Examples with IdSearchResults com.sun.identity.idm.IdSearchResults used on opensource projects

Example 41 with IdSearchResults

use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.

the class EntityMembersViewBean method getAssignableMembers.

private OptionList getAssignableMembers() {
    OptionList avail = null;
    EntitiesModel model = (EntitiesModel) getModel();
    if ((filter == null) || (filter.trim().length() == 0)) {
        filter = "*";
        setDisplayFieldValue(TF_FILTER, "*");
    }
    setDisplayFieldValue(TF_FILTER, filter);
    try {
        String curRealm = (String) getPageSessionAttribute(AMAdminConstants.CURRENT_REALM);
        String searchType = (String) getPageSessionAttribute(EntityMembersViewBean.PG_SESSION_MEMBER_TYPE);
        IdSearchResults results = model.getEntityNames(curRealm, searchType, filter);
        int errorCode = results.getErrorCode();
        switch(errorCode) {
            case IdSearchResults.SIZE_LIMIT_EXCEEDED:
                setInlineAlertMessage(CCAlert.TYPE_WARNING, "message.warning", "message.sizelimit.exceeded");
                break;
            case IdSearchResults.TIME_LIMIT_EXCEEDED:
                setInlineAlertMessage(CCAlert.TYPE_WARNING, "message.warning", "message.timelimit.exceeded");
                break;
        }
        // assignable will contain users which shouldn't be displayed in
        // the console (dsameuser, etc...)
        Set assignable = results.getSearchResults();
        assignable.removeAll(model.getSpecialUsers(curRealm));
        String universalId = (String) getPageSessionAttribute(EntityEditViewBean.UNIVERSAL_ID);
        removeAlreadyAssignedMembers(assignable);
        avail = getOptionListForEntities(assignable);
    } catch (AMConsoleException e) {
        setInlineAlertMessage(CCAlert.TYPE_ERROR, "message.error", e.getMessage());
    }
    return avail;
}

Example 42 with IdSearchResults

use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.

the class EntityMembershipViewBean method getAssignableMembership.

private OptionList getAssignableMembership() {
    OptionList avail = null;
    EntitiesModel model = (EntitiesModel) getModel();
    if ((filter == null) || (filter.trim().length() == 0)) {
        filter = "*";
        setDisplayFieldValue(TF_FILTER, "*");
    }
    setDisplayFieldValue(TF_FILTER, filter);
    try {
        String curRealm = (String) getPageSessionAttribute(AMAdminConstants.CURRENT_REALM);
        String searchType = (String) getPageSessionAttribute(EntityMembersViewBean.PG_SESSION_MEMBER_TYPE);
        IdSearchResults results = model.getEntityNames(curRealm, searchType, filter);
        int errorCode = results.getErrorCode();
        switch(errorCode) {
            case IdSearchResults.SIZE_LIMIT_EXCEEDED:
                setInlineAlertMessage(CCAlert.TYPE_WARNING, "message.warning", "message.sizelimit.exceeded");
                break;
            case IdSearchResults.TIME_LIMIT_EXCEEDED:
                setInlineAlertMessage(CCAlert.TYPE_WARNING, "message.warning", "message.timelimit.exceeded");
                break;
        }
        Set members = results.getSearchResults();
        String universalId = (String) getPageSessionAttribute(EntityEditViewBean.UNIVERSAL_ID);
        removeAlreadyAssignedMembers(members);
        avail = getOptionListForEntities(members);
    } catch (AMConsoleException e) {
        setInlineAlertMessage(CCAlert.TYPE_ERROR, "message.error", e.getMessage());
    }
    return avail;
}

Example 43 with IdSearchResults

use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.

the class IdentityServicesImpl method getSpecialUsers.

private Set<AMIdentity> getSpecialUsers(String realmName) {
    SSOToken adminToken = AccessController.doPrivileged(AdminTokenAction.getInstance());
    try {
        AMIdentityRepository repo = new AMIdentityRepository(realmName, adminToken);
        IdSearchResults results = repo.getSpecialIdentities(IdType.USER);
        return results.getSearchResults();
    } catch (IdRepoException | SSOException e) {
        debug.warning("AMModelBase.getSpecialUsers", e);
    }
    return Collections.emptySet();
}

Example 44 with IdSearchResults

use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.

the class IdServicesImpl method search.

@Override
public IdSearchResults search(SSOToken token, IdType type, IdSearchControl ctrl, String amOrgName, CrestQuery crestQuery) throws IdRepoException, SSOException {
    IdRepoException origEx = null;
    // Check permission first. If allowed then proceed, else the
    // checkPermission method throws an "402" exception.
    // In the case of web services security (wss), a search is performed
    // with the identity of shared agent and  a filter.
    // Since shared agents do not have search permissions, might have to
    // use admintoken and check permissions on matched objects.
    boolean checkPermissionOnObjects = false;
    SSOToken userToken = token;
    try {
        checkPermission(token, amOrgName, null, null, IdOperation.READ, type);
    } catch (IdRepoException ire) {
        // If permission denied and control has search filters
        // perform the search and check permissions on the matched objects
        Map filter = ctrl.getSearchModifierMap();
        if ((!ire.getErrorCode().equals(IdRepoErrorCode.ACCESS_DENIED)) || (filter == null) || (filter.isEmpty())) {
            throw (ire);
        }
        // Check permissions after obtaining the matched objects
        checkPermissionOnObjects = true;
        token = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
    }
    // First get the list of plugins that support the create operation.
    Set configuredPluginClasses = idrepoCache.getIdRepoPlugins(amOrgName, IdOperation.READ, type);
    if ((configuredPluginClasses == null) || configuredPluginClasses.isEmpty()) {
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_PLUGINS_CONFIGURED, null);
    }
    Iterator it = configuredPluginClasses.iterator();
    int noOfSuccess = configuredPluginClasses.size();
    IdRepo idRepo;
    Object[][] amsdkResults = new Object[1][2];
    boolean amsdkIncluded = false;
    Object[][] arrayOfResult = new Object[noOfSuccess][2];
    int iterNo = 0;
    int maxTime = ctrl.getTimeOut();
    int maxResults = ctrl.getMaxResults();
    Set returnAttrs = ctrl.getReturnAttributes();
    boolean returnAllAttrs = ctrl.isGetAllReturnAttributesEnabled();
    IdSearchOpModifier modifier = ctrl.getSearchModifier();
    int filterOp = IdRepo.NO_MOD;
    if (modifier.equals(IdSearchOpModifier.AND)) {
        filterOp = IdRepo.AND_MOD;
    } else if (modifier.equals(IdSearchOpModifier.OR)) {
        filterOp = IdRepo.OR_MOD;
    }
    Map avPairs = ctrl.getSearchModifierMap();
    boolean recursive = ctrl.isRecursive();
    while (it.hasNext()) {
        idRepo = (IdRepo) it.next();
        try {
            Map cMap = idRepo.getConfiguration();
            RepoSearchResults results;
            results = idRepo.search(token, type, crestQuery, maxTime, maxResults, returnAttrs, returnAllAttrs, filterOp, avPairs, recursive);
            if (idRepo.getClass().getName().equals(IdConstants.AMSDK_PLUGIN)) {
                amsdkResults[0][0] = results;
                amsdkResults[0][1] = cMap;
                amsdkIncluded = true;
            } else {
                arrayOfResult[iterNo][0] = results;
                arrayOfResult[iterNo][1] = cMap;
                iterNo++;
            }
        } catch (IdRepoUnsupportedOpException ide) {
            if (idRepo != null && DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.search: " + "Unable to search in the following repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        } catch (IdRepoFatalException idf) {
            // fatal ..throw it all the way up
            DEBUG.error("IdServicesImpl.search: Fatal Exception ", idf);
            throw idf;
        } catch (IdRepoException ide) {
            if (idRepo != null && DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.search: " + "Unable to search identity in the following" + " repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        }
    }
    if (noOfSuccess == 0) {
        if (DEBUG.warningEnabled()) {
            DEBUG.warning("IdServicesImpl.search: " + "Unable to search for identity " + type.getName() + ":: using " + crestQuery + " in any configured data store", origEx);
        }
        throw origEx;
    }
    IdSearchResults res = combineSearchResults(token, arrayOfResult, iterNo, type, amOrgName, amsdkIncluded, amsdkResults);
    if (checkPermissionOnObjects) {
        IdSearchResults newRes = new IdSearchResults(type, amOrgName);
        Map idWithAttrs = res.getResultAttributes();
        for (Iterator items = idWithAttrs.keySet().iterator(); items.hasNext(); ) {
            AMIdentity id = (AMIdentity) items.next();
            try {
                checkPermission(userToken, amOrgName, id.getName(), returnAttrs, IdOperation.READ, type);
                // Permission checked, add to newRes
                newRes.addResult(id, (Map) idWithAttrs.get(id));
            } catch (Exception e) {
            // Ignore & continue
            }
        }
        res = newRes;
    }
    return res;
}

Example 45 with IdSearchResults

use of com.sun.identity.idm.IdSearchResults in project OpenAM by OpenRock.

the class IdServicesImpl method combineSearchResults.

private IdSearchResults combineSearchResults(SSOToken token, Object[][] arrayOfResult, int sizeOfArray, IdType type, String orgName, boolean amsdkIncluded, Object[][] amsdkResults) {
    Map amsdkDNs = new CaseInsensitiveHashMap();
    Map resultsMap = new CaseInsensitiveHashMap();
    int errorCode = IdSearchResults.SUCCESS;
    if (amsdkIncluded) {
        RepoSearchResults amsdkRepoRes = (RepoSearchResults) amsdkResults[0][0];
        Set results = amsdkRepoRes.getSearchResults();
        Map attrResults = amsdkRepoRes.getResultAttributes();
        Iterator it = results.iterator();
        while (it.hasNext()) {
            String dn = (String) it.next();
            String name = LDAPUtils.rdnValueFromDn(dn);
            amsdkDNs.put(name, dn);
            Set attrMaps = new HashSet();
            attrMaps.add((Map) attrResults.get(dn));
            resultsMap.put(name, attrMaps);
        }
        errorCode = amsdkRepoRes.getErrorCode();
    }
    for (int i = 0; i < sizeOfArray; i++) {
        RepoSearchResults current = (RepoSearchResults) arrayOfResult[i][0];
        Map configMap = (Map) arrayOfResult[i][1];
        Iterator it = current.getSearchResults().iterator();
        Map allAttrMaps = current.getResultAttributes();
        while (it.hasNext()) {
            String m = (String) it.next();
            String mname = DNUtils.DNtoName(m, false);
            Map attrMap = (Map) allAttrMaps.get(m);
            attrMap = reverseMapAttributeNames(attrMap, configMap);
            Set attrMaps = (Set) resultsMap.get(mname);
            if (attrMaps == null) {
                attrMaps = new HashSet();
            }
            attrMaps.add(attrMap);
            resultsMap.put(mname, attrMaps);
        }
    }
    IdSearchResults results = new IdSearchResults(type, orgName);
    Iterator it = resultsMap.keySet().iterator();
    while (it.hasNext()) {
        String mname = (String) it.next();
        Map combinedMap = combineAttrMaps((Set) resultsMap.get(mname), true);
        AMIdentity id = new AMIdentity(token, mname, type, orgName, (String) amsdkDNs.get(mname));
        results.addResult(id, combinedMap);
    }
    results.setErrorCode(errorCode);
    return results;
}