use of org.identityconnectors.framework.common.exceptions.OperationTimeoutException in project midpoint by Evolveum.
the class DummyConnectorLegacyUpdate method addAttributeValues.
/**
* {@inheritDoc}
*/
@Override
public Uid addAttributeValues(ObjectClass objectClass, Uid uid, Set<Attribute> valuesToAdd, OperationOptions options) {
validate(objectClass);
validate(uid);
try {
if (ObjectClass.ACCOUNT.is(objectClass.getObjectClassValue())) {
DummyAccount account;
if (configuration.isUidBoundToName()) {
account = resource.getAccountByUsername(uid.getUidValue());
} else if (configuration.isUidSeparateFromName()) {
account = resource.getAccountById(uid.getUidValue());
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
if (account == null) {
throw new UnknownUidException("Account with UID " + uid + " does not exist on resource");
}
applyModifyMetadata(account, options);
for (Attribute attr : valuesToAdd) {
if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
if (account.getPassword() != null) {
throw new InvalidAttributeValueException("Attempt to add value for password while password is already set");
}
changePassword(account, attr);
} else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
throw new InvalidAttributeValueException("Attempt to add value for enable attribute");
} else if (PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME.equalsIgnoreCase(attr.getName())) {
account.addAuxiliaryObjectClassNames(attr.getValue());
} else {
String name = attr.getName();
try {
account.addAttributeValues(name, attr.getValue());
LOG.ok("Added attribute {0} values {1} from {2}, resulting values: {3}", name, attr.getValue(), account, account.getAttributeValues(name, Object.class));
} catch (SchemaViolationException e) {
// The framework should deal with it ... somehow
throw new InvalidAttributeValueException(e.getMessage(), e);
}
}
}
} else if (ObjectClass.GROUP.is(objectClass.getObjectClassValue())) {
DummyGroup group;
if (configuration.isUidBoundToName()) {
group = resource.getGroupByName(uid.getUidValue());
} else if (configuration.isUidSeparateFromName()) {
group = resource.getGroupById(uid.getUidValue());
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
if (group == null) {
throw new UnknownUidException("Group with UID " + uid + " does not exist on resource");
}
applyModifyMetadata(group, options);
for (Attribute attr : valuesToAdd) {
if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
throw new InvalidAttributeValueException("Attempt to change password on group");
} else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
throw new InvalidAttributeValueException("Attempt to add value for enable attribute");
} else {
String name = attr.getName();
List<Object> values = attr.getValue();
if (attr.is(DummyGroup.ATTR_MEMBERS_NAME) && values != null && configuration.getUpCaseName()) {
List<Object> newValues = new ArrayList<>(values.size());
for (Object val : values) {
newValues.add(StringUtils.upperCase((String) val));
}
values = newValues;
}
try {
group.addAttributeValues(name, values);
LOG.ok("Added attribute {0} values {1} from {2}, resulting values: {3}", name, attr.getValue(), group, group.getAttributeValues(name, Object.class));
} catch (SchemaViolationException e) {
// The framework should deal with it ... somehow
throw new InvalidAttributeValueException(e.getMessage(), e);
}
}
}
} else if (objectClass.is(OBJECTCLASS_PRIVILEGE_NAME)) {
DummyPrivilege priv;
if (configuration.isUidBoundToName()) {
priv = resource.getPrivilegeByName(uid.getUidValue());
} else if (configuration.isUidSeparateFromName()) {
priv = resource.getPrivilegeById(uid.getUidValue());
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
if (priv == null) {
throw new UnknownUidException("Privilege with UID " + uid + " does not exist on resource");
}
applyModifyMetadata(priv, options);
for (Attribute attr : valuesToAdd) {
if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
throw new InvalidAttributeValueException("Attempt to change password on privilege");
} else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
throw new InvalidAttributeValueException("Attempt to add value for enable attribute");
} else {
String name = attr.getName();
try {
priv.addAttributeValues(name, attr.getValue());
LOG.ok("Added attribute {0} values {1} from {2}, resulting values: {3}", name, attr.getValue(), priv, priv.getAttributeValues(name, Object.class));
} catch (SchemaViolationException e) {
// The framework should deal with it ... somehow
throw new InvalidAttributeValueException(e.getMessage(), e);
}
}
}
} else if (objectClass.is(OBJECTCLASS_ORG_NAME)) {
DummyOrg org;
if (configuration.isUidBoundToName()) {
org = resource.getOrgByName(uid.getUidValue());
} else if (configuration.isUidSeparateFromName()) {
org = resource.getOrgById(uid.getUidValue());
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
if (org == null) {
throw new UnknownUidException("Org with UID " + uid + " does not exist on resource");
}
applyModifyMetadata(org, options);
for (Attribute attr : valuesToAdd) {
if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
throw new InvalidAttributeValueException("Attempt to change password on org");
} else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
throw new InvalidAttributeValueException("Attempt to add value for enable org");
} else {
String name = attr.getName();
try {
org.addAttributeValues(name, attr.getValue());
LOG.ok("Added attribute {0} values {1} from {2}, resulting values: {3}", name, attr.getValue(), org, org.getAttributeValues(name, Object.class));
} catch (SchemaViolationException e) {
// The framework should deal with it ... somehow
throw new InvalidAttributeValueException(e.getMessage(), e);
}
}
}
} else {
throw new ConnectorException("Unknown object class " + objectClass);
}
} catch (ConnectException e) {
LOG.info("addAttributeValues::exception " + e);
throw new ConnectionFailedException(e.getMessage(), e);
} catch (FileNotFoundException e) {
LOG.info("addAttributeValues::exception " + e);
throw new ConnectorIOException(e.getMessage(), e);
} catch (SchemaViolationException e) {
LOG.info("addAttributeValues::exception " + e);
throw new InvalidAttributeValueException(e.getMessage(), e);
} catch (ConflictException e) {
LOG.info("addAttributeValues::exception " + e);
throw new AlreadyExistsException(e);
} catch (InterruptedException e) {
LOG.info("addAttributeValues::exception " + e);
throw new OperationTimeoutException(e);
}
return uid;
}
use of org.identityconnectors.framework.common.exceptions.OperationTimeoutException in project midpoint by Evolveum.
the class DummyConnectorLegacyUpdate method removeAttributeValues.
/**
* {@inheritDoc}
*/
@Override
public Uid removeAttributeValues(ObjectClass objectClass, Uid uid, Set<Attribute> valuesToRemove, OperationOptions options) {
validate(objectClass);
validate(uid);
try {
if (ObjectClass.ACCOUNT.is(objectClass.getObjectClassValue())) {
DummyAccount account;
if (configuration.isUidBoundToName()) {
account = resource.getAccountByUsername(uid.getUidValue());
} else if (configuration.isUidSeparateFromName()) {
account = resource.getAccountById(uid.getUidValue());
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
if (account == null) {
throw new UnknownUidException("Account with UID " + uid + " does not exist on resource");
}
applyModifyMetadata(account, options);
for (Attribute attr : valuesToRemove) {
if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
throw new UnsupportedOperationException("Removing password value is not supported");
} else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
throw new InvalidAttributeValueException("Attempt to remove value from enable attribute");
} else if (PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME.equalsIgnoreCase(attr.getName())) {
account.deleteAuxiliaryObjectClassNames(attr.getValue());
} else {
String name = attr.getName();
try {
account.removeAttributeValues(name, attr.getValue());
LOG.ok("Removed attribute {0} values {1} from {2}, resulting values: {3}", name, attr.getValue(), account, account.getAttributeValues(name, Object.class));
} catch (SchemaViolationException e) {
// The framework should deal with it ... somehow
throw new InvalidAttributeValueException(e.getMessage(), e);
}
}
}
} else if (ObjectClass.GROUP.is(objectClass.getObjectClassValue())) {
DummyGroup group;
if (configuration.isUidBoundToName()) {
group = resource.getGroupByName(uid.getUidValue());
} else if (configuration.isUidSeparateFromName()) {
group = resource.getGroupById(uid.getUidValue());
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
if (group == null) {
throw new UnknownUidException("Group with UID " + uid + " does not exist on resource");
}
applyModifyMetadata(group, options);
for (Attribute attr : valuesToRemove) {
if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
throw new InvalidAttributeValueException("Attempt to change password on group");
} else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
throw new InvalidAttributeValueException("Attempt to remove value from enable attribute");
} else {
String name = attr.getName();
List<Object> values = attr.getValue();
if (attr.is(DummyGroup.ATTR_MEMBERS_NAME) && values != null && configuration.getUpCaseName()) {
List<Object> newValues = new ArrayList<>(values.size());
for (Object val : values) {
newValues.add(StringUtils.upperCase((String) val));
}
values = newValues;
}
try {
group.removeAttributeValues(name, values);
LOG.ok("Removed attribute {0} values {1} from {2}, resulting values: {3}", name, attr.getValue(), group, group.getAttributeValues(name, Object.class));
} catch (SchemaViolationException e) {
// The framework should deal with it ... somehow
throw new InvalidAttributeValueException(e.getMessage(), e);
}
}
}
} else if (objectClass.is(OBJECTCLASS_PRIVILEGE_NAME)) {
DummyPrivilege priv;
if (configuration.isUidBoundToName()) {
priv = resource.getPrivilegeByName(uid.getUidValue());
} else if (configuration.isUidSeparateFromName()) {
priv = resource.getPrivilegeById(uid.getUidValue());
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
if (priv == null) {
throw new UnknownUidException("Privilege with UID " + uid + " does not exist on resource");
}
applyModifyMetadata(priv, options);
for (Attribute attr : valuesToRemove) {
if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
throw new InvalidAttributeValueException("Attempt to change password on privilege");
} else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
throw new InvalidAttributeValueException("Attempt to remove value from enable attribute");
} else {
String name = attr.getName();
try {
priv.removeAttributeValues(name, attr.getValue());
LOG.ok("Removed attribute {0} values {1} from {2}, resulting values: {3}", name, attr.getValue(), priv, priv.getAttributeValues(name, Object.class));
} catch (SchemaViolationException e) {
// The framework should deal with it ... somehow
throw new InvalidAttributeValueException(e.getMessage(), e);
}
}
}
} else if (objectClass.is(OBJECTCLASS_ORG_NAME)) {
DummyOrg org;
if (configuration.isUidBoundToName()) {
org = resource.getOrgByName(uid.getUidValue());
} else if (configuration.isUidSeparateFromName()) {
org = resource.getOrgById(uid.getUidValue());
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
if (org == null) {
throw new UnknownUidException("Org with UID " + uid + " does not exist on resource");
}
applyModifyMetadata(org, options);
for (Attribute attr : valuesToRemove) {
if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
throw new InvalidAttributeValueException("Attempt to change password on org");
} else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
throw new InvalidAttributeValueException("Attempt to remove value from enable org");
} else {
String name = attr.getName();
try {
org.removeAttributeValues(name, attr.getValue());
LOG.ok("Removed attribute {0} values {1} from {2}, resulting values: {3}", name, attr.getValue(), org, org.getAttributeValues(name, Object.class));
} catch (SchemaViolationException e) {
// The framework should deal with it ... somehow
throw new InvalidAttributeValueException(e.getMessage(), e);
}
}
}
} else {
throw new ConnectorException("Unknown object class " + objectClass);
}
} catch (ConnectException e) {
LOG.info("removeAttributeValues::exception " + e);
throw new ConnectionFailedException(e.getMessage(), e);
} catch (FileNotFoundException e) {
LOG.info("removeAttributeValues::exception " + e);
throw new ConnectorIOException(e.getMessage(), e);
} catch (SchemaViolationException e) {
LOG.info("removeAttributeValues::exception " + e);
throw new InvalidAttributeValueException(e.getMessage(), e);
} catch (ConflictException e) {
LOG.info("removeAttributeValues::exception " + e);
throw new AlreadyExistsException(e);
} catch (InterruptedException e) {
LOG.info("removeAttributeValues::exception " + e);
throw new OperationTimeoutException(e);
}
return uid;
}
use of org.identityconnectors.framework.common.exceptions.OperationTimeoutException in project midpoint by Evolveum.
the class ConnIdUtil method processIcfException.
/**
* Transform ConnId exception to something more usable.
*
* ICF throws exceptions that contains inner exceptions that cannot be
* reached by current classloader. Such inner exceptions may cause a lot
* of problems in upper layers, such as attempt to serialize/deserialize
* them. Therefore we cannot pass such exceptions to the upper layers.
* As Throwable is immutable and there is no good way how to copy it, we
* just cannot remove the "bad" exceptions from the inner exception stack.
* We need to do the brutal thing: remove all the ICF exceptions and do
* not pass then to upper layers. Try to save at least some information
* and "compress" the class names and messages of the inner ICF exceptions.
* The full exception with a stack trace is logged here, so the details are
* still in the log.
*
* WARNING: This is black magic. Really. Blame Sun Identity Connector
* Framework interface design.
*
* @param connIdException
* exception from the ConnId
* @param connIdResult
* OperationResult to record failure
* @return reasonable midPoint exception
*/
static Throwable processIcfException(Throwable connIdException, String desc, OperationResult connIdResult) {
if (connIdException == null) {
connIdResult.recordFatalError("Null exception while processing ConnId exception ");
throw new IllegalArgumentException("Null exception while processing ConnId exception ");
}
LOGGER.error("ConnId Exception {} in {}: {}", connIdException.getClass().getName(), desc, connIdException.getMessage(), connIdException);
if (connIdException instanceof RemoteWrappedException) {
// brutal hack, for now
RemoteWrappedException remoteWrappedException = (RemoteWrappedException) connIdException;
String className = remoteWrappedException.getExceptionClass();
if (className == null) {
LOGGER.error("Remote ConnId exception without inner exception class name. Continuing with original one: {}", connIdException);
} else if (DOT_NET_ARGUMENT_EXCEPTION.equals(className) && remoteWrappedException.getMessage().contains("0x800708C5")) {
// password too weak
connIdException = new SecurityViolationException(connIdException.getMessage(), connIdException);
} else {
if (className.startsWith(DOT_NET_EXCEPTION_PACKAGE_PLUS_DOT)) {
className = JAVA_EXCEPTION_PACKAGE + "." + className.substring(DOT_NET_EXCEPTION_PACKAGE_PLUS_DOT.length());
LOGGER.trace("Translated exception class: {}", className);
}
try {
connIdException = (Throwable) Class.forName(className).getConstructor(String.class, Throwable.class).newInstance(remoteWrappedException.getMessage(), remoteWrappedException);
} catch (InstantiationException | IllegalAccessException | ClassNotFoundException | NoSuchMethodException | InvocationTargetException e) {
LoggingUtils.logException(LOGGER, "Couldn't unwrap remote ConnId exception, continuing with original one {}", e, connIdException);
}
}
}
if (connIdException instanceof NullPointerException && connIdException.getMessage() != null) {
// NPE with a message text is in fact not a NPE but an application exception
// this usually means that some parameter is missing
Exception newEx = new SchemaException(createMessageFromAllExceptions("Required attribute is missing", connIdException));
connIdResult.recordFatalError("Required attribute is missing: " + connIdException.getMessage(), newEx);
return newEx;
} else if (connIdException instanceof IllegalArgumentException) {
// Let's assume this must be a configuration problem
Exception newEx = new com.evolveum.midpoint.util.exception.ConfigurationException(createMessageFromInnermostException("Configuration error", connIdException));
connIdResult.recordFatalError("Configuration error: " + connIdException.getMessage(), newEx);
return newEx;
}
//this exception is to be analyzed here before the following if clause
if (connIdException.getCause() != null) {
String exCauseClassName = connIdException.getCause().getClass().getSimpleName();
if (exCauseClassName.equals(CONNECTIONS_EXCEPTION_CLASS_NAME)) {
Exception newEx = new CommunicationException(createMessageFromAllExceptions("Connect error", connIdException));
connIdResult.recordFatalError("Connect error: " + connIdException.getMessage(), newEx);
return newEx;
}
}
if (connIdException.getClass().getPackage().equals(NullPointerException.class.getPackage())) {
// There are java.lang exceptions, they are safe to pass through
connIdResult.recordFatalError(connIdException);
return connIdException;
}
if (connIdException.getClass().getPackage().equals(SchemaException.class.getPackage())) {
// Common midPoint exceptions, pass through
connIdResult.recordFatalError(connIdException);
return connIdException;
}
if (connIdResult == null) {
throw new IllegalArgumentException(createMessageFromAllExceptions("Null parent result while processing ConnId exception", connIdException));
}
// Introspect the inner exceptions and look for known causes
Exception knownCause = lookForKnownCause(connIdException, connIdException, connIdResult);
if (knownCause != null) {
connIdResult.recordFatalError(knownCause);
return knownCause;
}
// Otherwise try few obvious things
if (connIdException instanceof IllegalArgumentException) {
// This is most likely missing attribute or similar schema thing
Exception newEx = new SchemaException(createMessageFromAllExceptions("Schema violation (most likely)", connIdException));
connIdResult.recordFatalError("Schema violation: " + connIdException.getMessage(), newEx);
return newEx;
} else if (connIdException instanceof ConfigurationException) {
Exception newEx = new com.evolveum.midpoint.util.exception.ConfigurationException(createMessageFromInnermostException("Configuration error", connIdException));
connIdResult.recordFatalError("Configuration error: " + connIdException.getMessage(), newEx);
return newEx;
} else if (connIdException instanceof AlreadyExistsException) {
Exception newEx = new ObjectAlreadyExistsException(createMessageFromAllExceptions(null, connIdException));
connIdResult.recordFatalError("Object already exists: " + connIdException.getMessage(), newEx);
return newEx;
} else if (connIdException instanceof PermissionDeniedException) {
Exception newEx = new SecurityViolationException(createMessageFromAllExceptions(null, connIdException));
connIdResult.recordFatalError("Security violation: " + connIdException.getMessage(), newEx);
return newEx;
} else if (connIdException instanceof ConnectionBrokenException) {
Exception newEx = new CommunicationException(createMessageFromAllExceptions("Connection broken", connIdException));
connIdResult.recordFatalError("Connection broken: " + connIdException.getMessage(), newEx);
return newEx;
} else if (connIdException instanceof ConnectionFailedException) {
Exception newEx = new CommunicationException(createMessageFromAllExceptions("Connection failed", connIdException));
connIdResult.recordFatalError("Connection failed: " + connIdException.getMessage(), newEx);
return newEx;
} else if (connIdException instanceof UnknownHostException) {
Exception newEx = new CommunicationException(createMessageFromAllExceptions("Unknown host", connIdException));
connIdResult.recordFatalError("Unknown host: " + connIdException.getMessage(), newEx);
return newEx;
} else if (connIdException instanceof ConnectorIOException) {
Exception newEx = new CommunicationException(createMessageFromAllExceptions("IO error", connIdException));
connIdResult.recordFatalError("IO error: " + connIdException.getMessage(), newEx);
return newEx;
} else if (connIdException instanceof InvalidCredentialException) {
Exception newEx = new GenericFrameworkException(createMessageFromAllExceptions("Invalid credentials", connIdException));
connIdResult.recordFatalError("Invalid credentials: " + connIdException.getMessage(), newEx);
return newEx;
} else if (connIdException instanceof OperationTimeoutException) {
Exception newEx = new CommunicationException(createMessageFromAllExceptions("Operation timed out", connIdException));
connIdResult.recordFatalError("Operation timed out: " + connIdException.getMessage(), newEx);
return newEx;
} else if (connIdException instanceof UnknownUidException) {
Exception newEx = new ObjectNotFoundException(createMessageFromAllExceptions(null, connIdException));
connIdResult.recordFatalError("Unknown UID: " + connIdException.getMessage(), newEx);
return newEx;
} else if (connIdException instanceof InvalidAttributeValueException) {
Exception newEx = new SchemaException(createMessageFromAllExceptions(null, connIdException));
connIdResult.recordFatalError("Schema violation: " + connIdException.getMessage(), newEx);
return newEx;
} else if (connIdException instanceof RetryableException) {
Exception newEx = new CommunicationException(createMessageFromAllExceptions(null, connIdException));
connIdResult.recordFatalError("Retryable errror: " + connIdException.getMessage(), newEx);
return newEx;
} else if (connIdException instanceof ConnectorSecurityException) {
// Note: connection refused is also packed inside
// ConnectorSecurityException. But that will get addressed by the
// lookForKnownCause(..) before
// Maybe we need special exception for security?
Exception newEx = new SecurityViolationException(createMessageFromAllExceptions("Security violation", connIdException));
connIdResult.recordFatalError("Security violation: " + connIdException.getMessage(), newEx);
return newEx;
}
// Fallback
Exception newEx = new GenericFrameworkException(createMessageFromAllExceptions(null, connIdException));
connIdResult.recordFatalError(newEx);
return newEx;
}
use of org.identityconnectors.framework.common.exceptions.OperationTimeoutException in project midpoint by Evolveum.
the class DummyConnectorLegacyUpdate method update.
/**
* {@inheritDoc}
*/
@Override
public Uid update(ObjectClass objectClass, Uid uid, Set<Attribute> replaceAttributes, OperationOptions options) {
LOG.info("update::begin");
validate(objectClass);
validate(uid);
try {
if (ObjectClass.ACCOUNT.is(objectClass.getObjectClassValue())) {
final DummyAccount account;
if (configuration.isUidBoundToName()) {
account = resource.getAccountByUsername(uid.getUidValue(), false);
} else if (configuration.isUidSeparateFromName()) {
account = resource.getAccountById(uid.getUidValue(), false);
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
if (account == null) {
throw new UnknownUidException("Account with UID " + uid + " does not exist on resource");
}
applyModifyMetadata(account, options);
// we do this before setting attribute values, in case when description itself would be changed
resource.changeDescriptionIfNeeded(account);
for (Attribute attr : replaceAttributes) {
if (attr.is(Name.NAME)) {
String newName = (String) attr.getValue().get(0);
try {
resource.renameAccount(account.getId(), account.getName(), newName);
} catch (ObjectDoesNotExistException e) {
throw new org.identityconnectors.framework.common.exceptions.UnknownUidException(e.getMessage(), e);
} catch (ObjectAlreadyExistsException e) {
throw new org.identityconnectors.framework.common.exceptions.AlreadyExistsException(e.getMessage(), e);
} catch (SchemaViolationException e) {
throw new org.identityconnectors.framework.common.exceptions.InvalidAttributeValueException("Schema exception: " + e.getMessage(), e);
}
// We need to change the returned uid here (only if the mode is not set to NAME)
if (configuration.isUidBoundToName()) {
uid = new Uid(newName);
}
} else if (attr.is(OperationalAttributes.PASSWORD_NAME)) {
changePassword(account, attr);
} else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
account.setEnabled(getBoolean(attr));
} else if (attr.is(OperationalAttributes.ENABLE_DATE_NAME)) {
account.setValidFrom(getDate(attr));
} else if (attr.is(OperationalAttributes.DISABLE_DATE_NAME)) {
account.setValidTo(getDate(attr));
} else if (attr.is(OperationalAttributes.LOCK_OUT_NAME)) {
account.setLockout(getBooleanMandatory(attr));
} else if (PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME.equalsIgnoreCase(attr.getName())) {
account.replaceAuxiliaryObjectClassNames(attr.getValue());
} else {
String name = attr.getName();
try {
account.replaceAttributeValues(name, attr.getValue());
} catch (SchemaViolationException e) {
// The framework should deal with it ... somehow
throw new InvalidAttributeValueException(e.getMessage(), e);
}
}
}
} else if (ObjectClass.GROUP.is(objectClass.getObjectClassValue())) {
final DummyGroup group;
if (configuration.isUidBoundToName()) {
group = resource.getGroupByName(uid.getUidValue(), false);
} else if (configuration.isUidSeparateFromName()) {
group = resource.getGroupById(uid.getUidValue(), false);
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
if (group == null) {
throw new UnknownUidException("Group with UID " + uid + " does not exist on resource");
}
applyModifyMetadata(group, options);
for (Attribute attr : replaceAttributes) {
if (attr.is(Name.NAME)) {
String newName = (String) attr.getValue().get(0);
try {
resource.renameGroup(group.getId(), group.getName(), newName);
} catch (ObjectDoesNotExistException e) {
throw new org.identityconnectors.framework.common.exceptions.UnknownUidException(e.getMessage(), e);
} catch (ObjectAlreadyExistsException e) {
throw new org.identityconnectors.framework.common.exceptions.AlreadyExistsException(e.getMessage(), e);
}
// We need to change the returned uid here (only if the mode is not set to NAME)
if (configuration.isUidBoundToName()) {
uid = new Uid(newName);
}
} else if (attr.is(OperationalAttributes.PASSWORD_NAME)) {
throw new InvalidAttributeValueException("Attempt to change password on group");
} else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
group.setEnabled(getBooleanMandatory(attr));
} else {
String name = attr.getName();
List<Object> values = attr.getValue();
if (attr.is(DummyGroup.ATTR_MEMBERS_NAME) && values != null && configuration.getUpCaseName()) {
List<Object> newValues = new ArrayList<>(values.size());
for (Object val : values) {
newValues.add(StringUtils.upperCase((String) val));
}
values = newValues;
}
try {
group.replaceAttributeValues(name, values);
} catch (SchemaViolationException e) {
throw new InvalidAttributeValueException(e.getMessage(), e);
}
}
}
} else if (objectClass.is(OBJECTCLASS_PRIVILEGE_NAME)) {
final DummyPrivilege priv;
if (configuration.isUidBoundToName()) {
priv = resource.getPrivilegeByName(uid.getUidValue(), false);
} else if (configuration.isUidSeparateFromName()) {
priv = resource.getPrivilegeById(uid.getUidValue(), false);
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
if (priv == null) {
throw new UnknownUidException("Privilege with UID " + uid + " does not exist on resource");
}
applyModifyMetadata(priv, options);
for (Attribute attr : replaceAttributes) {
if (attr.is(Name.NAME)) {
String newName = (String) attr.getValue().get(0);
try {
resource.renamePrivilege(priv.getId(), priv.getName(), newName);
} catch (ObjectDoesNotExistException e) {
throw new org.identityconnectors.framework.common.exceptions.UnknownUidException(e.getMessage(), e);
} catch (ObjectAlreadyExistsException e) {
throw new org.identityconnectors.framework.common.exceptions.AlreadyExistsException(e.getMessage(), e);
}
// We need to change the returned uid here (only if the mode is not set to NAME)
if (configuration.isUidBoundToName()) {
uid = new Uid(newName);
}
} else if (attr.is(OperationalAttributes.PASSWORD_NAME)) {
throw new InvalidAttributeValueException("Attempt to change password on privilege");
} else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
throw new InvalidAttributeValueException("Attempt to change enable on privilege");
} else {
String name = attr.getName();
try {
priv.replaceAttributeValues(name, attr.getValue());
} catch (SchemaViolationException e) {
throw new InvalidAttributeValueException(e.getMessage(), e);
}
}
}
} else if (objectClass.is(OBJECTCLASS_ORG_NAME)) {
final DummyOrg org;
if (configuration.isUidBoundToName()) {
org = resource.getOrgByName(uid.getUidValue(), false);
} else if (configuration.isUidSeparateFromName()) {
org = resource.getOrgById(uid.getUidValue(), false);
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
if (org == null) {
throw new UnknownUidException("Org with UID " + uid + " does not exist on resource");
}
applyModifyMetadata(org, options);
for (Attribute attr : replaceAttributes) {
if (attr.is(Name.NAME)) {
String newName = (String) attr.getValue().get(0);
try {
resource.renameOrg(org.getId(), org.getName(), newName);
} catch (ObjectDoesNotExistException e) {
throw new org.identityconnectors.framework.common.exceptions.UnknownUidException(e.getMessage(), e);
} catch (ObjectAlreadyExistsException e) {
throw new org.identityconnectors.framework.common.exceptions.AlreadyExistsException(e.getMessage(), e);
}
// We need to change the returned uid here (only if the mode is not set to NAME)
if (configuration.isUidBoundToName()) {
uid = new Uid(newName);
}
} else if (attr.is(OperationalAttributes.PASSWORD_NAME)) {
throw new InvalidAttributeValueException("Attempt to change password on org");
} else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
throw new InvalidAttributeValueException("Attempt to change enable on org");
} else {
String name = attr.getName();
try {
org.replaceAttributeValues(name, attr.getValue());
} catch (SchemaViolationException e) {
throw new InvalidAttributeValueException(e.getMessage(), e);
}
}
}
} else {
throw new ConnectorException("Unknown object class " + objectClass);
}
} catch (ConnectException e) {
LOG.info("update::exception " + e);
throw new ConnectionFailedException(e.getMessage(), e);
} catch (FileNotFoundException e) {
LOG.info("update::exception " + e);
throw new ConnectorIOException(e.getMessage(), e);
} catch (SchemaViolationException e) {
LOG.info("update::exception " + e);
throw new InvalidAttributeValueException(e.getMessage(), e);
} catch (ConflictException e) {
LOG.info("update::exception " + e);
throw new AlreadyExistsException(e);
} catch (InterruptedException e) {
LOG.info("update::exception " + e);
throw new OperationTimeoutException(e);
}
LOG.info("update::end");
return uid;
}
Aggregations