Search in sources :

Example 6 with SearchControl

use of com.iplanet.ums.SearchControl in project OpenAM by OpenRock.

the class AMObjectImpl method searchObjects.

protected AMSearchResults searchObjects(String namingAttr, String objectClassFilter, String wildcard, Map avPairs, AMSearchControl searchControl) throws AMException, SSOException {
    SSOTokenManager.getInstance().validateToken(token);
    StringBuilder filterSB = new StringBuilder();
    filterSB.append("(&").append(constructFilter(namingAttr, objectClassFilter, wildcard));
    if ((avPairs != null) && !avPairs.isEmpty()) {
        filterSB.append(constructFilter(avPairs));
    }
    filterSB.append(")");
    if (debug.messageEnabled()) {
        debug.message("AMObjectImpl.searchObjects(" + namingAttr + ", " + objectClassFilter + ", " + wildcard + ", Map): DN=" + entryDN + ", level " + searchControl.getSearchScope() + "\n" + mapToString(avPairs));
        debug.message("AMObjectImpl.searchObjects(): filter: " + filterSB.toString());
    }
    SearchControl sc = searchControl.getSearchControl();
    String[] returnAttrs = searchControl.getReturnAttributes();
    return dsServices.search(token, entryDN, filterSB.toString(), sc, returnAttrs);
}
Also used : SearchControl(com.iplanet.ums.SearchControl)

Example 7 with SearchControl

use of com.iplanet.ums.SearchControl in project OpenAM by OpenRock.

the class DirectoryServicesImpl method removeSubtree.

/**
     * Private method used by "removeEntry" to delete an entire subtree
     */
private void removeSubtree(SSOToken token, String entryDN, boolean softDelete) throws AMException, SSOException {
    int type = AMObject.UNKNOWN_OBJECT_TYPE;
    try {
        Guid guid = new Guid(entryDN);
        PersistentObject po = UMSObject.getObjectHandle(internalToken, guid);
        // first get all the children of the object
        SearchControl control = new SearchControl();
        control.setSearchScope(SearchControl.SCOPE_SUB);
        String searchFilter = "(|(objectclass=*)(objectclass=ldapsubEntry))";
        List list = new ArrayList();
        // get number of RDNs in the entry itself
        int entryRDNs = DN.valueOf(entryDN).size();
        // to count maximum level of RDNs in the search return
        int maxRDNCount = entryRDNs;
        // go through all search results, add DN to the list, and
        // set the maximun RDN count, will be used to remove DNs
        SearchResults children = po.getChildren(searchFilter, control);
        while (children.hasMoreElements()) {
            PersistentObject object = children.next();
            DN dn = DN.valueOf(object.getDN());
            if (debug.messageEnabled()) {
                debug.message("DirectoryServicesImpl.removeEntry(): " + "found child: " + object.getDN());
            }
            int count = dn.size();
            if (count > maxRDNCount) {
                maxRDNCount = count;
            }
            list.add(dn);
        }
        if (debug.messageEnabled()) {
            debug.message("DirectoryServicesImpl.removeEntry(): max " + "RDNs: " + maxRDNCount);
        }
        // go through all search results, delete entries from the
        // bottom up, starting from entries whose's RDN count
        // equals the maxRDNCount
        // TODO : If the list has too many entries, then the multiple
        // iteration in the inner for loop may be the bottleneck.
        // One enhancement to the existing algorithm is to store all
        // the entries by level in a different List. Per Sai's comments
        int len = list.size();
        for (int i = maxRDNCount; i >= entryRDNs; i--) {
            for (int j = 0; j < len; j++) {
                DN dn = (DN) list.get(j);
                // check if we need delete it now
                if (dn.size() == i) {
                    // remove the entry
                    if (debug.messageEnabled()) {
                        debug.message("DirectoryServicesImpl." + "removeEntry(): del " + dn.toString());
                    }
                    String rfcDN = dn.toString();
                    type = AMObject.UNKNOWN_OBJECT_TYPE;
                    try {
                        type = getObjectType(internalToken, rfcDN);
                    } catch (AMException ae) {
                        // Not a managed type, just delete it.
                        Guid g = new Guid(rfcDN);
                        UMSObject.removeObject(token, g);
                    }
                    // Do a non-recursive delete
                    if (type != AMObject.UNKNOWN_OBJECT_TYPE && type != AMObject.UNDETERMINED_OBJECT_TYPE) {
                        try {
                            removeSingleEntry(token, rfcDN, type, softDelete);
                        } catch (AMPreCallBackException amp) {
                            debug.error("DirectoryServicesImpl." + "removeSubTree: Aborting delete of: " + rfcDN + " due to pre-callback exception", amp);
                        }
                    }
                    // remove the deleted entry from the list
                    list.remove(j);
                    // move back pointer, as current element is removed
                    j--;
                    // reduce list length
                    len--;
                }
            }
        }
    } catch (AccessRightsException e) {
        debug.error("DirectoryServicesImpl.removeEntry() Insufficient " + "access rights to remove entry: " + entryDN, e);
        throw new AMException(token, "460");
    } catch (EntryNotFoundException e) {
        String entry = getEntryName(e);
        debug.error("DirectoryServicesImpl.removeEntry() Entry not found: " + entry, e);
        String msgid = getEntryNotFoundMsgID(type);
        Object[] args = { entry };
        String locale = CommonUtils.getUserLocale(token);
        throw new AMException(AMSDKBundle.getString(msgid, args, locale), msgid, args);
    } catch (UMSException e) {
        debug.error("DirectoryServicesImpl.removeEntry() Unable to remove: " + " Internal error occurred: ", e);
        throw new AMException(token, "325", e);
    }
}
Also used : AccessRightsException(com.iplanet.ums.AccessRightsException) UMSException(com.iplanet.ums.UMSException) ArrayList(java.util.ArrayList) PersistentObject(com.iplanet.ums.PersistentObject) AMException(com.iplanet.am.sdk.AMException) RDN(org.forgerock.opendj.ldap.RDN) DN(org.forgerock.opendj.ldap.DN) Guid(com.iplanet.ums.Guid) AMSearchResults(com.iplanet.am.sdk.AMSearchResults) SearchResults(com.iplanet.ums.SearchResults) EntryNotFoundException(com.iplanet.ums.EntryNotFoundException) List(java.util.List) ArrayList(java.util.ArrayList) SearchControl(com.iplanet.ums.SearchControl) AMPreCallBackException(com.iplanet.am.sdk.AMPreCallBackException)

Example 8 with SearchControl

use of com.iplanet.ums.SearchControl in project OpenAM by OpenRock.

the class DirectoryServicesImpl method search.

/**
     * Searches the Directory
     * 
     * @param token
     *            SSOToken
     * @param entryDN
     *            DN of the entry to start the search with
     * @param searchFilter
     *            search filter
     * @param searchScope
     *            search scope, BASE, ONELEVEL or SUBTREE
     * @return Set set of matching DNs
     */
public Set search(SSOToken token, String entryDN, String searchFilter, int searchScope) throws AMException {
    Set resultSet = Collections.EMPTY_SET;
    try {
        PersistentObject po = UMSObject.getObjectHandle(token, new Guid(entryDN));
        SearchControl control = new SearchControl();
        control.setSearchScope(searchScope);
        SearchResults results = po.search(searchFilter, control);
        resultSet = searchResultsToSet(results);
    } catch (UMSException ue) {
        LdapException lex = (LdapException) ue.getRootCause();
        ResultCode errorCode = lex.getResult().getResultCode();
        if (retryErrorCodes.contains("" + errorCode)) {
            throw new AMException(token, Integer.toString(errorCode.intValue()), ue);
        }
        if (debug.warningEnabled()) {
            debug.warning("DirectoryServicesImpl.search(token:, entryDN: " + entryDN + ", searchFilter: " + searchFilter + "searchScope: " + searchScope + " error occurred: ", ue);
        }
        processInternalException(token, ue, "341");
    }
    return resultSet;
}
Also used : Set(java.util.Set) OrderedSet(com.sun.identity.shared.datastruct.OrderedSet) TreeSet(java.util.TreeSet) HashSet(java.util.HashSet) AttrSet(com.iplanet.services.ldap.AttrSet) UMSException(com.iplanet.ums.UMSException) PersistentObject(com.iplanet.ums.PersistentObject) AMException(com.iplanet.am.sdk.AMException) Guid(com.iplanet.ums.Guid) SearchControl(com.iplanet.ums.SearchControl) AMSearchResults(com.iplanet.am.sdk.AMSearchResults) SearchResults(com.iplanet.ums.SearchResults) LdapException(org.forgerock.opendj.ldap.LdapException) ResultCode(org.forgerock.opendj.ldap.ResultCode)

Example 9 with SearchControl

use of com.iplanet.ums.SearchControl in project OpenAM by OpenRock.

the class AMFilteredRoleImpl method searchUsers.

/**
     * Searches for users in this role using wildcards and attribute values.
     * Wildcards can be specified such as a*, *, *a. To further refine the
     * search, attribute-value pairs can be specifed so that distinguished name
     * of users with matching attribute-value pairs will be returned.
     * 
     * @param wildcard
     *            pattern to be used in the search.
     * @param avPairs
     *            attribute-value pairs to match when searching users.
     * @param searchControl
     *            specifies the search scope to be used, VLV ranges etc.
     * @return <code>AMSearchResults</code> which contains a set distinguished
     *         name of users matching the search.
     * @throws AMException
     *             if there is an internal error in the access management Store.
     * @throws SSOException
     *             if the single sign on token is no longer valid.
     */
public AMSearchResults searchUsers(String wildcard, Map avPairs, AMSearchControl searchControl) throws AMException, SSOException {
    int level = searchControl.getSearchScope();
    if ((level != AMConstants.SCOPE_ONE) && (level != AMConstants.SCOPE_SUB)) {
        throw new AMException(AMSDKBundle.getString("123", super.locale), "123");
    }
    if ((wildcard == null) || (wildcard.length() == 0)) {
        throw new AMException(AMSDKBundle.getString("122", super.locale), "122");
    }
    String userFilter = "(&(" + AMNamingAttrManager.getNamingAttr(USER) + "=" + wildcard + ")" + getFilter() + ")";
    String filter = null;
    if (avPairs == null) {
        filter = userFilter;
    } else {
        if (avPairs.isEmpty()) {
            filter = userFilter;
        } else {
            StringBuilder filterSB = new StringBuilder();
            filterSB.append("(&").append(userFilter).append("(|");
            Iterator iter = avPairs.keySet().iterator();
            while (iter.hasNext()) {
                String attributeName = (String) (iter.next());
                Iterator iter2 = ((Set) (avPairs.get(attributeName))).iterator();
                while (iter2.hasNext()) {
                    String attributeValue = (String) iter2.next();
                    filterSB.append("(").append(attributeName).append("=").append(attributeValue).append(")");
                }
            }
            filterSB.append("))");
            filter = filterSB.toString();
        }
    }
    SearchControl sc = searchControl.getSearchControl();
    String[] returnAttrs = searchControl.getReturnAttributes();
    return dsServices.search(super.token, getOrganizationDN(), filter, sc, returnAttrs);
}
Also used : Set(java.util.Set) Iterator(java.util.Iterator) SearchControl(com.iplanet.ums.SearchControl)

Example 10 with SearchControl

use of com.iplanet.ums.SearchControl in project OpenAM by OpenRock.

the class AMFilteredRoleImpl method searchUsers.

/**
     * Searches for users in this role using wildcards and attribute values.
     * Wildcards can be specified such as a*, *, *a. To further refine the
     * search, attribute-value pairs can be specifed so that distinguished name
     * of users with matching attribute-value pairs will be returned.
     * 
     * @param wildcard
     *            pattern to be used in the search.
     * @param avPairs
     *            attribute-value pairs to match when searching users.
     * @param searchControl
     *            specifies the search scope to be used, VLV ranges etc.
     * @return <code>AMSearchResults</code> which contains a set distinguished
     *         name of users matching the search.
     * @throws AMException
     *             if there is an internal error in the access management Store.
     * @throws SSOException
     *             if the single sign on token is no longer valid.
     */
public AMSearchResults searchUsers(AMSearchControl searchControl, String avFilter) throws AMException, SSOException {
    int level = searchControl.getSearchScope();
    if ((level != AMConstants.SCOPE_ONE) && (level != AMConstants.SCOPE_SUB)) {
        throw new AMException(AMSDKBundle.getString("123", super.locale), "123");
    }
    String filter = "(&" + getFilter() + avFilter + ")";
    if (debug.messageEnabled()) {
        debug.message("AMFilteredRoleImpl.searchUsers: " + filter);
    }
    searchControl.setSearchScope(AMConstants.SCOPE_SUB);
    SearchControl sc = searchControl.getSearchControl();
    String[] returnAttrs = searchControl.getReturnAttributes();
    return dsServices.search(super.token, getOrganizationDN(), filter, sc, returnAttrs);
}
Also used : SearchControl(com.iplanet.ums.SearchControl)

Aggregations

SearchControl (com.iplanet.ums.SearchControl)16 AMSearchResults (com.iplanet.am.sdk.AMSearchResults)5 AMException (com.iplanet.am.sdk.AMException)4 Guid (com.iplanet.ums.Guid)4 PersistentObject (com.iplanet.ums.PersistentObject)4 SearchResults (com.iplanet.ums.SearchResults)4 UMSException (com.iplanet.ums.UMSException)4 Set (java.util.Set)4 SortKey (com.iplanet.ums.SortKey)3 HashSet (java.util.HashSet)3 Iterator (java.util.Iterator)3 HashMap (java.util.HashMap)2 Map (java.util.Map)2 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2 ConcurrentSkipListMap (java.util.concurrent.ConcurrentSkipListMap)2 AMPreCallBackException (com.iplanet.am.sdk.AMPreCallBackException)1 Attr (com.iplanet.services.ldap.Attr)1 AttrSet (com.iplanet.services.ldap.AttrSet)1 AccessRightsException (com.iplanet.ums.AccessRightsException)1 EntryNotFoundException (com.iplanet.ums.EntryNotFoundException)1