Package org.apache.directory.shared.ldap.entry

Examples of org.apache.directory.shared.ldap.entry.ServerEntry

227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
        checkNewParent( newParentName );
        String oldSchemaName = getSchemaName( oriChildName );
        String newSchemaName = getSchemaName( newParentName );
        MatchingRule oldMr = factory.getMatchingRule( schemaManager, entry, schemaManager.getRegistries(),
            oldSchemaName );
        ServerEntry targetEntry = ( ServerEntry ) entry.clone();
        String newOid = ( String ) newRdn.getNormValue();
        checkOidIsUnique( newOid );

        targetEntry.put( MetaSchemaConstants.M_OID_AT, newOid );
        MatchingRule mr = factory.getMatchingRule( schemaManager, targetEntry, schemaManager.getRegistries(),
            newSchemaName );

        if ( isSchemaEnabled( oldSchemaName ) )
        {
View Full Code Here
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
        if ( idx != null )
        {
            return idx.reverseGreaterOrEq( indexEntry.getId(), node.getValue().get() );
        }

        ServerEntry entry = indexEntry.getObject();

        // resuscitate the entry if it has not been and set entry in IndexEntry
        if ( null == entry )
        {
            entry = db.lookup( indexEntry.getId() );
            indexEntry.setObject( entry );
        }

        /*
         * The code below could have been replaced by a call to
         * evaluate( ServerEntry ) but it was not because we wanted to make
         * sure the call to evaluate with the attribute was made using a
         * non-null IndexEntry parameter.  This is to make sure the call to
         * evaluate with the attribute will set the value on the IndexEntry.
         */

        // get the attribute
        EntryAttribute attr = entry.get( type );

        // if the attribute exists and has a greater than or equal value return true
        //noinspection unchecked
        if ( attr != null && evaluate( ( IndexEntry<Object, ServerEntry, ID> ) indexEntry, attr ) )
        {
            return true;
        }

        // If we do not have the attribute, loop through the sub classes of
        // the attributeType.  Perhaps the entry has an attribute value of a
        // subtype (descendant) that will produce a match
        if ( schemaManager.getAttributeTypeRegistry().hasDescendants( node.getAttribute() ) )
        {
            // TODO check to see if descendant handling is necessary for the
            // index so we can match properly even when for example a name
            // attribute is used instead of more specific commonName
            Iterator<AttributeType> descendants = schemaManager.getAttributeTypeRegistry().descendants(
                node.getAttribute() );

            while ( descendants.hasNext() )
            {
                AttributeType descendant = descendants.next();

                attr = entry.get( descendant );

                //noinspection unchecked
                if ( attr != null && evaluate( ( IndexEntry<Object, ServerEntry, ID> ) indexEntry, attr ) )
                {
                    return true;
View Full Code Here
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
    {
        Collection<String> attrTypes = new ArrayList<String>();
        attrTypes.add( "cn" );
        Collection<ACITuple> tuples = getTuples( new ProtectedItem.SelfValue( attrTypes ) );

        ServerEntry entry = new DefaultServerEntry( schemaManager, USER_NAME );
        entry.put( "cn", USER_NAME.getNormName() );

        // Test wrong scope
        assertEquals( 0, filterA.filter( null, tuples, OperationScope.ENTRY, null, null, USER_NAME, null, null, null,
            "cn", null, entry, null, null ).size() );

        tuples = getTuples( new ProtectedItem.SelfValue( attrTypes ) );

        assertEquals( 1, filterA.filter( null, tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
            null, null, null, "cn", null, entry, null, null ).size() );

        entry.removeAttributes( "cn" );
        assertEquals( 0, filterA.filter( null, tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
            null, null, null, "cn", null, entry, null, null ).size() );

        tuples = getTuples( new ProtectedItem.SelfValue( attrTypes ) );
        assertEquals( 0, filterA.filter( null, tuples, OperationScope.ATTRIBUTE_TYPE_AND_VALUE, null, null, USER_NAME,
View Full Code Here
78
79
80
81
82
83
84
85
86
87
88
89
90
91
    }
   
   
    public void checkModify( OperationContext opContext, DN normName, List<Modification> mods ) throws Exception
    {
        ServerEntry originalEntry = opContext.lookup( normName, ByPassConstants.LOOKUP_BYPASS );
        ServerEntry targetEntry = (ServerEntry)SchemaUtils.getTargetEntry( mods, originalEntry );
       
        EntryAttribute targetObjectClasses = targetEntry.get( SchemaConstants.OBJECT_CLASS_AT );
       
        if ( targetObjectClasses.contains( SchemaConstants.COLLECTIVE_ATTRIBUTE_SUBENTRY_OC ) )
        {
            return;
        }
View Full Code Here
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
             * SubentryService to get us cached sub-entries so we're not
             * wasting time with a lookup here? It is ridiculous to waste
             * time looking up this sub-entry.
             */
           
            ServerEntry subentry = opContext.lookup( subentryDn, ByPassConstants.LOOKUP_COLLECTIVE_BYPASS );
           
            for ( AttributeType attributeType:subentry.getAttributeTypes() )
            {
                String attrId = attributeType.getName();
               
                if ( !attributeType.isCollective() )
                {
                    continue;
                }
               
                /*
                 * Skip the addition of this collective attribute if it is excluded
                 * in the 'collectiveAttributes' attribute.
                 */
                if ( exclusions.contains( attributeType.getOid() ) )
                {
                    continue;
                }
               
                Set<AttributeType> allSuperTypes = getAllSuperTypes( attributeType );

                for ( String retId : retIdsSet )
                {
                    if ( retId.equals( SchemaConstants.ALL_USER_ATTRIBUTES ) || retId.equals( SchemaConstants.ALL_OPERATIONAL_ATTRIBUTES ) )
                    {
                        continue;
                    }

                    AttributeType retType = schemaManager.lookupAttributeTypeRegistry( retId );

                    if ( allSuperTypes.contains( retType ) )
                    {
                        retIdsSet.add( schemaManager.lookupAttributeTypeRegistry( attrId ).getOid() );
                        break;
                    }
                }

                /*
                 * If not all attributes or this collective attribute requested specifically
                 * then bypass the inclusion process.
                 */
                if ( !( retIdsSet.contains( SchemaConstants.ALL_USER_ATTRIBUTES ) ||
                    retIdsSet.contains( schemaManager.lookupAttributeTypeRegistry( attrId ).getOid() ) ) )
                {
                    continue;
                }
               
                EntryAttribute subentryColAttr = subentry.get( attrId );
                EntryAttribute entryColAttr = entry.get( attrId );

                /*
                 * If entry does not have attribute for collective attribute then create it.
                 */
 
View Full Code Here
498
499
500
501
502
503
504
505
506
507
508
        ClonedServerEntry tempResult = null;
        outer: while ( wrapped.next() )
        {
            boolean accepted = true;
           
            ServerEntry tempEntry = wrapped.get();
            if ( tempEntry instanceof ClonedServerEntry )
            {
                tempResult = ( ClonedServerEntry ) tempEntry;
            }
            else
View Full Code Here
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
    @Test
    public void testPreventStructuralClassRemovalOnModifyReplace() throws Exception
    {
        DN name = new DN( "uid=akarasulu,ou=users,dc=example,dc=com" );
        ModificationOperation mod = ModificationOperation.REPLACE_ATTRIBUTE;
        ServerEntry modifyAttributes = new DefaultServerEntry( schemaManager );
        AttributeType atCN = schemaManager.lookupAttributeTypeRegistry( "cn" );
        modifyAttributes.put( new DefaultServerAttribute( atCN ) );

        // this should pass
        SchemaChecker.preventStructuralClassRemovalOnModifyReplace( schemaManager.getObjectClassRegistry(), name, mod, modifyAttributes );

        // this should succeed since person is still in replaced set and is structural
        modifyAttributes.removeAttributes( atCN );
        AttributeType atOC = schemaManager.lookupAttributeTypeRegistry( "objectClass" );
        EntryAttribute objectClassesReplaced = new DefaultServerAttribute( atOC );
        objectClassesReplaced.add( "top" );
        objectClassesReplaced.add( "person" );
        modifyAttributes.put( objectClassesReplaced );
        SchemaChecker.preventStructuralClassRemovalOnModifyReplace( schemaManager.getObjectClassRegistry(), name, mod, modifyAttributes );

        // this should fail since only top is left
        objectClassesReplaced = new DefaultServerAttribute( atOC );
        objectClassesReplaced.add( "top" );
        modifyAttributes.put( objectClassesReplaced );
        try
        {
            SchemaChecker.preventStructuralClassRemovalOnModifyReplace( schemaManager.getObjectClassRegistry(), name, mod, modifyAttributes );
            fail( "should never get here due to an LdapSchemaViolationException" );
        }
        catch ( LdapSchemaViolationException e )
        {
            assertEquals( e.getResultCode(), ResultCodeEnum.OBJECT_CLASS_MODS_PROHIBITED );
        }

        // this should fail since the modify operation tries to delete all
        // objectClass attribute values
        modifyAttributes.removeAttributes( "cn" );
        objectClassesReplaced = new DefaultServerAttribute( atOC );
        modifyAttributes.put( objectClassesReplaced );
        try
        {
            SchemaChecker.preventStructuralClassRemovalOnModifyReplace( schemaManager.getObjectClassRegistry(), name, mod, modifyAttributes );
            fail( "should never get here due to an LdapSchemaViolationException" );
        }
View Full Code Here
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
    @Test
    public void testPreventRdnChangeOnModifyRemove() throws Exception
    {
        ModificationOperation mod = ModificationOperation.REMOVE_ATTRIBUTE;
        DN name = new DN( "ou=user,dc=example,dc=com" );
        ServerEntry attributes = new DefaultServerEntry( schemaManager, name );
        attributes.put( "cn", "does not matter" );

        // postive test which should pass
        SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, attributes, schemaManager );

        // test should fail since we are removing the ou attribute
        AttributeType OU_AT = schemaManager.lookupAttributeTypeRegistry( "ou" );
        attributes.put( new DefaultServerAttribute( "ou", OU_AT ) );

        try
        {
            SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, attributes, schemaManager );
            fail( "should never get here due to a LdapSchemaViolationException being thrown" );
        }
        catch ( LdapSchemaViolationException e )
        {
            assertEquals( ResultCodeEnum.NOT_ALLOWED_ON_RDN, e.getResultCode() );
        }

        // test success using more than one attribute for the Rdn but not modifying rdn attribute
        name = new DN( "ou=users+cn=system users,dc=example,dc=com" );
        attributes = new DefaultServerEntry( schemaManager, name );
        attributes.put( "sn", "does not matter" );
        SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, attributes, schemaManager );

        // test for failure when modifying Rdn attribute in multi attribute Rdn
        AttributeType CN_AT = schemaManager.lookupAttributeTypeRegistry( "cn" );
        attributes.put( new DefaultServerAttribute( "cn", CN_AT ) );
       
        try
        {
            SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, attributes, schemaManager );
            fail( "should never get here due to a LdapSchemaViolationException being thrown" );
        }
        catch ( LdapSchemaViolationException e )
        {
            assertEquals( ResultCodeEnum.NOT_ALLOWED_ON_RDN, e.getResultCode() );
        }

        // should succeed since the value being deleted from the rdn attribute is
        // is not used when composing the Rdn
        attributes = new DefaultServerEntry( schemaManager, name );
        attributes.put( "ou", "container" );
        SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, attributes, schemaManager );

        // now let's make it fail again just by providing the right value for ou (users)
        attributes = new DefaultServerEntry( schemaManager, name );
        attributes.put( "ou", "users" );
        try
        {
            SchemaChecker.preventRdnChangeOnModifyRemove( name, mod, attributes, schemaManager );
            fail( "should never get here due to a LdapSchemaViolationException being thrown" );
        }
View Full Code Here
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
    @Test
    public void testPreventRdnChangeOnModifyReplace() throws Exception
    {
        ModificationOperation mod = ModificationOperation.REPLACE_ATTRIBUTE;
        DN name = new DN( "ou=user,dc=example,dc=com" );
        ServerEntry attributes = new DefaultServerEntry( schemaManager, name );
        attributes.put( "cn", "does not matter" );

        // postive test which should pass
        SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, attributes, schemaManager );

        // test should fail since we are removing the ou attribute
        attributes.put( "ou", (String)null );
       
        try
        {
            SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, attributes, schemaManager );
            fail( "should never get here due to a LdapSchemaViolationException being thrown" );
        }
        catch ( LdapSchemaViolationException e )
        {
            assertEquals( ResultCodeEnum.NOT_ALLOWED_ON_RDN, e.getResultCode() );
        }

        // test success using more than one attribute for the Rdn but not modifying rdn attribute
        name = new DN( "ou=users+cn=system users,dc=example,dc=com" );
        attributes = new DefaultServerEntry( schemaManager, name );
        attributes.put( "sn", "does not matter" );
        SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, attributes, schemaManager );

        // test for failure when modifying Rdn attribute in multi attribute Rdn
        attributes.put("cn", (String)null );
       
        try
        {
            SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, attributes, schemaManager );
            fail( "should never get here due to a LdapSchemaViolationException being thrown" );
        }
        catch ( LdapSchemaViolationException e )
        {
            assertEquals( ResultCodeEnum.NOT_ALLOWED_ON_RDN, e.getResultCode() );
        }

        // should succeed since the values being replaced from the rdn attribute is
        // is includes the old Rdn attribute value
        attributes = new DefaultServerEntry( schemaManager, name );
        attributes.put( "ou", "container" );
        attributes.put( "ou", "users" );
        SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, attributes, schemaManager );

        // now let's make it fail by not including the old value for ou (users)
        attributes = new DefaultServerEntry( schemaManager, name );
        attributes.put( "ou", "container" );
        try
        {
            SchemaChecker.preventRdnChangeOnModifyReplace( name, mod, attributes, schemaManager );
            fail( "should never get here due to a LdapSchemaViolationException being thrown" );
        }
View Full Code Here
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
     * @param subentry the subentry to get attributes from
     * @return the set of attributes to be added or removed from entries
     */
    private ServerEntry getSubentryOperatationalAttributes( DN name, Subentry subentry ) throws Exception
    {
        ServerEntry operational = new DefaultServerEntry( schemaManager, name );

        if ( subentry.isAccessControlSubentry() )
        {
            if ( operational.get( SchemaConstants.ACCESS_CONTROL_SUBENTRIES_AT ) == null )
            {
                operational.put( SchemaConstants.ACCESS_CONTROL_SUBENTRIES_AT, name.getNormName() );
            }
            else
            {
                operational.get( SchemaConstants.ACCESS_CONTROL_SUBENTRIES_AT ).add( name.getNormName() );
            }
        }
        if ( subentry.isSchemaSubentry() )
        {
            if ( operational.get( SchemaConstants.SUBSCHEMA_SUBENTRY_AT ) == null )
            {
                operational.put( SchemaConstants.SUBSCHEMA_SUBENTRY_AT, name.getNormName() );
            }
            else
            {
                operational.get( SchemaConstants.SUBSCHEMA_SUBENTRY_AT ).add( name.getNormName() );
            }
        }
        if ( subentry.isCollectiveSubentry() )
        {
            if ( operational.get( SchemaConstants.COLLECTIVE_ATTRIBUTE_SUBENTRIES_AT ) == null )
            {
                operational.put( SchemaConstants.COLLECTIVE_ATTRIBUTE_SUBENTRIES_AT, name.getNormName() );
            }
            else
            {
                operational.get( SchemaConstants.COLLECTIVE_ATTRIBUTE_SUBENTRIES_AT ).add( name.getNormName() );
            }
        }
        if ( subentry.isTriggerSubentry() )
        {
            if ( operational.get( SchemaConstants.TRIGGER_EXECUTION_SUBENTRIES_AT ) == null )
            {
                operational.put( SchemaConstants.TRIGGER_EXECUTION_SUBENTRIES_AT, name.getNormName() );
            }
            else
            {
                operational.get( SchemaConstants.TRIGGER_EXECUTION_SUBENTRIES_AT ).add( name.getNormName() );
            }
        }

        return operational;
    }
View Full Code Here
TOP

Related Classes of org.apache.directory.shared.ldap.entry.ServerEntry

  • org.acme.Ldap
  • org.apache.directory.server.config.ConfigPartitionReader
  • org.apache.directory.server.configuration.ApacheDS
  • org.apache.directory.server.core.authn.SimpleAuthenticator
  • org.apache.directory.server.core.authz.AciAuthorizationInterceptor
  • org.apache.directory.server.core.authz.DefaultAuthorizationInterceptor
  • org.apache.directory.server.core.authz.GroupCache
  • org.apache.directory.server.core.authz.support.ACDFEngine
  • org.apache.directory.server.core.authz.support.RelatedProtectedItemFilterTest
  • org.apache.directory.server.core.authz.TupleCache
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.