View Javadoc
1   /*
2    * Copyright 2019 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.bremersee.dccon.repository.ldap;
18  
19  import static org.bremersee.data.ldaptive.LdaptiveEntryMapper.getAttributeValue;
20  import static org.bremersee.data.ldaptive.LdaptiveEntryMapper.setAttribute;
21  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.DESCRIPTION;
22  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.DISPLAY_NAME;
23  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.GECOS;
24  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.GIVEN_NAME;
25  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.HOME_DIRECTORY;
26  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.LAST_LOGON;
27  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.LOGIN_SHELL;
28  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.LOGON_COUNT;
29  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.MAIL;
30  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.MEMBER_OF;
31  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.MOBILE;
32  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.NAME;
33  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.OBJECT_SID;
34  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.PWD_LAST_SET;
35  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.SAM_ACCOUNT_NAME;
36  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.SN;
37  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.TELEPHONE_NUMBER;
38  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.UID;
39  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.UNIX_HOME_DIRECTORY;
40  import static org.bremersee.dccon.repository.ldap.DomainUserLdapConstants.USER_ACCOUNT_CONTROL;
41  
42  import java.util.ArrayList;
43  import java.util.List;
44  import org.bremersee.data.ldaptive.LdaptiveEntryMapper;
45  import org.bremersee.dccon.config.DomainControllerProperties;
46  import org.bremersee.dccon.model.DomainUser;
47  import org.bremersee.dccon.repository.ldap.transcoder.FileTimeToOffsetDateTimeValueTranscoder;
48  import org.bremersee.dccon.repository.ldap.transcoder.SidValueTranscoder;
49  import org.bremersee.dccon.repository.ldap.transcoder.UserAccountControlValueTranscoder;
50  import org.bremersee.dccon.repository.ldap.transcoder.UserGroupValueTranscoder;
51  import org.ldaptive.AttributeModification;
52  import org.ldaptive.LdapEntry;
53  import org.ldaptive.io.IntegerValueTranscoder;
54  import org.ldaptive.io.StringValueTranscoder;
55  
56  /**
57   * The domain user ldap mapper.
58   *
59   * @author Christian Bremer
60   */
61  public class DomainUserLdapMapper extends AbstractLdapMapper implements
62      LdaptiveEntryMapper<DomainUser> {
63  
64    private static final StringValueTranscoder STRING_VALUE_TRANSCODER = new StringValueTranscoder();
65  
66    private static IntegerValueTranscoder INT_VALUE_TRANSCODER = new IntegerValueTranscoder();
67  
68    private static FileTimeToOffsetDateTimeValueTranscoder AD_TIME_VALUE_TRANSCODER
69        = new FileTimeToOffsetDateTimeValueTranscoder();
70  
71    private static UserAccountControlValueTranscoder USER_ACCOUNT_CONTROL_VALUE_TRANSCODER
72        = new UserAccountControlValueTranscoder();
73  
74    private UserGroupValueTranscoder userGroupValueTranscoder;
75  
76    private SidValueTranscoder sidValueTranscoder;
77  
78    /**
79     * Instantiates a new domain user ldap mapper.
80     *
81     * @param properties the properties
82     */
83    public DomainUserLdapMapper(DomainControllerProperties properties) {
84      super(properties);
85      this.userGroupValueTranscoder = new UserGroupValueTranscoder(properties);
86      this.sidValueTranscoder = new SidValueTranscoder(properties);
87    }
88  
89    @Override
90    public String[] getObjectClasses() {
91      return new String[0];
92    }
93  
94    @Override
95    public String mapDn(final DomainUser domainUser) {
96      return createDn(
97          getProperties().getUserRdn(),
98          domainUser.getUserName(),
99          getProperties().getUserBaseDn());
100   }
101 
102   @Override
103   public DomainUser map(final LdapEntry ldapEntry) {
104     if (ldapEntry == null) {
105       return null;
106     }
107     final DomainUser destination = new DomainUser();
108     map(ldapEntry, destination);
109     return destination;
110   }
111 
112   @Override
113   public void map(
114       final LdapEntry ldapEntry,
115       final DomainUser domainUser) {
116     if (ldapEntry == null) {
117       return;
118     }
119     mapCommonAttributes(ldapEntry, domainUser);
120     domainUser.setSid(getAttributeValue(ldapEntry,
121         OBJECT_SID, sidValueTranscoder, null));
122     domainUser.setUserName(getAttributeValue(ldapEntry,
123         SAM_ACCOUNT_NAME, STRING_VALUE_TRANSCODER, null));
124     domainUser.setFirstName(getAttributeValue(ldapEntry,
125         GIVEN_NAME, STRING_VALUE_TRANSCODER, null));
126     domainUser.setLastName(getAttributeValue(ldapEntry,
127         SN, STRING_VALUE_TRANSCODER, null));
128     domainUser.setDisplayName(getAttributeValue(ldapEntry,
129         DISPLAY_NAME, STRING_VALUE_TRANSCODER, getAttributeValue(ldapEntry,
130             GECOS, STRING_VALUE_TRANSCODER, null)));
131     domainUser.setEmail(getAttributeValue(ldapEntry,
132         MAIL, STRING_VALUE_TRANSCODER, null));
133     domainUser.setTelephoneNumber(getAttributeValue(ldapEntry,
134         TELEPHONE_NUMBER, STRING_VALUE_TRANSCODER, null));
135     domainUser.setMobile(getAttributeValue(ldapEntry,
136         MOBILE, STRING_VALUE_TRANSCODER, null));
137     domainUser.setGroups(LdaptiveEntryMapper.getAttributeValuesAsList(ldapEntry,
138         MEMBER_OF, userGroupValueTranscoder));
139     domainUser.getGroups().sort(String::compareToIgnoreCase);
140     domainUser.setDescription(getAttributeValue(ldapEntry,
141         DESCRIPTION, STRING_VALUE_TRANSCODER, null));
142     domainUser.setHomeDirectory(getAttributeValue(ldapEntry,
143         HOME_DIRECTORY, STRING_VALUE_TRANSCODER, null));
144     domainUser.setUnixHomeDirectory(getAttributeValue(ldapEntry,
145         UNIX_HOME_DIRECTORY, STRING_VALUE_TRANSCODER, null));
146     domainUser.setLoginShell(getAttributeValue(ldapEntry,
147         LOGIN_SHELL, STRING_VALUE_TRANSCODER, null));
148     domainUser.setLastLogon(getAttributeValue(ldapEntry,
149         LAST_LOGON, AD_TIME_VALUE_TRANSCODER, null));
150     domainUser.setLogonCount(getAttributeValue(ldapEntry,
151         LOGON_COUNT, INT_VALUE_TRANSCODER, null));
152     domainUser.setPasswordLastSet(getAttributeValue(ldapEntry,
153         PWD_LAST_SET, AD_TIME_VALUE_TRANSCODER, null));
154 
155     Integer userAccountControlValue = getAttributeValue(ldapEntry,
156         USER_ACCOUNT_CONTROL, USER_ACCOUNT_CONTROL_VALUE_TRANSCODER, null);
157     domainUser.setEnabled(
158         UserAccountControlValueTranscoder.isUserAccountEnabled(userAccountControlValue));
159   }
160 
161   @Override
162   public AttributeModification[] mapAndComputeModifications(
163       final DomainUser source,
164       final LdapEntry destination) {
165 
166     final List<AttributeModification> modifications = new ArrayList<>();
167     setAttribute(destination,
168         SAM_ACCOUNT_NAME, source.getUserName(), false, STRING_VALUE_TRANSCODER,
169         modifications);
170     setAttribute(destination,
171         NAME, source.getUserName(), false, STRING_VALUE_TRANSCODER,
172         modifications);
173     setAttribute(destination,
174         UID, source.getUserName(), false, STRING_VALUE_TRANSCODER,
175         modifications);
176     setAttribute(destination,
177         GIVEN_NAME, source.getFirstName(), false, STRING_VALUE_TRANSCODER, modifications);
178     setAttribute(destination,
179         SN, source.getLastName(), false, STRING_VALUE_TRANSCODER, modifications);
180     setAttribute(destination,
181         DISPLAY_NAME, source.getDisplayName(), false, STRING_VALUE_TRANSCODER,
182         modifications);
183     setAttribute(destination,
184         GECOS, source.getDisplayName(), false, STRING_VALUE_TRANSCODER,
185         modifications);
186     setAttribute(destination,
187         MAIL, source.getEmail(), false, STRING_VALUE_TRANSCODER, modifications);
188     setAttribute(destination,
189         TELEPHONE_NUMBER, source.getTelephoneNumber(), false, STRING_VALUE_TRANSCODER,
190         modifications);
191     setAttribute(destination,
192         MOBILE, source.getMobile(), false, STRING_VALUE_TRANSCODER, modifications);
193     setAttribute(destination,
194         DESCRIPTION, source.getDescription(), false, STRING_VALUE_TRANSCODER, modifications);
195 
196     setAttribute(destination,
197         HOME_DIRECTORY, source.getHomeDirectory(), false, STRING_VALUE_TRANSCODER,
198         modifications);
199     setAttribute(destination,
200         UNIX_HOME_DIRECTORY, source.getUnixHomeDirectory(), false, STRING_VALUE_TRANSCODER,
201         modifications);
202     setAttribute(destination,
203         LOGIN_SHELL, source.getLoginShell(), false, STRING_VALUE_TRANSCODER,
204         modifications);
205 
206     // Groups must be set in group entity.
207     // setAttributes(destination,
208     //     "memberOf", source.getGroups(), false, userGroupValueTranscoder,
209     //     modifications);
210 
211     Integer userAccountControlValue = getAttributeValue(destination,
212         USER_ACCOUNT_CONTROL, USER_ACCOUNT_CONTROL_VALUE_TRANSCODER, null);
213     userAccountControlValue = UserAccountControlValueTranscoder.getUserAccountControlValue(
214         source.getEnabled(),
215         userAccountControlValue);
216     setAttribute(destination,
217         USER_ACCOUNT_CONTROL, userAccountControlValue, false,
218         USER_ACCOUNT_CONTROL_VALUE_TRANSCODER, modifications);
219 
220     return modifications.toArray(new AttributeModification[0]);
221   }
222 
223 }