org.apache.directory.api.ldap.model.filter.EqualityNode Java Examples
The following examples show how to use
org.apache.directory.api.ldap.model.filter.EqualityNode.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: ApiLdapModelOsgiTest.java From directory-ldap-api with Apache License 2.0 | 6 votes |
|
@Override
protected void useBundleClasses() throws Exception
{
new Dn( "dc=example,dc=com" ); // uses FastDnParser
new Dn( "cn=a+sn=b,dc=example,dc=com" ); // uses ComplexDnparser (antlr based)
new Value( "foo" );
new DefaultAttribute( "cn" );
new DefaultEntry();
AttributeUtils.toJndiAttribute( new DefaultAttribute( "cn" ) );
new BindRequestImpl();
new EqualityNode<String>( "cn", "foo" );
new LdapUrl( "ldap://ldap.example.com:10389/dc=example,dc=com?objectclass" );
new ObjectClassDescriptionSchemaParser()
.parse( "( 2.5.6.0 NAME 'top' DESC 'top of the superclass chain' ABSTRACT MUST objectClass )" );
SchemaObject schemaObject = new LdapSyntax( "1.2.3" );
new Registries().getGlobalOidRegistry().register( schemaObject );
new Registries().getLoadedSchemas();
}
Example #2
| Source File: SearchRequestTest.java From directory-ldap-api with Apache License 2.0 | 5 votes |
|
/**
* Test parsing of a request with an Equality Filter
*/
@Test
public void testRequestWithEqualityMatchFilter()
{
Dsmlv2Parser parser = null;
try
{
parser = newParser();
parser.setInput( SearchRequestTest.class.getResource( "filters/request_with_equalityMatch.xml" )
.openStream(), "UTF-8" );
parser.parse();
}
catch ( Exception e )
{
fail( e.getMessage() );
}
SearchRequest searchRequest = ( SearchRequest ) parser.getBatchRequest().getCurrentRequest();
ExprNode filter = searchRequest.getFilter();
assertTrue( filter instanceof EqualityNode );
EqualityNode<?> equalityFilter = ( EqualityNode<?> ) filter;
assertEquals( "sn", equalityFilter.getAttribute() );
assertEquals( "foobar", equalityFilter.getValue().getString() );
}
Example #3
| Source File: SearchRequestTest.java From directory-ldap-api with Apache License 2.0 | 5 votes |
|
/**
* Test parsing of a request with an Equality Filter with base64 value
*/
@Test
public void testRequestWithEqualityMatchFilterBase64Value()
{
Dsmlv2Parser parser = null;
try
{
parser = newParser();
parser.setInput( SearchRequestTest.class
.getResource( "filters/request_with_equalityMatch_base64_value.xml" ).openStream(), "UTF-8" );
parser.parse();
}
catch ( Exception e )
{
fail( e.getMessage() );
}
SearchRequest searchRequest = ( SearchRequest ) parser.getBatchRequest().getCurrentRequest();
ExprNode filter = searchRequest.getFilter();
assertTrue( filter instanceof EqualityNode );
EqualityNode<?> equalityFilter = ( EqualityNode<?> ) filter;
assertEquals( "sn", equalityFilter.getAttribute() );
assertEquals( "DSMLv2.0 rocks!!", equalityFilter.getValue().getString() );
}
Example #4
| Source File: SearchRequestTest.java From directory-ldap-api with Apache License 2.0 | 5 votes |
|
/**
* Test parsing of a request with an Equality Filter with an empty value
*/
@Test
public void testRequestWithEqualityMatchFilterWithEmptyValue()
{
Dsmlv2Parser parser = null;
try
{
parser = newParser();
parser.setInput( SearchRequestTest.class.getResource(
"filters/request_with_equalityMatch_with_empty_value.xml" ).openStream(), "UTF-8" );
parser.parse();
}
catch ( Exception e )
{
fail( e.getMessage() );
}
SearchRequest searchRequest = ( SearchRequest ) parser.getBatchRequest().getCurrentRequest();
ExprNode filter = searchRequest.getFilter();
assertTrue( filter instanceof EqualityNode );
EqualityNode<?> equalityFilter = ( EqualityNode<?> ) filter;
assertEquals( "sn", equalityFilter.getAttribute() );
assertEquals( "", equalityFilter.getValue().getString() );
}
Example #5
| Source File: SearchRequestHandler.java From MyVirtualDirectory with Apache License 2.0 | 5 votes |
|
/**
* Constructs a new filter EqualityNode asserting that a candidate
* objectClass is a referral.
*
* @param session the {@link LdapSession} to construct the node for
* @return the {@link org.apache.directory.api.ldap.model.filter.EqualityNode} (objectClass=referral) non-normalized
* @throws Exception in the highly unlikely event of schema related failures
*/
private EqualityNode<String> newIsReferralEqualityNode( LdapSession session ) throws Exception
{
if ( OBJECT_CLASS_AT == null )
{
OBJECT_CLASS_AT = session.getCoreSession().getDirectoryService().getSchemaManager().getAttributeType(
SchemaConstants.OBJECT_CLASS_AT );
}
EqualityNode<String> ocIsReferral = new EqualityNode<String>( OBJECT_CLASS_AT,
new org.apache.directory.api.ldap.model.entry.StringValue( OBJECT_CLASS_AT, SchemaConstants.REFERRAL_OC ) );
return ocIsReferral;
}
Example #6
| Source File: SearchRequestHandler.java From MyVirtualDirectory with Apache License 2.0 | 5 votes |
|
/**
* Constructs a new filter EqualityNode asserting that a candidate
* objectClass is a referral.
*
* @param session the {@link LdapSession} to construct the node for
* @return the {@link org.apache.directory.api.ldap.model.filter.EqualityNode} (objectClass=referral) non-normalized
* @throws Exception in the highly unlikely event of schema related failures
*/
private EqualityNode<String> newIsReferralEqualityNode( LdapSession session ) throws Exception
{
if ( OBJECT_CLASS_AT == null )
{
OBJECT_CLASS_AT = session.getCoreSession().getDirectoryService().getSchemaManager().getAttributeType(
SchemaConstants.OBJECT_CLASS_AT );
}
EqualityNode<String> ocIsReferral = new EqualityNode<String>( OBJECT_CLASS_AT,
new org.apache.directory.api.ldap.model.entry.StringValue( OBJECT_CLASS_AT, SchemaConstants.REFERRAL_OC ) );
return ocIsReferral;
}
Example #7
| Source File: ObjectQueryService.java From guacamole-client with Apache License 2.0 | 5 votes |
|
/**
* Generates a properly-escaped LDAP query which finds all objects which
* match the given LDAP filter and which have at least one of the given
* attributes set to the specified value.
*
* @param filter
* The LDAP filter to apply to reduce the results of the query in
* addition to testing the values of the given attributes.
*
* @param attributes
* A collection of all attributes to test for equivalence to the given
* value, in order of decreasing priority.
*
* @param attributeValue
* The value that the resulting LDAP query should search for within the
* attributes of objects within the LDAP directory. If null, the
* resulting LDAP query will search for the presence of at least one of
* the given attributes on each object, regardless of the value of
* those attributes.
*
* @return
* An LDAP query which will search for arbitrary LDAP objects having at
* least one of the given attributes set to the specified value.
*/
public ExprNode generateQuery(ExprNode filter,
Collection<String> attributes, String attributeValue) {
// Build LDAP query for objects having at least one attribute and with
// the given search filter
AndNode searchFilter = new AndNode();
searchFilter.addNode(filter);
// If no attributes provided, we're done.
if (attributes.size() < 1)
return searchFilter;
// Include all attributes within OR clause
OrNode attributeFilter = new OrNode();
// If value is defined, check each attribute for that value.
if (attributeValue != null) {
attributes.forEach(attribute ->
attributeFilter.addNode(new EqualityNode(attribute,
attributeValue))
);
}
// If no value is defined, just check for presence of attribute.
else {
attributes.forEach(attribute ->
attributeFilter.addNode(new PresenceNode(attribute))
);
}
searchFilter.addNode(attributeFilter);
logger.trace("Sending LDAP filter: \"{}\"", searchFilter.toString());
return searchFilter;
}
Example #8
| Source File: UserGroupService.java From guacamole-client with Apache License 2.0 | 5 votes |
|
/**
* Returns the base search filter which should be used to retrieve user
* groups which do not represent Guacamole connections. As excluding the
* guacConfigGroup object class may not work as expected if it is not
* defined (may always return zero results), it should only be explicitly
* excluded if it is expected to have been defined.
*
* @return
* The base search filter which should be used to retrieve user groups.
*
* @throws GuacamoleException
* If guacamole.properties cannot be parsed.
*/
private ExprNode getGroupSearchFilter() throws GuacamoleException {
// Explicitly exclude guacConfigGroup object class only if it should
// be assumed to be defined (query may fail due to no such object
// class existing otherwise)
if (confService.getConfigurationBaseDN() != null)
return new NotNode(new EqualityNode("objectClass","guacConfigGroup"));
// Read any object as a group if LDAP is not being used for connection
// storage (guacConfigGroup)
return new PresenceNode("objectClass");
}
Example #9
| Source File: ConnectionService.java From guacamole-client with Apache License 2.0 | 5 votes |
|
/**
* Returns an LDAP search filter which queries all connections accessible
* by the user having the given DN.
*
* @param userDN
* DN of the user to search for associated guacConfigGroup connections.
*
* @param ldapConnection
* LDAP connection to use if additional information must be queried to
* produce the filter, such as groups driving RBAC.
*
* @return
* An LDAP search filter which queries all guacConfigGroup objects
* accessible by the user having the given DN.
*
* @throws LdapException
* If an error occurs preventing retrieval of user groups.
*
* @throws GuacamoleException
* If an error occurs retrieving the group base DN.
*/
private ExprNode getConnectionSearchFilter(Dn userDN,
LdapNetworkConnection ldapConnection)
throws LdapException, GuacamoleException {
AndNode searchFilter = new AndNode();
// Add the prefix to the search filter, prefix filter searches for guacConfigGroups with the userDN as the member attribute value
searchFilter.addNode(new EqualityNode("objectClass","guacConfigGroup"));
// Apply group filters
OrNode groupFilter = new OrNode();
groupFilter.addNode(new EqualityNode(confService.getMemberAttribute(),
userDN.toString()));
// Additionally filter by group membership if the current user is a
// member of any user groups
List<Entry> userGroups = userGroupService.getParentUserGroupEntries(ldapConnection, userDN);
if (!userGroups.isEmpty()) {
userGroups.forEach(entry ->
groupFilter.addNode(new EqualityNode("seeAlso",entry.getDn().toString()))
);
}
// Complete the search filter.
searchFilter.addNode(groupFilter);
return searchFilter;
}
Example #10
| Source File: ObjectQueryService.java From guacamole-client with Apache License 2.0 | 5 votes |
|
/**
* Generates a properly-escaped LDAP query which finds all objects which
* match the given LDAP filter and which have at least one of the given
* attributes set to the specified value.
*
* @param filter
* The LDAP filter to apply to reduce the results of the query in
* addition to testing the values of the given attributes.
*
* @param attributes
* A collection of all attributes to test for equivalence to the given
* value, in order of decreasing priority.
*
* @param attributeValue
* The value that the resulting LDAP query should search for within the
* attributes of objects within the LDAP directory. If null, the
* resulting LDAP query will search for the presence of at least one of
* the given attributes on each object, regardless of the value of
* those attributes.
*
* @return
* An LDAP query which will search for arbitrary LDAP objects having at
* least one of the given attributes set to the specified value.
*/
public ExprNode generateQuery(ExprNode filter,
Collection<String> attributes, String attributeValue) {
// Build LDAP query for objects having at least one attribute and with
// the given search filter
AndNode searchFilter = new AndNode();
searchFilter.addNode(filter);
// If no attributes provided, we're done.
if (attributes.size() < 1)
return searchFilter;
// Include all attributes within OR clause
OrNode attributeFilter = new OrNode();
// If value is defined, check each attribute for that value.
if (attributeValue != null) {
attributes.forEach(attribute ->
attributeFilter.addNode(new EqualityNode(attribute,
attributeValue))
);
}
// If no value is defined, just check for presence of attribute.
else {
attributes.forEach(attribute ->
attributeFilter.addNode(new PresenceNode(attribute))
);
}
searchFilter.addNode(attributeFilter);
logger.trace("Sending LDAP filter: \"{}\"", searchFilter.toString());
return searchFilter;
}
Example #11
| Source File: UserGroupService.java From guacamole-client with Apache License 2.0 | 5 votes |
|
/**
* Returns the base search filter which should be used to retrieve user
* groups which do not represent Guacamole connections. As excluding the
* guacConfigGroup object class may not work as expected if it is not
* defined (may always return zero results), it should only be explicitly
* excluded if it is expected to have been defined.
*
* @return
* The base search filter which should be used to retrieve user groups.
*
* @throws GuacamoleException
* If guacamole.properties cannot be parsed.
*/
private ExprNode getGroupSearchFilter() throws GuacamoleException {
// Explicitly exclude guacConfigGroup object class only if it should
// be assumed to be defined (query may fail due to no such object
// class existing otherwise)
if (confService.getConfigurationBaseDN() != null)
return new NotNode(new EqualityNode("objectClass","guacConfigGroup"));
// Read any object as a group if LDAP is not being used for connection
// storage (guacConfigGroup)
return new PresenceNode("objectClass");
}
Example #12
| Source File: ConnectionService.java From guacamole-client with Apache License 2.0 | 5 votes |
|
/**
* Returns an LDAP search filter which queries all connections accessible
* by the user having the given DN.
*
* @param userDN
* DN of the user to search for associated guacConfigGroup connections.
*
* @param ldapConnection
* LDAP connection to use if additional information must be queried to
* produce the filter, such as groups driving RBAC.
*
* @return
* An LDAP search filter which queries all guacConfigGroup objects
* accessible by the user having the given DN.
*
* @throws LdapException
* If an error occurs preventing retrieval of user groups.
*
* @throws GuacamoleException
* If an error occurs retrieving the group base DN.
*/
private ExprNode getConnectionSearchFilter(Dn userDN,
LdapNetworkConnection ldapConnection)
throws LdapException, GuacamoleException {
AndNode searchFilter = new AndNode();
// Add the prefix to the search filter, prefix filter searches for guacConfigGroups with the userDN as the member attribute value
searchFilter.addNode(new EqualityNode("objectClass","guacConfigGroup"));
// Apply group filters
OrNode groupFilter = new OrNode();
groupFilter.addNode(new EqualityNode(confService.getMemberAttribute(),
userDN.toString()));
// Additionally filter by group membership if the current user is a
// member of any user groups
List<Entry> userGroups = userGroupService.getParentUserGroupEntries(ldapConnection, userDN);
if (!userGroups.isEmpty()) {
userGroups.forEach(entry ->
groupFilter.addNode(new EqualityNode("seeAlso",entry.getDn().toString()))
);
}
// Complete the search filter.
searchFilter.addNode(groupFilter);
return searchFilter;
}
Example #13
| Source File: SearchRequestFactory.java From directory-ldap-api with Apache License 2.0 | 4 votes |
|
/**
* Encode a Search Filter
*
* @param buffer The buffer where to put the PDU
* @param node The top filter
*/
private void encodeFilter( Asn1Buffer buffer, ExprNode node )
{
switch ( node.getClass().getSimpleName() )
{
case "AndNode" :
encodeFilter( buffer, ( AndNode ) node, ( byte ) LdapCodecConstants.AND_FILTER_TAG );
break;
case "ApproximateNode" :
encodeFilter( buffer, ( ApproximateNode<?> ) node, ( byte ) LdapCodecConstants.APPROX_MATCH_FILTER_TAG );
break;
case "EqualityNode" :
encodeFilter( buffer, ( EqualityNode<?> ) node, ( byte ) LdapCodecConstants.EQUALITY_MATCH_FILTER_TAG );
break;
case "ExtensibleNode" :
encodeFilter( buffer, ( ExtensibleNode ) node );
break;
case "GreaterEqNode" :
encodeFilter( buffer, ( GreaterEqNode<?> ) node, ( byte ) LdapCodecConstants.GREATER_OR_EQUAL_FILTER_TAG );
break;
case "LessEqNode" :
encodeFilter( buffer, ( LessEqNode<?> ) node, ( byte ) LdapCodecConstants.LESS_OR_EQUAL_FILTER_TAG );
break;
case "NotNode" :
encodeFilter( buffer, ( NotNode ) node, ( byte ) LdapCodecConstants.NOT_FILTER_TAG );
break;
case "OrNode" :
encodeFilter( buffer, ( OrNode ) node, ( byte ) LdapCodecConstants.OR_FILTER_TAG );
break;
case "PresenceNode" :
encodeFilter( buffer, ( PresenceNode ) node );
break;
case "SubstringNode" :
encodeFilter( buffer, ( SubstringNode ) node );
break;
default:
break;
}
}
Example #14
| Source File: NormalizationInterceptor.java From syncope with Apache License 2.0 | 4 votes |
|
/**
* Remove the (ObjectClass=*) and ( ObjectClass=top) nodes from the filter, if we have one.
*/
private ExprNode removeObjectClass( ExprNode node )
{
if ( node instanceof LeafNode )
{
LeafNode leafNode = ( LeafNode ) node;
if ( leafNode.getAttributeType() == directoryService.getAtProvider().getObjectClass() )
{
if ( leafNode instanceof PresenceNode )
{
// We can safely remove the node and return an undefined node
return ObjectClassNode.OBJECT_CLASS_NODE;
}
else if ( leafNode instanceof EqualityNode )
{
Value value = ( ( EqualityNode<String> ) leafNode ).getValue();
if ( value.equals( SchemaConstants.TOP_OC ) )
{
// Here too we can safely remove the node and return an undefined node
return ObjectClassNode.OBJECT_CLASS_NODE;
}
}
}
}
// --------------------------------------------------------------------
// H A N D L E B R A N C H N O D E S
// --------------------------------------------------------------------
if ( node instanceof AndNode )
{
return handleAndNode( node );
}
else if ( node instanceof OrNode )
{
return handleOrNode( node );
}
else if ( node instanceof NotNode )
{
return handleNotNode( node );
}
else
{
// Failover : we return the initial node as is
return node;
}
}
