/** * Return the list of AdministrativeRole for a subentry */ private Set<AdministrativeRole> getSubentryAdminRoles( Entry subentry ) throws LdapException { Set<AdministrativeRole> adminRoles = new HashSet<>(); Attribute oc = subentry.get( directoryService.getAtProvider().getObjectClass() ); if ( oc == null ) { throw new LdapSchemaViolationException( ResultCodeEnum.OBJECT_CLASS_VIOLATION, I18n.err( I18n.ERR_305 ) ); } if ( oc.contains( SchemaConstants.ACCESS_CONTROL_SUBENTRY_OC ) ) { adminRoles.add( AdministrativeRole.AccessControlInnerArea ); } if ( oc.contains( SchemaConstants.SUBSCHEMA_OC ) ) { adminRoles.add( AdministrativeRole.SubSchemaSpecificArea ); } if ( oc.contains( SchemaConstants.COLLECTIVE_ATTRIBUTE_SUBENTRY_OC ) ) { adminRoles.add( AdministrativeRole.CollectiveAttributeSpecificArea ); } if ( oc.contains( ApacheSchemaConstants.TRIGGER_EXECUTION_SUBENTRY_OC ) ) { adminRoles.add( AdministrativeRole.TriggerExecutionInnerArea ); } return adminRoles; }
/** * {@inheritDoc} */ @Override public boolean accept( SearchOperationContext searchContext, Entry entry ) throws LdapException { // See if the requested entry is a subentry if ( directoryService.getSubentryCache().hasSubentry( entry.getDn() ) ) { return false; } // see if we can use objectclass if present return !entry.contains( directoryService.getAtProvider().getObjectClass(), subentryOC ); }
/** * {@inheritDoc} */ @Override public boolean accept( SearchOperationContext searchContext, Entry entry ) throws LdapException { // See if the requested entry is a subentry if ( directoryService.getSubentryCache().hasSubentry( entry.getDn() ) ) { return true; } // see if we can use objectclass if present return entry.contains( directoryService.getAtProvider().getObjectClass(), SchemaConstants.SUBENTRY_OC ); }
/** * Constructs a new filter EqualityNode asserting that a candidate * objectClass is a referral. * * @param session the {@link LdapSession} to construct the node for * @return the {@link org.apache.directory.api.ldap.model.filter.EqualityNode} (objectClass=referral) non-normalized * @throws Exception in the highly unlikely event of schema related failures */ private EqualityNode<String> newIsReferralEqualityNode( LdapSession session ) throws Exception { AttributeType objectClassAT = session.getCoreSession().getDirectoryService().getAtProvider().getObjectClass(); EqualityNode<String> ocIsReferral = new EqualityNode<String>( objectClassAT, new Value( objectClassAT, SchemaConstants.REFERRAL_OC ) ); return ocIsReferral; }
/** * Check that we can modify an entry */ private void checkModify( ModifyOperationContext modifyContext ) throws LdapException { List<Modification> mods = modifyContext.getModItems(); Entry originalEntry = modifyContext.getEntry(); Entry targetEntry = SchemaUtils.getTargetEntry( mods, originalEntry ); // If the modified entry contains the CollectiveAttributeSubentry, then the modification // is accepted, no matter what if ( targetEntry.contains( directoryService.getAtProvider().getObjectClass(), SchemaConstants.COLLECTIVE_ATTRIBUTE_SUBENTRY_OC ) ) { return; } // Check that we don't add any collectve attribute, this is not allowed on normal entries if ( hasCollectiveAttributes( mods ) ) { /* * TODO: Replace the Exception and the ResultCodeEnum with the correct ones. */ LOG.info( "Cannot modify the entry {} : it contains some CollectiveAttributes and is not a collective subentry", targetEntry ); throw new LdapSchemaViolationException( ResultCodeEnum.OBJECT_CLASS_VIOLATION, I18n.err( I18n.ERR_242 ) ); } }
AttributeType ocAt = directoryService.getAtProvider().getObjectClass(); MANDATORY_ENTRY_ATOP_MAP.put( ocAt.getName(), new AttributeTypeOptions( ocAt ) );
directoryService.getAtProvider().getObjectClass(), SchemaConstants.KRB5_PRINCIPAL_OC ) )
/** * * Creates a new instance of ConfigChangeListener. * * @param cpReader the configuration reader * @param directoryService the DirectoryService instance * @throws LdapException If the instance cannot be created */ public ConfigChangeListener( ConfigPartitionReader cpReader, DirectoryService directoryService ) throws LdapException { this.cpReader = cpReader; this.directoryService = directoryService; SchemaManager schemaManager = directoryService.getSchemaManager(); ppolicyConfigDnRoot = new Dn( schemaManager, "ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config" ); AuthenticationInterceptor authInterceptor = ( AuthenticationInterceptor ) directoryService .getInterceptor( AUTHENTICATION_INTERCEPTOR.getName() ); ppolicyConfigContainer = authInterceptor.getPwdPolicyContainer(); AttributeType ocType = directoryService.getAtProvider().getObjectClass(); passwordPolicyObjectClassAttribute = new DefaultAttribute( ocType, PPOLICY_OC_NAME ); }
ExprNode filter = new EqualityNode<String>( directoryService.getAtProvider().getObjectClass(), new Value( directoryService.getAtProvider().getObjectClass(), SchemaConstants.ADS_REPL_EVENT_LOG ) ); SearchRequest searchRequest = new SearchRequestImpl(); searchRequest.setBase( replConsumerDn );
private Set<AdministrativeRole> getSubentryTypes( Entry entry, List<Modification> mods ) throws LdapException Attribute ocFinalState = entry.get( directoryService.getAtProvider().getObjectClass() ).clone();
AttributeType objectClassAT = session.getCoreSession().getDirectoryService().getAtProvider().getObjectClass(); if ( attributeType.equals( objectClassAT ) )
.getAtProvider().getObjectClass() );
if ( entry.contains( directoryService.getAtProvider().getObjectClass(), SchemaConstants.SUBENTRY_OC ) )
AttributeType ocAt = directoryService.getAtProvider().getObjectClass();
if ( entry.contains( directoryService.getAtProvider().getObjectClass(), SchemaConstants.SUBENTRY_OC ) )
if ( entry.contains( directoryService.getAtProvider().getObjectClass(), SchemaConstants.SUBENTRY_OC ) ) ExprNode filter = new PresenceNode( directoryService.getAtProvider().getObjectClass() ); SearchControls controls = new SearchControls(); controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
if ( entry.contains( directoryService.getAtProvider().getObjectClass(), SchemaConstants.SUBENTRY_OC ) ) ExprNode filter = new PresenceNode( directoryService.getAtProvider().getObjectClass() ); SearchControls controls = new SearchControls(); controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
if ( entry.contains( directoryService.getAtProvider().getObjectClass(), SchemaConstants.SUBENTRY_OC ) ) ExprNode filter = new PresenceNode( directoryService.getAtProvider().getObjectClass() ); SearchControls controls = new SearchControls(); controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
boolean containsSubentryOC = entry.contains( directoryService.getAtProvider().getObjectClass(), SchemaConstants.SUBENTRY_OC ); oldBaseDn = oldBaseDn.add( ssOld.getBase() ); ExprNode filter = new PresenceNode( directoryService.getAtProvider().getObjectClass() ); SearchControls controls = new SearchControls(); controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
if ( entry.contains( directoryService.getAtProvider().getObjectClass(), SchemaConstants.SUBENTRY_OC ) )