Ldap fixes (#3694)

* pass domainid for list users

* passing arg in wizzard

* adding userfilter to list ldap users and usersource to response

  port of list ldap users tests to java

* assertion of differnt junit ldap methods

* broken test for directory server (and others)

* embedded context loading

* add user and query test

* UI: filter options passing filter and domain and onchange trigger

* disable tests that only work in ide

prereqs for domain-linkage fixed

move trigger to the right location in code

trigger for changing domain

* logging, comments and refactor

implement search users per domain

retrieve appropriate list of users to filter

get domain specific ldap provider

* query cloudstack users with now db filter

* recreate ldap linked account should succeed

* disable auto import users that don't exist

* ui choice and text

* import filter and potential remove from list bug fixed

* fix rights for domain admins

* list only member of linked groups not of principle group

* Do not show ldap user filter if not importing from ldap
  do not delete un-needed items from dialog permanently
  delete from temp object not from global one

* localdomain should not filterout users not imported from ldap

* several types of authentication handling errors fixed and unit tested

* conflict in output name

* add conflict source field to generic import dialog

* replace reflextion by enum member call

* conflict is now called conflict 🎉

Author: DaanHoogland

api/src/main/java/org/apache/cloudstack/api/ApiConstants.java

@@ -336,7 +336,10 @@ public class ApiConstants {
     public static final String URL = "url";
     public static final String USAGE_INTERFACE = "usageinterface";
     public static final String USER_DATA = "userdata";
+    public static final String USER_FILTER = "userfilter";
     public static final String USER_ID = "userid";
+    public static final String USER_SOURCE = "usersource";
+    public static final String USER_CONFLICT_SOURCE = "conflictingusersource";
     public static final String USE_SSL = "ssl";
     public static final String USERNAME = "username";
     public static final String USER_CONFIGURABLE = "userconfigurable";

api/src/main/java/org/apache/cloudstack/query/QueryService.java

@@ -111,6 +111,8 @@ public interface QueryService {
 
     ListResponse<UserResponse> searchForUsers(ListUsersCmd cmd) throws PermissionDeniedException;
 
+    ListResponse<UserResponse> searchForUsers(Long domainId, boolean recursive) throws PermissionDeniedException;
+
     ListResponse<EventResponse> searchForEvents(ListEventsCmd cmd);
 
     ListResponse<ResourceTagResponse> listTags(ListTagsCmd cmd);

plugins/user-authenticators/ldap/pom.xml

@@ -27,12 +27,23 @@
         <version>4.14.0.0-SNAPSHOT</version>
         <relativePath>../../pom.xml</relativePath>
     </parent>
+
+    <properties>
+        <ads.version>2.0.0.AM25</ads.version>
+        <gmaven.version>1.5</gmaven.version>
+        <ldap-maven.version>1.1.3</ldap-maven.version>
+        <ldapunit.version>1.1.3</ldapunit.version>
+        <groovy.version>1.1-groovy-2.4</groovy.version>
+        <zapdot.version>0.7</zapdot.version>
+        <unboundedid.version>4.0.4</unboundedid.version>
+    </properties>
+
     <build>
         <plugins>
             <plugin>
                 <groupId>org.codehaus.gmaven</groupId>
                 <artifactId>gmaven-plugin</artifactId>
-                <version>1.3</version>
+                <version>${gmaven.version}</version>
                 <configuration>
                     <providerSelection>1.7</providerSelection>
                 </configuration>
@@ -58,7 +69,7 @@
                     <dependency>
                         <groupId>org.codehaus.gmaven.runtime</groupId>
                         <artifactId>gmaven-runtime-1.7</artifactId>
-                        <version>1.3</version>
+                        <version>${gmaven.version}</version>
                         <exclusions>
                             <exclusion>
                                 <groupId>org.codehaus.groovy</groupId>
@@ -81,38 +92,126 @@
                         <include>**/*Spec.groovy</include>
                         <include>**/*Test.java</include>
                     </includes>
+                    <excludes>
+                        <exclude>META-INF/*.SF</exclude>
+                        <exclude>META-INF/*.DSA</exclude>
+                        <exclude>META-INF/*.RSA</exclude>
+                    </excludes>
                 </configuration>
             </plugin>
             <plugin>
                 <groupId>com.btmatthews.maven.plugins</groupId>
                 <artifactId>ldap-maven-plugin</artifactId>
-                <version>1.1.0</version>
+                <version>${ldap-maven.version}</version>
                 <configuration>
                     <monitorPort>11389</monitorPort>
                     <monitorKey>ldap</monitorKey>
                     <daemon>false</daemon>
                     <rootDn>dc=cloudstack,dc=org</rootDn>
                     <ldapPort>10389</ldapPort>
-                    <ldifFile>test/resources/cloudstack.org.ldif</ldifFile>
+                    <ldifFile>src/test/resources/cloudstack.org.ldif</ldifFile>
                 </configuration>
             </plugin>
         </plugins>
-        <testSourceDirectory>test</testSourceDirectory>
+        <testSourceDirectory>src/test/java</testSourceDirectory>
     </build>
     <dependencies>
         <!-- Mandatory dependencies for using Spock -->
+        <dependency>
+            <groupId>com.btmatthews.ldapunit</groupId>
+            <artifactId>ldapunit</artifactId>
+            <version>${ldapunit.version}</version>
+        </dependency>
         <dependency>
             <groupId>org.spockframework</groupId>
             <artifactId>spock-core</artifactId>
-            <version>1.1-groovy-2.4</version>
+            <version>${groovy.version}</version>
             <scope>test</scope>
         </dependency>
-
         <!-- Optional dependencies for using Spock -->
         <dependency> <!-- enables mocking of classes (in addition to interfaces) -->
             <groupId>cglib</groupId>
             <artifactId>cglib-nodep</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>org.zapodot</groupId>
+            <artifactId>embedded-ldap-junit</artifactId>
+            <version>${zapdot.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>com.unboundid</groupId>
+            <artifactId>unboundid-ldapsdk</artifactId>
+            <version>${unboundedid.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.mockito</groupId>
+            <artifactId>mockito-all</artifactId>
+            <version>${cs.mockito.version}</version>
+            <scope>compile</scope>
+        </dependency>
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <version>${cs.junit.version}</version>
+            <scope>compile</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.directory.server</groupId>
+            <artifactId>apacheds-server-integ</artifactId>
+            <version>${ads.version}</version>
+            <scope>test</scope>
+            <exclusions>
+                <!--
+                 shared-ldap-schema module needs to be excluded to avoid multiple schema resources on the classpath
+                -->
+                <exclusion>
+                    <groupId>org.apache.directory.shared</groupId>
+                    <artifactId>shared-ldap-schema</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.directory.server</groupId>
+            <artifactId>apacheds-core-constants</artifactId>
+            <version>${ads.version}</version>
+            <scope>compile</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.directory.server</groupId>
+            <artifactId>apacheds-core-annotations</artifactId>
+            <version>${ads.version}</version>
+            <scope>compile</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.directory.server</groupId>
+            <artifactId>apacheds-core</artifactId>
+            <version>${ads.version}</version>
+            <scope>compile</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.directory.server</groupId>
+            <artifactId>apacheds-protocol-ldap</artifactId>
+            <version>${ads.version}</version>
+            <scope>compile</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.directory.server</groupId>
+            <artifactId>apacheds-jdbm-partition</artifactId>
+            <version>${ads.version}</version>
+            <scope>compile</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.directory.server</groupId>
+            <artifactId>apacheds-ldif-partition</artifactId>
+            <version>${ads.version}</version>
+            <scope>compile</scope>
+        </dependency>
+        <dependency>
+            <groupId>commons-io</groupId>
+            <artifactId>commons-io</artifactId>
+            <version>${cs.commons-io.version}</version>
+        </dependency>
     </dependencies>
 </project>

plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/LdapConstants.java

@@ -0,0 +1,21 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api;
+
+public interface LdapConstants {
+    String PRINCIPAL = "principal";
+}