use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method verifyAndGetOrgDN.
/**
* Gets the Organization DN for the specified entryDN. If the entry itself
* is an org, then same DN is returned.
*
* @param token
* a valid SSOToken
* @param entryDN
* the entry whose parent Organization is to be obtained
* @param childDN
* the immediate entry whose parent Organization is to be
* obtained
* @return the DN String of the parent Organization
* @throws AMException
* if an error occured while obtaining the parent Organization
*/
public String verifyAndGetOrgDN(SSOToken token, String entryDN, String childDN) throws AMException {
if (entryDN.isEmpty() || DN.valueOf(entryDN).size() <= 0) {
debug.error("DirectoryServicesImpl.verifyAndGetOrgDN() Invalid " + "DN: " + entryDN);
throw new AMException(token, "157");
}
String organizationDN = null;
boolean errorCondition = false;
try {
PersistentObject po = UMSObject.getObjectHandle(internalToken, new Guid(childDN));
String searchFilter = getOrgSearchFilter(entryDN);
SearchResults result = po.search(searchFilter, aName, scontrol);
if (result.hasMoreElements()) {
// ABANDON logged in directory server access logs.
while (result.hasMoreElements()) {
result.next();
}
organizationDN = po.getGuid().toString().toLowerCase();
}
} catch (InvalidSearchFilterException e) {
errorCondition = true;
debug.error("DirectoryServicesImpl.verifyAndGetOrgDN(): Invalid " + "search filter, unable to get Parent Organization: ", e);
} catch (UMSException ue) {
errorCondition = true;
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.verifyAndGetOrgDN(): " + "Unable to Obtain Parent Organization", ue);
}
LdapException lex = (LdapException) ue.getRootCause();
ResultCode errorCode = lex.getResult().getResultCode();
if (retryErrorCodes.contains("" + errorCode)) {
throw new AMException(token, Integer.toString(errorCode.intValue()), ue);
}
}
if (errorCondition) {
String locale = CommonUtils.getUserLocale(token);
throw new AMException(AMSDKBundle.getString("124", locale), "124");
}
return organizationDN;
}
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method modifyRoleMembership.
/**
* @param token
* @param target
* @param members
* @param operation
* @param profileType
* @throws UMSException
* @throws AMException
*/
private void modifyRoleMembership(SSOToken token, String target, Set members, int operation, int profileType) throws UMSException, AMException {
ManagedRole role;
try {
role = (ManagedRole) UMSObject.getObject(token, new Guid(target));
} catch (ClassCastException e) {
debug.message("DirectoryServicesImpl.modifyRoleMembership() - Unable to " + "modify role membership", e);
throw new AMException(token, "350");
}
// Since this target cannot be an Org. Get the parent
String parentDN = role.getParentGuid().getDn();
String orgDN = getOrganizationDN(token, parentDN);
if (callBackHelper.isExistsPrePostPlugins(orgDN)) {
members = callBackHelper.preProcessModifyMemberShip(token, target, orgDN, members, operation, profileType);
if (members == null || members.isEmpty()) {
return;
}
}
switch(operation) {
case ADD_MEMBER:
Guid[] membersGuid = CommonUtils.toGuidArray(members);
role.addMembers(membersGuid);
// compilance related operations if needed.
if (ComplianceServicesImpl.isAdminGroupsEnabled(parentDN)) {
complianceImpl.verifyAndLinkRoleToGroup(token, membersGuid, target);
}
break;
case REMOVE_MEMBER:
// UMS does not have Role.removerMembers : TBD
Object[] entries = members.toArray();
for (int i = 0; i < entries.length; i++) {
role.removeMember(new Guid((String) entries[i]));
}
// compilance related operations if needed.
if (ComplianceServicesImpl.isAdminGroupsEnabled(parentDN)) {
complianceImpl.verifyAndUnLinkRoleToGroup(token, members, target);
}
break;
default:
throw new AMException(token, "114");
}
// role membership.
if (callBackHelper.isExistsPrePostPlugins(orgDN)) {
// Here the new members are just the ones added not the complete Set
callBackHelper.postProcessModifyMemberShip(token, target, orgDN, members, operation, profileType);
}
}
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method unRegisterService.
// Rename from removeService to unRegisterService
/**
* Un register service for a AMro profile.
*
* @param token
* SSOToken
* @param entryDN
* DN of the profile whose service is to be removed
* @param objectType
* profile type
* @param serviceName
* Service Name
* @param type
* Template type
*/
public void unRegisterService(SSOToken token, String entryDN, int objectType, String serviceName, int type) throws AMException {
if (type == AMTemplate.DYNAMIC_TEMPLATE) {
// TODO:change "cn" to fleasible naming attribute for AMObject.ROLE
try {
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
COSManager cm = null;
// COS Definition to obtaint depends on different profile type
switch(objectType) {
case AMObject.ROLE:
case AMObject.FILTERED_ROLE:
cm = COSManager.getCOSManager(token, po.getParentGuid());
break;
case AMObject.ORGANIZATION:
case AMObject.ORGANIZATIONAL_UNIT:
case AMObject.PEOPLE_CONTAINER:
cm = COSManager.getCOSManager(token, po.getGuid());
break;
default:
// does not have COS
throw new AMException(token, "450");
}
DirectCOSDefinition dcos;
try {
dcos = (DirectCOSDefinition) cm.getDefinition(serviceName);
} catch (COSNotFoundException e) {
if (debug.messageEnabled()) {
debug.message("DirectoryServicesImpl." + "unRegisterService() " + "No COSDefinition found for service: " + serviceName);
}
Object[] args = { serviceName };
String locale = CommonUtils.getUserLocale(token);
throw new AMException(AMSDKBundle.getString("463", args, locale), "463", args);
}
// Remove the COS Definition and Template
dcos.removeCOSTemplates();
cm.removeDefinition(serviceName);
} catch (AccessRightsException e) {
debug.error("DirectoryServicesImpl.unRegisterService() " + "Insufficient Access rights to unRegister service: ", e);
throw new AMException(token, "460");
} catch (UMSException e) {
debug.error("DirectoryServicesImpl.unRegisterService: " + "Unable to unregister service ", e);
throw new AMException(token, "855", e);
}
}
}
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method search.
/**
* Searches the Directory
*
* @param token
* SSOToken
* @param entryDN
* DN of the entry to start the search with
* @param searchFilter
* search filter
* @param searchScope
* search scope, BASE, ONELEVEL or SUBTREE
* @return Set set of matching DNs
*/
public Set search(SSOToken token, String entryDN, String searchFilter, int searchScope) throws AMException {
Set resultSet = Collections.EMPTY_SET;
try {
PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
SearchControl control = new SearchControl();
control.setSearchScope(searchScope);
SearchResults results = po.search(searchFilter, control);
resultSet = searchResultsToSet(results);
} catch (UMSException ue) {
LdapException lex = (LdapException) ue.getRootCause();
ResultCode errorCode = lex.getResult().getResultCode();
if (retryErrorCodes.contains("" + errorCode)) {
throw new AMException(token, Integer.toString(errorCode.intValue()), ue);
}
if (debug.warningEnabled()) {
debug.warning("DirectoryServicesImpl.search(token:, entryDN: " + entryDN + ", searchFilter: " + searchFilter + "searchScope: " + searchScope + " error occurred: ", ue);
}
processInternalException(token, ue, "341");
}
return resultSet;
}
use of com.iplanet.ums.Guid in project OpenAM by OpenRock.
the class DirectoryServicesImpl method removeSingleEntry.
/**
* Private method to delete a single entry
*/
private void removeSingleEntry(SSOToken token, String entryDN, int objectType, boolean softDelete) throws AMException, SSOException {
Map attributes = null;
EmailNotificationHelper mailer = null;
String eDN = entryDN;
if (objectType == AMObject.USER) {
eDN = DN.valueOf(entryDN).parent().toString();
}
String orgDN = getOrganizationDN(internalToken, eDN);
try {
if (objectType == AMObject.USER) {
// Extract a delete notification list
mailer = new EmailNotificationHelper(entryDN);
mailer.setUserDeleteNotificationList();
}
if ((getUserPostPlugin() != null) || (mailer != null && mailer.isPresentUserDeleteNotificationList())) {
// Obtain the attributes needed to send notification and also
// call backs as these won't be available after deletion
attributes = getAttributes(token, entryDN, objectType);
}
processPreDeleteCallBacks(token, entryDN, attributes, orgDN, objectType, softDelete);
// } else {
if (dcTreeImpl.isRequired()) {
String rfcDN = LDAPUtils.formatToRFC(entryDN);
dcTreeImpl.removeDomain(internalToken, rfcDN);
}
Guid guid = new Guid(entryDN);
UMSObject.removeObject(token, guid);
// }
} catch (AccessRightsException e) {
debug.error("DirectoryServicesImpl.removeEntry() Insufficient " + "access rights to remove entry: " + entryDN, e);
throw new AMException(token, "460");
} catch (EntryNotFoundException e) {
String entry = getEntryName(e);
debug.error("DirectoryServicesImpl.removeEntry() Entry not found: " + entry, e);
String msgid = getEntryNotFoundMsgID(objectType);
Object[] args = { entry };
String locale = CommonUtils.getUserLocale(token);
throw new AMException(AMSDKBundle.getString(msgid, args, locale), msgid, args);
} catch (UMSException e) {
debug.error("DirectoryServicesImpl.removeEntry() Unable to remove: " + " Internal error occurred: ", e);
throw new AMException(token, "325", e);
}
processPostDeleteCallBacks(token, entryDN, attributes, orgDN, objectType, softDelete);
if (objectType == AMObject.USER) {
AMUserEntryProcessed postPlugin = getUserPostPlugin();
if (postPlugin != null) {
// TODO: Remove after deprecating interface
postPlugin.processUserDelete(token, entryDN, attributes);
}
if (mailer != null && mailer.isPresentUserDeleteNotificationList()) {
mailer.sendUserDeleteNotification(attributes);
}
}
}
Aggregations