ApplicationManager.java revision ccf9d4a5c6453fa9f8b839baeee25147865fbb7d
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: ApplicationManager.java,v 1.11 2010/01/13 23:41:57 veiming Exp $
*
* Portions Copyrighted 2013-2016 ForgeRock AS.
*/
/**
* Application Manager handles addition, deletion and listing of applications for each realm.
*/
public final class ApplicationManager {
private static Map<String, Set<Application>> applications = new ConcurrentHashMap<String, Set<Application>>();
private ApplicationManager() {
}
/**
* Returns the application names in a realm.
*
* When performing the search using the Subject {@link PrivilegeManager#superAdminSubject},
* the provided filters must not contain {@link Operator#LESS_THAN_OR_EQUAL_OPERATOR }
* or {@link Operator#GREATER_THAN_OR_EQUAL_OPERATOR } as these are not supported by LDAP.
*
* @param adminSubject Admin Subject who has the rights to access configuration datastore.
* @param realm Realm name.
* @param filters Search Filters
* @return application names in a realm.
*/
throws EntitlementException {
}
// Delegation to applications is currently not configurable, passing super admin (see AME-4959)
}
private static Set<String> filterApplicationNames(String realm, Set<String> applNames, Set<SearchFilter> filters) {
try {
}
}
} catch (EntitlementException ex) {
}
}
} else {
}
return results;
}
return false;
}
return false;
}
return false;
}
return false;
}
return false;
}
return false;
}
}
}
return true;
}
switch (operator) {
case EQUALS_OPERATOR:
case GREATER_THAN_OPERATOR:
case LESS_THAN_OPERATOR:
default:
return false;
}
}
/**
* Returns the application names in a realm.
*
* @param adminSubject Admin Subject who has the rights to access
* configuration datastore.
* @param realm Realm name.
* @return application names in a realm.
*/
) throws EntitlementException {
}
return results;
}
throws EntitlementException {
return appls;
}
try {
return appls;
} finally {
}
}
return appls;
}
// Delegation to applications is currently not configurable, passing super admin (see AME-4959)
}
}
return accessible;
}
/**
* Returns application.
*
* @param realm Realm name.
* @param name Name of Application.
* @return application.
*/
public static Application getApplicationForEvaluation(
) throws EntitlementException {
name);
}
/**
* Returns application.
*
* @param adminSubject Admin Subject who has the rights to access
* configuration datastore.
* @param realm Realm name.
* @param name Name of Application.
* @return application.
*/
public static Application getApplication(
) throws EntitlementException {
}
return appl;
}
}
// try again, to get application for sub realm.
return appl;
}
}
return null;
}
/**
* Removes application.
*
* @param adminSubject Admin Subject who has the rights to access
* configuration datastore.
* @param realm Realm Name.
* @param name Application Name.
* @throws EntitlementException
*/
public static void deleteApplication(
) throws EntitlementException {
if (!allowed) {
}
if (!allowed) {
throw new EntitlementException(PERMISSION_DENIED);
}
}
}
}
/**
* Saves application data.
*
* @param adminSubject Admin Subject who has the rights to access configuration datastore.
* @param realm Realm Name.
* @param application Application object.
*
* @return The saved application, which will include any modifications to its fields.
*/
public static Application saveApplication(Subject adminSubject, String realm, Application application)
throws EntitlementException {
throw new EntitlementException(MODIFY_APPLICATION_FAIL);
} else {
}
return application;
}
private static void checkUserPrivileges(Subject adminSubject, String realm, Application application)
throws EntitlementException {
if (!allow) {
allow = false;
} else {
}
}
if (!allow) {
throw new EntitlementException(PERMISSION_DENIED);
}
}
private static void checkIfResourceTypeExists(Subject adminSubject, String realm, Application application)
throws EntitlementException {
// When this class is refactored (AME-6287) this dependency should be injected.
}
}
}
}
private static void setApplicationMetaData(Subject adminSubject, String realm, Application application) {
if (creationDate == -1) {
if (principalName != null) {
}
} else {
} else {
}
}
}
}
if (principalName != null) {
}
}
private static String getApplicationCreatedBy(
) {
try {
} catch (EntitlementException ex) {
// new application.
return null;
}
}
private static long getApplicationCreationDate(
) {
try {
} catch (EntitlementException ex) {
// new application.
return -1;
}
}
private static boolean hasAccessToApplication(
// applicationNames may be empty if the sub realm is removed.
// or the sub realm really do not have referral privilege assigned to
// it. In the latter case, clearing the cache for referral privilege
// should be ok.
return applicationNames.isEmpty() ||
}
private static boolean hasAccessToApplication(
}
private static boolean isNewApplication(
) throws EntitlementException {
return false;
}
}
return true;
}
/**
* Clears the cached applications. Must be called when notifications are
* received for changes to applications.
*/
break;
}
}
}
/**
* Returns referred resources for a realm.
*
* @param adminSubject Admin Subject who has the rights to access
* configuration datastore.
* @param realm Realm name
* @param applicationTypeName Application Type Name.
* @return referred resources for a realm.
* @throws EntitlementException if referred resources cannot be returned.
*/
) throws EntitlementException {
if (!allowed) {
// Delegation to applications is currently not configurable, passing super admin (see AME-4959)
}
if (!allowed) {
return Collections.EMPTY_SET;
}
}
/**
* Creates an application.
*
* @param name Name of application.
* @param applicationType application type.
* @throws EntitlementException if application class is not found.
*/
public static Application newApplication(String name, ApplicationType applicationType) throws EntitlementException {
try {
} catch (NoSuchMethodException ex) {
} catch (SecurityException ex) {
} catch (InstantiationException ex) {
} catch (IllegalAccessException ex) {
} catch (IllegalArgumentException ex) {
} catch (InvocationTargetException ex) {
}
}
}