Search in sources :

Example 1 with UpdateException

use of org.apache.directory.fortress.core.UpdateException in project directory-fortress-core by apache.

the class AdminRoleDAO method assign.

/**
 * This method will add the supplied DN as a role occupant to the target record.
 * This data will be stored in the {@link GlobalIds#ADMIN_ROLE_ROOT} container.
 *
 * @param entity record contains {@link AdminRole#name}.  Null attributes will be ignored.
 * @param userDn contains the DN for userId who is being assigned.
 * @return input record back to client.
 * @throws UpdateException in the event LDAP errors occur.
 */
AdminRole assign(AdminRole entity, String userDn) throws UpdateException {
    LdapConnection ld = null;
    String dn = getDn(entity);
    try {
        List<Modification> mods = new ArrayList<Modification>();
        mods.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, ROLE_OCCUPANT, userDn));
        ld = getAdminConnection();
        modify(ld, dn, mods, entity);
    } catch (LdapException e) {
        String error = "assign role name [" + entity.getName() + "] user dn [" + userDn + "] caught LdapException=" + e.getMessage();
        throw new UpdateException(GlobalErrIds.ARLE_USER_ASSIGN_FAILED, error, e);
    } finally {
        closeAdminConnection(ld);
    }
    return entity;
}
Also used : DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification) Modification(org.apache.directory.api.ldap.model.entry.Modification) DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification) ArrayList(java.util.ArrayList) UpdateException(org.apache.directory.fortress.core.UpdateException) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)

Example 2 with UpdateException

use of org.apache.directory.fortress.core.UpdateException in project directory-fortress-core by apache.

the class AdminRoleDAO method deassign.

/**
 * This method will remove the supplied DN as a role occupant to the target record.
 * This data will be stored in the {@link GlobalIds#ADMIN_ROLE_ROOT} container.
 *
 * @param entity record contains {@link AdminRole#name}.  Null attributes will be ignored.
 * @param userDn contains the DN for userId who is being deassigned.
 * @return input record back to client.
 * @throws UpdateException in the event LDAP errors occur.
 */
AdminRole deassign(AdminRole entity, String userDn) throws UpdateException {
    LdapConnection ld = null;
    String dn = getDn(entity);
    try {
        List<Modification> mods = new ArrayList<Modification>();
        mods.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, ROLE_OCCUPANT, userDn));
        ld = getAdminConnection();
        modify(ld, dn, mods, entity);
    } catch (LdapException e) {
        String error = "deassign role name [" + entity.getName() + "] user dn [" + userDn + "] caught LdapException=" + e.getMessage();
        throw new UpdateException(GlobalErrIds.ARLE_USER_DEASSIGN_FAILED, error, e);
    } finally {
        closeAdminConnection(ld);
    }
    return entity;
}
Also used : DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification) Modification(org.apache.directory.api.ldap.model.entry.Modification) DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification) ArrayList(java.util.ArrayList) UpdateException(org.apache.directory.fortress.core.UpdateException) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)

Example 3 with UpdateException

use of org.apache.directory.fortress.core.UpdateException in project directory-fortress-core by apache.

the class PermDAO method revoke.

/**
 * @param pOp
 * @param role
 * @throws org.apache.directory.fortress.core.UpdateException
 *
 * @throws org.apache.directory.fortress.core.FinderException
 */
void revoke(Permission pOp, Role role) throws UpdateException, FinderException {
    LdapConnection ld = null;
    String dn = getDn(pOp, pOp.getContextId());
    try {
        List<Modification> mods = new ArrayList<Modification>();
        mods.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, ROLES, role.getName()));
        ld = getAdminConnection();
        modify(ld, dn, mods, pOp);
    } catch (LdapNoSuchAttributeException e) {
        String warning = "revoke perm object [" + pOp.getObjName() + "] operation [" + pOp.getOpName() + "] name [" + role.getName() + "] assignment does not exist.";
        throw new FinderException(GlobalErrIds.PERM_ROLE_NOT_EXIST, warning);
    } catch (LdapException e) {
        String error = "revoke perm object [" + pOp.getObjName() + "] operation [" + pOp.getOpName() + "] name [" + role.getName() + "] caught LdapException=" + e.getMessage();
        throw new UpdateException(GlobalErrIds.PERM_REVOKE_FAILED, error, e);
    } finally {
        closeAdminConnection(ld);
    }
}
Also used : DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification) Modification(org.apache.directory.api.ldap.model.entry.Modification) FinderException(org.apache.directory.fortress.core.FinderException) DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification) ArrayList(java.util.ArrayList) UpdateException(org.apache.directory.fortress.core.UpdateException) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) LdapConnection(org.apache.directory.ldap.client.api.LdapConnection) LdapNoSuchAttributeException(org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException)

Example 4 with UpdateException

use of org.apache.directory.fortress.core.UpdateException in project directory-fortress-core by apache.

the class PermDAO method grant.

/**
 * @param pOp
 * @param user
 * @throws org.apache.directory.fortress.core.UpdateException
 *
 * @throws org.apache.directory.fortress.core.FinderException
 */
void grant(Permission pOp, User user) throws UpdateException {
    LdapConnection ld = null;
    String dn = getDn(pOp, pOp.getContextId());
    try {
        List<Modification> mods = new ArrayList<Modification>();
        mods.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, USERS, user.getUserId()));
        ld = getAdminConnection();
        modify(ld, dn, mods, pOp);
    } catch (LdapAttributeInUseException e) {
        String warning = "grant perm object [" + pOp.getObjName() + "] operation [" + pOp.getOpName() + "] userId [" + user.getUserId() + "] assignment already exists, Fortress rc=" + GlobalErrIds.PERM_USER_EXIST;
        throw new UpdateException(GlobalErrIds.PERM_USER_EXIST, warning);
    } catch (LdapNoSuchObjectException e) {
        String warning = "grant perm object [" + pOp.getObjName() + "] operation [" + pOp.getOpName() + "] userId [" + user.getUserId() + "] perm not found, Fortress rc=" + GlobalErrIds.PERM_OP_NOT_FOUND;
        throw new UpdateException(GlobalErrIds.PERM_OP_NOT_FOUND, warning);
    } catch (LdapException e) {
        String error = "grant perm object [" + pOp.getObjName() + "] operation [" + pOp.getOpName() + "] userId [" + user.getUserId() + "] caught LdapException=" + e.getMessage();
        throw new UpdateException(GlobalErrIds.PERM_GRANT_USER_FAILED, error, e);
    } finally {
        closeAdminConnection(ld);
    }
}
Also used : LdapNoSuchObjectException(org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException) DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification) Modification(org.apache.directory.api.ldap.model.entry.Modification) DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification) LdapAttributeInUseException(org.apache.directory.api.ldap.model.exception.LdapAttributeInUseException) ArrayList(java.util.ArrayList) UpdateException(org.apache.directory.fortress.core.UpdateException) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)

Example 5 with UpdateException

use of org.apache.directory.fortress.core.UpdateException in project directory-fortress-core by apache.

the class PermDAO method updatePermissionAttribute.

PermissionAttribute updatePermissionAttribute(PermissionAttribute entity, String paSetName, boolean replaceValidValues) throws UpdateException {
    LdapConnection ld = null;
    String dn = getDn(entity, paSetName, entity.getContextId());
    try {
        List<Modification> mods = new ArrayList<Modification>();
        if (StringUtils.isNotEmpty(entity.getDataType())) {
            mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DATA_TYPE, entity.getDataType()));
        }
        if (StringUtils.isNotEmpty(entity.getDescription())) {
            mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.DESCRIPTION_AT, entity.getDescription()));
        }
        if (StringUtils.isNotEmpty(entity.getDefaultOperator())) {
            mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_OPERATOR, entity.getDefaultOperator()));
        }
        if (StringUtils.isNotEmpty(entity.getDefaultStrategy())) {
            mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_STRATEGY, entity.getDefaultStrategy()));
        }
        if (StringUtils.isNotEmpty(entity.getDefaultValue())) {
            mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_VALUE, entity.getDefaultValue()));
        }
        // if replace, then remove first
        if (replaceValidValues) {
            mods.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_VALID_VALUES));
        }
        for (String validValue : entity.getValidValues()) {
            mods.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_VALID_VALUES, validValue));
        }
        if (mods.size() > 0) {
            ld = getAdminConnection();
            modify(ld, dn, mods, entity);
            entity.setDn(dn);
        }
    } catch (LdapException e) {
        String error = "updatePermissionAttribute name [" + entity.getAttributeName() + "] caught LdapException=" + e.getMessage();
        throw new UpdateException(GlobalErrIds.PERM_ATTRIBUTE_UPDATE_FAILED, error, e);
    } finally {
        closeAdminConnection(ld);
    }
    return entity;
}
Also used : DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification) Modification(org.apache.directory.api.ldap.model.entry.Modification) DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification) ArrayList(java.util.ArrayList) UpdateException(org.apache.directory.fortress.core.UpdateException) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)

Aggregations

Modification (org.apache.directory.api.ldap.model.entry.Modification)41 LdapException (org.apache.directory.api.ldap.model.exception.LdapException)41 UpdateException (org.apache.directory.fortress.core.UpdateException)41 LdapConnection (org.apache.directory.ldap.client.api.LdapConnection)41 ArrayList (java.util.ArrayList)40 DefaultModification (org.apache.directory.api.ldap.model.entry.DefaultModification)39 FinderException (org.apache.directory.fortress.core.FinderException)7 LdapAttributeInUseException (org.apache.directory.api.ldap.model.exception.LdapAttributeInUseException)4 LdapNoSuchAttributeException (org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException)4 LdapNoSuchObjectException (org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException)3 LdapInvalidAttributeValueException (org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)2 Dn (org.apache.directory.api.ldap.model.name.Dn)2 RoleConstraint (org.apache.directory.fortress.core.model.RoleConstraint)2 UserRole (org.apache.directory.fortress.core.model.UserRole)2 CursorException (org.apache.directory.api.ldap.model.cursor.CursorException)1 LdapNoPermissionException (org.apache.directory.api.ldap.model.exception.LdapNoPermissionException)1 CreateException (org.apache.directory.fortress.core.CreateException)1 PasswordException (org.apache.directory.fortress.core.PasswordException)1 RemoveException (org.apache.directory.fortress.core.RemoveException)1 User (org.apache.directory.fortress.core.model.User)1