Example 36 with Guid
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class ComplianceServicesImpl method isAncestorOrgDeleted.
/**
* Method which checks all the parent organizations of this entry till the
* base DN, and returns true if any one of them is deleted.
*
* @param token Single Sign On token of user.
* @param dn Distinguished name of the object.
* @param profileType the profile type of the object whose ancestor is
* being checked.
* @throws AMException if there are errors from data layer.
*/
public boolean isAncestorOrgDeleted(SSOToken token, String dn, int profileType) throws AMException {
if (debug.messageEnabled()) {
debug.message("Compliance.isAncestorOrgDeleted-> " + " checking from... " + dn);
}
String tdn = DN.valueOf(dn).toString().toLowerCase();
if ((profileType == AMObject.ORGANIZATION) && deletedOrg.containsKey(tdn)) {
if (((Boolean) deletedOrg.get(tdn)).booleanValue()) {
return true;
}
// else continue
}
if (profileType != AMObject.ORGANIZATION) {
tdn = DirectoryServicesFactory.getInstance().getOrganizationDN(internalToken, dn);
}
while (!tdn.equalsIgnoreCase(rootSuffix)) {
// Check to see if ancestor is in the cache deleted cache.
if (debug.messageEnabled()) {
debug.message("Compliance.isAncestorOrgDeleted-> " + "Checking for deleted status of " + tdn);
}
if (deletedOrg.containsKey(tdn)) {
return ((Boolean) deletedOrg.get(tdn)).booleanValue();
}
try {
PersistentObject po = UMSObject.getObject(internalToken, new Guid(tdn));
Attr attr = po.getAttribute(ORG_STATUS_ATTRIBUTE);
if (debug.messageEnabled() && (attr != null)) {
debug.message("Compliance.isAncestorOrgDeleted-> " + ORG_STATUS_ATTRIBUTE + "=" + attr.toString());
}
if (((attr != null) && (attr.size() != 0)) && attr.contains("deleted")) {
// Org is deleted
if (debug.messageEnabled()) {
debug.message("isAncestorOrgDeleted: caching org: " + tdn + " as deleted");
}
synchronized (deletedOrg) {
deletedOrg.put(tdn, Boolean.TRUE);
}
// who is deleted so return true.
return true;
} else {
if (debug.messageEnabled()) {
debug.message("isAncestorOrgDeleted: caching org: " + tdn + " as active");
}
synchronized (deletedOrg) {
deletedOrg.put(tdn, Boolean.FALSE);
}
}
} catch (UMSException umse) {
debug.error("Compliance.isAncestorOrgDeleted-> " + "UMSException", umse);
return false;
}
// continue till we reach the rootSuffix. any one of
// the ancestors could still be marked deleted.
tdn = DirectoryServicesFactory.getInstance().getOrganizationDN(token, dn);
}
// reached the rootsuffix. This will should never be marked deleted
return false;
}
Also used :
UMSException(com.iplanet.ums.UMSException)
PersistentObject(com.iplanet.ums.PersistentObject)
Guid(com.iplanet.ums.Guid)
Attr(com.iplanet.services.ldap.Attr)
Example 37 with Guid
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class ComplianceServicesImpl method verifyAndUnLinkGroupToRole.
/**
* Method which verifies if the groupDN corresponds to an admin role. If
* true then the <Code> members </Code> are removed from the admin role.
*
* @param token Single Sign On Token.
* @param members Set of member DNs to be operated.
* @param groupDN Distinguished Name of the group.
* @throws AMException if unsuccessful in removing the members from the
* corresponding admin groups and updating the <code>memberOf</code>
* and <code>adminRole</code> attribute values to null.
*/
protected void verifyAndUnLinkGroupToRole(SSOToken token, Set members, String groupDN) throws AMException {
// Obtain the group corresponding to roleDN
DN dn = DN.valueOf(groupDN);
String roleName = getRoleFromGroupDN(dn);
if (roleName != null) {
String orgDN = dn.parent().parent().toString();
String roleDN = NamingAttributeManager.getNamingAttribute(AMObject.ROLE) + "=" + roleName + "," + orgDN;
if (debug.messageEnabled()) {
debug.message("Compliance.verifyAndUnlinkGroupToRole(): " + "Unlinking group: " + groupDN + " to role :" + roleDN);
}
// Remove the members from the admin role
Iterator itr = members.iterator();
try {
ManagedRole role = (ManagedRole) UMSObject.getObject(token, new Guid(roleDN));
while (itr.hasNext()) {
String memberDN = (String) itr.next();
role.removeMember(new Guid(memberDN));
}
} catch (EntryNotFoundException ex) {
debug.error("Compliance.verifyAndUnLinkGroupToRole: Admin " + "groups are missing");
} catch (UMSException ue) {
debug.error("Compliance.verifyAndUnLinkGroupToRole(): ", ue);
Object[] args = { roleDN };
throw new AMException(AMSDKBundle.getString("972", args), "772", args);
}
}
}
Also used :
UMSException(com.iplanet.ums.UMSException)
Iterator(java.util.Iterator)
EntryNotFoundException(com.iplanet.ums.EntryNotFoundException)
AMException(com.iplanet.am.sdk.AMException)
DN(org.forgerock.opendj.ldap.DN)
Guid(com.iplanet.ums.Guid)
ManagedRole(com.iplanet.ums.ManagedRole)
Example 38 with Guid
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class ComplianceServicesImpl method checkIfDeletedUser.
/**
* Method which checks if the entry corresponding to userDN represents a
* deleted user entry (entry with inetuserstatus:deleted)
*
* @param token
* a SSOToken object
* @param userDN
* a String representing a user DN
*
* @exception AMEntryExistsException
* if the userDN corresponds to a deleted user
*/
protected void checkIfDeletedUser(SSOToken token, String userDN) throws AMEntryExistsException {
String[] userAttribute = { USER_STATUS_ATTRIBUTE };
Attr attr;
try {
PersistentObject po = UMSObject.getObject(token, new Guid(userDN), userAttribute);
attr = po.getAttribute(USER_STATUS_ATTRIBUTE);
} catch (UMSException ue) {
if (debug.messageEnabled())
debug.message("Compliance.checkIfDeletedUser(): ", ue);
return;
}
if (attr != null) {
String attrValue = attr.getValue();
if (attrValue != null && attrValue.equalsIgnoreCase("deleted")) {
debug.warning("Compliance.checkIfDeletedUser(): " + "deleted user entry: " + userDN);
throw new AMEntryExistsException(AMSDKBundle.getString("329"), "329");
}
}
}
Also used :
UMSException(com.iplanet.ums.UMSException)
PersistentObject(com.iplanet.ums.PersistentObject)
Guid(com.iplanet.ums.Guid)
Attr(com.iplanet.services.ldap.Attr)
AMEntryExistsException(com.iplanet.am.sdk.AMEntryExistsException)
Example 39 with Guid
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class MiscUtils method toGuidArray.
/**
* Convert a Set to Guid object array
*
* @param set
* the Set to be converted
* @return an array of Guid[] objects
*/
public static Guid[] toGuidArray(Set set) {
Object[] obj = set.toArray();
Guid[] ss = new Guid[obj.length];
for (int i = 0; i < obj.length; i++) {
ss[i] = new Guid((String) obj[i]);
}
return ss;
}
Also used :
Guid(com.iplanet.ums.Guid)
Example 40 with Guid
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method removeSubtree.
/**
* Private method used by "removeEntry" to delete an entire subtree
*/
private void removeSubtree(SSOToken token, String entryDN, boolean softDelete) throws AMException, SSOException {
int type = AMObject.UNKNOWN_OBJECT_TYPE;
try {
Guid guid = new Guid(entryDN);
PersistentObject po = UMSObject.getObjectHandle(internalToken, guid);
// first get all the children of the object
SearchControl control = new SearchControl();
control.setSearchScope(SearchControl.SCOPE_SUB);
String searchFilter = "(|(objectclass=*)(objectclass=ldapsubEntry))";
List list = new ArrayList();
// get number of RDNs in the entry itself
int entryRDNs = DN.valueOf(entryDN).size();
// to count maximum level of RDNs in the search return
int maxRDNCount = entryRDNs;
// go through all search results, add DN to the list, and
// set the maximun RDN count, will be used to remove DNs
SearchResults children = po.getChildren(searchFilter, control);
while (children.hasMoreElements()) {
PersistentObject object = children.next();
DN dn = DN.valueOf(object.getDN());
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl.removeEntry(): " + "found child: " + object.getDN());
}
int count = dn.size();
if (count > maxRDNCount) {
maxRDNCount = count;
}
list.add(dn);
}
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl.removeEntry(): max " + "RDNs: " + maxRDNCount);
}
// go through all search results, delete entries from the
// bottom up, starting from entries whose's RDN count
// equals the maxRDNCount
// TODO : If the list has too many entries, then the multiple
// iteration in the inner for loop may be the bottleneck.
// One enhancement to the existing algorithm is to store all
// the entries by level in a different List. Per Sai's comments
int len = list.size();
for (int i = maxRDNCount; i >= entryRDNs; i--) {
for (int j = 0; j < len; j++) {
DN dn = (DN) list.get(j);
// check if we need delete it now
if (dn.size() == i) {
// remove the entry
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl." + "removeEntry(): del " + dn.toString());
}
String rfcDN = dn.toString();
type = AMObject.UNKNOWN_OBJECT_TYPE;
try {
type = getObjectType(internalToken, rfcDN);
} catch (AMException ae) {
// Not a managed type, just delete it.
Guid g = new Guid(rfcDN);
UMSObject.removeObject(token, g);
}
// Do a non-recursive delete
if (type != AMObject.UNKNOWN_OBJECT_TYPE && type != AMObject.UNDETERMINED_OBJECT_TYPE) {
try {
removeSingleEntry(token, rfcDN, type, softDelete);
} catch (AMPreCallBackException amp) {
debug.error("DirectoryServicesImpl." + "removeSubTree: Aborting delete of: " + rfcDN + " due to pre-callback exception", amp);
}
}
// remove the deleted entry from the list
list.remove(j);
// move back pointer, as current element is removed
j--;
// reduce list length
len--;
}
}
}
} catch (AccessRightsException e) {
debug.error("DirectoryServicesImpl.removeEntry() Insufficient " + "access rights to remove entry: " + entryDN, e);
throw new AMException(token, "460");
} catch (EntryNotFoundException e) {
String entry = getEntryName(e);
debug.error("DirectoryServicesImpl.removeEntry() Entry not found: " + entry, e);
String msgid = getEntryNotFoundMsgID(type);
Object[] args = { entry };
String locale = CommonUtils.getUserLocale(token);
throw new AMException(AMSDKBundle.getString(msgid, args, locale), msgid, args);
} catch (UMSException e) {
debug.error("DirectoryServicesImpl.removeEntry() Unable to remove: " + " Internal error occurred: ", e);
throw new AMException(token, "325", e);
}
}
Also used :
AccessRightsException(com.iplanet.ums.AccessRightsException)
UMSException(com.iplanet.ums.UMSException)
ArrayList(java.util.ArrayList)
PersistentObject(com.iplanet.ums.PersistentObject)
AMException(com.iplanet.am.sdk.AMException)
RDN(org.forgerock.opendj.ldap.RDN)
DN(org.forgerock.opendj.ldap.DN)
Guid(com.iplanet.ums.Guid)
AMSearchResults(com.iplanet.am.sdk.AMSearchResults)
SearchResults(com.iplanet.ums.SearchResults)
EntryNotFoundException(com.iplanet.ums.EntryNotFoundException)
List(java.util.List)
ArrayList(java.util.ArrayList)
SearchControl(com.iplanet.ums.SearchControl)
AMPreCallBackException(com.iplanet.am.sdk.AMPreCallBackException)
Aggregations
Guid (com.iplanet.ums.Guid)63
UMSException (com.iplanet.ums.UMSException)41
AMException (com.iplanet.am.sdk.AMException)33
PersistentObject (com.iplanet.ums.PersistentObject)29
AttrSet (com.iplanet.services.ldap.AttrSet)23
Attr (com.iplanet.services.ldap.Attr)16
CreationTemplate (com.iplanet.ums.CreationTemplate)13
TemplateManager (com.iplanet.ums.TemplateManager)13
EntryNotFoundException (com.iplanet.ums.EntryNotFoundException)11
AccessRightsException (com.iplanet.ums.AccessRightsException)10
AssignableDynamicGroup (com.iplanet.ums.AssignableDynamicGroup)9
DomainComponentTree (com.iplanet.ums.dctree.DomainComponentTree)8
AMEntryExistsException (com.iplanet.am.sdk.AMEntryExistsException)6
EntryAlreadyExistsException (com.iplanet.ums.EntryAlreadyExistsException)6
SearchResults (com.iplanet.ums.SearchResults)6
DN (org.forgerock.opendj.ldap.DN)6
LdapException (org.forgerock.opendj.ldap.LdapException)6
AMSearchResults (com.iplanet.am.sdk.AMSearchResults)5
ManagedRole (com.iplanet.ums.ManagedRole)5
OrderedSet (com.sun.identity.shared.datastruct.OrderedSet)5
