Example #1
0
  /**
   * Reads an attributeType/objectclass description or numeric OID from the provided string,
   * skipping over any leading or trailing spaces, and appending the value to the provided buffer.
   *
   * @param lowerStr The string from which the name or OID is to be read.
   * @param woidBuffer The buffer into which the name or OID should be appended.
   * @param startPos The position at which to start reading.
   * @return The position of the first character after the name or OID that is not a space.
   * @throws DirectoryException If a problem is encountered while reading the name or OID.
   */
  private static int readWOID(String lowerStr, StringBuilder woidBuffer, int startPos)
      throws DirectoryException {
    // Skip over any spaces at the beginning of the value.
    char c = '\u0000';
    int length = lowerStr.length();
    while (startPos < length && ((c = lowerStr.charAt(startPos)) == ' ')) {
      startPos++;
    }

    if (startPos >= length) {
      LocalizableMessage message = ERR_ATTR_SYNTAX_DCR_TRUNCATED_VALUE.get(lowerStr);
      throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
    }

    // The next character must be either numeric (for an OID) or alphabetic (for
    // an attribute type/objectclass description).
    if (isDigit(c)) {
      // This must be a numeric OID.  In that case, we will accept only digits
      // and periods, but not consecutive periods.
      boolean lastWasPeriod = false;
      while (startPos < length && ((c = lowerStr.charAt(startPos++)) != ' ')) {
        if (c == '.') {
          if (lastWasPeriod) {
            LocalizableMessage message =
                ERR_ATTR_SYNTAX_DCR_DOUBLE_PERIOD_IN_NUMERIC_OID.get(lowerStr, startPos - 1);
            throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
          } else {
            woidBuffer.append(c);
            lastWasPeriod = true;
          }
        } else if (!isDigit(c)) {
          // Technically, this must be an illegal character.  However, it is
          // possible that someone just got sloppy and did not include a space
          // between the name/OID and a closing parenthesis.  In that case,
          // we'll assume it's the end of the value.  What's more, we'll have
          // to prematurely return to nasty side effects from stripping off
          // additional characters.
          if (c == ')') {
            return startPos - 1;
          }

          // This must have been an illegal character.
          LocalizableMessage message =
              ERR_ATTR_SYNTAX_DCR_ILLEGAL_CHAR_IN_NUMERIC_OID.get(lowerStr, c, startPos - 1);
          throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
        } else {
          woidBuffer.append(c);
          lastWasPeriod = false;
        }
      }
    } else if (isAlpha(c)) {
      // This must be an attribute type/objectclass description.  In this case,
      // we will only accept alphabetic characters, numeric digits, and the hyphen.
      while (startPos < length && ((c = lowerStr.charAt(startPos++)) != ' ')) {
        if (isAlpha(c)
            || isDigit(c)
            || c == '-'
            || (c == '_' && DirectoryServer.allowAttributeNameExceptions())) {
          woidBuffer.append(c);
        } else {
          // Technically, this must be an illegal character.  However, it is
          // possible that someone just got sloppy and did not include a space
          // between the name/OID and a closing parenthesis.  In that case,
          // we'll assume it's the end of the value.  What's more, we'll have
          // to prematurely return to nasty side effects from stripping off
          // additional characters.
          if (c == ')') {
            return startPos - 1;
          }

          // This must have been an illegal character.
          LocalizableMessage message =
              ERR_ATTR_SYNTAX_DCR_ILLEGAL_CHAR_IN_STRING_OID.get(lowerStr, c, startPos - 1);
          throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
        }
      }
    } else {
      LocalizableMessage message = ERR_ATTR_SYNTAX_DCR_ILLEGAL_CHAR.get(lowerStr, c, startPos);
      throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
    }

    // Skip over any trailing spaces after the value.
    while (startPos < length && ((c = lowerStr.charAt(startPos)) == ' ')) {
      startPos++;
    }

    // If we're at the end of the value, then that's illegal.
    if (startPos >= length) {
      LocalizableMessage message = ERR_ATTR_SYNTAX_DCR_TRUNCATED_VALUE.get(lowerStr);
      throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
    }

    // Return the position of the first non-space character after the token.
    return startPos;
  }
Example #2
0
  /**
   * Decodes the contents of the provided ASN.1 octet string as a DIT content rule definition
   * according to the rules of this syntax. Note that the provided octet string value does not need
   * to be normalized (and in fact, it should not be in order to allow the desired capitalization to
   * be preserved).
   *
   * @param value The ASN.1 octet string containing the value to decode (it does not need to be
   *     normalized).
   * @param schema The schema to use to resolve references to other schema elements.
   * @param allowUnknownElements Indicates whether to allow values that reference a name form and/or
   *     superior rules which are not defined in the server schema. This should only be true when
   *     called by {@code valueIsAcceptable}.
   * @return The decoded DIT content rule definition.
   * @throws DirectoryException If the provided value cannot be decoded as an DIT content rule
   *     definition.
   */
  public static DITContentRule decodeDITContentRule(
      ByteSequence value, Schema schema, boolean allowUnknownElements) throws DirectoryException {
    // Get string representations of the provided value using the provided form
    // and with all lowercase characters.
    String valueStr = value.toString();
    String lowerStr = toLowerCase(valueStr);

    // We'll do this a character at a time.  First, skip over any leading
    // whitespace.
    int pos = 0;
    int length = valueStr.length();
    while (pos < length && valueStr.charAt(pos) == ' ') {
      pos++;
    }

    if (pos >= length) {
      // This means that the value was empty or contained only whitespace.  That
      // is illegal.
      LocalizableMessage message = ERR_ATTR_SYNTAX_DCR_EMPTY_VALUE.get();
      throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
    }

    // The next character must be an open parenthesis.  If it is not, then that
    // is an error.
    char c = valueStr.charAt(pos++);
    if (c != '(') {
      LocalizableMessage message =
          ERR_ATTR_SYNTAX_DCR_EXPECTED_OPEN_PARENTHESIS.get(valueStr, pos - 1, c);
      throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
    }

    // Skip over any spaces immediately following the opening parenthesis.
    while (pos < length && ((c = valueStr.charAt(pos)) == ' ')) {
      pos++;
    }

    if (pos >= length) {
      // This means that the end of the value was reached before we could find
      // the OID.  Ths is illegal.
      LocalizableMessage message = ERR_ATTR_SYNTAX_DCR_TRUNCATED_VALUE.get(valueStr);
      throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
    }

    // The next set of characters must be the OID.  Strictly speaking, this
    // should only be a numeric OID, but we'll also allow for the
    // "ocname-oid" case as well.  Look at the first character to figure out
    // which we will be using.
    int oidStartPos = pos;
    if (isDigit(c)) {
      // This must be a numeric OID.  In that case, we will accept only digits
      // and periods, but not consecutive periods.
      boolean lastWasPeriod = false;
      while (pos < length && ((c = valueStr.charAt(pos++)) != ' ')) {
        if (c == '.') {
          if (lastWasPeriod) {
            LocalizableMessage message =
                ERR_ATTR_SYNTAX_DCR_DOUBLE_PERIOD_IN_NUMERIC_OID.get(valueStr, pos - 1);
            throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
          }
          lastWasPeriod = true;
        } else if (!isDigit(c)) {
          // This must have been an illegal character.
          LocalizableMessage message =
              ERR_ATTR_SYNTAX_DCR_ILLEGAL_CHAR_IN_NUMERIC_OID.get(valueStr, c, pos - 1);
          throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
        } else {
          lastWasPeriod = false;
        }
      }
    } else {
      // This must be a "fake" OID.  In this case, we will only accept
      // alphabetic characters, numeric digits, and the hyphen.
      while (pos < length && ((c = valueStr.charAt(pos++)) != ' ')) {
        if (isAlpha(c)
            || isDigit(c)
            || c == '-'
            || (c == '_' && DirectoryServer.allowAttributeNameExceptions())) {
          // This is fine.  It is an acceptable character.
        } else {
          // This must have been an illegal character.
          LocalizableMessage message =
              ERR_ATTR_SYNTAX_DCR_ILLEGAL_CHAR_IN_STRING_OID.get(valueStr, c, pos - 1);
          throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
        }
      }
    }

    // If we're at the end of the value, then it isn't a valid DIT content rule
    // description.  Otherwise, parse out the OID.
    if (pos >= length) {
      LocalizableMessage message = ERR_ATTR_SYNTAX_DCR_TRUNCATED_VALUE.get(valueStr);
      throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
    }

    String oid = lowerStr.substring(oidStartPos, pos - 1);

    // Get the objectclass with the specified OID.  If it does not exist or is
    // not structural, then fail.
    ObjectClass structuralClass = schema.getObjectClass(oid);
    if (structuralClass == null) {
      if (allowUnknownElements) {
        structuralClass = DirectoryServer.getDefaultObjectClass(oid);
      } else {
        LocalizableMessage message =
            ERR_ATTR_SYNTAX_DCR_UNKNOWN_STRUCTURAL_CLASS.get(valueStr, oid);
        throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message);
      }
    } else if (structuralClass.getObjectClassType() != ObjectClassType.STRUCTURAL) {
      LocalizableMessage message =
          ERR_ATTR_SYNTAX_DCR_STRUCTURAL_CLASS_NOT_STRUCTURAL.get(
              valueStr, oid, structuralClass.getNameOrOID(), structuralClass.getObjectClassType());
      throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message);
    }

    // Skip over the space(s) after the OID.
    while (pos < length && ((c = valueStr.charAt(pos)) == ' ')) {
      pos++;
    }

    if (pos >= length) {
      // This means that the end of the value was reached before we could find
      // the OID.  Ths is illegal.
      LocalizableMessage message = ERR_ATTR_SYNTAX_DCR_TRUNCATED_VALUE.get(valueStr);
      throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
    }

    // At this point, we should have a pretty specific syntax that describes
    // what may come next, but some of the components are optional and it would
    // be pretty easy to put something in the wrong order, so we will be very
    // flexible about what we can accept.  Just look at the next token, figure
    // out what it is and how to treat what comes after it, then repeat until
    // we get to the end of the value.  But before we start, set default values
    // for everything else we might need to know.
    LinkedHashMap<String, String> names = new LinkedHashMap<>();
    String description = null;
    boolean isObsolete = false;
    LinkedHashSet<ObjectClass> auxiliaryClasses = new LinkedHashSet<>();
    LinkedHashSet<AttributeType> requiredAttributes = new LinkedHashSet<>();
    LinkedHashSet<AttributeType> optionalAttributes = new LinkedHashSet<>();
    LinkedHashSet<AttributeType> prohibitedAttributes = new LinkedHashSet<>();
    LinkedHashMap<String, List<String>> extraProperties = new LinkedHashMap<>();

    while (true) {
      StringBuilder tokenNameBuffer = new StringBuilder();
      pos = readTokenName(valueStr, tokenNameBuffer, pos);
      String tokenName = tokenNameBuffer.toString();
      String lowerTokenName = toLowerCase(tokenName);
      if (tokenName.equals(")")) {
        // We must be at the end of the value.  If not, then that's a problem.
        if (pos < length) {
          LocalizableMessage message =
              ERR_ATTR_SYNTAX_DCR_UNEXPECTED_CLOSE_PARENTHESIS.get(valueStr, pos - 1);
          throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
        }

        break;
      } else if (lowerTokenName.equals("name")) {
        // This specifies the set of names for the DIT content rule.  It may be
        // a single name in single quotes, or it may be an open parenthesis
        // followed by one or more names in single quotes separated by spaces.
        c = valueStr.charAt(pos++);
        if (c == '\'') {
          StringBuilder userBuffer = new StringBuilder();
          StringBuilder lowerBuffer = new StringBuilder();
          pos = readQuotedString(valueStr, lowerStr, userBuffer, lowerBuffer, pos - 1);
          names.put(lowerBuffer.toString(), userBuffer.toString());
        } else if (c == '(') {
          StringBuilder userBuffer = new StringBuilder();
          StringBuilder lowerBuffer = new StringBuilder();
          pos = readQuotedString(valueStr, lowerStr, userBuffer, lowerBuffer, pos);
          names.put(lowerBuffer.toString(), userBuffer.toString());

          while (true) {
            if (valueStr.charAt(pos) == ')') {
              // Skip over any spaces after the parenthesis.
              pos++;
              while (pos < length && ((c = valueStr.charAt(pos)) == ' ')) {
                pos++;
              }

              break;
            } else {
              userBuffer = new StringBuilder();
              lowerBuffer = new StringBuilder();

              pos = readQuotedString(valueStr, lowerStr, userBuffer, lowerBuffer, pos);
              names.put(lowerBuffer.toString(), userBuffer.toString());
            }
          }
        } else {
          // This is an illegal character.
          LocalizableMessage message = ERR_ATTR_SYNTAX_DCR_ILLEGAL_CHAR.get(valueStr, c, pos - 1);
          throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
        }
      } else if (lowerTokenName.equals("desc")) {
        // This specifies the description for the DIT content rule.  It is an
        // arbitrary string of characters enclosed in single quotes.
        StringBuilder descriptionBuffer = new StringBuilder();
        pos = readQuotedString(valueStr, descriptionBuffer, pos);
        description = descriptionBuffer.toString();
      } else if (lowerTokenName.equals("obsolete")) {
        // This indicates whether the DIT content rule should be considered
        // obsolete.  We do not need to do any more parsing for this token.
        isObsolete = true;
      } else if (lowerTokenName.equals("aux")) {
        LinkedList<ObjectClass> ocs = new LinkedList<>();

        // This specifies the set of required auxiliary objectclasses for this
        // DIT content rule.  It may be a single name or OID (not in quotes), or
        // it may be an open parenthesis followed by one or more names separated
        // by spaces and the dollar sign character, followed by a closing
        // parenthesis.
        c = valueStr.charAt(pos++);
        if (c == '(') {
          while (true) {
            StringBuilder woidBuffer = new StringBuilder();
            pos = readWOID(lowerStr, woidBuffer, pos);

            ObjectClass oc = schema.getObjectClass(woidBuffer.toString());
            if (oc == null) {
              // This isn't good because it is an unknown auxiliary class.
              if (allowUnknownElements) {
                oc = DirectoryServer.getDefaultAuxiliaryObjectClass(woidBuffer.toString());
              } else {
                throw new DirectoryException(
                    ResultCode.CONSTRAINT_VIOLATION,
                    ERR_ATTR_SYNTAX_DCR_UNKNOWN_AUXILIARY_CLASS.get(valueStr, woidBuffer));
              }
            } else if (oc.getObjectClassType() != ObjectClassType.AUXILIARY) {
              // This isn't good because it isn't an auxiliary class.
              LocalizableMessage message =
                  ERR_ATTR_SYNTAX_DCR_AUXILIARY_CLASS_NOT_AUXILIARY.get(
                      valueStr, woidBuffer, oc.getObjectClassType());
              throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message);
            }

            ocs.add(oc);

            // The next character must be either a dollar sign or a closing
            // parenthesis.
            c = valueStr.charAt(pos++);
            if (c == ')') {
              // This denotes the end of the list.
              break;
            } else if (c != '$') {
              LocalizableMessage message =
                  ERR_ATTR_SYNTAX_DCR_ILLEGAL_CHAR.get(valueStr, c, pos - 1);
              throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
            }
          }
        } else {
          StringBuilder woidBuffer = new StringBuilder();
          pos = readWOID(lowerStr, woidBuffer, pos - 1);

          ObjectClass oc = schema.getObjectClass(woidBuffer.toString());
          if (oc == null) {
            // This isn't good because it is an unknown auxiliary class.
            if (allowUnknownElements) {
              oc = DirectoryServer.getDefaultAuxiliaryObjectClass(woidBuffer.toString());
            } else {
              throw new DirectoryException(
                  ResultCode.CONSTRAINT_VIOLATION,
                  ERR_ATTR_SYNTAX_DCR_UNKNOWN_AUXILIARY_CLASS.get(valueStr, woidBuffer));
            }
          } else if (oc.getObjectClassType() != ObjectClassType.AUXILIARY) {
            // This isn't good because it isn't an auxiliary class.
            LocalizableMessage message =
                ERR_ATTR_SYNTAX_DCR_AUXILIARY_CLASS_NOT_AUXILIARY.get(
                    valueStr, woidBuffer, oc.getObjectClassType());
            throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message);
          }

          ocs.add(oc);
        }

        auxiliaryClasses.addAll(ocs);
      } else if (lowerTokenName.equals("must")) {
        LinkedList<AttributeType> attrs = new LinkedList<>();

        // This specifies the set of required attributes for the DIT content
        // rule.  It may be a single name or OID (not in quotes), or it may be
        // an open parenthesis followed by one or more names separated by spaces
        // and the dollar sign character, followed by a closing parenthesis.
        c = valueStr.charAt(pos++);
        if (c == '(') {
          while (true) {
            StringBuilder woidBuffer = new StringBuilder();
            pos = readWOID(lowerStr, woidBuffer, pos);
            attrs.add(
                getAttribute(
                    schema,
                    allowUnknownElements,
                    valueStr,
                    woidBuffer,
                    ERR_ATTR_SYNTAX_DCR_UNKNOWN_REQUIRED_ATTR));

            // The next character must be either a dollar sign or a closing parenthesis.
            c = valueStr.charAt(pos++);
            if (c == ')') {
              // This denotes the end of the list.
              break;
            } else if (c != '$') {
              LocalizableMessage message =
                  ERR_ATTR_SYNTAX_DCR_ILLEGAL_CHAR.get(valueStr, c, pos - 1);
              throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
            }
          }
        } else {
          StringBuilder woidBuffer = new StringBuilder();
          pos = readWOID(lowerStr, woidBuffer, pos - 1);
          attrs.add(
              getAttribute(
                  schema,
                  allowUnknownElements,
                  valueStr,
                  woidBuffer,
                  ERR_ATTR_SYNTAX_DCR_UNKNOWN_REQUIRED_ATTR));
        }

        requiredAttributes.addAll(attrs);
      } else if (lowerTokenName.equals("may")) {
        LinkedList<AttributeType> attrs = new LinkedList<>();

        // This specifies the set of optional attributes for the DIT content
        // rule.  It may be a single name or OID (not in quotes), or it may be
        // an open parenthesis followed by one or more names separated by spaces
        // and the dollar sign character, followed by a closing parenthesis.
        c = valueStr.charAt(pos++);
        if (c == '(') {
          while (true) {
            StringBuilder woidBuffer = new StringBuilder();
            pos = readWOID(lowerStr, woidBuffer, pos);
            attrs.add(
                getAttribute(
                    schema,
                    allowUnknownElements,
                    valueStr,
                    woidBuffer,
                    ERR_ATTR_SYNTAX_DCR_UNKNOWN_OPTIONAL_ATTR));

            // The next character must be either a dollar sign or a closing parenthesis.
            c = valueStr.charAt(pos++);
            if (c == ')') {
              // This denotes the end of the list.
              break;
            } else if (c != '$') {
              LocalizableMessage message =
                  ERR_ATTR_SYNTAX_DCR_ILLEGAL_CHAR.get(valueStr, c, pos - 1);
              throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
            }
          }
        } else {
          StringBuilder woidBuffer = new StringBuilder();
          pos = readWOID(lowerStr, woidBuffer, pos - 1);
          attrs.add(
              getAttribute(
                  schema,
                  allowUnknownElements,
                  valueStr,
                  woidBuffer,
                  ERR_ATTR_SYNTAX_DCR_UNKNOWN_OPTIONAL_ATTR));
        }

        optionalAttributes.addAll(attrs);
      } else if (lowerTokenName.equals("not")) {
        LinkedList<AttributeType> attrs = new LinkedList<>();

        // This specifies the set of prohibited attributes for the DIT content
        // rule.  It may be a single name or OID (not in quotes), or it may be
        // an open parenthesis followed by one or more names separated by spaces
        // and the dollar sign character, followed by a closing parenthesis.
        c = valueStr.charAt(pos++);
        if (c == '(') {
          while (true) {
            StringBuilder woidBuffer = new StringBuilder();
            pos = readWOID(lowerStr, woidBuffer, pos);
            attrs.add(
                getAttribute(
                    schema,
                    allowUnknownElements,
                    valueStr,
                    woidBuffer,
                    ERR_ATTR_SYNTAX_DCR_UNKNOWN_PROHIBITED_ATTR));

            // The next character must be either a dollar sign or a closing parenthesis.
            c = valueStr.charAt(pos++);
            if (c == ')') {
              // This denotes the end of the list.
              break;
            } else if (c != '$') {
              LocalizableMessage message =
                  ERR_ATTR_SYNTAX_DCR_ILLEGAL_CHAR.get(valueStr, c, pos - 1);
              throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
            }
          }
        } else {
          StringBuilder woidBuffer = new StringBuilder();
          pos = readWOID(lowerStr, woidBuffer, pos - 1);
          attrs.add(
              getAttribute(
                  schema,
                  allowUnknownElements,
                  valueStr,
                  woidBuffer,
                  ERR_ATTR_SYNTAX_DCR_UNKNOWN_PROHIBITED_ATTR));
        }

        prohibitedAttributes.addAll(attrs);
      } else {
        // This must be a non-standard property and it must be followed by
        // either a single value in single quotes or an open parenthesis
        // followed by one or more values in single quotes separated by spaces
        // followed by a close parenthesis.
        LinkedList<String> valueList = new LinkedList<>();
        pos = readExtraParameterValues(valueStr, valueList, pos);
        extraProperties.put(tokenName, valueList);
      }
    }

    // Make sure that none of the prohibited attributes is required by the
    // structural or any of the auxiliary classes.
    for (AttributeType t : prohibitedAttributes) {
      if (structuralClass.isRequired(t)) {
        LocalizableMessage message =
            ERR_ATTR_SYNTAX_DCR_PROHIBITED_REQUIRED_BY_STRUCTURAL.get(
                valueStr, t.getNameOrOID(), structuralClass.getNameOrOID());
        throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message);
      }

      for (ObjectClass oc : auxiliaryClasses) {
        if (oc.isRequired(t)) {
          LocalizableMessage message =
              ERR_ATTR_SYNTAX_DCR_PROHIBITED_REQUIRED_BY_AUXILIARY.get(
                  valueStr, t.getNameOrOID(), oc.getNameOrOID());
          throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message);
        }
      }
    }

    return new DITContentRule(
        value.toString(),
        structuralClass,
        names,
        description,
        auxiliaryClasses,
        requiredAttributes,
        optionalAttributes,
        prohibitedAttributes,
        isObsolete,
        extraProperties);
  }