Search in sources :

Example 11 with CLIException

use of com.sun.identity.cli.CLIException in project OpenAM by OpenRock.

the class GetPrivileges method handleRequest.

/**
     * Services a Commandline Request.
     *
     * @param rc Request Context.
     * @throws CLIException if the request cannot serviced.
     */
public void handleRequest(RequestContext rc) throws CLIException {
    super.handleRequest(rc);
    SSOToken adminSSOToken = getAdminSSOToken();
    IOutput outputWriter = getOutputWriter();
    String realm = getStringOptionValue(IArgument.REALM_NAME);
    String idName = getStringOptionValue(ARGUMENT_ID_NAME);
    String type = getStringOptionValue(ARGUMENT_ID_TYPE);
    IdType idType = convert2IdType(type);
    String[] params = { realm, type, idName };
    try {
        DelegationManager mgr = new DelegationManager(adminSSOToken, realm);
        AMIdentityRepository amir = new AMIdentityRepository(adminSSOToken, realm);
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_IDREPO_GET_PRIVILEGES", params);
        AMIdentity amid;
        if (idType.equals(IdType.ROLE) && idName.equalsIgnoreCase(ALL_AUTHENTICATED_USERS)) {
            //realm needs to be /, see DelegationPolicyImpl#privilegeToPolicy implementation
            amid = new AMIdentity(adminSSOToken, idName, idType, "/", null);
        //do not check the existense of all authenticated users role as it would fail
        } else {
            amid = new AMIdentity(adminSSOToken, idName, idType, realm, null);
            if (!amid.isExists()) {
                Object[] p = { idName, type };
                throw new CLIException(MessageFormat.format(getResourceString("identity-does-not-exist"), p), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
            }
        }
        Set results = mgr.getPrivileges(amid.getUniversalId());
        if ((results != null) && !results.isEmpty()) {
            String[] param = { "" };
            String msg = getResourceString("privilege-result");
            for (Iterator i = results.iterator(); i.hasNext(); ) {
                DelegationPrivilege p = (DelegationPrivilege) i.next();
                param[0] = p.getName();
                outputWriter.printlnMessage(MessageFormat.format(msg, (Object[]) param));
            }
        } else {
            outputWriter.printlnMessage(getResourceString("no-privileges"));
        }
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_IDREPO_GET_PRIVILEGES", params);
    } catch (DelegationException e) {
        String[] args = { realm, type, idName, e.getMessage() };
        debugError("GetPrivileges.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_IDREPO_GET_PRIVILEGES", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } catch (IdRepoException e) {
        String[] args = { realm, type, idName, e.getMessage() };
        debugError("GetPrivileges.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_IDREPO_GET_PRIVILEGES", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } catch (SSOException e) {
        String[] args = { realm, type, idName, e.getMessage() };
        debugError("GetPrivileges.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_IDREPO_GET_PRIVILEGES", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
}
Also used : SSOToken(com.iplanet.sso.SSOToken) Set(java.util.Set) IdRepoException(com.sun.identity.idm.IdRepoException) DelegationException(com.sun.identity.delegation.DelegationException) SSOException(com.iplanet.sso.SSOException) IdType(com.sun.identity.idm.IdType) DelegationPrivilege(com.sun.identity.delegation.DelegationPrivilege) IOutput(com.sun.identity.cli.IOutput) DelegationManager(com.sun.identity.delegation.DelegationManager) AMIdentity(com.sun.identity.idm.AMIdentity) AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository) Iterator(java.util.Iterator) CLIException(com.sun.identity.cli.CLIException)

Example 12 with CLIException

use of com.sun.identity.cli.CLIException in project OpenAM by OpenRock.

the class ShowConfigurations method handleRequest.

/**
     * Services a Commandline Request.
     *
     * @param rc Request Context.
     * @throws CLIException if the request cannot serviced.
     */
@Override
public void handleRequest(RequestContext rc) throws CLIException {
    super.handleRequest(rc);
    ldapLogin();
    writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_SHOW_ENTITLEMENT_SVC", null);
    try {
        ServiceSchemaManager ssm = new ServiceSchemaManager(EntitlementService.SERVICE_NAME, getAdminSSOToken());
        ServiceSchema gss = ssm.getGlobalSchema();
        Map<String, Set<String>> defaults = gss.getAttributeDefaults();
        getOutputWriter().printlnMessage(FormatUtils.printAttributeValues(getResourceString("get-attr-values-of-entitlement-service"), defaults));
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEEDED_SHOW_ENTITLEMENT_SVC", null);
    } catch (SMSException e) {
        String[] paramExs = { e.getMessage() };
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_SHOW_ENTITLEMENT_SVC", paramExs);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } catch (SSOException e) {
        String[] paramExs = { e.getMessage() };
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_SHOW_ENTITLEMENT_SVC", paramExs);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
}
Also used : ServiceSchema(com.sun.identity.sm.ServiceSchema) Set(java.util.Set) SMSException(com.sun.identity.sm.SMSException) CLIException(com.sun.identity.cli.CLIException) SSOException(com.iplanet.sso.SSOException) ServiceSchemaManager(com.sun.identity.sm.ServiceSchemaManager)

Example 13 with CLIException

use of com.sun.identity.cli.CLIException in project OpenAM by OpenRock.

the class UpdateApplicationPrivilege method handleRequest.

/**
     * Services a Commandline Request.
     *
     * @param rc Request Context.
     * @throws CLIException if the request cannot serviced.
     */
@Override
public void handleRequest(RequestContext rc) throws CLIException {
    super.handleRequest(rc);
    String realm = getStringOptionValue(IArgument.REALM_NAME);
    String name = getStringOptionValue(PARAM_NAME);
    String[] params = { realm, name };
    String description = getStringOptionValue(PARAM_DESCRIPTION);
    boolean hasDescription = (description != null) && description.trim().length() > 0;
    String actions = getStringOptionValue(PARAM_ACTIONS);
    ApplicationPrivilege.PossibleAction action = (actions != null) ? getActions() : null;
    if (!hasDescription && (action == null)) {
        throw new CLIException(getResourceString("update-application-privilege-invalid"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
    Subject userSubject = SubjectUtils.createSubject(getAdminSSOToken());
    ApplicationPrivilegeManager apm = ApplicationPrivilegeManager.getInstance(realm, userSubject);
    writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_UPDATE_APPLICATION_PRIVILEGE", params);
    try {
        ApplicationPrivilege appPrivilege = apm.getPrivilege(name);
        if (hasDescription) {
            appPrivilege.setDescription(description);
        }
        if (action != null) {
            appPrivilege.setActionValues(action);
        }
        apm.replacePrivilege(appPrivilege);
        Object[] msgParam = { name };
        getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("update-application-privilege-succeeded"), msgParam));
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEEDED_UPDATE_APPLICATION_PRIVILEGE", params);
    } catch (EntitlementException ex) {
        String[] paramExs = { realm, name, ex.getMessage() };
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_UPDATE_APPLICATION_PRIVILEGE", paramExs);
        throw new CLIException(ex, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
}
Also used : EntitlementException(com.sun.identity.entitlement.EntitlementException) ApplicationPrivilege(com.sun.identity.entitlement.ApplicationPrivilege) CLIException(com.sun.identity.cli.CLIException) ApplicationPrivilegeManager(com.sun.identity.entitlement.ApplicationPrivilegeManager) Subject(javax.security.auth.Subject)

Example 14 with CLIException

use of com.sun.identity.cli.CLIException in project OpenAM by OpenRock.

the class AddMember method handleRequest.

/**
     * Services a Commandline Request.
     *
     * @param rc Request Context.
     * @throws CLIException if the request cannot serviced.
     */
public void handleRequest(RequestContext rc) throws CLIException {
    super.handleRequest(rc);
    SSOToken adminSSOToken = getAdminSSOToken();
    IOutput outputWriter = getOutputWriter();
    String realm = getStringOptionValue(IArgument.REALM_NAME);
    String idName = getStringOptionValue(ARGUMENT_ID_NAME);
    String type = getStringOptionValue(ARGUMENT_ID_TYPE);
    IdType idType = convert2IdType(type);
    String memberIdName = getStringOptionValue(ARGUMENT_MEMBER_IDNAME);
    String memberType = getStringOptionValue(ARGUMENT_MEMBER_IDTYPE);
    IdType memberIdType = convert2IdType(memberType);
    String[] params = { realm, type, idName, memberIdName, memberType };
    try {
        AMIdentityRepository amir = new AMIdentityRepository(adminSSOToken, realm);
        Set memberOfs = memberIdType.canBeMemberOf();
        if (!memberOfs.contains(idType)) {
            String[] args = { type, memberType };
            throw new CLIException(MessageFormat.format(getResourceString("idrepo-cannot-be-member"), (Object[]) args), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_IDREPO_ADD_MEMBER", params);
        AMIdentity amid = new AMIdentity(adminSSOToken, idName, idType, realm, null);
        AMIdentity memberAmid = new AMIdentity(adminSSOToken, memberIdName, memberIdType, realm, null);
        String[] args = { memberIdName, idName };
        amid.addMember(memberAmid);
        outputWriter.printlnMessage(MessageFormat.format(getResourceString("idrepo-get-addmember-succeed"), (Object[]) args));
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_IDREPO_ADD_MEMBER", params);
    } catch (IdRepoException e) {
        String[] args = { realm, type, idName, memberIdName, memberType, e.getMessage() };
        debugError("AddMember.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_IDREPO_ADD_MEMBER", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } catch (SSOException e) {
        String[] args = { realm, type, idName, memberIdName, memberType, e.getMessage() };
        debugError("AddMember.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_IDREPO_ADD_MEMBER", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
}
Also used : SSOToken(com.iplanet.sso.SSOToken) Set(java.util.Set) IOutput(com.sun.identity.cli.IOutput) AMIdentity(com.sun.identity.idm.AMIdentity) AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository) IdRepoException(com.sun.identity.idm.IdRepoException) CLIException(com.sun.identity.cli.CLIException) SSOException(com.iplanet.sso.SSOException) IdType(com.sun.identity.idm.IdType)

Example 15 with CLIException

use of com.sun.identity.cli.CLIException in project OpenAM by OpenRock.

the class GetServiceAttributes method handleRequest.

/**
     * Services a Commandline Request.
     *
     * @param rc Request Context.
     * @throws CLIException if the request cannot serviced.
     */
public void handleRequest(RequestContext rc) throws CLIException {
    super.handleRequest(rc);
    SSOToken adminSSOToken = getAdminSSOToken();
    IOutput outputWriter = getOutputWriter();
    String realm = getStringOptionValue(IArgument.REALM_NAME);
    String idName = getStringOptionValue(ARGUMENT_ID_NAME);
    String type = getStringOptionValue(ARGUMENT_ID_TYPE);
    String serviceName = getStringOptionValue(IArgument.SERVICE_NAME);
    IdType idType = convert2IdType(type);
    String[] params = { realm, type, idName, serviceName };
    try {
        AMIdentityRepository amir = new AMIdentityRepository(adminSSOToken, realm);
        Set set = amir.getAllowedIdOperations(idType);
        if (!set.contains(IdOperation.SERVICE)) {
            throw new CLIException(MessageFormat.format(getResourceString("realm-does-not-support-service"), (Object[]) params), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_IDREPO_GET_SERVICE_ATTRIBUTES", params);
        AMIdentity amid = new AMIdentity(adminSSOToken, idName, idType, realm, null);
        Map values = amid.getServiceAttributes(serviceName);
        if ((values != null) && !values.isEmpty()) {
            String msg = getResourceString("idrepo-service-attribute-result");
            String[] arg = { "", "" };
            for (Iterator i = values.keySet().iterator(); i.hasNext(); ) {
                String attrName = (String) i.next();
                Set attrValues = (Set) values.get(attrName);
                arg[0] = attrName;
                arg[1] = tokenize(attrValues);
                outputWriter.printlnMessage(MessageFormat.format(msg, (Object[]) arg));
            }
        } else {
            outputWriter.printlnMessage(getResourceString("idrepo-no-service-attributes"));
        }
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_IDREPO_GET_SERVICE_ATTRIBUTES", params);
    } catch (IdRepoException e) {
        String[] args = { realm, type, idName, serviceName, e.getMessage() };
        debugError("GetServiceAttributes.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_IDREPO_GET_SERVICE_ATTRIBUTES", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } catch (SSOException e) {
        String[] args = { realm, type, idName, serviceName, e.getMessage() };
        debugError("GetServiceAttributes.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_IDREPO_GET_SERVICE_ATTRIBUTES", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
}
Also used : SSOToken(com.iplanet.sso.SSOToken) Set(java.util.Set) IdRepoException(com.sun.identity.idm.IdRepoException) SSOException(com.iplanet.sso.SSOException) IdType(com.sun.identity.idm.IdType) IOutput(com.sun.identity.cli.IOutput) AMIdentity(com.sun.identity.idm.AMIdentity) AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository) Iterator(java.util.Iterator) CLIException(com.sun.identity.cli.CLIException) Map(java.util.Map)

Aggregations

CLIException (com.sun.identity.cli.CLIException)282 SSOException (com.iplanet.sso.SSOException)171 SMSException (com.sun.identity.sm.SMSException)150 IOutput (com.sun.identity.cli.IOutput)136 SSOToken (com.iplanet.sso.SSOToken)116 Set (java.util.Set)88 Iterator (java.util.Iterator)62 List (java.util.List)61 IOException (java.io.IOException)53 IdRepoException (com.sun.identity.idm.IdRepoException)48 ServiceSchema (com.sun.identity.sm.ServiceSchema)46 AMIdentity (com.sun.identity.idm.AMIdentity)43 Map (java.util.Map)42 ServiceSchemaManager (com.sun.identity.sm.ServiceSchemaManager)33 AMIdentityRepository (com.sun.identity.idm.AMIdentityRepository)29 AttributeSchema (com.sun.identity.sm.AttributeSchema)28 CLIRequest (com.sun.identity.cli.CLIRequest)27 AfterTest (org.testng.annotations.AfterTest)27 BeforeTest (org.testng.annotations.BeforeTest)27 Test (org.testng.annotations.Test)27