external-software/github_OpenIdentityPlatform_OpenDJ.git

OPENDJ-3476 Update schema config and add update task for move of subordinat...

Nicolas Capponi

21.43.2016 affd68754461e0102f9390e5b5ae4bf40c8662ef

 opendj-maven-plugin/src/main/resources/config/xml/org/forgerock/opendj/server/config/GlobalConfiguration.xml

@@ -886,14 +886,14 @@
  </adm:property>
  <adm:property name="subordinate-base-dn" multi-valued="true">
    <adm:synopsis>
      Specifies the set of naming contexts that are accessible using a 
      subtree search from base DN "". 
      Specifies the set of base DNs used for singleLevel,
      wholeSubtree, and subordinateSubtree searches based at the root
      DSE.
    </adm:synopsis>
    <adm:default-behavior>
      <adm:alias>
        <adm:synopsis>
          The set of all user-defined suffixes is used when searching
          from base DN "".
          The set of all user-defined suffixes is used.
        </adm:synopsis>
      </adm:alias>
    </adm:default-behavior>

 opendj-server-legacy/resource/schema/02-config.ldif

@@ -4374,7 +4374,8 @@
        ds-cfg-max-allowed-client-connections $
        ds-cfg-max-psearches $
        ds-cfg-max-internal-buffer-size $
        ds-cfg-trust-transaction-ids)
        ds-cfg-trust-transaction-ids $
        ds-cfg-subordinate-base-dn)
  X-ORIGIN 'OpenDS Directory Server' )
objectClasses: ( 1.3.6.1.4.1.26027.1.2.40
  NAME 'ds-cfg-root-dn-user'
@@ -4387,8 +4388,7 @@
  SUP top
  STRUCTURAL
  MUST cn
  MAY ( ds-cfg-subordinate-base-dn $
        ds-cfg-show-all-attributes $
  MAY ( ds-cfg-show-all-attributes $
        ds-cfg-show-subordinate-naming-contexts)
  X-ORIGIN 'OpenDS Directory Server' )
objectClasses: ( 1.3.6.1.4.1.26027.1.2.42

 opendj-server-legacy/src/main/java/org/opends/server/tools/upgrade/Upgrade.java

@@ -610,6 +610,7 @@
            "add: objectClass",
            "objectClass: ds-cfg-local-backend")
    );
    register("4.0.0", moveSubordinateBaseDnToGlobalConfiguration());

    /* All upgrades will refresh the server configuration schema and generate a new upgrade folder. */
    registerLast(

 opendj-server-legacy/src/main/java/org/opends/server/tools/upgrade/UpgradeTasks.java

@@ -49,6 +49,8 @@

import org.forgerock.i18n.LocalizableMessage;
import org.forgerock.i18n.slf4j.LocalizedLogger;
import org.forgerock.opendj.ldap.Attribute;
import org.forgerock.opendj.ldap.ByteString;
import org.forgerock.opendj.ldap.DN;
import org.forgerock.opendj.ldap.Entry;
import org.forgerock.opendj.ldap.Filter;
@@ -1472,4 +1474,51 @@
      }
    };
  }

  /** Move subordinate-base-dn attribute from Root DSE config to Global config. */
  static UpgradeTask moveSubordinateBaseDnToGlobalConfiguration()
  {
    return new AbstractUpgradeTask()
    {
      @Override
      public void perform(UpgradeContext context) throws ClientException
      {
        final SearchRequest sr = Requests.newSearchRequest("cn=Root DSE,cn=config", SearchScope.BASE_OBJECT,
                "(objectclass=ds-cfg-root-dse-backend)");
        final Set<String> subordinateDns = new HashSet<>();
        try (final EntryReader entryReader = searchConfigFile(sr))
        {
          if (!entryReader.hasNext())
          {
            return;
          }
          Entry entry = entryReader.readEntry();
          Attribute attribute = entry.getAttribute("ds-cfg-subordinate-base-dn");
          if (attribute == null || attribute.isEmpty())
          {
            return;
          }
          for (ByteString value : attribute)
          {
              subordinateDns.add(value.toString());
          }
        }
        catch (IOException e)
        {
          throw new ClientException(ReturnCode.APPLICATION_ERROR, INFO_UPGRADE_TASK_MIGRATE_CONFIG_READ_FAIL.get(), e);
        }
        modifyConfigEntry(INFO_UPGRADE_TASK_DELETE_SUBORDINATE_BASE_DN_FROM_ROOT_DSE.get(),
              "(objectClass=ds-cfg-root-dse-backend)",
              "delete: ds-cfg-subordinate-base-dn");
        List<String> ldif = new ArrayList<>();
        ldif.add("add: ds-cfg-subordinate-base-dn");
        for (String sub : subordinateDns)
        {
          ldif.add("ds-cfg-subordinate-base-dn: " + sub);
        }
        modifyConfigEntry(INFO_UPGRADE_TASK_ADD_SUBORDINATE_BASE_DN_TO_GLOBAL_CONFIG.get(),
            "(objectClass=ds-cfg-root-config)", ldif.toArray(new String[0]));
      }
    };
  }
}

 opendj-server-legacy/src/messages/org/opends/messages/tool.properties

@@ -2686,4 +2686,8 @@
ERR_TRUSTING_CERTIFICATE_PERMANENTLY=Unable to trust the certificate permanently, \
 certificate will be trusted only for this session. Error details: %s
ERR_UPGRADE_READING_CONF_FILE=An error occurred while reading configuration file: %s
INFO_UPGRADE_TASK_ADD_LOCAL_BACKEND=Adding local backend object class
INFO_UPGRADE_TASK_ADD_LOCAL_BACKEND=Adding local backend object class
INFO_UPGRADE_TASK_DELETE_SUBORDINATE_BASE_DN_FROM_ROOT_DSE=Removing subordinate-base-dn attribute from \
 Root DSE configuration
INFO_UPGRADE_TASK_ADD_SUBORDINATE_BASE_DN_TO_GLOBAL_CONFIG=Adding subordinate-base-dn attribute to \
 Global configuration

			@@ -886,14 +886,14 @@
			</adm:property>
			<adm:property name="subordinate-base-dn" multi-valued="true">
			<adm:synopsis>
			Specifies the set of naming contexts that are accessible using a
			subtree search from base DN "".
			Specifies the set of base DNs used for singleLevel,
			wholeSubtree, and subordinateSubtree searches based at the root
			DSE.
			</adm:synopsis>
			<adm:default-behavior>
			<adm:alias>
			<adm:synopsis>
			The set of all user-defined suffixes is used when searching
			from base DN "".
			The set of all user-defined suffixes is used.
			</adm:synopsis>
			</adm:alias>
			</adm:default-behavior>

			@@ -4374,7 +4374,8 @@
			ds-cfg-max-allowed-client-connections $
			ds-cfg-max-psearches $
			ds-cfg-max-internal-buffer-size $
			ds-cfg-trust-transaction-ids)
			ds-cfg-trust-transaction-ids $
			ds-cfg-subordinate-base-dn)
			X-ORIGIN 'OpenDS Directory Server' )
			objectClasses: ( 1.3.6.1.4.1.26027.1.2.40
			NAME 'ds-cfg-root-dn-user'
			@@ -4387,8 +4388,7 @@
			SUP top
			STRUCTURAL
			MUST cn
			MAY ( ds-cfg-subordinate-base-dn $
			ds-cfg-show-all-attributes $
			MAY ( ds-cfg-show-all-attributes $
			ds-cfg-show-subordinate-naming-contexts)
			X-ORIGIN 'OpenDS Directory Server' )
			objectClasses: ( 1.3.6.1.4.1.26027.1.2.42

			@@ -610,6 +610,7 @@
			"add: objectClass",
			"objectClass: ds-cfg-local-backend")
			);
			register("4.0.0", moveSubordinateBaseDnToGlobalConfiguration());

			/* All upgrades will refresh the server configuration schema and generate a new upgrade folder. */
			registerLast(

			@@ -49,6 +49,8 @@

			import org.forgerock.i18n.LocalizableMessage;
			import org.forgerock.i18n.slf4j.LocalizedLogger;
			import org.forgerock.opendj.ldap.Attribute;
			import org.forgerock.opendj.ldap.ByteString;
			import org.forgerock.opendj.ldap.DN;
			import org.forgerock.opendj.ldap.Entry;
			import org.forgerock.opendj.ldap.Filter;
			@@ -1472,4 +1474,51 @@
			}
			};
			}

			/** Move subordinate-base-dn attribute from Root DSE config to Global config. */
			static UpgradeTask moveSubordinateBaseDnToGlobalConfiguration()
			{
			return new AbstractUpgradeTask()
			{
			@Override
			public void perform(UpgradeContext context) throws ClientException
			{
			final SearchRequest sr = Requests.newSearchRequest("cn=Root DSE,cn=config", SearchScope.BASE_OBJECT,
			"(objectclass=ds-cfg-root-dse-backend)");
			final Set<String> subordinateDns = new HashSet<>();
			try (final EntryReader entryReader = searchConfigFile(sr))
			{
			if (!entryReader.hasNext())
			{
			return;
			}
			Entry entry = entryReader.readEntry();
			Attribute attribute = entry.getAttribute("ds-cfg-subordinate-base-dn");
			if (attribute == null \|\| attribute.isEmpty())
			{
			return;
			}
			for (ByteString value : attribute)
			{
			subordinateDns.add(value.toString());
			}
			}
			catch (IOException e)
			{
			throw new ClientException(ReturnCode.APPLICATION_ERROR, INFO_UPGRADE_TASK_MIGRATE_CONFIG_READ_FAIL.get(), e);
			}
			modifyConfigEntry(INFO_UPGRADE_TASK_DELETE_SUBORDINATE_BASE_DN_FROM_ROOT_DSE.get(),
			"(objectClass=ds-cfg-root-dse-backend)",
			"delete: ds-cfg-subordinate-base-dn");
			List<String> ldif = new ArrayList<>();
			ldif.add("add: ds-cfg-subordinate-base-dn");
			for (String sub : subordinateDns)
			{
			ldif.add("ds-cfg-subordinate-base-dn: " + sub);
			}
			modifyConfigEntry(INFO_UPGRADE_TASK_ADD_SUBORDINATE_BASE_DN_TO_GLOBAL_CONFIG.get(),
			"(objectClass=ds-cfg-root-config)", ldif.toArray(new String[0]));
			}
			};
			}
			}

			@@ -2686,4 +2686,8 @@
			ERR_TRUSTING_CERTIFICATE_PERMANENTLY=Unable to trust the certificate permanently, \
			certificate will be trusted only for this session. Error details: %s
			ERR_UPGRADE_READING_CONF_FILE=An error occurred while reading configuration file: %s
			INFO_UPGRADE_TASK_ADD_LOCAL_BACKEND=Adding local backend object class
			INFO_UPGRADE_TASK_ADD_LOCAL_BACKEND=Adding local backend object class
			INFO_UPGRADE_TASK_DELETE_SUBORDINATE_BASE_DN_FROM_ROOT_DSE=Removing subordinate-base-dn attribute from \
			Root DSE configuration
			INFO_UPGRADE_TASK_ADD_SUBORDINATE_BASE_DN_TO_GLOBAL_CONFIG=Adding subordinate-base-dn attribute to \
			Global configuration