/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at legal-notices/CDDLv1_0.txt.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information:
* Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*
* Copyright 2006-2008 Sun Microsystems, Inc.
* Portions Copyright 2014-2015 ForgeRock AS
*/
/**
* This class defines the data structures and methods to use when interacting
* with an LDAP search filter, which defines a set of criteria for locating
* entries in a search request.
*/
public class LDAPFilter
extends RawFilter
{
/** The set of subAny elements for substring filters. */
/** The set of filter components for AND and OR filters. */
/** Indicates whether to match on DN attributes for extensible match filters. */
private boolean dnAttributes;
/** The assertion value for several filter types. */
/** The subFinal element for substring filters. */
/** The subInitial element for substring filters. */
/** The filter type for this filter. */
/** The filter component for NOT filters. */
/** The attribute type for several filter types. */
/** The matching rule ID for extensible matching filters. */
/**
* Creates a new LDAP filter with the provided information. Note that this
* constructor is only intended for use by the {@code RawFilter} class and any
* use of this constructor outside of that class must be very careful to
* ensure that all of the appropriate element types have been provided for the
* associated filter type.
*
* @param filterType The filter type for this filter.
* @param filterComponents The filter components for AND and OR filters.
* @param notComponent The filter component for NOT filters.
* @param attributeType The attribute type for this filter.
* @param assertionValue The assertion value for this filter.
* @param subInitialElement The subInitial element for substring filters.
* @param subAnyElements The subAny elements for substring filters.
* @param subFinalElement The subFinal element for substring filters.
* @param matchingRuleID The matching rule ID for extensible filters.
* @param dnAttributes The dnAttributes flag for extensible filters.
*/
boolean dnAttributes)
{
this.filterType = filterType;
this.filterComponents = filterComponents;
this.notComponent = notComponent;
this.attributeType = attributeType;
this.assertionValue = assertionValue;
this.subInitialElement = subInitialElement;
this.subAnyElements = subAnyElements;
this.subFinalElement = subFinalElement;
this.matchingRuleID = matchingRuleID;
this.dnAttributes = dnAttributes;
}
/**
* Creates a new LDAP filter from the provided search filter.
*
* @param filter The search filter to use to create this LDAP filter.
*/
{
switch (filterType)
{
case AND:
case OR:
for (SearchFilter f : comps)
{
}
notComponent = null;
dnAttributes = false;
break;
case NOT:
dnAttributes = false;
break;
case EQUALITY:
case GREATER_OR_EQUAL:
case LESS_OR_EQUAL:
case APPROXIMATE_MATCH:
notComponent = null;
dnAttributes = false;
break;
case SUBSTRING:
{
}
else
{
}
{
}
else
{
}
if (subAnyStrings == null)
{
}
else
{
}
notComponent = null;
dnAttributes = false;
break;
case PRESENT:
notComponent = null;
dnAttributes = false;
break;
case EXTENSIBLE_MATCH:
{
}
else
{
}
notComponent = null;
break;
}
}
/**
* Decodes the provided string into an LDAP search filter.
*
* @param filterString The string representation of the search filter to
* decode.
*
* @return The decoded LDAP search filter.
*
* @throws LDAPException If the provided string does not represent a valid
* LDAP search filter.
*/
throws LDAPException
{
if (filterString == null)
{
}
try
{
}
catch (LDAPException le)
{
throw le;
}
catch (Exception e)
{
logger.traceException(e);
}
}
/**
* Decodes the provided string into an LDAP search filter.
*
* @param filterString The string representation of the search filter to
* decode.
* @param startPos The position of the first character in the filter
* to parse.
* @param endPos The position of the first character after the end of
* the filter to parse.
*
* @return The decoded LDAP search filter.
*
* @throws LDAPException If the provided string does not represent a valid
* LDAP search filter.
*/
int endPos)
throws LDAPException
{
// Make sure that the length is sufficient for a valid search filter.
if (length <= 0)
{
}
// If the filter is enclosed in a pair of apostrophes ("single-quotes") it
// is invalid (issue #1024).
{
}
// If the filter is surrounded by parentheses (which it should be), then
// strip them off.
{
{
startPos++;
endPos--;
}
else
{
}
}
// Look at the first character. If it is a '&' then it is an AND search.
// If it is a '|' then it is an OR search. If it is a '!' then it is a NOT
// search.
if (c == '&')
{
endPos);
}
else if (c == '|')
{
endPos);
}
else if (c == '!')
{
endPos);
}
// If we've gotten here, then it must be a simple filter. It must have an
// equal sign at some point, so find it.
int equalPos = -1;
{
{
equalPos = i;
break;
}
}
{
}
// Look at the character immediately before the equal sign, because it may
// help determine the filter type.
int attrEndPos;
{
case '~':
break;
case '>':
break;
case '<':
break;
case ':':
endPos);
default:
break;
}
// The part of the filter string before the equal sign should be the
// attribute type. Make sure that the characters it contains are acceptable
// for attribute types, including those allowed by attribute name
// exceptions (ASCII letters and digits, the dash, and the underscore). We
// also need to allow attribute options, which includes the semicolon and
// the equal sign.
{
{
case '-':
case '0':
case '1':
case '2':
case '3':
case '4':
case '5':
case '6':
case '7':
case '8':
case '9':
case ';':
case '=':
case 'A':
case 'B':
case 'C':
case 'D':
case 'E':
case 'F':
case 'G':
case 'H':
case 'I':
case 'J':
case 'K':
case 'L':
case 'M':
case 'N':
case 'O':
case 'P':
case 'Q':
case 'R':
case 'S':
case 'T':
case 'U':
case 'V':
case 'W':
case 'X':
case 'Y':
case 'Z':
case '_':
case 'a':
case 'b':
case 'c':
case 'd':
case 'e':
case 'f':
case 'g':
case 'h':
case 'i':
case 'j':
case 'k':
case 'l':
case 'm':
case 'n':
case 'o':
case 'p':
case 'q':
case 'r':
case 's':
case 't':
case 'u':
case 'v':
case 'w':
case 'x':
case 'y':
case 'z':
// These are all OK.
break;
case '.':
case '/':
case ':':
case '<':
case '>':
case '?':
case '@':
case '[':
case '\\':
case ']':
case '^':
case '`':
// These are not allowed, but they are explicitly called out because
// they are included in the range of values between '-' and 'z', and
// making sure all possible characters are included can help make the
// switch statement more efficient. We'll fall through to the default
// clause to reject them.
default:
}
}
// Get the attribute value.
{
false);
}
{
}
{
}
else
{
boolean hasEscape = false;
for (byte valueByte : valueBytes)
{
{
hasEscape = true;
break;
}
}
if (hasEscape)
{
{
{
// The next two bytes must be the hex characters that comprise the
// binary value.
{
}
byte byteValue = 0;
switch (valueBytes[++i])
{
case 0x30: // '0'
break;
case 0x31: // '1'
byteValue = (byte) 0x10;
break;
case 0x32: // '2'
byteValue = (byte) 0x20;
break;
case 0x33: // '3'
byteValue = (byte) 0x30;
break;
case 0x34: // '4'
byteValue = (byte) 0x40;
break;
case 0x35: // '5'
byteValue = (byte) 0x50;
break;
case 0x36: // '6'
byteValue = (byte) 0x60;
break;
case 0x37: // '7'
byteValue = (byte) 0x70;
break;
case 0x38: // '8'
byteValue = (byte) 0x80;
break;
case 0x39: // '9'
byteValue = (byte) 0x90;
break;
case 0x41: // 'A'
case 0x61: // 'a'
byteValue = (byte) 0xA0;
break;
case 0x42: // 'B'
case 0x62: // 'b'
byteValue = (byte) 0xB0;
break;
case 0x43: // 'C'
case 0x63: // 'c'
byteValue = (byte) 0xC0;
break;
case 0x44: // 'D'
case 0x64: // 'd'
byteValue = (byte) 0xD0;
break;
case 0x45: // 'E'
case 0x65: // 'e'
byteValue = (byte) 0xE0;
break;
case 0x46: // 'F'
case 0x66: // 'f'
byteValue = (byte) 0xF0;
break;
default:
}
switch (valueBytes[++i])
{
case 0x30: // '0'
break;
case 0x31: // '1'
byteValue |= (byte) 0x01;
break;
case 0x32: // '2'
byteValue |= (byte) 0x02;
break;
case 0x33: // '3'
byteValue |= (byte) 0x03;
break;
case 0x34: // '4'
byteValue |= (byte) 0x04;
break;
case 0x35: // '5'
byteValue |= (byte) 0x05;
break;
case 0x36: // '6'
byteValue |= (byte) 0x06;
break;
case 0x37: // '7'
byteValue |= (byte) 0x07;
break;
case 0x38: // '8'
byteValue |= (byte) 0x08;
break;
case 0x39: // '9'
byteValue |= (byte) 0x09;
break;
case 0x41: // 'A'
case 0x61: // 'a'
byteValue |= (byte) 0x0A;
break;
case 0x42: // 'B'
case 0x62: // 'b'
byteValue |= (byte) 0x0B;
break;
case 0x43: // 'C'
case 0x63: // 'c'
byteValue |= (byte) 0x0C;
break;
case 0x44: // 'D'
case 0x64: // 'd'
byteValue |= (byte) 0x0D;
break;
case 0x45: // 'E'
case 0x65: // 'e'
byteValue |= (byte) 0x0E;
break;
case 0x46: // 'F'
case 0x66: // 'f'
byteValue |= (byte) 0x0F;
break;
default:
}
}
else
{
}
}
}
else
{
}
}
}
/**
* Decodes a set of filters from the provided filter string within the
* indicated range.
*
* @param filterType The filter type for this compound filter. It must be
* an AND, OR or NOT filter.
* @param filterString The string containing the filter information to
* decode.
* @param startPos The position of the first character in the set of
* filters to decode.
* @param endPos The position of the first character after the end of
* the set of filters to decode.
*
* @return The decoded LDAP filter.
*
* @throws LDAPException If a problem occurs while attempting to decode the
* compound filter.
*/
throws LDAPException
{
// Create a list to hold the returned components.
// If the end pos is equal to the start pos, then there are no components.
{
{
}
else
{
}
}
// The first and last characters must be parentheses. If not, then that's
// an error.
{
}
// Iterate through the characters in the value. Whenever an open
// parenthesis is found, locate the corresponding close parenthesis by
int pendingOpens = 0;
int openPos = -1;
{
char c = filterString.charAt(i);
if (c == '(')
{
if (openPos < 0)
{
openPos = i;
}
pendingOpens++;
}
else if (c == ')')
{
pendingOpens--;
if (pendingOpens == 0)
{
openPos = -1;
}
else if (pendingOpens < 0)
{
get(filterString, i);
}
}
else if (pendingOpens <= 0)
{
}
}
// At this point, we have parsed the entire set of filter components. The
// list of open parenthesis positions must be empty.
if (pendingOpens != 0)
{
}
// We should have everything we need, so return the list.
{
{
}
}
else
{
}
}
/**
* Decodes a substring search filter component based on the provided
* information.
*
* @param filterString The filter string containing the information to
* decode.
* @param attrType The attribute type for this substring filter
* component.
* @param equalPos The location of the equal sign separating the
* attribute type from the value.
* @param endPos The position of the first character after the end of
* the substring value.
*
* @return The decoded LDAP filter.
*
* @throws LDAPException If a problem occurs while attempting to decode the
* substring filter.
*/
int endPos)
throws LDAPException
{
// Get a binary representation of the value.
// Find the locations of all the asterisks in the value. Also, check to
// see if there are any escaped values, since they will need special
// treatment.
boolean hasEscape = false;
{
{
asteriskPositions.add(i);
}
{
hasEscape = true;
}
}
// If there were no asterisks, then this isn't a substring filter.
if (asteriskPositions.isEmpty())
{
}
// If the value starts with an asterisk, then there is no subInitial
// component. Otherwise, parse out the subInitial.
if (firstPos == 0)
{
subInitial = null;
}
else
{
if (hasEscape)
{
for (int i=0; i < firstPos; i++)
{
if (valueBytes[i] == 0x5C)
{
// The next two bytes must be the hex characters that comprise the
// binary value.
{
}
byte byteValue = 0;
switch (valueBytes[++i])
{
case 0x30: // '0'
break;
case 0x31: // '1'
byteValue = (byte) 0x10;
break;
case 0x32: // '2'
byteValue = (byte) 0x20;
break;
case 0x33: // '3'
byteValue = (byte) 0x30;
break;
case 0x34: // '4'
byteValue = (byte) 0x40;
break;
case 0x35: // '5'
byteValue = (byte) 0x50;
break;
case 0x36: // '6'
byteValue = (byte) 0x60;
break;
case 0x37: // '7'
byteValue = (byte) 0x70;
break;
case 0x38: // '8'
byteValue = (byte) 0x80;
break;
case 0x39: // '9'
byteValue = (byte) 0x90;
break;
case 0x41: // 'A'
case 0x61: // 'a'
byteValue = (byte) 0xA0;
break;
case 0x42: // 'B'
case 0x62: // 'b'
byteValue = (byte) 0xB0;
break;
case 0x43: // 'C'
case 0x63: // 'c'
byteValue = (byte) 0xC0;
break;
case 0x44: // 'D'
case 0x64: // 'd'
byteValue = (byte) 0xD0;
break;
case 0x45: // 'E'
case 0x65: // 'e'
byteValue = (byte) 0xE0;
break;
case 0x46: // 'F'
case 0x66: // 'f'
byteValue = (byte) 0xF0;
break;
default:
}
switch (valueBytes[++i])
{
case 0x30: // '0'
break;
case 0x31: // '1'
byteValue |= (byte) 0x01;
break;
case 0x32: // '2'
byteValue |= (byte) 0x02;
break;
case 0x33: // '3'
byteValue |= (byte) 0x03;
break;
case 0x34: // '4'
byteValue |= (byte) 0x04;
break;
case 0x35: // '5'
byteValue |= (byte) 0x05;
break;
case 0x36: // '6'
byteValue |= (byte) 0x06;
break;
case 0x37: // '7'
byteValue |= (byte) 0x07;
break;
case 0x38: // '8'
byteValue |= (byte) 0x08;
break;
case 0x39: // '9'
byteValue |= (byte) 0x09;
break;
case 0x41: // 'A'
case 0x61: // 'a'
byteValue |= (byte) 0x0A;
break;
case 0x42: // 'B'
case 0x62: // 'b'
byteValue |= (byte) 0x0B;
break;
case 0x43: // 'C'
case 0x63: // 'c'
byteValue |= (byte) 0x0C;
break;
case 0x44: // 'D'
case 0x64: // 'd'
byteValue |= (byte) 0x0D;
break;
case 0x45: // 'E'
case 0x65: // 'e'
byteValue |= (byte) 0x0E;
break;
case 0x46: // 'F'
case 0x66: // 'f'
byteValue |= (byte) 0x0F;
break;
default:
}
}
else
{
}
}
}
else
{
}
}
// Next, process through the rest of the asterisks to get the subAny values.
for (int asteriskPos : asteriskPositions)
{
if (hasEscape)
{
{
if (valueBytes[i] == 0x5C)
{
// The next two bytes must be the hex characters that comprise the
// binary value.
{
}
byte byteValue = 0;
switch (valueBytes[++i])
{
case 0x30: // '0'
break;
case 0x31: // '1'
byteValue = (byte) 0x10;
break;
case 0x32: // '2'
byteValue = (byte) 0x20;
break;
case 0x33: // '3'
byteValue = (byte) 0x30;
break;
case 0x34: // '4'
byteValue = (byte) 0x40;
break;
case 0x35: // '5'
byteValue = (byte) 0x50;
break;
case 0x36: // '6'
byteValue = (byte) 0x60;
break;
case 0x37: // '7'
byteValue = (byte) 0x70;
break;
case 0x38: // '8'
byteValue = (byte) 0x80;
break;
case 0x39: // '9'
byteValue = (byte) 0x90;
break;
case 0x41: // 'A'
case 0x61: // 'a'
byteValue = (byte) 0xA0;
break;
case 0x42: // 'B'
case 0x62: // 'b'
byteValue = (byte) 0xB0;
break;
case 0x43: // 'C'
case 0x63: // 'c'
byteValue = (byte) 0xC0;
break;
case 0x44: // 'D'
case 0x64: // 'd'
byteValue = (byte) 0xD0;
break;
case 0x45: // 'E'
case 0x65: // 'e'
byteValue = (byte) 0xE0;
break;
case 0x46: // 'F'
case 0x66: // 'f'
byteValue = (byte) 0xF0;
break;
default:
}
switch (valueBytes[++i])
{
case 0x30: // '0'
break;
case 0x31: // '1'
byteValue |= (byte) 0x01;
break;
case 0x32: // '2'
byteValue |= (byte) 0x02;
break;
case 0x33: // '3'
byteValue |= (byte) 0x03;
break;
case 0x34: // '4'
byteValue |= (byte) 0x04;
break;
case 0x35: // '5'
byteValue |= (byte) 0x05;
break;
case 0x36: // '6'
byteValue |= (byte) 0x06;
break;
case 0x37: // '7'
byteValue |= (byte) 0x07;
break;
case 0x38: // '8'
byteValue |= (byte) 0x08;
break;
case 0x39: // '9'
byteValue |= (byte) 0x09;
break;
case 0x41: // 'A'
case 0x61: // 'a'
byteValue |= (byte) 0x0A;
break;
case 0x42: // 'B'
case 0x62: // 'b'
byteValue |= (byte) 0x0B;
break;
case 0x43: // 'C'
case 0x63: // 'c'
byteValue |= (byte) 0x0C;
break;
case 0x44: // 'D'
case 0x64: // 'd'
byteValue |= (byte) 0x0D;
break;
case 0x45: // 'E'
case 0x65: // 'e'
byteValue |= (byte) 0x0E;
break;
case 0x46: // 'F'
case 0x66: // 'f'
byteValue |= (byte) 0x0F;
break;
default:
}
}
else
{
}
}
}
else
{
}
}
// Finally, see if there is anything after the last asterisk, which would be
// the subFinal value.
{
}
else
{
if (hasEscape)
{
{
if (valueBytes[i] == 0x5C)
{
// The next two bytes must be the hex characters that comprise the
// binary value.
{
}
byte byteValue = 0;
switch (valueBytes[++i])
{
case 0x30: // '0'
break;
case 0x31: // '1'
byteValue = (byte) 0x10;
break;
case 0x32: // '2'
byteValue = (byte) 0x20;
break;
case 0x33: // '3'
byteValue = (byte) 0x30;
break;
case 0x34: // '4'
byteValue = (byte) 0x40;
break;
case 0x35: // '5'
byteValue = (byte) 0x50;
break;
case 0x36: // '6'
byteValue = (byte) 0x60;
break;
case 0x37: // '7'
byteValue = (byte) 0x70;
break;
case 0x38: // '8'
byteValue = (byte) 0x80;
break;
case 0x39: // '9'
byteValue = (byte) 0x90;
break;
case 0x41: // 'A'
case 0x61: // 'a'
byteValue = (byte) 0xA0;
break;
case 0x42: // 'B'
case 0x62: // 'b'
byteValue = (byte) 0xB0;
break;
case 0x43: // 'C'
case 0x63: // 'c'
byteValue = (byte) 0xC0;
break;
case 0x44: // 'D'
case 0x64: // 'd'
byteValue = (byte) 0xD0;
break;
case 0x45: // 'E'
case 0x65: // 'e'
byteValue = (byte) 0xE0;
break;
case 0x46: // 'F'
case 0x66: // 'f'
byteValue = (byte) 0xF0;
break;
default:
}
switch (valueBytes[++i])
{
case 0x30: // '0'
break;
case 0x31: // '1'
byteValue |= (byte) 0x01;
break;
case 0x32: // '2'
byteValue |= (byte) 0x02;
break;
case 0x33: // '3'
byteValue |= (byte) 0x03;
break;
case 0x34: // '4'
byteValue |= (byte) 0x04;
break;
case 0x35: // '5'
byteValue |= (byte) 0x05;
break;
case 0x36: // '6'
byteValue |= (byte) 0x06;
break;
case 0x37: // '7'
byteValue |= (byte) 0x07;
break;
case 0x38: // '8'
byteValue |= (byte) 0x08;
break;
case 0x39: // '9'
byteValue |= (byte) 0x09;
break;
case 0x41: // 'A'
case 0x61: // 'a'
byteValue |= (byte) 0x0A;
break;
case 0x42: // 'B'
case 0x62: // 'b'
byteValue |= (byte) 0x0B;
break;
case 0x43: // 'C'
case 0x63: // 'c'
byteValue |= (byte) 0x0C;
break;
case 0x44: // 'D'
case 0x64: // 'd'
byteValue |= (byte) 0x0D;
break;
case 0x45: // 'E'
case 0x65: // 'e'
byteValue |= (byte) 0x0E;
break;
case 0x46: // 'F'
case 0x66: // 'f'
byteValue |= (byte) 0x0F;
break;
default:
}
}
else
{
}
}
}
else
{
}
}
}
/**
* Decodes an extensible match filter component based on the provided
* information.
*
* @param filterString The filter string containing the information to
* decode.
* @param startPos The position in the filter string of the first
* character in the extensible match filter.
* @param equalPos The position of the equal sign in the extensible
* match filter.
* @param endPos The position of the first character after the end of
* the extensible match filter.
*
* @return The decoded LDAP filter.
*
* @throws LDAPException If a problem occurs while attempting to decode the
* extensible match filter.
*/
int startPos,
int equalPos,
int endPos)
throws LDAPException
{
boolean dnAttributes = false;
// Look at the first character. If it is a colon, then it must be followed
// by either the string "dn" or the matching rule ID. If it is not, then
// must be the attribute type.
{
// See if it starts with ":dn". Otherwise, it much be the matching rule
// ID.
{
dnAttributes = true;
{
}
}
else
{
}
}
else
{
if (colonPos < 0)
{
}
// by the matching rule ID.
{
{
dnAttributes = true;
{
}
}
else
{
}
}
}
// Parse out the attribute value.
boolean hasEscape = false;
for (byte valueByte : valueBytes)
{
if (valueByte == 0x5C)
{
hasEscape = true;
break;
}
}
if (hasEscape)
{
{
{
// The next two bytes must be the hex characters that comprise the
// binary value.
{
}
byte byteValue = 0;
switch (valueBytes[++i])
{
case 0x30: // '0'
break;
case 0x31: // '1'
byteValue = (byte) 0x10;
break;
case 0x32: // '2'
byteValue = (byte) 0x20;
break;
case 0x33: // '3'
byteValue = (byte) 0x30;
break;
case 0x34: // '4'
byteValue = (byte) 0x40;
break;
case 0x35: // '5'
byteValue = (byte) 0x50;
break;
case 0x36: // '6'
byteValue = (byte) 0x60;
break;
case 0x37: // '7'
byteValue = (byte) 0x70;
break;
case 0x38: // '8'
byteValue = (byte) 0x80;
break;
case 0x39: // '9'
byteValue = (byte) 0x90;
break;
case 0x41: // 'A'
case 0x61: // 'a'
byteValue = (byte) 0xA0;
break;
case 0x42: // 'B'
case 0x62: // 'b'
byteValue = (byte) 0xB0;
break;
case 0x43: // 'C'
case 0x63: // 'c'
byteValue = (byte) 0xC0;
break;
case 0x44: // 'D'
case 0x64: // 'd'
byteValue = (byte) 0xD0;
break;
case 0x45: // 'E'
case 0x65: // 'e'
byteValue = (byte) 0xE0;
break;
case 0x46: // 'F'
case 0x66: // 'f'
byteValue = (byte) 0xF0;
break;
default:
}
switch (valueBytes[++i])
{
case 0x30: // '0'
break;
case 0x31: // '1'
byteValue |= (byte) 0x01;
break;
case 0x32: // '2'
byteValue |= (byte) 0x02;
break;
case 0x33: // '3'
byteValue |= (byte) 0x03;
break;
case 0x34: // '4'
byteValue |= (byte) 0x04;
break;
case 0x35: // '5'
byteValue |= (byte) 0x05;
break;
case 0x36: // '6'
byteValue |= (byte) 0x06;
break;
case 0x37: // '7'
byteValue |= (byte) 0x07;
break;
case 0x38: // '8'
byteValue |= (byte) 0x08;
break;
case 0x39: // '9'
byteValue |= (byte) 0x09;
break;
case 0x41: // 'A'
case 0x61: // 'a'
byteValue |= (byte) 0x0A;
break;
case 0x42: // 'B'
case 0x62: // 'b'
byteValue |= (byte) 0x0B;
break;
case 0x43: // 'C'
case 0x63: // 'c'
byteValue |= (byte) 0x0C;
break;
case 0x44: // 'D'
case 0x64: // 'd'
byteValue |= (byte) 0x0D;
break;
case 0x45: // 'E'
case 0x65: // 'e'
byteValue |= (byte) 0x0E;
break;
case 0x46: // 'F'
case 0x66: // 'f'
byteValue |= (byte) 0x0F;
break;
default:
}
}
else
{
}
}
}
else
{
}
// Make sure that the filter has at least one of an attribute description
{
}
}
/**
* Retrieves the filter type for this search filter.
*
* @return The filter type for this search filter.
*/
{
return filterType;
}
/**
* Retrieves the set of subordinate filter components for AND or OR searches.
* The contents of the returned list may be altered by the caller.
*
* @return The set of subordinate filter components for AND and OR searches,
* or <CODE>null</CODE> if this is not an AND or OR search.
*/
{
return filterComponents;
}
/**
* Retrieves the subordinate filter component for NOT searches.
*
* @return The subordinate filter component for NOT searches, or
* <CODE>null</CODE> if this is not a NOT search.
*/
{
return notComponent;
}
/**
* Retrieves the attribute type for this search filter. This will not be
* applicable for AND, OR, or NOT filters.
*
* @return The attribute type for this search filter, or <CODE>null</CODE> if
* there is none.
*/
{
return attributeType;
}
/**
* Retrieves the assertion value for this search filter. This will only be
* applicable for equality, greater or equal, less or equal, approximate, or
* extensible matching filters.
*
* @return The assertion value for this search filter, or <CODE>null</CODE>
* if there is none.
*/
{
return assertionValue;
}
/**
* Retrieves the subInitial component for this substring filter. This is only
* applicable for substring search filters, but even substring filters might
* not have a value for this component.
*
* @return The subInitial component for this substring filter, or
* <CODE>null</CODE> if there is none.
*/
{
return subInitialElement;
}
/**
* Specifies the subInitial element for this substring filter. This will be
* ignored for all other types of filters.
*
* @param subInitialElement The subInitial element for this substring
* filter.
*/
{
this.subInitialElement = subInitialElement;
}
/**
* Retrieves the set of subAny elements for this substring filter. This is
* only applicable for substring search filters, and even then may be null or
* empty for some substring filters.
*
* @return The set of subAny elements for this substring filter, or
* <CODE>null</CODE> if there are none.
*/
{
return subAnyElements;
}
/**
* Retrieves the subFinal element for this substring filter. This is not
* applicable for any other filter type, and may not be provided even for some
* substring filters.
*
* @return The subFinal element for this substring filter, or
* <CODE>null</CODE> if there is none.
*/
{
return subFinalElement;
}
/**
* Retrieves the matching rule ID for this extensible match filter. This is
* not applicable for any other type of filter and may not be included in
* some extensible matching filters.
*
* @return The matching rule ID for this extensible match filter, or
* <CODE>null</CODE> if there is none.
*/
{
return matchingRuleID;
}
/**
* Retrieves the value of the DN attributes flag for this extensible match
* filter, which indicates whether to perform matching on the components of
* the DN. This does not apply for any other type of filter.
*
* @return The value of the DN attributes flag for this extensibleMatch
* filter.
*/
public boolean getDNAttributes()
{
return dnAttributes;
}
/**
* Converts this LDAP filter to a search filter that may be used by the
* Directory Server's core processing.
*
* @return The generated search filter.
*
* @throws DirectoryException If a problem occurs while attempting to
* construct the search filter.
*/
throws DirectoryException
{
if (filterComponents == null)
{
}
else
{
for (RawFilter f : filterComponents)
{
}
}
if (notComponent == null)
{
}
else
{
}
if (attributeType == null)
{
}
else
{
if (semicolonPos > 0)
{
while (tokenizer.hasMoreTokens())
{
}
}
else
{
}
}
{
if (matchingRuleID == null)
{
}
{
}
}
}
/**
* Appends a string representation of this search filter to the provided
* buffer.
*
* @param buffer The buffer to which the information should be appended.
*/
{
switch (filterType)
{
case AND:
for (RawFilter f : filterComponents)
{
}
break;
case OR:
for (RawFilter f : filterComponents)
{
}
break;
case NOT:
break;
case EQUALITY:
break;
case SUBSTRING:
if (subInitialElement != null)
{
}
{
for (ByteString s : subAnyElements)
{
}
}
if (subFinalElement != null)
{
}
break;
case GREATER_OR_EQUAL:
break;
case LESS_OR_EQUAL:
break;
case PRESENT:
break;
case APPROXIMATE_MATCH:
break;
case EXTENSIBLE_MATCH:
if (attributeType != null)
{
}
if (dnAttributes)
{
}
if (matchingRuleID != null)
{
}
break;
}
}
/**
* Returns the {@code objectClass} presence filter {@code (objectClass=*)}.
*
* @return The {@code objectClass} presence filter {@code (objectClass=*)}.
*/
{
if (objectClassPresent == null)
{
try
{
}
catch (LDAPException canNeverHappen)
{
}
}
return objectClassPresent;
}
}