Examples with EntryNotFoundException com.iplanet.ums.EntryNotFoundException used on opensource projects

Example 1 with EntryNotFoundException

use of com.iplanet.ums.EntryNotFoundException in project OpenAM by OpenRock.

the class DirectoryServicesImpl method getMembers.

/**
     * Get members for roles, dynamic group or static group
     * 
     * @param token
     *            SSOToken
     * @param entryDN
     *            DN of the role or group
     * @param objectType
     *            objectType of the target object, AMObject.ROLE or
     *            AMObject.GROUP
     * @return Set Member DNs
     */
public Set getMembers(SSOToken token, String entryDN, int objectType) throws AMException {
    try {
        SearchResults results;
        switch(objectType) {
            case AMObject.ROLE:
            case AMObject.MANAGED_ROLE:
                ManagedRole role = (ManagedRole) UMSObject.getObject(token, new Guid(entryDN));
                results = role.getMemberIDs();
                return searchResultsToSet(results);
            case AMObject.FILTERED_ROLE:
                FilteredRole filteredRole = (FilteredRole) UMSObject.getObject(token, new Guid(entryDN));
                results = filteredRole.getMemberIDs();
                return searchResultsToSet(results);
            case AMObject.GROUP:
            case AMObject.STATIC_GROUP:
                StaticGroup group = (StaticGroup) UMSObject.getObject(token, new Guid(entryDN));
                results = group.getMemberIDs();
                return searchResultsToSet(results);
            case AMObject.DYNAMIC_GROUP:
                DynamicGroup dynamicGroup = (DynamicGroup) UMSObject.getObject(token, new Guid(entryDN));
                results = dynamicGroup.getMemberIDs();
                return searchResultsToSet(results);
            case AMObject.ASSIGNABLE_DYNAMIC_GROUP:
                // TODO: See if it works after removing this workaround
                // fake object to get around UMS problem.
                // UMS AssignableDynamicGroup has a class resolver, it is
                // added to resolver list in static block. So I need to
                // construct a dummy AssignableDynamicGroup
                AssignableDynamicGroup adgroup = (AssignableDynamicGroup) UMSObject.getObject(token, new Guid(entryDN));
                results = adgroup.getMemberIDs();
                return searchResultsToSet(results);
            default:
                throw new AMException(token, "114");
        }
    } catch (EntryNotFoundException e) {
        debug.error("DirectoryServicesImpl.getMembers() entryDN " + entryDN + " objectType: " + objectType + " Unable to get members: ", e);
        String msgid = getEntryNotFoundMsgID(objectType);
        String entryName = getEntryName(e);
        Object[] args = { entryName };
        throw new AMException(AMSDKBundle.getString(msgid, args), msgid, args);
    } catch (UMSException e) {
        debug.error("DirectoryServicesImpl.getMembers() entryDN " + entryDN + " objectType: " + objectType + " Unable to get members: ", e);
        LdapException le = (LdapException) e.getRootCause();
        if (le != null) {
            ResultCode resultCode = le.getResult().getResultCode();
            if (ResultCode.SIZE_LIMIT_EXCEEDED.equals(resultCode) || ResultCode.ADMIN_LIMIT_EXCEEDED.equals(resultCode)) {
                throw new AMException(token, "505", e);
            }
        }
        throw new AMException(token, "454", e);
    }
}

Example 2 with EntryNotFoundException

use of com.iplanet.ums.EntryNotFoundException in project OpenAM by OpenRock.

the class ComplianceServicesImpl method verifyAndUnLinkRoleToGroup.

/**
     * Verifies if the <code>roleDN</code> corresponds to an admin role. If
     * true the <code>memberOf</code> and <code>adminRole</code> attributes
     * of each member/user are set to null. Each of the members/users are also
     * removed to the corresponding admin group.
     * 
     * @param token
     *            single sign on token.
     * @param members
     *            Set of member distinguished name to be operated.
     * @param roleDN
     *            distinguished name of the role.
     * @exception AMException
     *                if unsuccessful in removing the members from the
     *                corresponding administrative groups and updating the
     *                <code>memberOf</code> and <code>adminRole</code>
     *                attribute values to null.
     */
protected void verifyAndUnLinkRoleToGroup(SSOToken token, Set members, String roleDN) throws AMException {
    // Obtain the group corresponding to roleDN
    DN dn = DN.valueOf(roleDN);
    String groupName = getGroupFromRoleDN(dn);
    if (groupName != null) {
        String orgDN = dn.parent().toString();
        String groupDN = NamingAttributeManager.getNamingAttribute(AMObject.GROUP) + "=" + groupName + ",ou=Groups," + orgDN;
        String groupRDN = NamingAttributeManager.getNamingAttribute(AMObject.GROUP) + "=" + groupName;
        // Delete the attributes memberOf & adminRole attribute values'
        // corresponding to this groupDN.
        Attr[] attrs = new Attr[1];
        attrs[0] = new Attr("adminrole", groupRDN);
        AttrSet attrSet = new AttrSet(attrs);
        Iterator itr = members.iterator();
        try {
            AssignableDynamicGroup group = (AssignableDynamicGroup) UMSObject.getObject(token, new Guid(groupDN));
            while (itr.hasNext()) {
                String memberDN = (String) itr.next();
                removeAttributesFromEntry(token, memberDN, attrSet);
                group.removeMember(new Guid(memberDN));
            }
        } catch (EntryNotFoundException ex) {
            debug.error("Compliance.verifyAndUnLinkRoleToGroup: " + "Admin groups are missing");
        } catch (UMSException ue) {
            debug.error("Compliance." + "verifyAndUnLinkRoleToGroup(): ", ue);
            throw new AMException(AMSDKBundle.getString("772"), "772");
        }
    }
}

Example 3 with EntryNotFoundException

use of com.iplanet.ums.EntryNotFoundException in project OpenAM by OpenRock.

the class DirectoryServicesImpl method setAttributes.

// TODO: method rename from setProfileAttributes to setAttributes
/**
     * Method Set the attributes of an entry.
     * 
     * @param token
     *            SSOToken
     * @param entryDN
     *            DN of the profile whose template is to be set
     * @param objectType
     *            profile type
     * @param stringAttributes
     *            attributes to be set
     * @param byteAttributes
     *            attributes to be set
     * @param isAdd
     *            <code>true</code> if add to existing value;
     *            otherwise replace the existing value.
     */
public void setAttributes(SSOToken token, String entryDN, int objectType, Map stringAttributes, Map byteAttributes, boolean isAdd) throws AMException, SSOException {
    Map oldAttributes = null;
    EmailNotificationHelper mailer = null;
    validateAttributeUniqueness(entryDN, objectType, false, stringAttributes);
    String eDN = entryDN;
    if (objectType == AMObject.USER) {
        eDN = DN.valueOf(entryDN).parent().toString();
    }
    String orgDN = getOrganizationDN(internalToken, eDN);
    try {
        if (debug.messageEnabled()) {
            debug.message("DirectoryServicesImpl.setAttributes() entryDN: " + entryDN);
        }
        if (objectType == AMObject.USER) {
            // Create user modification list
            // Invoke the user password validation plugin. Note: the
            // validation is done only for String attributes
            UserPasswordValidationHelper pluginImpl = new UserPasswordValidationHelper(token, orgDN);
            try {
                pluginImpl.validate(stringAttributes);
            } catch (AMException ame) {
                debug.error("DirectoryServicesImpl.setAttributes(): Invalid " + "characters for user", ame);
                throw ame;
            }
            // Create a mailter instance
            mailer = new EmailNotificationHelper(entryDN);
            mailer.setUserModifyNotificationList();
        }
        if ((getUserPostPlugin() != null) || (mailer != null && mailer.isPresentUserModifyNotificationList())) {
            Set attrNames = stringAttributes.keySet();
            oldAttributes = getAttributes(token, entryDN, attrNames, objectType);
        }
        // Call pre-processing user impls & get modified attributes
        // Note currently only String attributes supported
        stringAttributes = processPreModifyCallBacks(token, entryDN, oldAttributes, stringAttributes, orgDN, objectType);
        // Set DCTree attributes
        setDCTreeAttributes(token, entryDN, stringAttributes, objectType);
        // modify and save the entry
        modifyAndSaveEntry(token, entryDN, stringAttributes, byteAttributes, isAdd);
    } catch (AccessRightsException e) {
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.setAttributes() User does " + "not have sufficient access rights: ", e);
        }
        throw new AMException(token, "460");
    } catch (EntryNotFoundException ee) {
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.setAttributes() Entry not " + "found: ", ee);
        }
        String msgid = getEntryNotFoundMsgID(objectType);
        String entryName = getEntryName(ee);
        Object[] args = { entryName };
        throw new AMException(AMSDKBundle.getString(msgid, args), msgid, args);
    } catch (UMSException e) {
        if (debug.warningEnabled())
            debug.warning("DirectoryServicesImpl.setAttributes() Internal " + "error occurred", e);
        processInternalException(token, e, "452");
    }
    processPostModifyCallBacks(token, entryDN, oldAttributes, stringAttributes, orgDN, objectType);
    if (objectType == AMObject.USER) {
        AMUserEntryProcessed postPlugin = getUserPostPlugin();
        if (postPlugin != null) {
            // Invoke pre processing impls
            postPlugin.processUserModify(token, entryDN, oldAttributes, stringAttributes);
        }
        if (mailer != null && mailer.isPresentUserModifyNotificationList()) {
            mailer.sendUserModifyNotification(token, stringAttributes, oldAttributes);
        }
    }
}

Example 4 with EntryNotFoundException

use of com.iplanet.ums.EntryNotFoundException in project OpenAM by OpenRock.

the class ComplianceServicesImpl method verifyAndLinkRoleToGroup.

/**
     * Method which verifies if the <code>roleDN</code> corresponds to an
     * admin role. If true the <code>memberOf</code> and
     * <code>adminRole</code> attributes of each member/user are set to the
     * corresponding administration <code>groupDN</code> and administration
     * <code>groupRDN</code> respectively. Each of the members/users are also
     * added to the corresponding admin group.
     * 
     * @param token
     *            single sign on token.
     * @param membersGuid
     *            Guid array of members to be operated on.
     * @param roleDN
     *            distinguished name of the role.
     * 
     * @exception AMException
     *                if unsuccessful in adding the members to the corresponding
     *                admin group. As a result of which the memberOf and
     *                adminRole attributes are also not updated.
     */
protected void verifyAndLinkRoleToGroup(SSOToken token, Guid[] membersGuid, String roleDN) throws AMException {
    // Obtain the group corresponding to roleDN
    DN dn = DN.valueOf(roleDN);
    String groupName = getGroupFromRoleDN(dn);
    if (groupName != null) {
        // roleDN corresponds to an admin role
        String orgDN = dn.parent().toString();
        String groupDN = NamingAttributeManager.getNamingAttribute(AMObject.GROUP) + "=" + groupName + ",ou=Groups," + orgDN;
        String groupRDN = NamingAttributeManager.getNamingAttribute(AMObject.GROUP) + "=" + groupName;
        try {
            // Add the members to corresponding group.
            AssignableDynamicGroup group = (AssignableDynamicGroup) UMSObject.getObject(token, new Guid(groupDN));
            group.addMembers(membersGuid);
            Attr[] attrs = new Attr[1];
            attrs[0] = new Attr("adminrole", groupRDN);
            AttrSet attrSet = new AttrSet(attrs);
            int numMembers = membersGuid.length;
            for (int i = 0; i < numMembers; i++) {
                addAttributesToEntry(token, membersGuid[i].getDn(), attrSet);
            }
        } catch (EntryNotFoundException ex) {
            debug.error("Compliance.verifyAndLinkRoleToGroup: " + "Admin groups are missing");
        } catch (UMSException ue) {
            debug.error("Compliance." + "verifyAndLinkRoleToGroup(): ", ue);
            throw new AMException(AMSDKBundle.getString("771"), "771");
        }
    }
}

Example 5 with EntryNotFoundException

use of com.iplanet.ums.EntryNotFoundException in project OpenAM by OpenRock.

the class DirectoryServicesImpl method getGroupFilterAndScope.

// ##########Group and role related APIs
/**
     * Returns an array containing the dynamic group's scope, base dn, and
     * filter.
     */
public String[] getGroupFilterAndScope(SSOToken token, String entryDN, int profileType) throws SSOException, AMException {
    String[] result = new String[3];
    int scope;
    String base;
    String gfilter;
    try {
        DynamicGroup dg = (DynamicGroup) UMSObject.getObject(token, new Guid(entryDN));
        scope = dg.getSearchScope();
        base = dg.getSearchBase().getDn();
        gfilter = dg.getSearchFilter();
        result[0] = Integer.toString(scope);
        result[1] = base;
        result[2] = gfilter;
    } catch (EntryNotFoundException e) {
        debug.error("AMGroupImpl.searchUsers", e);
        String msgid = getEntryNotFoundMsgID(profileType);
        String expectionEntryName = getEntryName(e);
        Object[] args = { expectionEntryName };
        throw new AMException(AMSDKBundle.getString(msgid, args), msgid, args);
    } catch (UMSException e) {
        debug.message("AMGroupImpl.searchUsers", e);
        throw new AMException(AMSDKBundle.getString("341"), "341", e);
    }
    return result;
}