Examples with RepoSearchResults com.sun.identity.idm.RepoSearchResults used on opensource projects

Example 21 with RepoSearchResults

use of com.sun.identity.idm.RepoSearchResults in project OpenAM by OpenRock.

the class DatabaseRepo method getFullyQualifiedName.

/*
     * Returns the fully qualified name for the identity. It is expected that
     * the fully qualified name would be unique, hence it is recommended to
     * prefix the name with the data store name or protocol. Used by IdRepo
     * framework to check for equality of two identities
     */
public String getFullyQualifiedName(SSOToken token, IdType type, String name) throws IdRepoException, SSOException {
    if (initializationException != null) {
        debug.error("DatabaseRepo.getFullyQualifiedName: throwing" + " initialization exception");
        throw (initializationException);
    }
    if (debug.messageEnabled()) {
        debug.message("DatabaseRepo:getFullyQualifiedName: " + " token=" + token + " IdType=" + type + " name=" + name);
    }
    if ((name == null) || (name.length() == 0)) {
        Object[] args = { PLUGIN_CLASS_NAME, "" };
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_FIND_ENTRY, args);
    }
    isValidType(type, "getFullyQualifiedName");
    //need to search for name and then make the url of datasource db
    RepoSearchResults results = search(token, type, name, 0, 2, null, true, IdRepo.NO_MOD, null, false);
    Set dns = results.getSearchResults();
    if (debug.messageEnabled()) {
        debug.message("DatabaseRepo:getFullyQualifiedName: " + " search results dns=" + dns);
    }
    if (dns == null || dns.size() != 1) {
        String[] args = { PLUGIN_CLASS_NAME, name };
        throw (new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_FIND_ENTRY, args));
    }
    // example url is jdbc:mysql://localhost:3306/openssousersdb
    String dbURL = dao.getDataSourceURL();
    String fqdn = dbURL + "/" + type.getName() + "/" + dns.iterator().next().toString();
    fqdn = fqdn.toLowerCase();
    if (debug.messageEnabled()) {
        debug.message("DatabaseRepo:getFullyQualifiedName: " + " about to return fqdn=" + fqdn);
    }
    return (fqdn);
}

Example 22 with RepoSearchResults

use of com.sun.identity.idm.RepoSearchResults in project OpenAM by OpenRock.

the class IdServicesImpl method search.

@Override
public IdSearchResults search(SSOToken token, IdType type, IdSearchControl ctrl, String amOrgName, CrestQuery crestQuery) throws IdRepoException, SSOException {
    IdRepoException origEx = null;
    // Check permission first. If allowed then proceed, else the
    // checkPermission method throws an "402" exception.
    // In the case of web services security (wss), a search is performed
    // with the identity of shared agent and  a filter.
    // Since shared agents do not have search permissions, might have to
    // use admintoken and check permissions on matched objects.
    boolean checkPermissionOnObjects = false;
    SSOToken userToken = token;
    try {
        checkPermission(token, amOrgName, null, null, IdOperation.READ, type);
    } catch (IdRepoException ire) {
        // If permission denied and control has search filters
        // perform the search and check permissions on the matched objects
        Map filter = ctrl.getSearchModifierMap();
        if ((!ire.getErrorCode().equals(IdRepoErrorCode.ACCESS_DENIED)) || (filter == null) || (filter.isEmpty())) {
            throw (ire);
        }
        // Check permissions after obtaining the matched objects
        checkPermissionOnObjects = true;
        token = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
    }
    // First get the list of plugins that support the create operation.
    Set configuredPluginClasses = idrepoCache.getIdRepoPlugins(amOrgName, IdOperation.READ, type);
    if ((configuredPluginClasses == null) || configuredPluginClasses.isEmpty()) {
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.NO_PLUGINS_CONFIGURED, null);
    }
    Iterator it = configuredPluginClasses.iterator();
    int noOfSuccess = configuredPluginClasses.size();
    IdRepo idRepo;
    Object[][] amsdkResults = new Object[1][2];
    boolean amsdkIncluded = false;
    Object[][] arrayOfResult = new Object[noOfSuccess][2];
    int iterNo = 0;
    int maxTime = ctrl.getTimeOut();
    int maxResults = ctrl.getMaxResults();
    Set returnAttrs = ctrl.getReturnAttributes();
    boolean returnAllAttrs = ctrl.isGetAllReturnAttributesEnabled();
    IdSearchOpModifier modifier = ctrl.getSearchModifier();
    int filterOp = IdRepo.NO_MOD;
    if (modifier.equals(IdSearchOpModifier.AND)) {
        filterOp = IdRepo.AND_MOD;
    } else if (modifier.equals(IdSearchOpModifier.OR)) {
        filterOp = IdRepo.OR_MOD;
    }
    Map avPairs = ctrl.getSearchModifierMap();
    boolean recursive = ctrl.isRecursive();
    while (it.hasNext()) {
        idRepo = (IdRepo) it.next();
        try {
            Map cMap = idRepo.getConfiguration();
            RepoSearchResults results;
            results = idRepo.search(token, type, crestQuery, maxTime, maxResults, returnAttrs, returnAllAttrs, filterOp, avPairs, recursive);
            if (idRepo.getClass().getName().equals(IdConstants.AMSDK_PLUGIN)) {
                amsdkResults[0][0] = results;
                amsdkResults[0][1] = cMap;
                amsdkIncluded = true;
            } else {
                arrayOfResult[iterNo][0] = results;
                arrayOfResult[iterNo][1] = cMap;
                iterNo++;
            }
        } catch (IdRepoUnsupportedOpException ide) {
            if (idRepo != null && DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.search: " + "Unable to search in the following repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        } catch (IdRepoFatalException idf) {
            // fatal ..throw it all the way up
            DEBUG.error("IdServicesImpl.search: Fatal Exception ", idf);
            throw idf;
        } catch (IdRepoException ide) {
            if (idRepo != null && DEBUG.warningEnabled()) {
                DEBUG.warning("IdServicesImpl.search: " + "Unable to search identity in the following" + " repository " + idRepo.getClass().getName() + " :: " + ide.getMessage());
            }
            noOfSuccess--;
            origEx = (origEx == null) ? ide : origEx;
        }
    }
    if (noOfSuccess == 0) {
        if (DEBUG.warningEnabled()) {
            DEBUG.warning("IdServicesImpl.search: " + "Unable to search for identity " + type.getName() + ":: using " + crestQuery + " in any configured data store", origEx);
        }
        throw origEx;
    }
    IdSearchResults res = combineSearchResults(token, arrayOfResult, iterNo, type, amOrgName, amsdkIncluded, amsdkResults);
    if (checkPermissionOnObjects) {
        IdSearchResults newRes = new IdSearchResults(type, amOrgName);
        Map idWithAttrs = res.getResultAttributes();
        for (Iterator items = idWithAttrs.keySet().iterator(); items.hasNext(); ) {
            AMIdentity id = (AMIdentity) items.next();
            try {
                checkPermission(userToken, amOrgName, id.getName(), returnAttrs, IdOperation.READ, type);
                // Permission checked, add to newRes
                newRes.addResult(id, (Map) idWithAttrs.get(id));
            } catch (Exception e) {
            // Ignore & continue
            }
        }
        res = newRes;
    }
    return res;
}

Example 23 with RepoSearchResults

use of com.sun.identity.idm.RepoSearchResults in project OpenAM by OpenRock.

the class IdServicesImpl method combineSearchResults.

private IdSearchResults combineSearchResults(SSOToken token, Object[][] arrayOfResult, int sizeOfArray, IdType type, String orgName, boolean amsdkIncluded, Object[][] amsdkResults) {
    Map amsdkDNs = new CaseInsensitiveHashMap();
    Map resultsMap = new CaseInsensitiveHashMap();
    int errorCode = IdSearchResults.SUCCESS;
    if (amsdkIncluded) {
        RepoSearchResults amsdkRepoRes = (RepoSearchResults) amsdkResults[0][0];
        Set results = amsdkRepoRes.getSearchResults();
        Map attrResults = amsdkRepoRes.getResultAttributes();
        Iterator it = results.iterator();
        while (it.hasNext()) {
            String dn = (String) it.next();
            String name = LDAPUtils.rdnValueFromDn(dn);
            amsdkDNs.put(name, dn);
            Set attrMaps = new HashSet();
            attrMaps.add((Map) attrResults.get(dn));
            resultsMap.put(name, attrMaps);
        }
        errorCode = amsdkRepoRes.getErrorCode();
    }
    for (int i = 0; i < sizeOfArray; i++) {
        RepoSearchResults current = (RepoSearchResults) arrayOfResult[i][0];
        Map configMap = (Map) arrayOfResult[i][1];
        Iterator it = current.getSearchResults().iterator();
        Map allAttrMaps = current.getResultAttributes();
        while (it.hasNext()) {
            String m = (String) it.next();
            String mname = DNUtils.DNtoName(m, false);
            Map attrMap = (Map) allAttrMaps.get(m);
            attrMap = reverseMapAttributeNames(attrMap, configMap);
            Set attrMaps = (Set) resultsMap.get(mname);
            if (attrMaps == null) {
                attrMaps = new HashSet();
            }
            attrMaps.add(attrMap);
            resultsMap.put(mname, attrMaps);
        }
    }
    IdSearchResults results = new IdSearchResults(type, orgName);
    Iterator it = resultsMap.keySet().iterator();
    while (it.hasNext()) {
        String mname = (String) it.next();
        Map combinedMap = combineAttrMaps((Set) resultsMap.get(mname), true);
        AMIdentity id = new AMIdentity(token, mname, type, orgName, (String) amsdkDNs.get(mname));
        results.addResult(id, combinedMap);
    }
    results.setErrorCode(errorCode);
    return results;
}

Example 24 with RepoSearchResults

use of com.sun.identity.idm.RepoSearchResults in project OpenAM by OpenRock.

the class IdServicesImpl method getSpecialIdentities.

public IdSearchResults getSpecialIdentities(SSOToken token, IdType type, String orgName) throws IdRepoException, SSOException {
    Set pluginClasses = new OrderedSet();
    if (ServiceManager.isConfigMigratedTo70() && ServiceManager.getBaseDN().equalsIgnoreCase(orgName)) {
        // Check the cache
        if (specialIdentities != null) {
            return (specialIdentities);
        }
        // get the "SpecialUser plugin
        Set repos = idrepoCache.getIdRepoPlugins(orgName);
        for (Iterator items = repos.iterator(); items.hasNext(); ) {
            IdRepo repo = (IdRepo) items.next();
            if (repo instanceof SpecialRepo) {
                pluginClasses.add(repo);
            }
        }
    }
    // If no plugins found, return empty results
    if (pluginClasses.isEmpty()) {
        return (emptyUserIdentities);
    } else {
        IdRepo specialRepo = (IdRepo) pluginClasses.iterator().next();
        CrestQuery crestQuery = new CrestQuery("*");
        RepoSearchResults res = specialRepo.search(token, type, crestQuery, 0, 0, Collections.EMPTY_SET, false, 0, Collections.EMPTY_MAP, false);
        Object[][] obj = new Object[1][2];
        obj[0][0] = res;
        obj[0][1] = Collections.EMPTY_MAP;
        specialIdentities = combineSearchResults(token, obj, 1, type, orgName, false, null);
    }
    return (specialIdentities);
}

Example 25 with RepoSearchResults

use of com.sun.identity.idm.RepoSearchResults in project OpenAM by OpenRock.

the class IdServicesImpl method isSpecialIdentity.

protected boolean isSpecialIdentity(SSOToken token, String name, IdType type, String orgName) throws IdRepoException, SSOException {
    if (ServiceManager.isConfigMigratedTo70() && ServiceManager.getBaseDN().equalsIgnoreCase(orgName) && type.equals(IdType.USER)) {
        // Check the cache
        if (specialIdentityNames == null) {
            // get the "SpecialUser plugin
            Set spIds = new CaseInsensitiveHashSet();
            Set repos = idrepoCache.getIdRepoPlugins(orgName);
            for (Iterator items = repos.iterator(); items.hasNext(); ) {
                IdRepo repo = (IdRepo) items.next();
                if (repo instanceof SpecialRepo) {
                    CrestQuery crestQuery = new CrestQuery("*");
                    RepoSearchResults res = repo.search(token, type, crestQuery, 0, 0, Collections.EMPTY_SET, false, 0, Collections.EMPTY_MAP, false);
                    Set identities = res.getSearchResults();
                    for (Iterator ids = identities.iterator(); ids.hasNext(); ) {
                        spIds.add(ids.next());
                    }
                }
            }
            specialIdentityNames = spIds;
        }
        if ((specialIdentityNames != null) && !specialIdentityNames.isEmpty()) {
            return (specialIdentityNames.contains(name));
        }
    }
    return (false);
}