public void addPM_Segment(PM_Segment segment) {
Attribute attr = segment.getAttribute(Nomenclature.MDC_ATTR_ID_INSTNO);
if (attr == null) return;
InstNumber in = (InstNumber) attr.getAttributeType();
segments.put(in.getValue(), segment);
}
/**
* This will invoke the <code>startElement</code> callback in the <code>ContentHandler</code>.
*
* @param element <code>Element</code> used in callbacks.
* @param nsAtts <code>List</code> of namespaces to declare with the element or <code>null</code>.
*/
private void startElement(Element element, Attributes nsAtts) throws JDOMException {
String namespaceURI = element.getNamespaceURI();
String localName = element.getName();
String rawName = element.getQualifiedName();
// Allocate attribute list.
AttributesImpl atts = (nsAtts != null) ? new AttributesImpl(nsAtts) : new AttributesImpl();
List attributes = element.getAttributes();
Iterator i = attributes.iterator();
while (i.hasNext()) {
Attribute a = (Attribute) i.next();
atts.addAttribute(
a.getNamespaceURI(),
a.getName(),
a.getQualifiedName(),
getAttributeTypeName(a.getAttributeType()),
a.getValue());
}
try {
contentHandler.startElement(namespaceURI, localName, rawName, atts);
} catch (SAXException se) {
throw new JDOMException("Exception in startElement", se);
}
}
@Test
public void getAttributeType() {
Attribute curAttrib = null;
for (AttributeType at : AttributeType.values()) {
curAttrib = newAttribute(at, UUID.randomUUID().toString(), AttributeClass.NODE);
assertThat(curAttrib.getAttributeType(), is(equalTo(at)));
}
}
/**
* Gathers all of the attribute types in an entry along with the "objectclass" attribute type in a
* List. The "objectclass" attribute is added to the list first so it is evaluated first.
*
* @param e Entry to gather the attributes for.
* @return List containing the attribute types.
*/
private List<AttributeType> getAllAttrs(Entry e) {
Map<AttributeType, List<Attribute>> attrMap = e.getUserAttributes();
Map<AttributeType, List<Attribute>> opAttrMap = e.getOperationalAttributes();
List<AttributeType> typeList = new LinkedList<AttributeType>();
Attribute attr = e.getObjectClassAttribute();
/*
* When a search is not all attributes returned, the "objectclass"
* attribute type is missing from the entry.
*/
if (attr != null) {
AttributeType ocType = attr.getAttributeType();
typeList.add(ocType);
}
typeList.addAll(attrMap.keySet());
typeList.addAll(opAttrMap.keySet());
return typeList;
}
/**
* This method calculates the historical information and update the hist attribute to store the
* historical information for a modify operation that does not conflict with previous operation.
* This is the usual path and should therefore be optimized.
*
* <p>It does not check if the operation to process is conflicting or not with previous
* operations. The caller is responsible for this.
*
* @param csn The CSN of the operation to process
* @param mod The modify operation to process.
*/
@Override
public void processLocalOrNonConflictModification(CSN csn, Modification mod) {
/*
* The operation is either a non-conflicting operation or a local
* operation so there is no need to check the historical information
* for conflicts.
* If this is a local operation, then this code is run after
* the pre-operation phase.
* If this is a non-conflicting replicated operation, this code is run
* during the handleConflictResolution().
*/
Attribute modAttr = mod.getAttribute();
AttributeType type = modAttr.getAttributeType();
switch (mod.getModificationType().asEnum()) {
case DELETE:
if (modAttr.isEmpty()) {
delete(csn);
} else {
delete(modAttr, csn);
}
break;
case ADD:
if (type.isSingleValue()) {
delete(csn);
}
add(modAttr, csn);
break;
case REPLACE:
/* TODO : can we replace specific attribute values ????? */
delete(csn);
add(modAttr, csn);
break;
case INCREMENT:
/* FIXME : we should update CSN */
break;
}
}
/**
* Checks to see if a LDAP modification is allowed access.
*
* @param container The structure containing the LDAP modifications
* @param operation The operation to check modify privileges on. operation to check and the
* evaluation context to apply the check against.
* @param skipAccessCheck True if access checking should be skipped.
* @return True if access is allowed.
* @throws DirectoryException If a modified ACI could not be decoded.
*/
private boolean aciCheckMods(
AciLDAPOperationContainer container,
LocalBackendModifyOperation operation,
boolean skipAccessCheck)
throws DirectoryException {
Entry resourceEntry = container.getResourceEntry();
DN dn = resourceEntry.getDN();
List<Modification> modifications = operation.getModifications();
for (Modification m : modifications) {
Attribute modAttr = m.getAttribute();
AttributeType modAttrType = modAttr.getAttributeType();
if (modAttrType.equals(aciType)) {
/*
* Check that the operation has modify privileges if it contains
* an "aci" attribute type.
*/
if (!operation.getClientConnection().hasPrivilege(Privilege.MODIFY_ACL, operation)) {
Message message =
INFO_ACI_MODIFY_FAILED_PRIVILEGE.get(
String.valueOf(container.getResourceDN()),
String.valueOf(container.getClientDN()));
logError(message);
return false;
}
}
// This access check handles the case where all attributes of this
// type are being replaced or deleted. If only a subset is being
// deleted than this access check is skipped.
ModificationType modType = m.getModificationType();
if (((modType == ModificationType.DELETE) && modAttr.isEmpty())
|| ((modType == ModificationType.REPLACE) || (modType == ModificationType.INCREMENT))) {
/*
* Check if we have rights to delete all values of an attribute
* type in the resource entry.
*/
if (resourceEntry.hasAttribute(modAttrType)) {
container.setCurrentAttributeType(modAttrType);
List<Attribute> attrList = resourceEntry.getAttribute(modAttrType, modAttr.getOptions());
if (attrList != null) {
for (Attribute a : attrList) {
for (AttributeValue v : a) {
container.setCurrentAttributeValue(v);
container.setRights(ACI_WRITE_DELETE);
if (!skipAccessCheck && !accessAllowed(container)) {
return false;
}
}
}
}
}
}
if (!modAttr.isEmpty()) {
for (AttributeValue v : modAttr) {
container.setCurrentAttributeType(modAttrType);
switch (m.getModificationType()) {
case ADD:
case REPLACE:
container.setCurrentAttributeValue(v);
container.setRights(ACI_WRITE_ADD);
if (!skipAccessCheck && !accessAllowed(container)) {
return false;
}
break;
case DELETE:
container.setCurrentAttributeValue(v);
container.setRights(ACI_WRITE_DELETE);
if (!skipAccessCheck && !accessAllowed(container)) {
return false;
}
break;
case INCREMENT:
Entry modifiedEntry = operation.getModifiedEntry();
List<Attribute> modifiedAttrs =
modifiedEntry.getAttribute(modAttrType, modAttr.getOptions());
if (modifiedAttrs != null) {
for (Attribute attr : modifiedAttrs) {
for (AttributeValue val : attr) {
container.setCurrentAttributeValue(val);
container.setRights(ACI_WRITE_ADD);
if (!skipAccessCheck && !accessAllowed(container)) {
return false;
}
}
}
}
break;
}
/*
* Check if the modification type has an "aci" attribute type.
* If so, check the syntax of that attribute value. Fail the
* the operation if the syntax check fails.
*/
if (modAttrType.equals(aciType) || modAttrType.equals(globalAciType)) {
try {
// A global ACI needs a NULL DN, not the DN of the
// modification.
if (modAttrType.equals(globalAciType)) {
dn = DN.nullDN();
}
Aci.decode(v.getValue(), dn);
} catch (AciException ex) {
Message message =
WARN_ACI_MODIFY_FAILED_DECODE.get(String.valueOf(dn), ex.getMessage());
throw new DirectoryException(ResultCode.INVALID_ATTRIBUTE_SYNTAX, message);
}
}
}
}
}
return true;
}
public boolean addToList(Attribute attribute) {
this.list.put(attribute.getAttributeType(), attribute);
return true;
}
/**
* Process a delete attribute values that is conflicting with a previous modification.
*
* @param csn The CSN of the currently processed change
* @param m the modification that is being processed
* @param modifiedEntry the entry that is modified (before current mod)
* @return false if there is nothing to do
*/
private boolean conflictDelete(CSN csn, Modification m, Entry modifiedEntry) {
/*
* We are processing a conflicting DELETE modification
*
* This code is written on the assumption that conflict are
* rare. We therefore don't care much about the performance
* However since it is rarely executed this code needs to be
* as simple as possible to make sure that all paths are tested.
* In this case the most simple seem to change the DELETE
* in a REPLACE modification that keeps all values
* more recent that the DELETE.
* we are therefore going to change m into a REPLACE that will keep
* all the values that have been updated after the DELETE time
* If a value is present in the entry without any state information
* it must be removed so we simply ignore them
*/
Attribute modAttr = m.getAttribute();
if (modAttr.isEmpty()) {
/*
* We are processing a DELETE attribute modification
*/
m.setModificationType(ModificationType.REPLACE);
AttributeBuilder builder = new AttributeBuilder(modAttr, true);
Iterator<AttrValueHistorical> it = valuesHist.keySet().iterator();
while (it.hasNext()) {
AttrValueHistorical valInfo = it.next();
if (csn.isOlderThan(valInfo.getValueUpdateTime())) {
/*
* this value has been updated after this delete, therefore
* this value must be kept
*/
builder.add(valInfo.getAttributeValue());
} else {
/*
* this value is going to be deleted, remove it from historical
* information unless it is a Deleted attribute value that is
* more recent than this DELETE
*/
if (csn.isNewerThanOrEqualTo(valInfo.getValueDeleteTime())) {
it.remove();
}
}
}
m.setAttribute(builder.toAttribute());
if (csn.isNewerThan(getDeleteTime())) {
deleteTime = csn;
}
if (csn.isNewerThan(getLastUpdateTime())) {
lastUpdateTime = csn;
}
} else {
// we are processing DELETE of some attribute values
AttributeBuilder builder = new AttributeBuilder(modAttr);
for (ByteString val : modAttr) {
boolean deleteIt = true; // true if the delete must be done
boolean addedInCurrentOp = false;
/* update historical information */
AttrValueHistorical valInfo = new AttrValueHistorical(val, null, csn);
AttrValueHistorical oldValInfo = valuesHist.get(valInfo);
if (oldValInfo != null) {
/* this value already exist in the historical information */
if (csn.equals(oldValInfo.getValueUpdateTime())) {
// This value was added earlier in the same operation
// we need to keep the delete.
addedInCurrentOp = true;
}
if (csn.isNewerThanOrEqualTo(oldValInfo.getValueDeleteTime())
&& csn.isNewerThanOrEqualTo(oldValInfo.getValueUpdateTime())) {
valuesHist.remove(oldValInfo);
valuesHist.put(valInfo, valInfo);
} else if (oldValInfo.isUpdate()) {
deleteIt = false;
}
} else {
valuesHist.remove(oldValInfo);
valuesHist.put(valInfo, valInfo);
}
/* if the attribute value is not to be deleted
* or if attribute value is not present suppress it from the
* MOD to make sure the delete is going to succeed
*/
if (!deleteIt
|| (!modifiedEntry.hasValue(modAttr.getAttributeType(), modAttr.getOptions(), val)
&& !addedInCurrentOp)) {
// this value was already deleted before and therefore
// this should not be replayed.
builder.remove(val);
if (builder.isEmpty()) {
// This was the last values in the set of values to be deleted.
// this MOD must therefore be skipped.
return false;
}
}
}
m.setAttribute(builder.toAttribute());
if (csn.isNewerThan(getLastUpdateTime())) {
lastUpdateTime = csn;
}
}
return true;
}
