Example 31 with FinderException
use of org.apache.directory.fortress.core.FinderException in project directory-fortress-core by apache.
the class UserDAO method assign.
/**
* @param uRole
* @return
* @throws UpdateException
* @throws FinderException
*/
String assign(UserRole uRole) throws UpdateException, FinderException {
LdapConnection ld = null;
String userDn = getDn(uRole.getUserId(), uRole.getContextId());
try {
List<Modification> mods = new ArrayList<Modification>();
String szUserRole = uRole.getRawData();
mods.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, GlobalIds.USER_ROLE_DATA, szUserRole));
mods.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, GlobalIds.USER_ROLE_ASSIGN, uRole.getName()));
ld = getAdminConnection();
modify(ld, userDn, mods, uRole);
} catch (LdapAttributeInUseException e) {
String warning = "assign userId [" + uRole.getUserId() + "] name [" + uRole.getName() + "] ";
warning += "assignment already exists.";
throw new FinderException(GlobalErrIds.URLE_ASSIGN_EXIST, warning);
} catch (LdapException e) {
String warning = "assign userId [" + uRole.getUserId() + "] name [" + uRole.getName() + "] ";
warning += "caught LDAPException=" + e.getMessage();
throw new UpdateException(GlobalErrIds.URLE_ASSIGN_FAILED, warning, e);
} finally {
closeAdminConnection(ld);
}
return userDn;
}
Also used :
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
Modification(org.apache.directory.api.ldap.model.entry.Modification)
FinderException(org.apache.directory.fortress.core.FinderException)
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
LdapAttributeInUseException(org.apache.directory.api.ldap.model.exception.LdapAttributeInUseException)
ArrayList(java.util.ArrayList)
UpdateException(org.apache.directory.fortress.core.UpdateException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Example 32 with FinderException
use of org.apache.directory.fortress.core.FinderException in project directory-fortress-core by apache.
the class UserDAO method deassign.
/**
* @param uRole
* @return
* @throws UpdateException
* @throws FinderException
*/
String deassign(UserRole uRole) throws UpdateException, FinderException {
LdapConnection ld = null;
String userDn = getDn(uRole.getUserId(), uRole.getContextId());
try {
// read the user's RBAC role assignments to locate target record. Need the raw data before attempting
// removal:
List<UserRole> roles = getUserRoles(uRole.getUserId(), uRole.getContextId());
int indx = -1;
// Does the user have any roles assigned?
if (roles != null) {
// function call will set indx to -1 if name not found:
indx = roles.indexOf(uRole);
// Is the targeted name assigned to user?
if (indx > -1) {
// Retrieve the targeted name:
UserRole fRole = roles.get(indx);
// delete the name assignment attribute using the raw name data:
List<Modification> mods = new ArrayList<Modification>();
// Remove user role constraints
for (RoleConstraint rc : fRole.getRoleConstraints()) {
this.deassign(fRole, rc);
}
mods.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.USER_ROLE_DATA, fRole.getRawData()));
mods.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.USER_ROLE_ASSIGN, fRole.getName()));
ld = getAdminConnection();
modify(ld, userDn, mods, uRole);
}
}
// target name not found:
if (indx == -1) {
// The user does not have the target name assigned,
String warning = "deassign userId [" + uRole.getUserId() + "] name [" + uRole.getName() + "] " + "assignment does not exist.";
throw new FinderException(GlobalErrIds.URLE_ASSIGN_NOT_EXIST, warning);
}
} catch (LdapException e) {
String warning = "deassign userId [" + uRole.getUserId() + "] name [" + uRole.getName() + "] caught " + "LDAPException=" + e.getMessage();
throw new UpdateException(GlobalErrIds.URLE_DEASSIGN_FAILED, warning, e);
} finally {
closeAdminConnection(ld);
}
return userDn;
}
Also used :
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
Modification(org.apache.directory.api.ldap.model.entry.Modification)
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
ArrayList(java.util.ArrayList)
RoleConstraint(org.apache.directory.fortress.core.model.RoleConstraint)
RoleConstraint(org.apache.directory.fortress.core.model.RoleConstraint)
FinderException(org.apache.directory.fortress.core.FinderException)
UserRole(org.apache.directory.fortress.core.model.UserRole)
UpdateException(org.apache.directory.fortress.core.UpdateException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Example 33 with FinderException
use of org.apache.directory.fortress.core.FinderException in project directory-fortress-core by apache.
the class UserDAO method getAuthorizedUsers.
/**
* @param role
* @return
* @throws FinderException
*/
List<User> getAuthorizedUsers(Role role) throws FinderException {
List<User> userList = new ArrayList<>();
LdapConnection ld = null;
String userRoot = getRootDn(role.getContextId(), GlobalIds.USER_ROOT);
try {
String roleVal = encodeSafeText(role.getName(), GlobalIds.USERID_LEN);
StringBuilder filterbuf = new StringBuilder();
filterbuf.append(GlobalIds.FILTER_PREFIX);
filterbuf.append(USERS_AUX_OBJECT_CLASS_NAME);
filterbuf.append(")(");
Set<String> roles = RoleUtil.getInstance().getDescendants(role.getName(), role.getContextId());
if (CollectionUtils.isNotEmpty(roles)) {
filterbuf.append("|(");
filterbuf.append(GlobalIds.USER_ROLE_ASSIGN);
filterbuf.append("=");
filterbuf.append(roleVal);
filterbuf.append(")");
for (String uRole : roles) {
filterbuf.append("(");
filterbuf.append(GlobalIds.USER_ROLE_ASSIGN);
filterbuf.append("=");
filterbuf.append(uRole);
filterbuf.append(")");
}
filterbuf.append(")");
} else {
filterbuf.append(GlobalIds.USER_ROLE_ASSIGN);
filterbuf.append("=");
filterbuf.append(roleVal);
filterbuf.append(")");
}
filterbuf.append(")");
ld = getAdminConnection();
SearchCursor searchResults = search(ld, userRoot, SearchScope.ONELEVEL, filterbuf.toString(), defaultAtrs, false, GlobalIds.BATCH_SIZE);
long sequence = 0;
while (searchResults.next()) {
userList.add(unloadLdapEntry(searchResults.getEntry(), sequence++, role.getContextId()));
}
} catch (LdapException e) {
String warning = "getAuthorizedUsers role name [" + role.getName() + "] caught LDAPException=" + e.getMessage();
throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, warning, e);
} catch (CursorException e) {
String warning = "getAuthorizedUsers role name [" + role.getName() + "] caught LDAPException=" + e.getMessage();
throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, warning, e);
} finally {
closeAdminConnection(ld);
}
return userList;
}
Also used :
FinderException(org.apache.directory.fortress.core.FinderException)
User(org.apache.directory.fortress.core.model.User)
CursorException(org.apache.directory.api.ldap.model.cursor.CursorException)
ArrayList(java.util.ArrayList)
SearchCursor(org.apache.directory.api.ldap.model.cursor.SearchCursor)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Example 34 with FinderException
use of org.apache.directory.fortress.core.FinderException in project directory-fortress-core by apache.
the class UserDAO method assign.
/**
* @param uRole
* @return
* @throws UpdateException
* @throws FinderException
*/
String assign(UserAdminRole uRole) throws UpdateException, FinderException {
LdapConnection ld = null;
String userDn = getDn(uRole.getUserId(), uRole.getContextId());
try {
List<Modification> mods = new ArrayList<Modification>();
String szUserRole = uRole.getRawData();
mods.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, GlobalIds.USER_ADMINROLE_DATA, szUserRole));
mods.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, GlobalIds.USER_ADMINROLE_ASSIGN, uRole.getName()));
ld = getAdminConnection();
modify(ld, userDn, mods, uRole);
} catch (LdapAttributeInUseException e) {
String warning = "assign userId [" + uRole.getUserId() + "] name [" + uRole.getName() + "] assignment " + "already exists.";
throw new FinderException(GlobalErrIds.ARLE_ASSIGN_EXIST, warning);
} catch (LdapException e) {
String warning = "assign userId [" + uRole.getUserId() + "] name [" + uRole.getName() + "] caught " + "LDAPException=" + e.getMessage();
throw new UpdateException(GlobalErrIds.ARLE_ASSIGN_FAILED, warning, e);
} finally {
closeAdminConnection(ld);
}
return userDn;
}
Also used :
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
Modification(org.apache.directory.api.ldap.model.entry.Modification)
FinderException(org.apache.directory.fortress.core.FinderException)
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
LdapAttributeInUseException(org.apache.directory.api.ldap.model.exception.LdapAttributeInUseException)
ArrayList(java.util.ArrayList)
UpdateException(org.apache.directory.fortress.core.UpdateException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Example 35 with FinderException
use of org.apache.directory.fortress.core.FinderException in project directory-fortress-core by apache.
the class UserDAO method getUser.
/**
* @param user
* @return
* @throws org.apache.directory.fortress.core.FinderException
*/
User getUser(User user, boolean isRoles) throws FinderException {
User entity = null;
LdapConnection ld = null;
String userDn = getDn(user.getUserId(), user.getContextId());
String[] uATTRS;
if (isRoles) {
// Retrieve the User's assigned RBAC and Admin Role attributes from directory.
uATTRS = defaultAtrs;
} else {
// Do not retrieve the User's assigned RBAC and Admin Role attributes from directory.
uATTRS = authnAtrs;
}
Entry findEntry = null;
try {
ld = getAdminConnection();
findEntry = read(ld, userDn, uATTRS);
} catch (LdapNoSuchObjectException e) {
String warning = "getUser COULD NOT FIND ENTRY for user [" + user.getUserId() + "]";
throw new FinderException(GlobalErrIds.USER_NOT_FOUND, warning);
} catch (LdapException e) {
String error = "getUser [" + userDn + "]= caught LDAPException=" + e.getMessage();
throw new FinderException(GlobalErrIds.USER_READ_FAILED, error, e);
} finally {
closeAdminConnection(ld);
}
try {
if (findEntry != null) {
entity = unloadLdapEntry(findEntry, 0, user.getContextId());
}
} catch (LdapInvalidAttributeValueException e) {
entity = null;
}
if (entity == null) {
String warning = "getUser userId [" + user.getUserId() + "] not found, Fortress rc=" + GlobalErrIds.USER_NOT_FOUND;
throw new FinderException(GlobalErrIds.USER_NOT_FOUND, warning);
}
return entity;
}
Also used :
LdapNoSuchObjectException(org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException)
FinderException(org.apache.directory.fortress.core.FinderException)
DefaultEntry(org.apache.directory.api.ldap.model.entry.DefaultEntry)
Entry(org.apache.directory.api.ldap.model.entry.Entry)
User(org.apache.directory.fortress.core.model.User)
LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Aggregations
FinderException (org.apache.directory.fortress.core.FinderException)80
LdapException (org.apache.directory.api.ldap.model.exception.LdapException)72
LdapConnection (org.apache.directory.ldap.client.api.LdapConnection)72
ArrayList (java.util.ArrayList)49
CursorException (org.apache.directory.api.ldap.model.cursor.CursorException)48
SearchCursor (org.apache.directory.api.ldap.model.cursor.SearchCursor)48
Entry (org.apache.directory.api.ldap.model.entry.Entry)22
DefaultEntry (org.apache.directory.api.ldap.model.entry.DefaultEntry)21
LdapNoSuchObjectException (org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException)17
Permission (org.apache.directory.fortress.core.model.Permission)10
User (org.apache.directory.fortress.core.model.User)8
SecurityException (org.apache.directory.fortress.core.SecurityException)7
DefaultModification (org.apache.directory.api.ldap.model.entry.DefaultModification)6
Modification (org.apache.directory.api.ldap.model.entry.Modification)6
UpdateException (org.apache.directory.fortress.core.UpdateException)6
Role (org.apache.directory.fortress.core.model.Role)6
UserRole (org.apache.directory.fortress.core.model.UserRole)6
OrgUnit (org.apache.directory.fortress.core.model.OrgUnit)5
AdminRole (org.apache.directory.fortress.core.model.AdminRole)4
RoleConstraint (org.apache.directory.fortress.core.model.RoleConstraint)4
