LocalBackendModifyDNOperation.java revision a395dd575518d9e5280fc5d5d5ef47c61b174647
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at
* trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
* add the following below this CDDL HEADER, with the fields enclosed
* by brackets "[]" replaced with your own identifying information:
* Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*
* Copyright 2008 Sun Microsystems, Inc.
*/
/**
* This class defines an operation used to move an entry in a local backend
* of the Directory Server.
*/
public class LocalBackendModifyDNOperation
extends ModifyDNOperationWrapper
implements PreOperationModifyDNOperation,
{
/**
* The tracer object for the debug logger.
*/
// The backend in which the operation is to be processed.
// Indicates whether the no-op control was included in the request.
private boolean noOp;
// Indicates whether to skip post-operation plugin processing.
private boolean skipPostOperation;
// The client connection on which this operation was requested.
private ClientConnection clientConnection;
// The original DN of the entry.
// The current entry, before it is renamed.
private Entry currentEntry;
// The new entry, as it will appear after it has been renamed.
// The LDAP post-read request control, if present in the request.
// The LDAP pre-read request control, if present in the request.
private LDAPPreReadRequestControl preReadRequest;
// The new RDN for the entry.
/**
* Creates a new operation that may be used to move an entry in a
* local backend of the Directory Server.
*
* @param operation The operation to enhance.
*/
{
super(operation);
}
/**
* Retrieves the current entry, before it is renamed. This will not be
* available to pre-parse plugins or during the conflict resolution portion of
* the synchronization processing.
*
* @return The current entry, or <CODE>null</CODE> if it is not yet
* available.
*/
public final Entry getOriginalEntry()
{
return currentEntry;
}
/**
* Retrieves the new entry, as it will appear after it is renamed. This will
* not be available to pre-parse plugins or during the conflict resolution
* portion of the synchronization processing.
*
* @return The updated entry, or <CODE>null</CODE> if it is not yet
* available.
*/
public final Entry getUpdatedEntry()
{
return newEntry;
}
/**
* Process this modify DN operation in a local backend.
*
* @param backend The backend in which the modify DN operation should be
* processed.
*/
{
// Get the plugin config manager that will be used for invoking plugins.
skipPostOperation = false;
// Check for a request to cancel this operation.
if (cancelIfRequested())
{
return;
}
// Create a labeled block of code that we can break out of if a problem is
// detected.
{
// Process the entry DN, newRDN, and newSuperior elements from their raw
// forms as provided by the client to the forms required for the rest of
// the modify DN processing.
entryDN = getEntryDN();
{
skipPostOperation = true;
break modifyDNProcessing;
}
if ((newSuperior == null) &&
(getRawNewSuperior() != null))
{
skipPostOperation = true;
break modifyDNProcessing;
}
// Construct the new DN to use for the entry.
if (newSuperior == null)
{
}
else
{
}
{
break modifyDNProcessing;
}
// Get the backend for the current entry, and the backend for the new
// entry. If either is null, or if they are different, then fail.
if (currentBackend == null)
{
break modifyDNProcessing;
}
if (newBackend == null)
{
break modifyDNProcessing;
}
{
break modifyDNProcessing;
}
// Check for a request to cancel this operation.
if (cancelIfRequested())
{
return;
}
// Acquire write locks for the current and new DN.
for (int i=0; i < 3; i++)
{
if (currentLock != null)
{
break;
}
}
if (currentLock == null)
{
skipPostOperation = true;
break modifyDNProcessing;
}
try
{
for (int i=0; i < 3; i++)
{
{
break;
}
}
}
catch (Exception e)
{
if (debugEnabled())
{
}
{
}
getExceptionMessage(e)));
skipPostOperation = true;
break modifyDNProcessing;
}
{
skipPostOperation = true;
break modifyDNProcessing;
}
try
{
// Check for a request to cancel this operation.
if (cancelIfRequested())
{
return;
}
// Get the current entry from the appropriate backend. If it doesn't
// exist, then fail.
try
{
}
catch (DirectoryException de)
{
if (debugEnabled())
{
}
break modifyDNProcessing;
}
if (getOriginalEntry() == null)
{
// See if one of the entry's ancestors exists.
{
try
{
{
break;
}
}
catch (Exception e)
{
if (debugEnabled())
{
}
break;
}
}
break modifyDNProcessing;
}
// Invoke any conflict resolution processing that might be needed by the
// synchronization provider.
for (SynchronizationProvider provider :
{
try
{
provider.handleConflictResolution(this);
if (! result.continueOperationProcessing())
{
break modifyDNProcessing;
}
}
catch (DirectoryException de)
{
if (debugEnabled())
{
}
break modifyDNProcessing;
}
}
// Check to see if there are any controls in the request. If so, then
// see if there is any special processing required.
try
{
}
catch (DirectoryException de)
{
if (debugEnabled())
{
}
break modifyDNProcessing;
}
// Check to see if the client has permission to perform the
// modify DN.
// FIXME: for now assume that this will check all permission
// pertinent to the operation. This includes proxy authorization
// and any other controls specified.
// FIXME: earlier checks to see if the entry or new superior
// already exists may have already exposed sensitive information
// to the client.
if (! AccessControlConfigManager.getInstance().
getAccessControlHandler().isAllowed(this))
{
skipPostOperation = true;
break modifyDNProcessing;
}
// Duplicate the entry and set its new DN. Also, create an empty list
// to hold the attribute-level modifications.
// init the modifications
// Apply any changes to the entry based on the change in its RDN. Also,
// perform schema checking on the updated entry.
try
{
}
catch (DirectoryException de)
{
if (debugEnabled())
{
}
break modifyDNProcessing;
}
// Check for a request to cancel this operation.
if (cancelIfRequested())
{
return;
}
// Get a count of the current number of modifications. The
// pre-operation plugins may alter this list, and we need to be able to
// identify which changes were made after they're done.
// If the operation is not a synchronization operation,
// Invoke the pre-operation modify DN plugins.
if (! isSynchronizationOperation())
{
if (preOpResult.connectionTerminated())
{
// There's no point in continuing with anything. Log the request
// and result and return.
return;
}
else if (preOpResult.sendResponseImmediately())
{
skipPostOperation = true;
break modifyDNProcessing;
}
else if (preOpResult.skipCoreProcessing())
{
skipPostOperation = false;
break modifyDNProcessing;
}
}
// Check to see if any of the pre-operation plugins made any changes to
// the entry. If so, then apply them.
{
try
{
}
catch (DirectoryException de)
{
if (debugEnabled())
{
}
break modifyDNProcessing;
}
}
// Check for a request to cancel this operation.
if (cancelIfRequested())
{
return;
}
// Actually perform the modify DN operation.
// This should include taking
// care of any synchronization that might be needed.
try
{
// If it is not a private backend, then check to see if the server or
// backend is operating in read-only mode.
if (! currentBackend.isPrivateBackend())
{
switch (DirectoryServer.getWritabilityMode())
{
case DISABLED:
break modifyDNProcessing;
case INTERNAL_ONLY:
if (! (isInternalOperation() || isSynchronizationOperation()))
{
break modifyDNProcessing;
}
}
switch (currentBackend.getWritabilityMode())
{
case DISABLED:
break modifyDNProcessing;
case INTERNAL_ONLY:
if (! (isInternalOperation() || isSynchronizationOperation()))
{
break modifyDNProcessing;
}
}
}
if (noOp)
{
}
else
{
for (SynchronizationProvider provider :
{
try
{
provider.doPreOperation(this);
if (! result.continueOperationProcessing())
{
break modifyDNProcessing;
}
}
catch (DirectoryException de)
{
if (debugEnabled())
{
}
break modifyDNProcessing;
}
}
}
// appropriate.
if (! noOp)
{
}
}
catch (DirectoryException de)
{
if (debugEnabled())
{
}
break modifyDNProcessing;
}
catch (CancelledOperationException coe)
{
if (debugEnabled())
{
}
{
}
break modifyDNProcessing;
}
}
finally
{
for (SynchronizationProvider provider :
{
try
{
provider.doPostOperation(this);
}
catch (DirectoryException de)
{
if (debugEnabled())
{
}
break;
}
}
}
}
// Indicate that it is now too late to attempt to cancel the operation.
// Invoke the post-operation or post-synchronization modify DN plugins.
if (isSynchronizationOperation())
{
{
}
}
else if (! skipPostOperation)
{
{
return;
}
}
// Notify any change notification listeners that might be registered with
// the server.
{
{
try
{
}
catch (Exception e)
{
if (debugEnabled())
{
}
getExceptionMessage(e));
}
}
}
}
/**
* Checks to determine whether there has been a request to cancel this
* operation. If so, then set the cancel result and processing stop time.
*
* @return {@code true} if there was a cancel request, or {@code false} if
* not.
*/
private boolean cancelIfRequested()
{
if (getCancelRequest() == null)
{
return false;
}
return true;
}
/**
* Processes the set of controls included in the request.
*
* @throws DirectoryException If a problem occurs that should cause the
* modify DN operation to fail.
*/
private void handleRequestControls()
throws DirectoryException
{
{
{
if (! AccessControlConfigManager.getInstance().
{
skipPostOperation = true;
}
{
if (c instanceof LDAPAssertionRequestControl)
{
}
else
{
try
{
}
catch (LDAPException le)
{
if (debugEnabled())
{
}
throw new DirectoryException(
le.getMessageObject());
}
}
try
{
// FIXME -- We need to determine whether the current user has
// permission to make this determination.
{
}
}
catch (DirectoryException de)
{
{
throw de;
}
if (debugEnabled())
{
}
de.getMessageObject()));
}
}
{
noOp = true;
}
{
if (c instanceof LDAPPreReadRequestControl)
{
}
else
{
try
{
}
catch (LDAPException le)
{
if (debugEnabled())
{
}
throw new DirectoryException(
le.getMessageObject());
}
}
}
{
if (c instanceof LDAPPostReadRequestControl)
{
}
else
{
try
{
}
catch (LDAPException le)
{
if (debugEnabled())
{
}
throw new DirectoryException(
le.getMessageObject());
}
}
}
{
// The requester must have the PROXIED_AUTH privilige in order to
// be able to use this control.
{
}
if (c instanceof ProxiedAuthV1Control)
{
proxyControl = (ProxiedAuthV1Control) c;
}
else
{
try
{
}
catch (LDAPException le)
{
if (debugEnabled())
{
}
throw new DirectoryException(
le.getMessageObject());
}
}
if (authorizationEntry == null)
{
}
else
{
}
}
{
// The requester must have the PROXIED_AUTH privilige in order to
// be able to use this control.
{
}
if (c instanceof ProxiedAuthV2Control)
{
proxyControl = (ProxiedAuthV2Control) c;
}
else
{
try
{
}
catch (LDAPException le)
{
if (debugEnabled())
{
}
throw new DirectoryException(
le.getMessageObject());
}
}
if (authorizationEntry == null)
{
}
else
{
}
}
// NYI -- Add support for additional controls.
else if (c.isCritical())
{
{
throw new DirectoryException(
}
}
}
}
}
/**
* Updates the entry so that its attributes are changed to reflect the changes
* to the RDN. This also performs schema checking on the updated entry.
*
* @param modifications A list to hold the modifications made to the entry.
*
* @throws DirectoryException If a problem occurs that should cause the
* modify DN operation to fail.
*/
throws DirectoryException
{
// If we should delete the old RDN values from the entry, then do so.
if (deleteOldRDN())
{
for (int i=0; i < numValues; i++)
{
// If the associated attribute type is marked NO-USER-MODIFICATION, then
// refuse the update.
if (a.getAttributeType().isNoUserModification())
{
if (! (isInternalOperation() || isSynchronizationOperation()))
{
}
}
new LinkedList<AttributeValue>();
if (missingValues.isEmpty())
{
}
}
}
// Add the new RDN values to the entry.
for (int i=0; i < newRDNValues; i++)
{
new LinkedList<AttributeValue>();
if (duplicateValues.isEmpty())
{
// If the associated attribute type is marked NO-USER-MODIFICATION, then
// refuse the update.
if (a.getAttributeType().isNoUserModification())
{
if (! (isInternalOperation() || isSynchronizationOperation()))
{
}
}
else
{
}
}
}
// If the server is configured to check the schema and the operation is not
// a synchronization operation, make sure that the resulting entry is valid
// as per the server schema.
{
{
}
for (int i=0; i < newRDNValues; i++)
{
if (at.isObsolete())
{
at.getNameOrOID()));
}
}
}
}
/**
* Applies any modifications performed during pre-operation plugin processing.
* This also performs schema checking for the updated entry.
*
* @param modifications A list containing the modifications made to the
* entry.
* @param startPos The position in the list at which the pre-operation
* modifications start.
*
* @throws DirectoryException If a problem occurs that should cause the
* modify DN operation to fail.
*/
int startPos)
throws DirectoryException
{
{
Attribute a = m.getAttribute();
switch (m.getModificationType())
{
case ADD:
new LinkedList<AttributeValue>();
break;
case DELETE:
new LinkedList<AttributeValue>();
break;
case REPLACE:
break;
case INCREMENT:
a.getOptions());
{
a.getName()));
}
{
}
{
a.getName()));
}
{
}
long currentLongValue;
try
{
}
catch (Exception e)
{
if (debugEnabled())
{
}
}
{
}
{
}
long incrementAmount;
try
{
}
catch (Exception e)
{
if (debugEnabled())
{
}
}
newValueOS));
break;
}
}
// Make sure that the updated entry still conforms to the server
// schema.
if (DirectoryServer.checkSchema())
{
{
}
}
}
/**
* response controls and attach them to the response.
*/
private void processReadEntryControls()
{
if (preReadRequest != null)
{
if (! preReadRequest.allowsAttribute(
{
}
if (! preReadRequest.returnAllUserAttributes())
{
{
{
}
}
}
{
{
{
}
}
}
// FIXME -- Check access controls on the entry to see if it should
// be returned or if any attributes need to be stripped
// out..
}
if (postReadRequest != null)
{
if (! postReadRequest.allowsAttribute(
{
}
if (! postReadRequest.returnAllUserAttributes())
{
{
{
}
}
}
{
{
{
}
}
}
// FIXME -- Check access controls on the entry to see if it should
// be returned or if any attributes need to be stripped
// out..
}
}
}