Example 76 with LdapConnection
use of org.apache.directory.ldap.client.api.LdapConnection in project directory-fortress-core by apache.
the class UserDAO method remove.
/**
* @param user
* @throws RemoveException
*/
String remove(User user) throws RemoveException {
LdapConnection ld = null;
String userDn = getDn(user.getUserId(), user.getContextId());
try {
ld = getAdminConnection();
delete(ld, userDn, user);
} catch (LdapException e) {
String error = "remove userId [" + user.getUserId() + "] caught LDAPException=" + e.getMessage();
throw new RemoveException(GlobalErrIds.USER_DELETE_FAILED, error, e);
} finally {
closeAdminConnection(ld);
}
return userDn;
}
Also used :
RemoveException(org.apache.directory.fortress.core.RemoveException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Example 77 with LdapConnection
use of org.apache.directory.ldap.client.api.LdapConnection in project directory-fortress-core by apache.
the class UserDAO method unlock.
/**
* @param user
* @throws UpdateException
*/
void unlock(User user) throws UpdateException {
LdapConnection ld = null;
String userDn = getDn(user.getUserId(), user.getContextId());
try {
// ld = getAdminConnection();
List<Modification> mods = new ArrayList<Modification>();
mods.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, OPENLDAP_PW_LOCKED_TIME));
ld = getAdminConnection();
modify(ld, userDn, mods, user);
} catch (LdapNoSuchAttributeException e) {
LOG.info("unlock user [" + user.getUserId() + "] no such attribute:" + OPENLDAP_ACCOUNT_LOCKED_TIME);
} catch (LdapException e) {
String error = "unlock user [" + user.getUserId() + "] caught LDAPException= " + e.getMessage();
throw new UpdateException(GlobalErrIds.USER_PW_UNLOCK_FAILED, error, e);
} finally {
closeAdminConnection(ld);
}
}
Also used :
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
Modification(org.apache.directory.api.ldap.model.entry.Modification)
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
ArrayList(java.util.ArrayList)
UpdateException(org.apache.directory.fortress.core.UpdateException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
LdapNoSuchAttributeException(org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException)
Example 78 with LdapConnection
use of org.apache.directory.ldap.client.api.LdapConnection in project directory-fortress-core by apache.
the class UserDAO method deassign.
/**
* @param uRole
* @return
* @throws UpdateException
* @throws FinderException
*/
String deassign(UserRole uRole) throws UpdateException, FinderException {
LdapConnection ld = null;
String userDn = getDn(uRole.getUserId(), uRole.getContextId());
try {
// read the user's RBAC role assignments to locate target record. Need the raw data before attempting
// removal:
List<UserRole> roles = getUserRoles(uRole.getUserId(), uRole.getContextId());
int indx = -1;
// Does the user have any roles assigned?
if (roles != null) {
// function call will set indx to -1 if name not found:
indx = roles.indexOf(uRole);
// Is the targeted name assigned to user?
if (indx > -1) {
// Retrieve the targeted name:
UserRole fRole = roles.get(indx);
// delete the name assignment attribute using the raw name data:
List<Modification> mods = new ArrayList<Modification>();
// Remove user role constraints
for (RoleConstraint rc : fRole.getRoleConstraints()) {
this.deassign(fRole, rc);
}
mods.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.USER_ROLE_DATA, fRole.getRawData()));
mods.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.USER_ROLE_ASSIGN, fRole.getName()));
ld = getAdminConnection();
modify(ld, userDn, mods, uRole);
}
}
// target name not found:
if (indx == -1) {
// The user does not have the target name assigned,
String warning = "deassign userId [" + uRole.getUserId() + "] name [" + uRole.getName() + "] " + "assignment does not exist.";
throw new FinderException(GlobalErrIds.URLE_ASSIGN_NOT_EXIST, warning);
}
} catch (LdapException e) {
String warning = "deassign userId [" + uRole.getUserId() + "] name [" + uRole.getName() + "] caught " + "LDAPException=" + e.getMessage();
throw new UpdateException(GlobalErrIds.URLE_DEASSIGN_FAILED, warning, e);
} finally {
closeAdminConnection(ld);
}
return userDn;
}
Also used :
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
Modification(org.apache.directory.api.ldap.model.entry.Modification)
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
ArrayList(java.util.ArrayList)
RoleConstraint(org.apache.directory.fortress.core.model.RoleConstraint)
RoleConstraint(org.apache.directory.fortress.core.model.RoleConstraint)
FinderException(org.apache.directory.fortress.core.FinderException)
UserRole(org.apache.directory.fortress.core.model.UserRole)
UpdateException(org.apache.directory.fortress.core.UpdateException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Example 79 with LdapConnection
use of org.apache.directory.ldap.client.api.LdapConnection in project directory-fortress-core by apache.
the class UserDAO method getAuthorizedUsers.
/**
* @param role
* @return
* @throws FinderException
*/
List<User> getAuthorizedUsers(Role role) throws FinderException {
List<User> userList = new ArrayList<>();
LdapConnection ld = null;
String userRoot = getRootDn(role.getContextId(), GlobalIds.USER_ROOT);
try {
String roleVal = encodeSafeText(role.getName(), GlobalIds.USERID_LEN);
StringBuilder filterbuf = new StringBuilder();
filterbuf.append(GlobalIds.FILTER_PREFIX);
filterbuf.append(USERS_AUX_OBJECT_CLASS_NAME);
filterbuf.append(")(");
Set<String> roles = RoleUtil.getInstance().getDescendants(role.getName(), role.getContextId());
if (CollectionUtils.isNotEmpty(roles)) {
filterbuf.append("|(");
filterbuf.append(GlobalIds.USER_ROLE_ASSIGN);
filterbuf.append("=");
filterbuf.append(roleVal);
filterbuf.append(")");
for (String uRole : roles) {
filterbuf.append("(");
filterbuf.append(GlobalIds.USER_ROLE_ASSIGN);
filterbuf.append("=");
filterbuf.append(uRole);
filterbuf.append(")");
}
filterbuf.append(")");
} else {
filterbuf.append(GlobalIds.USER_ROLE_ASSIGN);
filterbuf.append("=");
filterbuf.append(roleVal);
filterbuf.append(")");
}
filterbuf.append(")");
ld = getAdminConnection();
SearchCursor searchResults = search(ld, userRoot, SearchScope.ONELEVEL, filterbuf.toString(), defaultAtrs, false, GlobalIds.BATCH_SIZE);
long sequence = 0;
while (searchResults.next()) {
userList.add(unloadLdapEntry(searchResults.getEntry(), sequence++, role.getContextId()));
}
} catch (LdapException e) {
String warning = "getAuthorizedUsers role name [" + role.getName() + "] caught LDAPException=" + e.getMessage();
throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, warning, e);
} catch (CursorException e) {
String warning = "getAuthorizedUsers role name [" + role.getName() + "] caught LDAPException=" + e.getMessage();
throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, warning, e);
} finally {
closeAdminConnection(ld);
}
return userList;
}
Also used :
FinderException(org.apache.directory.fortress.core.FinderException)
User(org.apache.directory.fortress.core.model.User)
CursorException(org.apache.directory.api.ldap.model.cursor.CursorException)
ArrayList(java.util.ArrayList)
SearchCursor(org.apache.directory.api.ldap.model.cursor.SearchCursor)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Example 80 with LdapConnection
use of org.apache.directory.ldap.client.api.LdapConnection in project directory-fortress-core by apache.
the class UserDAO method assign.
/**
* @param uRole
* @return
* @throws UpdateException
* @throws FinderException
*/
String assign(UserAdminRole uRole) throws UpdateException, FinderException {
LdapConnection ld = null;
String userDn = getDn(uRole.getUserId(), uRole.getContextId());
try {
List<Modification> mods = new ArrayList<Modification>();
String szUserRole = uRole.getRawData();
mods.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, GlobalIds.USER_ADMINROLE_DATA, szUserRole));
mods.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, GlobalIds.USER_ADMINROLE_ASSIGN, uRole.getName()));
ld = getAdminConnection();
modify(ld, userDn, mods, uRole);
} catch (LdapAttributeInUseException e) {
String warning = "assign userId [" + uRole.getUserId() + "] name [" + uRole.getName() + "] assignment " + "already exists.";
throw new FinderException(GlobalErrIds.ARLE_ASSIGN_EXIST, warning);
} catch (LdapException e) {
String warning = "assign userId [" + uRole.getUserId() + "] name [" + uRole.getName() + "] caught " + "LDAPException=" + e.getMessage();
throw new UpdateException(GlobalErrIds.ARLE_ASSIGN_FAILED, warning, e);
} finally {
closeAdminConnection(ld);
}
return userDn;
}
Also used :
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
Modification(org.apache.directory.api.ldap.model.entry.Modification)
FinderException(org.apache.directory.fortress.core.FinderException)
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
LdapAttributeInUseException(org.apache.directory.api.ldap.model.exception.LdapAttributeInUseException)
ArrayList(java.util.ArrayList)
UpdateException(org.apache.directory.fortress.core.UpdateException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Aggregations
LdapConnection (org.apache.directory.ldap.client.api.LdapConnection)180
LdapException (org.apache.directory.api.ldap.model.exception.LdapException)166
ArrayList (java.util.ArrayList)90
FinderException (org.apache.directory.fortress.core.FinderException)73
CursorException (org.apache.directory.api.ldap.model.cursor.CursorException)65
Entry (org.apache.directory.api.ldap.model.entry.Entry)52
SearchCursor (org.apache.directory.api.ldap.model.cursor.SearchCursor)49
Modification (org.apache.directory.api.ldap.model.entry.Modification)43
DefaultModification (org.apache.directory.api.ldap.model.entry.DefaultModification)41
UpdateException (org.apache.directory.fortress.core.UpdateException)41
DefaultEntry (org.apache.directory.api.ldap.model.entry.DefaultEntry)37
LdapNoSuchObjectException (org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException)20
CreateException (org.apache.directory.fortress.core.CreateException)17
RemoveException (org.apache.directory.fortress.core.RemoveException)17
IOException (java.io.IOException)14
LdapNetworkConnection (org.apache.directory.ldap.client.api.LdapNetworkConnection)14
Permission (org.apache.directory.fortress.core.model.Permission)9
Dn (org.apache.directory.api.ldap.model.name.Dn)7
EntryCursor (org.apache.directory.api.ldap.model.cursor.EntryCursor)6
LdapInvalidAttributeValueException (org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)6
