Source code

001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2009 Sun Microsystems, Inc.
025 *      Portions Copyright 2012-2015 ForgeRock AS
026 */
027package org.opends.server.extensions;
028
029import java.util.List;
030
031import org.forgerock.i18n.LocalizableMessage;
032import org.forgerock.opendj.ldap.ByteString;
033import org.forgerock.opendj.ldap.ConditionResult;
034import org.forgerock.opendj.ldap.ResultCode;
035import org.opends.server.admin.std.server.GoverningStructureRuleVirtualAttributeCfg;
036import org.opends.server.api.VirtualAttributeProvider;
037import org.opends.server.core.DirectoryServer;
038import org.opends.server.core.SearchOperation;
039import org.opends.server.types.*;
040
041import static org.opends.messages.ExtensionMessages.*;
042
043/**
044 * This class implements a virtual attribute provider that is meant to serve
045 * the governingStructuralRule operational attribute as described in RFC 4512.
046 */
047public class GoverningStructureRuleVirtualAttributeProvider  extends
048         VirtualAttributeProvider<GoverningStructureRuleVirtualAttributeCfg>
049{
050  /**
051   * Creates a new instance of this governingStructureRule virtual attribute
052   * provider.
053   */
054  public GoverningStructureRuleVirtualAttributeProvider()
055  {
056    super();
057
058    // All initialization should be performed in the
059    // initializeVirtualAttributeProvider method.
060  }
061
062  /** {@inheritDoc} */
063  @Override
064  public boolean isMultiValued()
065  {
066    return false;
067  }
068
069  /** {@inheritDoc} */
070  @Override
071  public Attribute getValues(Entry entry, VirtualAttributeRule rule)
072  {
073    DITStructureRule ditRule = getDITStructureRule(entry);
074    if(ditRule !=null)
075    {
076      return Attributes.create(
077          rule.getAttributeType(), String.valueOf(ditRule.getRuleID()));
078    }
079    return Attributes.empty(rule.getAttributeType());
080  }
081
082  /** {@inheritDoc} */
083  @Override
084  public boolean hasValue(Entry entry, VirtualAttributeRule rule)
085  {
086    return getDITStructureRule(entry)!=null;
087  }
088
089  /** {@inheritDoc} */
090  @Override
091  public ConditionResult matchesSubstring(Entry entry,
092                                          VirtualAttributeRule rule,
093                                          ByteString subInitial,
094                                          List<ByteString> subAny,
095                                          ByteString subFinal)
096  {
097    // DITStructureRule cannot be used in substring matching.
098    return ConditionResult.UNDEFINED;
099  }
100
101  /** {@inheritDoc} */
102  @Override
103  public ConditionResult greaterThanOrEqualTo(Entry entry,
104                              VirtualAttributeRule rule,
105                              ByteString value)
106  {
107    // DITStructureRule cannot be used in ordering matching.
108    return ConditionResult.UNDEFINED;
109  }
110
111  /** {@inheritDoc} */
112  @Override
113  public ConditionResult lessThanOrEqualTo(Entry entry,
114                              VirtualAttributeRule rule,
115                              ByteString value)
116  {
117    // DITStructureRule cannot be used in ordering matching.
118    return ConditionResult.UNDEFINED;
119  }
120
121  /** {@inheritDoc} */
122  @Override
123  public ConditionResult approximatelyEqualTo(Entry entry,
124                              VirtualAttributeRule rule,
125                              ByteString value)
126  {
127    // DITStructureRule cannot be used in approximate matching.
128    return ConditionResult.UNDEFINED;
129  }
130
131  /** {@inheritDoc} */
132  @Override
133  public boolean isSearchable(VirtualAttributeRule rule,
134                              SearchOperation searchOperation,
135                              boolean isPreIndexed)
136  {
137    //Non-searchable.
138    return false;
139  }
140
141  /** {@inheritDoc} */
142  @Override
143  public void processSearch(VirtualAttributeRule rule,
144                            SearchOperation searchOperation)
145  {
146    searchOperation.setResultCode(ResultCode.UNWILLING_TO_PERFORM);
147
148    LocalizableMessage message = ERR_VATTR_NOT_SEARCHABLE.get(
149            rule.getAttributeType().getNameOrOID());
150    searchOperation.appendErrorMessage(message);
151  }
152
153  /** Checks if the entry matches the nameform. */
154  private boolean matchesNameForm(NameForm nameForm,
155                       AcceptRejectWarn structuralPolicy,
156                       Entry entry)
157  {
158    RDN rdn = entry.getName().rdn();
159    if (rdn != null)
160    {
161      // Make sure that all the required attributes are present.
162      for (AttributeType t : nameForm.getRequiredAttributes())
163      {
164        if (!rdn.hasAttributeType(t)
165            && structuralPolicy == AcceptRejectWarn.REJECT)
166        {
167          return false;
168        }
169      }
170
171      // Make sure that all attributes in the RDN are allowed.
172      int numAVAs = rdn.getNumValues();
173      for (int i = 0; i < numAVAs; i++)
174      {
175        AttributeType t = rdn.getAttributeType(i);
176        if (!nameForm.isRequiredOrOptional(t)
177            && structuralPolicy == AcceptRejectWarn.REJECT)
178        {
179          return false;
180        }
181       }
182     }
183    return true;
184  }
185
186  /** Finds the appropriate DIT structure rule for an entry. */
187  private DITStructureRule getDITStructureRule(Entry entry) {
188    ObjectClass oc = entry.getStructuralObjectClass();
189    if (oc == null) {
190      return null;
191    }
192    List<NameForm> listForms = DirectoryServer.getNameForm(oc);
193    NameForm nameForm = null;
194    DITStructureRule ditRule = null;
195    //We iterate over all the nameforms while creating the entry and
196    //select the first one that matches. Since the entry exists, the same
197    //algorithm should work fine to retrieve the nameform which was
198    //applied while creating the entry.
199    if (listForms != null)
200    {
201      boolean obsolete = true;
202      AcceptRejectWarn structuralPolicy =
203        DirectoryServer.getSingleStructuralObjectClassPolicy();
204      for (NameForm nf : listForms)
205      {
206        if (!nf.isObsolete())
207        {
208          obsolete = false;
209          if (matchesNameForm(nf, structuralPolicy, entry))
210          {
211           nameForm = nf;
212           break;
213          }
214        }
215      }
216      if (nameForm != null && !obsolete)
217      {
218        ditRule = DirectoryServer.getDITStructureRule(nameForm);
219      }
220    }
221    return ditRule;
222  }
223}
224