GUACAMOLE-1239: Merge changes correcting and simplifying case sensiti…

…vity settings (single global setting).
apache · Nov 10, 2024 · 2e8d2f3 · 2e8d2f3
2 parents 3fcc59a + f314e78
commit 2e8d2f3
Show file tree

Hide file tree

Showing 130 changed files with 2,164 additions and 1,527 deletions.
diff --git a/...mole-auth-header/src/main/java/org/apache/guacamole/auth/header/ConfigurationService.java b/...mole-auth-header/src/main/java/org/apache/guacamole/auth/header/ConfigurationService.java
@@ -53,26 +53,5 @@ public String getHttpAuthHeader() throws GuacamoleException {
             "REMOTE_USER"
         );
     }
-
-    /**
-     * Returns true if the usernames provided to the header authentication
-     * module should be treated as case-sensitive, or false if usernames
-     * should be treated as case-insensitive. This will default to the global
-     * Guacamole configuration for case-sensitivity, which defaults to true, but
-     * can be overridden for this extension, if desired.
-     * 
-     * @return
-     *     true if usernames should be treated as case-sensitive, otherwise
-     *     false.
-     * 
-     * @throws GuacamoleException 
-     *     If guacamole.properties cannot be parsed.
-     */
-    public boolean getCaseSensitiveUsernames() throws GuacamoleException {
-        return environment.getProperty(
-            HTTPHeaderGuacamoleProperties.HTTP_AUTH_CASE_SENSITIVE_USERNAMES,
-            environment.getCaseSensitiveUsernames()
-        );
-    }
 
 }
diff --git a/...-header/src/main/java/org/apache/guacamole/auth/header/HTTPHeaderGuacamoleProperties.java b/...-header/src/main/java/org/apache/guacamole/auth/header/HTTPHeaderGuacamoleProperties.java
@@ -19,7 +19,6 @@
 
 package org.apache.guacamole.auth.header;
 
-import org.apache.guacamole.properties.BooleanGuacamoleProperty;
 import org.apache.guacamole.properties.StringGuacamoleProperty;
 
 
@@ -44,17 +43,5 @@ private HTTPHeaderGuacamoleProperties() {}
         public String getName() { return "http-auth-header"; }
 
     };
-
-    /**
-     * A property used to configure whether or not usernames within the header
-     * module should be treated as case-sensitive.
-     */
-    public static final BooleanGuacamoleProperty HTTP_AUTH_CASE_SENSITIVE_USERNAMES =
-            new BooleanGuacamoleProperty() {
-
-        @Override
-        public String getName() { return "http-auth-case-sensitive-usernames"; }
-
-    };
 
 }
diff --git a/...le-auth-header/src/main/java/org/apache/guacamole/auth/header/user/AuthenticatedUser.java b/...le-auth-header/src/main/java/org/apache/guacamole/auth/header/user/AuthenticatedUser.java
@@ -20,38 +20,23 @@
 package org.apache.guacamole.auth.header.user;
 
 import com.google.inject.Inject;
-import org.apache.guacamole.GuacamoleException;
-import org.apache.guacamole.auth.header.ConfigurationService;
 import org.apache.guacamole.net.auth.AbstractAuthenticatedUser;
 import org.apache.guacamole.net.auth.AuthenticationProvider;
 import org.apache.guacamole.net.auth.Credentials;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 /**
  * An HTTP header implementation of AuthenticatedUser, associating a
  * username and particular set of credentials with the HTTP authentication
  * provider.
  */
 public class AuthenticatedUser extends AbstractAuthenticatedUser {
-
-    /**
-     * Logger for this class.
-     */
-    private static final Logger LOGGER = LoggerFactory.getLogger(AuthenticatedUser.class);
 
     /**
      * Reference to the authentication provider associated with this
      * authenticated user.
      */
     @Inject
     private AuthenticationProvider authProvider;
-
-    /**
-     * Service for retrieving header configuration information.
-     */
-    @Inject
-    private ConfigurationService confService;
 
     /**
      * The credentials provided when this user was authenticated.
@@ -72,19 +57,6 @@ public void init(String username, Credentials credentials) {
         this.credentials = credentials;
         setIdentifier(username.toLowerCase());
     }
-
-    @Override
-    public boolean isCaseSensitive() {
-        try {
-            return confService.getCaseSensitiveUsernames();
-        }
-        catch (GuacamoleException e) {
-            LOGGER.error("Error when trying to retrieve header configuration: {}."
-                    + " Usernames comparison will be case-sensitive.", e);
-            LOGGER.debug("Exception caught when retrieving header configuration.", e);
-            return true;
-        }
-    }
 
     @Override
     public AuthenticationProvider getAuthenticationProvider() {

diff --git a/...uth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/HistoryTrackingConnection.java b/...uth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/HistoryTrackingConnection.java
@@ -23,11 +23,12 @@
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
-
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.auth.jdbc.connection.ConnectionRecordMapper;
 import org.apache.guacamole.auth.jdbc.connection.ConnectionRecordModel;
 import org.apache.guacamole.auth.jdbc.connection.ModeledConnectionRecord;
+import org.apache.guacamole.environment.Environment;
+import org.apache.guacamole.environment.LocalEnvironment;
 import org.apache.guacamole.net.GuacamoleTunnel;
 import org.apache.guacamole.net.auth.Connection;
 import org.apache.guacamole.net.auth.DelegatingConnection;
@@ -58,10 +59,9 @@ public class HistoryTrackingConnection extends DelegatingConnection {
     private final ConnectionRecordMapper connectionRecordMapper;
 
     /**
-     * The Guacamole server environment.
+     * The environment in which Guacamole is running.
      */
-    @Inject
-    private JDBCEnvironment environment;
+    private final Environment environment = LocalEnvironment.getInstance();
 
     /**
      * Creates a new HistoryConnection that wraps the given connection,
@@ -106,7 +106,7 @@ public GuacamoleTunnel connect(GuacamoleClientInformation info,
 
         // Insert the connection history record to mark the start of this connection
         connectionRecordMapper.insert(connectionRecordModel,
-                environment.getCaseSensitiveUsernames());
+                environment.getCaseSensitivity());
 
         // Include history record UUID as token
         ModeledConnectionRecord modeledRecord = new ModeledConnectionRecord(connectionRecordModel);

diff --git a/...uth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/ActivityRecordMapper.java b/...uth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/ActivityRecordMapper.java
@@ -22,6 +22,7 @@
 import java.util.Collection;
 import java.util.List;
 import org.apache.guacamole.auth.jdbc.user.UserModel;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.apache.ibatis.annotations.Param;
 
 /**
@@ -39,15 +40,15 @@ public interface ActivityRecordMapper<ModelType> {
      * @param record
      *     The activity record to insert.
      * 
-     * @param caseSensitive
-     *     Whether or not string comparisons should be done in a case-sensitive
-     *     manner.
+     * @param caseSensitivity
+     *     The object that contains current configuration for case sensitivity
+     *     for usernames and group names.
      *
      * @return
      *     The number of rows inserted.
      */
     int insert(@Param("record") ModelType record,
-               @Param("caseSensitive") boolean caseSensitive);
+               @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Updates the given activity record in the database, assigning an end
@@ -91,9 +92,9 @@ int insert(@Param("record") ModelType record,
      * @param limit
      *     The maximum number of records that should be returned.
      * 
-     * @param caseSensitive
-     *     Whether or not string comparisons should be done in a case-sensitive
-     *     manner.
+     * @param caseSensitivity
+     *     The object that contains current configuration for case sensitivity
+     *     for usernames and group names.
      *
      * @return
      *     The results of the search performed with the given parameters.
@@ -103,7 +104,7 @@ List<ModelType> search(@Param("identifier") String identifier,
             @Param("terms") Collection<ActivityRecordSearchTerm> terms,
             @Param("sortPredicates") List<ActivityRecordSortPredicate> sortPredicates,
             @Param("limit") int limit,
-            @Param("caseSensitive") boolean caseSensitive);
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Searches for up to <code>limit</code> activity records that contain
@@ -143,9 +144,9 @@ List<ModelType> search(@Param("identifier") String identifier,
      *     no groups are given, only permissions directly granted to the user
      *     will be used.
      * 
-     * @param caseSensitive
-     *     Whether or not string comparisons should be done in a case-sensitive
-     *     manner.
+     * @param caseSensitivity
+     *     The object that contains current configuration for case sensitivity
+     *     for usernames and group names.
      *
      * @return
      *     The results of the search performed with the given parameters.
@@ -157,6 +158,6 @@ List<ModelType> searchReadable(@Param("identifier") String identifier,
             @Param("sortPredicates") List<ActivityRecordSortPredicate> sortPredicates,
             @Param("limit") int limit,
             @Param("effectiveGroups") Collection<String> effectiveGroups,
-            @Param("caseSensitive") boolean caseSensitive);
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
 }
diff --git a/...camole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/EntityMapper.java b/...camole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/EntityMapper.java
@@ -21,6 +21,7 @@
 
 import java.util.Collection;
 import java.util.Set;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.apache.ibatis.annotations.Param;
 
 /**
@@ -67,6 +68,10 @@ public interface EntityMapper {
      *     depth and may need to be executed multiple times. If it is known
      *     that the database engine in question will always support (or always
      *     not support) recursive queries, this parameter may be ignored.
+     * 
+     * @param caseSensitivity
+     *     The object that contains current configuration for case sensitivity
+     *     for usernames and group names.
      *
      * @return
      *     The set of identifiers of all groups that the given entity is a
@@ -75,6 +80,7 @@ public interface EntityMapper {
      */
     Set<String> selectEffectiveGroupIdentifiers(@Param("entity") EntityModel entity,
             @Param("effectiveGroups") Collection<String> effectiveGroups,
-            @Param("recursive") boolean recursive);
+            @Param("recursive") boolean recursive,
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
 }
diff --git a/...amole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/EntityService.java b/...amole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/EntityService.java
@@ -22,16 +22,25 @@
 import com.google.inject.Inject;
 import java.util.Collection;
 import java.util.Set;
+import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.apache.ibatis.session.SqlSession;
 import org.mybatis.guice.transactional.Transactional;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * Service which provides convenience methods for creating, retrieving, and
  * manipulating entities.
  */
 public class EntityService {
 
+    /**
+     * The Logger for this class.
+     */
+    private static final Logger LOGGER = LoggerFactory.getLogger(EntityService.class);
+
     /**
      * The Guacamole server environment.
      */
@@ -76,9 +85,22 @@ public class EntityService {
     public Set<String> retrieveEffectiveGroups(ModeledPermissions<? extends EntityModel> entity,
             Collection<String> effectiveGroups) {
 
+        CaseSensitivity caseSensitivity = CaseSensitivity.ENABLED;
+        try {
+            caseSensitivity = environment.getCaseSensitivity();
+        }
+        catch (GuacamoleException e) {
+            LOGGER.warn("Unable to retrieve configuration setting for group "
+                      + "name case sensitivity: {}. Group names will be treated "
+                      + "as case-sensitive.", e.getMessage());
+            LOGGER.debug("An exception was caught while trying to get group name"
+                      + "case sensitivity configuration.", e);
+        }
+
         // Retrieve the effective user groups of the given entity, recursively if possible
         boolean recursive = environment.isRecursiveQuerySupported(sqlSession);
-        Set<String> identifiers = entityMapper.selectEffectiveGroupIdentifiers(entity.getModel(), effectiveGroups, recursive);
+        Set<String> identifiers = entityMapper.selectEffectiveGroupIdentifiers(
+                entity.getModel(), effectiveGroups, recursive, caseSensitivity);
 
         // If the set of user groups retrieved was not produced recursively,
         // manually repeat the query to expand the set until all effective
@@ -87,7 +109,9 @@ public Set<String> retrieveEffectiveGroups(ModeledPermissions<? extends EntityMo
             Set<String> previousIdentifiers;
             do {
                 previousIdentifiers = identifiers;
-                identifiers = entityMapper.selectEffectiveGroupIdentifiers(entity.getModel(), previousIdentifiers, false);
+                identifiers = entityMapper.selectEffectiveGroupIdentifiers(
+                        entity.getModel(), previousIdentifiers, false,
+                        caseSensitivity);
             } while (identifiers.size() > previousIdentifiers.size());
         }
 

diff --git a/...-base/src/main/java/org/apache/guacamole/auth/jdbc/base/ModeledDirectoryObjectMapper.java b/...-base/src/main/java/org/apache/guacamole/auth/jdbc/base/ModeledDirectoryObjectMapper.java
@@ -22,6 +22,7 @@
 import java.util.Collection;
 import java.util.Set;
 import org.apache.guacamole.auth.jdbc.user.UserModel;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.apache.ibatis.annotations.Param;
 
 /**
@@ -60,12 +61,17 @@ public interface ModeledDirectoryObjectMapper<ModelType> {
      * @param effectiveGroups
      *     The identifiers of any known effective groups that should be taken
      *     into account, such as those defined externally to the database.
+     * 
+     * @param caseSensitivity
+     *     The object that contains current configuration for case sensitivity
+     *     for usernames and group names.
      *
      * @return
      *     A Set containing all identifiers of all readable objects.
      */
     Set<String> selectReadableIdentifiers(@Param("user") UserModel user,
-            @Param("effectiveGroups") Collection<String> effectiveGroups);
+            @Param("effectiveGroups") Collection<String> effectiveGroups,
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Selects all objects which have the given identifiers. If an identifier
@@ -77,15 +83,15 @@ Set<String> selectReadableIdentifiers(@Param("user") UserModel user,
      * @param identifiers
      *     The identifiers of the objects to return.
      * 
-     * @param caseSensitive
-     *     true if the query should evaluate identifiers in a case-sensitive
-     *     manner, otherwise false.
+     * @param caseSensitivity
+     *     The object that contains current configuration for case sensitivity
+     *     for usernames and group names.
      *
      * @return 
      *     A Collection of all objects having the given identifiers.
      */
     Collection<ModelType> select(@Param("identifiers") Collection<String> identifiers,
-                                 @Param("caseSensitive") boolean caseSensitive);
+                                 @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Selects all objects which have the given identifiers and are explicitly
@@ -105,17 +111,17 @@ Collection<ModelType> select(@Param("identifiers") Collection<String> identifier
      *     The identifiers of any known effective groups that should be taken
      *     into account, such as those defined externally to the database.
      * 
-     * @param caseSensitive
-     *     true if the query should evaluate identifiers in a case-sensitive
-     *     manner, otherwise false.
+     * @param caseSensitivity
+     *     The object that contains current configuration for case sensitivity
+     *     for usernames and group names.
      *
      * @return 
      *     A Collection of all objects having the given identifiers.
      */
     Collection<ModelType> selectReadable(@Param("user") UserModel user,
             @Param("identifiers") Collection<String> identifiers,
             @Param("effectiveGroups") Collection<String> effectiveGroups,
-            @Param("caseSensitive") boolean caseSensitive);
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Inserts the given object into the database. If the object already
@@ -136,15 +142,15 @@ Collection<ModelType> selectReadable(@Param("user") UserModel user,
      * @param identifier
      *     The identifier of the object to delete.
      * 
-     * @param caseSensitive
-     *     true if the query should evaluate the identifier in a
-     *     case-sensitive manner, otherwise false.
+     * @param caseSensitivity
+     *     The case sensitivity configuration that contains information on
+     *     whether usernames and/or group names will be treated as case-sensitive.
      *
      * @return
      *     The number of rows deleted.
      */
     int delete(@Param("identifier") String identifier,
-               @Param("caseSensitive") boolean caseSensitive);
+               @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Updates the given existing object in the database. If the object does