use of com.sun.identity.entitlement.ResourceSaveIndexes in project OpenAM by OpenRock.
the class TreeSaveIndex method getIndexes.
@Override
public ResourceSaveIndexes getIndexes(String policyRule) {
// Create legacy indexes first.
ResourceSaveIndexes legacyIndexes = legacySaveIndex.getIndexes(policyRule);
// Indexes are handled in lower case.
policyRule = policyRule.toLowerCase();
// Capture the full resource path as the path index.
Set<String> pathIndexes = new HashSet<String>();
pathIndexes.add(parsePolicyRule(policyRule));
return new ResourceSaveIndexes(legacyIndexes.getHostIndexes(), pathIndexes, legacyIndexes.getParentPathIndexes());
}
use of com.sun.identity.entitlement.ResourceSaveIndexes in project OpenAM by OpenRock.
the class DataStore method add.
/**
* Adds a privilege.
*
* @param adminSubject Admin Subject who has the rights to write to
* datastore.
* @param realm Realm name.
* @param p Privilege object.
* @return the DN of added privilege.
* @throws com.sun.identity.entitlement.EntitlementException if privilege
* cannot be added.
*/
public String add(Subject adminSubject, String realm, Privilege p) throws EntitlementException {
ResourceSaveIndexes indexes = p.getEntitlement().getResourceSaveIndexes(adminSubject, realm);
Set<String> subjectIndexes = SubjectAttributesManager.getSubjectSearchIndexes(p);
String dn = null;
try {
createDefaultSubConfig(adminToken, realm, null);
dn = getPrivilegeDistinguishedName(p.getName(), realm, null);
SMSEntry s = new SMSEntry(adminToken, dn);
Map<String, Set<String>> map = new HashMap<String, Set<String>>();
Set<String> searchable = new HashSet<String>();
map.put(SMSEntry.ATTR_XML_KEYVAL, searchable);
searchable.add(Privilege.RESOURCE_TYPE_UUID_ATTRIBUTE + "=" + p.getResourceTypeUuid());
if (indexes != null) {
for (String i : indexes.getHostIndexes()) {
searchable.add(HOST_INDEX_KEY + "=" + i);
}
for (String i : indexes.getPathIndexes()) {
searchable.add(PATH_INDEX_KEY + "=" + i);
}
for (String i : indexes.getParentPathIndexes()) {
searchable.add(PATH_PARENT_INDEX_KEY + "=" + i);
}
for (String i : subjectIndexes) {
searchable.add(SUBJECT_INDEX_KEY + "=" + i);
}
}
Set<String> setServiceID = new HashSet<String>(2);
map.put(SMSEntry.ATTR_SERVICE_ID, setServiceID);
setServiceID.add("indexes");
Set<String> set = new HashSet<String>(2);
map.put(SMSEntry.ATTR_KEYVAL, set);
set.add(SERIALIZABLE_INDEX_KEY + "=" + p.toJSONObject().toString());
Set<String> setObjectClass = new HashSet<String>(4);
map.put(SMSEntry.ATTR_OBJECTCLASS, setObjectClass);
setObjectClass.add(SMSEntry.OC_TOP);
setObjectClass.add(SMSEntry.OC_SERVICE_COMP);
Set<String> info = new HashSet<String>(8);
String privilegeName = p.getName();
if (privilegeName != null) {
info.add(Privilege.NAME_ATTRIBUTE + "=" + privilegeName);
}
String privilegeDesc = p.getDescription();
if (privilegeDesc != null) {
info.add(Privilege.DESCRIPTION_ATTRIBUTE + "=" + privilegeDesc);
}
String createdBy = p.getCreatedBy();
if (createdBy != null) {
info.add(Privilege.CREATED_BY_ATTRIBUTE + "=" + createdBy);
}
String lastModifiedBy = p.getLastModifiedBy();
if (lastModifiedBy != null) {
info.add(Privilege.LAST_MODIFIED_BY_ATTRIBUTE + "=" + lastModifiedBy);
}
long creationDate = p.getCreationDate();
if (creationDate > 0) {
String data = Long.toString(creationDate) + "=" + Privilege.CREATION_DATE_ATTRIBUTE;
info.add(data);
info.add("|" + data);
}
long lastModifiedDate = p.getLastModifiedDate();
if (lastModifiedDate > 0) {
String data = Long.toString(lastModifiedDate) + "=" + Privilege.LAST_MODIFIED_DATE_ATTRIBUTE;
info.add(data);
info.add("|" + data);
}
Entitlement ent = p.getEntitlement();
info.add(Privilege.APPLICATION_ATTRIBUTE + "=" + ent.getApplicationName());
for (String a : p.getApplicationIndexes()) {
info.add(Privilege.APPLICATION_ATTRIBUTE + "=" + a);
}
map.put("ou", info);
s.setAttributes(map);
s.save();
Map<String, String> params = new HashMap<String, String>();
params.put(NotificationServlet.ATTR_NAME, privilegeName);
params.put(NotificationServlet.ATTR_REALM_NAME, realm);
Notifier.submit(NotificationServlet.PRIVILEGE_ADDED, params);
updateIndexCount(realm, 1, false);
} catch (JSONException e) {
throw new EntitlementException(210, e);
} catch (SSOException e) {
throw new EntitlementException(210, e);
} catch (SMSException e) {
throw new EntitlementException(210, e);
}
return dn;
}
use of com.sun.identity.entitlement.ResourceSaveIndexes in project OpenAM by OpenRock.
the class TreeSaveIndexTest method normaliseSpecialWildcards.
@Test
public void normaliseSpecialWildcards() {
ResourceSaveIndexes result = saveIndex.getIndexes("http://www.test.com/-*-/hello");
Set<String> expectedResults = new HashSet<String>();
expectedResults.add("http://www.test.com/^/hello");
assertEquals(Arrays.asList("://www.test.com"), result.getHostIndexes());
assertEquals(expectedResults, result.getPathIndexes());
assertEquals(Arrays.asList("/"), result.getParentPathIndexes());
}
use of com.sun.identity.entitlement.ResourceSaveIndexes in project OpenAM by OpenRock.
the class DataStore method addReferral.
/**
* Adds a referral.
*
* @param adminSubject Admin Subject who has the rights to write to
* datastore.
* @param realm Realm name.
* @param referral Referral Privilege object.
* @return the DN of added privilege.
* @throws EntitlementException if privilege cannot be added.
*/
public String addReferral(Subject adminSubject, String realm, ReferralPrivilege referral) throws EntitlementException {
ResourceSaveIndexes indexes = referral.getResourceSaveIndexes(adminSubject, realm);
SSOToken token = getSSOToken(adminSubject);
String dn = null;
try {
createDefaultSubConfig(token, realm, REFERRAL_STORE);
dn = getPrivilegeDistinguishedName(referral.getName(), realm, REFERRAL_STORE);
SMSEntry s = new SMSEntry(token, dn);
Map<String, Set<String>> map = new HashMap<String, Set<String>>();
Set<String> searchable = new HashSet<String>();
map.put(SMSEntry.ATTR_XML_KEYVAL, searchable);
if (indexes != null) {
for (String i : indexes.getHostIndexes()) {
searchable.add(HOST_INDEX_KEY + "=" + i);
}
for (String i : indexes.getPathIndexes()) {
searchable.add(PATH_INDEX_KEY + "=" + i);
}
for (String i : indexes.getParentPathIndexes()) {
searchable.add(PATH_PARENT_INDEX_KEY + "=" + i);
}
}
Set<String> setServiceID = new HashSet<String>(2);
map.put(SMSEntry.ATTR_SERVICE_ID, setServiceID);
setServiceID.add("indexes");
Set<String> set = new HashSet<String>(2);
map.put(SMSEntry.ATTR_KEYVAL, set);
set.add(SERIALIZABLE_INDEX_KEY + "=" + referral.toJSON());
Set<String> setObjectClass = new HashSet<String>(4);
map.put(SMSEntry.ATTR_OBJECTCLASS, setObjectClass);
setObjectClass.add(SMSEntry.OC_TOP);
setObjectClass.add(SMSEntry.OC_SERVICE_COMP);
Set<String> info = new HashSet<String>(8);
String privilegeName = referral.getName();
if (privilegeName != null) {
info.add(Privilege.NAME_ATTRIBUTE + "=" + privilegeName);
}
String privilegeDesc = referral.getDescription();
if (privilegeDesc != null) {
info.add(Privilege.DESCRIPTION_ATTRIBUTE + "=" + privilegeDesc);
}
String createdBy = referral.getCreatedBy();
if (createdBy != null) {
info.add(Privilege.CREATED_BY_ATTRIBUTE + "=" + createdBy);
}
String lastModifiedBy = referral.getLastModifiedBy();
if (lastModifiedBy != null) {
info.add(Privilege.LAST_MODIFIED_BY_ATTRIBUTE + "=" + lastModifiedBy);
}
long creationDate = referral.getCreationDate();
if (creationDate > 0) {
String data = Long.toString(creationDate) + "=" + Privilege.CREATION_DATE_ATTRIBUTE;
info.add(data);
info.add("|" + data);
}
long lastModifiedDate = referral.getLastModifiedDate();
if (lastModifiedDate > 0) {
String data = Long.toString(lastModifiedDate) + "=" + Privilege.LAST_MODIFIED_DATE_ATTRIBUTE;
info.add(data);
info.add("|" + data);
}
for (String rlm : referral.getRealms()) {
info.add(REFERRAL_REALMS + "=" + rlm);
}
for (String n : referral.getApplicationTypeNames(adminSubject, realm)) {
info.add(REFERRAL_APPLS + "=" + n);
}
for (String n : referral.getMapApplNameToResources().keySet()) {
info.add(Privilege.APPLICATION_ATTRIBUTE + "=" + n);
}
map.put("ou", info);
s.setAttributes(map);
s.save();
Map<String, String> params = new HashMap<String, String>();
params.put(NotificationServlet.ATTR_NAME, privilegeName);
params.put(NotificationServlet.ATTR_REALM_NAME, realm);
Notifier.submit(NotificationServlet.REFERRAL_ADDED, params);
updateIndexCount(realm, 1, true);
} catch (SSOException e) {
throw new EntitlementException(270, e);
} catch (SMSException e) {
throw new EntitlementException(270, e);
}
return dn;
}
use of com.sun.identity.entitlement.ResourceSaveIndexes in project OpenAM by OpenRock.
the class OpenSSOIndexStore method delete.
/**
* Deletes a privilege from data store.
*
* @param privileges Privileges to be deleted.
* @throws EntitlementException if deletion
* failed.
*/
public void delete(Set<IPrivilege> privileges) throws EntitlementException {
Subject adminSubject = getAdminSubject();
String realm = getRealm();
for (IPrivilege p : privileges) {
String dn = null;
if (p instanceof Privilege) {
dn = delete(p.getName(), true);
} else {
dn = deleteReferral(p.getName(), true);
}
if (indexCacheSize > 0) {
ResourceSaveIndexes sIndex = p.getResourceSaveIndexes(adminSubject, DNMapper.orgNameToRealmName(realm));
if (sIndex != null) {
if (p instanceof Privilege) {
indexCache.clear(sIndex, dn);
} else {
referralIndexCache.clear(sIndex, dn);
}
}
}
}
}
Aggregations