Example 6 with EntryNotFoundException
use of com.iplanet.ums.EntryNotFoundException in project OpenAM by OpenRock.
the class DirectoryServicesImpl method removeSubtree.
/**
* Private method used by "removeEntry" to delete an entire subtree
*/
private void removeSubtree(SSOToken token, String entryDN, boolean softDelete) throws AMException, SSOException {
int type = AMObject.UNKNOWN_OBJECT_TYPE;
try {
Guid guid = new Guid(entryDN);
PersistentObject po = UMSObject.getObjectHandle(internalToken, guid);
// first get all the children of the object
SearchControl control = new SearchControl();
control.setSearchScope(SearchControl.SCOPE_SUB);
String searchFilter = "(|(objectclass=*)(objectclass=ldapsubEntry))";
List list = new ArrayList();
// get number of RDNs in the entry itself
int entryRDNs = DN.valueOf(entryDN).size();
// to count maximum level of RDNs in the search return
int maxRDNCount = entryRDNs;
// go through all search results, add DN to the list, and
// set the maximun RDN count, will be used to remove DNs
SearchResults children = po.getChildren(searchFilter, control);
while (children.hasMoreElements()) {
PersistentObject object = children.next();
DN dn = DN.valueOf(object.getDN());
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl.removeEntry(): " + "found child: " + object.getDN());
}
int count = dn.size();
if (count > maxRDNCount) {
maxRDNCount = count;
}
list.add(dn);
}
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl.removeEntry(): max " + "RDNs: " + maxRDNCount);
}
// go through all search results, delete entries from the
// bottom up, starting from entries whose's RDN count
// equals the maxRDNCount
// TODO : If the list has too many entries, then the multiple
// iteration in the inner for loop may be the bottleneck.
// One enhancement to the existing algorithm is to store all
// the entries by level in a different List. Per Sai's comments
int len = list.size();
for (int i = maxRDNCount; i >= entryRDNs; i--) {
for (int j = 0; j < len; j++) {
DN dn = (DN) list.get(j);
// check if we need delete it now
if (dn.size() == i) {
// remove the entry
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl." + "removeEntry(): del " + dn.toString());
}
String rfcDN = dn.toString();
type = AMObject.UNKNOWN_OBJECT_TYPE;
try {
type = getObjectType(internalToken, rfcDN);
} catch (AMException ae) {
// Not a managed type, just delete it.
Guid g = new Guid(rfcDN);
UMSObject.removeObject(token, g);
}
// Do a non-recursive delete
if (type != AMObject.UNKNOWN_OBJECT_TYPE && type != AMObject.UNDETERMINED_OBJECT_TYPE) {
try {
removeSingleEntry(token, rfcDN, type, softDelete);
} catch (AMPreCallBackException amp) {
debug.error("DirectoryServicesImpl." + "removeSubTree: Aborting delete of: " + rfcDN + " due to pre-callback exception", amp);
}
}
// remove the deleted entry from the list
list.remove(j);
// move back pointer, as current element is removed
j--;
// reduce list length
len--;
}
}
}
} catch (AccessRightsException e) {
debug.error("DirectoryServicesImpl.removeEntry() Insufficient " + "access rights to remove entry: " + entryDN, e);
throw new AMException(token, "460");
} catch (EntryNotFoundException e) {
String entry = getEntryName(e);
debug.error("DirectoryServicesImpl.removeEntry() Entry not found: " + entry, e);
String msgid = getEntryNotFoundMsgID(type);
Object[] args = { entry };
String locale = CommonUtils.getUserLocale(token);
throw new AMException(AMSDKBundle.getString(msgid, args, locale), msgid, args);
} catch (UMSException e) {
debug.error("DirectoryServicesImpl.removeEntry() Unable to remove: " + " Internal error occurred: ", e);
throw new AMException(token, "325", e);
}
}
Also used :
AccessRightsException(com.iplanet.ums.AccessRightsException)
UMSException(com.iplanet.ums.UMSException)
ArrayList(java.util.ArrayList)
PersistentObject(com.iplanet.ums.PersistentObject)
AMException(com.iplanet.am.sdk.AMException)
RDN(org.forgerock.opendj.ldap.RDN)
DN(org.forgerock.opendj.ldap.DN)
Guid(com.iplanet.ums.Guid)
AMSearchResults(com.iplanet.am.sdk.AMSearchResults)
SearchResults(com.iplanet.ums.SearchResults)
EntryNotFoundException(com.iplanet.ums.EntryNotFoundException)
List(java.util.List)
ArrayList(java.util.ArrayList)
SearchControl(com.iplanet.ums.SearchControl)
AMPreCallBackException(com.iplanet.am.sdk.AMPreCallBackException)
Example 7 with EntryNotFoundException
use of com.iplanet.ums.EntryNotFoundException in project OpenAM by OpenRock.
the class DirectoryServicesImpl method removeSingleEntry.
/**
* Private method to delete a single entry
*/
private void removeSingleEntry(SSOToken token, String entryDN, int objectType, boolean softDelete) throws AMException, SSOException {
Map attributes = null;
EmailNotificationHelper mailer = null;
String eDN = entryDN;
if (objectType == AMObject.USER) {
eDN = DN.valueOf(entryDN).parent().toString();
}
String orgDN = getOrganizationDN(internalToken, eDN);
try {
if (objectType == AMObject.USER) {
// Extract a delete notification list
mailer = new EmailNotificationHelper(entryDN);
mailer.setUserDeleteNotificationList();
}
if ((getUserPostPlugin() != null) || (mailer != null && mailer.isPresentUserDeleteNotificationList())) {
// Obtain the attributes needed to send notification and also
// call backs as these won't be available after deletion
attributes = getAttributes(token, entryDN, objectType);
}
processPreDeleteCallBacks(token, entryDN, attributes, orgDN, objectType, softDelete);
// } else {
if (dcTreeImpl.isRequired()) {
String rfcDN = LDAPUtils.formatToRFC(entryDN);
dcTreeImpl.removeDomain(internalToken, rfcDN);
}
Guid guid = new Guid(entryDN);
UMSObject.removeObject(token, guid);
// }
} catch (AccessRightsException e) {
debug.error("DirectoryServicesImpl.removeEntry() Insufficient " + "access rights to remove entry: " + entryDN, e);
throw new AMException(token, "460");
} catch (EntryNotFoundException e) {
String entry = getEntryName(e);
debug.error("DirectoryServicesImpl.removeEntry() Entry not found: " + entry, e);
String msgid = getEntryNotFoundMsgID(objectType);
Object[] args = { entry };
String locale = CommonUtils.getUserLocale(token);
throw new AMException(AMSDKBundle.getString(msgid, args, locale), msgid, args);
} catch (UMSException e) {
debug.error("DirectoryServicesImpl.removeEntry() Unable to remove: " + " Internal error occurred: ", e);
throw new AMException(token, "325", e);
}
processPostDeleteCallBacks(token, entryDN, attributes, orgDN, objectType, softDelete);
if (objectType == AMObject.USER) {
AMUserEntryProcessed postPlugin = getUserPostPlugin();
if (postPlugin != null) {
// TODO: Remove after deprecating interface
postPlugin.processUserDelete(token, entryDN, attributes);
}
if (mailer != null && mailer.isPresentUserDeleteNotificationList()) {
mailer.sendUserDeleteNotification(attributes);
}
}
}
Also used :
AccessRightsException(com.iplanet.ums.AccessRightsException)
UMSException(com.iplanet.ums.UMSException)
EntryNotFoundException(com.iplanet.ums.EntryNotFoundException)
AMException(com.iplanet.am.sdk.AMException)
AMUserEntryProcessed(com.iplanet.am.sdk.AMUserEntryProcessed)
Guid(com.iplanet.ums.Guid)
Map(java.util.Map)
AMHashMap(com.iplanet.am.sdk.AMHashMap)
HashMap(java.util.HashMap)
TreeMap(java.util.TreeMap)
Example 8 with EntryNotFoundException
use of com.iplanet.ums.EntryNotFoundException in project OpenAM by OpenRock.
the class DirectoryServicesImpl method renameEntry.
/**
* Renames an entry. Currently used for only user renaming
*
* @param token
* the sso token
* @param objectType
* the type of entry
* @param entryDN
* the entry DN
* @param newName
* the new name (i.e., if RDN is cn=John, the value passed should
* be "John"
* @param deleteOldName
* if true the old name is deleted otherwise it is retained.
* @return new <code>DN</code> of the renamed entry
* @throws AMException
* if the operation was not successful
*/
public String renameEntry(SSOToken token, int objectType, String entryDN, String newName, boolean deleteOldName) throws AMException {
try {
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
String newRDN = getNamingAttribute(objectType) + "=" + newName;
po.rename(newRDN, deleteOldName);
return po.getDN();
} catch (AccessRightsException e) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.renameEntry(): User does " + "not have sufficient access rights ", e);
}
throw new AMException(token, "460");
} catch (EntryNotFoundException e) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.renameEntry(): Entry " + "not found: ", e);
}
String msgid = getEntryNotFoundMsgID(objectType);
String entryName = getEntryName(e);
Object[] args = { entryName };
throw new AMException(AMSDKBundle.getString(msgid, args), msgid, args);
} catch (UMSException ume) {
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.renameEntry(): Unable to " + "rename entry: ", ume);
}
throw new AMException(token, "360", ume);
}
}
Also used :
AccessRightsException(com.iplanet.ums.AccessRightsException)
UMSException(com.iplanet.ums.UMSException)
EntryNotFoundException(com.iplanet.ums.EntryNotFoundException)
PersistentObject(com.iplanet.ums.PersistentObject)
AMException(com.iplanet.am.sdk.AMException)
Guid(com.iplanet.ums.Guid)
Example 9 with EntryNotFoundException
use of com.iplanet.ums.EntryNotFoundException in project OpenAM by OpenRock.
the class ComplianceServicesImpl method verifyAndLinkGroupToRole.
/**
* Method which verifies if the <code>groupDN</code> corresponds to an
* administrative role. If true then the members listed in
* <Code>membersGuid</Code> are added to the admin role.
*
* @param token
* SSO Token
* @param membersGuid
* Guid array of members to be operated on
* @param groupDN
* DN of the role
*
* @exception AMException
* if unsuccessful in adding the members to the corresponding
* admin group. As a result of which the memberOf and
* adminRole attributes are also not updated.
*/
protected void verifyAndLinkGroupToRole(SSOToken token, Guid[] membersGuid, String groupDN) throws AMException {
// Obtain the role corresponding to groupDN
DN dn = DN.valueOf(groupDN);
String roleName = getRoleFromGroupDN(dn);
if (roleName != null) {
// roleDN corresponds to an admin role
String orgDN = dn.parent().parent().toString();
String roleDN = NamingAttributeManager.getNamingAttribute(AMObject.ROLE) + "=" + roleName + "," + orgDN;
if (debug.messageEnabled()) {
debug.message("Compliance.verifyAndLinkGroupToRole" + " Linking group: " + groupDN + " to role :" + roleDN);
}
try {
// Add the members to corresponding group.
ManagedRole role = (ManagedRole) UMSObject.getObject(token, new Guid(roleDN));
role.addMembers(membersGuid);
} catch (EntryNotFoundException ex) {
debug.error("Compliance.verifyAndLinkGroupToRole: Admin " + "groups are missing");
} catch (UMSException ue) {
debug.error("Compliance.verifyAndLinkGroupToRole():", ue);
Object[] args = { roleDN };
throw new AMException(AMSDKBundle.getString("972", args), "771", args);
}
}
}
Also used :
UMSException(com.iplanet.ums.UMSException)
EntryNotFoundException(com.iplanet.ums.EntryNotFoundException)
AMException(com.iplanet.am.sdk.AMException)
DN(org.forgerock.opendj.ldap.DN)
Guid(com.iplanet.ums.Guid)
ManagedRole(com.iplanet.ums.ManagedRole)
Example 10 with EntryNotFoundException
use of com.iplanet.ums.EntryNotFoundException in project OpenAM by OpenRock.
the class ComplianceServicesImpl method verifyAndUnLinkGroupToRole.
/**
* Method which verifies if the groupDN corresponds to an admin role. If
* true then the <Code> members </Code> are removed from the admin role.
*
* @param token Single Sign On Token.
* @param members Set of member DNs to be operated.
* @param groupDN Distinguished Name of the group.
* @throws AMException if unsuccessful in removing the members from the
* corresponding admin groups and updating the <code>memberOf</code>
* and <code>adminRole</code> attribute values to null.
*/
protected void verifyAndUnLinkGroupToRole(SSOToken token, Set members, String groupDN) throws AMException {
// Obtain the group corresponding to roleDN
DN dn = DN.valueOf(groupDN);
String roleName = getRoleFromGroupDN(dn);
if (roleName != null) {
String orgDN = dn.parent().parent().toString();
String roleDN = NamingAttributeManager.getNamingAttribute(AMObject.ROLE) + "=" + roleName + "," + orgDN;
if (debug.messageEnabled()) {
debug.message("Compliance.verifyAndUnlinkGroupToRole(): " + "Unlinking group: " + groupDN + " to role :" + roleDN);
}
// Remove the members from the admin role
Iterator itr = members.iterator();
try {
ManagedRole role = (ManagedRole) UMSObject.getObject(token, new Guid(roleDN));
while (itr.hasNext()) {
String memberDN = (String) itr.next();
role.removeMember(new Guid(memberDN));
}
} catch (EntryNotFoundException ex) {
debug.error("Compliance.verifyAndUnLinkGroupToRole: Admin " + "groups are missing");
} catch (UMSException ue) {
debug.error("Compliance.verifyAndUnLinkGroupToRole(): ", ue);
Object[] args = { roleDN };
throw new AMException(AMSDKBundle.getString("972", args), "772", args);
}
}
}
Also used :
UMSException(com.iplanet.ums.UMSException)
Iterator(java.util.Iterator)
EntryNotFoundException(com.iplanet.ums.EntryNotFoundException)
AMException(com.iplanet.am.sdk.AMException)
DN(org.forgerock.opendj.ldap.DN)
Guid(com.iplanet.ums.Guid)
ManagedRole(com.iplanet.ums.ManagedRole)
Aggregations
EntryNotFoundException (com.iplanet.ums.EntryNotFoundException)11
AMException (com.iplanet.am.sdk.AMException)10
UMSException (com.iplanet.ums.UMSException)10
Guid (com.iplanet.ums.Guid)9
DN (org.forgerock.opendj.ldap.DN)5
AccessRightsException (com.iplanet.ums.AccessRightsException)4
AssignableDynamicGroup (com.iplanet.ums.AssignableDynamicGroup)4
AttrSet (com.iplanet.services.ldap.AttrSet)3
ManagedRole (com.iplanet.ums.ManagedRole)3
PersistentObject (com.iplanet.ums.PersistentObject)3
SearchResults (com.iplanet.ums.SearchResults)3
AMHashMap (com.iplanet.am.sdk.AMHashMap)2
AMSearchResults (com.iplanet.am.sdk.AMSearchResults)2
AMUserEntryProcessed (com.iplanet.am.sdk.AMUserEntryProcessed)2
Attr (com.iplanet.services.ldap.Attr)2
DynamicGroup (com.iplanet.ums.DynamicGroup)2
HashMap (java.util.HashMap)2
Iterator (java.util.Iterator)2
Map (java.util.Map)2
TreeMap (java.util.TreeMap)2
