6 лет назад · 7e3f3d5f71
--- a/server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskSearchRequestBean.java
+++ b/server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskSearchRequestBean.java
@@ -38,4 +38,10 @@ public class HelpdeskSearchRequestBean implements Serializable
 
				 
			
 
				     private String username;
			
 
				     private List<SearchRequestBean.SearchValue> searchValues;
			
 
				+
			
 
				+    public List<SearchRequestBean.SearchValue> nonEmptySearchValues()
			
 
				+    {
			
 
				+        return SearchRequestBean.filterNonEmptySearchValues( getSearchValues() );
			
 
				+    }
			
 
				+
			
 
				 }
			
--- a/server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskServlet.java
+++ b/server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskServlet.java
@@ -478,7 +478,7 @@ public class HelpdeskServlet extends ControlledPwmServlet
 
				 
			
 
				             case advanced:
			
 
				             {
			
 
				-                if ( JavaHelper.isEmpty( searchRequest.getSearchValues() ) )
			
 
				+                if ( JavaHelper.isEmpty( searchRequest.nonEmptySearchValues() ) )
			
 
				                 {
			
 
				                     return HelpdeskSearchResultsBean.emptyResult();
			
 
				                 }
			
--- a/server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskServletUtil.java
+++ b/server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskServletUtil.java
@@ -55,7 +55,7 @@ import java.util.List;
 
				 import java.util.Locale;
			
 
				 import java.util.Map;
			
 
				 
			
 
				-class HelpdeskServletUtil
			
 
				+public class HelpdeskServletUtil
			
 
				 {
			
 
				     private static final PwmLogger LOGGER = PwmLogger.forClass( HelpdeskServletUtil.class );
			
 
				 
			
@@ -106,7 +106,16 @@ class HelpdeskServletUtil
 
				     )
			
 
				     {
			
 
				         final List<String> defaultObjectClasses = configuration.readSettingAsStringArray( PwmSetting.DEFAULT_OBJECT_CLASSES );
			
 
				-        final List<FormConfiguration> searchAttributes = helpdeskProfile.readSettingAsForm( PwmSetting.HELPDESK_SEARCH_RESULT_FORM );
			
 
				+        final List<FormConfiguration> searchAttributes = helpdeskProfile.readSettingAsForm( PwmSetting.HELPDESK_SEARCH_FORM );
			
 
				+        return makeAdvancedSearchFilter( defaultObjectClasses, searchAttributes, attributesInSearchRequest );
			
 
				+    }
			
 
				+
			
 
				+    public static String makeAdvancedSearchFilter(
			
 
				+            final List<String> defaultObjectClasses,
			
 
				+            final List<FormConfiguration> searchAttributes,
			
 
				+            final Map<String, String> attributesInSearchRequest
			
 
				+    )
			
 
				+    {
			
 
				         final StringBuilder filter = new StringBuilder();
			
 
				 
			
 
				         //open AND clause for objectclasses and attributes
			
@@ -128,7 +137,23 @@ class HelpdeskServletUtil
 
				                 final String value = attributesInSearchRequest.get( searchAttribute );
			
 
				                 if ( !StringUtil.isEmpty( value ) )
			
 
				                 {
			
 
				-                    filter.append( "(" ).append( searchAttribute ).append( "=*%" ).append( searchAttribute ).append( "%*)" );
			
 
				+                    filter.append( "(" ).append( searchAttribute ).append( "=" );
			
 
				+
			
 
				+                    switch ( formConfiguration.getType() )
			
 
				+                    {
			
 
				+                        case select:
			
 
				+                        {
			
 
				+                            // value is specified by admin, so wildcards are not required
			
 
				+                            filter.append( "%" ).append( searchAttribute ).append( "%)" );
			
 
				+                        }
			
 
				+                        break;
			
 
				+
			
 
				+                        default:
			
 
				+                        {
			
 
				+                            filter.append( "*%" ).append( searchAttribute ).append( "%*)" );
			
 
				+                        }
			
 
				+                        break;
			
 
				+                    }
			
 
				                 }
			
 
				             }
			
 
				         }
			
@@ -142,11 +167,6 @@ class HelpdeskServletUtil
 
				     }
			
 
				 
			
 
				 
			
 
				-
			
 
				-
			
 
				-
			
 
				-
			
 
				-
			
 
				     static void checkIfUserIdentityViewable(
			
 
				             final PwmRequest pwmRequest,
			
 
				             final HelpdeskProfile helpdeskProfile,
			
--- a/server/src/main/java/password/pwm/http/servlet/peoplesearch/PeopleSearchDataReader.java
+++ b/server/src/main/java/password/pwm/http/servlet/peoplesearch/PeopleSearchDataReader.java
@@ -41,6 +41,7 @@ import password.pwm.error.PwmOperationalException;
 
				 import password.pwm.error.PwmUnrecoverableException;
			
 
				 import password.pwm.http.PwmRequest;
			
 
				 import password.pwm.http.PwmURL;
			
 
				+import password.pwm.http.servlet.helpdesk.HelpdeskServletUtil;
			
 
				 import password.pwm.i18n.Display;
			
 
				 import password.pwm.ldap.LdapOperationsHelper;
			
 
				 import password.pwm.ldap.LdapPermissionTester;
			
@@ -706,34 +707,9 @@ class PeopleSearchDataReader
 
				     private String makeAdvancedFilter( final Map<String, String> attributesInSearchRequest )
			
 
				     {
			
 
				         final List<String> defaultObjectClasses = pwmRequest.getConfig().readSettingAsStringArray( PwmSetting.DEFAULT_OBJECT_CLASSES );
			
 
				-        final Set<String> searchAttributes = peopleSearchConfiguration.getSearchAttributes();
			
 
				-        final StringBuilder filter = new StringBuilder();
			
 
				-
			
 
				-        //open AND clause for objectclasses and attributes
			
 
				-        filter.append( "(&" );
			
 
				-        for ( final String objectClass : defaultObjectClasses )
			
 
				-        {
			
 
				-            filter.append( "(objectClass=" ).append( objectClass ).append( ")" );
			
 
				-        }
			
 
				-
			
 
				-        // open AND clause for attributes
			
 
				-        filter.append( "(&" );
			
 
				+        final List<FormConfiguration> searchAttributes = peopleSearchConfiguration.getSearchForm();
			
 
				 
			
 
				-        for ( final String searchAttribute : searchAttributes )
			
 
				-        {
			
 
				-            final String value = attributesInSearchRequest.get( searchAttribute );
			
 
				-            if ( !StringUtil.isEmpty( value ) )
			
 
				-            {
			
 
				-                filter.append( "(" ).append( searchAttribute ).append( "=*%" ).append( searchAttribute ).append( "%*)" );
			
 
				-            }
			
 
				-        }
			
 
				-
			
 
				-        // close attribute clause
			
 
				-        filter.append( ")" );
			
 
				-
			
 
				-        // close AND clause
			
 
				-        filter.append( ")" );
			
 
				-        return filter.toString();
			
 
				+        return HelpdeskServletUtil.makeAdvancedSearchFilter( defaultObjectClasses, searchAttributes, attributesInSearchRequest );
			
 
				     }
			
 
				 
			
 
				     private boolean useProxy( )
			
@@ -841,7 +817,7 @@ class PeopleSearchDataReader
 
				 
			
 
				                 case advanced:
			
 
				                 {
			
 
				-                    if ( JavaHelper.isEmpty( searchRequest.getSearchValues() ) )
			
 
				+                    if ( JavaHelper.isEmpty( searchRequest.nonEmptySearchValues() ) )
			
 
				                     {
			
 
				                         return SearchResultBean.builder().searchResults( Collections.emptyList() ).build();
			
 
				                     }
			
--- a/server/src/main/java/password/pwm/http/servlet/peoplesearch/SearchRequestBean.java
+++ b/server/src/main/java/password/pwm/http/servlet/peoplesearch/SearchRequestBean.java
@@ -24,8 +24,10 @@ package password.pwm.http.servlet.peoplesearch;
 
				 
			
 
				 import lombok.Builder;
			
 
				 import lombok.Value;
			
 
				+import password.pwm.util.java.StringUtil;
			
 
				 
			
 
				 import java.io.Serializable;
			
 
				+import java.util.ArrayList;
			
 
				 import java.util.Collections;
			
 
				 import java.util.LinkedHashMap;
			
 
				 import java.util.List;
			
@@ -64,4 +66,21 @@ public class SearchRequestBean implements Serializable
 
				         }
			
 
				         return Collections.unmodifiableMap( returnMap );
			
 
				     }
			
 
				+
			
 
				+    public List<SearchValue> nonEmptySearchValues()
			
 
				+    {
			
 
				+        return filterNonEmptySearchValues( getSearchValues() );
			
 
				+    }
			
 
				+
			
 
				+    public static List<SearchValue> filterNonEmptySearchValues( final List<SearchValue> input )
			
 
				+    {
			
 
				+        final List<SearchValue> returnList = input == null
			
 
				+                ? new ArrayList<>()
			
 
				+                : new ArrayList<>( input );
			
 
				+
			
 
				+        returnList.removeIf( searchValue -> StringUtil.isEmpty( searchValue.getKey() )
			
 
				+                || StringUtil.isEmpty( searchValue.getValue() ) );
			
 
				+
			
 
				+        return Collections.unmodifiableList( returnList );
			
 
				+    }
			
 
				 }
			
--- a/server/src/main/resources/password/pwm/i18n/PwmSetting.properties
+++ b/server/src/main/resources/password/pwm/i18n/PwmSetting.properties
@@ -393,7 +393,7 @@ Setting_Description_helpdesk.displayName=Specify the display name you use to ide
 
				 Setting_Description_helpdesk.displayName.cardLabels=Specify the display labels for the user panel in the Help Desk Search detail.  You can use LDAP attribute value such as <code>@LDAP\:givenName@</code> macros.
			
 
				 Setting_Description_helpdesk.enable=Enable this option to enable the Help Desk module.
			
 
				 Setting_Description_helpdesk.enablePhotos=Enable photos in helpdesk search screen 
			
 
				-Setting_Description_helpdesk.enableUnlock=Enable this option to enable the Help Desk module users to unlock an (intruder) locked account.
			
 
				+Setting_Description_helpdesk.enableUnlock=Enable this option to enable the Help Desk module users to unlock an intruder LDAP locked account.
			
 
				 Setting_Description_helpdesk.enforcePasswordPolicy=Enable this option to require that the passwords set by Help Desk must meet the same password policy that normally constrains the user.
			
 
				 Setting_Description_helpdesk.filter=Specify the LDAP search filter to query the directory.  Substitute <i>%USERNAME%</i> for user supplied user name.  If not specified, @PwmAppName@ auto calculates a search filter based on the Help Desk Search Results.<p>Examples<ul><li>Edirectory\: <code>(&(objectClass\=Person)(|((cn\=*%USERNAME%*)(uid\=*%USERNAME%*)(givenName\=*%USERNAME%*)(sn\=*%USERNAME%*))))</code></li><li>Active Directory\: <code>(&(objectClass\=Person)(|((cn\=*%USERNAME%*)(uid\=*%USERNAME%*)(sAMAccountName\=*%USERNAME%*)(userprincipalname\=*%USERNAME%*)(givenName\=*%USERNAME%*)(sn\=*%USERNAME%*))))</code></li></ul>
			
 
				 Setting_Description_helpdesk.forcePwExpiration=Enable this option to force the system to expire the password for the users when the help desk operator sets a user's password.