/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* https://opensso.dev.java.net/public/CDDLv1.0.html or
* opensso/legal/CDDLv1.0.txt
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: IdRepoSampleSearchIds.java,v 1.4 2008/06/25 05:41:14 qcheng Exp $
*
* Portions Copyrighted 2015 ForgeRock AS.
*/
package com.sun.identity.samples.clientsdk.idrepo;
import java.util.*;
import com.iplanet.sso.SSOException;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.AMIdentityRepository;
import com.sun.identity.idm.IdType;
import com.sun.identity.idm.IdSearchControl;
import com.sun.identity.idm.IdSearchOpModifier;
import com.sun.identity.idm.IdSearchResults;
import com.sun.identity.idm.IdRepoException;
/**
* This class
*
*
* @author
*/
public class IdRepoSampleSearchIds {
IdRepoSampleUtils sampleUtils = null;
AMIdentityRepository idRepo = null;
public IdRepoSampleSearchIds (AMIdentityRepository idrepo) {
sampleUtils = new IdRepoSampleUtils();
idRepo = idrepo;
}
public void searchAMIds () {
IdType idtype = sampleUtils.getIdType(idRepo);
if (idtype == null) {
return;
}
IdSearchControl isc = new IdSearchControl();
isc.setAllReturnAttributes(true);
// recursive setting is done via the data store config
String pattern = sampleUtils.getLine(" Enter search pattern", "*");
try {
IdSearchResults adRes = idRepo.searchIdentities(
idtype, pattern, isc);
Set adResSet = adRes.getSearchResults();
processType(idtype, adResSet);
} catch (IdRepoException ire) {
System.err.println("idRepoProcessing: IdRepoException" +
" Searching Identities for '" +
idtype + "' and pattern '" + pattern + "': " +
ire.getMessage());
} catch (SSOException ssoe) {
System.err.println("idRepoProcessing: SSOException" +
" Searching Identities for '" +
idtype + "' and pattern '" + pattern + "': " +
ssoe.getMessage());
}
return;
}
/*
* given a set of AMIdentities of IdType idtype, see
* if any AMIdentity operations are to be performed
* on/with them.
*/
private void processType(IdType idtype, Set idSet)
{
Object[] objs = idSet.toArray();
AMIdentity amid = null;
AMIdentity amid2 = null;
int setsize = idSet.size();
int i;
if (setsize > 0) {
System.out.println("Search returns " + setsize +
" entries of type " + idtype.getName() + ".");
for (i = 0; i < setsize; i++) {
amid = (AMIdentity)objs[i];
System.out.println("\t" + i + ": " + amid.getName());
}
System.out.println ("\t" + i + ": No selection");
String answer = sampleUtils.getLine("Select identity: [0.." +
setsize + "]: ");
int ians = sampleUtils.getIntValue(answer);
try {
if ((ians >= 0) && (ians < setsize)) {
amid = (AMIdentity)objs[ians];
} else if (ians == setsize) {
return;
} else {
System.err.println ("'" + answer +
"' is invalid.");
return;
}
System.out.println (" universalId for " +
amid.getName() + " of IdType " + idtype.getName() +
" = " + amid.getUniversalId());
/*
* have the AMIdentity to work with in amid
*
* for IdType given, the operations allowed:
*
* GROUP
*/
if (idtype.equals(IdType.GROUP)) {
/*
* can:
* get attributes
* get attribute
* get members (of type User)
*/
System.out.println (
"Members of IdType User of Group '" +
amid.getName() + "':");
printMembers(amid, IdType.USER);
printAttrs(amid);
} else if (idtype.equals(IdType.ROLE)) {
/*
* can:
* get attributes
* get attribute
* get members
*/
printAttrs(amid);
} else if (idtype.equals(IdType.USER)) {
String thisUser = amid.getName();
/*
* can:
* see if active
* set active status
* get attributes
* get attribute
* set attributes
* remove attributes
* store
* get memberships
* see if exists
*/
System.out.println("User '" + thisUser +
"' is active: " + amid.isActive());
if (thisUser.equalsIgnoreCase("amadmin") ||
thisUser.equalsIgnoreCase("dsameuser") ||
thisUser.equalsIgnoreCase("amService-URLAccessAgent"))
{
// don't want to mess too much with these users
// in particular
System.out.println("User '" + amid.getName() +
"' exists: " + amid.isExists());
Set idtypes = amid.getType().canBeMemberOf();
System.out.println (amid.getName() +
" can have (and has) membership in identities of " +
"the following types:");
IdType idTypeToUse = null;
Set memberships = null;
for (Iterator it = idtypes.iterator(); it.hasNext(); ) {
idTypeToUse = (IdType)it.next();
System.out.println (" can be member of " +
idTypeToUse.getName());
memberships = amid.getMemberships(idTypeToUse);
printMemberships(amid, idTypeToUse, memberships);
}
printAttrs(amid);
} else {
answer = sampleUtils.getLine (
"Set user active, inactive, or cancel [a,i,c]: ");
if (answer.startsWith("a")) {
if (amid.isActive()) {
System.out.println("User '" + thisUser +
"' already active");
} else {
amid.setActiveStatus(true);
System.out.println("User '" + thisUser +
"' is active: " + amid.isActive());
}
} else if (answer.startsWith("i")) {
if (!amid.isActive()) {
System.out.println("User '" + thisUser +
"' already inactive");
} else {
amid.setActiveStatus(false);
System.out.println("User '" + thisUser +
"' is active: " + amid.isActive());
}
}
System.out.println("User '" + amid.getName() +
"' exists: " + amid.isExists());
Set idtypes = amid.getType().canBeMemberOf();
System.out.println (amid.getName() +
" can have (and has) membership in identities of " +
"the following types:");
IdType idTypeToUse = null;
Set memberships = null;
for (Iterator it = idtypes.iterator(); it.hasNext(); ) {
idTypeToUse = (IdType)it.next();
System.out.println (" can be member of " +
idTypeToUse.getName());
memberships = amid.getMemberships(idTypeToUse);
printMemberships(amid, idTypeToUse, memberships);
}
printAttrs(amid);
System.out.println ("Operations available on User '" +
amid.getName() + "':");
System.out.println (
"\tl: List groups or roles\n" +
"\td: Display attributes\n" +
"\ts: Set attribute\n" +
"\te: No selection");
answer = sampleUtils.getLine(
"Enter selection [l, d, s, e]: ");
if (answer.toLowerCase().startsWith("d")) {
printAttrs(amid);
} else if (answer.toLowerCase().startsWith("s")) {
setAttribute(amid);
} else if (answer.toLowerCase().startsWith("l")) {
listGrpOrRoleOfUser(amid);
} else if (answer.toLowerCase().startsWith("e")) {
} else {
System.err.println ("'" + answer + "' is invalid.");
}
}
} else if (idtype.equals(IdType.AGENT) ||
idtype.equals(IdType.AGENTONLY)) {
/*
* can:
* see if exists
* see if active
* set active status
* get attributes
* get attribute
* set attributes
* remove attributes
* store
*
*/
String thisAgent = amid.getName();
System.out.println("Agent '" + thisAgent +
"' exists: " + amid.isExists());
System.out.println("Agent '" + thisAgent +
"' is active: " + amid.isActive());
answer = sampleUtils.getLine (
"Set agent active, inactive, or cancel [a,i,c]: ");
if (answer.startsWith("a")) {
if (amid.isActive()) {
System.out.println("Agent '" + thisAgent +
"' already active");
} else {
amid.setActiveStatus(true);
System.out.println("Agent '" + thisAgent +
"' is active: " + amid.isActive());
}
} else if (answer.startsWith("i")) {
if (!amid.isActive()) {
System.out.println("Agent '" + thisAgent +
"' already inactive");
} else {
amid.setActiveStatus(false);
System.out.println("Agent '" + thisAgent +
"' is active: " + amid.isActive());
}
}
printAttrs(amid);
setAttribute(amid);
}
} catch (IdRepoException ire) {
System.err.println ("processType:IdRepoException: " +
ire.getMessage());
} catch (SSOException ssoe) {
System.err.println ("processType:SSOException: " +
ssoe.getMessage());
}
} else {
System.out.println ("No identities of type '" +
idtype.getName() + "' found to process.");
}
}
/*
* get and print the attributes for the AMIdentity specified.
*/
private void printAttrs (AMIdentity amid) {
Map attrMap = null;
String name = null;
String type = null;
try {
name = amid.getName();
type = amid.getType().getName();
attrMap = amid.getAttributes();
if (!attrMap.isEmpty()) {
Set keySet = attrMap.keySet();
Set valSet = null;
System.out.println(type + ":" + name + "'s Attributes:");
for (Iterator it = keySet.iterator(); it.hasNext(); ) {
String key = (String)it.next();
System.out.print (" attr '" + key + "' ");
valSet = (Set)attrMap.get(key);
if (valSet.size() > 0) {
System.out.println ("=");
for (Iterator it2=valSet.iterator(); it2.hasNext(); ) {
System.out.println ("\t" + (String)it2.next());
}
} else {
System.out.println ("has no values.");
}
}
} else {
System.out.println (name + " has no attributes.");
}
} catch (IdRepoException ire) {
System.err.println("printAttrs:IdRepoException: " +
ire.getMessage());
} catch (SSOException ssoe) {
System.err.println("printAttrs:SSOException: " +
ssoe.getMessage());
}
}
/*
* print members of the specified IdType in the AMIdentity object
* specified.
*/
private void printMembers (AMIdentity amid, IdType typeToGet)
{
try {
IdType amidType = amid.getType();
String amidTypeName = amidType.getName();
Iterator it = amid.getMembers(typeToGet).iterator();
if (it.hasNext()) {
System.out.println(amidTypeName + " " + amid.getName() +
"'s members:");
while (it.hasNext()) {
System.out.println(" " +
((AMIdentity)it.next()).getName());
}
} else {
System.out.println(amidType + " " + amid.getName() +
" has no members.");
}
} catch (IdRepoException ire) {
System.err.println("printMembers:IdRepoException: " +
ire.getMessage());
} catch (SSOException ssoe) {
System.err.println("printMembers:SSOException: " +
ssoe.getMessage());
}
}
/*
* print memberships of IdType specified in the Set provided.
*/
private void printMemberships(AMIdentity amid, IdType idTypeToUse,
Set memberships)
{
if ((memberships == null) || (memberships.size() == 0)) {
System.out.println(" " + amid.getName() +
" has no memberships in identities of IdType " +
idTypeToUse.getName());
return;
}
Iterator it = memberships.iterator();
if (it.hasNext()) {
System.out.println(" " + amid.getName() +
" has membership in identities of IdType " +
idTypeToUse.getName() + " named: ");
while (it.hasNext()) {
System.out.println(" " +
((AMIdentity)it.next()).getName());
}
} else {
System.out.println(" " + amid.getName() +
" has no memberships in identities of IdType " +
idTypeToUse.getName());
}
}
/*
* get and print the attributes for the specified AMIdentity object.
* select the attribute to set, and value to which to set it, set it,
* then retrieve and print its value for verification.
*/
private void setAttribute (AMIdentity amid)
{
Map attrMap = null;
String name = null;
String type = null;
try {
name = amid.getName();
type = amid.getType().getName();
attrMap = amid.getAttributes();
if (!attrMap.isEmpty()) {
Set keySet = attrMap.keySet();
Object[] attrArray = keySet.toArray();
int i = sampleUtils.selectFromArray (attrArray, type + ":" +
name + "'s Attributes",
"Select attribute to set");
String attrToSet = null;
if ((i >= 0) && (i < keySet.size())) {
attrToSet = (String)attrArray[i];
System.out.println("To set attribute " + attrToSet);
Set oldVal = amid.getAttribute(attrToSet);
System.out.print(" Current value = [");
if (oldVal.isEmpty()) {
System.out.println ("Empty]");
} else {
for (Iterator it=oldVal.iterator(); it.hasNext(); ) {
System.out.print((String)it.next());
if (it.hasNext()) {
System.out.print(" ");
}
}
System.out.println ("]");
}
String newVal = sampleUtils.getLine(
"New value for " + attrToSet + ": ");
Map nattrs = new HashMap();
Set valSet = new HashSet();
valSet.add(newVal);
nattrs.put(attrToSet, valSet);
amid.setAttributes(nattrs);
amid.store();
/*
* get attr value again to verify it changed
*/
oldVal = amid.getAttribute(attrToSet);
System.out.print (" Updated value = [");
if (oldVal.isEmpty()) {
System.out.println ("Empty]");
} else {
for (Iterator it=oldVal.iterator(); it.hasNext(); ) {
System.out.print((String)it.next());
if (it.hasNext()) {
System.out.print (" ");
}
}
System.out.println ("]");
}
}
} else {
System.out.println (name + " has no attributes.");
}
} catch (IdRepoException ire) {
System.err.println("setAttrs:IdRepoException: " +
ire.getMessage());
} catch (SSOException ssoe) {
System.err.println("setAttrs:SSOException: " +
ssoe.getMessage());
}
}
/*
* list groups or roles for the specified user
*/
private void listGrpOrRoleOfUser (AMIdentity amid)
{
IdType typeToGet = null;
Set tSet = null;
String hdr = null;
String ans = sampleUtils.getLine(
"Groups, or Roles to list [g, r]: ");
String ans2 = ans.toLowerCase();
try {
String trlr = null;
hdr = "User " + amid.getName();
if (ans2.startsWith("g")) { // list groups
tSet = amid.getMemberships(IdType.GROUP);
trlr = "group memberships";
} else if (ans2.startsWith("r")) { // list roles
tSet = amid.getMemberships(IdType.ROLE);
trlr = "role memberships";
}
sampleUtils.printResults (hdr, tSet, trlr);
} catch (IdRepoException ire) {
System.err.println("listGrpOrRoleOfUser:IdRepoException: " +
ire.getMessage());
} catch (SSOException ssoe) {
System.err.println("listGrpOrRoleOfUser:SSOException: " +
ssoe.getMessage());
}
}
}