Example 81 with Attr
use of com.iplanet.services.ldap.Attr in project OpenAM by OpenRock.
the class PersistentObject method getAttributes.
/**
* Gets attribute values
*
* @param attrs
* Array of strings representing attribute names
* @param cacheOnly
* if true, read attributes from cache only without contacting
* data stroe
* @return attribute value set for the return values
* @see #getAttribute(String)
*
* @supported.api
*/
public AttrSet getAttributes(String[] attrs, boolean cacheOnly) throws UMSException {
if (attrs == null) {
throw new IllegalArgumentException(i18n.getString(IUMSConstants.BAD_ATTRNAMES));
}
AttrSet attrSet = new AttrSet();
if (!cacheOnly) {
Collection attributesNotInCache = findAttributesNotRead(attrs);
if ((!attributesNotInCache.isEmpty()) && (getGuid() != null) && (getPrincipal() != null)) {
readAttributesFromDataStore(attributesNotInCache);
}
}
int length = attrs.length;
for (int i = 0; i < length; i++) {
Attr attr = getAttributeFromCache(attrs[i]);
if (attr != null) {
attrSet.add(attr);
}
}
return attrSet;
}
Also used :
Collection(java.util.Collection)
Attr(com.iplanet.services.ldap.Attr)
AttrSet(com.iplanet.services.ldap.AttrSet)
Example 82 with Attr
use of com.iplanet.services.ldap.Attr in project OpenAM by OpenRock.
the class AMCommonUtils method attrSetToMap.
/**
* Method to convert a AttrSet object to Map.
*
* @param attrSet
* the AttrSet to be converted to a Map
* @param fetchByteValues
* if false stringValues are added, if true byteValues are added.
* @return a Map containing attribute names as key's and a Set of attribute
* values or byte Values
*/
protected static Map attrSetToMap(AttrSet attrSet, boolean fetchByteValues) {
Map attributesMap = new AMHashMap(fetchByteValues);
if (attrSet == null) {
return attributesMap;
}
int attrSetSize = attrSet.size();
if (!fetchByteValues) {
for (int i = 0; i < attrSetSize; i++) {
Attr attr = attrSet.elementAt(i);
String[] values = attr.getStringValues();
attributesMap.put(attr.getName(), stringArrayToSet(values));
}
} else {
for (int i = 0; i < attrSetSize; i++) {
Attr attr = attrSet.elementAt(i);
attributesMap.put(attr.getName(), attr.getByteValues());
}
}
return attributesMap;
}Example 83 with Attr
use of com.iplanet.services.ldap.Attr in project OpenAM by OpenRock.
the class AMCommonUtils method mapToAttrSet.
/**
* Method to convert a Map to AttrSet.
*
* @param map
* a map contaning attribute names as keys and a Set of attribute
* values corresponding to each map key.
* @param byteValues
* if true then values are bytes otherwise strings
* @return an AttrSet having the contents of the supplied map
*/
protected static AttrSet mapToAttrSet(Map map, boolean byteValues) {
AttrSet attrSet = new AttrSet();
if (map == null) {
return attrSet;
}
if (!byteValues) {
Iterator itr = map.keySet().iterator();
while (itr.hasNext()) {
String attrName = (String) (itr.next());
Set set = (Set) (map.get(attrName));
String[] attrValues = (set == null ? null : (String[]) set.toArray(new String[set.size()]));
attrSet.replace(new Attr(attrName, attrValues));
}
} else {
Iterator itr = map.keySet().iterator();
while (itr.hasNext()) {
String attrName = (String) (itr.next());
byte[][] attrValues = (byte[][]) (map.get(attrName));
attrSet.replace(new Attr(attrName, attrValues));
}
}
return attrSet;
}Example 84 with Attr
use of com.iplanet.services.ldap.Attr in project OpenAM by OpenRock.
the class AssignableDynamicGroup method hasMember.
/**
* Returns <code>true</code> if a given identifier is a member of the
* group.
*
* @param guid Identity of member to be checked for membership.
* @return <code>true</code> if it is a member.
* @exception UMSException if fail to read object for guid.
*
* @supported.api
*/
public boolean hasMember(Guid guid) throws UMSException {
if (getPrincipal() == null) {
throw new IllegalArgumentException(i18n.getString(IUMSConstants.NULL_PRINCIPAL));
}
PersistentObject object = UMSObject.getObject(getPrincipal(), guid);
Attr attr = object.getAttribute(MEMBER_ATTR_NAME);
if (attr == null) {
if (debug.messageEnabled()) {
debug.message("AssignableDynamicGroup.hasMember: no " + "attribute " + MEMBER_ATTR_NAME + " in " + guid.getDn());
}
return false;
}
// need to normalize DN to escape spaces and such
// for accurate checking of membership
// TODO: This ties guids to DNS. The methods to normalize and compare
// should be managed separately.
// TODO: The members should have been normalized before adding to
// the group (i.e. when creating or modifying it), so it should not
// be necessary to have normalizing code spread out in the classes
// and methods.
String normalized = getGuid().getDn();
String[] members = attr.getStringValues();
for (int i = 0; i < members.length; i++) {
String target = members[i];
if (debug.messageEnabled()) {
debug.message("AssignableDynamicGroup.hasMember: comparing " + normalized + " to " + target);
}
if (Guid.equals(normalized, target)) {
return true;
}
}
return false;
}
Also used :
Attr(com.iplanet.services.ldap.Attr)
Example 85 with Attr
use of com.iplanet.services.ldap.Attr in project OpenAM by OpenRock.
the class BaseRole method newAccessRight.
/**
* Creates attribute access rights for the role;
* existing attribute access rights for the role will be replaced.
*
* @param accessRight
* New access right to be set to the role
*
* @supported.api
*/
public void newAccessRight(AccessRightObject accessRight) throws UMSException, ACIParseException {
ACI readACI = null;
ACI writeACI = null;
// get parent GUID
if (parentObject == null) {
parentObject = getParentObject();
}
// get ACIS from parent object
Iterator acis = parentObject.getACI().iterator();
// go throw each ACI to see if it sets the access right for the role
if (acis != null) {
String guid = getGuid().getDn().trim();
while (acis.hasNext()) {
ACI aci = (ACI) acis.next();
if (debug.messageEnabled()) {
debug.message("BaseRole.newAccessRight ACI.toString =" + aci.toString());
}
// try to find out if this ACI is for this role
// checking the name of the aci,
// better solution is to check the roledn, TBD
String aciName = aci.getName();
if (aciName.equals(READ_PERM_HEADER + guid)) {
readACI = aci;
if (writeACI != null)
break;
else
continue;
}
if (aciName.equals(WRITE_PERM_HEADER + guid)) {
writeACI = aci;
if (readACI != null)
break;
else
continue;
}
}
}
if (readACI != null) {
debug.message("modify existing read aci");
// modify existing read ACI
Attr attr = new Attr(ACI.ACI, readACI.getACIText());
if (debug.messageEnabled()) {
debug.message("readaci.ACIText :" + readACI.getACIText());
}
parentObject.modify(attr, ModificationType.DELETE);
ACI newReadACI = ACI.valueOf(readACI.toString());
QualifiedCollection readAttrs = new QualifiedCollection(accessRight.getReadableAttributeNames(), false);
newReadACI.setTargetAttributes(readAttrs);
attr = new Attr(ACI.ACI, newReadACI.toString());
parentObject.modify(attr, ModificationType.ADD);
} else {
debug.message("new read aci");
// add new read ACI
ACI newReadACI = new ACI(READ_PERM_HEADER + getGuid().getDn());
newReadACI.setName(READ_PERM_HEADER + getGuid().getDn());
QualifiedCollection readAttrs = new QualifiedCollection(accessRight.getReadableAttributeNames(), false);
newReadACI.setTargetAttributes(readAttrs);
// set Allow "read" permission
HashSet hs = new HashSet();
hs.add(READ_PERM_STRING);
QualifiedCollection perm = new QualifiedCollection(hs, false);
newReadACI.setPermissions(perm);
// set applied role
hs = new HashSet();
hs.add(getGuid().getDn());
newReadACI.setRoles(hs);
Attr attr = new Attr(ACI.ACI, newReadACI.toString());
if (debug.messageEnabled()) {
debug.message("READ " + getGuid().getDn() + "=" + newReadACI.toString());
}
parentObject.modify(attr, ModificationType.ADD);
}
if (writeACI != null) {
debug.message("modify existing write aci");
// modify existing read ACI
Attr attr = new Attr(ACI.ACI, writeACI.getACIText());
if (debug.messageEnabled()) {
debug.message("writeaci.ACIText :" + writeACI.getACIText());
}
parentObject.modify(attr, ModificationType.DELETE);
ACI newWriteACI = ACI.valueOf(writeACI.toString());
QualifiedCollection qual = new QualifiedCollection(accessRight.getWritableAttributeNames(), false);
newWriteACI.setTargetAttributes(qual);
attr = new Attr(ACI.ACI, newWriteACI.toString());
parentObject.modify(attr, ModificationType.ADD);
} else {
debug.message("new write aci");
// add new write ACI
ACI newWriteACI = new ACI(WRITE_PERM_HEADER + getGuid().getDn());
newWriteACI.setName(WRITE_PERM_HEADER + getGuid().getDn());
QualifiedCollection writeAttrs = new QualifiedCollection(accessRight.getWritableAttributeNames(), false);
newWriteACI.setTargetAttributes(writeAttrs);
// set Allow "write" permission
HashSet hs = new HashSet();
hs.add(WRITE_PERM_STRING);
QualifiedCollection perm = new QualifiedCollection(hs, false);
newWriteACI.setPermissions(perm);
// set applied role
hs = new HashSet();
hs.add(getGuid().getDn());
newWriteACI.setRoles(hs);
Attr attr = new Attr(ACI.ACI, newWriteACI.toString());
if (debug.messageEnabled()) {
debug.message("Write " + getGuid().getDn() + "=" + newWriteACI.toString());
}
parentObject.modify(attr, ModificationType.ADD);
}
// save ACI changes to parent persistent store
parentObject.save();
}
Also used :
QualifiedCollection(com.iplanet.services.ldap.aci.QualifiedCollection)
ACI(com.iplanet.services.ldap.aci.ACI)
Iterator(java.util.Iterator)
Attr(com.iplanet.services.ldap.Attr)
HashSet(java.util.HashSet)
Aggregations
Attr (com.iplanet.services.ldap.Attr)89
AttrSet (com.iplanet.services.ldap.AttrSet)34
Guid (com.iplanet.ums.Guid)16
Iterator (java.util.Iterator)15
UMSException (com.iplanet.ums.UMSException)14
PersistentObject (com.iplanet.ums.PersistentObject)12
HashSet (java.util.HashSet)12
Set (java.util.Set)12
HashMap (java.util.HashMap)10
ArrayList (java.util.ArrayList)9
Map (java.util.Map)9
ByteString (org.forgerock.opendj.ldap.ByteString)9
AMException (com.iplanet.am.sdk.AMException)7
SSOException (com.iplanet.sso.SSOException)5
AMHashMap (com.iplanet.am.sdk.AMHashMap)4
Enumeration (java.util.Enumeration)4
AMEntryExistsException (com.iplanet.am.sdk.AMEntryExistsException)3
AssignableDynamicGroup (com.iplanet.ums.AssignableDynamicGroup)3
CreationTemplate (com.iplanet.ums.CreationTemplate)3
EntryNotFoundException (com.iplanet.ums.EntryNotFoundException)3
