Examples with UMSException com.iplanet.ums.UMSException used on opensource projects

Example 26 with UMSException

use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.

the class ComplianceServicesImpl method verifyAndLinkGroupToRole.

/**
     * Method which verifies if the <code>groupDN</code> corresponds to an
     * administrative role. If true then the members listed in 
     * <Code>membersGuid</Code> are added to the admin role.
     * 
     * @param token
     *            SSO Token
     * @param membersGuid
     *            Guid array of members to be operated on
     * @param groupDN
     *            DN of the role
     * 
     * @exception AMException
     *                if unsuccessful in adding the members to the corresponding
     *                admin group. As a result of which the memberOf and
     *                adminRole attributes are also not updated.
     */
protected void verifyAndLinkGroupToRole(SSOToken token, Guid[] membersGuid, String groupDN) throws AMException {
    // Obtain the role corresponding to groupDN
    DN dn = DN.valueOf(groupDN);
    String roleName = getRoleFromGroupDN(dn);
    if (roleName != null) {
        // roleDN corresponds to an admin role
        String orgDN = dn.parent().parent().toString();
        String roleDN = NamingAttributeManager.getNamingAttribute(AMObject.ROLE) + "=" + roleName + "," + orgDN;
        if (debug.messageEnabled()) {
            debug.message("Compliance.verifyAndLinkGroupToRole" + " Linking group: " + groupDN + " to role :" + roleDN);
        }
        try {
            // Add the members to corresponding group.
            ManagedRole role = (ManagedRole) UMSObject.getObject(token, new Guid(roleDN));
            role.addMembers(membersGuid);
        } catch (EntryNotFoundException ex) {
            debug.error("Compliance.verifyAndLinkGroupToRole: Admin " + "groups are missing");
        } catch (UMSException ue) {
            debug.error("Compliance.verifyAndLinkGroupToRole():", ue);
            Object[] args = { roleDN };
            throw new AMException(AMSDKBundle.getString("972", args), "771", args);
        }
    }
}

Example 27 with UMSException

use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.

the class ComplianceServicesImpl method isAncestorOrgDeleted.

/**
     * Method which checks all the parent organizations of this entry till the
     * base DN, and returns true if any one of them is deleted.
     * 
     * @param token Single Sign On token of user.
     * @param dn Distinguished name of the object.
     * @param profileType the profile type of the object whose ancestor is
     *        being checked.
     * @throws AMException if there are errors from data layer.
     */
public boolean isAncestorOrgDeleted(SSOToken token, String dn, int profileType) throws AMException {
    if (debug.messageEnabled()) {
        debug.message("Compliance.isAncestorOrgDeleted-> " + " checking from... " + dn);
    }
    String tdn = DN.valueOf(dn).toString().toLowerCase();
    if ((profileType == AMObject.ORGANIZATION) && deletedOrg.containsKey(tdn)) {
        if (((Boolean) deletedOrg.get(tdn)).booleanValue()) {
            return true;
        }
    // else continue
    }
    if (profileType != AMObject.ORGANIZATION) {
        tdn = DirectoryServicesFactory.getInstance().getOrganizationDN(internalToken, dn);
    }
    while (!tdn.equalsIgnoreCase(rootSuffix)) {
        // Check to see if ancestor is in the cache deleted cache.
        if (debug.messageEnabled()) {
            debug.message("Compliance.isAncestorOrgDeleted-> " + "Checking for deleted status of " + tdn);
        }
        if (deletedOrg.containsKey(tdn)) {
            return ((Boolean) deletedOrg.get(tdn)).booleanValue();
        }
        try {
            PersistentObject po = UMSObject.getObject(internalToken, new Guid(tdn));
            Attr attr = po.getAttribute(ORG_STATUS_ATTRIBUTE);
            if (debug.messageEnabled() && (attr != null)) {
                debug.message("Compliance.isAncestorOrgDeleted-> " + ORG_STATUS_ATTRIBUTE + "=" + attr.toString());
            }
            if (((attr != null) && (attr.size() != 0)) && attr.contains("deleted")) {
                // Org is deleted
                if (debug.messageEnabled()) {
                    debug.message("isAncestorOrgDeleted: caching org: " + tdn + " as deleted");
                }
                synchronized (deletedOrg) {
                    deletedOrg.put(tdn, Boolean.TRUE);
                }
                // who is deleted so return true.
                return true;
            } else {
                if (debug.messageEnabled()) {
                    debug.message("isAncestorOrgDeleted: caching org: " + tdn + " as active");
                }
                synchronized (deletedOrg) {
                    deletedOrg.put(tdn, Boolean.FALSE);
                }
            }
        } catch (UMSException umse) {
            debug.error("Compliance.isAncestorOrgDeleted-> " + "UMSException", umse);
            return false;
        }
        // continue till we reach the rootSuffix. any one of
        // the ancestors could still be marked deleted.
        tdn = DirectoryServicesFactory.getInstance().getOrganizationDN(token, dn);
    }
    // reached the rootsuffix. This will should never be marked deleted
    return false;
}

Example 28 with UMSException

use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.

the class ComplianceServicesImpl method verifyAndUnLinkGroupToRole.

/**
     * Method which verifies if the groupDN corresponds to an admin role. If
     * true then the <Code> members </Code> are removed from the admin role.
     * 
     * @param token Single Sign On Token.
     * @param members Set of member DNs to be operated.
     * @param groupDN Distinguished Name of the group.
     * @throws AMException if unsuccessful in removing the members from the
     *         corresponding admin groups and updating the <code>memberOf</code>
     *         and <code>adminRole</code> attribute values to null.
     */
protected void verifyAndUnLinkGroupToRole(SSOToken token, Set members, String groupDN) throws AMException {
    // Obtain the group corresponding to roleDN
    DN dn = DN.valueOf(groupDN);
    String roleName = getRoleFromGroupDN(dn);
    if (roleName != null) {
        String orgDN = dn.parent().parent().toString();
        String roleDN = NamingAttributeManager.getNamingAttribute(AMObject.ROLE) + "=" + roleName + "," + orgDN;
        if (debug.messageEnabled()) {
            debug.message("Compliance.verifyAndUnlinkGroupToRole(): " + "Unlinking group: " + groupDN + " to role :" + roleDN);
        }
        // Remove the members from the admin role
        Iterator itr = members.iterator();
        try {
            ManagedRole role = (ManagedRole) UMSObject.getObject(token, new Guid(roleDN));
            while (itr.hasNext()) {
                String memberDN = (String) itr.next();
                role.removeMember(new Guid(memberDN));
            }
        } catch (EntryNotFoundException ex) {
            debug.error("Compliance.verifyAndUnLinkGroupToRole: Admin " + "groups are missing");
        } catch (UMSException ue) {
            debug.error("Compliance.verifyAndUnLinkGroupToRole(): ", ue);
            Object[] args = { roleDN };
            throw new AMException(AMSDKBundle.getString("972", args), "772", args);
        }
    }
}

Example 29 with UMSException

use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.

the class ComplianceServicesImpl method checkIfDeletedUser.

/**
     * Method which checks if the entry corresponding to userDN represents a
     * deleted user entry (entry with inetuserstatus:deleted)
     * 
     * @param token
     *            a SSOToken object
     * @param userDN
     *            a String representing a user DN
     * 
     * @exception AMEntryExistsException
     *                if the userDN corresponds to a deleted user
     */
protected void checkIfDeletedUser(SSOToken token, String userDN) throws AMEntryExistsException {
    String[] userAttribute = { USER_STATUS_ATTRIBUTE };
    Attr attr;
    try {
        PersistentObject po = UMSObject.getObject(token, new Guid(userDN), userAttribute);
        attr = po.getAttribute(USER_STATUS_ATTRIBUTE);
    } catch (UMSException ue) {
        if (debug.messageEnabled())
            debug.message("Compliance.checkIfDeletedUser(): ", ue);
        return;
    }
    if (attr != null) {
        String attrValue = attr.getValue();
        if (attrValue != null && attrValue.equalsIgnoreCase("deleted")) {
            debug.warning("Compliance.checkIfDeletedUser(): " + "deleted user entry: " + userDN);
            throw new AMEntryExistsException(AMSDKBundle.getString("329"), "329");
        }
    }
}

Example 30 with UMSException

use of com.iplanet.ums.UMSException in project OpenAM by OpenRock.

the class COSManager method assignDirectCOSDef.

/**
     * Assigns a direct (Classic) COS definition to a persistent object.
     * 
     * @param pObject
     *            The target persistent object.
     * @param cosDef
     *            The direct (Classic) COS definition.
     * @param cosTemplate
     *            A COS template belonging to the definition.
     * @param sMgr
     *            A SchemaManager instance.
     * 
     * @throws UMSException
     *             if an exception occurs
     */
private void assignDirectCOSDef(PersistentObject pObject, DirectCOSDefinition cosDef, COSTemplate cosTemplate, SchemaManager sMgr) throws UMSException {
    //
    if (cosDef.getGuid() == null) {
        String msg = i18n.getString(IUMSConstants.COS_DEFINITION_NOT_PERSISTENT);
        throw new UMSException(msg);
    }
    // Make sure target entry is in same tree as COS Def parent.
    //
    DN targetDN = DN.valueOf(pObject.getGuid().getDn());
    DN cosParentDN = DN.valueOf(cosDef.getParentGuid().getDn());
    if (!(targetDN.isInScopeOf(cosParentDN, SearchScope.SUBORDINATES))) {
        String msg = i18n.getString(IUMSConstants.COS_TARGET_OBJECT_DIFFERENT_TREE);
        throw new UMSException(msg);
    }
    //
    if (cosDef.getCOSSpecifier().equalsIgnoreCase("nsrole"))
        return;
    ArrayList aList;
    AttrSet attrSet = new AttrSet();
    // Get cosSpecifier object class - should only be one.
    // Update the target entry with cosSpecifier object class.
    // Only add it if it doesn't already exist.
    //
    aList = (ArrayList) sMgr.getObjectClasses(cosDef.getCOSSpecifier());
    String cosSpecObjectClass = (String) aList.get(0);
    if (!objectClassExists(cosSpecObjectClass, pObject)) {
        attrSet.add(new Attr("objectclass", cosSpecObjectClass));
    }
    // Get the cos attributes from the definition (ex. mailquota).
    // For each of the attributes, get the objectclass. These
    // will be used to attach to the target entry. This is only
    // done if the cos attribute qualifier is not "operational"
    // (you don't need to add cos attribute object classes for
    // "operational" cos attribute qualifier.
    //
    String[] cosAttributes = cosDef.getCOSAttributes();
    String qualifier = null;
    Arrays.asList(ICOSDefinition.qualifiers);
    Attr attr = cosTemplate.getAttribute("objectclass");
    String[] cosTempObjClasses = attr.getStringValues();
    for (int i = 0; i < cosAttributes.length; i++) {
        StringTokenizer st = new StringTokenizer(cosAttributes[i]);
        st.nextToken();
        qualifier = st.nextToken();
        if ((!qualifier.equals(ICOSDefinition.qualifiers[ICOSDefinition.OPERATIONAL]))) {
            for (int j = 0; j < cosTempObjClasses.length; j++) {
                if (!cosTempObjClasses[j].equalsIgnoreCase("top") && !cosTempObjClasses[j].equalsIgnoreCase("costemplate") && !objectClassExists(cosTempObjClasses[j], pObject)) {
                    if (!attrSet.contains("objectclass", cosTempObjClasses[j])) {
                        attrSet.add(new Attr("objectclass", cosTempObjClasses[j]));
                    }
                }
            }
        }
    }
    //
    if (pObject.getAttribute(cosDef.getCOSSpecifier()) == null)
        attrSet.add(new Attr(cosDef.getCOSSpecifier(), cosTemplate.getName()));
    if (attrSet.size() > 0) {
        pObject.modify(toModifications(ModificationType.ADD, attrSet));
        pObject.save();
    }
}