use of org.apache.directory.fortress.core.UpdateException in project directory-fortress-core by apache.
the class AdminRoleDAO method assign.
/**
* This method will add the supplied DN as a role occupant to the target record.
* This data will be stored in the {@link GlobalIds#ADMIN_ROLE_ROOT} container.
*
* @param entity record contains {@link AdminRole#name}. Null attributes will be ignored.
* @param userDn contains the DN for userId who is being assigned.
* @return input record back to client.
* @throws UpdateException in the event LDAP errors occur.
*/
AdminRole assign(AdminRole entity, String userDn) throws UpdateException {
LdapConnection ld = null;
String dn = getDn(entity);
try {
List<Modification> mods = new ArrayList<Modification>();
mods.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, ROLE_OCCUPANT, userDn));
ld = getAdminConnection();
modify(ld, dn, mods, entity);
} catch (LdapException e) {
String error = "assign role name [" + entity.getName() + "] user dn [" + userDn + "] caught LdapException=" + e.getMessage();
throw new UpdateException(GlobalErrIds.ARLE_USER_ASSIGN_FAILED, error, e);
} finally {
closeAdminConnection(ld);
}
return entity;
}
use of org.apache.directory.fortress.core.UpdateException in project directory-fortress-core by apache.
the class AdminRoleDAO method deassign.
/**
* This method will remove the supplied DN as a role occupant to the target record.
* This data will be stored in the {@link GlobalIds#ADMIN_ROLE_ROOT} container.
*
* @param entity record contains {@link AdminRole#name}. Null attributes will be ignored.
* @param userDn contains the DN for userId who is being deassigned.
* @return input record back to client.
* @throws UpdateException in the event LDAP errors occur.
*/
AdminRole deassign(AdminRole entity, String userDn) throws UpdateException {
LdapConnection ld = null;
String dn = getDn(entity);
try {
List<Modification> mods = new ArrayList<Modification>();
mods.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, ROLE_OCCUPANT, userDn));
ld = getAdminConnection();
modify(ld, dn, mods, entity);
} catch (LdapException e) {
String error = "deassign role name [" + entity.getName() + "] user dn [" + userDn + "] caught LdapException=" + e.getMessage();
throw new UpdateException(GlobalErrIds.ARLE_USER_DEASSIGN_FAILED, error, e);
} finally {
closeAdminConnection(ld);
}
return entity;
}
use of org.apache.directory.fortress.core.UpdateException in project directory-fortress-core by apache.
the class PermDAO method revoke.
/**
* @param pOp
* @param role
* @throws org.apache.directory.fortress.core.UpdateException
*
* @throws org.apache.directory.fortress.core.FinderException
*/
void revoke(Permission pOp, Role role) throws UpdateException, FinderException {
LdapConnection ld = null;
String dn = getDn(pOp, pOp.getContextId());
try {
List<Modification> mods = new ArrayList<Modification>();
mods.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, ROLES, role.getName()));
ld = getAdminConnection();
modify(ld, dn, mods, pOp);
} catch (LdapNoSuchAttributeException e) {
String warning = "revoke perm object [" + pOp.getObjName() + "] operation [" + pOp.getOpName() + "] name [" + role.getName() + "] assignment does not exist.";
throw new FinderException(GlobalErrIds.PERM_ROLE_NOT_EXIST, warning);
} catch (LdapException e) {
String error = "revoke perm object [" + pOp.getObjName() + "] operation [" + pOp.getOpName() + "] name [" + role.getName() + "] caught LdapException=" + e.getMessage();
throw new UpdateException(GlobalErrIds.PERM_REVOKE_FAILED, error, e);
} finally {
closeAdminConnection(ld);
}
}
use of org.apache.directory.fortress.core.UpdateException in project directory-fortress-core by apache.
the class PermDAO method grant.
/**
* @param pOp
* @param user
* @throws org.apache.directory.fortress.core.UpdateException
*
* @throws org.apache.directory.fortress.core.FinderException
*/
void grant(Permission pOp, User user) throws UpdateException {
LdapConnection ld = null;
String dn = getDn(pOp, pOp.getContextId());
try {
List<Modification> mods = new ArrayList<Modification>();
mods.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, USERS, user.getUserId()));
ld = getAdminConnection();
modify(ld, dn, mods, pOp);
} catch (LdapAttributeInUseException e) {
String warning = "grant perm object [" + pOp.getObjName() + "] operation [" + pOp.getOpName() + "] userId [" + user.getUserId() + "] assignment already exists, Fortress rc=" + GlobalErrIds.PERM_USER_EXIST;
throw new UpdateException(GlobalErrIds.PERM_USER_EXIST, warning);
} catch (LdapNoSuchObjectException e) {
String warning = "grant perm object [" + pOp.getObjName() + "] operation [" + pOp.getOpName() + "] userId [" + user.getUserId() + "] perm not found, Fortress rc=" + GlobalErrIds.PERM_OP_NOT_FOUND;
throw new UpdateException(GlobalErrIds.PERM_OP_NOT_FOUND, warning);
} catch (LdapException e) {
String error = "grant perm object [" + pOp.getObjName() + "] operation [" + pOp.getOpName() + "] userId [" + user.getUserId() + "] caught LdapException=" + e.getMessage();
throw new UpdateException(GlobalErrIds.PERM_GRANT_USER_FAILED, error, e);
} finally {
closeAdminConnection(ld);
}
}
use of org.apache.directory.fortress.core.UpdateException in project directory-fortress-core by apache.
the class PermDAO method updatePermissionAttribute.
PermissionAttribute updatePermissionAttribute(PermissionAttribute entity, String paSetName, boolean replaceValidValues) throws UpdateException {
LdapConnection ld = null;
String dn = getDn(entity, paSetName, entity.getContextId());
try {
List<Modification> mods = new ArrayList<Modification>();
if (StringUtils.isNotEmpty(entity.getDataType())) {
mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DATA_TYPE, entity.getDataType()));
}
if (StringUtils.isNotEmpty(entity.getDescription())) {
mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.DESCRIPTION_AT, entity.getDescription()));
}
if (StringUtils.isNotEmpty(entity.getDefaultOperator())) {
mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_OPERATOR, entity.getDefaultOperator()));
}
if (StringUtils.isNotEmpty(entity.getDefaultStrategy())) {
mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_STRATEGY, entity.getDefaultStrategy()));
}
if (StringUtils.isNotEmpty(entity.getDefaultValue())) {
mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_VALUE, entity.getDefaultValue()));
}
// if replace, then remove first
if (replaceValidValues) {
mods.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_VALID_VALUES));
}
for (String validValue : entity.getValidValues()) {
mods.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_VALID_VALUES, validValue));
}
if (mods.size() > 0) {
ld = getAdminConnection();
modify(ld, dn, mods, entity);
entity.setDn(dn);
}
} catch (LdapException e) {
String error = "updatePermissionAttribute name [" + entity.getAttributeName() + "] caught LdapException=" + e.getMessage();
throw new UpdateException(GlobalErrIds.PERM_ATTRIBUTE_UPDATE_FAILED, error, e);
} finally {
closeAdminConnection(ld);
}
return entity;
}
Aggregations