private String generateDDL(
OracleUserAttributes userAttributes,
Class<? extends SPIOperation> operation,
UserRecord userRecord) {
StringBuilder builder = new StringBuilder();
BuilderStatus status = new BuilderStatus();
appendAuth(builder, userAttributes, operation, status, userRecord);
if (userAttributes.getDefaultTableSpace() != null) {
appendDefaultTableSpace(builder, userAttributes);
}
if (userAttributes.getTempTableSpace() != null) {
appendTemporaryTableSpace(builder, userAttributes);
}
if (userAttributes.getDefaultTSQuota() != null) {
appendDefaultTSQuota(builder, userAttributes, userRecord);
}
if (userAttributes.getTempTSQuota() != null) {
appendTempTSQuota(builder, userAttributes, userRecord);
}
if (Boolean.FALSE.equals(userAttributes.getExpirePassword())) {
if (status.passwordSet == null) {
// If password is already not expired, just ignore attribute
// that would not have any effect
if (userRecord == null || OracleUserReader.isPasswordExpired(userRecord)) {
throw new IllegalArgumentException(
cm.format(MSG_MUST_SPECIFY_PASSWORD_FOR_UNEXPIRE, null));
}
}
}
if (status.forceExpirePassword || Boolean.TRUE.equals(userAttributes.getExpirePassword())) {
// We can expire password only for LOCAL authentication
if (OracleAuthentication.LOCAL.equals(status.currentAuth)) {
appendExpirePassword(builder, userAttributes);
} else {
IllegalArgumentException e =
new IllegalArgumentException(
cm.format(MSG_CANNOT_EXPIRE_PASSWORD_FOR_NOT_LOCAL_AUTHENTICATION, null));
if (ExtraAttributesPolicy.FAIL.equals(
extraAttributesPolicySetup.getPolicy(PASSWORD_EXPIRE, operation))) {
throw e;
} else {
status.addIgnoredAttribute(PASSWORD_EXPIRE, e);
LOG.info("Ignoring extra password_expire attribute in operation [{0}]", operation);
}
}
}
if (userAttributes.getEnable() != null) {
appendEnabled(builder, userAttributes);
}
if (userAttributes.getProfile() != null) {
appendProfile(builder, userAttributes);
}
if (builder.length() == 0 && !status.ignoredAttributes.isEmpty()) {
// throw the fisrt exception
throw status.ignoredAttributes.get(0).getSecond();
}
return builder.toString();
}
static ConnectionType resolveType(String name, ConnectorMessages msg) {
for (ConnectionType type : values()) {
if (type.sourceType.equals(name)) {
return type;
}
}
throw new IllegalArgumentException(msg.format(MSG_INVALID_SOURCE_TYPE, null));
}
static String getNotEmptyStringValue(
Map<String, Attribute> attrs, String name, ConnectorMessages cm) {
String value = getRequiredStringValue(attrs, name, cm);
if (StringUtil.isEmpty(value)) {
throw new IllegalArgumentException(cm.format(MSG_ATTRIBUTE_IS_EMPTY, null, name));
}
return value;
}
static String getRequiredStringValue(
Map<String, Attribute> attrs, String name, ConnectorMessages cm) {
Attribute attr = attrs.get(name);
if (attr == null) {
throw new IllegalArgumentException(cm.format(MSG_ATTRIBUTE_IS_MISSING, null, name));
}
return AttributeUtil.getStringValue(attr);
}
static Boolean getNotNullAttributeBooleanValue(
Map<String, Attribute> attrs, String name, ConnectorMessages cm) {
Attribute attr = attrs.get(name);
if (attr == null) {
return null;
}
Object value = AttributeUtil.getSingleValue(attr);
if (value instanceof Boolean) {
return (Boolean) value;
}
throw new IllegalArgumentException(
cm.format(MSG_BOOLEAN_ATTRIBUTE_HAS_INVALID_VALUE, null, name, value));
}
@SuppressWarnings("unchecked")
ExtraAttributesPolicySetupBuilder parseArray(String[] policies) {
if (policies == null) {
return this;
}
for (String policy : policies) {
final Map<String, Object> map = MapParser.parseMap(policy, cm);
if (map.size() != 1) {
throw new IllegalArgumentException(cm.format(MSG_EAP_MUST_SPECIFY_ONE_ARRAY_ELEMENT, null));
}
String attributeName = map.keySet().iterator().next();
Map<String, String> elementMap = (Map<String, String>) map.values().iterator().next();
parseAttributeMap(attributeName, elementMap);
}
return this;
}
private void parseAttribute(
OracleUserAttribute attribute, Map<String, String> aElementMap, boolean overwrite) {
Map<String, String> elementMap = new HashMap<String, String>(aElementMap);
for (Iterator<Entry<String, String>> i = elementMap.entrySet().iterator(); i.hasNext(); ) {
Entry<String, String> entry = i.next();
String opString = entry.getKey();
String policyString = entry.getValue();
ExtraAttributesPolicy policy = ExtraAttributesPolicy.valueOf(policyString);
Class<? extends SPIOperation> operation = resolveOperation(opString);
definePolicyInternal(attribute, operation, policy, overwrite);
i.remove();
}
if (!elementMap.isEmpty()) {
throw new IllegalArgumentException(
cm.format(MSG_EAP_INVALID_ELEMENTS_IN_MAP, null, elementMap));
}
}
@SuppressWarnings("unchecked")
ExtraAttributesPolicySetupBuilder parseMap(String format) {
if ("default".equalsIgnoreCase(format)) {
return this;
}
final Map<String, Object> map = MapParser.parseMap(format, cm);
for (Iterator<Map.Entry<String, Object>> i = map.entrySet().iterator(); i.hasNext(); ) {
Entry<String, Object> entry = i.next();
String attributeName = entry.getKey();
Map<String, String> elementMap = (Map<String, String>) entry.getValue();
parseAttributeMap(attributeName, elementMap);
i.remove();
}
if (!map.isEmpty()) {
throw new IllegalArgumentException(cm.format(MSG_EAP_INVALID_ELEMENTS_IN_MAP, null, map));
}
return this;
}
private void appendTempTSQuota(
StringBuilder builder, OracleUserAttributes userAttributes, UserRecord userRecord) {
builder.append(" quota");
if ("-1".equals(userAttributes.getTempTSQuota())) {
builder.append(" unlimited");
} else {
builder.append(' ').append(userAttributes.getTempTSQuota());
}
builder.append(" on");
String tempTableSpace = userAttributes.getTempTableSpace();
if (tempTableSpace == null) {
if (userRecord == null || userRecord.getTemporaryTableSpace() == null) {
throw new IllegalArgumentException(
cm.format(MSG_MISSING_TEMPORARY_TABLESPACE_FOR_QUOTA, null));
}
tempTableSpace = userRecord.getTemporaryTableSpace();
}
builder.append(' ').append(cs.formatToken(TEMP_TABLESPACE, tempTableSpace));
}
private void appendDefaultTSQuota(
StringBuilder builder, OracleUserAttributes userAttributes, UserRecord userRecord) {
builder.append(" quota");
if ("-1".equals(userAttributes.getDefaultTSQuota())) {
builder.append(" unlimited");
} else {
builder.append(' ').append(userAttributes.getDefaultTSQuota());
}
builder.append(" on");
String defaultTableSpace = userAttributes.getDefaultTableSpace();
if (defaultTableSpace == null) {
if (userRecord == null || userRecord.getDefaultTableSpace() == null) {
throw new IllegalArgumentException(
cm.format(MSG_MISSING_DEFAULT_TABLESPACE_FOR_QUOTA, null));
}
defaultTableSpace = userRecord.getDefaultTableSpace();
}
builder.append(' ').append(cs.formatToken(DEF_TABLESPACE, defaultTableSpace));
}
private Class<? extends SPIOperation> resolveOperation(String opString) {
for (Class<? extends SPIOperation> clazz : FrameworkUtil.allSPIOperations()) {
if (clazz.getName().equals(opString)) {
return clazz;
}
;
String clazzSimpleName = clazz.getSimpleName();
if (clazzSimpleName.equals(opString)) {
return clazz;
}
if (clazzSimpleName.endsWith("Op")
&& clazzSimpleName
.substring(0, clazzSimpleName.length() - 2)
.equalsIgnoreCase(opString)) {
return clazz;
}
}
throw new IllegalArgumentException(
cm.format(MSG_EAP_CANNOT_RESOLVE_SPI_OPERATION, null, opString));
}
private void appendAuth(
final StringBuilder builder,
OracleUserAttributes userAttributes,
Class<? extends SPIOperation> operation,
BuilderStatus status,
UserRecord userRecord) {
status.currentAuth = userAttributes.getAuth();
if (status.currentAuth == null) {
if (CreateOp.class.equals(operation)) {
status.currentAuth = OracleAuthentication.LOCAL;
} else {
status.currentAuth = OracleUserReader.resolveAuthentication(userRecord);
}
}
boolean appendIdentified =
CreateOp.class.equals(operation)
|| userAttributes.getAuth() != null
|| userAttributes.getPassword() != null
|| userAttributes.getGlobalName() != null;
if (!appendIdentified) {
return;
}
if (userAttributes.getPassword() != null
&& !OracleAuthentication.LOCAL.equals(status.currentAuth)) {
// Apply the extra attribute policy
IllegalArgumentException e =
new IllegalArgumentException(
cm.format(MSG_CANNOT_SET_PASSWORD_FOR_NOT_LOCAL_AUTHENTICATION, null));
if (ExtraAttributesPolicy.FAIL.equals(
extraAttributesPolicySetup.getPolicy(PASSWORD, operation))) {
throw e;
} else {
LOG.info("Ignoring extra password attribute in operation [{0}]", operation);
status.addIgnoredAttribute(PASSWORD, e);
// If only password was set, return
if (userAttributes.getAuth() == null
&& userAttributes.getGlobalName() == null
&& UpdateOp.class.equals(operation)) {
appendIdentified = false;
}
}
}
if (userAttributes.getGlobalName() != null
&& !OracleAuthentication.GLOBAL.equals(status.currentAuth)) {
throw new IllegalArgumentException(
cm.format(MSG_CANNOT_SET_GLOBALNAME_FOR_NOT_GLOBAL_AUTHENTICATION, null));
}
if (!appendIdentified) {
return;
}
builder.append(" identified");
if (OracleAuthentication.LOCAL.equals(status.currentAuth)) {
builder.append(" by ");
status.passwordSet = userAttributes.getPassword();
if (status.passwordSet == null) {
// Can we set password same as username ? , adapter did so
if (CreateOp.class.equals(operation)) {
// Set password to userName, it is already normalized
status.passwordSet = new GuardedString(userAttributes.getUserName().toCharArray());
} else {
// no password for update and local authentication
// some application can send update of authentication to
// local and will not send password at the update
// In this case we will rather set password to user name and
// set (password_expired=true)
// Other option would be to throw exception, but some
// application could not have
// possibility to send password
status.passwordSet = new GuardedString(userAttributes.getUserName().toCharArray());
status.forceExpirePassword = true;
}
}
status.passwordSet.access(
new GuardedString.Accessor() {
public void access(char[] clearChars) {
builder.append(cs.formatToken(PASSWORD, clearChars));
Arrays.fill(clearChars, (char) 0);
}
});
} else if (OracleAuthentication.EXTERNAL.equals(status.currentAuth)) {
builder.append(" externally");
} else if (OracleAuthentication.GLOBAL.equals(status.currentAuth)) {
if (StringUtil.isBlank(userAttributes.getGlobalName())) {
throw new IllegalArgumentException(
cm.format(MSG_MISSING_GLOBALNAME_FOR_GLOBAL_AUTHENTICATION, null));
}
builder.append(" globally as ");
builder.append(
cs.formatToken(OracleUserAttribute.GLOBAL_NAME, userAttributes.getGlobalName()));
}
}
