Update Active Directory plugin to use admin user/group configuration from core, and to populate the groups for authenticated users.

plugins/scm-activedirectory-auth-plugin/src/main/java/sonia/scm/activedirectory/auth/ActiveDirectoryAuthenticationHandler.java

@@ -66,7 +66,9 @@ import sonia.scm.web.security.AuthenticationResult;
 
 import java.io.IOException;
 
+import java.util.Collection;
 import java.util.Set;
+import java.util.TreeSet;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -189,10 +191,10 @@ public class ActiveDirectoryAuthenticationHandler implements
       logger.info("Active Directory domain is " + defaultNamingContext);
       con = ClassFactory.createConnection();
       con.provider("ADsDSOObject");
-      con
-          .open("Active Directory Provider", ""/*default*/, ""/*default*/, -1/*default*/);
+      con.open("Active Directory Provider", ""/*default*/, ""/*default*/, -1/*default*/);
       logger.debug("Connected to Active Directory");
-    } catch (ExecutionException ex)
+    }
+    catch (ExecutionException ex)
     {
       logger.error("Failure initializing ADSI connection", ex);
     }
@@ -278,51 +280,40 @@ public class ActiveDirectoryAuthenticationHandler implements
           .queryInterface(IADsUser.class);
       if (usr != null)
       {
-        User user = new User(username, usr.fullName(), usr.emailAddress());
-        user.setType(TYPE);
-        user.setAdmin(isAdmin(usr, username));
         if (!usr.accountDisabled())
         {
-          result = new AuthenticationResult(user);
-        } else
+          User user = new User(username, usr.fullName(), usr.emailAddress());
+          user.setType(TYPE);
+          result = new AuthenticationResult(user, getGroups(usr));
+        }
+        else
         { // Account disabled
           result = AuthenticationResult.FAILED;
         }
-      } else
+      }
+      else
       {// the user name was in fact a group
         result = AuthenticationResult.NOT_FOUND;
       }
-    } catch (ComException e)
+    }
+    catch (ComException e)
     {
       result = AuthenticationResult.FAILED;
     }
     return result;
   }
 
-  private boolean isAdmin(IADsUser usr, String username)
+  private Collection<String> getGroups(IADsUser usr)
   {
-    boolean admin = false;
-
-    Set<String> adminGroups = config.getAdminGroupSet();
-    if (!adminGroups.isEmpty())
+    Set<String> groups = new TreeSet<String>();
+    for (Com4jObject g : usr.groups())
     {
-      for (Com4jObject g : usr.groups())
-      {
-        IADsGroup grp = g.queryInterface(IADsGroup.class);
-        // cut "CN=" and make that the role name
-        String groupName = grp.name().substring(3);
-        if (adminGroups.contains(groupName))
-        {
-          admin = true;
-        }
-      }
+      IADsGroup grp = g.queryInterface(IADsGroup.class);
+      // cut "CN=" and make that the role name
+      String groupName = grp.name().substring(3);
+      groups.add(groupName);
     }
-
-    if (config.getAdminUserSet().contains(username))
-    {
-      admin = true;
-    }
-    return admin;
+    return groups;
   }
 
   protected String getDnOfUserOrGroup(String userOrGroupname)
@@ -336,7 +327,8 @@ public class ActiveDirectoryAuthenticationHandler implements
     if (!rs.eof())
     {
       dn = rs.fields().item("distinguishedName").value().toString();
-    } else
+    }
+    else
     {
       dn = null; // No such user or group
     }

plugins/scm-activedirectory-auth-plugin/src/main/java/sonia/scm/activedirectory/auth/ActiveDirectoryConfig.java

@@ -29,18 +29,12 @@
  *
  */
 
-
-
 package sonia.scm.activedirectory.auth;
 
 //~--- JDK imports ------------------------------------------------------------
 
-import java.util.HashSet;
-import java.util.Set;
-
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlRootElement;
 
 /**
@@ -50,80 +44,4 @@ import javax.xml.bind.annotation.XmlRootElement;
 @XmlRootElement(name = "activedirectory-config")
 @XmlAccessorType(XmlAccessType.FIELD)
 public class ActiveDirectoryConfig
-{
-
-  /**
-   * Method description
-   *
-   *
-   * @return
-   */
-  public String getAdminGroups()
-  {
-    return adminGroups;
-  }
-  
-  /**
-   * Method description
-   *
-   *
-   * @return
-   */
-  public String getAdminUsers()
-  {
-    return adminUsers;
-  }
-  
-  Set<String> getAdminGroupSet() {
-    return split(adminGroups);
-  }
-  
-  Set<String> getAdminUserSet() {
-    return split(adminUsers);
-  }
-  
-  private Set<String> split(String rawString) {
-    Set<String> tokens = new HashSet<String>();
-    for(String token : rawString.split(",")) {
-      if(token.trim().length() > 0) {
-        tokens.add(token);
-      }
-    }
-    return tokens;
-  }
-
-  //~--- set methods ----------------------------------------------------------
-
-  /**
-   * Method description
-   *
-   *
-   * @param passwordSuffix
-   */
-  public void setAdminGroups(String adminGroups)
-  {
-    this.adminGroups = adminGroups;
-  }
-  
-  /**
-   * Method description
-   *
-   *
-   * @param passwordSuffix
-   */
-  public void setAdminUsers(String adminUsers)
-  {
-    this.adminUsers = adminUsers;
-  }
-
-  //~--- fields ---------------------------------------------------------------
-
-  /** Field description */
-  @XmlElement(name = "admin-groups")
-  private String adminGroups = "";
-  
-  /** Field description */
-  @XmlElement(name = "admin-users")
-  private String adminUsers = "";
-  
-}
+{}

plugins/scm-activedirectory-auth-plugin/src/main/java/sonia/scm/activedirectory/auth/ActiveDirectoryConfigResource.java

@@ -29,8 +29,6 @@
  *
  */
 
-
-
 package sonia.scm.activedirectory.auth;
 
 //~--- non-JDK imports --------------------------------------------------------