Ejemplo n.º 1
0
 /**
  * Returns true if the field 'id' or 'userName' are present in the query.
  *
  * @param filter
  * @return
  */
 private boolean checkFilter(SCIMFilter filter) {
   switch (filter.getFilterType()) {
     case AND:
     case OR:
       return checkFilter(filter.getFilterComponents().get(0))
           | checkFilter(filter.getFilterComponents().get(1));
     case EQUALITY:
       String name = filter.getFilterAttribute().getAttributeName();
       if ("id".equalsIgnoreCase(name) || "userName".equalsIgnoreCase(name)) {
         return true;
       } else if (Origin.ORIGIN.equalsIgnoreCase(name)) {
         return false;
       } else {
         throw new ScimException("Invalid filter attribute.", HttpStatus.BAD_REQUEST);
       }
     case PRESENCE:
     case STARTS_WITH:
     case CONTAINS:
       throw new ScimException("Wildcards are not allowed in filter.", HttpStatus.BAD_REQUEST);
     case GREATER_THAN:
     case GREATER_OR_EQUAL:
     case LESS_THAN:
     case LESS_OR_EQUAL:
       throw new ScimException("Invalid operator.", HttpStatus.BAD_REQUEST);
   }
   return false;
 }
Ejemplo n.º 2
0
  /** {@inheritDoc} */
  @Override
  public Filter toLDAPFilter(
      final SCIMFilter filter,
      final LDAPRequestInterface ldapInterface,
      final LDAPSearchResolver userResolver)
      throws InvalidResourceException {
    // Only the managerId sub-attribute will ever have a value so filter
    // must target that sub-attribute.
    String subAttribute = filter.getFilterAttribute().getSubAttributeName();
    if (subAttribute == null || !subAttribute.equals("managerId")) {
      return null;
    }

    final String ldapAttributeType = ATTR_MANAGER;
    final SCIMFilterType filterType = filter.getFilterType();
    final String filterValue = filter.getFilterValue();

    // Determine the DN for this member.
    try {
      switch (filterType) {
          // We don't have to worry about AND and OR filter types since they are
          // handled earlier by the resource mapper.
        case EQUALITY:
          {
            String dn;
            try {
              dn = userResolver.getDnFromId(ldapInterface, filterValue);
            } catch (ResourceNotFoundException e) {
              // Value is not a valid user. Will not match anything.
              return null;
            }
            return Filter.createEqualityFilter(ldapAttributeType, dn);
          }

        default:
          throw new InvalidResourceException(
              "Filter type "
                  + filterType
                  + " is not supported for attribute "
                  + getAttributeDescriptor().getName());
      }
    } catch (Exception e) {
      Debug.debugException(e);
      throw new InvalidResourceException(e.getMessage());
    }
  }
Ejemplo n.º 3
0
 private void checkFilter(String filter) {
   if (filter.isEmpty()) {
     throw new ScimException("a 'filter' parameter is required", HttpStatus.BAD_REQUEST);
   }
   SCIMFilter scimFilter;
   try {
     scimFilter = SCIMFilter.parse(filter);
     if (!checkFilter(scimFilter)) {
       throw new ScimException("Invalid filter attribute.", HttpStatus.BAD_REQUEST);
     }
   } catch (SCIMException e) {
     logger.debug("/ids/Users received an invalid filter [" + filter + "]", e);
     throw new ScimException("Invalid filter '" + filter + "'", HttpStatus.BAD_REQUEST);
   }
 }