Example 56 with OrgUnit
use of org.apache.directory.fortress.core.model.OrgUnit in project directory-fortress-core by apache.
the class PsoUtil method loadGraph.
/**
* Read this ldap record,{@code cn=Hierarchies, ou=OS-P} into this entity, {@link Hier}, before loading into this collection class,{@code org.jgrapht.graph.SimpleDirectedGraph}
* using 3rd party lib, <a href="http://www.jgrapht.org/">JGraphT</a>.
*
* @param contextId maps to sub-tree in DIT, e.g. ou=contextId, dc=example, dc=com.
* @return handle to simple digraph containing perm ou hierarchies.
*/
private synchronized SimpleDirectedGraph<String, Relationship> loadGraph(String contextId) {
Hier inHier = new Hier(Hier.Type.ROLE);
inHier.setContextId(contextId);
LOG.info("loadGraph initializing PSO context [{}]", inHier.getContextId());
List<Graphable> descendants = null;
try {
OrgUnit orgUnit = new OrgUnit();
orgUnit.setType(OrgUnit.Type.PERM);
orgUnit.setContextId(contextId);
descendants = orgUnitP.getAllDescendants(orgUnit);
} catch (SecurityException se) {
LOG.info("loadGraph caught SecurityException={}", se);
}
Hier hier = HierUtil.loadHier(contextId, descendants);
SimpleDirectedGraph<String, Relationship> graph;
graph = HierUtil.buildGraph(hier);
psoCache.put(getKey(contextId), graph);
return graph;
}
Also used :
OrgUnit(org.apache.directory.fortress.core.model.OrgUnit)
Relationship(org.apache.directory.fortress.core.model.Relationship)
SecurityException(org.apache.directory.fortress.core.SecurityException)
Graphable(org.apache.directory.fortress.core.model.Graphable)
Hier(org.apache.directory.fortress.core.model.Hier)
Example 57 with OrgUnit
use of org.apache.directory.fortress.core.model.OrgUnit in project directory-fortress-core by apache.
the class OrgUnitDAO method findOrgs.
/**
* @param orgUnit
* @return
* @throws org.apache.directory.fortress.core.FinderException
*/
List<OrgUnit> findOrgs(OrgUnit orgUnit) throws FinderException {
List<OrgUnit> orgUnitList = new ArrayList<>();
LdapConnection ld = null;
String orgUnitRoot = getOrgRoot(orgUnit);
try {
String searchVal = encodeSafeText(orgUnit.getName(), GlobalIds.ROLE_LEN);
String filter = GlobalIds.FILTER_PREFIX + ORGUNIT_OBJECT_CLASS_NM + ")(" + SchemaConstants.OU_AT + "=" + searchVal + "*))";
ld = getAdminConnection();
SearchCursor searchResults = search(ld, orgUnitRoot, SearchScope.ONELEVEL, filter, ORGUNIT_ATRS, false, GlobalIds.BATCH_SIZE);
long sequence = 0;
while (searchResults.next()) {
orgUnitList.add(getEntityFromLdapEntry(searchResults.getEntry(), sequence++, orgUnit.getContextId()));
}
} catch (LdapException e) {
String error = "findOrgs search val [" + orgUnit.getName() + "] type [" + orgUnit.getType() + "] root [" + orgUnitRoot + "] caught LdapException=" + e;
int errCode;
if (orgUnit.getType() == OrgUnit.Type.PERM) {
errCode = GlobalErrIds.ORG_SEARCH_FAILED_PERM;
} else {
errCode = GlobalErrIds.ORG_SEARCH_FAILED_USER;
}
throw new FinderException(errCode, error, e);
} catch (CursorException e) {
String error = "findOrgs search val [" + orgUnit.getName() + "] type [" + orgUnit.getType() + "] root [" + orgUnitRoot + "] caught CursorException=" + e;
int errCode;
if (orgUnit.getType() == OrgUnit.Type.PERM) {
errCode = GlobalErrIds.ORG_SEARCH_FAILED_PERM;
} else {
errCode = GlobalErrIds.ORG_SEARCH_FAILED_USER;
}
throw new FinderException(errCode, error, e);
} finally {
closeAdminConnection(ld);
}
return orgUnitList;
}
Also used :
OrgUnit(org.apache.directory.fortress.core.model.OrgUnit)
FinderException(org.apache.directory.fortress.core.FinderException)
CursorException(org.apache.directory.api.ldap.model.cursor.CursorException)
ArrayList(java.util.ArrayList)
SearchCursor(org.apache.directory.api.ldap.model.cursor.SearchCursor)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Example 58 with OrgUnit
use of org.apache.directory.fortress.core.model.OrgUnit in project directory-fortress-core by apache.
the class OrgUnitP method add.
/**
* Adds a new OrgUnit to directory. The OrgUnit type enum will determine which data set insertion will
* occur - User or Perm. The OrgUnit entity input will be validated to ensure that:
* orgUnit name is present and type is specified, and reasonability checks on all of the other populated values.
*
* @param entity OrgUnit contains data targeted for insertion.
* @return OrgUnit entity copy of input + additional attributes (internalId) that were added by op.
* @throws SecurityException in the event of data validation or DAO system error.
*/
OrgUnit add(OrgUnit entity) throws SecurityException {
validate(entity, false);
OrgUnit oe = oDao.create(entity);
if (entity.getType() == OrgUnit.Type.USER) {
try {
userPoolLock.writeLock().lock();
Set<String> userPool = getUserSet(entity);
if (userPool != null) {
userPool.add(entity.getName());
}
} finally {
userPoolLock.writeLock().unlock();
}
} else {
try {
permPoolLock.writeLock().lock();
Set<String> permPool = getPermSet(entity);
if (permPool != null) {
permPool.add(entity.getName());
}
} finally {
permPoolLock.writeLock().unlock();
}
}
return oe;
}
Also used :
OrgUnit(org.apache.directory.fortress.core.model.OrgUnit)
Example 59 with OrgUnit
use of org.apache.directory.fortress.core.model.OrgUnit in project directory-fortress-core by apache.
the class DelAdminMgrImpl method deleteInheritance.
/**
* {@inheritDoc}
*/
@Override
@AdminPermissionOperation(operationName = "deleteInheritanceOU")
public void deleteInheritance(OrgUnit parent, OrgUnit child) throws SecurityException {
String methodName = "deleteInheritanceOU";
assertContext(CLS_NM, methodName, parent, GlobalErrIds.ORG_PARENT_NULL);
VUtil.assertNotNull(parent.getType(), GlobalErrIds.ORG_TYPE_NULL, CLS_NM + "." + methodName);
assertContext(CLS_NM, methodName, child, GlobalErrIds.ORG_CHILD_NULL);
setEntitySession(CLS_NM, methodName, parent);
if (parent.getType() == OrgUnit.Type.USER) {
UsoUtil.getInstance().validateRelationship(child, parent, true);
} else {
PsoUtil.getInstance().validateRelationship(child, parent, true);
}
if (parent.getType() == OrgUnit.Type.USER) {
UsoUtil.getInstance().updateHier(this.contextId, new Relationship(child.getName().toUpperCase(), parent.getName().toUpperCase()), Hier.Op.REM);
} else {
PsoUtil.getInstance().updateHier(this.contextId, new Relationship(child.getName().toUpperCase(), parent.getName().toUpperCase()), Hier.Op.REM);
}
OrgUnit cOrg = ouP.read(child);
cOrg.setContextId(this.contextId);
cOrg.delParent(parent.getName());
setAdminData(CLS_NM, methodName, cOrg);
// are there any parents left?
if (!CollectionUtils.isNotEmpty(cOrg.getParents())) {
// The updates only update non-empty multi-occurring attributes
// so if last parent assigned, so must remove the attribute completely:
ouP.deleteParent(cOrg);
} else {
ouP.update(cOrg);
}
}
Also used :
OrgUnit(org.apache.directory.fortress.core.model.OrgUnit)
Relationship(org.apache.directory.fortress.core.model.Relationship)
AdminPermissionOperation(org.apache.directory.fortress.annotation.AdminPermissionOperation)
Example 60 with OrgUnit
use of org.apache.directory.fortress.core.model.OrgUnit in project directory-fortress-core by apache.
the class DelAdminMgrImpl method addInheritance.
/**
* {@inheritDoc}
*/
@Override
@AdminPermissionOperation(operationName = "addInheritanceOU")
public void addInheritance(OrgUnit parent, OrgUnit child) throws SecurityException {
String methodName = "addInheritanceOU";
assertContext(CLS_NM, methodName, parent, GlobalErrIds.ORG_PARENT_NULL);
VUtil.assertNotNull(parent.getType(), GlobalErrIds.ORG_TYPE_NULL, CLS_NM + "." + methodName);
assertContext(CLS_NM, methodName, child, GlobalErrIds.ORG_CHILD_NULL);
setEntitySession(CLS_NM, methodName, parent);
if (parent.getType() == OrgUnit.Type.USER) {
UsoUtil.getInstance().validateRelationship(child, parent, false);
} else {
PsoUtil.getInstance().validateRelationship(child, parent, false);
}
// validate that both orgs are present:
ouP.read(parent);
OrgUnit cOrg = ouP.read(child);
cOrg.setParent(parent.getName());
cOrg.setContextId(this.contextId);
setAdminData(CLS_NM, methodName, cOrg);
ouP.update(cOrg);
// we're still good, now set the hierarchical relationship:
if (parent.getType() == OrgUnit.Type.USER) {
UsoUtil.getInstance().updateHier(this.contextId, new Relationship(child.getName().toUpperCase(), parent.getName().toUpperCase()), Hier.Op.ADD);
} else {
PsoUtil.getInstance().updateHier(this.contextId, new Relationship(child.getName().toUpperCase(), parent.getName().toUpperCase()), Hier.Op.ADD);
}
}
Also used :
OrgUnit(org.apache.directory.fortress.core.model.OrgUnit)
Relationship(org.apache.directory.fortress.core.model.Relationship)
AdminPermissionOperation(org.apache.directory.fortress.annotation.AdminPermissionOperation)
Aggregations
OrgUnit (org.apache.directory.fortress.core.model.OrgUnit)60
SecurityException (org.apache.directory.fortress.core.SecurityException)36
DelAdminMgr (org.apache.directory.fortress.core.DelAdminMgr)26
DelReviewMgr (org.apache.directory.fortress.core.DelReviewMgr)7
Relationship (org.apache.directory.fortress.core.model.Relationship)6
FinderException (org.apache.directory.fortress.core.FinderException)5
FortRequest (org.apache.directory.fortress.core.model.FortRequest)5
FortResponse (org.apache.directory.fortress.core.model.FortResponse)5
HashSet (java.util.HashSet)4
AdminPermissionOperation (org.apache.directory.fortress.annotation.AdminPermissionOperation)4
ArrayList (java.util.ArrayList)3
UserAdminRole (org.apache.directory.fortress.core.model.UserAdminRole)3
UserRole (org.apache.directory.fortress.core.model.UserRole)3
TreeSet (java.util.TreeSet)2
LdapException (org.apache.directory.api.ldap.model.exception.LdapException)2
ValidationException (org.apache.directory.fortress.core.ValidationException)2
AdminRole (org.apache.directory.fortress.core.model.AdminRole)2
Graphable (org.apache.directory.fortress.core.model.Graphable)2
Hier (org.apache.directory.fortress.core.model.Hier)2
ObjectFactory (org.apache.directory.fortress.core.model.ObjectFactory)2
