1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.directory.server.core.collective;
21
22
23 import java.util.List;
24 import java.util.Set;
25
26 import javax.naming.NamingException;
27
28 import org.apache.directory.server.core.entry.ServerAttribute;
29 import org.apache.directory.server.core.entry.ServerEntry;
30 import org.apache.directory.server.core.interceptor.context.OperationContext;
31 import org.apache.directory.server.core.partition.ByPassConstants;
32 import org.apache.directory.server.core.partition.PartitionNexus;
33 import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
34 import org.apache.directory.shared.ldap.constants.SchemaConstants;
35 import org.apache.directory.shared.ldap.entry.EntryAttribute;
36 import org.apache.directory.shared.ldap.entry.Modification;
37 import org.apache.directory.shared.ldap.entry.ModificationOperation;
38 import org.apache.directory.shared.ldap.exception.LdapInvalidAttributeIdentifierException;
39 import org.apache.directory.shared.ldap.exception.LdapSchemaViolationException;
40 import org.apache.directory.shared.ldap.message.ResultCodeEnum;
41 import org.apache.directory.shared.ldap.name.LdapDN;
42 import org.apache.directory.shared.ldap.schema.AttributeType;
43 import org.apache.directory.shared.ldap.schema.SchemaUtils;
44
45
46
47
48
49
50
51
52 public class CollectiveAttributesSchemaChecker
53 {
54 private PartitionNexus nexus = null;
55 private AttributeTypeRegistry attrTypeRegistry = null;
56
57 public CollectiveAttributesSchemaChecker( PartitionNexus nexus, AttributeTypeRegistry attrTypeRegistry )
58 {
59 this.nexus = nexus;
60 this.attrTypeRegistry = attrTypeRegistry;
61 }
62
63
64 {
65 if ( entry.hasObjectClass( SchemaConstants.COLLECTIVE_ATTRIBUTE_SUBENTRY_OC ) )
66 {
67 return;
68 }
69
70 if ( containsAnyCollectiveAttributes( entry ) )
71 {
72
73
74
75 throw new LdapSchemaViolationException(
76 "Collective attributes cannot be stored in non-collectiveAttributeSubentries",
77 ResultCodeEnum.OTHER);
78 }
79 }
80
81
82 public void checkModify( OperationContext opContext, LdapDN normName, List<Modification> mods ) throws Exception
83 {
84 ServerEntry originalEntry = opContext.lookup( normName, ByPassConstants.LOOKUP_BYPASS );
85 ServerEntry targetEntry = (ServerEntry)SchemaUtils.getTargetEntry( mods, originalEntry );
86
87 EntryAttribute targetObjectClasses = targetEntry.get( SchemaConstants.OBJECT_CLASS_AT );
88
89 if ( targetObjectClasses.contains( SchemaConstants.COLLECTIVE_ATTRIBUTE_SUBENTRY_OC ) )
90 {
91 return;
92 }
93
94 if ( addsAnyCollectiveAttributes( mods ) )
95 {
96
97
98
99 throw new LdapSchemaViolationException(
100 "Cannot operate on collective attributes in non-collectiveAttributeSubentries",
101 ResultCodeEnum.OTHER);
102 }
103 }
104
105
106 private boolean addsAnyCollectiveAttributes( List<Modification> mods ) throws NamingException
107 {
108 for ( Modification mod:mods )
109 {
110
111 ServerAttribute attr = (ServerAttribute)mod.getAttribute();
112 AttributeType attrType = attr.getAttributeType();
113
114 if ( attrType == null )
115 {
116 if ( !attrTypeRegistry.hasAttributeType( attr.getUpId() ) )
117 {
118 throw new LdapInvalidAttributeIdentifierException();
119 }
120 else
121 {
122 attrType = attrTypeRegistry.lookup( attr.getUpId() );
123 }
124 }
125
126
127 ModificationOperation modOp = mod.getOperation();
128
129 if ( ( ( modOp == ModificationOperation.ADD_ATTRIBUTE ) || ( modOp == ModificationOperation.REPLACE_ATTRIBUTE ) ) &&
130 attrType.isCollective() )
131 {
132 return true;
133 }
134 }
135
136 return false;
137 }
138
139
140 private boolean containsAnyCollectiveAttributes( ServerEntry entry ) throws NamingException
141 {
142 Set<AttributeType> attributeTypes = entry.getAttributeTypes();
143
144 for ( AttributeType attributeType:attributeTypes )
145 {
146 if ( attributeType.isCollective() )
147 {
148 return true;
149 }
150 }
151
152 return false;
153 }
154 }