/** * Return the list of AdministrativeRole for a subentry */ private Set<AdministrativeRole> getSubentryAdminRoles( Entry subentry ) throws LdapException { Set<AdministrativeRole> adminRoles = new HashSet<>(); Attribute oc = subentry.get( directoryService.getAtProvider().getObjectClass() ); if ( oc == null ) { throw new LdapSchemaViolationException( ResultCodeEnum.OBJECT_CLASS_VIOLATION, I18n.err( I18n.ERR_305 ) ); } if ( oc.contains( SchemaConstants.ACCESS_CONTROL_SUBENTRY_OC ) ) { adminRoles.add( AdministrativeRole.AccessControlInnerArea ); } if ( oc.contains( SchemaConstants.SUBSCHEMA_OC ) ) { adminRoles.add( AdministrativeRole.SubSchemaSpecificArea ); } if ( oc.contains( SchemaConstants.COLLECTIVE_ATTRIBUTE_SUBENTRY_OC ) ) { adminRoles.add( AdministrativeRole.CollectiveAttributeSpecificArea ); } if ( oc.contains( ApacheSchemaConstants.TRIGGER_EXECUTION_SUBENTRY_OC ) ) { adminRoles.add( AdministrativeRole.TriggerExecutionInnerArea ); } return adminRoles; }
/** * Get the list of modifications to be applied on an entry to inject the operational attributes * associated with the administrative roles. */ private List<Modification> getOperationalModsForReplace( Dn oldDn, Dn newDn, Subentry subentry, Entry entry ) throws Exception { List<Modification> modifications = new ArrayList<>(); getOperationalModForReplace( subentry.isAccessControlAdminRole(), directoryService.getAtProvider() .getAccessControlSubentries(), entry, oldDn, newDn, modifications ); getOperationalModForReplace( subentry.isSchemaAdminRole(), directoryService.getAtProvider() .getSubschemaSubentry(), entry, oldDn, newDn, modifications ); getOperationalModForReplace( subentry.isCollectiveAdminRole(), directoryService.getAtProvider() .getCollectiveAttributeSubentries(), entry, oldDn, newDn, modifications ); getOperationalModForReplace( subentry.isTriggersAdminRole(), directoryService.getAtProvider() .getTriggerExecutionSubentries(), entry, oldDn, newDn, modifications ); return modifications; }
if ( !checkAddOperationalAttribute( isAdmin, entry, directoryService.getAtProvider().getEntryUUID() ) ) entry.put( directoryService.getAtProvider().getEntryUUID(), UUID.randomUUID().toString() ); if ( !checkAddOperationalAttribute( isAdmin, entry, directoryService.getAtProvider().getEntryCSN() ) ) entry.put( directoryService.getAtProvider().getEntryCSN(), directoryService.getCSN().toString() ); if ( !checkAddOperationalAttribute( isAdmin, entry, directoryService.getAtProvider().getCreatorsName() ) ) entry.put( directoryService.getAtProvider().getCreatorsName(), principal ); if ( !checkAddOperationalAttribute( isAdmin, entry, directoryService.getAtProvider().getCreateTimestamp() ) ) entry.put( directoryService.getAtProvider().getCreateTimestamp(), DateUtils.getGeneralizedTime() ); checkAddOperationalAttribute( isAdmin, entry, directoryService.getAtProvider().getAccessControlSubentries() ); .getCollectiveAttributeSubentries() ); checkAddOperationalAttribute( isAdmin, entry, directoryService.getAtProvider().getTriggerExecutionSubentries() ); checkAddOperationalAttribute( isAdmin, entry, directoryService.getAtProvider().getSubschemaSubentry() );
/** * Update The Administrative Points cache, adding the given AdminPoints */ private void addAdminPointCache( List<Entry> adminPointEntries ) throws LdapException { for ( Entry adminPointEntry : adminPointEntries ) { // update the cache Dn dn = adminPointEntry.getDn(); String uuid = adminPointEntry.get( directoryService.getAtProvider().getEntryUUID() ).getString(); Attribute adminPoint = adminPointEntry.get( directoryService.getAtProvider().getAdministrativeRole() ); createAdministrativePoints( adminPoint, dn, uuid ); } }
AttributeType ocAt = directoryService.getAtProvider().getObjectClass(); MANDATORY_ENTRY_ATOP_MAP.put( ocAt.getName(), new AttributeTypeOptions( ocAt ) ); AttributeType uuidAt = directoryService.getAtProvider().getEntryUUID(); MANDATORY_ENTRY_ATOP_MAP.put( uuidAt.getName(), new AttributeTypeOptions( uuidAt ) ); AttributeType csnAt = directoryService.getAtProvider().getEntryCSN(); MANDATORY_ENTRY_ATOP_MAP.put( csnAt.getName(), new AttributeTypeOptions( csnAt ) ); AttributeType creatorAt = directoryService.getAtProvider().getCreatorsName(); MANDATORY_ENTRY_ATOP_MAP.put( creatorAt.getName(), new AttributeTypeOptions( creatorAt ) ); AttributeType createdTimeAt = directoryService.getAtProvider().getCreateTimestamp(); MANDATORY_ENTRY_ATOP_MAP.put( createdTimeAt.getName(), new AttributeTypeOptions( createdTimeAt ) );
AttributeType ocAt = directoryService.getAtProvider().getObjectClass(); Dn subentryDn = subentry.getDn(); String subtree = subentry.get( directoryService.getAtProvider().getSubtreeSpecification() ) .getString(); SubtreeSpecification ss;
@Override public void delete( DeleteOperationContext deleteContext ) throws LdapException { // insert a new CSN into the entry, this is for replication Entry entry = deleteContext.getEntry(); Attribute csnAt = new DefaultAttribute( directoryService.getAtProvider().getEntryCSN(), directoryService .getCSN().toString() ); entry.put( csnAt ); next( deleteContext ); }
if ( attributeType.equals( directoryService.getAtProvider().getModifiersName() ) ) if ( attributeType.equals( directoryService.getAtProvider().getModifyTimestamp() ) ) if ( attributeType.equals( directoryService.getAtProvider().getEntryCSN() ) ) Attribute attribute = new DefaultAttribute( directoryService.getAtProvider().getModifiersName(), getPrincipal( modifyContext ).getName() ); Attribute attribute = new DefaultAttribute( directoryService.getAtProvider().getModifyTimestamp(), DateUtils.getGeneralizedTime() ); Attribute attribute = new DefaultAttribute( directoryService.getAtProvider().getEntryCSN(), csn ); Modification updatedCsn = new DefaultModification( ModificationOperation.REPLACE_ATTRIBUTE, attribute ); mods.add( updatedCsn );
directoryService.getAtProvider().getCollectiveAttributeSubentries() ); directoryService.getAtProvider().getCollectiveExclusions() ); Set<AttributeType> exclusions = new HashSet<>();
@Override public void init( DirectoryService directoryService ) throws LdapException { super.init( directoryService ); // stuff for dealing with subentries (garbage for now) Value subschemaSubentry = directoryService.getPartitionNexus().getRootDseValue( directoryService.getAtProvider().getSubschemaSubentry() ); subschemaSubentryDn = dnFactory.create( subschemaSubentry.getValue() ); // Create the Admin Dn adminDn = dnFactory.create( ServerDNConstants.ADMIN_SYSTEM_DN ); }
String uuid = remoteEntry.get( directoryService.getAtProvider().getEntryUUID() ).getString();
if ( pwdChangedTimeAt == null ) pwdChangedTimeAt = userEntry.get( directoryService.getAtProvider().getCreateTimestamp() );
.equals( directoryService.getAtProvider().getSubtreeSpecification() ) ) boolean containsSubentryOC = entry.contains( directoryService.getAtProvider().getObjectClass(), SchemaConstants.SUBENTRY_OC ); oldBaseDn = oldBaseDn.add( ssOld.getBase() ); ExprNode filter = new PresenceNode( directoryService.getAtProvider().getObjectClass() ); SearchControls controls = new SearchControls(); controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
/** * {@inheritDoc} */ @Override public void moveAndRename( MoveAndRenameOperationContext moveAndRenameContext ) throws LdapException { Entry modifiedEntry = moveAndRenameContext.getModifiedEntry(); modifiedEntry.put( SchemaConstants.MODIFIERS_NAME_AT, getPrincipal( moveAndRenameContext ).getName() ); modifiedEntry.put( SchemaConstants.MODIFY_TIMESTAMP_AT, DateUtils.getGeneralizedTime() ); modifiedEntry.setDn( moveAndRenameContext.getNewDn() ); Attribute csnAt = new DefaultAttribute( directoryService.getAtProvider().getEntryCSN(), directoryService .getCSN().toString() ); modifiedEntry.put( csnAt ); moveAndRenameContext.setModifiedEntry( modifiedEntry ); next( moveAndRenameContext ); }
Attribute adminPoint = entry.get( directoryService.getAtProvider().getAdministrativeRole() ); String apUuid = entry.get( directoryService.getAtProvider().getEntryUUID() ).getString();
PartitionNexus nexus = ds.getPartitionNexus(); Value subschemaSubentry = nexus.getRootDseValue( ds.getAtProvider().getSubschemaSubentry() ); Dn subschemaSubentryDn = ds.getDnFactory().create( subschemaSubentry.getValue() );
.getAccessControlSubentries(), dn.getName() ); attributes.add( accessControlSubentries ); directoryService.getAtProvider().getSubschemaSubentry(), dn.getName() ); attributes.add( subschemaSubentry ); .getCollectiveAttributeSubentries(), dn.getName() ); attributes.add( collectiveAttributeSubentries ); .getTriggerExecutionSubentries(), dn.getName() ); attributes.add( tiggerExecutionSubentries );
/** * {@inheritDoc} */ @Override public boolean accept( SearchOperationContext searchContext, Entry entry ) throws LdapException { // See if the requested entry is a subentry if ( directoryService.getSubentryCache().hasSubentry( entry.getDn() ) ) { return false; } // see if we can use objectclass if present return !entry.contains( directoryService.getAtProvider().getObjectClass(), subentryOC ); }
/** * {@inheritDoc} */ @Override public void move( MoveOperationContext moveContext ) throws LdapException { Entry modifiedEntry = moveContext.getOriginalEntry().clone(); modifiedEntry.put( SchemaConstants.MODIFIERS_NAME_AT, getPrincipal( moveContext ).getName() ); modifiedEntry.put( SchemaConstants.MODIFY_TIMESTAMP_AT, DateUtils.getGeneralizedTime() ); Attribute csnAt = new DefaultAttribute( directoryService.getAtProvider().getEntryCSN(), directoryService .getCSN().toString() ); modifiedEntry.put( csnAt ); modifiedEntry.setDn( moveContext.getNewDn() ); moveContext.setModifiedEntry( modifiedEntry ); next( moveContext ); }
String uuid = modifyContext.getEntry().get( directoryService.getAtProvider().getEntryUUID() ).getString(); if ( modification.getAttribute().getAttributeType() == directoryService.getAtProvider().getAdministrativeRole() ) directoryService.getAtProvider().getAdministrativeRole() ); modifiedAdminRole = new DefaultAttribute( directoryService.getAtProvider().getAdministrativeRole() ); if ( attribute.getAttributeType() == directoryService.getAtProvider().getAdministrativeRole() )