VirtualAttributeRule.java revision e8cead474d5ce2b933d931f0c4743a78e68d9cfc
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at legal-notices/CDDLv1_0.txt.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information:
* Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*
* Copyright 2008 Sun Microsystems, Inc.
* Portions Copyright 2011-2015 ForgeRock AS
*/
/**
* This class defines a virtual attribute rule, which associates a
* virtual attribute provider with its associated configuration,
* including the attribute type for which the values should be
* generated; the base DN(s), group DN(s), and search filter(s) that
* should be used to identify which entries should have the virtual
* attribute, and how conflicts between real and virtual values should
* be handled.
*/
mayInstantiate=false,
mayExtend=false,
mayInvoke=true)
public final class VirtualAttributeRule
{
/** The attribute type for which the values should be generated. */
private final AttributeType attributeType;
/** The set of base DNs for branches that are eligible to have this virtual attribute. */
/** The scope of entries eligible to have this virtual attribute, under the base DNs. */
private final SearchScope scope;
/** The set of DNs for groups whose members are eligible to have this virtual attribute. */
/** The set of search filters for entries that are eligible to have this virtual attribute. */
/** The virtual attribute provider used to generate the values. */
/**
* The behavior that should be exhibited for entries that already have real
* values for the target attribute.
*/
/**
* Creates a new virtual attribute rule with the provided information.
*
* @param attributeType The attribute type for which the values
* should be generated.
* @param provider The virtual attribute provider to use
* to generate the values.
* @param baseDNs The set of base DNs for branches that
* are eligible to have this virtual attribute.
* @param scope The scope of entries, related to the
* base DNs, that are eligible to have
* this virtual attribute.
* @param groupDNs The set of DNs for groups whose members
* are eligible to have this virtual attribute.
* @param filters The set of search filters for entries
* that are eligible to have this virtual attribute.
* @param conflictBehavior The behavior that the server should
* exhibit for entries that already have
* one or more real values for the target
* attribute.
*/
VirtualAttributeProvider<? extends VirtualAttributeCfg>
{
this.attributeType = attributeType;
this.conflictBehavior = conflictBehavior;
}
/**
* Retrieves the attribute type for which the values should be generated.
*
* @return The attribute type for which the values should be generated.
*/
public AttributeType getAttributeType()
{
return attributeType;
}
/**
* Retrieves the virtual attribute provider used to generate the values.
*
* @return The virtual attribute provider to use to generate the values.
*/
public VirtualAttributeProvider<? extends VirtualAttributeCfg>
{
return provider;
}
/**
* Retrieves the set of base DNs for branches that are eligible to
* have this virtual attribute.
*
* @return The set of base DNs for branches that are eligible to
* have this virtual attribute.
*/
{
return baseDNs;
}
/**
* Retrieves the scope of entries in the base DNs that are eligible
* to have this virtual attribute.
*
* @return The scope of entries that are eligible to
* have this virtual attribute.
*/
public SearchScope getScope()
{
return scope;
}
/**
* Retrieves the set of DNs for groups whose members are eligible to
* have this virtual attribute.
*
* @return The set of DNs for groups whose members are eligible to
* have this virtual attribute.
*/
{
return groupDNs;
}
/**
* Retrieves the set of search filters for entries that are eligible
* to have this virtual attribute.
*
* @return The set of search filters for entries that are eligible
* to have this virtual attribute.
*/
{
return filters;
}
/**
* Retrieves the behavior that the server should exhibit for entries
* that already have one or more real values for the target attribute.
*
* @return The behavior that the server should exhibit for entries
* that already have one or more real values for the target
* attribute.
*/
{
return conflictBehavior;
}
/**
* Indicates whether this virtual attribute rule applies to the
* provided entry, taking into account the eligibility requirements
* defined in the rule.
*
* @param entry The entry for which to make the determination.
*
* @return {@code true} if this virtual attribute rule may be used
* to generate values for the entry, or {@code false} if not.
*/
{
// We'll do this in order of expense so that the checks which are
// potentially most expensive are done last. First, check to see
// if real values should override virtual ones and if so whether
// the entry already has virtual values.
{
return false;
}
// If there are any base DNs defined, then the entry must be below one of them.
{
return false;
}
// If there are any search filters defined, then the entry must match one of them.
{
return false;
}
// If there are any group memberships defined, then the entry must
// be a member of one of them.
{
return false;
}
// If we've gotten here, then the rule is applicable.
return true;
}
{
{
{
return true;
}
}
return false;
}
{
{
try
{
{
return true;
}
}
catch (Exception e)
{
logger.traceException(e);
}
}
return false;
}
{
{
try
{
{
return true;
}
}
catch (Exception e)
{
logger.traceException(e);
}
}
return false;
}
{
}
/**
* Appends a string representation of this virtual attribute rule to
* the provided buffer.
*
* @param buffer The buffer to which the information should be written.
*/
{
}
{
{
}
}
}