Search in sources :

Example 6 with OperationPurposeRequestControl

use of com.unboundid.ldap.sdk.unboundidds.controls.OperationPurposeRequestControl in project ldapsdk by pingidentity.

the class MoveSubtree method moveSubtreeWithRestrictedAccessibility.

/**
 * Performs the real {@code moveSubtreeWithRestrictedAccessibility}
 * processing.  If a tool is available, this method will update state
 * information in that tool so that it can be referenced by a shutdown hook
 * in the event that processing is interrupted.
 *
 * @param  tool              A reference to a tool instance to be updated with
 *                           state information.
 * @param  sourceConnection  A connection established to the source server.
 *                           It should be authenticated as a user with
 *                           permission to perform all of the operations
 *                           against the source server as referenced above.
 * @param  targetConnection  A connection established to the target server.
 *                           It should be authenticated as a user with
 *                           permission to perform all of the operations
 *                           against the target server as referenced above.
 * @param  baseDN            The base DN for the subtree to move.
 * @param  sizeLimit         The maximum number of entries to be moved.  It
 *                           may be less than or equal to zero to indicate
 *                           that no client-side limit should be enforced
 *                           (although the server may still enforce its own
 *                           limit).
 * @param  opPurposeControl  An optional operation purpose request control
 *                           that may be included in all requests sent to the
 *                           source and target servers.
 * @param  suppressRefInt    Indicates whether to include a request control
 *                           causing referential integrity updates to be
 *                           suppressed on the source server.
 * @param  listener          An optional listener that may be invoked during
 *                           the course of moving entries from the source
 *                           server to the target server.
 *
 * @return  An object with information about the result of the attempted
 *          subtree move.
 */
@NotNull()
private static MoveSubtreeResult moveSubtreeWithRestrictedAccessibility(@Nullable final MoveSubtree tool, @NotNull final LDAPConnection sourceConnection, @NotNull final LDAPConnection targetConnection, @NotNull final String baseDN, final int sizeLimit, @Nullable final OperationPurposeRequestControl opPurposeControl, final boolean suppressRefInt, @Nullable final MoveSubtreeListener listener) {
    // Ensure that the subtree is currently accessible in both the source and
    // target servers.
    final MoveSubtreeResult initialAccessibilityResult = checkInitialAccessibility(sourceConnection, targetConnection, baseDN, opPurposeControl);
    if (initialAccessibilityResult != null) {
        return initialAccessibilityResult;
    }
    final StringBuilder errorMsg = new StringBuilder();
    final StringBuilder adminMsg = new StringBuilder();
    final ReverseComparator<DN> reverseComparator = new ReverseComparator<>();
    final TreeSet<DN> sourceEntryDNs = new TreeSet<>(reverseComparator);
    final AtomicInteger entriesReadFromSource = new AtomicInteger(0);
    final AtomicInteger entriesAddedToTarget = new AtomicInteger(0);
    final AtomicInteger entriesDeletedFromSource = new AtomicInteger(0);
    final AtomicReference<ResultCode> resultCode = new AtomicReference<>();
    boolean sourceServerAltered = false;
    boolean targetServerAltered = false;
    SubtreeAccessibilityState currentSourceState = SubtreeAccessibilityState.ACCESSIBLE;
    SubtreeAccessibilityState currentTargetState = SubtreeAccessibilityState.ACCESSIBLE;
    processingBlock: {
        // Identify the users authenticated on each connection.
        final String sourceUserDN;
        final String targetUserDN;
        try {
            sourceUserDN = getAuthenticatedUserDN(sourceConnection, true, opPurposeControl);
            targetUserDN = getAuthenticatedUserDN(targetConnection, false, opPurposeControl);
        } catch (final LDAPException le) {
            Debug.debugException(le);
            resultCode.compareAndSet(null, le.getResultCode());
            append(le.getMessage(), errorMsg);
            break processingBlock;
        }
        // Make the subtree hidden on the target server.
        try {
            setAccessibility(targetConnection, false, baseDN, SubtreeAccessibilityState.HIDDEN, targetUserDN, opPurposeControl);
            currentTargetState = SubtreeAccessibilityState.HIDDEN;
            setInterruptMessage(tool, WARN_MOVE_SUBTREE_INTERRUPT_MSG_TARGET_HIDDEN.get(baseDN, targetConnection.getConnectedAddress(), targetConnection.getConnectedPort()));
        } catch (final LDAPException le) {
            Debug.debugException(le);
            resultCode.compareAndSet(null, le.getResultCode());
            append(le.getMessage(), errorMsg);
            break processingBlock;
        }
        // Make the subtree read-only on the source server.
        try {
            setAccessibility(sourceConnection, true, baseDN, SubtreeAccessibilityState.READ_ONLY_BIND_ALLOWED, sourceUserDN, opPurposeControl);
            currentSourceState = SubtreeAccessibilityState.READ_ONLY_BIND_ALLOWED;
            setInterruptMessage(tool, WARN_MOVE_SUBTREE_INTERRUPT_MSG_SOURCE_READ_ONLY.get(baseDN, targetConnection.getConnectedAddress(), targetConnection.getConnectedPort(), sourceConnection.getConnectedAddress(), sourceConnection.getConnectedPort()));
        } catch (final LDAPException le) {
            Debug.debugException(le);
            resultCode.compareAndSet(null, le.getResultCode());
            append(le.getMessage(), errorMsg);
            break processingBlock;
        }
        // Perform a search to find all entries in the target subtree, and include
        // a search listener that will add each entry to the target server as it
        // is returned from the source server.
        final Control[] searchControls;
        if (opPurposeControl == null) {
            searchControls = new Control[] { new DraftLDUPSubentriesRequestControl(true), new ManageDsaITRequestControl(true), new ReturnConflictEntriesRequestControl(true), new SoftDeletedEntryAccessRequestControl(true, true, false), new RealAttributesOnlyRequestControl(true) };
        } else {
            searchControls = new Control[] { new DraftLDUPSubentriesRequestControl(true), new ManageDsaITRequestControl(true), new ReturnConflictEntriesRequestControl(true), new SoftDeletedEntryAccessRequestControl(true, true, false), new RealAttributesOnlyRequestControl(true), opPurposeControl };
        }
        final MoveSubtreeAccessibilitySearchListener searchListener = new MoveSubtreeAccessibilitySearchListener(tool, baseDN, sourceConnection, targetConnection, resultCode, errorMsg, entriesReadFromSource, entriesAddedToTarget, sourceEntryDNs, opPurposeControl, listener);
        final SearchRequest searchRequest = new SearchRequest(searchListener, searchControls, baseDN, SearchScope.SUB, DereferencePolicy.NEVER, sizeLimit, 0, false, Filter.createPresenceFilter("objectClass"), "*", "+");
        SearchResult searchResult;
        try {
            searchResult = sourceConnection.search(searchRequest);
        } catch (final LDAPSearchException lse) {
            Debug.debugException(lse);
            searchResult = lse.getSearchResult();
        }
        if (entriesAddedToTarget.get() > 0) {
            targetServerAltered = true;
        }
        if (searchResult.getResultCode() != ResultCode.SUCCESS) {
            resultCode.compareAndSet(null, searchResult.getResultCode());
            append(ERR_MOVE_SUBTREE_SEARCH_FAILED.get(baseDN, searchResult.getDiagnosticMessage()), errorMsg);
            final AtomicInteger deleteCount = new AtomicInteger(0);
            if (targetServerAltered) {
                deleteEntries(targetConnection, false, sourceEntryDNs, opPurposeControl, false, null, deleteCount, resultCode, errorMsg);
                entriesAddedToTarget.addAndGet(0 - deleteCount.get());
                if (entriesAddedToTarget.get() == 0) {
                    targetServerAltered = false;
                } else {
                    append(ERR_MOVE_SUBTREE_TARGET_NOT_DELETED_ADMIN_ACTION.get(baseDN), adminMsg);
                }
            }
            break processingBlock;
        }
        // If an error occurred during add processing, then fail.
        if (resultCode.get() != null) {
            final AtomicInteger deleteCount = new AtomicInteger(0);
            if (targetServerAltered) {
                deleteEntries(targetConnection, false, sourceEntryDNs, opPurposeControl, false, null, deleteCount, resultCode, errorMsg);
                entriesAddedToTarget.addAndGet(0 - deleteCount.get());
                if (entriesAddedToTarget.get() == 0) {
                    targetServerAltered = false;
                } else {
                    append(ERR_MOVE_SUBTREE_TARGET_NOT_DELETED_ADMIN_ACTION.get(baseDN), adminMsg);
                }
            }
            break processingBlock;
        }
        // Make the subtree read-only on the target server.
        try {
            setAccessibility(targetConnection, true, baseDN, SubtreeAccessibilityState.READ_ONLY_BIND_ALLOWED, targetUserDN, opPurposeControl);
            currentTargetState = SubtreeAccessibilityState.READ_ONLY_BIND_ALLOWED;
            setInterruptMessage(tool, WARN_MOVE_SUBTREE_INTERRUPT_MSG_TARGET_READ_ONLY.get(baseDN, sourceConnection.getConnectedAddress(), sourceConnection.getConnectedPort(), targetConnection.getConnectedAddress(), targetConnection.getConnectedPort()));
        } catch (final LDAPException le) {
            Debug.debugException(le);
            resultCode.compareAndSet(null, le.getResultCode());
            append(le.getMessage(), errorMsg);
            break processingBlock;
        }
        // Make the subtree hidden on the source server.
        try {
            setAccessibility(sourceConnection, true, baseDN, SubtreeAccessibilityState.HIDDEN, sourceUserDN, opPurposeControl);
            currentSourceState = SubtreeAccessibilityState.HIDDEN;
            setInterruptMessage(tool, WARN_MOVE_SUBTREE_INTERRUPT_MSG_SOURCE_HIDDEN.get(baseDN, sourceConnection.getConnectedAddress(), sourceConnection.getConnectedPort(), targetConnection.getConnectedAddress(), targetConnection.getConnectedPort()));
        } catch (final LDAPException le) {
            Debug.debugException(le);
            resultCode.compareAndSet(null, le.getResultCode());
            append(le.getMessage(), errorMsg);
            break processingBlock;
        }
        // Make the subtree accessible on the target server.
        try {
            setAccessibility(targetConnection, true, baseDN, SubtreeAccessibilityState.ACCESSIBLE, targetUserDN, opPurposeControl);
            currentTargetState = SubtreeAccessibilityState.ACCESSIBLE;
            setInterruptMessage(tool, WARN_MOVE_SUBTREE_INTERRUPT_MSG_TARGET_ACCESSIBLE.get(baseDN, sourceConnection.getConnectedAddress(), sourceConnection.getConnectedPort(), targetConnection.getConnectedAddress(), targetConnection.getConnectedPort()));
        } catch (final LDAPException le) {
            Debug.debugException(le);
            resultCode.compareAndSet(null, le.getResultCode());
            append(le.getMessage(), errorMsg);
            break processingBlock;
        }
        // Delete each of the entries in the source server.  The map should
        // already be sorted in reverse order (as a result of the comparator used
        // when creating it), so it will guarantee children are deleted before
        // their parents.
        final boolean deleteSuccessful = deleteEntries(sourceConnection, true, sourceEntryDNs, opPurposeControl, suppressRefInt, listener, entriesDeletedFromSource, resultCode, errorMsg);
        sourceServerAltered = (entriesDeletedFromSource.get() != 0);
        if (!deleteSuccessful) {
            append(ERR_MOVE_SUBTREE_SOURCE_NOT_DELETED_ADMIN_ACTION.get(baseDN), adminMsg);
            break processingBlock;
        }
        // Make the subtree accessible on the source server.
        try {
            setAccessibility(sourceConnection, true, baseDN, SubtreeAccessibilityState.ACCESSIBLE, sourceUserDN, opPurposeControl);
            currentSourceState = SubtreeAccessibilityState.ACCESSIBLE;
            setInterruptMessage(tool, null);
        } catch (final LDAPException le) {
            Debug.debugException(le);
            resultCode.compareAndSet(null, le.getResultCode());
            append(le.getMessage(), errorMsg);
            break processingBlock;
        }
    }
    // then accessible, then generate an admin action message.
    if (currentSourceState != SubtreeAccessibilityState.ACCESSIBLE) {
        if (!sourceServerAltered) {
            try {
                setAccessibility(sourceConnection, true, baseDN, SubtreeAccessibilityState.ACCESSIBLE, null, opPurposeControl);
                currentSourceState = SubtreeAccessibilityState.ACCESSIBLE;
            } catch (final LDAPException le) {
                Debug.debugException(le);
            }
        }
        if (currentSourceState != SubtreeAccessibilityState.ACCESSIBLE) {
            append(ERR_MOVE_SUBTREE_SOURCE_LEFT_INACCESSIBLE.get(currentSourceState, baseDN), adminMsg);
        }
    }
    // then accessible, then generate an admin action message.
    if (currentTargetState != SubtreeAccessibilityState.ACCESSIBLE) {
        if (!targetServerAltered) {
            try {
                setAccessibility(targetConnection, false, baseDN, SubtreeAccessibilityState.ACCESSIBLE, null, opPurposeControl);
                currentTargetState = SubtreeAccessibilityState.ACCESSIBLE;
            } catch (final LDAPException le) {
                Debug.debugException(le);
            }
        }
        if (currentTargetState != SubtreeAccessibilityState.ACCESSIBLE) {
            append(ERR_MOVE_SUBTREE_TARGET_LEFT_INACCESSIBLE.get(currentTargetState, baseDN), adminMsg);
        }
    }
    // Construct the result to return to the client.
    resultCode.compareAndSet(null, ResultCode.SUCCESS);
    final String errorMessage;
    if (errorMsg.length() > 0) {
        errorMessage = errorMsg.toString();
    } else {
        errorMessage = null;
    }
    final String adminActionRequired;
    if (adminMsg.length() > 0) {
        adminActionRequired = adminMsg.toString();
    } else {
        adminActionRequired = null;
    }
    return new MoveSubtreeResult(resultCode.get(), errorMessage, adminActionRequired, sourceServerAltered, targetServerAltered, entriesReadFromSource.get(), entriesAddedToTarget.get(), entriesDeletedFromSource.get());
}
Also used : SearchRequest(com.unboundid.ldap.sdk.SearchRequest) DN(com.unboundid.ldap.sdk.DN) ReverseComparator(com.unboundid.util.ReverseComparator) ASN1OctetString(com.unboundid.asn1.ASN1OctetString) Control(com.unboundid.ldap.sdk.Control) RealAttributesOnlyRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.RealAttributesOnlyRequestControl) OperationPurposeRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.OperationPurposeRequestControl) SuppressReferentialIntegrityUpdatesRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.SuppressReferentialIntegrityUpdatesRequestControl) SoftDeletedEntryAccessRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.SoftDeletedEntryAccessRequestControl) ManageDsaITRequestControl(com.unboundid.ldap.sdk.controls.ManageDsaITRequestControl) ReturnConflictEntriesRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.ReturnConflictEntriesRequestControl) DraftLDUPSubentriesRequestControl(com.unboundid.ldap.sdk.controls.DraftLDUPSubentriesRequestControl) DraftLDUPSubentriesRequestControl(com.unboundid.ldap.sdk.controls.DraftLDUPSubentriesRequestControl) SoftDeletedEntryAccessRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.SoftDeletedEntryAccessRequestControl) TreeSet(java.util.TreeSet) LDAPSearchException(com.unboundid.ldap.sdk.LDAPSearchException) ManageDsaITRequestControl(com.unboundid.ldap.sdk.controls.ManageDsaITRequestControl) ReturnConflictEntriesRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.ReturnConflictEntriesRequestControl) AtomicReference(java.util.concurrent.atomic.AtomicReference) RealAttributesOnlyRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.RealAttributesOnlyRequestControl) SearchResult(com.unboundid.ldap.sdk.SearchResult) SubtreeAccessibilityState(com.unboundid.ldap.sdk.unboundidds.extensions.SubtreeAccessibilityState) LDAPException(com.unboundid.ldap.sdk.LDAPException) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) ResultCode(com.unboundid.ldap.sdk.ResultCode) NotNull(com.unboundid.util.NotNull)

Example 7 with OperationPurposeRequestControl

use of com.unboundid.ldap.sdk.unboundidds.controls.OperationPurposeRequestControl in project ldapsdk by pingidentity.

the class MoveSubtree method moveEntryWithInteractiveTransaction.

/**
 * <BLOCKQUOTE>
 *   <B>NOTE:</B>  The use of interactive transactions is strongly discouraged
 *   because it can create conditions which are prone to deadlocks between
 *   operations that may significantly affect performance and will result in
 *   the cancellation of one or both operations.  Use one of the
 *   {@code moveSubtreeWithRestrictedAccessibility} methods instead.
 * </BLOCKQUOTE>
 * Moves a single leaf entry using a pair of interactive transactions.  The
 * logic used to accomplish this is as follows:
 * <OL>
 *   <LI>Start an interactive transaction in the source server.</LI>
 *   <LI>Start an interactive transaction in the target server.</LI>
 *   <LI>Read the entry from the source server.  The search request will have
 *       a subtree scope with a size limit of one, a filter of
 *       "(objectClass=*)", will request all user and operational attributes,
 *       and will include the following request controls:  interactive
 *       transaction specification, ManageDsaIT, LDAP subentries, return
 *       conflict entries, soft-deleted entry access, real attributes only,
 *       and operation purpose.</LI>
 *  <LI>Add the entry to the target server.  The add request will include the
 *      following controls:  interactive transaction specification, ignore
 *      NO-USER-MODIFICATION, and operation purpose.</LI>
 *  <LI>Delete the entry from the source server.  The delete request will
 *      include the following controls:  interactive transaction
 *      specification, ManageDsaIT, and operation purpose.</LI>
 *  <LI>Commit the interactive transaction in the target server.</LI>
 *  <LI>Commit the interactive transaction in the source server.</LI>
 * </OL>
 * Conditions which could result in an incomplete move include:
 * <UL>
 *   <LI>The commit in the target server succeeds but the commit in the
 *       source server fails.  In this case, the entry may end up in both
 *       servers, requiring manual cleanup.  If this occurs, then the result
 *       returned from this method will indicate this condition.</LI>
 *   <LI>The account used to read entries from the source server does not have
 *       permission to see all attributes in all entries.  In this case, the
 *       target server will include only a partial representation of the entry
 *       in the source server.  To avoid this problem, ensure that the account
 *       used to read from the source server has sufficient access rights to
 *       see all attributes in the entry to move.</LI>
 *   <LI>The source server participates in replication and a change occurs to
 *       the entry in a different server in the replicated environment while
 *       the move is in progress.  In this case, those changes may not be
 *       reflected in the target server.  To avoid this problem, it is
 *       strongly recommended that all write access in the replication
 *       environment containing the source server be directed to the source
 *       server during the time that the move is in progress (e.g., using a
 *       failover load-balancing algorithm in the Directory Proxy
 *       Server).</LI>
 * </UL>
 *
 * @param  sourceConnection  A connection established to the source server.
 *                           It should be authenticated as a user with
 *                           permission to perform all of the operations
 *                           against the source server as referenced above.
 * @param  targetConnection  A connection established to the target server.
 *                           It should be authenticated as a user with
 *                           permission to perform all of the operations
 *                           against the target server as referenced above.
 * @param  entryDN           The base DN for the subtree to move.
 * @param  opPurposeControl  An optional operation purpose request control
 *                           that may be included in all requests sent to the
 *                           source and target servers.
 * @param  suppressRefInt    Indicates whether to include a request control
 *                           causing referential integrity updates to be
 *                           suppressed on the source server.
 * @param  listener          An optional listener that may be invoked during
 *                           the course of moving entries from the source
 *                           server to the target server.
 *
 * @return  An object with information about the result of the attempted
 *          subtree move.
 *
 * @deprecated  The use of interactive transactions is strongly discouraged
 *              because it can create conditions which are prone to deadlocks
 *              between operations that may significantly affect performance
 *              and will result in the cancellation of one or both operations.
 */
@Deprecated()
@SuppressWarnings("deprecation")
@NotNull()
public static MoveSubtreeResult moveEntryWithInteractiveTransaction(@NotNull final LDAPConnection sourceConnection, @NotNull final LDAPConnection targetConnection, @NotNull final String entryDN, @Nullable final OperationPurposeRequestControl opPurposeControl, final boolean suppressRefInt, @Nullable final MoveSubtreeListener listener) {
    final StringBuilder errorMsg = new StringBuilder();
    final StringBuilder adminMsg = new StringBuilder();
    final ReverseComparator<DN> reverseComparator = new ReverseComparator<>();
    final TreeSet<DN> sourceEntryDNs = new TreeSet<>(reverseComparator);
    final AtomicInteger entriesReadFromSource = new AtomicInteger(0);
    final AtomicInteger entriesAddedToTarget = new AtomicInteger(0);
    final AtomicInteger entriesDeletedFromSource = new AtomicInteger(0);
    final AtomicReference<ResultCode> resultCode = new AtomicReference<>();
    ASN1OctetString sourceTxnID = null;
    ASN1OctetString targetTxnID = null;
    boolean sourceServerAltered = false;
    boolean targetServerAltered = false;
    processingBlock: try {
        // Start an interactive transaction in the source server.
        final com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationRequestControl sourceTxnControl;
        try {
            final com.unboundid.ldap.sdk.unboundidds.extensions.StartInteractiveTransactionExtendedRequest startTxnRequest;
            if (opPurposeControl == null) {
                startTxnRequest = new com.unboundid.ldap.sdk.unboundidds.extensions.StartInteractiveTransactionExtendedRequest(entryDN);
            } else {
                startTxnRequest = new com.unboundid.ldap.sdk.unboundidds.extensions.StartInteractiveTransactionExtendedRequest(entryDN, new Control[] { opPurposeControl });
            }
            final com.unboundid.ldap.sdk.unboundidds.extensions.StartInteractiveTransactionExtendedResult startTxnResult = (com.unboundid.ldap.sdk.unboundidds.extensions.StartInteractiveTransactionExtendedResult) sourceConnection.processExtendedOperation(startTxnRequest);
            if (startTxnResult.getResultCode() == ResultCode.SUCCESS) {
                sourceTxnID = startTxnResult.getTransactionID();
                sourceTxnControl = new com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationRequestControl(sourceTxnID, true, true);
            } else {
                resultCode.compareAndSet(null, startTxnResult.getResultCode());
                append(ERR_MOVE_ENTRY_CANNOT_START_SOURCE_TXN.get(startTxnResult.getDiagnosticMessage()), errorMsg);
                break processingBlock;
            }
        } catch (final LDAPException le) {
            Debug.debugException(le);
            resultCode.compareAndSet(null, le.getResultCode());
            append(ERR_MOVE_ENTRY_CANNOT_START_SOURCE_TXN.get(StaticUtils.getExceptionMessage(le)), errorMsg);
            break processingBlock;
        }
        // Start an interactive transaction in the target server.
        final com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationRequestControl targetTxnControl;
        try {
            final com.unboundid.ldap.sdk.unboundidds.extensions.StartInteractiveTransactionExtendedRequest startTxnRequest;
            if (opPurposeControl == null) {
                startTxnRequest = new com.unboundid.ldap.sdk.unboundidds.extensions.StartInteractiveTransactionExtendedRequest(entryDN);
            } else {
                startTxnRequest = new com.unboundid.ldap.sdk.unboundidds.extensions.StartInteractiveTransactionExtendedRequest(entryDN, new Control[] { opPurposeControl });
            }
            final com.unboundid.ldap.sdk.unboundidds.extensions.StartInteractiveTransactionExtendedResult startTxnResult = (com.unboundid.ldap.sdk.unboundidds.extensions.StartInteractiveTransactionExtendedResult) targetConnection.processExtendedOperation(startTxnRequest);
            if (startTxnResult.getResultCode() == ResultCode.SUCCESS) {
                targetTxnID = startTxnResult.getTransactionID();
                targetTxnControl = new com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationRequestControl(targetTxnID, true, true);
            } else {
                resultCode.compareAndSet(null, startTxnResult.getResultCode());
                append(ERR_MOVE_ENTRY_CANNOT_START_TARGET_TXN.get(startTxnResult.getDiagnosticMessage()), errorMsg);
                break processingBlock;
            }
        } catch (final LDAPException le) {
            Debug.debugException(le);
            resultCode.compareAndSet(null, le.getResultCode());
            append(ERR_MOVE_ENTRY_CANNOT_START_TARGET_TXN.get(StaticUtils.getExceptionMessage(le)), errorMsg);
            break processingBlock;
        }
        // Perform a search to find all entries in the target subtree, and include
        // a search listener that will add each entry to the target server as it
        // is returned from the source server.
        final Control[] searchControls;
        if (opPurposeControl == null) {
            searchControls = new Control[] { sourceTxnControl, new DraftLDUPSubentriesRequestControl(true), new ManageDsaITRequestControl(true), new ReturnConflictEntriesRequestControl(true), new SoftDeletedEntryAccessRequestControl(true, true, false), new RealAttributesOnlyRequestControl(true) };
        } else {
            searchControls = new Control[] { sourceTxnControl, new DraftLDUPSubentriesRequestControl(true), new ManageDsaITRequestControl(true), new ReturnConflictEntriesRequestControl(true), new SoftDeletedEntryAccessRequestControl(true, true, false), new RealAttributesOnlyRequestControl(true), opPurposeControl };
        }
        final MoveSubtreeTxnSearchListener searchListener = new MoveSubtreeTxnSearchListener(targetConnection, resultCode, errorMsg, entriesReadFromSource, entriesAddedToTarget, sourceEntryDNs, targetTxnControl, opPurposeControl, listener);
        final SearchRequest searchRequest = new SearchRequest(searchListener, searchControls, entryDN, SearchScope.SUB, DereferencePolicy.NEVER, 1, 0, false, Filter.createPresenceFilter("objectClass"), "*", "+");
        SearchResult searchResult;
        try {
            searchResult = sourceConnection.search(searchRequest);
        } catch (final LDAPSearchException lse) {
            Debug.debugException(lse);
            searchResult = lse.getSearchResult();
        }
        if (searchResult.getResultCode() == ResultCode.SUCCESS) {
            try {
                final com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl txnResult = com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl.get(searchResult);
                if ((txnResult == null) || (!txnResult.transactionValid())) {
                    resultCode.compareAndSet(null, ResultCode.LOCAL_ERROR);
                    append(ERR_MOVE_ENTRY_SEARCH_TXN_NO_LONGER_VALID.get(), errorMsg);
                    break processingBlock;
                }
            } catch (final LDAPException le) {
                Debug.debugException(le);
                resultCode.compareAndSet(null, le.getResultCode());
                append(ERR_MOVE_ENTRY_CANNOT_DECODE_SEARCH_TXN_CONTROL.get(StaticUtils.getExceptionMessage(le)), errorMsg);
                break processingBlock;
            }
        } else {
            resultCode.compareAndSet(null, searchResult.getResultCode());
            append(ERR_MOVE_SUBTREE_SEARCH_FAILED.get(entryDN, searchResult.getDiagnosticMessage()), errorMsg);
            try {
                final com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl txnResult = com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl.get(searchResult);
                if ((txnResult != null) && (!txnResult.transactionValid())) {
                    sourceTxnID = null;
                }
            } catch (final LDAPException le) {
                Debug.debugException(le);
            }
            if (!searchListener.targetTransactionValid()) {
                targetTxnID = null;
            }
            break processingBlock;
        }
        // If an error occurred during add processing, then fail.
        if (resultCode.get() == null) {
            targetServerAltered = true;
        } else {
            break processingBlock;
        }
        // Delete each of the entries in the source server.  The map should
        // already be sorted in reverse order (as a result of the comparator used
        // when creating it), so it will guarantee children are deleted before
        // their parents.
        final ArrayList<Control> deleteControlList = new ArrayList<>(4);
        deleteControlList.add(sourceTxnControl);
        deleteControlList.add(new ManageDsaITRequestControl(true));
        if (opPurposeControl != null) {
            deleteControlList.add(opPurposeControl);
        }
        if (suppressRefInt) {
            deleteControlList.add(new SuppressReferentialIntegrityUpdatesRequestControl(false));
        }
        final Control[] deleteControls = new Control[deleteControlList.size()];
        deleteControlList.toArray(deleteControls);
        for (final DN dn : sourceEntryDNs) {
            if (listener != null) {
                try {
                    listener.doPreDeleteProcessing(dn);
                } catch (final Exception e) {
                    Debug.debugException(e);
                    resultCode.compareAndSet(null, ResultCode.LOCAL_ERROR);
                    append(ERR_MOVE_SUBTREE_PRE_DELETE_FAILURE.get(dn.toString(), StaticUtils.getExceptionMessage(e)), errorMsg);
                    break processingBlock;
                }
            }
            LDAPResult deleteResult;
            try {
                deleteResult = sourceConnection.delete(new DeleteRequest(dn, deleteControls));
            } catch (final LDAPException le) {
                Debug.debugException(le);
                deleteResult = le.toLDAPResult();
            }
            if (deleteResult.getResultCode() == ResultCode.SUCCESS) {
                sourceServerAltered = true;
                entriesDeletedFromSource.incrementAndGet();
                try {
                    final com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl txnResult = com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl.get(deleteResult);
                    if ((txnResult == null) || (!txnResult.transactionValid())) {
                        resultCode.compareAndSet(null, ResultCode.LOCAL_ERROR);
                        append(ERR_MOVE_ENTRY_DELETE_TXN_NO_LONGER_VALID.get(dn.toString()), errorMsg);
                        break processingBlock;
                    }
                } catch (final LDAPException le) {
                    Debug.debugException(le);
                    resultCode.compareAndSet(null, le.getResultCode());
                    append(ERR_MOVE_ENTRY_CANNOT_DECODE_DELETE_TXN_CONTROL.get(dn.toString(), StaticUtils.getExceptionMessage(le)), errorMsg);
                    break processingBlock;
                }
            } else {
                resultCode.compareAndSet(null, deleteResult.getResultCode());
                append(ERR_MOVE_SUBTREE_DELETE_FAILURE.get(dn.toString(), deleteResult.getDiagnosticMessage()), errorMsg);
                try {
                    final com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl txnResult = com.unboundid.ldap.sdk.unboundidds.controls.InteractiveTransactionSpecificationResponseControl.get(deleteResult);
                    if ((txnResult != null) && (!txnResult.transactionValid())) {
                        sourceTxnID = null;
                    }
                } catch (final LDAPException le) {
                    Debug.debugException(le);
                }
                break processingBlock;
            }
            if (listener != null) {
                try {
                    listener.doPostDeleteProcessing(dn);
                } catch (final Exception e) {
                    Debug.debugException(e);
                    resultCode.compareAndSet(null, ResultCode.LOCAL_ERROR);
                    append(ERR_MOVE_SUBTREE_POST_DELETE_FAILURE.get(dn.toString(), StaticUtils.getExceptionMessage(e)), errorMsg);
                    break processingBlock;
                }
            }
        }
        // Commit the transaction in the target server.
        try {
            final com.unboundid.ldap.sdk.unboundidds.extensions.EndInteractiveTransactionExtendedRequest commitRequest;
            if (opPurposeControl == null) {
                commitRequest = new com.unboundid.ldap.sdk.unboundidds.extensions.EndInteractiveTransactionExtendedRequest(targetTxnID, true);
            } else {
                commitRequest = new com.unboundid.ldap.sdk.unboundidds.extensions.EndInteractiveTransactionExtendedRequest(targetTxnID, true, new Control[] { opPurposeControl });
            }
            final ExtendedResult commitResult = targetConnection.processExtendedOperation(commitRequest);
            if (commitResult.getResultCode() == ResultCode.SUCCESS) {
                targetTxnID = null;
            } else {
                resultCode.compareAndSet(null, commitResult.getResultCode());
                append(ERR_MOVE_ENTRY_CANNOT_COMMIT_TARGET_TXN.get(commitResult.getDiagnosticMessage()), errorMsg);
                break processingBlock;
            }
        } catch (final LDAPException le) {
            Debug.debugException(le);
            resultCode.compareAndSet(null, le.getResultCode());
            append(ERR_MOVE_ENTRY_CANNOT_COMMIT_TARGET_TXN.get(StaticUtils.getExceptionMessage(le)), errorMsg);
            break processingBlock;
        }
        // Commit the transaction in the source server.
        try {
            final com.unboundid.ldap.sdk.unboundidds.extensions.EndInteractiveTransactionExtendedRequest commitRequest;
            if (opPurposeControl == null) {
                commitRequest = new com.unboundid.ldap.sdk.unboundidds.extensions.EndInteractiveTransactionExtendedRequest(sourceTxnID, true);
            } else {
                commitRequest = new com.unboundid.ldap.sdk.unboundidds.extensions.EndInteractiveTransactionExtendedRequest(sourceTxnID, true, new Control[] { opPurposeControl });
            }
            final ExtendedResult commitResult = sourceConnection.processExtendedOperation(commitRequest);
            if (commitResult.getResultCode() == ResultCode.SUCCESS) {
                sourceTxnID = null;
            } else {
                resultCode.compareAndSet(null, commitResult.getResultCode());
                append(ERR_MOVE_ENTRY_CANNOT_COMMIT_SOURCE_TXN.get(commitResult.getDiagnosticMessage()), errorMsg);
                break processingBlock;
            }
        } catch (final LDAPException le) {
            Debug.debugException(le);
            resultCode.compareAndSet(null, le.getResultCode());
            append(ERR_MOVE_ENTRY_CANNOT_COMMIT_SOURCE_TXN.get(StaticUtils.getExceptionMessage(le)), errorMsg);
            append(ERR_MOVE_ENTRY_EXISTS_IN_BOTH_SERVERS.get(entryDN), adminMsg);
            break processingBlock;
        }
    } finally {
        // If the transaction is still active in the target server, then abort it.
        if (targetTxnID != null) {
            try {
                final com.unboundid.ldap.sdk.unboundidds.extensions.EndInteractiveTransactionExtendedRequest abortRequest;
                if (opPurposeControl == null) {
                    abortRequest = new com.unboundid.ldap.sdk.unboundidds.extensions.EndInteractiveTransactionExtendedRequest(targetTxnID, false);
                } else {
                    abortRequest = new com.unboundid.ldap.sdk.unboundidds.extensions.EndInteractiveTransactionExtendedRequest(targetTxnID, false, new Control[] { opPurposeControl });
                }
                final ExtendedResult abortResult = targetConnection.processExtendedOperation(abortRequest);
                if (abortResult.getResultCode() == ResultCode.INTERACTIVE_TRANSACTION_ABORTED) {
                    targetServerAltered = false;
                    entriesAddedToTarget.set(0);
                    append(INFO_MOVE_ENTRY_TARGET_ABORT_SUCCEEDED.get(), errorMsg);
                } else {
                    append(ERR_MOVE_ENTRY_TARGET_ABORT_FAILURE.get(abortResult.getDiagnosticMessage()), errorMsg);
                    append(ERR_MOVE_ENTRY_TARGET_ABORT_FAILURE_ADMIN_ACTION.get(entryDN), adminMsg);
                }
            } catch (final Exception e) {
                Debug.debugException(e);
                append(ERR_MOVE_ENTRY_TARGET_ABORT_FAILURE.get(StaticUtils.getExceptionMessage(e)), errorMsg);
                append(ERR_MOVE_ENTRY_TARGET_ABORT_FAILURE_ADMIN_ACTION.get(entryDN), adminMsg);
            }
        }
        // If the transaction is still active in the source server, then abort it.
        if (sourceTxnID != null) {
            try {
                final com.unboundid.ldap.sdk.unboundidds.extensions.EndInteractiveTransactionExtendedRequest abortRequest;
                if (opPurposeControl == null) {
                    abortRequest = new com.unboundid.ldap.sdk.unboundidds.extensions.EndInteractiveTransactionExtendedRequest(sourceTxnID, false);
                } else {
                    abortRequest = new com.unboundid.ldap.sdk.unboundidds.extensions.EndInteractiveTransactionExtendedRequest(sourceTxnID, false, new Control[] { opPurposeControl });
                }
                final ExtendedResult abortResult = sourceConnection.processExtendedOperation(abortRequest);
                if (abortResult.getResultCode() == ResultCode.INTERACTIVE_TRANSACTION_ABORTED) {
                    sourceServerAltered = false;
                    entriesDeletedFromSource.set(0);
                    append(INFO_MOVE_ENTRY_SOURCE_ABORT_SUCCEEDED.get(), errorMsg);
                } else {
                    append(ERR_MOVE_ENTRY_SOURCE_ABORT_FAILURE.get(abortResult.getDiagnosticMessage()), errorMsg);
                    append(ERR_MOVE_ENTRY_SOURCE_ABORT_FAILURE_ADMIN_ACTION.get(entryDN), adminMsg);
                }
            } catch (final Exception e) {
                Debug.debugException(e);
                append(ERR_MOVE_ENTRY_SOURCE_ABORT_FAILURE.get(StaticUtils.getExceptionMessage(e)), errorMsg);
                append(ERR_MOVE_ENTRY_SOURCE_ABORT_FAILURE_ADMIN_ACTION.get(entryDN), adminMsg);
            }
        }
    }
    // Construct the result to return to the client.
    resultCode.compareAndSet(null, ResultCode.SUCCESS);
    final String errorMessage;
    if (errorMsg.length() > 0) {
        errorMessage = errorMsg.toString();
    } else {
        errorMessage = null;
    }
    final String adminActionRequired;
    if (adminMsg.length() > 0) {
        adminActionRequired = adminMsg.toString();
    } else {
        adminActionRequired = null;
    }
    return new MoveSubtreeResult(resultCode.get(), errorMessage, adminActionRequired, sourceServerAltered, targetServerAltered, entriesReadFromSource.get(), entriesAddedToTarget.get(), entriesDeletedFromSource.get());
}
Also used : ASN1OctetString(com.unboundid.asn1.ASN1OctetString) SearchRequest(com.unboundid.ldap.sdk.SearchRequest) ArrayList(java.util.ArrayList) DN(com.unboundid.ldap.sdk.DN) ReverseComparator(com.unboundid.util.ReverseComparator) ASN1OctetString(com.unboundid.asn1.ASN1OctetString) Control(com.unboundid.ldap.sdk.Control) RealAttributesOnlyRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.RealAttributesOnlyRequestControl) OperationPurposeRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.OperationPurposeRequestControl) SuppressReferentialIntegrityUpdatesRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.SuppressReferentialIntegrityUpdatesRequestControl) SoftDeletedEntryAccessRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.SoftDeletedEntryAccessRequestControl) ManageDsaITRequestControl(com.unboundid.ldap.sdk.controls.ManageDsaITRequestControl) ReturnConflictEntriesRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.ReturnConflictEntriesRequestControl) DraftLDUPSubentriesRequestControl(com.unboundid.ldap.sdk.controls.DraftLDUPSubentriesRequestControl) DraftLDUPSubentriesRequestControl(com.unboundid.ldap.sdk.controls.DraftLDUPSubentriesRequestControl) SoftDeletedEntryAccessRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.SoftDeletedEntryAccessRequestControl) TreeSet(java.util.TreeSet) LDAPSearchException(com.unboundid.ldap.sdk.LDAPSearchException) ManageDsaITRequestControl(com.unboundid.ldap.sdk.controls.ManageDsaITRequestControl) SuppressReferentialIntegrityUpdatesRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.SuppressReferentialIntegrityUpdatesRequestControl) LDAPResult(com.unboundid.ldap.sdk.LDAPResult) ReturnConflictEntriesRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.ReturnConflictEntriesRequestControl) AtomicReference(java.util.concurrent.atomic.AtomicReference) RealAttributesOnlyRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.RealAttributesOnlyRequestControl) SearchResult(com.unboundid.ldap.sdk.SearchResult) LDAPSearchException(com.unboundid.ldap.sdk.LDAPSearchException) ArgumentException(com.unboundid.util.args.ArgumentException) LDAPException(com.unboundid.ldap.sdk.LDAPException) LDAPException(com.unboundid.ldap.sdk.LDAPException) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) WhoAmIExtendedResult(com.unboundid.ldap.sdk.extensions.WhoAmIExtendedResult) ExtendedResult(com.unboundid.ldap.sdk.ExtendedResult) GetSubtreeAccessibilityExtendedResult(com.unboundid.ldap.sdk.unboundidds.extensions.GetSubtreeAccessibilityExtendedResult) DeleteRequest(com.unboundid.ldap.sdk.DeleteRequest) ResultCode(com.unboundid.ldap.sdk.ResultCode) NotNull(com.unboundid.util.NotNull)

Example 8 with OperationPurposeRequestControl

use of com.unboundid.ldap.sdk.unboundidds.controls.OperationPurposeRequestControl in project ldapsdk by pingidentity.

the class MoveSubtree method setAccessibility.

/**
 * Updates subtree accessibility in a server.
 *
 * @param  connection        The connection to the server in which the
 *                           accessibility state should be applied.
 * @param  isSource          Indicates whether the connection is to the source
 *                           or target server.
 * @param  baseDN            The base DN for the subtree to move.
 * @param  state             The accessibility state to apply.
 * @param  bypassDN          The DN of a user that will be allowed to bypass
 *                           accessibility restrictions.  It may be
 *                           {@code null} if none is needed.
 * @param  opPurposeControl  An optional operation purpose request control
 *                           that may be included in the request.
 *
 * @throws  LDAPException  If a problem is encountered while attempting to set
 *                         the accessibility state for the subtree.
 */
private static void setAccessibility(@NotNull final LDAPConnection connection, final boolean isSource, @NotNull final String baseDN, @NotNull final SubtreeAccessibilityState state, @Nullable final String bypassDN, @Nullable final OperationPurposeRequestControl opPurposeControl) throws LDAPException {
    final String connectionName = isSource ? INFO_MOVE_SUBTREE_CONNECTION_NAME_SOURCE.get() : INFO_MOVE_SUBTREE_CONNECTION_NAME_TARGET.get();
    final Control[] controls;
    if (opPurposeControl == null) {
        controls = StaticUtils.NO_CONTROLS;
    } else {
        controls = new Control[] { opPurposeControl };
    }
    final SetSubtreeAccessibilityExtendedRequest request;
    switch(state) {
        case ACCESSIBLE:
            request = SetSubtreeAccessibilityExtendedRequest.createSetAccessibleRequest(baseDN, controls);
            break;
        case READ_ONLY_BIND_ALLOWED:
            request = SetSubtreeAccessibilityExtendedRequest.createSetReadOnlyRequest(baseDN, true, bypassDN, controls);
            break;
        case READ_ONLY_BIND_DENIED:
            request = SetSubtreeAccessibilityExtendedRequest.createSetReadOnlyRequest(baseDN, false, bypassDN, controls);
            break;
        case HIDDEN:
            request = SetSubtreeAccessibilityExtendedRequest.createSetHiddenRequest(baseDN, bypassDN, controls);
            break;
        default:
            throw new LDAPException(ResultCode.PARAM_ERROR, ERR_MOVE_SUBTREE_UNSUPPORTED_ACCESSIBILITY_STATE.get(state.getStateName(), baseDN, connectionName));
    }
    LDAPResult result;
    try {
        result = connection.processExtendedOperation(request);
    } catch (final LDAPException le) {
        Debug.debugException(le);
        result = le.toLDAPResult();
    }
    if (result.getResultCode() != ResultCode.SUCCESS) {
        throw new LDAPException(result.getResultCode(), ERR_MOVE_SUBTREE_ERROR_SETTING_ACCESSIBILITY.get(state.getStateName(), baseDN, connectionName, result.getDiagnosticMessage()));
    }
}
Also used : Control(com.unboundid.ldap.sdk.Control) RealAttributesOnlyRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.RealAttributesOnlyRequestControl) OperationPurposeRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.OperationPurposeRequestControl) SuppressReferentialIntegrityUpdatesRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.SuppressReferentialIntegrityUpdatesRequestControl) SoftDeletedEntryAccessRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.SoftDeletedEntryAccessRequestControl) ManageDsaITRequestControl(com.unboundid.ldap.sdk.controls.ManageDsaITRequestControl) ReturnConflictEntriesRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.ReturnConflictEntriesRequestControl) DraftLDUPSubentriesRequestControl(com.unboundid.ldap.sdk.controls.DraftLDUPSubentriesRequestControl) LDAPException(com.unboundid.ldap.sdk.LDAPException) SetSubtreeAccessibilityExtendedRequest(com.unboundid.ldap.sdk.unboundidds.extensions.SetSubtreeAccessibilityExtendedRequest) LDAPResult(com.unboundid.ldap.sdk.LDAPResult) ASN1OctetString(com.unboundid.asn1.ASN1OctetString)

Example 9 with OperationPurposeRequestControl

use of com.unboundid.ldap.sdk.unboundidds.controls.OperationPurposeRequestControl in project ldapsdk by pingidentity.

the class MoveSubtreeTestCase method testFailedAccessibilityMoveBaseDNMissing.

/**
 * Tests the move subtree method call with a move that fails because the
 * specified subtree does not exist.
 * <BR><BR>
 * Access to two UnboundID Directory Server instances are required for
 * complete testing.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testFailedAccessibilityMoveBaseDNMissing() throws Exception {
    if (!isSecondDirectoryInstanceAvailable()) {
        return;
    }
    final LDAPConnection sourceConn = getAdminConnection();
    final LDAPConnection targetConn = getSecondAdminConnection();
    try {
        sourceConn.add(getTestBaseDN(), getBaseEntryAttributes());
        targetConn.add(getTestBaseDN(), getBaseEntryAttributes());
        final OperationPurposeRequestControl opPurpose = new OperationPurposeRequestControl("move-subtree-test", "1.0", 10, "testSuccessfulMove");
        final MoveSubtreeResult result = MoveSubtree.moveSubtreeWithRestrictedAccessibility(sourceConn, targetConn, "ou=missing," + getTestBaseDN(), 5, opPurpose, null);
        assertFalse(result.getResultCode() == ResultCode.SUCCESS);
        assertNotNull(result.getErrorMessage());
        assertFalse(result.sourceServerAltered());
        assertFalse(result.targetServerAltered());
    } finally {
        subtreeDelete(sourceConn);
        sourceConn.close();
        subtreeDelete(targetConn);
        targetConn.close();
    }
}
Also used : OperationPurposeRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.OperationPurposeRequestControl) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) Test(org.testng.annotations.Test)

Example 10 with OperationPurposeRequestControl

use of com.unboundid.ldap.sdk.unboundidds.controls.OperationPurposeRequestControl in project ldapsdk by pingidentity.

the class MoveSubtreeTestCase method testSuccessfulTransactionMoveWithMethod.

/**
 * Tests the move subtree method call with a successful simple move.
 * <BR><BR>
 * Access to two UnboundID Directory Server instances are required for
 * complete testing.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
@SuppressWarnings("deprecation")
public void testSuccessfulTransactionMoveWithMethod() throws Exception {
    if (!isSecondDirectoryInstanceAvailable()) {
        return;
    }
    final LDAPConnection sourceConn = getAdminConnection();
    final LDAPConnection targetConn = getSecondAdminConnection();
    if (!serversSupportInteractiveTransactions(sourceConn, targetConn)) {
        sourceConn.close();
        targetConn.close();
        return;
    }
    try {
        sourceConn.add(getTestBaseDN(), getBaseEntryAttributes());
        targetConn.add(getTestBaseDN(), getBaseEntryAttributes());
        sourceConn.add("dn: ou=branch," + getTestBaseDN(), "objectClass: top", "objectClass: organizationalUnit", "ou: branch");
        MoveSubtreeResult result = MoveSubtree.moveEntryWithInteractiveTransaction(sourceConn, targetConn, "ou=branch," + getTestBaseDN(), null, null);
        assertEquals(result.getResultCode(), ResultCode.SUCCESS);
        assertNull(result.getErrorMessage());
        assertNull(result.getAdminActionRequired());
        assertTrue(result.sourceServerAltered());
        assertTrue(result.targetServerAltered());
        assertEquals(result.getEntriesReadFromSource(), 1);
        assertEquals(result.getEntriesAddedToTarget(), 1);
        assertEquals(result.getEntriesDeletedFromSource(), 1);
        assertEntryMissing(sourceConn, "ou=branch," + getTestBaseDN());
        assertEntryExists(targetConn, "ou=branch," + getTestBaseDN());
        final OperationPurposeRequestControl opPurpose = new OperationPurposeRequestControl("move-subtree-test", "1.0", 10, "testSuccessfulMove");
        final TestMoveSubtreeListener listener = new TestMoveSubtreeListener();
        result = MoveSubtree.moveEntryWithInteractiveTransaction(targetConn, sourceConn, "ou=branch," + getTestBaseDN(), opPurpose, listener);
        assertEquals(result.getResultCode(), ResultCode.SUCCESS);
        assertNull(result.getErrorMessage());
        assertNull(result.getAdminActionRequired());
        assertTrue(result.sourceServerAltered());
        assertTrue(result.targetServerAltered());
        assertEquals(result.getEntriesReadFromSource(), 1);
        assertEquals(result.getEntriesAddedToTarget(), 1);
        assertEquals(result.getEntriesDeletedFromSource(), 1);
        assertTrue(listener.preAddCalled());
        assertTrue(listener.postAddCalled());
        assertTrue(listener.preDeleteCalled());
        assertTrue(listener.postDeleteCalled());
        assertEntryExists(sourceConn, "ou=branch," + getTestBaseDN());
        assertEntryMissing(targetConn, "ou=branch," + getTestBaseDN());
        new MoveSubtree(null, null).handleUnsolicitedNotification(sourceConn, new NoticeOfDisconnectionExtendedResult(1, ResultCode.OTHER, "test", null, null, null));
    } finally {
        subtreeDelete(sourceConn);
        sourceConn.close();
        subtreeDelete(targetConn);
        targetConn.close();
    }
}
Also used : OperationPurposeRequestControl(com.unboundid.ldap.sdk.unboundidds.controls.OperationPurposeRequestControl) NoticeOfDisconnectionExtendedResult(com.unboundid.ldap.sdk.extensions.NoticeOfDisconnectionExtendedResult) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) Test(org.testng.annotations.Test)

Aggregations

OperationPurposeRequestControl (com.unboundid.ldap.sdk.unboundidds.controls.OperationPurposeRequestControl)18 ManageDsaITRequestControl (com.unboundid.ldap.sdk.controls.ManageDsaITRequestControl)11 Control (com.unboundid.ldap.sdk.Control)10 SuppressReferentialIntegrityUpdatesRequestControl (com.unboundid.ldap.sdk.unboundidds.controls.SuppressReferentialIntegrityUpdatesRequestControl)10 ASN1OctetString (com.unboundid.asn1.ASN1OctetString)9 LDAPException (com.unboundid.ldap.sdk.LDAPException)8 DraftLDUPSubentriesRequestControl (com.unboundid.ldap.sdk.controls.DraftLDUPSubentriesRequestControl)7 RealAttributesOnlyRequestControl (com.unboundid.ldap.sdk.unboundidds.controls.RealAttributesOnlyRequestControl)7 ReturnConflictEntriesRequestControl (com.unboundid.ldap.sdk.unboundidds.controls.ReturnConflictEntriesRequestControl)7 SoftDeletedEntryAccessRequestControl (com.unboundid.ldap.sdk.unboundidds.controls.SoftDeletedEntryAccessRequestControl)7 NotNull (com.unboundid.util.NotNull)7 ArrayList (java.util.ArrayList)7 DN (com.unboundid.ldap.sdk.DN)6 LDAPConnection (com.unboundid.ldap.sdk.LDAPConnection)5 LDAPSearchException (com.unboundid.ldap.sdk.LDAPSearchException)5 ProxiedAuthorizationV1RequestControl (com.unboundid.ldap.sdk.controls.ProxiedAuthorizationV1RequestControl)5 ProxiedAuthorizationV2RequestControl (com.unboundid.ldap.sdk.controls.ProxiedAuthorizationV2RequestControl)5 AssuredReplicationRequestControl (com.unboundid.ldap.sdk.unboundidds.controls.AssuredReplicationRequestControl)5 AssertionRequestControl (com.unboundid.ldap.sdk.controls.AssertionRequestControl)4 AuthorizationIdentityRequestControl (com.unboundid.ldap.sdk.controls.AuthorizationIdentityRequestControl)4