Skip to content

Commit

Permalink
Merge patch branch changes to main.
Browse files Browse the repository at this point in the history
  • Loading branch information
necouchman committed Dec 2, 2024
2 parents 494c4ce + 63f95f3 commit 607e611
Show file tree
Hide file tree
Showing 17 changed files with 464 additions and 277 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -22,25 +22,17 @@
import com.google.inject.Inject;
import java.util.Collection;
import java.util.Set;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
import org.apache.guacamole.properties.CaseSensitivity;
import org.apache.ibatis.session.SqlSession;
import org.mybatis.guice.transactional.Transactional;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
* Service which provides convenience methods for creating, retrieving, and
* manipulating entities.
*/
public class EntityService {

/**
* The Logger for this class.
*/
private static final Logger LOGGER = LoggerFactory.getLogger(EntityService.class);

/**
* The Guacamole server environment.
*/
Expand Down Expand Up @@ -85,18 +77,8 @@ public class EntityService {
public Set<String> retrieveEffectiveGroups(ModeledPermissions<? extends EntityModel> entity,
Collection<String> effectiveGroups) {

CaseSensitivity caseSensitivity = CaseSensitivity.ENABLED;
try {
caseSensitivity = environment.getCaseSensitivity();
}
catch (GuacamoleException e) {
LOGGER.warn("Unable to retrieve configuration setting for group "
+ "name case sensitivity: {}. Group names will be treated "
+ "as case-sensitive.", e.getMessage());
LOGGER.debug("An exception was caught while trying to get group name"
+ "case sensitivity configuration.", e);
}

CaseSensitivity caseSensitivity = environment.getCaseSensitivity();

// Retrieve the effective user groups of the given entity, recursively if possible
boolean recursive = environment.isRecursiveQuerySupported(sqlSession);
Set<String> identifiers = entityMapper.selectEffectiveGroupIdentifiers(
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -638,21 +638,8 @@ private List<ModeledConnection> getBalancedConnections(ModeledAuthenticatedUser
if (connectionGroup.isSessionAffinityEnabled())
identifiers = getPreferredConnections(user, identifiers);

CaseSensitivity caseSensitivity = CaseSensitivity.ENABLED;
try {
caseSensitivity = environment.getCaseSensitivity();
}
catch (GuacamoleException e) {
logger.warn("Error trying to retrieve case sensitivity configuration: {}."
+ "Both usernames and group names will be treated as case-"
+ "sensitive.", e.getMessage());
logger.debug("An exception was received while trying to retrieve the "
+ "case sensitivity configuration.", e);
}

// Retrieve all children
Collection<ConnectionModel> models = connectionMapper.select(identifiers,
caseSensitivity);
Collection<ConnectionModel> models = connectionMapper.select(identifiers, environment.getCaseSensitivity());
List<ModeledConnection> connections = new ArrayList<ModeledConnection>(models.size());

// Convert each retrieved model to a modeled connection
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -195,9 +195,4 @@ public boolean isPrivileged() throws GuacamoleException {
return getUser().isPrivileged();
}

@Override
public boolean isCaseSensitive() {
return user.isCaseSensitive();
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,6 @@
import org.apache.guacamole.auth.jdbc.security.PasswordEncryptionService;
import org.apache.guacamole.auth.jdbc.security.SaltService;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
import org.apache.guacamole.auth.jdbc.base.ModeledPermissions;
import org.apache.guacamole.form.BooleanField;
import org.apache.guacamole.form.DateField;
Expand All @@ -51,6 +50,7 @@
import org.apache.guacamole.net.auth.Permissions;
import org.apache.guacamole.net.auth.RelatedObjectSet;
import org.apache.guacamole.net.auth.User;
import org.apache.guacamole.properties.CaseSensitivity;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

Expand Down Expand Up @@ -151,12 +151,6 @@ public class ModeledUser extends ModeledPermissions<UserModel> implements User {
TIMEZONE_ATTRIBUTE_NAME
)));

/**
* Service for managing users.
*/
@Inject
private UserService userService;

/**
* Service for hashing passwords.
*/
Expand All @@ -181,20 +175,18 @@ public class ModeledUser extends ModeledPermissions<UserModel> implements User {
*/
@Inject
private Provider<UserRecordSet> userRecordSetProvider;

/**
* The environment associated with this instance of the JDBC authentication
* module.
*/
@Inject
private JDBCEnvironment environment;

/**
* Whether attributes which control access restrictions should be exposed
* via getAttributes() or allowed to be set via setAttributes().
*/
private boolean exposeRestrictedAttributes = false;

/**
* Whether usernames should be considered case-sensitive.
*/
private boolean caseSensitive = true;

/**
* Initializes this ModeledUser, associating it with the current
* authenticated user and populating it with data from the given user
Expand All @@ -212,9 +204,10 @@ public class ModeledUser extends ModeledPermissions<UserModel> implements User {
* setAttributes().
*/
public void init(ModeledAuthenticatedUser currentUser, UserModel model,
boolean exposeRestrictedAttributes) {
boolean exposeRestrictedAttributes, boolean caseSensitive) {
super.init(currentUser, model);
this.exposeRestrictedAttributes = exposeRestrictedAttributes;
this.caseSensitive = caseSensitive;
}

/**
Expand Down Expand Up @@ -249,6 +242,16 @@ public void setModel(UserModel model) {

}

@Override
public String getIdentifier() {
return CaseSensitivity.canonicalize(super.getIdentifier(), caseSensitive);
}

@Override
public void setIdentifier(String identifier) {
super.setIdentifier(CaseSensitivity.canonicalize(identifier, caseSensitive));
}

@Override
public String getPassword() {
return password;
Expand Down Expand Up @@ -789,19 +792,4 @@ public boolean isSkeleton() {
return (getModel().getEntityID() == null);
}

@Override
public boolean isCaseSensitive() {
try {
return environment.getCaseSensitivity().caseSensitiveUsernames();
}
catch (GuacamoleException e) {
logger.error("Failed to retrieve the configuration for case sensitivity: {}. "
+ "Username comparisons will be case-sensitive.",
e.getMessage());
logger.debug("An exception was caught when attempting to retrieve the "
+ "case sensitivity configuration.", e);
return true;
}
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -197,7 +197,8 @@ else if (currentUser != null)
// Produce ModeledUser exposing only those attributes for which the
// current user has permission
ModeledUser user = userProvider.get();
user.init(currentUser, model, exposeRestrictedAttributes);
user.init(currentUser, model, exposeRestrictedAttributes,
environment.getCaseSensitivity().caseSensitiveUsernames());
return user;

}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,35 +21,24 @@

import com.google.inject.Inject;
import com.google.inject.Provider;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.apache.guacamole.GuacamoleException;
import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
import org.apache.guacamole.auth.jdbc.base.ModeledPermissions;
import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
import org.apache.guacamole.form.BooleanField;
import org.apache.guacamole.form.Field;
import org.apache.guacamole.form.Form;
import org.apache.guacamole.net.auth.RelatedObjectSet;
import org.apache.guacamole.net.auth.UserGroup;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.apache.guacamole.properties.CaseSensitivity;

/**
* An implementation of the UserGroup object which is backed by a database model.
*/
public class ModeledUserGroup extends ModeledPermissions<UserGroupModel>
implements UserGroup {

/**
* The Logger for this class.
*/
private static final Logger LOGGER = LoggerFactory.getLogger(ModeledUserGroup.class);

/**
* All possible attributes of user groups organized as individual,
* logical forms.
Expand Down Expand Up @@ -83,19 +72,17 @@ public class ModeledUserGroup extends ModeledPermissions<UserGroupModel>
@Inject
private Provider<UserGroupMemberUserGroupSet> memberUserGroupSetProvider;

/**
* The environment associated with this instance of the JDBC authentication
* module.
*/
@Inject
private JDBCEnvironment environment;

/**
* Whether attributes which control access restrictions should be exposed
* via getAttributes() or allowed to be set via setAttributes().
*/
private boolean exposeRestrictedAttributes = false;

/**
* Whether group names should be considered case-sensitive.
*/
private boolean caseSensitive = true;

/**
* Initializes this ModeledUserGroup, associating it with the current
* authenticated user and populating it with data from the given user group
Expand All @@ -111,13 +98,28 @@ public class ModeledUserGroup extends ModeledPermissions<UserGroupModel>
* Whether attributes which control access restrictions should be
* exposed via getAttributes() or allowed to be set via
* setAttributes().
*
* @param caseSensitive
* true if group names should be considered case-sensitive, false
* otherwise.
*/
public void init(ModeledAuthenticatedUser currentUser, UserGroupModel model,
boolean exposeRestrictedAttributes) {
boolean exposeRestrictedAttributes, boolean caseSensitive) {
super.init(currentUser, model);
this.exposeRestrictedAttributes = exposeRestrictedAttributes;
this.caseSensitive = caseSensitive;
}


@Override
public String getIdentifier() {
return CaseSensitivity.canonicalize(super.getIdentifier(), caseSensitive);
}

@Override
public void setIdentifier(String identifier) {
super.setIdentifier(CaseSensitivity.canonicalize(identifier, caseSensitive));
}

@Override
public boolean isDisabled() {
return getModel().isDisabled();
Expand Down Expand Up @@ -203,19 +205,4 @@ public RelatedObjectSet getMemberUserGroups() throws GuacamoleException {
return memberUserGroupSet;
}

@Override
public boolean isCaseSensitive() {
try {
return environment.getCaseSensitivity().caseSensitiveGroupNames();
}
catch (GuacamoleException e) {
LOGGER.error("Error while retrieving case sensitivity configuration: {}. "
+ "Group names comparisons will be case-sensitive.",
e.getMessage());
LOGGER.debug("An exception was caught when attempting to retrieve the "
+ "case sensitivity configuration.", e);
return true;
}
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,8 @@ protected ModeledUserGroup getObjectInstance(ModeledAuthenticatedUser currentUse
// Produce ModeledUserGroup exposing only those attributes for which the
// current user has permission
ModeledUserGroup group = userGroupProvider.get();
group.init(currentUser, model, exposeRestrictedAttributes);
group.init(currentUser, model, exposeRestrictedAttributes,
environment.getCaseSensitivity().caseSensitiveGroupNames());
return group;

}
Expand Down
Loading

0 comments on commit 607e611

Please sign in to comment.