From 240dcd9a523a0438f57894a05c24f0c3070e5cee Mon Sep 17 00:00:00 2001 From: Virtually Nick Date: Sun, 27 Oct 2024 22:29:12 -0400 Subject: [PATCH] GUACAMOLE-1239: JDBC module should pull case-sensitivity from authentcated user when possible. --- .../jdbc/connection/ConnectionService.java | 4 ++-- .../tunnel/AbstractGuacamoleTunnelService.java | 2 +- .../auth/jdbc/user/ModeledUserContext.java | 2 +- .../guacamole/auth/jdbc/user/UserService.java | 18 +++++++++--------- .../jdbc/usergroup/UserGroupMemberUserSet.java | 8 +------- 5 files changed, 14 insertions(+), 20 deletions(-) diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionService.java index e08d13b0cd..2561e15082 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionService.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionService.java @@ -494,7 +494,7 @@ public List retrieveHistory(String identifier, if (user.isPrivileged() || user.getUser().getEffectivePermissions().getSystemPermissions().hasPermission(SystemPermission.Type.AUDIT)) searchResults = connectionRecordMapper.search(identifier, recordIdentifier, requiredContents, sortPredicates, limit, - environment.getCaseSensitiveUsernames()); + user.isCaseSensitive()); // Otherwise only return explicitly readable history records else @@ -502,7 +502,7 @@ public List retrieveHistory(String identifier, user.getUser().getModel(), recordIdentifier, requiredContents, sortPredicates, limit, user.getEffectiveUserGroups(), - environment.getCaseSensitiveUsernames()); + user.isCaseSensitive()); return getObjectInstances(searchResults); diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/tunnel/AbstractGuacamoleTunnelService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/tunnel/AbstractGuacamoleTunnelService.java index 2dcd168b91..ecb7c97ec6 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/tunnel/AbstractGuacamoleTunnelService.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/tunnel/AbstractGuacamoleTunnelService.java @@ -479,7 +479,7 @@ private GuacamoleTunnel assignGuacamoleTunnel(ActiveConnectionRecord activeConne try { // This MUST happen before getUUID() is invoked, to ensure the ID driving the UUID exists connectionRecordMapper.insert(activeConnection.getModel(), - environment.getCaseSensitiveUsernames()); + activeConnection.getUser().isCaseSensitive()); activeTunnels.put(activeConnection.getUUID().toString(), activeConnection); } diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledUserContext.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledUserContext.java index f90c158552..d61eaccb94 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledUserContext.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledUserContext.java @@ -194,7 +194,7 @@ public void recordUserLogin() throws GuacamoleException { userRecord.setRemoteHost(getCurrentUser().getCredentials().getRemoteAddress()); // Insert record representing login - userRecordMapper.insert(userRecord, environment.getCaseSensitiveUsernames()); + userRecordMapper.insert(userRecord, getCurrentUser().isCaseSensitive()); } diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java index 686486a85a..b1256c9b29 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java @@ -156,13 +156,13 @@ public class UserService extends ModeledDirectoryObjectService getObjectMapper() { return userMapper; @@ -254,7 +254,7 @@ protected void beforeCreate(ModeledAuthenticatedUser user, User object, // Do not create duplicate users Collection existing = userMapper.select(Collections.singleton( - model.getIdentifier()), environment.getCaseSensitiveUsernames()); + model.getIdentifier()), user.isCaseSensitive()); if (!existing.isEmpty()) throw new GuacamoleClientException("User \"" + model.getIdentifier() + "\" already exists."); @@ -291,7 +291,7 @@ protected void beforeUpdate(ModeledAuthenticatedUser user, // Check whether such a user is already present UserModel existing = userMapper.selectOne(model.getIdentifier(), - environment.getCaseSensitiveUsernames()); + user.isCaseSensitive()); if (existing != null) { // Do not rename to existing user @@ -359,7 +359,7 @@ public void deleteObject(ModeledAuthenticatedUser user, String identifier) beforeDelete(user, identifier); // Delete object - userMapper.delete(identifier, environment.getCaseSensitiveUsernames()); + userMapper.delete(identifier, user.isCaseSensitive()); } @@ -401,7 +401,7 @@ public ModeledAuthenticatedUser retrieveAuthenticatedUser(AuthenticationProvider // Retrieve corresponding user model, if such a user exists UserModel userModel = userMapper.selectOne(username, - environment.getCaseSensitiveUsernames()); + getCaseSensitiveIdentifiers()); if (userModel == null) return null; @@ -443,7 +443,7 @@ public ModeledUser retrieveUser(AuthenticationProvider authenticationProvider, // Retrieve corresponding user model, if such a user exists UserModel userModel = userMapper.selectOne(authenticatedUser.getIdentifier(), - environment.getCaseSensitiveUsernames()); + authenticatedUser.isCaseSensitive()); if (userModel == null) return null; @@ -642,7 +642,7 @@ public List retrieveHistory(String username, if (user.isPrivileged() || user.getUser().getEffectivePermissions().getSystemPermissions().hasPermission(SystemPermission.Type.AUDIT)) searchResults = userRecordMapper.search(username, recordIdentifier, requiredContents, sortPredicates, limit, - environment.getCaseSensitiveUsernames()); + user.isCaseSensitive()); // Otherwise only return explicitly readable history records else @@ -650,7 +650,7 @@ public List retrieveHistory(String username, user.getUser().getModel(), recordIdentifier, requiredContents, sortPredicates, limit, user.getEffectiveUserGroups(), - environment.getCaseSensitiveUsernames()); + user.isCaseSensitive()); return getObjectInstances(searchResults); diff --git a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/usergroup/UserGroupMemberUserSet.java b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/usergroup/UserGroupMemberUserSet.java index e694edd8b7..87613f3553 100644 --- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/usergroup/UserGroupMemberUserSet.java +++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/usergroup/UserGroupMemberUserSet.java @@ -37,16 +37,10 @@ public class UserGroupMemberUserSet extends RelatedObjectSet