Example 36 with LdapConnection
use of org.apache.directory.ldap.client.api.LdapConnection in project directory-fortress-core by apache.
the class PermDAO method getPerm.
/**
* @param permission
* @return
* @throws org.apache.directory.fortress.core.FinderException
*/
Permission getPerm(Permission permission) throws FinderException {
Permission entity = null;
LdapConnection ld = null;
String dn = getOpRdn(permission.getOpName(), permission.getObjId()) + "," + GlobalIds.POBJ_NAME + "=" + permission.getObjName() + "," + getRootDn(permission.isAdmin(), permission.getContextId());
try {
ld = getAdminConnection();
Entry findEntry = read(ld, dn, PERMISSION_OP_ATRS);
if (findEntry == null) {
String warning = "getPerm no entry found dn [" + dn + "]";
throw new FinderException(GlobalErrIds.PERM_OP_NOT_FOUND, warning);
}
entity = unloadPopLdapEntry(findEntry, 0, permission.isAdmin());
} catch (LdapNoSuchObjectException e) {
String warning = "getPerm Op COULD NOT FIND ENTRY for dn [" + dn + "]";
throw new FinderException(GlobalErrIds.PERM_OP_NOT_FOUND, warning);
} catch (LdapException e) {
String error = "getUser [" + dn + "] caught LdapException=" + e.getMessage();
throw new FinderException(GlobalErrIds.PERM_READ_OP_FAILED, error, e);
} finally {
closeAdminConnection(ld);
}
return entity;
}
Also used :
LdapNoSuchObjectException(org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException)
FinderException(org.apache.directory.fortress.core.FinderException)
DefaultEntry(org.apache.directory.api.ldap.model.entry.DefaultEntry)
Entry(org.apache.directory.api.ldap.model.entry.Entry)
Permission(org.apache.directory.fortress.core.model.Permission)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Example 37 with LdapConnection
use of org.apache.directory.ldap.client.api.LdapConnection in project directory-fortress-core by apache.
the class PermDAO method findPermissions.
/**
* @param session
* @return
* @throws org.apache.directory.fortress.core.FinderException
*/
List<Permission> findPermissions(Session session, boolean isAdmin) throws FinderException {
List<Permission> permList = new ArrayList<>();
LdapConnection ld = null;
String permRoot = getRootDn(isAdmin, session.getContextId());
try {
StringBuilder filterbuf = new StringBuilder();
filterbuf.append(GlobalIds.FILTER_PREFIX);
filterbuf.append(PERM_OP_OBJECT_CLASS_NAME);
filterbuf.append(")(|");
if (!session.isGroupSession()) {
filterbuf.append("(");
filterbuf.append(USERS);
filterbuf.append("=");
filterbuf.append(session.getUserId());
filterbuf.append(")");
}
Set<String> roles;
if (isAdmin) {
roles = AdminRoleUtil.getInheritedRoles(session.getAdminRoles(), session.getContextId());
} else {
roles = RoleUtil.getInstance().getInheritedRoles(session.getRoles(), session.getContextId());
}
if (CollectionUtils.isNotEmpty(roles)) {
for (String uRole : roles) {
filterbuf.append("(");
filterbuf.append(ROLES);
filterbuf.append("=");
filterbuf.append(uRole);
filterbuf.append(")");
}
}
filterbuf.append("))");
ld = getAdminConnection();
SearchCursor searchResults = search(ld, permRoot, SearchScope.SUBTREE, filterbuf.toString(), PERMISSION_OP_ATRS, false, GlobalIds.BATCH_SIZE);
long sequence = 0;
while (searchResults.next()) {
permList.add(unloadPopLdapEntry(searchResults.getEntry(), sequence++, isAdmin));
}
} catch (LdapException e) {
String error = "findPermissions user [" + session.getUserId() + "] caught LdapException in PermDAO.findPermissions=" + e.getMessage();
throw new FinderException(GlobalErrIds.PERM_SESS_SEARCH_FAILED, error, e);
} catch (CursorException e) {
String error = "findPermissions user [" + session.getUserId() + "] caught CursorException in PermDAO.findPermissions=" + e.getMessage();
throw new FinderException(GlobalErrIds.PERM_SESS_SEARCH_FAILED, error, e);
} finally {
closeAdminConnection(ld);
}
return permList;
}
Also used :
FinderException(org.apache.directory.fortress.core.FinderException)
CursorException(org.apache.directory.api.ldap.model.cursor.CursorException)
Permission(org.apache.directory.fortress.core.model.Permission)
ArrayList(java.util.ArrayList)
SearchCursor(org.apache.directory.api.ldap.model.cursor.SearchCursor)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Example 38 with LdapConnection
use of org.apache.directory.ldap.client.api.LdapConnection in project directory-fortress-core by apache.
the class PermDAO method createOperation.
/**
* @param entity
* @return
* @throws org.apache.directory.fortress.core.CreateException
*/
Permission createOperation(Permission entity) throws CreateException {
LdapConnection ld = null;
String dn = getDn(entity, entity.getContextId());
try {
Entry entry = new DefaultEntry(dn);
entry.add(SchemaConstants.OBJECT_CLASS_AT, PERM_OP_OBJ_CLASS);
entry.add(GlobalIds.POP_NAME, entity.getOpName());
entry.add(GlobalIds.POBJ_NAME, entity.getObjName());
entity.setAbstractName(entity.getObjName() + "." + entity.getOpName());
// this will generate a new random, unique id on this entity:
entity.setInternalId();
// create the internal id:
entry.add(GlobalIds.FT_IID, entity.getInternalId());
// description is optional:
if (StringUtils.isNotEmpty(entity.getDescription())) {
entry.add(SchemaConstants.DESCRIPTION_AT, entity.getDescription());
}
// the abstract name is the human readable identifier:
entry.add(PERM_NAME, entity.getAbstractName());
// organizational name requires CN attribute:
entry.add(SchemaConstants.CN_AT, entity.getAbstractName());
// objectid is optional:
if (StringUtils.isNotEmpty(entity.getObjId())) {
entry.add(GlobalIds.POBJ_ID, entity.getObjId());
}
// type is optional:
if (StringUtils.isNotEmpty(entity.getType())) {
entry.add(GlobalIds.TYPE, entity.getType());
}
// These are multi-valued attributes, use the util function to load:
// These items are optional as well. The utility function will return quietly if no items are loaded into collection:
loadAttrs(entity.getRoles(), entry, ROLES);
loadAttrs(entity.getUsers(), entry, USERS);
loadAttrs(entity.getPaSets(), entry, PERMISSION_ATTRIBUTE_SET);
// if the props is null don't try to load these attributes
if (PropUtil.isNotEmpty(entity.getProperties())) {
loadProperties(entity.getProperties(), entry, GlobalIds.PROPS);
}
// now add the new entry to directory:
ld = getAdminConnection();
add(ld, entry, entity);
entity.setDn(dn);
} catch (LdapException e) {
String error = "createOperation objName [" + entity.getObjName() + "] opName [" + entity.getOpName() + "] caught LdapException=" + e.getMessage();
throw new CreateException(GlobalErrIds.PERM_ADD_FAILED, error, e);
} finally {
closeAdminConnection(ld);
}
return entity;
}
Also used :
DefaultEntry(org.apache.directory.api.ldap.model.entry.DefaultEntry)
Entry(org.apache.directory.api.ldap.model.entry.Entry)
DefaultEntry(org.apache.directory.api.ldap.model.entry.DefaultEntry)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
CreateException(org.apache.directory.fortress.core.CreateException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Example 39 with LdapConnection
use of org.apache.directory.ldap.client.api.LdapConnection in project directory-fortress-core by apache.
the class PermDAO method updatePermissionAttribute.
PermissionAttribute updatePermissionAttribute(PermissionAttribute entity, String paSetName, boolean replaceValidValues) throws UpdateException {
LdapConnection ld = null;
String dn = getDn(entity, paSetName, entity.getContextId());
try {
List<Modification> mods = new ArrayList<Modification>();
if (StringUtils.isNotEmpty(entity.getDataType())) {
mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DATA_TYPE, entity.getDataType()));
}
if (StringUtils.isNotEmpty(entity.getDescription())) {
mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.DESCRIPTION_AT, entity.getDescription()));
}
if (StringUtils.isNotEmpty(entity.getDefaultOperator())) {
mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_OPERATOR, entity.getDefaultOperator()));
}
if (StringUtils.isNotEmpty(entity.getDefaultStrategy())) {
mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_STRATEGY, entity.getDefaultStrategy()));
}
if (StringUtils.isNotEmpty(entity.getDefaultValue())) {
mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_VALUE, entity.getDefaultValue()));
}
// if replace, then remove first
if (replaceValidValues) {
mods.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_VALID_VALUES));
}
for (String validValue : entity.getValidValues()) {
mods.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_VALID_VALUES, validValue));
}
if (mods.size() > 0) {
ld = getAdminConnection();
modify(ld, dn, mods, entity);
entity.setDn(dn);
}
} catch (LdapException e) {
String error = "updatePermissionAttribute name [" + entity.getAttributeName() + "] caught LdapException=" + e.getMessage();
throw new UpdateException(GlobalErrIds.PERM_ATTRIBUTE_UPDATE_FAILED, error, e);
} finally {
closeAdminConnection(ld);
}
return entity;
}
Also used :
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
Modification(org.apache.directory.api.ldap.model.entry.Modification)
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
ArrayList(java.util.ArrayList)
UpdateException(org.apache.directory.fortress.core.UpdateException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Example 40 with LdapConnection
use of org.apache.directory.ldap.client.api.LdapConnection in project directory-fortress-core by apache.
the class PolicyDAO method getPolicy.
/**
* @param policy
* @return
* @throws org.apache.directory.fortress.core.FinderException
*/
PwPolicy getPolicy(PwPolicy policy) throws FinderException {
PwPolicy entity = null;
LdapConnection ld = null;
String dn = getDn(policy);
try {
ld = getAdminConnection();
Entry findEntry = read(ld, dn, PASSWORD_POLICY_ATRS);
entity = unloadLdapEntry(findEntry, 0);
} catch (LdapNoSuchObjectException e) {
String warning = "getPolicy Obj COULD NOT FIND ENTRY for dn [" + dn + "]";
throw new FinderException(GlobalErrIds.PSWD_NOT_FOUND, warning);
} catch (LdapException e) {
String error = "getPolicy name [" + policy.getName() + "] caught LdapException=" + e.getMessage();
throw new FinderException(GlobalErrIds.PSWD_READ_FAILED, error, e);
} finally {
closeAdminConnection(ld);
}
return entity;
}
Also used :
LdapNoSuchObjectException(org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException)
FinderException(org.apache.directory.fortress.core.FinderException)
DefaultEntry(org.apache.directory.api.ldap.model.entry.DefaultEntry)
Entry(org.apache.directory.api.ldap.model.entry.Entry)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
PwPolicy(org.apache.directory.fortress.core.model.PwPolicy)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Aggregations
LdapConnection (org.apache.directory.ldap.client.api.LdapConnection)178
LdapException (org.apache.directory.api.ldap.model.exception.LdapException)164
ArrayList (java.util.ArrayList)89
FinderException (org.apache.directory.fortress.core.FinderException)73
CursorException (org.apache.directory.api.ldap.model.cursor.CursorException)63
Entry (org.apache.directory.api.ldap.model.entry.Entry)50
SearchCursor (org.apache.directory.api.ldap.model.cursor.SearchCursor)49
Modification (org.apache.directory.api.ldap.model.entry.Modification)43
DefaultModification (org.apache.directory.api.ldap.model.entry.DefaultModification)41
UpdateException (org.apache.directory.fortress.core.UpdateException)41
DefaultEntry (org.apache.directory.api.ldap.model.entry.DefaultEntry)37
LdapNoSuchObjectException (org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException)20
CreateException (org.apache.directory.fortress.core.CreateException)17
RemoveException (org.apache.directory.fortress.core.RemoveException)17
LdapNetworkConnection (org.apache.directory.ldap.client.api.LdapNetworkConnection)14
IOException (java.io.IOException)12
Permission (org.apache.directory.fortress.core.model.Permission)9
Dn (org.apache.directory.api.ldap.model.name.Dn)7
LdapInvalidAttributeValueException (org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)6
SecurityException (org.apache.directory.fortress.core.SecurityException)6
