Examples with SearchControl com.iplanet.ums.SearchControl used on opensource projects

Example 6 with SearchControl

use of com.iplanet.ums.SearchControl in project OpenAM by OpenRock.

the class AMObjectImpl method searchObjects.

protected AMSearchResults searchObjects(String namingAttr, String objectClassFilter, String wildcard, Map avPairs, AMSearchControl searchControl) throws AMException, SSOException {
    SSOTokenManager.getInstance().validateToken(token);
    StringBuilder filterSB = new StringBuilder();
    filterSB.append("(&").append(constructFilter(namingAttr, objectClassFilter, wildcard));
    if ((avPairs != null) && !avPairs.isEmpty()) {
        filterSB.append(constructFilter(avPairs));
    }
    filterSB.append(")");
    if (debug.messageEnabled()) {
        debug.message("AMObjectImpl.searchObjects(" + namingAttr + ", " + objectClassFilter + ", " + wildcard + ", Map): DN=" + entryDN + ", level " + searchControl.getSearchScope() + "\n" + mapToString(avPairs));
        debug.message("AMObjectImpl.searchObjects(): filter: " + filterSB.toString());
    }
    SearchControl sc = searchControl.getSearchControl();
    String[] returnAttrs = searchControl.getReturnAttributes();
    return dsServices.search(token, entryDN, filterSB.toString(), sc, returnAttrs);
}

Example 7 with SearchControl

use of com.iplanet.ums.SearchControl in project OpenAM by OpenRock.

the class DirectoryServicesImpl method removeSubtree.

/**
     * Private method used by "removeEntry" to delete an entire subtree
     */
private void removeSubtree(SSOToken token, String entryDN, boolean softDelete) throws AMException, SSOException {
    int type = AMObject.UNKNOWN_OBJECT_TYPE;
    try {
        Guid guid = new Guid(entryDN);
        PersistentObject po = UMSObject.getObjectHandle(internalToken, guid);
        // first get all the children of the object
        SearchControl control = new SearchControl();
        control.setSearchScope(SearchControl.SCOPE_SUB);
        String searchFilter = "(|(objectclass=*)(objectclass=ldapsubEntry))";
        List list = new ArrayList();
        // get number of RDNs in the entry itself
        int entryRDNs = DN.valueOf(entryDN).size();
        // to count maximum level of RDNs in the search return
        int maxRDNCount = entryRDNs;
        // go through all search results, add DN to the list, and
        // set the maximun RDN count, will be used to remove DNs
        SearchResults children = po.getChildren(searchFilter, control);
        while (children.hasMoreElements()) {
            PersistentObject object = children.next();
            DN dn = DN.valueOf(object.getDN());
            if (debug.messageEnabled()) {
                debug.message("DirectoryServicesImpl.removeEntry(): " + "found child: " + object.getDN());
            }
            int count = dn.size();
            if (count > maxRDNCount) {
                maxRDNCount = count;
            }
            list.add(dn);
        }
        if (debug.messageEnabled()) {
            debug.message("DirectoryServicesImpl.removeEntry(): max " + "RDNs: " + maxRDNCount);
        }
        // go through all search results, delete entries from the
        // bottom up, starting from entries whose's RDN count
        // equals the maxRDNCount
        // TODO : If the list has too many entries, then the multiple
        // iteration in the inner for loop may be the bottleneck.
        // One enhancement to the existing algorithm is to store all
        // the entries by level in a different List. Per Sai's comments
        int len = list.size();
        for (int i = maxRDNCount; i >= entryRDNs; i--) {
            for (int j = 0; j < len; j++) {
                DN dn = (DN) list.get(j);
                // check if we need delete it now
                if (dn.size() == i) {
                    // remove the entry
                    if (debug.messageEnabled()) {
                        debug.message("DirectoryServicesImpl." + "removeEntry(): del " + dn.toString());
                    }
                    String rfcDN = dn.toString();
                    type = AMObject.UNKNOWN_OBJECT_TYPE;
                    try {
                        type = getObjectType(internalToken, rfcDN);
                    } catch (AMException ae) {
                        // Not a managed type, just delete it.
                        Guid g = new Guid(rfcDN);
                        UMSObject.removeObject(token, g);
                    }
                    // Do a non-recursive delete
                    if (type != AMObject.UNKNOWN_OBJECT_TYPE && type != AMObject.UNDETERMINED_OBJECT_TYPE) {
                        try {
                            removeSingleEntry(token, rfcDN, type, softDelete);
                        } catch (AMPreCallBackException amp) {
                            debug.error("DirectoryServicesImpl." + "removeSubTree: Aborting delete of: " + rfcDN + " due to pre-callback exception", amp);
                        }
                    }
                    // remove the deleted entry from the list
                    list.remove(j);
                    // move back pointer, as current element is removed
                    j--;
                    // reduce list length
                    len--;
                }
            }
        }
    } catch (AccessRightsException e) {
        debug.error("DirectoryServicesImpl.removeEntry() Insufficient " + "access rights to remove entry: " + entryDN, e);
        throw new AMException(token, "460");
    } catch (EntryNotFoundException e) {
        String entry = getEntryName(e);
        debug.error("DirectoryServicesImpl.removeEntry() Entry not found: " + entry, e);
        String msgid = getEntryNotFoundMsgID(type);
        Object[] args = { entry };
        String locale = CommonUtils.getUserLocale(token);
        throw new AMException(AMSDKBundle.getString(msgid, args, locale), msgid, args);
    } catch (UMSException e) {
        debug.error("DirectoryServicesImpl.removeEntry() Unable to remove: " + " Internal error occurred: ", e);
        throw new AMException(token, "325", e);
    }
}

Example 8 with SearchControl

use of com.iplanet.ums.SearchControl in project OpenAM by OpenRock.

the class DirectoryServicesImpl method search.

/**
     * Searches the Directory
     * 
     * @param token
     *            SSOToken
     * @param entryDN
     *            DN of the entry to start the search with
     * @param searchFilter
     *            search filter
     * @param searchScope
     *            search scope, BASE, ONELEVEL or SUBTREE
     * @return Set set of matching DNs
     */
public Set search(SSOToken token, String entryDN, String searchFilter, int searchScope) throws AMException {
    Set resultSet = Collections.EMPTY_SET;
    try {
        PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
        SearchControl control = new SearchControl();
        control.setSearchScope(searchScope);
        SearchResults results = po.search(searchFilter, control);
        resultSet = searchResultsToSet(results);
    } catch (UMSException ue) {
        LdapException lex = (LdapException) ue.getRootCause();
        ResultCode errorCode = lex.getResult().getResultCode();
        if (retryErrorCodes.contains("" + errorCode)) {
            throw new AMException(token, Integer.toString(errorCode.intValue()), ue);
        }
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.search(token:, entryDN: " + entryDN + ", searchFilter: " + searchFilter + "searchScope: " + searchScope + " error occurred: ", ue);
        }
        processInternalException(token, ue, "341");
    }
    return resultSet;
}

Example 9 with SearchControl

use of com.iplanet.ums.SearchControl in project OpenAM by OpenRock.

the class AMFilteredRoleImpl method searchUsers.

/**
     * Searches for users in this role using wildcards and attribute values.
     * Wildcards can be specified such as a*, *, *a. To further refine the
     * search, attribute-value pairs can be specifed so that distinguished name
     * of users with matching attribute-value pairs will be returned.
     * 
     * @param wildcard
     *            pattern to be used in the search.
     * @param avPairs
     *            attribute-value pairs to match when searching users.
     * @param searchControl
     *            specifies the search scope to be used, VLV ranges etc.
     * @return <code>AMSearchResults</code> which contains a set distinguished
     *         name of users matching the search.
     * @throws AMException
     *             if there is an internal error in the access management Store.
     * @throws SSOException
     *             if the single sign on token is no longer valid.
     */
public AMSearchResults searchUsers(String wildcard, Map avPairs, AMSearchControl searchControl) throws AMException, SSOException {
    int level = searchControl.getSearchScope();
    if ((level != AMConstants.SCOPE_ONE) && (level != AMConstants.SCOPE_SUB)) {
        throw new AMException(AMSDKBundle.getString("123", super.locale), "123");
    }
    if ((wildcard == null) || (wildcard.length() == 0)) {
        throw new AMException(AMSDKBundle.getString("122", super.locale), "122");
    }
    String userFilter = "(&(" + AMNamingAttrManager.getNamingAttr(USER) + "=" + wildcard + ")" + getFilter() + ")";
    String filter = null;
    if (avPairs == null) {
        filter = userFilter;
    } else {
        if (avPairs.isEmpty()) {
            filter = userFilter;
        } else {
            StringBuilder filterSB = new StringBuilder();
            filterSB.append("(&").append(userFilter).append("(|");
            Iterator iter = avPairs.keySet().iterator();
            while (iter.hasNext()) {
                String attributeName = (String) (iter.next());
                Iterator iter2 = ((Set) (avPairs.get(attributeName))).iterator();
                while (iter2.hasNext()) {
                    String attributeValue = (String) iter2.next();
                    filterSB.append("(").append(attributeName).append("=").append(attributeValue).append(")");
                }
            }
            filterSB.append("))");
            filter = filterSB.toString();
        }
    }
    SearchControl sc = searchControl.getSearchControl();
    String[] returnAttrs = searchControl.getReturnAttributes();
    return dsServices.search(super.token, getOrganizationDN(), filter, sc, returnAttrs);
}

Example 10 with SearchControl

use of com.iplanet.ums.SearchControl in project OpenAM by OpenRock.

the class AMFilteredRoleImpl method searchUsers.

/**
     * Searches for users in this role using wildcards and attribute values.
     * Wildcards can be specified such as a*, *, *a. To further refine the
     * search, attribute-value pairs can be specifed so that distinguished name
     * of users with matching attribute-value pairs will be returned.
     * 
     * @param wildcard
     *            pattern to be used in the search.
     * @param avPairs
     *            attribute-value pairs to match when searching users.
     * @param searchControl
     *            specifies the search scope to be used, VLV ranges etc.
     * @return <code>AMSearchResults</code> which contains a set distinguished
     *         name of users matching the search.
     * @throws AMException
     *             if there is an internal error in the access management Store.
     * @throws SSOException
     *             if the single sign on token is no longer valid.
     */
public AMSearchResults searchUsers(AMSearchControl searchControl, String avFilter) throws AMException, SSOException {
    int level = searchControl.getSearchScope();
    if ((level != AMConstants.SCOPE_ONE) && (level != AMConstants.SCOPE_SUB)) {
        throw new AMException(AMSDKBundle.getString("123", super.locale), "123");
    }
    String filter = "(&" + getFilter() + avFilter + ")";
    if (debug.messageEnabled()) {
        debug.message("AMFilteredRoleImpl.searchUsers: " + filter);
    }
    searchControl.setSearchScope(AMConstants.SCOPE_SUB);
    SearchControl sc = searchControl.getSearchControl();
    String[] returnAttrs = searchControl.getReturnAttributes();
    return dsServices.search(super.token, getOrganizationDN(), filter, sc, returnAttrs);
}