* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved * The contents of this file are subject to the terms * of the Common Development and Distribution License * (the License). You may not use this file except in * compliance with the License. * You can obtain a copy of the License at * See the License for the specific language governing * permission and limitations under the License. * When distributing Covered Code, include this CDDL * Header Notice in each file and include the License file * If applicable, add the following below the CDDL Header, * with the fields enclosed by brackets [] replaced by * your own identifying information: * "Portions Copyrighted [year] [name of copyright owner]" * Portions Copyrighted 2011-2015 ForgeRock AS. * The class <code>ResourceManager</code> manages an index to the // resources service config // key: service type name, value: ServiceType object //Constants to build XML representation // Cache to store the policy names * this constructor is called by PolicyManager * Returns a set of all managed resource names for all the * @return names of the resources managed * @exception PolicyException if unable to get the policy services, * and will contain the exception thrown by SMS. * Returns a set of all managed resource names for the given * @param serviceType the service type for which the resource * names should be returned. * @return names of the resources. * @exception PolicyException if unable to get the policy services, * and will contain the exception thrown by SMS. // no resource node for this service type // else, see if the attribute is there and non-empty // else, need to look into the attribute * Determines that with the given organization (or, sub-organization, * or container) name, if a new resource can be created or not. * @param ServiceType the service type * @return <code>true</code> if new resources can be created, * else <code>false</code> * @exception PolicyException problem with configuration store * Returns a set of valid service names that are applicable for * the organization. The result will depended if new resources * can be created for the organization and also if the organization * @return set of service names that are valid for the organization * @exception SSOException if the caller's single sign on token has expired * @exception PolicyException if not able to get list of services * defined for the organization * Returns a set of names of all the policies for the given resource * @param serviceType the service type which the resource is associated * @param resource the resource for which policies should be returned * @param includePoliciesForSuperResources indicating whether the * policies for all the super-resources in addition to the ultimate * (sub)resource should be returned * @return set of names of the policies. * @exception InvalidFormatException the retrieved resources * from the data store have been corrupted or do not have a * @exception NoPermissionException the user does not have sufficient * @exception PolicyException if unable to get the policy services, * and will contain the exception thrown by SMS. * @exception SSOException single-sign-on token invalid or expired // %%% Need to flush the cache when policy's are changed // This line may impact performance, try to optimize it later * Adds the resource names of the policy to the resource tree. * @param policy the policy to be added * @exception PolicyException if unable to get the policy services, * and will contain the exception thrown by SMS. * @exception SSOException single-sign-on token invalid or expired // iterating through each rule * Removes the resource names of the policy from the resource tree. * @param policy the policy to be removed * @exception PolicyException if unable to get the policy services, * and will contain the exception thrown by SMS. * @exception SSOException single-sign-on token invalid or expired // iterating through each rule * Replaces resource names of a policy in the resource tree. * @param oldPolicy the policy to be replaced * @param newPolicy the policy to replace the existins policy with * @exception PolicyException if unable to get the policy services, * and will contain the exception thrown by SMS. * @exception SSOException single-sign-on token invalid or expired //rConfig = scm.getOrganizationConfig(org, null); debug.
message(
"ResourceManager.getResourcesServiceConfig():" +
"rConfig is not valid");
// to do: investigate this // no resource node for this service type // else, see if the attribute is there and non-empty // else, need to look into the attribute // else, the attribute really contains something // finally reset the modified xml content // no resource node for this service type // else, see if the attribute is there and non-empty // else, need to look into the attribute // else, the attribute really contains something // finally reset the modified xml content // iterating through each reference node // didn't find any match, need to add (a) reference node(s) // iterating through each reference node for (
int i=n-
2; i>=
0; i--) {
* Returns the xml root node for the service type's resources xml blob * @param serviceType the service type which the resources xml blob is * @return root node for the resources xml content. * @exception InvalidFormatException the retrieved resources * from the data store have been corrupted or do not have a * @exception NoPermissionException the user does not have sufficient * @exception PolicyException if unable to get the policy services, * and will contain the exception thrown by SMS. "searching for resources of the service type: " +
"Resources branch is non-existent" +
" in organization: " +
org);
" in organization: " +
org);
"Unable to find resources attribute for the service: "+
"Unable to find resources attribute value for " +
"Unable to get resources of the service type: " +
"unable_to_get_resources_for_service",
objs);
debug.
error(
"XML parsing error for resourcesXml");
"invalid (no root node) xml resources blob: " +
if (!rootNode.getNodeName().equalsIgnoreCase( PolicyManager.POLICY_INDEX_ROOT_NODE)) throw (new InvalidFormatException()); "invalid (no type attr for PolicyCrossReference element) "+
* this method recursively finds the names of the policies corresponding * to the resource. Depending on the boolean input parameter, it would * either returns all the policies including those for super resources, * or, just returns the policies at the final level with exact match or // didn't find exact match, return policies for the last * this method finds the names of policies in the first * Adds specified resource prefixes for a certain service type * @param serviceTypeName the service type name the resource prefixes are * @param resourcePrefixes the prefixes to be added * @exception PolicyException if unable to get the policy services, * and will contain the exception thrown by SMS. // no resource node for this service type //newSet.addAll(resourcePrefixes); // else, see if the attribute is there and non-empty //newSet.addAll(resourcePrefixes); // else, need to look into the attribute //existingRes.addAll(resourcePrefixes); //newAttrs.put(RESOURCE_PREFIXES, existingRes); * Removed specified resource prefixes for a certain service type * @param serviceTypeName the service type name the resource prefixes are * @param resourcePrefixes the prefixes to be removed * @exception PolicyException if unable to get the policy services, * and will contain the exception thrown by SMS. // no resource node for this service type // else, see if the attribute is there and non-empty // else, need to look into the attribute existingSet.removeAll(resourcePrefixes); if (existingSet.isEmpty()) { leafConfig.removeAttribute(RESOURCE_PREFIXES); resources.removeSubConfig(serviceTypeName); newAttrs.put(RESOURCE_PREFIXES, existingSet); leafConfig.setAttributes(newAttrs); * Returns the resource prefix (super-resource) and the rest of the * resource name (sub-resource) * @param serviceTypeName the service type which the resource is * @param resourceName the resource name to be split * @return array of two strings, the first being the super-resource * the second being the sub-resource * @exception PolicyException if unable to get the policy services, * and will contain the exception thrown by SMS. * @exception NameNotFoundException service for the given <code> * serviceTypeName</code> does not exist * @exception SSOException single-sign-on token invalid or expired * Saves the resource index to data store * @param resourceType resource type * @param indexXML xml representation of index ( index to * policies keyed by resource name, in a tree structure) * @throws PolicyException // no resource node for this service type * Converts xml representation of resource prefixes * to a map representation * Key in the map is the prefix and the value is * a count of how many times the prefix has been * effectively added. The count is incremented whenever * the prefix is added and decremented whenever * the prefix is removed. The count is not decremented * @param xmlResourcePrefixes xml representation of resource * prefixes. This is how it is stored in datastore. * @return map representation of resource prefixes. +
" in organization: " +
org);
* Converts map representation of resource prefixes * to an xml representation * @param resourcePrefixes map representation of resource * @return xml representation of resource prefixes * Adds a set of resource prefixes to a map of resource prefixes. * Adding a prefix increments the the count for the prefix * @param prefixes a set of resource prefixes to add * @param prefixMap a map of resource prefixes to which to * @return prefixMap modified accounting for the addition "ResourceManager.addResourcePrefixes:", e);
* Removes a set of resource prefixes from a map of resource prefixes. * Removing a prefix decrements the count for the prefix in the * map value. Count value is not decremented below 0. * @param prefixes a set of resource prefixes to remove * @param prefixMap a map of resource prefixes from which to * @return prefixMap modified accounting for the removal "ResourceManager.removeResourcePrefixes:", e);