Search in sources :

Example 36 with SearchCursor

use of org.apache.directory.api.ldap.model.cursor.SearchCursor in project directory-fortress-core by apache.

the class PermDAO method findPermissions.

/**
 * Search will return a list of matching permissions that are assigned to a given RBAC or Admin role name.
 * Will search the Admin perms if the "isAdmin" boolean flag is "true", otherwise it will search RBAC perm tree.
 *
 * @param role contains the RBAC or Admin Role name targeted for search.
 * @param noInheritance if true will NOT include inherited roles in the search.
 * @return List of type Permission containing fully populated matching Permission entities.
 * @throws org.apache.directory.fortress.core.FinderException in the event of DAO search error.
 */
List<Permission> findPermissions(Role role, boolean noInheritance) throws FinderException {
    List<Permission> permList = new ArrayList<>();
    LdapConnection ld = null;
    String permRoot;
    boolean isAdmin = false;
    if (role.getClass().equals(AdminRole.class)) {
        permRoot = getRootDn(role.getContextId(), GlobalIds.ADMIN_PERM_ROOT);
        isAdmin = true;
    } else {
        permRoot = getRootDn(role.getContextId(), GlobalIds.PERM_ROOT);
    }
    try {
        String roleVal = encodeSafeText(role.getName(), GlobalIds.ROLE_LEN);
        StringBuilder filterbuf = new StringBuilder();
        filterbuf.append(GlobalIds.FILTER_PREFIX);
        filterbuf.append(PERM_OP_OBJECT_CLASS_NAME);
        filterbuf.append(")(");
        Set<String> roles = null;
        if (!noInheritance) {
            if (role.getClass().equals(AdminRole.class)) {
                roles = AdminRoleUtil.getAscendants(role.getName(), role.getContextId());
            } else {
                roles = RoleUtil.getInstance().getAscendants(role.getName(), role.getContextId());
            }
        }
        if (CollectionUtils.isNotEmpty(roles)) {
            filterbuf.append("|(");
            filterbuf.append(ROLES);
            filterbuf.append("=");
            filterbuf.append(roleVal);
            filterbuf.append(")");
            for (String uRole : roles) {
                filterbuf.append("(");
                filterbuf.append(ROLES);
                filterbuf.append("=");
                filterbuf.append(uRole);
                filterbuf.append(")");
            }
            filterbuf.append(")");
        } else {
            filterbuf.append(ROLES);
            filterbuf.append("=");
            filterbuf.append(roleVal);
            filterbuf.append(")");
        }
        filterbuf.append(")");
        ld = getAdminConnection();
        SearchCursor searchResults = search(ld, permRoot, SearchScope.SUBTREE, filterbuf.toString(), PERMISSION_OP_ATRS, false, GlobalIds.BATCH_SIZE);
        long sequence = 0;
        while (searchResults.next()) {
            permList.add(unloadPopLdapEntry(searchResults.getEntry(), sequence++, isAdmin));
        }
    } catch (LdapException e) {
        String error = "findPermissions caught LdapException=" + e.getMessage();
        throw new FinderException(GlobalErrIds.PERM_ROLE_SEARCH_FAILED, error, e);
    } catch (CursorException e) {
        String error = "findPermissions caught CursorException=" + e.getMessage();
        throw new FinderException(GlobalErrIds.PERM_ROLE_SEARCH_FAILED, error, e);
    } finally {
        closeAdminConnection(ld);
    }
    return permList;
}
Also used : ArrayList(java.util.ArrayList) SearchCursor(org.apache.directory.api.ldap.model.cursor.SearchCursor) FinderException(org.apache.directory.fortress.core.FinderException) CursorException(org.apache.directory.api.ldap.model.cursor.CursorException) Permission(org.apache.directory.fortress.core.model.Permission) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)

Example 37 with SearchCursor

use of org.apache.directory.api.ldap.model.cursor.SearchCursor in project directory-fortress-core by apache.

the class PermDAO method findPermissions.

/**
 * @param ou
 * @return
 * @throws FinderException
 */
List<PermObj> findPermissions(OrgUnit ou, boolean limitSize) throws FinderException {
    List<PermObj> permList = new ArrayList<>();
    LdapConnection ld = null;
    String permRoot = getRootDn(ou.getContextId(), GlobalIds.PERM_ROOT);
    try {
        String ouVal = encodeSafeText(ou.getName(), GlobalIds.OU_LEN);
        StringBuilder filterbuf = new StringBuilder();
        filterbuf.append(GlobalIds.FILTER_PREFIX);
        filterbuf.append(PERM_OBJ_OBJECT_CLASS_NAME);
        filterbuf.append(")(");
        filterbuf.append(SchemaConstants.OU_AT);
        filterbuf.append("=");
        filterbuf.append(ouVal);
        filterbuf.append("*))");
        int maxLimit;
        if (limitSize) {
            maxLimit = 10;
        } else {
            maxLimit = 0;
        }
        ld = getAdminConnection();
        SearchCursor searchResults = search(ld, permRoot, SearchScope.SUBTREE, filterbuf.toString(), PERMISION_OBJ_ATRS, false, maxLimit);
        long sequence = 0;
        while (searchResults.next()) {
            permList.add(unloadPobjLdapEntry(searchResults.getEntry(), sequence++, false));
        }
    } catch (LdapException e) {
        String error = "findPermissions caught LdapException=" + e.getMessage();
        throw new FinderException(GlobalErrIds.PERM_SEARCH_FAILED, error, e);
    } catch (CursorException e) {
        String error = "findPermissions caught CursorException=" + e.getMessage();
        throw new FinderException(GlobalErrIds.PERM_SEARCH_FAILED, error, e);
    } finally {
        closeAdminConnection(ld);
    }
    return permList;
}
Also used : FinderException(org.apache.directory.fortress.core.FinderException) PermObj(org.apache.directory.fortress.core.model.PermObj) CursorException(org.apache.directory.api.ldap.model.cursor.CursorException) ArrayList(java.util.ArrayList) SearchCursor(org.apache.directory.api.ldap.model.cursor.SearchCursor) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)

Example 38 with SearchCursor

use of org.apache.directory.api.ldap.model.cursor.SearchCursor in project directory-fortress-core by apache.

the class PermDAO method findPermissions.

/**
 * @param permObj
 * @return
 * @throws org.apache.directory.fortress.core.FinderException
 */
List<PermObj> findPermissions(PermObj permObj) throws FinderException {
    List<PermObj> permList = new ArrayList<>();
    LdapConnection ld = null;
    String permRoot = getRootDn(permObj.isAdmin(), permObj.getContextId());
    try {
        String permObjVal = encodeSafeText(permObj.getObjName(), GlobalIds.PERM_LEN);
        StringBuilder filterbuf = new StringBuilder();
        filterbuf.append(GlobalIds.FILTER_PREFIX);
        filterbuf.append(PERM_OBJ_OBJECT_CLASS_NAME);
        filterbuf.append(")(");
        filterbuf.append(GlobalIds.POBJ_NAME);
        filterbuf.append("=");
        filterbuf.append(permObjVal);
        filterbuf.append("*))");
        ld = getAdminConnection();
        SearchCursor searchResults = search(ld, permRoot, SearchScope.SUBTREE, filterbuf.toString(), PERMISION_OBJ_ATRS, false, GlobalIds.BATCH_SIZE);
        long sequence = 0;
        while (searchResults.next()) {
            permList.add(unloadPobjLdapEntry(searchResults.getEntry(), sequence++, permObj.isAdmin()));
        }
    } catch (LdapException e) {
        String error = "findPermissions caught LdapException=" + e.getMessage();
        throw new FinderException(GlobalErrIds.PERM_SEARCH_FAILED, error, e);
    } catch (CursorException e) {
        String error = "findPermissions caught CursorException=" + e.getMessage();
        throw new FinderException(GlobalErrIds.PERM_SEARCH_FAILED, error, e);
    } finally {
        closeAdminConnection(ld);
    }
    return permList;
}
Also used : FinderException(org.apache.directory.fortress.core.FinderException) PermObj(org.apache.directory.fortress.core.model.PermObj) CursorException(org.apache.directory.api.ldap.model.cursor.CursorException) ArrayList(java.util.ArrayList) SearchCursor(org.apache.directory.api.ldap.model.cursor.SearchCursor) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)

Example 39 with SearchCursor

use of org.apache.directory.api.ldap.model.cursor.SearchCursor in project directory-fortress-core by apache.

the class PolicyDAO method findPolicy.

/**
 * @param policy
 * @return
 * @throws org.apache.directory.fortress.core.FinderException
 */
List<PwPolicy> findPolicy(PwPolicy policy) throws FinderException {
    List<PwPolicy> policyArrayList = new ArrayList<>();
    LdapConnection ld = null;
    String policyRoot = getPolicyRoot(policy.getContextId());
    String searchVal = null;
    try {
        searchVal = encodeSafeText(policy.getName(), GlobalIds.PWPOLICY_NAME_LEN);
        String szFilter = GlobalIds.FILTER_PREFIX + PW_POLICY_CLASS + ")(" + PW_PWD_ID + "=" + searchVal + "*))";
        ld = getAdminConnection();
        SearchCursor searchResults = search(ld, policyRoot, SearchScope.ONELEVEL, szFilter, PASSWORD_POLICY_ATRS, false, GlobalIds.BATCH_SIZE);
        long sequence = 0;
        while (searchResults.next()) {
            policyArrayList.add(unloadLdapEntry(searchResults.getEntry(), sequence++));
        }
    } catch (LdapException e) {
        String error = "findPolicy name [" + searchVal + "] caught LdapException=" + e.getMessage();
        throw new FinderException(GlobalErrIds.PSWD_SEARCH_FAILED, error, e);
    } catch (CursorException e) {
        String error = "findPolicy name [" + searchVal + "] caught CursorException=" + e.getMessage();
        throw new FinderException(GlobalErrIds.PSWD_SEARCH_FAILED, error, e);
    } finally {
        closeAdminConnection(ld);
    }
    return policyArrayList;
}
Also used : FinderException(org.apache.directory.fortress.core.FinderException) CursorException(org.apache.directory.api.ldap.model.cursor.CursorException) ArrayList(java.util.ArrayList) SearchCursor(org.apache.directory.api.ldap.model.cursor.SearchCursor) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) PwPolicy(org.apache.directory.fortress.core.model.PwPolicy) LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)

Example 40 with SearchCursor

use of org.apache.directory.api.ldap.model.cursor.SearchCursor in project directory-fortress-core by apache.

the class PolicyDAO method getPolicies.

/**
 * @return
 * @throws FinderException
 */
Set<String> getPolicies(String contextId) throws FinderException {
    Set<String> policySet = new TreeSet<>(String.CASE_INSENSITIVE_ORDER);
    LdapConnection ld = null;
    String policyRoot = getPolicyRoot(contextId);
    try {
        String szFilter = "(objectclass=" + PW_POLICY_CLASS + ")";
        ld = getAdminConnection();
        SearchCursor searchResults = search(ld, policyRoot, SearchScope.ONELEVEL, szFilter, PASSWORD_POLICY_NAME_ATR, false, GlobalIds.BATCH_SIZE);
        while (searchResults.next()) {
            Entry entry = searchResults.getEntry();
            policySet.add(getAttribute(entry, PW_PWD_ID));
        }
    } catch (LdapException e) {
        String error = "getPolicies caught LdapException=" + e.getMessage();
        throw new FinderException(GlobalErrIds.PSWD_SEARCH_FAILED, error, e);
    } catch (CursorException e) {
        String error = "getPolicies caught LdapException=" + e.getMessage();
        throw new FinderException(GlobalErrIds.PSWD_SEARCH_FAILED, error, e);
    } finally {
        closeAdminConnection(ld);
    }
    return policySet;
}
Also used : FinderException(org.apache.directory.fortress.core.FinderException) DefaultEntry(org.apache.directory.api.ldap.model.entry.DefaultEntry) Entry(org.apache.directory.api.ldap.model.entry.Entry) TreeSet(java.util.TreeSet) CursorException(org.apache.directory.api.ldap.model.cursor.CursorException) SearchCursor(org.apache.directory.api.ldap.model.cursor.SearchCursor) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)

Aggregations

SearchCursor (org.apache.directory.api.ldap.model.cursor.SearchCursor)55 LdapException (org.apache.directory.api.ldap.model.exception.LdapException)52 CursorException (org.apache.directory.api.ldap.model.cursor.CursorException)50 LdapConnection (org.apache.directory.ldap.client.api.LdapConnection)49 FinderException (org.apache.directory.fortress.core.FinderException)48 ArrayList (java.util.ArrayList)44 Entry (org.apache.directory.api.ldap.model.entry.Entry)11 DefaultEntry (org.apache.directory.api.ldap.model.entry.DefaultEntry)7 Permission (org.apache.directory.fortress.core.model.Permission)7 Dn (org.apache.directory.api.ldap.model.name.Dn)5 User (org.apache.directory.fortress.core.model.User)5 IOException (java.io.IOException)4 SearchRequest (org.apache.directory.api.ldap.model.message.SearchRequest)4 SearchRequestImpl (org.apache.directory.api.ldap.model.message.SearchRequestImpl)4 HashSet (java.util.HashSet)3 Response (org.apache.directory.api.ldap.model.message.Response)3 SearchResultEntry (org.apache.directory.api.ldap.model.message.SearchResultEntry)3 AuthZ (org.apache.directory.fortress.core.model.AuthZ)3 SDSet (org.apache.directory.fortress.core.model.SDSet)3 HashMap (java.util.HashMap)2