mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
| opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendAddOperation.java | ●●●●● patch | view | raw | blame | history | |
| opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendBindOperation.java | ●●●●● patch | view | raw | blame | history | |
| opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendDeleteOperation.java | ●●●●● patch | view | raw | blame | history | |
| opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendModifyOperation.java | ●●●●● patch | view | raw | blame | history | |
| opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendSearchOperation.java | ●●●●● patch | view | raw | blame | history | |
| opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendWorkflowElement.java | ●●●●● patch | view | raw | blame | history |
opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendAddOperation.java
New file @@ -0,0 +1,335 @@ /* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License, Version 1.0 only * (the "License"). You may not use this file except in compliance * with the License. * * You can obtain a copy of the license at * trunk/opends/resource/legal-notices/OpenDS.LICENSE * or https://OpenDS.dev.java.net/OpenDS.LICENSE. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, * add the following below this CDDL HEADER, with the fields enclosed * by brackets "[]" replaced with your own identifying information: * Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END * * * Portions Copyright 2007 Sun Microsystems, Inc. */ package org.opends.server.workflowelement.localbackend; import static org.opends.server.config.ConfigConstants.*; import static org.opends.server.messages.CoreMessages.*; import static org.opends.server.messages.MessageHandler.getMessage; import java.util.ArrayList; import java.util.HashSet; import java.util.LinkedHashSet; import java.util.List; import java.util.Map; import java.util.concurrent.CopyOnWriteArrayList; import org.opends.server.api.PasswordStorageScheme; import org.opends.server.api.PasswordValidator; import org.opends.server.core.AddOperation; import org.opends.server.core.AddOperationWrapper; import org.opends.server.core.DirectoryServer; import org.opends.server.core.PasswordPolicy; import org.opends.server.protocols.asn1.ASN1OctetString; import org.opends.server.schema.AuthPasswordSyntax; import org.opends.server.schema.BooleanSyntax; import org.opends.server.schema.UserPasswordSyntax; import org.opends.server.types.Attribute; import org.opends.server.types.AttributeType; import org.opends.server.types.AttributeValue; import org.opends.server.types.ByteString; import org.opends.server.types.DirectoryException; import org.opends.server.types.Entry; import org.opends.server.types.ObjectClass; import org.opends.server.types.ResultCode; import org.opends.server.types.operation.PostOperationAddOperation; import org.opends.server.types.operation.PostResponseAddOperation; import org.opends.server.types.operation.PreOperationAddOperation; import org.opends.server.util.TimeThread; /** * This class defines an operation used to add an entry in a local backend * of the Directory Server. */ public class LocalBackendAddOperation extends AddOperationWrapper implements PreOperationAddOperation, PostOperationAddOperation, PostResponseAddOperation { // The entry being added to the server. private Entry entry; /** * Creates a new operation that may be used to add a new entry in a * local backend of the Directory Server. * * @param add The operation to enhance. */ public LocalBackendAddOperation(AddOperation add) { super(add); LocalBackendWorkflowElement.attachLocalOperation (add, this); } /** * Retrieves the entry to be added to the server. Note that this will not be * available to pre-parse plugins or during the conflict resolution portion of * the synchronization processing. * * @return The entry to be added to the server, or <CODE>null</CODE> if it is * not yet available. */ public final Entry getEntryToAdd() { return entry; } /** * Sets the entry to be added to the server. * * @param entry - The entry to be added to the server, or <CODE>null</CODE> * if it is not yet available. */ public final void setEntryToAdd(Entry entry){ this.entry = entry; } /** * Performs all password policy processing necessary for the provided add * operation. * * @param passwordPolicy The password policy associated with the entry to be * added. * @param userEntry The user entry being added. * * @throws DirectoryException If a problem occurs while performing password * policy processing for the add operation. */ public final void handlePasswordPolicy(PasswordPolicy passwordPolicy, Entry userEntry) throws DirectoryException { // See if a password was specified. AttributeType passwordAttribute = passwordPolicy.getPasswordAttribute(); List<Attribute> attrList = userEntry.getAttribute(passwordAttribute); if ((attrList == null) || attrList.isEmpty()) { // The entry doesn't have a password, so no action is required. return; } else if (attrList.size() > 1) { // This must mean there are attribute options, which we won't allow for // passwords. int msgID = MSGID_PWPOLICY_ATTRIBUTE_OPTIONS_NOT_ALLOWED; String message = getMessage(msgID, passwordAttribute.getNameOrOID()); throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message, msgID); } Attribute passwordAttr = attrList.get(0); if (passwordAttr.hasOptions()) { int msgID = MSGID_PWPOLICY_ATTRIBUTE_OPTIONS_NOT_ALLOWED; String message = getMessage(msgID, passwordAttribute.getNameOrOID()); throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message, msgID); } LinkedHashSet<AttributeValue> values = passwordAttr.getValues(); if (values.isEmpty()) { // This will be treated the same as not having a password. return; } if ((! passwordPolicy.allowMultiplePasswordValues()) && (values.size() > 1)) { // FIXME -- What if they're pre-encoded and might all be the same? int msgID = MSGID_PWPOLICY_MULTIPLE_PW_VALUES_NOT_ALLOWED; String message = getMessage(msgID, passwordAttribute.getNameOrOID()); throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message, msgID); } CopyOnWriteArrayList<PasswordStorageScheme> defaultStorageSchemes = passwordPolicy.getDefaultStorageSchemes(); LinkedHashSet<AttributeValue> newValues = new LinkedHashSet<AttributeValue>(defaultStorageSchemes.size()); for (AttributeValue v : values) { ByteString value = v.getValue(); // See if the password is pre-encoded. if (passwordPolicy.usesAuthPasswordSyntax()) { if (AuthPasswordSyntax.isEncoded(value)) { if (passwordPolicy.allowPreEncodedPasswords()) { newValues.add(v); continue; } else { int msgID = MSGID_PWPOLICY_PREENCODED_NOT_ALLOWED; String message = getMessage(msgID, passwordAttribute.getNameOrOID()); throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message, msgID); } } } else { if (UserPasswordSyntax.isEncoded(value)) { if (passwordPolicy.allowPreEncodedPasswords()) { newValues.add(v); continue; } else { int msgID = MSGID_PWPOLICY_PREENCODED_NOT_ALLOWED; String message = getMessage(msgID, passwordAttribute.getNameOrOID()); throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message, msgID); } } } // See if the password passes validation. We should only do this if // validation should be performed for administrators. if (! passwordPolicy.skipValidationForAdministrators()) { // There are never any current passwords for an add operation. HashSet<ByteString> currentPasswords = new HashSet<ByteString>(0); StringBuilder invalidReason = new StringBuilder(); for (PasswordValidator<?> validator : passwordPolicy.getPasswordValidators().values()) { if (! validator.passwordIsAcceptable(value, currentPasswords, this, userEntry, invalidReason)) { int msgID = MSGID_PWPOLICY_VALIDATION_FAILED; String message = getMessage(msgID, passwordAttribute.getNameOrOID(), String.valueOf(invalidReason)); throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message, msgID); } } } // Encode the password. if (passwordPolicy.usesAuthPasswordSyntax()) { for (PasswordStorageScheme s : defaultStorageSchemes) { ByteString encodedValue = s.encodeAuthPassword(value); newValues.add(new AttributeValue(passwordAttribute, encodedValue)); } } else { for (PasswordStorageScheme s : defaultStorageSchemes) { ByteString encodedValue = s.encodePasswordWithScheme(value); newValues.add(new AttributeValue(passwordAttribute, encodedValue)); } } } // Put the new encoded values in the entry. passwordAttr.setValues(newValues); // Set the password changed time attribute. ByteString timeString = new ASN1OctetString(TimeThread.getGeneralizedTime()); AttributeType changedTimeType = DirectoryServer.getAttributeType(OP_ATTR_PWPOLICY_CHANGED_TIME_LC); if (changedTimeType == null) { changedTimeType = DirectoryServer.getDefaultAttributeType( OP_ATTR_PWPOLICY_CHANGED_TIME); } LinkedHashSet<AttributeValue> changedTimeValues = new LinkedHashSet<AttributeValue>(1); changedTimeValues.add(new AttributeValue(changedTimeType, timeString)); ArrayList<Attribute> changedTimeList = new ArrayList<Attribute>(1); changedTimeList.add(new Attribute(changedTimeType, OP_ATTR_PWPOLICY_CHANGED_TIME, changedTimeValues)); userEntry.putAttribute(changedTimeType, changedTimeList); // If we should force change on add, then set the appropriate flag. if (passwordPolicy.forceChangeOnAdd()) { AttributeType resetType = DirectoryServer.getAttributeType(OP_ATTR_PWPOLICY_RESET_REQUIRED_LC); if (resetType == null) { resetType = DirectoryServer.getDefaultAttributeType( OP_ATTR_PWPOLICY_RESET_REQUIRED); } LinkedHashSet<AttributeValue> resetValues = new LinkedHashSet<AttributeValue>(1); resetValues.add(BooleanSyntax.createBooleanValue(true)); ArrayList<Attribute> resetList = new ArrayList<Attribute>(1); resetList.add(new Attribute(resetType, OP_ATTR_PWPOLICY_RESET_REQUIRED, resetValues)); userEntry.putAttribute(resetType, resetList); } } /** * Adds the provided objectClass to the entry, along with its superior classes * if appropriate. * * @param objectClass The objectclass to add to the entry. */ public final void addObjectClassChain(ObjectClass objectClass) { Map<ObjectClass, String> objectClasses = getObjectClasses(); if (objectClasses != null){ if (! objectClasses.containsKey(objectClass)) { objectClasses.put(objectClass, objectClass.getNameOrOID()); } ObjectClass superiorClass = objectClass.getSuperiorClass(); if ((superiorClass != null) && (! objectClasses.containsKey(superiorClass))) { addObjectClassChain(superiorClass); } } } } opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendBindOperation.java
New file @@ -0,0 +1,57 @@ /* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License, Version 1.0 only * (the "License"). You may not use this file except in compliance * with the License. * * You can obtain a copy of the license at * trunk/opends/resource/legal-notices/OpenDS.LICENSE * or https://OpenDS.dev.java.net/OpenDS.LICENSE. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, * add the following below this CDDL HEADER, with the fields enclosed * by brackets "[]" replaced with your own identifying information: * Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END * * * Portions Copyright 2007 Sun Microsystems, Inc. */ package org.opends.server.workflowelement.localbackend; import org.opends.server.core.BindOperation; import org.opends.server.core.BindOperationWrapper; import org.opends.server.types.operation.PostOperationBindOperation; import org.opends.server.types.operation.PostResponseBindOperation; import org.opends.server.types.operation.PreOperationBindOperation; /** * This class defines an operation used to bind against the Directory Server, * with the bound user entry within a local backend. */ public class LocalBackendBindOperation extends BindOperationWrapper implements PreOperationBindOperation, PostOperationBindOperation, PostResponseBindOperation { /** * Creates a new operation that may be used to bind where * the bound user entry is stored in a local backend of the Directory Server. * * @param bind The operation to enhance. */ public LocalBackendBindOperation(BindOperation bind) { super(bind); LocalBackendWorkflowElement.attachLocalOperation (bind, this); } } opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendDeleteOperation.java
New file @@ -0,0 +1,82 @@ /* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License, Version 1.0 only * (the "License"). You may not use this file except in compliance * with the License. * * You can obtain a copy of the license at * trunk/opends/resource/legal-notices/OpenDS.LICENSE * or https://OpenDS.dev.java.net/OpenDS.LICENSE. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, * add the following below this CDDL HEADER, with the fields enclosed * by brackets "[]" replaced with your own identifying information: * Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END * * * Portions Copyright 2007 Sun Microsystems, Inc. */ package org.opends.server.workflowelement.localbackend; import org.opends.server.core.DeleteOperationWrapper; import org.opends.server.core.DeleteOperation; import org.opends.server.types.Entry; import org.opends.server.types.operation.PostOperationDeleteOperation; import org.opends.server.types.operation.PostResponseDeleteOperation; import org.opends.server.types.operation.PreOperationDeleteOperation; /** * This class defines an operation used to delete an entry in a local backend * of the Directory Server. */ public class LocalBackendDeleteOperation extends DeleteOperationWrapper implements PreOperationDeleteOperation, PostOperationDeleteOperation, PostResponseDeleteOperation { // The entry to be deleted. private Entry entry; /** * Creates a new operation that may be used to delete an entry from a * local backend of the Directory Server. * * @param delete The operation to enhance. */ public LocalBackendDeleteOperation(DeleteOperation delete) { super(delete); LocalBackendWorkflowElement.attachLocalOperation (delete, this); } /** * Retrieves the entry to be deleted. * * @return The entry to be deleted, or <CODE>null</CODE> if the entry is not * yet available. */ public Entry getEntryToDelete() { return entry; } /** * Sets the entry to be deleted. * * @param entry - The entry to be deleted */ public void setEntryToDelete(Entry entry){ this.entry = entry; } } opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendModifyOperation.java
New file @@ -0,0 +1,203 @@ /* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License, Version 1.0 only * (the "License"). You may not use this file except in compliance * with the License. * * You can obtain a copy of the license at * trunk/opends/resource/legal-notices/OpenDS.LICENSE * or https://OpenDS.dev.java.net/OpenDS.LICENSE. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, * add the following below this CDDL HEADER, with the fields enclosed * by brackets "[]" replaced with your own identifying information: * Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END * * * Portions Copyright 2007 Sun Microsystems, Inc. */ package org.opends.server.workflowelement.localbackend; import java.util.List; import org.opends.server.core.ModifyOperation; import org.opends.server.core.ModifyOperationWrapper; import org.opends.server.types.AttributeValue; import org.opends.server.types.DirectoryException; import org.opends.server.types.Entry; import org.opends.server.types.Modification; import org.opends.server.types.operation.PostOperationModifyOperation; import org.opends.server.types.operation.PostResponseModifyOperation; import org.opends.server.types.operation.PreOperationModifyOperation; /** * This class defines an operation used to modify an entry in a local backend * of the Directory Server. */ public class LocalBackendModifyOperation extends ModifyOperationWrapper implements PreOperationModifyOperation, PostOperationModifyOperation, PostResponseModifyOperation { // The current entry, before any changes are applied. private Entry currentEntry = null; // The modified entry that will be stored in the backend. private Entry modifiedEntry = null; // The set of clear-text current passwords (if any were provided). private List<AttributeValue> currentPasswords = null; // The set of clear-text new passwords (if any were provided). private List<AttributeValue> newPasswords = null; /** * Creates a new operation that may be used to modify an entry in a * local backend of the Directory Server. * * @param modify The operation to enhance. */ public LocalBackendModifyOperation(ModifyOperation modify) { super(modify); LocalBackendWorkflowElement.attachLocalOperation (modify, this); } /** * Retrieves the current entry before any modifications are applied. This * will not be available to pre-parse plugins. * * @return The current entry, or <CODE>null</CODE> if it is not yet * available. */ public final Entry getCurrentEntry() { return currentEntry; } /** * Retrieves the set of clear-text current passwords for the user, if * available. This will only be available if the modify operation contains * one or more delete elements that target the password attribute and provide * the values to delete in the clear. It will not be available to pre-parse * plugins. * * @return The set of clear-text current password values as provided in the * modify request, or <CODE>null</CODE> if there were none or this * information is not yet available. */ public final List<AttributeValue> getCurrentPasswords() { return currentPasswords; } /** * Retrieves the modified entry that is to be written to the backend. This * will be available to pre-operation plugins, and if such a plugin does make * a change to this entry, then it is also necessary to add that change to * the set of modifications to ensure that the update will be consistent. * * @return The modified entry that is to be written to the backend, or * <CODE>null</CODE> if it is not yet available. */ public final Entry getModifiedEntry() { return modifiedEntry; } /** * Retrieves the set of clear-text new passwords for the user, if available. * This will only be available if the modify operation contains one or more * add or replace elements that target the password attribute and provide the * values in the clear. It will not be available to pre-parse plugins. * * @return The set of clear-text new passwords as provided in the modify * request, or <CODE>null</CODE> if there were none or this * information is not yet available. */ public final List<AttributeValue> getNewPasswords() { return newPasswords; } /** * Retrieves the current entry before any modifications are applied. This * will not be available to pre-parse plugins. * * @param currentEntry The current entry. */ public final void setCurrentEntry(Entry currentEntry) { this.currentEntry = currentEntry; } /** * Register the set of clear-text current passwords for the user, if * available. This will only be available if the modify operation contains * one or more delete elements that target the password attribute and provide * the values to delete in the clear. * * @param currentPasswords The set of clear-text current password values as * provided in the modify request. */ public final void setCurrentPasswords(List<AttributeValue> currentPasswords) { this.currentPasswords = currentPasswords; } /** * Register the modified entry that is to be written to the backend. * * @param modifiedEntry The modified entry that is to be written to the * backend, or <CODE>null</CODE> if it is not yet * available. */ public final void setModifiedEntry(Entry modifiedEntry) { this.modifiedEntry = modifiedEntry; } /** * Register the set of clear-text new passwords for the user, if available. * This will only be available if the modify operation contains one or more * add or replace elements that target the password attribute and provide the * values in the clear. * * @param newPasswords The set of clear-text new passwords as provided in * the modify request, or <CODE>null</CODE> if there * were none or this information is not yet available. */ public final void setNewPasswords(List<AttributeValue> newPasswords) { this.newPasswords = newPasswords; } /** * Adds the provided modification to the set of modifications to this modify * operation. * In addition, the modification is applied to the modified entry. * * This may only be called by pre-operation plugins. * * @param modification The modification to add to the set of changes for * this modify operation. * * @throws DirectoryException If an unexpected problem occurs while applying * the modification to the entry. */ public void addModification(Modification modification) throws DirectoryException { modifiedEntry.applyModification(modification); super.addModification(modification); } } opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendSearchOperation.java
New file @@ -0,0 +1,111 @@ /* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License, Version 1.0 only * (the "License"). You may not use this file except in compliance * with the License. * * You can obtain a copy of the license at * trunk/opends/resource/legal-notices/OpenDS.LICENSE * or https://OpenDS.dev.java.net/OpenDS.LICENSE. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, * add the following below this CDDL HEADER, with the fields enclosed * by brackets "[]" replaced with your own identifying information: * Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END * * * Portions Copyright 2007 Sun Microsystems, Inc. */ package org.opends.server.workflowelement.localbackend; import org.opends.server.api.Backend; import org.opends.server.core.SearchOperationWrapper; import org.opends.server.core.SearchOperation; import org.opends.server.types.CancelResult; import org.opends.server.types.CancelledOperationException; import org.opends.server.types.DirectoryException; import org.opends.server.types.operation.PostOperationSearchOperation; import org.opends.server.types.operation.PreOperationSearchOperation; import org.opends.server.types.operation.SearchEntrySearchOperation; import org.opends.server.types.operation.SearchReferenceSearchOperation; /** * This class defines an operation used to search for entries in a local backend * of the Directory Server. */ public class LocalBackendSearchOperation extends SearchOperationWrapper implements PreOperationSearchOperation, PostOperationSearchOperation, SearchEntrySearchOperation, SearchReferenceSearchOperation { /** * Creates a new operation that may be used to search for entries in a * local backend of the Directory Server. * * @param search The operation to enhance. */ public LocalBackendSearchOperation(SearchOperation search){ super(search); LocalBackendWorkflowElement.attachLocalOperation(search, this); } /** * Processes the search in the provided backend and recursively through its * subordinate backends. * * @param backend The backend in which to process the search. * * @throws DirectoryException If a problem occurs while processing the * search. * * @throws CancelledOperationException If the backend noticed and reacted * to a request to cancel or abandon the * search operation. */ public final void searchBackend(Backend backend) throws DirectoryException, CancelledOperationException { // Check for and handle a request to cancel this operation. if (getCancelRequest() != null) { setCancelResult(CancelResult.CANCELED); setProcessingStopTime(); return; } // Perform the search in the provided backend. backend.search(this); // Search in the subordinate backends is now done by the workflows. // If there are any subordinate backends, then process the search there as // well. // FIXME jdemendi - From now on, do not search in the subordinate backends // because this is done by the workflow topology. // Backend[] subBackends = backend.getSubordinateBackends(); // for (Backend b : subBackends) // { // DN[] baseDNs = b.getBaseDNs(); // for (DN dn : baseDNs) // { // if (dn.isDescendantOf(getBaseDN())) // { // searchBackend(b); // break; // } // } // } } } opends/src/server/org/opends/server/workflowelement/localbackend/LocalBackendWorkflowElement.java
New file Diff too large
