Examples of org.pentaho.platform.plugin.services.security.userrole.ldap.RolePreprocessingMapper

• org.pentaho.platform.plugin.services.security.userrole.ldap.RolePreprocessingMapper
  Extension of LdapUserDetailsMapper which extracts the value of the component named tokenName within any attribute in roleAttributes.

  Example LDIF:

   dn: uid=admin,ou=users,ou=system ... uniqueMember: cn=ceo,ou=roles 

  Assume that you want the value of the cn component within the value of the uniqueMember attribute to be used as the role name. You would use mapper.setTokenName("cn") or the equivalent to this setter call in your Spring beans XML. @author mlowery

  public void testGetAuthoritiesForUser1() throws Exception {
    LdapUserSearch userSearch = getUserSearch( "ou=users", "(uid={0})" ); //$NON-NLS-1$//$NON-NLS-2$

    LdapUserDetailsService service = new LdapUserDetailsService( userSearch, new NoOpLdapAuthoritiesPopulator() );

    RolePreprocessingMapper mapper = new RolePreprocessingMapper();
    mapper.setRoleAttributes( new String[] { "uniqueMember" } ); //$NON-NLS-1$
    mapper.setTokenName( "cn" ); //$NON-NLS-1$
    service.setUserDetailsMapper( mapper );

    DefaultLdapUserRoleListService userRoleListService = new DefaultLdapUserRoleListService();

    userRoleListService.setUserDetailsService( service );

    LdapUserSearch userSearch = getUserSearch( "ou=users", "(uid={0})" ); //$NON-NLS-1$//$NON-NLS-2$

    LdapUserDetailsService service = new LdapUserDetailsService( userSearch, new NoOpLdapAuthoritiesPopulator() );

    RolePreprocessingMapper mapper = new RolePreprocessingMapper();
    mapper.setRoleAttributes( new String[] { "uniqueMember" } ); //$NON-NLS-1$
    mapper.setTokenName( "cn" ); //$NON-NLS-1$
    service.setUserDetailsMapper( mapper );

    DefaultLdapUserRoleListService userRoleListService = new DefaultLdapUserRoleListService();

    userRoleListService.setUserDetailsService( service );

public class RolePreprocessingMapperTests extends AbstractPentahoLdapIntegrationTests {

  @SuppressWarnings( "unchecked" )
  @Test
  public void testMapUserFromContext() throws Exception {
    RolePreprocessingMapper mapper = new RolePreprocessingMapper();
    mapper.setTokenName( "cn" ); //$NON-NLS-1$
    mapper.setRolePrefix( "" ); //$NON-NLS-1$
    mapper.setRoleAttributes( new String[] { "uniqueMember" } ); //$NON-NLS-1$

    // get the user record
    DirContextOperations ctx = new SpringSecurityLdapTemplate( getContextSource() ).retrieveEntry( "uid=suzy,ou=users", //$NON-NLS-1$
        null );

    // get any roles that aren't in the user record
    Set<String> extraRoles =
        new SpringSecurityLdapTemplate( getContextSource() ).searchForSingleAttributeValues(
            "ou=roles", "roleoccupant={0}", new String[] { "uid=suzy,ou=users,dc=pentaho,dc=org", "suzy" }, "cn" ); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ //$NON-NLS-4$ //$NON-NLS-5$

    GrantedAuthority[] authorities = new GrantedAuthority[extraRoles.size()];
    int i = 0;
    for ( String extraRole : extraRoles ) {
      authorities[i++] = new GrantedAuthorityImpl( extraRole );
    }

    // use the mapper to create a UserDetails instance
    UserDetails userDetails = mapper.mapUserFromContext( ctx, "suzy", authorities ); //$NON-NLS-1$
    System.out.println( userDetails );

    // this asserts the ordering too; not strictly necessary
    GrantedAuthority[] expected =
        new GrantedAuthority[] { new GrantedAuthorityImpl( "A" ), new GrantedAuthorityImpl( "cto" ), //$NON-NLS-1$ //$NON-NLS-2$