Examples with OrgUnit org.apache.directory.fortress.core.model.OrgUnit used on opensource projects

Example 6 with OrgUnit

use of org.apache.directory.fortress.core.model.OrgUnit in project directory-fortress-core by apache.

the class OrgUnitDAO method getEntityFromLdapEntry.

/**
 * @param le
 * @param sequence
 * @param contextId
 * @return
 * @throws LdapInvalidAttributeValueException
 * @throws LdapException
 */
private OrgUnit getEntityFromLdapEntry(Entry le, long sequence, String contextId) throws LdapInvalidAttributeValueException {
    OrgUnit entity = new ObjectFactory().createOrgUnit();
    entity.setSequenceId(sequence);
    entity.setId(getAttribute(le, GlobalIds.FT_IID));
    entity.setName(getAttribute(le, SchemaConstants.OU_AT));
    entity.setDescription(getAttribute(le, SchemaConstants.DESCRIPTION_AT));
    String dn = le.getDn().getName();
    if (dn.contains(getRootDn(contextId, GlobalIds.PSU_ROOT))) {
        entity.setType(OrgUnit.Type.PERM);
        // entity.setParents(PsoUtil.getParents(entity.getName().toUpperCase(), contextId));
        entity.setChildren(PsoUtil.getInstance().getChildren(entity.getName().toUpperCase(), contextId));
    } else if (dn.contains(getRootDn(contextId, GlobalIds.OSU_ROOT))) {
        entity.setType(OrgUnit.Type.USER);
        // entity.setParents(UsoUtil.getParents(entity.getName().toUpperCase(), contextId));
        entity.setChildren(UsoUtil.getInstance().getChildren(entity.getName().toUpperCase(), contextId));
    }
    entity.setParents(getAttributeSet(le, GlobalIds.PARENT_NODES));
    return entity;
}

Example 7 with OrgUnit

use of org.apache.directory.fortress.core.model.OrgUnit in project directory-fortress-core by apache.

the class OrgUnitDAO method findByKey.

/**
 * @param entity
 * @return
 * @throws FinderException
 */
OrgUnit findByKey(OrgUnit entity) throws FinderException {
    OrgUnit oe = null;
    LdapConnection ld = null;
    Dn dn = getDn(entity);
    try {
        ld = getAdminConnection();
        Entry findEntry = read(ld, dn, ORGUNIT_ATRS);
        if (findEntry == null) {
            String warning = "findByKey orgUnit name [" + entity.getName() + "] type [" + entity.getType() + "] COULD NOT FIND ENTRY for dn [" + dn + "]";
            int errCode;
            if (entity.getType() == OrgUnit.Type.PERM) {
                errCode = GlobalErrIds.ORG_NOT_FOUND_PERM;
            } else {
                errCode = GlobalErrIds.ORG_NOT_FOUND_USER;
            }
            throw new FinderException(errCode, warning);
        }
        oe = getEntityFromLdapEntry(findEntry, 0, entity.getContextId());
    } catch (LdapNoSuchObjectException e) {
        String warning = "findByKey orgUnit name [" + entity.getName() + "] type [" + entity.getType() + "] COULD NOT FIND ENTRY for dn [" + dn + "]";
        int errCode;
        if (entity.getType() == OrgUnit.Type.PERM) {
            errCode = GlobalErrIds.ORG_NOT_FOUND_PERM;
        } else {
            errCode = GlobalErrIds.ORG_NOT_FOUND_USER;
        }
        throw new FinderException(errCode, warning);
    } catch (LdapException e) {
        String error = "findByKey orgUnitName [" + entity.getName() + "] type [" + entity.getType() + "] dn [" + dn + "] caught LdapException=" + e;
        int errCode;
        if (entity.getType() == OrgUnit.Type.PERM) {
            errCode = GlobalErrIds.ORG_READ_FAILED_PERM;
        } else {
            errCode = GlobalErrIds.ORG_READ_FAILED_USER;
        }
        throw new FinderException(errCode, error, e);
    } finally {
        closeAdminConnection(ld);
    }
    return oe;
}

Example 8 with OrgUnit

use of org.apache.directory.fortress.core.model.OrgUnit in project directory-fortress-core by apache.

the class UserP method validate.

/**
 * Method will perform various validations to ensure the integrity of the User entity targeted for insertion
 * or updating in directory.  For example the ou attribute will be "read" from the OrgUnit dataset to ensure
 * that it is valid.  Data reasonability checks will be performed on all non-null attributes.
 * This method will also copy the source constraints to target entity iff the target input entity does not have set
 * prior to calling.
 *
 * @param entity   User entity contains data targeted for insertion or update.  The input role constraints will be accepted.
 * @param isUpdate if true update operation is being performed which specifies a different set of targeted attributes.
 * @throws SecurityException in the event of data validation error or DAO error on Org validation.
 */
private void validate(User entity, boolean isUpdate) throws SecurityException {
    if (!isUpdate) {
        // the UserId attribute is required on User:
        VUtil.userId(entity.getUserId());
        // the cn attribute is optional as input.  entity will default to userId if cn not set by caller on add:
        if (StringUtils.isNotEmpty(entity.getCn())) {
            VUtil.safeText(entity.getCn(), GlobalIds.CN_LEN);
        }
        // the sn attribute is optional as input.  entity will default to userId if sn not set by caller on add:
        if (StringUtils.isNotEmpty(entity.getSn())) {
            VUtil.safeText(entity.getSn(), GlobalIds.SN_LEN);
        }
        // password is not required on user object but user cannot execute AccessMgr or DelAccessMgr methods w/out pw.
        if (StringUtils.isNotEmpty(entity.getPassword())) {
            VUtil.safeText(entity.getPassword(), GlobalIds.PASSWORD_LEN);
        }
        // the OU attribute is required:
        if (StringUtils.isEmpty(entity.getOu())) {
            String error = "OU validation failed, null or empty value";
            throw new ValidationException(GlobalErrIds.ORG_NULL_USER, error);
        }
        VUtil.orgUnit(entity.getOu());
        // ensure ou exists in the OS-U pool:
        OrgUnit ou = new OrgUnit(entity.getOu(), OrgUnit.Type.USER);
        ou.setContextId(entity.getContextId());
        if (!orgUnitP.isValid(ou)) {
            String error = "validate detected invalid orgUnit name [" + entity.getOu() + "] adding user with userId [" + entity.getUserId() + "]";
            throw new ValidationException(GlobalErrIds.USER_OU_INVALID, error);
        }
        // description attribute is optional:
        if (StringUtils.isNotEmpty(entity.getDescription())) {
            VUtil.description(entity.getDescription());
        }
    } else {
        // on User update, all attributes are optional:
        if (StringUtils.isNotEmpty(entity.getCn())) {
            VUtil.safeText(entity.getCn(), GlobalIds.CN_LEN);
        }
        if (StringUtils.isNotEmpty(entity.getSn())) {
            VUtil.safeText(entity.getSn(), GlobalIds.SN_LEN);
        }
        if (StringUtils.isNotEmpty(entity.getPassword())) {
            VUtil.safeText(entity.getPassword(), GlobalIds.PASSWORD_LEN);
        }
        if (StringUtils.isNotEmpty(entity.getOu())) {
            VUtil.orgUnit(entity.getOu());
            // ensure ou exists in the OS-U pool:
            OrgUnit ou = new OrgUnit(entity.getOu(), OrgUnit.Type.USER);
            ou.setContextId(entity.getContextId());
            if (!orgUnitP.isValid(ou)) {
                String error = "validate detected invalid orgUnit name [" + entity.getOu() + "] updating user wth userId [" + entity.getUserId() + "]";
                throw new ValidationException(GlobalErrIds.USER_OU_INVALID, error);
            }
        }
        if (StringUtils.isNotEmpty(entity.getDescription())) {
            VUtil.description(entity.getDescription());
        }
    }
    // 1 OpenLDAP password policy name must be valid if set:
    if (StringUtils.isNotEmpty(entity.getPwPolicy())) {
        PwPolicy policy = new PwPolicy(entity.getPwPolicy());
        policy.setContextId(entity.getContextId());
        if (!policyP.isValid(policy)) {
            String error = "validate detected invalid OpenLDAP policy name [" + entity.getPwPolicy() + "] for userId [" + entity.getUserId() + "]. Assignment is optional for User but must be valid if specified.";
            throw new ValidationException(GlobalErrIds.USER_PW_PLCY_INVALID, error);
        }
    }
    // 2 Validate constraints on User object:
    ConstraintUtil.validate(entity);
    // 3 Validate or copy constraints on RBAC roles:
    if (CollectionUtils.isNotEmpty(entity.getRoles())) {
        RoleP rp = new RoleP();
        List<UserRole> roles = entity.getRoles();
        for (UserRole ure : roles) {
            Role inRole = new Role(ure.getName());
            inRole.setContextId(entity.getContextId());
            Role role = rp.read(inRole);
            ConstraintUtil.validateOrCopy(role, ure);
        }
    }
    // 4 Validate and copy constraints on Administrative roles:
    if (CollectionUtils.isNotEmpty(entity.getAdminRoles())) {
        List<UserAdminRole> uRoles = entity.getAdminRoles();
        for (UserAdminRole uare : uRoles) {
            AdminRole inRole = new AdminRole(uare.getName());
            inRole.setContextId(entity.getContextId());
            AdminRole outRole = admRoleP.read(inRole);
            ConstraintUtil.validateOrCopy(outRole, uare);
            // copy the ARBAC AdminRole attributes to UserAdminRole:
            copyAdminAttrs(outRole, uare);
        }
    }
}

Example 9 with OrgUnit

use of org.apache.directory.fortress.core.model.OrgUnit in project directory-fortress-core by apache.

the class UsoUtil method getInherited.

/**
 * Return Set of {@link org.apache.directory.fortress.core.model.OrgUnit#name}s ascendants contained within {@link org.apache.directory.fortress.core.model.OrgUnit.Type#USER}.
 *
 * @param ous contains list of {@link org.apache.directory.fortress.core.model.OrgUnit}s.
 * @return contains Set of all descendants.
 */
Set<String> getInherited(List<OrgUnit> ous, String contextId) {
    // create Set with case insensitive comparator:
    Set<String> iOUs = new TreeSet<>(String.CASE_INSENSITIVE_ORDER);
    if (CollectionUtils.isNotEmpty(ous)) {
        for (OrgUnit ou : ous) {
            String name = ou.getName();
            iOUs.add(name);
            Set<String> parents = HierUtil.getAscendants(name, getGraph(contextId));
            if (CollectionUtils.isNotEmpty(parents)) {
                iOUs.addAll(parents);
            }
        }
    }
    return iOUs;
}

Example 10 with OrgUnit

use of org.apache.directory.fortress.core.model.OrgUnit in project directory-fortress-core by apache.

the class DelAdminMgrRestImpl method add.

/**
 * {@inheritDoc}
 */
@Override
public OrgUnit add(OrgUnit entity) throws SecurityException {
    VUtil.assertNotNull(entity, GlobalErrIds.ORG_NULL, CLS_NM + ".addOU");
    OrgUnit retOrg;
    FortRequest request = new FortRequest();
    request.setContextId(this.contextId);
    request.setEntity(entity);
    if (this.adminSess != null) {
        request.setSession(adminSess);
    }
    String szRequest = RestUtils.marshal(request);
    String szResponse = RestUtils.getInstance().post(szRequest, HttpIds.ORG_ADD);
    FortResponse response = RestUtils.unmarshall(szResponse);
    if (response.getErrorCode() == 0) {
        retOrg = (OrgUnit) response.getEntity();
    } else {
        throw new SecurityException(response.getErrorCode(), response.getErrorMessage());
    }
    return retOrg;
}