e); } }
static void doCos(Account acct, Element response) throws ServiceException { Cos cos = Provisioning.getInstance().getCOS(acct); if (cos != null) { Element eCos = response.addUniqueElement(AdminConstants.E_COS); eCos.addAttribute(AdminConstants.A_ID, cos.getId()); eCos.addAttribute(AdminConstants.A_NAME, cos.getName()); } }
private SetCurrentVolumeResponse handle(SetCurrentVolumeRequest req, Map<String, Object> ctx) throws ServiceException { ZimbraSoapContext zsc = getZimbraSoapContext(ctx); checkRight(zsc, ctx, Provisioning.getInstance().getLocalServer(), Admin.R_manageVolume); short volId = req.getId() > 0 ? req.getId() : Volume.ID_NONE; VolumeManager.getInstance().setCurrentVolume(req.getType(), volId); return new SetCurrentVolumeResponse(); }
static ZMailbox getRemoteMailbox(ZAuthToken zat, String ownerId) throws ServiceException { Account target = Provisioning.getInstance().get(Key.AccountBy.id, ownerId); if (target == null) return null; ZMailbox.Options zoptions = new ZMailbox.Options(zat, AccountUtil.getSoapUri(target)); zoptions.setNoSession(true); zoptions.setTargetAccount(ownerId); zoptions.setTargetAccountBy(Key.AccountBy.id); return ZMailbox.getMailbox(zoptions); }
public String[] getSslExcludedCiphers() { String key = Provisioning.A_zimbraSSLExcludeCipherSuites; try { return Provisioning.getInstance().getConfig().getMultiAttr(key); } catch (ServiceException e) { getLog().warn("Unable to get global attribute: " + key, e); return null; } }
@BeforeClass public static void init() throws Exception { DOMAIN_NAME = baseDomainName(); ACCT_EMAIL = "user1" + "@" + DOMAIN_NAME; SERVER_NAME = "server-" + "-" + TEST_CLASS_NAME; COS_NAME = "cos-" + "-" + TEST_CLASS_NAME; prov = Provisioning.getInstance(); }
public boolean isServiceEnabled() { try { return Provisioning.getInstance() .getLocalServer() .getBooleanAttr(Provisioning.A_zimbraUserServicesEnabled, true); } catch (ServiceException e) { getLog().error("Unabled to determine the service availability", e); return false; } }
public synchronized void saveProperties(Account account) throws ServiceException { String[] props = new String[properties.size()]; int index = 0; for (Prop prop : properties) { props[index++] = prop.getSerialization(); } Provisioning.getInstance() .modifyAttrs( account, Collections.singletonMap(Provisioning.A_zimbraZimletUserProperties, props)); }
@Override public String toString() { String url; try { url = URLUtil.getAdminURL(Provisioning.getInstance().get(Key.ServerBy.name, server)); } catch (ServiceException ex) { url = server; } return Objects.toStringHelper(this).add("url", url).add("acctId", targetAcctId).toString(); }
private AuthToken getAuthTokenForApp( HttpServletRequest req, HttpServletResponse resp, boolean doNotSendHttpError) throws IOException, ServiceException { Config config = Provisioning.getInstance().getConfig(); int adminPort = config.getIntAttr(Provisioning.A_zimbraAdminPort, 0); if (adminPort == req.getLocalPort()) { return getAdminAuthTokenFromCookie(req, resp, doNotSendHttpError); } return getAuthTokenFromCookie(req, resp, doNotSendHttpError); }
private void setStatus(boolean success) throws ServiceException { Date now = new Date(); DataSource ds = getDataSource(); Map<String, Object> attrs = new HashMap<String, Object>(); String attr = success ? Provisioning.A_zimbraGalLastSuccessfulSyncTimestamp : Provisioning.A_zimbraGalLastFailedSyncTimestamp; attrs.put(attr, DateUtil.toGeneralizedTime(now)); Provisioning.getInstance().modifyDataSource(ds.getAccount(), ds.getId(), attrs); }
public RemoteCollection(DavContext ctxt, Mountpoint mp) throws DavException, ServiceException { super(ctxt, mp); mRemoteOwnerId = mp.getOwnerId(); mRemoteId = mp.getRemoteId(); addResourceType(DavElements.E_MOUNTPOINT); getMountpointTarget(ctxt); mMailboxId = 0; Account target = Provisioning.getInstance().get(Key.AccountBy.id, mRemoteOwnerId); if (target != null && Provisioning.onLocalServer(target)) mMailboxId = MailboxManager.getInstance().getMailboxByAccount(target).getId(); }
@Override public void postModify(CallbackContext context, String attrName, Entry entry) { if (!(entry instanceof DistributionList)) return; Provisioning prov = Provisioning.getInstance(); if (!(prov instanceof LdapProv)) return; DistributionList group = (DistributionList) entry; ((LdapProv) prov).removeFromCache(group); }
public Element handle(Element request, Map<String, Object> context) throws ServiceException { ZimbraSoapContext zc = getZimbraSoapContext(context); Server server = Provisioning.getInstance().getLocalServer(); Element response = zc.createElement(MailConstants.GET_SPELL_DICTIONARIES_RESPONSE); for (String dictionary : server.getSpellAvailableDictionary()) { response.addElement(MailConstants.E_DICTIONARY).setText(dictionary); } return response; }
@Override public void postModify(Map context, String attrName, Entry entry, boolean isCreate) { if (!(entry instanceof DistributionList)) return; Provisioning prov = Provisioning.getInstance(); if (!(prov instanceof LdapProvisioning)) return; DistributionList group = (DistributionList) entry; LdapProvisioning ldapProv = (LdapProvisioning) prov; ldapProv.removeFromCache(group); }