From 254ee6f47eebfc00462c10756a92066e82cc1a96 Mon Sep 17 00:00:00 2001
From: Andrew Branson <andrew@andrewbranson.net>
Date: Tue, 21 Jun 2011 15:46:02 +0200
Subject: Initial commit

---
 source/com/c2kernel/lookup/LDAPRoleManager.java | 199 ++++++++++++++++++++++++
 1 file changed, 199 insertions(+)
 create mode 100755 source/com/c2kernel/lookup/LDAPRoleManager.java

(limited to 'source/com/c2kernel/lookup/LDAPRoleManager.java')

diff --git a/source/com/c2kernel/lookup/LDAPRoleManager.java b/source/com/c2kernel/lookup/LDAPRoleManager.java
new file mode 100755
index 0000000..a9b6b23
--- /dev/null
+++ b/source/com/c2kernel/lookup/LDAPRoleManager.java
@@ -0,0 +1,199 @@
+package com.c2kernel.lookup;
+
+import java.util.ArrayList;
+import java.util.Enumeration;
+
+import com.c2kernel.common.ObjectAlreadyExistsException;
+import com.c2kernel.common.ObjectCannotBeUpdated;
+import com.c2kernel.common.ObjectNotFoundException;
+import com.c2kernel.utils.Logger;
+import com.novell.ldap.*;
+
+/**************************************************************************
+ *
+ * $Revision: 1.1 $
+ * $Date: 2005/04/26 06:48:12 $
+ *
+ * Copyright (C) 2003 CERN - European Organization for Nuclear Research
+ * All rights reserved.
+ **************************************************************************/
+
+//    public static final String codeRevision = "$Revision: 1.1 $ $Date: 2005/04/26 06:48:12 $ $Author: abranson $";
+public class LDAPRoleManager {
+
+    /**
+     *
+     */
+    LDAPLookup mLdap;
+    private String mRolePath;
+    private String mEntityPath;
+    
+    public LDAPRoleManager(LDAPLookup ldap, String rolePath, String entityPath) {
+        super();
+        this.mLdap = ldap;
+        this.mRolePath = rolePath;
+        this.mEntityPath = entityPath;
+    }
+
+    //NOTE: A role must have at LEAST 1 userDN, cannot be empty...
+    //Creates a cristalRole
+    //CristalRole is-a specialized CristalContext which contains multi-valued uniqueMember attribute pointing to cristalagents
+    public RolePath createRole(String roleName, boolean jobList)
+        throws ObjectAlreadyExistsException, ObjectCannotBeUpdated
+    {
+
+        // create the role
+    	RolePath rolePath = new RolePath(roleName, jobList);
+    	String roleDN = rolePath.getFullDN();	
+        LDAPEntry roleNode;
+        try
+        {                                 
+        	roleNode = LDAPLookupUtils.getEntry(mLdap.getConnection(), rolePath.getFullDN());
+            throw new ObjectAlreadyExistsException();
+        } catch (ObjectNotFoundException ex) { }
+        
+        //create CristalRole if it does not exist
+        roleNode = new LDAPEntry(roleDN, rolePath.createAttributeSet());
+        try {
+            LDAPLookupUtils.addEntry(mLdap.getConnection(),roleNode);
+        } catch (LDAPException e) {
+            throw new ObjectCannotBeUpdated(e.getLDAPErrorMessage(), "");
+        }
+        return rolePath;
+	
+
+    }
+    public void deleteRole(RolePath role) throws ObjectNotFoundException, ObjectCannotBeUpdated {
+        try {
+            LDAPLookupUtils.delete(mLdap.getConnection(), role.getFullDN());
+        } catch (LDAPException ex) {
+            throw new ObjectCannotBeUpdated("Could not remove role");
+        }
+    }
+
+    protected void addRole(AgentPath agent, RolePath role)
+            throws ObjectCannotBeUpdated, ObjectNotFoundException 
+    {
+        LDAPEntry roleEntry = LDAPLookupUtils.getEntry(mLdap.getConnection(), role.getFullDN());
+        //add memberDN to uniqueMember if it is not yet a member
+        if (!LDAPLookupUtils.existsAttributeValue(roleEntry, "uniqueMember", agent.getFullDN()))
+            LDAPLookupUtils.addAttributeValue(mLdap.getConnection(), roleEntry, "uniqueMember", agent.getFullDN());
+        else
+            throw new ObjectCannotBeUpdated("Agent " + agent.getAgentName() + " already has role " + role.getName());
+    }
+
+    protected void removeRole(AgentPath agent, RolePath role) 
+        throws ObjectCannotBeUpdated, ObjectNotFoundException
+    {
+    	LDAPEntry roleEntry = LDAPLookupUtils.getEntry(mLdap.getConnection(), role.getFullDN());
+    	if (LDAPLookupUtils.existsAttributeValue(roleEntry, "uniqueMember", agent.getFullDN()))
+   			LDAPLookupUtils.removeAttributeValue(mLdap.getConnection(), roleEntry, "uniqueMember", agent.getFullDN());
+    	else
+    		throw new ObjectCannotBeUpdated("Agent did not have that role");
+    }
+    
+    protected boolean hasRole(AgentPath agent, RolePath role) {
+        String filter = "(&(objectclass=cristalrole)(uniqueMember="+agent.getFullDN()+")(cn="+role.getName()+"))";    
+        LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+        searchCons.setBatchSize(0);
+        searchCons.setDereference(LDAPSearchConstraints.DEREF_NEVER );
+        Enumeration roles = mLdap.search(mRolePath,LDAPConnection.SCOPE_SUB,filter,searchCons);
+        return roles.hasMoreElements();
+    }
+
+    protected AgentPath[] getAgents(RolePath role)
+        throws ObjectNotFoundException
+    {
+    	//get the roleDN entry, and its uniqueMember entry pointing to 
+    	LDAPEntry roleEntry;
+        try {
+            roleEntry = LDAPLookupUtils.getEntry(mLdap.getConnection(), role.getFullDN());
+        } catch (ObjectNotFoundException e) {
+            throw new ObjectNotFoundException("Role does not exist", "");
+        }
+    
+    	String[] res = LDAPLookupUtils.getAllAttributeValues(roleEntry,"uniqueMember");
+    	ArrayList agents = new ArrayList();
+    	for (int i=0; i<res.length; i++)
+    	{
+    		String userDN = res[i];
+            try {
+    			LDAPEntry userEntry = LDAPLookupUtils.getEntry(mLdap.getConnection(), userDN); 
+    		    AgentPath path = (AgentPath)mLdap.nodeToPath(userEntry);
+                agents.add(path);
+    		} catch (ObjectNotFoundException ex) {
+                Logger.error("Agent "+res[i]+" does not exist");
+    		} catch (InvalidEntityPathException ex) {
+                Logger.error("Agent "+res[i]+" is not a valid entity");
+    		}
+    	}	
+        AgentPath[] usersList = new AgentPath[0];
+        usersList = (AgentPath[])agents.toArray(usersList);
+    	return usersList;
+    }
+
+    //returns the role/s of a user
+    protected RolePath[] getRoles(AgentPath agentPath)
+    {
+    	//search the mDomainPath tree uniqueMember=userDN
+    	//filter = objectclass=cristalrole AND uniqueMember=userDN
+        String filter = "(&(objectclass=cristalrole)(uniqueMember="+agentPath.getFullDN()+"))";    
+        LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+        searchCons.setBatchSize(0);
+        searchCons.setDereference(LDAPSearchConstraints.DEREF_NEVER );
+    	Enumeration roles = mLdap.search(mRolePath,LDAPConnection.SCOPE_SUB,filter,searchCons);
+        ArrayList roleList = new ArrayList();
+    
+    	while(roles.hasMoreElements())
+    	{
+            RolePath path = (RolePath) roles.nextElement();
+   			roleList.add(path);			
+    	}        
+        RolePath[] roleArr = new RolePath[roleList.size()];
+        roleArr = (RolePath[])roleList.toArray(roleArr);
+        return roleArr;
+    }
+
+    /**
+     * Utility for looking up a login name
+     * 
+     * @param ld
+     * @param agentName
+     * @param baseDN
+     * @return
+     * @throws ObjectNotFoundException
+     */
+    public AgentPath getAgentPath(String agentName) throws ObjectNotFoundException
+    {			
+        //search to get the userDN equivalent of the userID
+        LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+        searchCons.setBatchSize(0);
+        searchCons.setDereference(LDAPSearchConstraints.DEREF_NEVER );
+        String filter = "(&(objectclass=cristalagent)(uid="+agentName+"))";    	
+        Enumeration res = mLdap.search(mEntityPath,LDAPConnection.SCOPE_SUB,filter,searchCons);
+        if (!res.hasMoreElements())
+            throw new ObjectNotFoundException("Agent not found"); 
+        Path result = (Path)res.nextElement();
+        if (result instanceof AgentPath)
+            return (AgentPath)result;
+        else
+            throw new ObjectNotFoundException("Entry was not an Agent");
+    }
+
+    public RolePath getRolePath(String roleName) throws ObjectNotFoundException
+    {
+        LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+        searchCons.setBatchSize(0);
+        searchCons.setDereference(LDAPSearchConstraints.DEREF_NEVER );
+        String filter = "(&(objectclass=cristalrole)(cn="+roleName+"))";    	
+		Enumeration res = mLdap.search(mRolePath,LDAPConnection.SCOPE_SUB,filter,searchCons);
+		if (!res.hasMoreElements())
+            throw new ObjectNotFoundException("Role not found"); 
+        Path result = (Path)res.nextElement();
+        if (result instanceof RolePath)
+            return (RolePath)result;
+        else
+            throw new ObjectNotFoundException("Entry was not a Role");						
+    }
+
+}
-- 
cgit v1.2.3