use of org.forgerock.opendj.ldap.Filter in project OpenAM by OpenRock.
the class ResourceTypeConfigurationImpl method getResourceTypes.
@Override
public Set<ResourceType> getResourceTypes(final QueryFilter<SmsAttribute> queryFilter, final Subject subject, final String realm) throws EntitlementException {
final SSOToken token = SubjectUtils.getSSOToken(subject);
final String dn = getResourceTypeBaseDN(realm);
final Filter filter = queryFilter.accept(new SmsQueryFilterVisitor(), null);
final Set<ResourceType> resourceTypes = new HashSet<ResourceType>();
try {
if (SMSEntry.checkIfEntryExists(dn, token)) {
// Interaction with legacy service.
@SuppressWarnings("unchecked") final Iterator<SMSDataEntry> iterator = (Iterator<SMSDataEntry>) SMSEntry.search(token, dn, filter.toString(), 0, 0, false, false, Collections.emptySet());
while (iterator.hasNext()) {
final SMSDataEntry entry = iterator.next();
final String name = entry.getAttributeValue(CONFIG_NAME);
// Extract the resource types UUID from the LDAP DN representation.
final String uuid = LDAPUtils.getName(DN.valueOf(entry.getDN()));
// Interaction with legacy service.
@SuppressWarnings("unchecked") final Set<String> actionSet = entry.getAttributeValues(CONFIG_ACTIONS);
final Map<String, Boolean> actions = getActions(actionSet);
// Interaction with legacy service.
@SuppressWarnings("unchecked") final Set<String> resources = entry.getAttributeValues(CONFIG_PATTERNS);
final String description = entry.getAttributeValue(CONFIG_DESCRIPTION);
final String createdBy = entry.getAttributeValue(CONFIG_CREATED_BY);
final String creationDate = entry.getAttributeValue(CONFIG_CREATION_DATE);
final String modifiedBy = entry.getAttributeValue(CONFIG_LAST_MODIFIED_BY);
final String modifiedDate = entry.getAttributeValue(CONFIG_LAST_MODIFIED_DATE);
final ResourceType resourceType = ResourceType.builder().setUUID(uuid).setName(name).setActions(actions).setPatterns(resources).setDescription(description).setCreatedBy(createdBy).setCreationDate(Long.parseLong(creationDate)).setLastModifiedBy(modifiedBy).setLastModifiedDate(Long.parseLong(modifiedDate)).build();
resourceTypes.add(resourceType);
}
}
} catch (SMSException smsE) {
throw new EntitlementException(RESOURCE_TYPE_RETRIEVAL_ERROR, realm, smsE);
}
return resourceTypes;
}
use of org.forgerock.opendj.ldap.Filter in project OpenAM by OpenRock.
the class LDAPAuthUtils method buildUserFilter.
private String buildUserFilter() {
Filter filter;
if (userSearchAttrs.size() == 1) {
filter = Filter.equality(userSearchAttrs.iterator().next(), userId);
} else {
List<Filter> searchFilters = new ArrayList<Filter>(userSearchAttrs.size());
for (String searchAttr : userSearchAttrs) {
searchFilters.add(Filter.equality(searchAttr, userId));
}
filter = Filter.or(searchFilters);
}
return filter.toString();
}
use of org.forgerock.opendj.ldap.Filter in project OpenAM by OpenRock.
the class DJLDAPv3Repo method getRoleMembers.
/**
* Returns the DNs of the members of this role. To do that this will execute an LDAP search with a filter looking
* for nsRoleDN=roleDN.
*
* @param dn The DN of the role to query.
* @return The DNs of the members.
* @throws IdRepoException If there is an error while trying to retrieve the role members.
*/
private Set<String> getRoleMembers(String dn) throws IdRepoException {
Set<String> results = new HashSet<String>();
DN roleBase = getBaseDN(IdType.ROLE);
Filter filter = Filter.equality(roleDNAttr, dn);
SearchRequest searchRequest = LDAPRequests.newSearchRequest(roleBase, roleScope, filter, DN_ATTR);
searchRequest.setTimeLimit(defaultTimeLimit);
searchRequest.setSizeLimit(defaultSizeLimit);
Connection conn = null;
try {
conn = connectionFactory.getConnection();
ConnectionEntryReader reader = conn.search(searchRequest);
while (reader.hasNext()) {
if (reader.isEntry()) {
results.add(reader.readEntry().getName().toString());
} else {
//ignore search result references
reader.readReference();
}
}
} catch (LdapException ere) {
DEBUG.error("An error occurred while trying to retrieve filtered role members for " + dn, ere);
handleErrorResult(ere);
} catch (SearchResultReferenceIOException srrioe) {
//should never ever happen...
DEBUG.error("Got reference instead of entry", srrioe);
throw newIdRepoException(IdRepoErrorCode.SEARCH_FAILED, CLASS_NAME);
} finally {
IOUtils.closeIfNotNull(conn);
}
return results;
}
use of org.forgerock.opendj.ldap.Filter in project OpenAM by OpenRock.
the class DJLDAPv3Repo method constructFilter.
protected Filter constructFilter(int operation, Map<String, Set<String>> attributes) {
if (attributes == null || attributes.isEmpty()) {
return null;
}
Set<Filter> filters = new LinkedHashSet<Filter>(attributes.size());
for (Map.Entry<String, Set<String>> entry : attributes.entrySet()) {
for (String value : entry.getValue()) {
filters.add(Filter.valueOf(entry.getKey() + "=" + partiallyEscapeAssertionValue(value)));
}
}
Filter filter;
switch(operation) {
case OR_MOD:
filter = Filter.or(filters);
break;
case AND_MOD:
filter = Filter.and(filters);
break;
default:
//falling back to AND
filter = Filter.and(filters);
}
if (DEBUG.messageEnabled()) {
DEBUG.message("constructFilter returned filter: " + filter.toString());
}
return filter;
}
use of org.forgerock.opendj.ldap.Filter in project OpenAM by OpenRock.
the class DJLDAPv3Repo method getDN.
private String getDN(IdType type, String name, boolean shouldGenerate, String searchAttr) throws IdRepoException {
Object cachedDn = null;
if (dnCacheEnabled) {
cachedDn = dnCache.get(generateDNCacheKey(name, type));
}
if (cachedDn != null) {
return cachedDn.toString();
}
String dn = null;
DN searchBase = getBaseDN(type);
if (shouldGenerate) {
return searchBase.child(getSearchAttribute(type), name).toString();
}
if (searchAttr == null) {
searchAttr = getSearchAttribute(type);
}
Filter filter = Filter.and(Filter.equality(searchAttr, name), getObjectClassFilter(type));
SearchRequest searchRequest = LDAPRequests.newSearchRequest(searchBase, defaultScope, filter, DN_ATTR);
Connection conn = null;
try {
conn = connectionFactory.getConnection();
ConnectionEntryReader reader = conn.search(searchRequest);
SearchResultEntry entry = null;
while (reader.hasNext()) {
if (reader.isEntry()) {
if (entry != null) {
throw newIdRepoException(ResultCode.CLIENT_SIDE_UNEXPECTED_RESULTS_RETURNED, IdRepoErrorCode.LDAP_EXCEPTION_OCCURRED, CLASS_NAME, ResultCode.CLIENT_SIDE_UNEXPECTED_RESULTS_RETURNED.intValue());
}
entry = reader.readEntry();
} else {
//ignore references
reader.readReference();
}
}
if (entry == null) {
DEBUG.message("Unable to find entry with name: " + name + " under searchbase: " + searchBase + " with scope: " + defaultScope);
throw new IdentityNotFoundException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.TYPE_NOT_FOUND, ResultCode.CLIENT_SIDE_NO_RESULTS_RETURNED, new Object[] { name, type.getName() });
}
dn = entry.getName().toString();
} catch (LdapException ere) {
DEBUG.error("An error occurred while querying entry DN", ere);
handleErrorResult(ere);
} catch (SearchResultReferenceIOException srrioe) {
//should never ever happen...
DEBUG.error("Got reference instead of entry", srrioe);
throw newIdRepoException(IdRepoErrorCode.SEARCH_FAILED, CLASS_NAME);
} finally {
IOUtils.closeIfNotNull(conn);
}
if (dnCacheEnabled && !shouldGenerate) {
dnCache.put(generateDNCacheKey(name, type), dn);
}
return dn;
}
Aggregations