if ( !modifyContext.getSession().isAnAdministrator() )
/** * check that if the password modification is allowed by the PP config, or if the session is * the admin. */ private void checkChangePwdAllowed( ModifyOperationContext modifyContext, PasswordPolicyConfiguration policyConfig, boolean isPPolicyReqCtrlPresent ) throws LdapNoPermissionException { if ( !policyConfig.isPwdAllowUserChange() && !modifyContext.getSession().isAnAdministrator() ) { if ( isPPolicyReqCtrlPresent ) { PasswordPolicyDecorator responseControl = new PasswordPolicyDecorator( directoryService.getLdapCodecService(), true ); responseControl.getResponse().setPasswordPolicyError( PasswordPolicyErrorEnum.PASSWORD_MOD_NOT_ALLOWED ); modifyContext.addResponseControl( responseControl ); } throw new LdapNoPermissionException(); } }
boolean isAdmin = modifyContext.getSession().getAuthenticatedPrincipal().getDn().equals( adminDn );
/** * {@inheritDoc} */ public void modify( ModifyOperationContext modifyContext ) throws LdapException { Entry entry = modifyContext.getEntry(); if ( entry == null ) { LookupOperationContext lookupCtx = new LookupOperationContext( modifyContext.getSession(), modifyContext.getDn() ); lookupCtx.setPartition( this ); lookupCtx.setTransaction( modifyContext.getTransaction() ); entry = wrapped.lookup( lookupCtx ); modifyContext.setEntry( entry ); } Entry targetEntry = SchemaUtils.getTargetEntry( modifyContext.getModItems(), entry ); boolean cascade = modifyContext.hasRequestControl( Cascade.OID ); boolean hasModification = synchronizer.modify( modifyContext, targetEntry, cascade ); if ( hasModification ) { wrapped.modify( modifyContext ); } if ( !modifyContext.getDn().equals( schemaModificationDN ) ) { updateSchemaModificationAttributes( modifyContext ); } }
{ SchemaConstants.ALL_OPERATIONAL_ATTRIBUTES, SchemaConstants.ALL_USER_ATTRIBUTES } ); SearchOperationContext searchOperationContext = new SearchOperationContext( modifyContext.getSession(), oldBaseDn, filter, controls ); searchOperationContext.setAliasDerefMode( AliasDerefMode.NEVER_DEREF_ALIASES ); ModifyOperationContext newModifyContext = new ModifyOperationContext( modifyContext.getSession(), candidateDn, getOperationalModsForRemove( dn, candidate ) ); newModifyContext.setPartition( modifyContext.getPartition() ); newBaseDn = newBaseDn.add( ssNew.getBase() ); searchOperationContext = new SearchOperationContext( modifyContext.getSession(), newBaseDn, filter, controls ); searchOperationContext.setAliasDerefMode( AliasDerefMode.NEVER_DEREF_ALIASES ); nexus.modify( new ModifyOperationContext( modifyContext.getSession(), candidateDn, getOperationalModsForAdd( candidate, operationalAttributes ) ) ); ModifyOperationContext newModifyContext = new ModifyOperationContext( modifyContext.getSession(), dn, subentriesOpAttrMods ); newModifyContext.setPartition( modifyContext.getPartition() ); newModifyContext.setTransaction( modifyContext.getTransaction() );
CoreSession userSession = modifyContext.getSession(); boolean isPPolicyReqCtrlPresent = modifyContext.hasRequestControl( PasswordPolicy.OID ); Modification pwdMustChangeMod; if ( modifyContext.getSession().isAnAdministrator() )
if ( !( modifyContext.isReplEvent() && modifyContext.getSession().isAdministrator() ) )