Search in sources :

Example 6 with AttrSet

use of com.iplanet.services.ldap.AttrSet in project OpenAM by OpenRock.

the class DirectoryServicesImpl method createOrganization.

private void createOrganization(SSOToken token, PersistentObject parentObj, Map attributes, String profileName) throws UMSException, AMException, SSOException {
    // Invoke the Pre Processing plugin. Note: we need to obtain
    // the parent org of this organization to obtain the
    // plugin classes for the parent org.
    String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
    String entryDN = getNamingAttribute(AMObject.ORGANIZATION) + "=" + profileName + "," + parentObj.getDN();
    attributes = callBackHelper.preProcess(token, entryDN, orgDN, null, attributes, CallBackHelper.CREATE, AMObject.ORGANIZATION, false);
    AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
    makeNamingFirst(attrSet, getNamingAttribute(AMObject.ORGANIZATION), profileName);
    TemplateManager tempMgr = TemplateManager.getTemplateManager();
    com.iplanet.ums.Organization org = null;
    CreationTemplate creationTemp = tempMgr.getCreationTemplate("BasicOrganization", new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
    attrSet = combineOCs(creationTemp, attrSet);
    // COMPLIANCE: DCTREE
    if (dcTreeImpl.isRequired()) {
        AttrSet[] attrSetArray = dcTreeImpl.splitAttrSet(parentObj.getDN(), attrSet);
        org = new com.iplanet.ums.Organization(creationTemp, attrSetArray[0]);
        // create the DC node first. If it fails then the org node will not
        // be created at all. No clean up needed afterwards then.
        dcTreeImpl.createDomain(token, new Guid(entryDN), attrSet);
    } else {
        org = new com.iplanet.ums.Organization(creationTemp, attrSet);
    }
    try {
        parentObj.addChild(org);
    } catch (UMSException ue) {
        // clean up DC node
        if (dcTreeImpl.isRequired()) {
            dcTreeImpl.removeDomain(token, entryDN);
        }
        if (ComplianceServicesImpl.isComplianceUserDeletionEnabled()) {
            // COMPLIANCE
            // If the existing entry is marked for deletion, then
            // the error message should be different.
            complianceImpl.checkIfDeletedOrg(token, org.getDN());
        }
        throw ue;
    }
    if (ComplianceServicesImpl.isAdminGroupsEnabled(org.getDN())) {
        complianceImpl.createAdminGroups(token, org);
    }
    // mode, the corresponding realm must also be created.
    if (ServiceManager.isCoexistenceMode() && ServiceManager.isRealmEnabled()) {
        try {
            // Check if realm exisits, this throws SMSException
            // if realm does not exist
            new OrganizationConfigManager(token, entryDN);
        } catch (SMSException smse) {
            // Organization does not exist, create it
            if (debug.messageEnabled()) {
                debug.message("DirectoryServicesImpl::createOrganization " + "creating realm: " + org.getDN());
            }
            try {
                OrganizationConfigManager ocm = new OrganizationConfigManager(token, orgDN);
                ocm.createSubOrganization(profileName, null);
            } catch (SMSException se) {
                if (debug.messageEnabled()) {
                    debug.message("DirectoryServicesImpl::" + "createOrganization unable to create realm: " + org.getDN(), se);
                }
            }
        }
    }
    // If in legacy mode, add the default services
    if (ServiceManager.isCoexistenceMode()) {
        try {
            OrganizationConfigManager ocm = new OrganizationConfigManager(token, entryDN);
            OrganizationConfigManager.loadDefaultServices(token, ocm);
        } catch (SMSException smse) {
            // Unable to load default services
            if (debug.warningEnabled()) {
                debug.warning("DirectoryServicesImpl::createOrganization " + "Unable to load services: " + org.getDN());
            }
        }
    }
    // Invoke Post processing impls. Note: orgDN is parent org
    callBackHelper.postProcess(token, org.getDN(), orgDN, null, attributes, CallBackHelper.CREATE, AMObject.ORGANIZATION, false);
}
Also used : CreationTemplate(com.iplanet.ums.CreationTemplate) UMSException(com.iplanet.ums.UMSException) SMSException(com.sun.identity.sm.SMSException) OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager) TemplateManager(com.iplanet.ums.TemplateManager) Guid(com.iplanet.ums.Guid) AttrSet(com.iplanet.services.ldap.AttrSet)

Example 7 with AttrSet

use of com.iplanet.services.ldap.AttrSet in project OpenAM by OpenRock.

the class DirectoryServicesImpl method combineOCs.

/**
     * When an object is being created and attribute sets are being passed UMS
     * does not overrid objectclasses in the attribute set, with the ones from
     * creation template. This method takes care of that.
     * 
     * @param ct
     * @param aSet
     */
private AttrSet combineOCs(CreationTemplate ct, AttrSet aSet) {
    // UMS creation template will not append default user
    // objectclasses if the "objectclass" attribute is present
    // so we need to append those default objectclass here
    Attr attr = aSet.getAttribute("objectclass");
    // if (attr != null) {
    // TO: To write a separate method for attrSet combine object class
    // values. Need to avoid conversion from string array to sets.
    // get default user objectclass from creation template
    Attr defAttr = ct.getAttribute("objectclass");
    Set addOCs = (attr != null) ? CommonUtils.stringArrayToSet(attr.getStringValues()) : new HashSet();
    Set ctOCs = CommonUtils.stringArrayToSet(defAttr.getStringValues());
    Set finalOCs = CommonUtils.combineOCs(addOCs, ctOCs);
    aSet.remove("objectclass");
    Attr finalOCAttr = new Attr("objectclass", (String[]) finalOCs.toArray(new String[finalOCs.size()]));
    aSet.add(finalOCAttr);
    // }
    return aSet;
}
Also used : Set(java.util.Set) OrderedSet(com.sun.identity.shared.datastruct.OrderedSet) TreeSet(java.util.TreeSet) HashSet(java.util.HashSet) AttrSet(com.iplanet.services.ldap.AttrSet) Attr(com.iplanet.services.ldap.Attr) HashSet(java.util.HashSet)

Example 8 with AttrSet

use of com.iplanet.services.ldap.AttrSet in project OpenAM by OpenRock.

the class DirectoryServicesImpl method createOrganizationalUnit.

private void createOrganizationalUnit(SSOToken token, PersistentObject parentObj, Map attributes, String profileName) throws UMSException, AMException {
    // Invoke the Pre Post Plugins
    String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
    String entryDN = getNamingAttribute(AMObject.ORGANIZATIONAL_UNIT) + "=" + profileName + "," + parentObj.getDN();
    attributes = callBackHelper.preProcess(token, entryDN, orgDN, null, attributes, CallBackHelper.CREATE, AMObject.ORGANIZATIONAL_UNIT, false);
    AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
    makeNamingFirst(attrSet, getNamingAttribute(AMObject.ORGANIZATIONAL_UNIT), profileName);
    TemplateManager tempMgr = TemplateManager.getTemplateManager();
    CreationTemplate creationTemp = tempMgr.getCreationTemplate("BasicOrganizationalUnit", new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
    attrSet = combineOCs(creationTemp, attrSet);
    OrganizationalUnit ou = new OrganizationalUnit(creationTemp, attrSet);
    parentObj.addChild(ou);
    // Invoke Post processing impls
    callBackHelper.postProcess(token, ou.getDN(), orgDN, null, attributes, CallBackHelper.CREATE, AMObject.ORGANIZATIONAL_UNIT, false);
}
Also used : CreationTemplate(com.iplanet.ums.CreationTemplate) AMOrganizationalUnit(com.iplanet.am.sdk.AMOrganizationalUnit) OrganizationalUnit(com.iplanet.ums.OrganizationalUnit) TemplateManager(com.iplanet.ums.TemplateManager) Guid(com.iplanet.ums.Guid) AttrSet(com.iplanet.services.ldap.AttrSet)

Example 9 with AttrSet

use of com.iplanet.services.ldap.AttrSet in project OpenAM by OpenRock.

the class DirectoryServicesImpl method createEntity.

/**
     * Method to create a user entry
     */
private void createEntity(SSOToken token, PersistentObject parentObj, int objectType, Map attributes, String profileName) throws UMSException, AMEntryExistsException, AMException {
    String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
    // Invoke the Pre Processing plugin
    AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
    makeNamingFirst(attrSet, getNamingAttribute(objectType), profileName);
    String ctName = getCreationTemplateName(objectType);
    if (ctName == null) {
        // Create a user if no CT defined.
        ctName = "BasicUser";
    }
    TemplateManager tempMgr = TemplateManager.getTemplateManager();
    CreationTemplate creationTemp = tempMgr.getCreationTemplate(ctName, new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
    attrSet = combineOCs(creationTemp, attrSet);
    PersistentObject user = new PersistentObject(creationTemp, attrSet);
    try {
        parentObj.addChild(user);
    } catch (AccessRightsException e) {
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.createEntity():" + " Insufficient Access rights to create entity", e);
        }
        throw new AMException(token, "460");
    } catch (EntryAlreadyExistsException ee) {
        if (ComplianceServicesImpl.isComplianceUserDeletionEnabled()) {
            // COMPLIANCE
            // If the existing entry is marked for deletion, then
            // the error message should be different.
            complianceImpl.checkIfDeletedUser(token, user.getDN());
        }
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.createEntity() Entity " + "already exists: ", ee);
        }
        throw new AMEntryExistsException(token, "462", ee);
    } catch (UMSException ue) {
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.createEntity(): Internal " + "Error occurred. Unable to create User Entry", ue);
        }
        processInternalException(token, ue, "324");
    }
}
Also used : CreationTemplate(com.iplanet.ums.CreationTemplate) AccessRightsException(com.iplanet.ums.AccessRightsException) UMSException(com.iplanet.ums.UMSException) TemplateManager(com.iplanet.ums.TemplateManager) PersistentObject(com.iplanet.ums.PersistentObject) AMException(com.iplanet.am.sdk.AMException) Guid(com.iplanet.ums.Guid) EntryAlreadyExistsException(com.iplanet.ums.EntryAlreadyExistsException) AttrSet(com.iplanet.services.ldap.AttrSet) AMEntryExistsException(com.iplanet.am.sdk.AMEntryExistsException)

Example 10 with AttrSet

use of com.iplanet.services.ldap.AttrSet in project OpenAM by OpenRock.

the class DirectoryServicesImpl method createFilteredRole.

private void createFilteredRole(SSOToken token, PersistentObject parentObj, Map attributes, String profileName) throws UMSException, AMException {
    // Invoke the Pre Processing plugin
    String orgDN = getOrganizationDN(internalToken, parentObj.getDN());
    String entryDN = getNamingAttribute(AMObject.FILTERED_ROLE) + "=" + profileName + "," + parentObj.getDN();
    attributes = callBackHelper.preProcess(token, entryDN, orgDN, null, attributes, CallBackHelper.CREATE, AMObject.FILTERED_ROLE, false);
    AttrSet attrSet = CommonUtils.mapToAttrSet(attributes);
    makeNamingFirst(attrSet, getNamingAttribute(AMObject.FILTERED_ROLE), profileName);
    TemplateManager tempMgr = TemplateManager.getTemplateManager();
    CreationTemplate creationTemp = tempMgr.getCreationTemplate("BasicFilteredRole", new Guid(orgDN), TemplateManager.SCOPE_ANCESTORS);
    attrSet = combineOCs(creationTemp, attrSet);
    if (!attrSet.contains(FilteredRole.FILTER_ATTR_NAME)) {
        Attr attr = new Attr(FilteredRole.FILTER_ATTR_NAME, SearchFilterManager.getSearchFilter(AMObject.USER, orgDN));
        attrSet.add(attr);
    }
    FilteredRole frole = new FilteredRole(creationTemp, attrSet);
    parentObj.addChild(frole);
    // Invoke Post processing impls
    callBackHelper.postProcess(token, frole.getDN(), orgDN, null, attributes, CallBackHelper.CREATE, AMObject.FILTERED_ROLE, false);
}
Also used : CreationTemplate(com.iplanet.ums.CreationTemplate) FilteredRole(com.iplanet.ums.FilteredRole) TemplateManager(com.iplanet.ums.TemplateManager) Guid(com.iplanet.ums.Guid) Attr(com.iplanet.services.ldap.Attr) AttrSet(com.iplanet.services.ldap.AttrSet)

Aggregations

AttrSet (com.iplanet.services.ldap.AttrSet)61 Attr (com.iplanet.services.ldap.Attr)33 Guid (com.iplanet.ums.Guid)19 Iterator (java.util.Iterator)16 Set (java.util.Set)14 UMSException (com.iplanet.ums.UMSException)13 AMException (com.iplanet.am.sdk.AMException)12 CreationTemplate (com.iplanet.ums.CreationTemplate)12 TemplateManager (com.iplanet.ums.TemplateManager)12 HashMap (java.util.HashMap)9 HashSet (java.util.HashSet)9 Map (java.util.Map)9 ArrayList (java.util.ArrayList)8 PersistentObject (com.iplanet.ums.PersistentObject)6 SSOException (com.iplanet.sso.SSOException)5 AMHashMap (com.iplanet.am.sdk.AMHashMap)4 AssignableDynamicGroup (com.iplanet.ums.AssignableDynamicGroup)4 AMEntryExistsException (com.iplanet.am.sdk.AMEntryExistsException)3 AccessRightsException (com.iplanet.ums.AccessRightsException)3 EntryAlreadyExistsException (com.iplanet.ums.EntryAlreadyExistsException)3