Search in sources :

Example 1 with ResourceSaveIndexes

use of com.sun.identity.entitlement.ResourceSaveIndexes in project OpenAM by OpenRock.

the class TreeSaveIndex method getIndexes.

@Override
public ResourceSaveIndexes getIndexes(String policyRule) {
    // Create legacy indexes first.
    ResourceSaveIndexes legacyIndexes = legacySaveIndex.getIndexes(policyRule);
    // Indexes are handled in lower case.
    policyRule = policyRule.toLowerCase();
    // Capture the full resource path as the path index.
    Set<String> pathIndexes = new HashSet<String>();
    pathIndexes.add(parsePolicyRule(policyRule));
    return new ResourceSaveIndexes(legacyIndexes.getHostIndexes(), pathIndexes, legacyIndexes.getParentPathIndexes());
}
Also used : ResourceSaveIndexes(com.sun.identity.entitlement.ResourceSaveIndexes) HashSet(java.util.HashSet)

Example 2 with ResourceSaveIndexes

use of com.sun.identity.entitlement.ResourceSaveIndexes in project OpenAM by OpenRock.

the class DataStore method add.

/**
     * Adds a privilege.
     *
     * @param adminSubject Admin Subject who has the rights to write to
     *        datastore.
     * @param realm Realm name.
     * @param p Privilege object.
     * @return the DN of added privilege.
     * @throws com.sun.identity.entitlement.EntitlementException if privilege
     * cannot be added.
     */
public String add(Subject adminSubject, String realm, Privilege p) throws EntitlementException {
    ResourceSaveIndexes indexes = p.getEntitlement().getResourceSaveIndexes(adminSubject, realm);
    Set<String> subjectIndexes = SubjectAttributesManager.getSubjectSearchIndexes(p);
    String dn = null;
    try {
        createDefaultSubConfig(adminToken, realm, null);
        dn = getPrivilegeDistinguishedName(p.getName(), realm, null);
        SMSEntry s = new SMSEntry(adminToken, dn);
        Map<String, Set<String>> map = new HashMap<String, Set<String>>();
        Set<String> searchable = new HashSet<String>();
        map.put(SMSEntry.ATTR_XML_KEYVAL, searchable);
        searchable.add(Privilege.RESOURCE_TYPE_UUID_ATTRIBUTE + "=" + p.getResourceTypeUuid());
        if (indexes != null) {
            for (String i : indexes.getHostIndexes()) {
                searchable.add(HOST_INDEX_KEY + "=" + i);
            }
            for (String i : indexes.getPathIndexes()) {
                searchable.add(PATH_INDEX_KEY + "=" + i);
            }
            for (String i : indexes.getParentPathIndexes()) {
                searchable.add(PATH_PARENT_INDEX_KEY + "=" + i);
            }
            for (String i : subjectIndexes) {
                searchable.add(SUBJECT_INDEX_KEY + "=" + i);
            }
        }
        Set<String> setServiceID = new HashSet<String>(2);
        map.put(SMSEntry.ATTR_SERVICE_ID, setServiceID);
        setServiceID.add("indexes");
        Set<String> set = new HashSet<String>(2);
        map.put(SMSEntry.ATTR_KEYVAL, set);
        set.add(SERIALIZABLE_INDEX_KEY + "=" + p.toJSONObject().toString());
        Set<String> setObjectClass = new HashSet<String>(4);
        map.put(SMSEntry.ATTR_OBJECTCLASS, setObjectClass);
        setObjectClass.add(SMSEntry.OC_TOP);
        setObjectClass.add(SMSEntry.OC_SERVICE_COMP);
        Set<String> info = new HashSet<String>(8);
        String privilegeName = p.getName();
        if (privilegeName != null) {
            info.add(Privilege.NAME_ATTRIBUTE + "=" + privilegeName);
        }
        String privilegeDesc = p.getDescription();
        if (privilegeDesc != null) {
            info.add(Privilege.DESCRIPTION_ATTRIBUTE + "=" + privilegeDesc);
        }
        String createdBy = p.getCreatedBy();
        if (createdBy != null) {
            info.add(Privilege.CREATED_BY_ATTRIBUTE + "=" + createdBy);
        }
        String lastModifiedBy = p.getLastModifiedBy();
        if (lastModifiedBy != null) {
            info.add(Privilege.LAST_MODIFIED_BY_ATTRIBUTE + "=" + lastModifiedBy);
        }
        long creationDate = p.getCreationDate();
        if (creationDate > 0) {
            String data = Long.toString(creationDate) + "=" + Privilege.CREATION_DATE_ATTRIBUTE;
            info.add(data);
            info.add("|" + data);
        }
        long lastModifiedDate = p.getLastModifiedDate();
        if (lastModifiedDate > 0) {
            String data = Long.toString(lastModifiedDate) + "=" + Privilege.LAST_MODIFIED_DATE_ATTRIBUTE;
            info.add(data);
            info.add("|" + data);
        }
        Entitlement ent = p.getEntitlement();
        info.add(Privilege.APPLICATION_ATTRIBUTE + "=" + ent.getApplicationName());
        for (String a : p.getApplicationIndexes()) {
            info.add(Privilege.APPLICATION_ATTRIBUTE + "=" + a);
        }
        map.put("ou", info);
        s.setAttributes(map);
        s.save();
        Map<String, String> params = new HashMap<String, String>();
        params.put(NotificationServlet.ATTR_NAME, privilegeName);
        params.put(NotificationServlet.ATTR_REALM_NAME, realm);
        Notifier.submit(NotificationServlet.PRIVILEGE_ADDED, params);
        updateIndexCount(realm, 1, false);
    } catch (JSONException e) {
        throw new EntitlementException(210, e);
    } catch (SSOException e) {
        throw new EntitlementException(210, e);
    } catch (SMSException e) {
        throw new EntitlementException(210, e);
    }
    return dn;
}
Also used : HashSet(java.util.HashSet) Collections.emptySet(java.util.Collections.emptySet) Set(java.util.Set) HashMap(java.util.HashMap) SMSException(com.sun.identity.sm.SMSException) JSONException(org.json.JSONException) SSOException(com.iplanet.sso.SSOException) ResourceSaveIndexes(com.sun.identity.entitlement.ResourceSaveIndexes) EntitlementException(com.sun.identity.entitlement.EntitlementException) SMSEntry(com.sun.identity.sm.SMSEntry) Entitlement(com.sun.identity.entitlement.Entitlement) HashSet(java.util.HashSet)

Example 3 with ResourceSaveIndexes

use of com.sun.identity.entitlement.ResourceSaveIndexes in project OpenAM by OpenRock.

the class TreeSaveIndexTest method normaliseSpecialWildcards.

@Test
public void normaliseSpecialWildcards() {
    ResourceSaveIndexes result = saveIndex.getIndexes("http://www.test.com/-*-/hello");
    Set<String> expectedResults = new HashSet<String>();
    expectedResults.add("http://www.test.com/^/hello");
    assertEquals(Arrays.asList("://www.test.com"), result.getHostIndexes());
    assertEquals(expectedResults, result.getPathIndexes());
    assertEquals(Arrays.asList("/"), result.getParentPathIndexes());
}
Also used : ResourceSaveIndexes(com.sun.identity.entitlement.ResourceSaveIndexes) HashSet(java.util.HashSet) Test(org.testng.annotations.Test)

Example 4 with ResourceSaveIndexes

use of com.sun.identity.entitlement.ResourceSaveIndexes in project OpenAM by OpenRock.

the class DataStore method addReferral.

/**
     * Adds a referral.
     *
     * @param adminSubject Admin Subject who has the rights to write to
     *        datastore.
     * @param realm Realm name.
     * @param referral Referral Privilege object.
     * @return the DN of added privilege.
     * @throws EntitlementException if privilege cannot be added.
     */
public String addReferral(Subject adminSubject, String realm, ReferralPrivilege referral) throws EntitlementException {
    ResourceSaveIndexes indexes = referral.getResourceSaveIndexes(adminSubject, realm);
    SSOToken token = getSSOToken(adminSubject);
    String dn = null;
    try {
        createDefaultSubConfig(token, realm, REFERRAL_STORE);
        dn = getPrivilegeDistinguishedName(referral.getName(), realm, REFERRAL_STORE);
        SMSEntry s = new SMSEntry(token, dn);
        Map<String, Set<String>> map = new HashMap<String, Set<String>>();
        Set<String> searchable = new HashSet<String>();
        map.put(SMSEntry.ATTR_XML_KEYVAL, searchable);
        if (indexes != null) {
            for (String i : indexes.getHostIndexes()) {
                searchable.add(HOST_INDEX_KEY + "=" + i);
            }
            for (String i : indexes.getPathIndexes()) {
                searchable.add(PATH_INDEX_KEY + "=" + i);
            }
            for (String i : indexes.getParentPathIndexes()) {
                searchable.add(PATH_PARENT_INDEX_KEY + "=" + i);
            }
        }
        Set<String> setServiceID = new HashSet<String>(2);
        map.put(SMSEntry.ATTR_SERVICE_ID, setServiceID);
        setServiceID.add("indexes");
        Set<String> set = new HashSet<String>(2);
        map.put(SMSEntry.ATTR_KEYVAL, set);
        set.add(SERIALIZABLE_INDEX_KEY + "=" + referral.toJSON());
        Set<String> setObjectClass = new HashSet<String>(4);
        map.put(SMSEntry.ATTR_OBJECTCLASS, setObjectClass);
        setObjectClass.add(SMSEntry.OC_TOP);
        setObjectClass.add(SMSEntry.OC_SERVICE_COMP);
        Set<String> info = new HashSet<String>(8);
        String privilegeName = referral.getName();
        if (privilegeName != null) {
            info.add(Privilege.NAME_ATTRIBUTE + "=" + privilegeName);
        }
        String privilegeDesc = referral.getDescription();
        if (privilegeDesc != null) {
            info.add(Privilege.DESCRIPTION_ATTRIBUTE + "=" + privilegeDesc);
        }
        String createdBy = referral.getCreatedBy();
        if (createdBy != null) {
            info.add(Privilege.CREATED_BY_ATTRIBUTE + "=" + createdBy);
        }
        String lastModifiedBy = referral.getLastModifiedBy();
        if (lastModifiedBy != null) {
            info.add(Privilege.LAST_MODIFIED_BY_ATTRIBUTE + "=" + lastModifiedBy);
        }
        long creationDate = referral.getCreationDate();
        if (creationDate > 0) {
            String data = Long.toString(creationDate) + "=" + Privilege.CREATION_DATE_ATTRIBUTE;
            info.add(data);
            info.add("|" + data);
        }
        long lastModifiedDate = referral.getLastModifiedDate();
        if (lastModifiedDate > 0) {
            String data = Long.toString(lastModifiedDate) + "=" + Privilege.LAST_MODIFIED_DATE_ATTRIBUTE;
            info.add(data);
            info.add("|" + data);
        }
        for (String rlm : referral.getRealms()) {
            info.add(REFERRAL_REALMS + "=" + rlm);
        }
        for (String n : referral.getApplicationTypeNames(adminSubject, realm)) {
            info.add(REFERRAL_APPLS + "=" + n);
        }
        for (String n : referral.getMapApplNameToResources().keySet()) {
            info.add(Privilege.APPLICATION_ATTRIBUTE + "=" + n);
        }
        map.put("ou", info);
        s.setAttributes(map);
        s.save();
        Map<String, String> params = new HashMap<String, String>();
        params.put(NotificationServlet.ATTR_NAME, privilegeName);
        params.put(NotificationServlet.ATTR_REALM_NAME, realm);
        Notifier.submit(NotificationServlet.REFERRAL_ADDED, params);
        updateIndexCount(realm, 1, true);
    } catch (SSOException e) {
        throw new EntitlementException(270, e);
    } catch (SMSException e) {
        throw new EntitlementException(270, e);
    }
    return dn;
}
Also used : SSOToken(com.iplanet.sso.SSOToken) HashSet(java.util.HashSet) Collections.emptySet(java.util.Collections.emptySet) Set(java.util.Set) HashMap(java.util.HashMap) SMSException(com.sun.identity.sm.SMSException) SSOException(com.iplanet.sso.SSOException) ResourceSaveIndexes(com.sun.identity.entitlement.ResourceSaveIndexes) EntitlementException(com.sun.identity.entitlement.EntitlementException) SMSEntry(com.sun.identity.sm.SMSEntry) HashSet(java.util.HashSet)

Example 5 with ResourceSaveIndexes

use of com.sun.identity.entitlement.ResourceSaveIndexes in project OpenAM by OpenRock.

the class OpenSSOIndexStore method delete.

/**
     * Deletes a privilege from data store.
     *
     * @param privileges Privileges to be deleted.
     * @throws EntitlementException if deletion
     * failed.
     */
public void delete(Set<IPrivilege> privileges) throws EntitlementException {
    Subject adminSubject = getAdminSubject();
    String realm = getRealm();
    for (IPrivilege p : privileges) {
        String dn = null;
        if (p instanceof Privilege) {
            dn = delete(p.getName(), true);
        } else {
            dn = deleteReferral(p.getName(), true);
        }
        if (indexCacheSize > 0) {
            ResourceSaveIndexes sIndex = p.getResourceSaveIndexes(adminSubject, DNMapper.orgNameToRealmName(realm));
            if (sIndex != null) {
                if (p instanceof Privilege) {
                    indexCache.clear(sIndex, dn);
                } else {
                    referralIndexCache.clear(sIndex, dn);
                }
            }
        }
    }
}
Also used : ResourceSaveIndexes(com.sun.identity.entitlement.ResourceSaveIndexes) IPrivilege(com.sun.identity.entitlement.IPrivilege) IPrivilege(com.sun.identity.entitlement.IPrivilege) Privilege(com.sun.identity.entitlement.Privilege) ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege) Subject(javax.security.auth.Subject)

Aggregations

ResourceSaveIndexes (com.sun.identity.entitlement.ResourceSaveIndexes)11 HashSet (java.util.HashSet)8 Test (org.testng.annotations.Test)6 Set (java.util.Set)4 SSOException (com.iplanet.sso.SSOException)2 EntitlementException (com.sun.identity.entitlement.EntitlementException)2 SMSEntry (com.sun.identity.sm.SMSEntry)2 SMSException (com.sun.identity.sm.SMSException)2 Collections.emptySet (java.util.Collections.emptySet)2 HashMap (java.util.HashMap)2 SSOToken (com.iplanet.sso.SSOToken)1 Entitlement (com.sun.identity.entitlement.Entitlement)1 IPrivilege (com.sun.identity.entitlement.IPrivilege)1 Privilege (com.sun.identity.entitlement.Privilege)1 ReferralPrivilege (com.sun.identity.entitlement.ReferralPrivilege)1 MalformedURLException (java.net.MalformedURLException)1 Subject (javax.security.auth.Subject)1 JSONException (org.json.JSONException)1