use of com.sun.identity.cli.CLIException in project OpenAM by OpenRock.
the class SetConfigurations method handleRequest.
/**
* Services a Commandline Request.
*
* @param rc Request Context.
* @throws CLIException if the request cannot serviced.
*/
@Override
public void handleRequest(RequestContext rc) throws CLIException {
super.handleRequest(rc);
ldapLogin();
String datafile = getStringOptionValue(IArgument.DATA_FILE);
List attrValues = rc.getOption(IArgument.ATTRIBUTE_VALUES);
if ((datafile == null) && (attrValues == null)) {
throw new CLIException(getResourceString("missing-attributevalues"), ExitCodes.INCORRECT_OPTION, rc.getSubCommand().getName());
}
Map<String, Set<String>> attributeValues = AttributeValues.parse(getCommandManager(), datafile, attrValues);
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_MODIFY_ENTITLEMENT_SVC", null);
try {
ServiceSchemaManager ssm = new ServiceSchemaManager(EntitlementService.SERVICE_NAME, getAdminSSOToken());
validateData(attributeValues, ssm);
ServiceSchema gss = ssm.getGlobalSchema();
gss.setAttributeDefaults(attributeValues);
getOutputWriter().printlnMessage(getResourceString("set-entitlement-config-succeeded"));
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEEDED_MODIFY_ENTITLEMENT_SVC", null);
} catch (SMSException e) {
String[] paramExs = { e.getMessage() };
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_MODIFY_ENTITLEMENT_SVC", paramExs);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (SSOException e) {
String[] paramExs = { e.getMessage() };
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_MODIFY_ENTITLEMENT_SVC", paramExs);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (CLIException e) {
String[] paramExs = { e.getMessage() };
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_MODIFY_ENTITLEMENT_SVC", paramExs);
throw e;
}
}
use of com.sun.identity.cli.CLIException in project OpenAM by OpenRock.
the class DeleteRealm method handleRequest.
/**
* Services a Commandline Request.
*
* @param rc Request Context.
* @throws CLIException if the request cannot serviced.
*/
public void handleRequest(RequestContext rc) throws CLIException {
super.handleRequest(rc);
ldapLogin();
SSOToken adminSSOToken = getAdminSSOToken();
String realm = getStringOptionValue(IArgument.REALM_NAME);
boolean recursive = isOptionSet(IArgument.RECURSIVE);
String strRecursive = (recursive) ? "recursive" : "non recursive";
String[] params = { realm, strRecursive };
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_DELETE_REALM", params);
try {
OrganizationConfigManager ocm = new OrganizationConfigManager(adminSSOToken, realm);
ocm.deleteSubOrganization(null, recursive);
getOutputWriter().printlnMessage(getResourceString("delete-realm-succeed"));
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_DELETE_REALM", params);
} catch (SMSException e) {
String[] args = { realm, strRecursive, e.getMessage() };
debugError("DeleteRealm.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_DELETE_REALM", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
}
use of com.sun.identity.cli.CLIException in project OpenAM by OpenRock.
the class ListXACML method getPolicies.
/**
* Uses the Realm and Search Filters to identify all Privileges in the Entitlement
* framework to export.
*
* @throws CLIException If there was an unexpected error.
*/
private void getPolicies() throws CLIException {
FileOutputStream fout = null;
PrintWriter pwout = null;
if (outfile != null) {
try {
fout = new FileOutputStream(outfile, true);
pwout = new PrintWriter(fout, true);
} catch (FileNotFoundException e) {
debugError("ListXACML.handleXACMLPolicyRequest", e);
try {
if (fout != null) {
fout.close();
}
} catch (IOException ex) {
//do nothing
}
throw new CLIException(e, ExitCodes.IO_EXCEPTION);
} catch (SecurityException e) {
debugError("ListXACML.handleXACMLPolicyRequest", e);
try {
if (fout != null) {
fout.close();
}
} catch (IOException ex) {
//do nothing
}
throw new CLIException(e, ExitCodes.IO_EXCEPTION);
}
}
PolicySet policySet = null;
try {
PrivilegeValidator privilegeValidator = new PrivilegeValidator(new RealmValidator(new OrganizationConfigManager(adminSSOToken, "/")));
XACMLExportImport importExport = new XACMLExportImport(new XACMLExportImport.PrivilegeManagerFactory(), new XACMLReaderWriter(), privilegeValidator, new SearchFilterFactory(), PrivilegeManager.debug);
policySet = importExport.exportXACML(realm, adminSubject, filters);
} catch (EntitlementException e) {
String[] args = { realm, e.getMessage() };
debugError("ListXACML.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_POLICY_IN_REALM", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (SMSException e) {
String[] args = { realm, e.getMessage() };
debugError("ListXACML.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_POLICY_IN_REALM", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
if (policySet == null || policySet.getPolicySetOrPolicyOrPolicySetIdReference().isEmpty()) {
String[] arg = { realm };
outputWriter.printlnMessage(MessageFormat.format(getResourceString("get-policy-in-realm-no-policies"), (Object[]) arg));
} else {
try {
if (pwout != null) {
pwout.write(XACMLPrivilegeUtils.toXML(policySet));
} else {
outputWriter.printlnMessage(XACMLPrivilegeUtils.toXML(policySet));
}
} catch (EntitlementException e) {
throw new CLIException(e, ExitCodes.IO_EXCEPTION);
}
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_GET_POLICY_IN_REALM", new String[] { realm });
String[] arg = { realm };
outputWriter.printlnMessage(MessageFormat.format(getResourceString("get-policy-in-realm-succeed"), (Object[]) arg));
if (pwout != null) {
try {
pwout.close();
fout.close();
} catch (IOException e) {
//do nothing
}
}
}
}
use of com.sun.identity.cli.CLIException in project OpenAM by OpenRock.
the class ListXACML method handleRequest.
/**
* Services a Commandline Request.
*
* @param rc Request Context.
* @throws CLIException if the request cannot serviced.
*/
public void handleRequest(RequestContext rc) throws CLIException {
super.handleRequest(rc);
ldapLogin();
// FIXME: change to use entitlementService.xacmlPrivilegeEnabled()
EntitlementConfiguration ec = EntitlementConfiguration.getInstance(adminSubject, "/");
if (!ec.migratedToEntitlementService()) {
String[] args = { realm, "ANY", "list-xacml not supported in legacy policy mode" };
debugError("ListXACML.handleRequest(): " + "list-xacml not supported in legacy policy mode");
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_POLICY_IN_REALM", args);
throw new CLIException(getResourceString("list-xacml-not-supported-in-legacy-policy-mode"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED, "list-xacml");
}
adminSSOToken = getAdminSSOToken();
if (!XACMLUtils.hasPermission(realm, adminSSOToken, "READ")) {
String errorMessage = MessageFormat.format(getResourceString("permission-denied"), "list-xacml", getAdminID());
String[] args = { realm, "ANY", errorMessage };
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_POLICY_IN_REALM", args);
throw new CLIException(errorMessage, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
adminSubject = SubjectUtils.createSubject(adminSSOToken);
realm = getStringOptionValue(IArgument.REALM_NAME);
getPolicyNamesOnly = isOptionSet("namesonly");
filters = (List) rc.getOption(ARGUMENT_POLICY_NAMES);
outfile = getStringOptionValue(IArgument.OUTPUT_FILE);
outputWriter = getOutputWriter();
if (getPolicyNamesOnly) {
getPolicyNames();
} else {
getPolicies();
}
}
use of com.sun.identity.cli.CLIException in project OpenAM by OpenRock.
the class RemoveApplicationPrivilegeResources method handleRequest.
/**
* Services a Commandline Request.
*
* @param rc Request Context.
* @throws CLIException if the request cannot serviced.
*/
@Override
public void handleRequest(RequestContext rc) throws CLIException {
super.handleRequest(rc);
String realm = getStringOptionValue(IArgument.REALM_NAME);
String name = getStringOptionValue(PARAM_NAME);
String[] params = { realm, name };
try {
Map<String, Set<String>> mapAppToResources = getApplicationResourcesMap(rc, realm);
Subject userSubject = SubjectUtils.createSubject(getAdminSSOToken());
ApplicationPrivilegeManager apm = ApplicationPrivilegeManager.getInstance(realm, userSubject);
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_UPDATE_APPLICATION_PRIVILEGE", params);
ApplicationPrivilege appPrivilege = apm.getPrivilege(name);
Map<String, Set<String>> origAppToResources = getApplicationToResources(appPrivilege);
removeFromMap(origAppToResources, mapAppToResources);
if (origAppToResources.isEmpty()) {
throw new CLIException(getResourceString("remove-application-privilege-resources-emptied-resources"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
appPrivilege.setApplicationResources(origAppToResources);
apm.replacePrivilege(appPrivilege);
Object[] msgParam = { name };
getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("update-application-privilege-succeeded"), msgParam));
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEEDED_UPDATE_APPLICATION_PRIVILEGE", params);
} catch (EntitlementException ex) {
String[] paramExs = { realm, name, ex.getMessage() };
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_UPDATE_APPLICATION_PRIVILEGE", paramExs);
throw new CLIException(ex, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
}
Aggregations